ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-11-26 14:05:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Let [rpc_admin_allow] take multiple lines.

Browse Source
This commit is contained in:
Arthur Britto
2013-01-21 17:18:21 -08:00
parent ab6ab491eb
commit d569633c09
4 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rippled-example.cfg
View File

@@ -107,7 +107,7 @@
# 1: Allow RPC connections from any IP.
#
# [rpc_admin_allow]:
# Specify an IP address required for admin access.
# Specify an list of IP addresses allowed to have admin access. One per line.
#
# Defaults to 127.0.0.1.
#

8
src/cpp/ripple/Config.cpp
View File

@@ -187,6 +187,7 @@ Config::Config()
LEDGER_CREATOR = false;
RPC_ALLOW_REMOTE = false;
RPC_ADMIN_ALLOW.push_back("127.0.0.1");
PEER_SSL_CIPHER_LIST = DEFAULT_PEER_SSL_CIPHER_LIST;
PEER_SCAN_INTERVAL_MIN = DEFAULT_PEER_SCAN_INTERVAL_MIN;
@@ -307,7 +308,12 @@ void Config::load()
if (sectionSingleB(secConfig, SECTION_PEER_PRIVATE, strTemp))
PEER_PRIVATE = boost::lexical_cast<bool>(strTemp);
(void) sectionSingleB(secConfig, SECTION_RPC_ADMIN_ALLOW, RPC_ADMIN_ALLOW);
smtTmp = sectionEntries(secConfig, SECTION_RPC_ADMIN_ALLOW);
if (smtTmp)
{
RPC_ADMIN_ALLOW = *smtTmp;
}
(void) sectionSingleB(secConfig, SECTION_RPC_ADMIN_PASSWORD, RPC_ADMIN_PASSWORD);
(void) sectionSingleB(secConfig, SECTION_RPC_ADMIN_USER, RPC_ADMIN_USER);
(void) sectionSingleB(secConfig, SECTION_RPC_IP, RPC_IP);

2
src/cpp/ripple/Config.h
View File

@@ -113,7 +113,7 @@ public:
// RPC parameters
std::string RPC_IP;
int RPC_PORT;
std::string RPC_ADMIN_ALLOW;
std::vector<std::string> RPC_ADMIN_ALLOW;
std::string RPC_ADMIN_PASSWORD;
std::string RPC_ADMIN_USER;
std::string RPC_PASSWORD;

10
src/cpp/ripple/RPCHandler.cpp
View File

@@ -40,9 +40,13 @@ int iAdminGet(const Json::Value& jvRequest, const std::string& strRemoteIp)
: true
: false;
// Meets IP restriction for admin.
bool bAdminIP = theConfig.RPC_ADMIN_ALLOW.empty()
? strRemoteIp == "127.0.0.1"
: strRemoteIp == theConfig.RPC_ADMIN_ALLOW;
bool bAdminIP = false;
BOOST_FOREACH(const std::string& strAllowIp, theConfig.RPC_ADMIN_ALLOW)
{
if (strAllowIp == strRemoteIp)
bAdminIP = true;
}
if (bPasswordWrong // Wrong
|| (bPasswordSupplied && !bAdminIP)) // Supplied and doesn't meet IP filter.