Merge pull request #7823

24d3d65 monero-wallet-rpc: Prevent --password-file from being used with --wallet-dir (Kermit Alexander II)
This commit is contained in:
luigi1111 2021-09-09 15:14:17 -04:00
commit dfa6b58d4d
No known key found for this signature in database
GPG key ID: F4ACA0183641E010
4 changed files with 19 additions and 4 deletions

View file

@ -49,6 +49,7 @@ using namespace epee;
#include "cryptonote_core/tx_sanity_check.h" #include "cryptonote_core/tx_sanity_check.h"
#include "wallet_rpc_helpers.h" #include "wallet_rpc_helpers.h"
#include "wallet2.h" #include "wallet2.h"
#include "wallet_args.h"
#include "cryptonote_basic/cryptonote_format_utils.h" #include "cryptonote_basic/cryptonote_format_utils.h"
#include "net/parse.h" #include "net/parse.h"
#include "rpc/core_rpc_server_commands_defs.h" #include "rpc/core_rpc_server_commands_defs.h"
@ -276,7 +277,7 @@ struct options {
const command_line::arg_descriptor<bool> trusted_daemon = {"trusted-daemon", tools::wallet2::tr("Enable commands which rely on a trusted daemon"), false}; const command_line::arg_descriptor<bool> trusted_daemon = {"trusted-daemon", tools::wallet2::tr("Enable commands which rely on a trusted daemon"), false};
const command_line::arg_descriptor<bool> untrusted_daemon = {"untrusted-daemon", tools::wallet2::tr("Disable commands which rely on a trusted daemon"), false}; const command_line::arg_descriptor<bool> untrusted_daemon = {"untrusted-daemon", tools::wallet2::tr("Disable commands which rely on a trusted daemon"), false};
const command_line::arg_descriptor<std::string> password = {"password", tools::wallet2::tr("Wallet password (escape/quote as needed)"), "", true}; const command_line::arg_descriptor<std::string> password = {"password", tools::wallet2::tr("Wallet password (escape/quote as needed)"), "", true};
const command_line::arg_descriptor<std::string> password_file = {"password-file", tools::wallet2::tr("Wallet password file"), "", true}; const command_line::arg_descriptor<std::string> password_file = wallet_args::arg_password_file();
const command_line::arg_descriptor<int> daemon_port = {"daemon-port", tools::wallet2::tr("Use daemon instance at port <arg> instead of 18081"), 0}; const command_line::arg_descriptor<int> daemon_port = {"daemon-port", tools::wallet2::tr("Use daemon instance at port <arg> instead of 18081"), 0};
const command_line::arg_descriptor<std::string> daemon_login = {"daemon-login", tools::wallet2::tr("Specify username[:password] for daemon RPC client"), "", true}; const command_line::arg_descriptor<std::string> daemon_login = {"daemon-login", tools::wallet2::tr("Specify username[:password] for daemon RPC client"), "", true};
const command_line::arg_descriptor<std::string> daemon_ssl = {"daemon-ssl", tools::wallet2::tr("Enable SSL on daemon RPC connections: enabled|disabled|autodetect"), "autodetect"}; const command_line::arg_descriptor<std::string> daemon_ssl = {"daemon-ssl", tools::wallet2::tr("Enable SSL on daemon RPC connections: enabled|disabled|autodetect"), "autodetect"};
@ -532,7 +533,7 @@ std::unique_ptr<tools::wallet2> make_basic(const boost::program_options::variabl
boost::optional<tools::password_container> get_password(const boost::program_options::variables_map& vm, const options& opts, const std::function<boost::optional<tools::password_container>(const char*, bool)> &password_prompter, const bool verify) boost::optional<tools::password_container> get_password(const boost::program_options::variables_map& vm, const options& opts, const std::function<boost::optional<tools::password_container>(const char*, bool)> &password_prompter, const bool verify)
{ {
if (command_line::has_arg(vm, opts.password) && command_line::has_arg(vm, opts.password_file)) if (command_line::has_arg(vm, opts.password) && !command_line::is_arg_defaulted(vm, opts.password_file))
{ {
THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("can't specify more than one of --password and --password-file")); THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("can't specify more than one of --password and --password-file"));
} }
@ -542,10 +543,11 @@ boost::optional<tools::password_container> get_password(const boost::program_opt
return tools::password_container{command_line::get_arg(vm, opts.password)}; return tools::password_container{command_line::get_arg(vm, opts.password)};
} }
if (command_line::has_arg(vm, opts.password_file)) if (!command_line::is_arg_defaulted(vm, opts.password_file))
{ {
std::string password; std::string password;
bool r = epee::file_io_utils::load_file_to_string(command_line::get_arg(vm, opts.password_file), const auto password_file = command_line::get_arg(vm, opts.password_file);
bool r = epee::file_io_utils::load_file_to_string(password_file,
password); password);
THROW_WALLET_EXCEPTION_IF(!r, tools::error::wallet_internal_error, tools::wallet2::tr("the password file specified could not be read")); THROW_WALLET_EXCEPTION_IF(!r, tools::error::wallet_internal_error, tools::wallet2::tr("the password file specified could not be read"));

View file

@ -80,6 +80,10 @@ namespace wallet_args
{ {
return {"rpc-client-secret-key", wallet_args::tr("Set RPC client secret key for RPC payments"), ""}; return {"rpc-client-secret-key", wallet_args::tr("Set RPC client secret key for RPC payments"), ""};
} }
command_line::arg_descriptor<std::string> arg_password_file()
{
return {"password-file", wallet_args::tr("Wallet password file"), ""};
}
const char* tr(const char* str) const char* tr(const char* str)
{ {

View file

@ -37,6 +37,7 @@ namespace wallet_args
command_line::arg_descriptor<std::string> arg_generate_from_json(); command_line::arg_descriptor<std::string> arg_generate_from_json();
command_line::arg_descriptor<std::string> arg_wallet_file(); command_line::arg_descriptor<std::string> arg_wallet_file();
command_line::arg_descriptor<std::string> arg_rpc_client_secret_key(); command_line::arg_descriptor<std::string> arg_rpc_client_secret_key();
command_line::arg_descriptor<std::string> arg_password_file();
const char* tr(const char* str); const char* tr(const char* str);

View file

@ -4525,10 +4525,12 @@ public:
const auto arg_wallet_file = wallet_args::arg_wallet_file(); const auto arg_wallet_file = wallet_args::arg_wallet_file();
const auto arg_from_json = wallet_args::arg_generate_from_json(); const auto arg_from_json = wallet_args::arg_generate_from_json();
const auto arg_rpc_client_secret_key = wallet_args::arg_rpc_client_secret_key(); const auto arg_rpc_client_secret_key = wallet_args::arg_rpc_client_secret_key();
const auto arg_password_file = wallet_args::arg_password_file();
const auto wallet_file = command_line::get_arg(vm, arg_wallet_file); const auto wallet_file = command_line::get_arg(vm, arg_wallet_file);
const auto from_json = command_line::get_arg(vm, arg_from_json); const auto from_json = command_line::get_arg(vm, arg_from_json);
const auto wallet_dir = command_line::get_arg(vm, arg_wallet_dir); const auto wallet_dir = command_line::get_arg(vm, arg_wallet_dir);
const auto password_file = command_line::get_arg(vm, arg_password_file);
const auto prompt_for_password = command_line::get_arg(vm, arg_prompt_for_password); const auto prompt_for_password = command_line::get_arg(vm, arg_prompt_for_password);
const auto password_prompt = prompt_for_password ? password_prompter : nullptr; const auto password_prompt = prompt_for_password ? password_prompter : nullptr;
@ -4538,6 +4540,12 @@ public:
return false; return false;
} }
if(!wallet_dir.empty() && !password_file.empty())
{
LOG_ERROR(tools::wallet_rpc_server::tr("--password-file is not allowed in combination with --wallet-dir"));
return false;
}
if (!wallet_dir.empty()) if (!wallet_dir.empty())
{ {
wal = NULL; wal = NULL;