diff options
| author | Mark Friedenbach <mark@blockstream.io> | 2014-10-16 16:16:29 -0700 |
|---|---|---|
| committer | Mark Friedenbach <mark@blockstream.io> | 2014-10-17 00:33:31 -0700 |
| commit | d4746d56c0c45b8721da36bc19b2bdaba5d7d094 (patch) | |
| tree | 01304911064e6f0ccce518ab2d7456b89681d0c4 | |
| parent | e8f6d54f1f58d9a5998e37367b84b427e51e1ad7 (diff) | |
| download | bitcoin-d4746d56c0c45b8721da36bc19b2bdaba5d7d094.tar.xz | |
Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log.
| -rw-r--r-- | src/noui.cpp | 6 | ||||
| -rw-r--r-- | src/qt/bitcoingui.cpp | 3 | ||||
| -rw-r--r-- | src/rpcserver.cpp | 2 | ||||
| -rw-r--r-- | src/ui_interface.h | 3 |
4 files changed, 12 insertions, 2 deletions
diff --git a/src/noui.cpp b/src/noui.cpp index f786a20db5..8f3b0275b0 100644 --- a/src/noui.cpp +++ b/src/noui.cpp @@ -14,6 +14,9 @@ static bool noui_ThreadSafeMessageBox(const std::string& message, const std::string& caption, unsigned int style) { + bool fSecure = style & CClientUIInterface::SECURE; + style &= ~CClientUIInterface::SECURE; + std::string strCaption; // Check for usage of predefined caption switch (style) { @@ -30,7 +33,8 @@ static bool noui_ThreadSafeMessageBox(const std::string& message, const std::str strCaption += caption; // Use supplied caption (can be empty) } - LogPrintf("%s: %s\n", strCaption, message); + if (!fSecure) + LogPrintf("%s: %s\n", strCaption, message); fprintf(stderr, "%s: %s\n", strCaption.c_str(), message.c_str()); return false; } diff --git a/src/qt/bitcoingui.cpp b/src/qt/bitcoingui.cpp index 8a945606dc..9d6d07a56b 100644 --- a/src/qt/bitcoingui.cpp +++ b/src/qt/bitcoingui.cpp @@ -992,6 +992,9 @@ void BitcoinGUI::showProgress(const QString &title, int nProgress) static bool ThreadSafeMessageBox(BitcoinGUI *gui, const std::string& message, const std::string& caption, unsigned int style) { bool modal = (style & CClientUIInterface::MODAL); + // The SECURE flag has no effect in the Qt GUI. + // bool secure = (style & CClientUIInterface::SECURE); + style &= ~CClientUIInterface::SECURE; bool ret = false; // In case of modal message, use blocking connection to wait for user to click a button QMetaObject::invokeMethod(gui, "message", diff --git a/src/rpcserver.cpp b/src/rpcserver.cpp index 1a41344da5..9668c78831 100644 --- a/src/rpcserver.cpp +++ b/src/rpcserver.cpp @@ -581,7 +581,7 @@ void StartRPCThreads() strWhatAmI, GetConfigFile().string(), EncodeBase58(&rand_pwd[0],&rand_pwd[0]+32)), - "", CClientUIInterface::MSG_ERROR); + "", CClientUIInterface::MSG_ERROR | CClientUIInterface::SECURE); StartShutdown(); return; } diff --git a/src/ui_interface.h b/src/ui_interface.h index f5224ba57d..1231d5ed0b 100644 --- a/src/ui_interface.h +++ b/src/ui_interface.h @@ -63,6 +63,9 @@ public: /** Force blocking, modal message box dialog (not just OS notification) */ MODAL = 0x10000000U, + /** Do not print contents of message to debug log */ + SECURE = 0x40000000U, + /** Predefined combinations for certain default usage cases */ MSG_INFORMATION = ICON_INFORMATION, MSG_WARNING = (ICON_WARNING | BTN_OK | MODAL), |