 |
Bitcoin Core
22.99.0
P2P Digital Currency
|
Go to the documentation of this file.
26 #include <boost/algorithm/string.hpp>
41 tv.tv_sec = millis/1000;
42 tv.tv_usec = (millis%1000)*1000;
55 const char*
Name()
override
73 static std::vector<std::vector<std::string>>
g_rpcauth;
91 req->
WriteHeader(
"Content-Type",
"application/json");
99 if (strUserPass.find(
':') == std::string::npos) {
102 std::string strUser = strUserPass.substr(0, strUserPass.find(
':'));
103 std::string strPass = strUserPass.substr(strUserPass.find(
':') + 1);
106 std::string strName = vFields[0];
111 std::string strSalt = vFields[1];
112 std::string strHash = vFields[2];
114 static const unsigned int KEY_SIZE = 32;
115 unsigned char out[KEY_SIZE];
117 CHMAC_SHA256(
reinterpret_cast<const unsigned char*
>(strSalt.data()), strSalt.size()).
Write(
reinterpret_cast<const unsigned char*
>(strPass.data()), strPass.size()).
Finalize(out);
118 std::vector<unsigned char> hexvec(out, out+KEY_SIZE);
119 std::string strHashFromPass =
HexStr(hexvec);
128 static bool RPCAuthorized(
const std::string& strAuth, std::string& strAuthUsernameOut)
132 if (strAuth.substr(0, 6) !=
"Basic ")
134 std::string strUserPass64 =
TrimString(strAuth.substr(6));
137 if (strUserPass.find(
':') != std::string::npos)
138 strAuthUsernameOut = strUserPass.substr(0, strUserPass.find(
':'));
155 std::pair<bool, std::string> authHeader = req->
GetHeader(
"authorization");
156 if (!authHeader.first) {
166 LogPrintf(
"ThreadRPCServer incorrect password attempt from %s\n", jreq.
peerAddr);
187 std::string strReply;
196 jreq.
parse(valRequest);
208 }
else if (valRequest.
isArray()) {
209 if (user_has_whitelist) {
210 for (
unsigned int reqIdx = 0; reqIdx < valRequest.
size(); reqIdx++) {
211 if (!valRequest[reqIdx].isObject()) {
218 LogPrintf(
"RPC User %s not allowed to call method %s\n", jreq.
authUser, strMethod);
230 req->
WriteHeader(
"Content-Type",
"application/json");
232 }
catch (
const UniValue& objError) {
235 }
catch (
const std::exception& e) {
246 LogPrintf(
"Using random cookie authentication.\n");
251 LogPrintf(
"Config options rpcuser and rpcpassword will soon be deprecated. Locally-run instances may remove rpcuser to use cookie-based auth, or may be replaced with rpcauth. Please see share/rpcauth for rpcauth auth generation.\n");
256 LogPrintf(
"Using rpcauth authentication.\n");
257 for (
const std::string& rpcauth :
gArgs.
GetArgs(
"-rpcauth")) {
258 std::vector<std::string> fields;
259 boost::split(fields, rpcauth, boost::is_any_of(
":$"));
260 if (fields.size() == 3) {
263 LogPrintf(
"Invalid -rpcauth argument.\n");
270 for (
const std::string& strRPCWhitelist :
gArgs.
GetArgs(
"-rpcwhitelist")) {
271 auto pos = strRPCWhitelist.find(
':');
272 std::string strUser = strRPCWhitelist.substr(0, pos);
275 if (pos != std::string::npos) {
276 std::string strWhitelist = strRPCWhitelist.substr(pos + 1);
277 std::set<std::string> new_whitelist;
278 boost::split(new_whitelist, strWhitelist, boost::is_any_of(
", "));
280 std::set<std::string> tmp_whitelist;
281 std::set_intersection(new_whitelist.begin(), new_whitelist.end(),
282 whitelist.begin(), whitelist.end(), std::inserter(tmp_whitelist, tmp_whitelist.end()));
283 new_whitelist = std::move(tmp_whitelist);
285 whitelist = std::move(new_whitelist);
@ RPC_INVALID_REQUEST
Standard JSON-RPC 2.0 errors.
static bool multiUserAuthorized(std::string strUserPass)
Simple one-shot callback timer to be used by the RPC mechanism to e.g.
void Finalize(unsigned char hash[OUTPUT_SIZE])
static bool HTTPReq_JSONRPC(const std::any &context, HTTPRequest *req)
RequestMethod GetRequestMethod() const
Get request method.
bool GetBoolArg(const std::string &strArg, bool fDefault) const
Return boolean argument or default value.
static std::map< std::string, std::set< std::string > > g_rpc_whitelist
void UnregisterHTTPHandler(const std::string &prefix, bool exactMatch)
Unregister handler for prefix.
static void JSONErrorReply(HTTPRequest *req, const UniValue &objError, const UniValue &id)
bool GenerateAuthCookie(std::string *cookie_out)
Generate a new RPC authentication cookie and write it to disk.
std::string JSONRPCReply(const UniValue &result, const UniValue &error, const UniValue &id)
void RPCUnsetTimerInterface(RPCTimerInterface *iface)
Unset factory function for timers.
const UniValue NullUniValue
A hasher class for HMAC-SHA-256.
struct event_base * EventBase()
Return evhttp event base.
bool IsArgSet(const std::string &strArg) const
Return true if the given argument has been manually set.
CService GetPeer() const
Get CService (address:ip) for the origin of the http request.
virtual bool HasWalletSupport() const =0
Is the wallet component enabled.
Opaque base class for timers returned by NewTimerFunc.
bool read(const char *raw, size_t len)
void InterruptHTTPRPC()
Interrupt HTTP RPC subsystem.
std::string TrimString(const std::string &str, const std::string &pattern=" \f\n\r\t\v")
void WriteHeader(const std::string &hdr, const std::string &value)
Write output header.
std::string GetURI() const
Get requested URI.
std::pair< bool, std::string > GetHeader(const std::string &hdr) const
Get the request header specified by hdr, or an empty string.
const std::string & get_str() const
std::string ToString() const
const UniValue & get_obj() const
CHMAC_SHA256 & Write(const unsigned char *data, size_t len)
static struct event_base * eventBase
HTTP module state.
static bool RPCAuthorized(const std::string &strAuth, std::string &strAuthUsernameOut)
std::vector< unsigned char > DecodeBase64(const char *p, bool *pf_invalid)
UniValue execute(const JSONRPCRequest &request) const
Execute a method.
std::string ReadBody()
Read request body.
void StopHTTPRPC()
Stop HTTP RPC subsystem.
bool StartHTTPRPC(const std::any &context)
Start HTTP RPC subsystem.
std::string GetArg(const std::string &strArg, const std::string &strDefault) const
Return string argument or default value.
static bool g_rpc_whitelist_default
static std::vector< std::vector< std::string > > g_rpcauth
const char * Name() override
Implementation name.
#define LogPrint(category,...)
bool TimingResistantEqual(const T &a, const T &b)
Timing-attack-resistant comparison.
std::string JSONRPCExecBatch(const JSONRPCRequest &jreq, const UniValue &vReq)
HTTPRPCTimer(struct event_base *eventBase, std::function< void()> &func, int64_t millis)
void parse(const UniValue &valRequest)
void UninterruptibleSleep(const std::chrono::microseconds &n)
RPCTimerBase * NewTimer(std::function< void()> &func, int64_t millis) override
Factory function for timers.
static const char * WWW_AUTH_HEADER_DATA
WWW-Authenticate to present with 401 Unauthorized response.
void trigger(struct timeval *tv)
Trigger the event.
static bool InitRPCAuthentication()
UniValue JSONRPCError(int code, const std::string &message)
static std::string strRPCUserColonPass
const WalletInitInterface & g_wallet_init_interface
const UniValue & find_value(const UniValue &obj, const std::string &name)
std::vector< std::string > GetArgs(const std::string &strArg) const
Return a vector of strings of the given argument.
HTTPRPCTimerInterface(struct event_base *_base)
const UniValue & get_array() const
std::string HexStr(const Span< const uint8_t > s)
Convert a span of bytes to a lower-case hexadecimal string.
void RegisterHTTPHandler(const std::string &prefix, bool exactMatch, const HTTPRequestHandler &handler)
Register handler for prefix.
void WriteReply(int nStatus, const std::string &strReply="")
Write HTTP reply.
static std::unique_ptr< HTTPRPCTimerInterface > httpRPCTimerInterface
void RPCSetTimerInterface(RPCTimerInterface *iface)
Set the factory function for timers.
@ HTTP_INTERNAL_SERVER_ERROR