wallet: fix --generate-from-json using wrong password

This commit is contained in:
moneromooo-monero 2018-10-01 11:18:50 +00:00
parent 83d8f03c23
commit 25e5890d37
No known key found for this signature in database
GPG Key ID: 686F07454D6CEFC3
6 changed files with 20 additions and 7 deletions

View File

@ -221,6 +221,10 @@ namespace tools
: m_password(std::move(password)) : m_password(std::move(password))
{ {
} }
password_container::password_container(const epee::wipeable_string& password) noexcept
: m_password(password)
{
}
password_container::~password_container() noexcept password_container::~password_container() noexcept
{ {

View File

@ -47,6 +47,7 @@ namespace tools
//! `password` is used as password //! `password` is used as password
password_container(std::string&& password) noexcept; password_container(std::string&& password) noexcept;
password_container(const epee::wipeable_string& password) noexcept;
//! \return A password from stdin TTY prompt or `std::cin` pipe. //! \return A password from stdin TTY prompt or `std::cin` pipe.
static boost::optional<password_container> prompt(bool verify, const char *mesage = "Password", bool hide_input = true); static boost::optional<password_container> prompt(bool verify, const char *mesage = "Password", bool hide_input = true);

View File

@ -3275,7 +3275,9 @@ bool simple_wallet::init(const boost::program_options::variables_map& vm)
{ {
try try
{ {
m_wallet = tools::wallet2::make_from_json(vm, false, m_generate_from_json, password_prompter); auto rc = tools::wallet2::make_from_json(vm, false, m_generate_from_json, password_prompter);
m_wallet = std::move(rc.first);
password = rc.second.password();
m_wallet_file = m_wallet->path(); m_wallet_file = m_wallet->path();
} }
catch (const std::exception &e) catch (const std::exception &e)

View File

@ -313,7 +313,7 @@ boost::optional<tools::password_container> get_password(const boost::program_opt
return password_prompter(verify ? tr("Enter a new password for the wallet") : tr("Wallet password"), verify); return password_prompter(verify ? tr("Enter a new password for the wallet") : tr("Wallet password"), verify);
} }
std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file, const boost::program_options::variables_map& vm, bool unattended, const options& opts, const std::function<boost::optional<tools::password_container>(const char *, bool)> &password_prompter) std::pair<std::unique_ptr<tools::wallet2>, tools::password_container> generate_from_json(const std::string& json_file, const boost::program_options::variables_map& vm, bool unattended, const options& opts, const std::function<boost::optional<tools::password_container>(const char *, bool)> &password_prompter)
{ {
const bool testnet = command_line::get_arg(vm, opts.testnet); const bool testnet = command_line::get_arg(vm, opts.testnet);
const bool stagenet = command_line::get_arg(vm, opts.stagenet); const bool stagenet = command_line::get_arg(vm, opts.stagenet);
@ -323,6 +323,7 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
false. Gcc will coerce this into unique_ptr(nullptr), but clang correctly false. Gcc will coerce this into unique_ptr(nullptr), but clang correctly
fails. This large wrapper is for the use of that macro */ fails. This large wrapper is for the use of that macro */
std::unique_ptr<tools::wallet2> wallet; std::unique_ptr<tools::wallet2> wallet;
epee::wipeable_string password;
const auto do_generate = [&]() -> bool { const auto do_generate = [&]() -> bool {
std::string buf; std::string buf;
if (!epee::file_io_utils::load_file_to_string(json_file, buf)) { if (!epee::file_io_utils::load_file_to_string(json_file, buf)) {
@ -460,10 +461,12 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
if (!field_seed.empty()) if (!field_seed.empty())
{ {
wallet->generate(field_filename, field_password, recovery_key, recover, false, create_address_file); wallet->generate(field_filename, field_password, recovery_key, recover, false, create_address_file);
password = field_password;
} }
else if (field_viewkey.empty() && !field_spendkey.empty()) else if (field_viewkey.empty() && !field_spendkey.empty())
{ {
wallet->generate(field_filename, field_password, spendkey, recover, false, create_address_file); wallet->generate(field_filename, field_password, spendkey, recover, false, create_address_file);
password = field_password;
} }
else else
{ {
@ -490,6 +493,7 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("Address must be specified in order to create watch-only wallet")); THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("Address must be specified in order to create watch-only wallet"));
} }
wallet->generate(field_filename, field_password, address, viewkey, create_address_file); wallet->generate(field_filename, field_password, address, viewkey, create_address_file);
password = field_password;
} }
else else
{ {
@ -497,6 +501,7 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify spend key secret key")); THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("failed to verify spend key secret key"));
} }
wallet->generate(field_filename, field_password, address, spendkey, viewkey, create_address_file); wallet->generate(field_filename, field_password, address, spendkey, viewkey, create_address_file);
password = field_password;
} }
} }
} }
@ -509,9 +514,9 @@ std::unique_ptr<tools::wallet2> generate_from_json(const std::string& json_file,
if (do_generate()) if (do_generate())
{ {
return wallet; return {std::move(wallet), tools::password_container(password)};
} }
return nullptr; return {nullptr, tools::password_container{}};
} }
static void throw_on_rpc_response_error(const boost::optional<std::string> &status, const char *method) static void throw_on_rpc_response_error(const boost::optional<std::string> &status, const char *method)
@ -854,7 +859,7 @@ void wallet2::init_options(boost::program_options::options_description& desc_par
command_line::add_arg(desc_params, opts.tx_notify); command_line::add_arg(desc_params, opts.tx_notify);
} }
std::unique_ptr<wallet2> wallet2::make_from_json(const boost::program_options::variables_map& vm, bool unattended, const std::string& json_file, const std::function<boost::optional<tools::password_container>(const char *, bool)> &password_prompter) std::pair<std::unique_ptr<wallet2>, tools::password_container> wallet2::make_from_json(const boost::program_options::variables_map& vm, bool unattended, const std::string& json_file, const std::function<boost::optional<tools::password_container>(const char *, bool)> &password_prompter)
{ {
const options opts{}; const options opts{};
return generate_from_json(json_file, vm, unattended, opts, password_prompter); return generate_from_json(json_file, vm, unattended, opts, password_prompter);

View File

@ -177,7 +177,7 @@ namespace tools
static void init_options(boost::program_options::options_description& desc_params); static void init_options(boost::program_options::options_description& desc_params);
//! Uses stdin and stdout. Returns a wallet2 if no errors. //! Uses stdin and stdout. Returns a wallet2 if no errors.
static std::unique_ptr<wallet2> make_from_json(const boost::program_options::variables_map& vm, bool unattended, const std::string& json_file, const std::function<boost::optional<password_container>(const char *, bool)> &password_prompter); static std::pair<std::unique_ptr<wallet2>, password_container> make_from_json(const boost::program_options::variables_map& vm, bool unattended, const std::string& json_file, const std::function<boost::optional<password_container>(const char *, bool)> &password_prompter);
//! Uses stdin and stdout. Returns a wallet2 and password for `wallet_file` if no errors. //! Uses stdin and stdout. Returns a wallet2 and password for `wallet_file` if no errors.
static std::pair<std::unique_ptr<wallet2>, password_container> static std::pair<std::unique_ptr<wallet2>, password_container>

View File

@ -3352,7 +3352,8 @@ public:
{ {
try try
{ {
wal = tools::wallet2::make_from_json(vm, true, from_json, password_prompt); auto rc = tools::wallet2::make_from_json(vm, true, from_json, password_prompt);
wal = std::move(rc.first);
} }
catch (const std::exception &e) catch (const std::exception &e)
{ {