From 1a78d63f051c2baf86992616db586a2f0dbdaac9 Mon Sep 17 00:00:00 2001 From: Vinnie Falco Date: Tue, 17 Sep 2013 12:02:30 -0700 Subject: [PATCH] Don't forbid RPC clients who provide credentials when not required --- src/ripple_core/functional/Config.cpp | 34 ++++++++++++++++++++------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/src/ripple_core/functional/Config.cpp b/src/ripple_core/functional/Config.cpp index 674ee932eb..4c7413cffc 100644 --- a/src/ripple_core/functional/Config.cpp +++ b/src/ripple_core/functional/Config.cpp @@ -773,14 +773,32 @@ Config::Role Config::getAdminRole (Json::Value const& params, std::string const& bool bPasswordSupplied = params.isMember ("admin_user") || params.isMember ("admin_password"); bool bPasswordRequired = !this->RPC_ADMIN_USER.empty () || !this->RPC_ADMIN_PASSWORD.empty (); - bool bPasswordWrong = bPasswordSupplied - ? bPasswordRequired - // Supplied, required, and incorrect. - ? this->RPC_ADMIN_USER != (params.isMember ("admin_user") ? params["admin_user"].asString () : "") - || this->RPC_ADMIN_PASSWORD != (params.isMember ("admin_user") ? params["admin_password"].asString () : "") - // Supplied and not required. - : true - : false; + bool bPasswordWrong; + + if (bPasswordSupplied) + { + if (bPasswordRequired) + { + // Required, and supplied, check match + bPasswordWrong = + (this->RPC_ADMIN_USER != + (params.isMember ("admin_user") ? params["admin_user"].asString () : "")) + || + (this->RPC_ADMIN_PASSWORD != + (params.isMember ("admin_user") ? params["admin_password"].asString () : "")); + } + else + { + // Not required, but supplied + bPasswordWrong = false; + } + } + else + { + // Required but not supplied, + bPasswordWrong = bPasswordRequired; + } + // Meets IP restriction for admin. bool bAdminIP = false;