From e69d309cb38de4de58c329fbe0f745586a43e99e Mon Sep 17 00:00:00 2001 From: Arthur Britto Date: Fri, 18 Jan 2013 01:41:48 -0800 Subject: [PATCH] More security changes. --- rippled-example.cfg | 25 +++++++++++++++++++++---- src/cpp/ripple/CallRPC.cpp | 10 ++++++++-- src/cpp/ripple/Config.cpp | 8 +++++++- src/cpp/ripple/Config.h | 5 ++++- src/cpp/ripple/RPCHandler.cpp | 10 ++++++---- 5 files changed, 46 insertions(+), 12 deletions(-) diff --git a/rippled-example.cfg b/rippled-example.cfg index 4dbd58668..e8fc94fb2 100644 --- a/rippled-example.cfg +++ b/rippled-example.cfg @@ -107,15 +107,32 @@ # 0: Allow RPC connections only from 127.0.0.1. [default] # 1: Allow RPC connections from any IP. # +# [rpc_admin_allow]: +# Specify an IP address required for admin access. +# +# Defaults to 127.0.0.1. +# +# [rpc_user]: +# As a server, require a this user to specified and require rpc_password to +# be checked for RPC access. +# +# As a client, supply this to the server. +# +# [rpc_password]: +# As a server, require a this password to specified and require rpc_user to +# be checked for RPC access. +# +# As a client, supply this to the server. +# # [rpc_admin_user]: -# As a server, require a this user to specified and require admin_password to -# be checked for RPC admin functions. +# As a server, require a this user to specified and require rpc_admin_password +# to be checked for RPC admin functions. # # As a client, supply this to the server. # # [rpc_admin_password]: -# As a server, require a this password to specified and require admin_user to -# be checked for RPC admin functions. +# As a server, require a this password to specified and require rpc_admin_user +# to be checked for RPC admin functions. # # As a client, supply this to the server. # diff --git a/src/cpp/ripple/CallRPC.cpp b/src/cpp/ripple/CallRPC.cpp index a48e06959..13f3e7ff4 100644 --- a/src/cpp/ripple/CallRPC.cpp +++ b/src/cpp/ripple/CallRPC.cpp @@ -590,11 +590,17 @@ int commandLineRPC(const std::vector& vCmd) jvParams.append(jvRequest); + if (!theConfig.RPC_ADMIN_USER.empty()) + jvRequest["admin_user"] = theConfig.RPC_ADMIN_USER; + + if (!theConfig.RPC_ADMIN_PASSWORD.empty()) + jvRequest["admin_password"] = theConfig.RPC_ADMIN_PASSWORD; + jvOutput = callRPC( theConfig.RPC_IP, theConfig.RPC_PORT, - theConfig.RPC_ADMIN_USER, - theConfig.RPC_ADMIN_PASSWORD, + theConfig.RPC_USER, + theConfig.RPC_PASSWORD, "", jvRequest.isMember("method") // Allow parser to rewrite method. ? jvRequest["method"].asString() diff --git a/src/cpp/ripple/Config.cpp b/src/cpp/ripple/Config.cpp index a44acdc0f..a50f8f676 100644 --- a/src/cpp/ripple/Config.cpp +++ b/src/cpp/ripple/Config.cpp @@ -35,10 +35,13 @@ #define SECTION_PEER_SSL_CIPHER_LIST "peer_ssl_cipher_list" #define SECTION_PEER_START_MAX "peer_start_max" #define SECTION_RPC_ALLOW_REMOTE "rpc_allow_remote" +#define SECTION_RPC_ADMIN_ALLOW "rpc_admin_allow" #define SECTION_RPC_ADMIN_USER "rpc_admin_user" #define SECTION_RPC_ADMIN_PASSWORD "rpc_admin_password" #define SECTION_RPC_IP "rpc_ip" #define SECTION_RPC_PORT "rpc_port" +#define SECTION_RPC_USER "rpc_user" +#define SECTION_RPC_PASSWORD "rpc_password" #define SECTION_RPC_STARTUP "rpc_startup" #define SECTION_SNTP "sntp_servers" #define SECTION_VALIDATORS_FILE "validators_file" @@ -298,9 +301,12 @@ void Config::load() if (sectionSingleB(secConfig, SECTION_PEER_PRIVATE, strTemp)) PEER_PRIVATE = boost::lexical_cast(strTemp); - (void) sectionSingleB(secConfig, SECTION_RPC_ADMIN_USER, RPC_ADMIN_USER); + (void) sectionSingleB(secConfig, SECTION_RPC_ADMIN_ALLOW, RPC_ADMIN_ALLOW); (void) sectionSingleB(secConfig, SECTION_RPC_ADMIN_PASSWORD, RPC_ADMIN_PASSWORD); + (void) sectionSingleB(secConfig, SECTION_RPC_ADMIN_USER, RPC_ADMIN_USER); (void) sectionSingleB(secConfig, SECTION_RPC_IP, RPC_IP); + (void) sectionSingleB(secConfig, SECTION_RPC_PASSWORD, RPC_PASSWORD); + (void) sectionSingleB(secConfig, SECTION_RPC_USER, RPC_USER); if (sectionSingleB(secConfig, SECTION_RPC_PORT, strTemp)) RPC_PORT = boost::lexical_cast(strTemp); diff --git a/src/cpp/ripple/Config.h b/src/cpp/ripple/Config.h index a72be021b..915756179 100644 --- a/src/cpp/ripple/Config.h +++ b/src/cpp/ripple/Config.h @@ -112,8 +112,11 @@ public: // RPC parameters std::string RPC_IP; int RPC_PORT; - std::string RPC_ADMIN_USER; + std::string RPC_ADMIN_ALLOW; std::string RPC_ADMIN_PASSWORD; + std::string RPC_ADMIN_USER; + std::string RPC_PASSWORD; + std::string RPC_USER; bool RPC_ALLOW_REMOTE; std::vector RPC_STARTUP; diff --git a/src/cpp/ripple/RPCHandler.cpp b/src/cpp/ripple/RPCHandler.cpp index c7141e49f..c7dbbfaec 100644 --- a/src/cpp/ripple/RPCHandler.cpp +++ b/src/cpp/ripple/RPCHandler.cpp @@ -28,19 +28,21 @@ SETUP_LOG(); int iAdminGet(const Json::Value& jvRequest, const std::string& strRemoteIp) { int iRole; - bool bPasswordSupplied = jvRequest.isMember("user") || jvRequest.isMember("password"); + bool bPasswordSupplied = jvRequest.isMember("admin_user") || jvRequest.isMember("admin_password"); bool bPasswordRequired = !theConfig.RPC_ADMIN_USER.empty() || !theConfig.RPC_ADMIN_PASSWORD.empty(); bool bPasswordWrong = bPasswordSupplied ? bPasswordRequired // Supplied, required, and incorrect. - ? theConfig.RPC_ADMIN_USER != (jvRequest.isMember("user") ? jvRequest["user"].asString() : "") - || theConfig.RPC_ADMIN_PASSWORD != (jvRequest.isMember("user") ? jvRequest["password"].asString() : "") + ? theConfig.RPC_ADMIN_USER != (jvRequest.isMember("admin_user") ? jvRequest["admin_user"].asString() : "") + || theConfig.RPC_ADMIN_PASSWORD != (jvRequest.isMember("admin_user") ? jvRequest["admin_password"].asString() : "") // Supplied and not required. : true : false; // Meets IP restriction for admin. - bool bAdminIP = strRemoteIp == "127.0.0.1"; + bool bAdminIP = theConfig.RPC_ADMIN_ALLOW.empty() + ? strRemoteIp == "127.0.0.1" + : strRemoteIp == theConfig.RPC_ADMIN_ALLOW; if (bPasswordWrong // Wrong || (bPasswordSupplied && !bAdminIP)) // Supplied and doesn't meet IP filter.