mirror of
https://github.com/monero-project/monero.git
synced 2025-07-23 14:10:45 -04:00
epee: optionally restrict HTTP service to a configurable user agent
This is intended to catch traffic coming from a web browser, so we avoid issues with a web page sending a transfer RPC to the wallet. Requiring a particular user agent can act as a simple password scheme, while we wait for 0MQ and proper authentication to be merged.
This commit is contained in:
parent
68e6678ab7
commit
eeb2bbc0fc
19 changed files with 60 additions and 18 deletions
|
@ -34,10 +34,11 @@ namespace daemonize {
|
|||
t_command_parser_executor::t_command_parser_executor(
|
||||
uint32_t ip
|
||||
, uint16_t port
|
||||
, const std::string &user_agent
|
||||
, bool is_rpc
|
||||
, cryptonote::core_rpc_server* rpc_server
|
||||
)
|
||||
: m_executor(ip, port, is_rpc, rpc_server)
|
||||
: m_executor(ip, port, user_agent, is_rpc, rpc_server)
|
||||
{}
|
||||
|
||||
bool t_command_parser_executor::print_peer_list(const std::vector<std::string>& args)
|
||||
|
|
|
@ -49,6 +49,7 @@ public:
|
|||
t_command_parser_executor(
|
||||
uint32_t ip
|
||||
, uint16_t port
|
||||
, const std::string &user_agent
|
||||
, bool is_rpc
|
||||
, cryptonote::core_rpc_server* rpc_server = NULL
|
||||
);
|
||||
|
|
|
@ -37,10 +37,11 @@ namespace p = std::placeholders;
|
|||
t_command_server::t_command_server(
|
||||
uint32_t ip
|
||||
, uint16_t port
|
||||
, const std::string &user_agent
|
||||
, bool is_rpc
|
||||
, cryptonote::core_rpc_server* rpc_server
|
||||
)
|
||||
: m_parser(ip, port, is_rpc, rpc_server)
|
||||
: m_parser(ip, port, user_agent, is_rpc, rpc_server)
|
||||
, m_command_lookup()
|
||||
, m_is_rpc(is_rpc)
|
||||
{
|
||||
|
|
|
@ -54,6 +54,7 @@ public:
|
|||
t_command_server(
|
||||
uint32_t ip
|
||||
, uint16_t port
|
||||
, const std::string &user_agent
|
||||
, bool is_rpc = true
|
||||
, cryptonote::core_rpc_server* rpc_server = NULL
|
||||
);
|
||||
|
|
|
@ -124,7 +124,7 @@ bool t_daemon::run(bool interactive)
|
|||
|
||||
if (interactive)
|
||||
{
|
||||
rpc_commands = new daemonize::t_command_server(0, 0, false, mp_internals->rpc.get_server());
|
||||
rpc_commands = new daemonize::t_command_server(0, 0, "", false, mp_internals->rpc.get_server());
|
||||
rpc_commands->start_handling(std::bind(&daemonize::t_daemon::stop_p2p, this));
|
||||
}
|
||||
|
||||
|
|
|
@ -208,6 +208,7 @@ int main(int argc, char const * argv[])
|
|||
{
|
||||
rpc_port_str = command_line::get_arg(vm, cryptonote::core_rpc_server::arg_testnet_rpc_bind_port);
|
||||
}
|
||||
auto user_agent = command_line::get_arg(vm, cryptonote::core_rpc_server::arg_user_agent);
|
||||
|
||||
uint32_t rpc_ip;
|
||||
uint16_t rpc_port;
|
||||
|
@ -222,7 +223,7 @@ int main(int argc, char const * argv[])
|
|||
return 1;
|
||||
}
|
||||
|
||||
daemonize::t_command_server rpc_commands{rpc_ip, rpc_port};
|
||||
daemonize::t_command_server rpc_commands{rpc_ip, rpc_port, user_agent};
|
||||
if (rpc_commands.process_command_vec(command))
|
||||
{
|
||||
return 0;
|
||||
|
|
|
@ -92,6 +92,7 @@ namespace {
|
|||
t_rpc_command_executor::t_rpc_command_executor(
|
||||
uint32_t ip
|
||||
, uint16_t port
|
||||
, const std::string &user_agent
|
||||
, bool is_rpc
|
||||
, cryptonote::core_rpc_server* rpc_server
|
||||
)
|
||||
|
|
|
@ -57,6 +57,7 @@ public:
|
|||
t_rpc_command_executor(
|
||||
uint32_t ip
|
||||
, uint16_t port
|
||||
, const std::string &user_agent
|
||||
, bool is_rpc = true
|
||||
, cryptonote::core_rpc_server* rpc_server = NULL
|
||||
);
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue