diff options
| author | Luke Dashjr <luke-jr+git@utopios.org> | 2012-02-07 22:49:03 -0500 |
|---|---|---|
| committer | Luke Dashjr <luke-jr+git@utopios.org> | 2012-02-07 22:49:03 -0500 |
| commit | a21e4da9012f87d2cb8b2c38517efda1999fab05 (patch) | |
| tree | fe813787f2d3647b2d220991932c8a1546981bd5 /src/bitcoinrpc.cpp | |
| parent | 06e0f79ae5a4c2c7b3c8232c4544307d4d4940a5 (diff) | |
| parent | b5d9c7d9fb2ddf66e414e22e1d599fb0ef0abb07 (diff) | |
| download | bitcoin-a21e4da9012f87d2cb8b2c38517efda1999fab05.tar.xz | |
Merge branch '0.5.0.x' into 0.5.x
Conflicts:
src/qt/locale/bitcoin_ru.ts
src/qt/locale/bitcoin_zh_TW.ts
Diffstat (limited to 'src/bitcoinrpc.cpp')
| -rw-r--r-- | src/bitcoinrpc.cpp | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/src/bitcoinrpc.cpp b/src/bitcoinrpc.cpp index 729c590b5c..d44e4a6bdf 100644 --- a/src/bitcoinrpc.cpp +++ b/src/bitcoinrpc.cpp @@ -1,5 +1,5 @@ // Copyright (c) 2010 Satoshi Nakamoto -// Copyright (c) 2011 The Bitcoin developers +// Copyright (c) 2009-2012 The Bitcoin developers // Distributed under the MIT/X11 software license, see the accompanying // file license.txt or http://www.opensource.org/licenses/mit-license.php. @@ -2161,16 +2161,23 @@ void ThreadRPCServer2(void* parg) strRPCUserColonPass = mapArgs["-rpcuser"] + ":" + mapArgs["-rpcpassword"]; if (strRPCUserColonPass == ":") { + unsigned char rand_pwd[32]; + RAND_bytes(rand_pwd, 32); string strWhatAmI = "To use bitcoind"; if (mapArgs.count("-server")) strWhatAmI = strprintf(_("To use the %s option"), "\"-server\""); else if (mapArgs.count("-daemon")) strWhatAmI = strprintf(_("To use the %s option"), "\"-daemon\""); PrintConsole( - _("Error: %s, you must set rpcpassword=<password>\nin the configuration file: %s\n" + _("Error: %s, you must set a rpcpassword in the configuration file:\n %s\n" + "It is recommended you use the following random password:\n" + "rpcuser=bitcoinrpc\n" + "rpcpassword=%s\n" + "(you do not need to remember this password)\n" "If the file does not exist, create it with owner-readable-only file permissions.\n"), strWhatAmI.c_str(), - GetConfigFile().c_str()); + GetConfigFile().c_str(), + EncodeBase58(&rand_pwd[0],&rand_pwd[0]+32).c_str()); #ifndef QT_GUI CreateThread(Shutdown, NULL); #endif @@ -2259,12 +2266,14 @@ void ThreadRPCServer2(void* parg) } if (!HTTPAuthorized(mapHeaders)) { - // Deter brute-forcing short passwords - if (mapArgs["-rpcpassword"].size() < 15) - Sleep(50); + printf("ThreadRPCServer incorrect password attempt from %s\n",peer.address().to_string().c_str()); + /* Deter brute-forcing short passwords. + If this results in a DOS the user really + shouldn't have their RPC port exposed.*/ + if (mapArgs["-rpcpassword"].size() < 20) + Sleep(250); stream << HTTPReply(401, "") << std::flush; - printf("ThreadRPCServer incorrect password attempt\n"); continue; } |