diff options
| author | willcl-ark <will@256k1.dev> | 2024-01-08 15:02:44 +0000 |
|---|---|---|
| committer | willcl-ark <will@256k1.dev> | 2024-06-27 15:08:19 +0100 |
| commit | f467aede78533dac60a118e1566138d65522c213 (patch) | |
| tree | 5acfdef9cea45663d07c7bb9d2d8e859807f94de /src/httprpc.cpp | |
| parent | 7df03f1a923e239cea8c9b0d603a9eb00863a40c (diff) | |
| download | bitcoin-f467aede78533dac60a118e1566138d65522c213.tar.xz | |
init: add option for rpccookie permissions
Add a bitcoind launch option `-rpccookieperms` to configure the file
permissions of the cookie on Unix systems.
Diffstat (limited to 'src/httprpc.cpp')
| -rw-r--r-- | src/httprpc.cpp | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/src/httprpc.cpp b/src/httprpc.cpp index c72dbf10bc..66e0591c44 100644 --- a/src/httprpc.cpp +++ b/src/httprpc.cpp @@ -11,6 +11,8 @@ #include <netaddress.h> #include <rpc/protocol.h> #include <rpc/server.h> +#include <util/fs.h> +#include <util/fs_helpers.h> #include <util/strencodings.h> #include <util/string.h> #include <walletinitinterface.h> @@ -19,6 +21,7 @@ #include <iterator> #include <map> #include <memory> +#include <optional> #include <set> #include <string> #include <vector> @@ -244,8 +247,20 @@ static bool InitRPCAuthentication() { if (gArgs.GetArg("-rpcpassword", "") == "") { - LogPrintf("Using random cookie authentication.\n"); - if (!GenerateAuthCookie(&strRPCUserColonPass)) { + LogInfo("Using random cookie authentication.\n"); + + std::optional<fs::perms> cookie_perms{std::nullopt}; + auto cookie_perms_arg{gArgs.GetArg("-rpccookieperms")}; + if (cookie_perms_arg) { + auto perm_opt = InterpretPermString(*cookie_perms_arg); + if (!perm_opt) { + LogInfo("Invalid -rpccookieperms=%s; must be one of 'owner', 'group', or 'all'.\n", *cookie_perms_arg); + return false; + } + cookie_perms = *perm_opt; + } + + if (!GenerateAuthCookie(&strRPCUserColonPass, cookie_perms)) { return false; } } else { |