ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-11-25 13:35:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

More security changes.

Browse Source
This commit is contained in:
Arthur Britto
2013-01-18 01:41:48 -08:00
parent bda80d4144
commit e69d309cb3
5 changed files with 46 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/cpp/ripple/RPCHandler.cpp
View File

@@ -28,19 +28,21 @@ SETUP_LOG();
int iAdminGet(const Json::Value& jvRequest, const std::string& strRemoteIp)
{
int iRole;
bool bPasswordSupplied = jvRequest.isMember("user") || jvRequest.isMember("password");
bool bPasswordSupplied = jvRequest.isMember("admin_user") || jvRequest.isMember("admin_password");
bool bPasswordRequired = !theConfig.RPC_ADMIN_USER.empty() || !theConfig.RPC_ADMIN_PASSWORD.empty();
bool bPasswordWrong = bPasswordSupplied
? bPasswordRequired
// Supplied, required, and incorrect.
? theConfig.RPC_ADMIN_USER != (jvRequest.isMember("user") ? jvRequest["user"].asString() : "")
|| theConfig.RPC_ADMIN_PASSWORD != (jvRequest.isMember("user") ? jvRequest["password"].asString() : "")
? theConfig.RPC_ADMIN_USER != (jvRequest.isMember("admin_user") ? jvRequest["admin_user"].asString() : "")
|| theConfig.RPC_ADMIN_PASSWORD != (jvRequest.isMember("admin_user") ? jvRequest["admin_password"].asString() : "")
// Supplied and not required.
: true
: false;
// Meets IP restriction for admin.
bool bAdminIP = strRemoteIp == "127.0.0.1";
bool bAdminIP = theConfig.RPC_ADMIN_ALLOW.empty()
? strRemoteIp == "127.0.0.1"
: strRemoteIp == theConfig.RPC_ADMIN_ALLOW;
if (bPasswordWrong // Wrong
|| (bPasswordSupplied && !bAdminIP)) // Supplied and doesn't meet IP filter.