ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-11-25 13:35:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change the security model for RPC admin access.

Browse Source
This commit is contained in:
Arthur Britto
2013-01-18 00:36:22 -08:00
parent f6202011fd
commit bda80d4144
11 changed files with 98 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/cpp/ripple/WSConnection.h
View File

@@ -12,6 +12,7 @@
#include "CallRPC.h"
#include "InstanceCounter.h"
#include "Log.h"
#include "RPCErr.h"
DEFINE_INSTANCE(WebSocketConnection);
@@ -91,9 +92,18 @@ public:
RPCHandler mRPCHandler(&mNetwork, this);
Json::Value jvResult(Json::objectValue);
jvResult["result"] = mRPCHandler.doCommand(
jvRequest,
mHandler->getPublic() ? RPCHandler::GUEST : RPCHandler::ADMIN);
int iRole = mHandler->getPublic()
? RPCHandler::GUEST // Don't check on the public interface.
: iAdminGet(jvRequest, "127.0.0.1"); // XXX Fix this to return the remote IP.
if (RPCHandler::FORBID == iRole)
{
jvResult["result"] = rpcError(rpcFORBIDDEN);
}
else
{
jvResult["result"] = mRPCHandler.doCommand(jvRequest, iRole);
}
// Currently we will simply unwrap errors returned by the RPC
// API, in the future maybe we can make the responses