config: unify lbcd and lbcwallet RPC credentails

1. remove lbcdusername and lbcdpassword
2. rename (username, password) to (rpcuser, rpcpass)

Most users are confused with the lbcduser and username at first,
and choose to use the same credentials between lbcd and lbcwallet.
This commit is contained in:
Roy Lee 2022-09-28 23:06:49 -07:00
parent 7a4cd602bb
commit be7892a2ae
5 changed files with 20 additions and 55 deletions

View file

@ -22,25 +22,12 @@ does mean they could track all transactions involving your addresses
and therefore know your exact balance. In a future release, public data
encryption will extend to transactions as well.
Wallet clients can use one of two RPC servers:
1. A legacy JSON-RPC server mostly compatible with Bitcoin Core
The JSON-RPC server exists to ease the migration of wallet applications
from Core, but complete compatibility is not guaranteed. Some portions of
the API (and especially accounts) have to work differently due to other
design decisions (mostly due to BIP0044). However, if you find a
compatibility issue and feel that it could be reasonably supported, please
report an issue. This server is enabled by default.
2. An experimental gRPC server
The gRPC server uses a new API built for lbcwallet, but the API is not
stabilized and the server is feature gated behind a config option
(`--experimentalrpclisten`). If you don't mind applications breaking due
to API changes, don't want to deal with issues of the legacy API, or need
notifications for changes to the wallet, this is the RPC server to use.
The gRPC server is documented [here](./rpc/documentation/README.md).
The JSON-RPC server exists to ease the migration of wallet applications
from Core, but complete compatibility is not guaranteed. Some portions of
the API (and especially accounts) have to work differently due to other
design decisions (mostly due to BIP0044). However, if you find a
compatibility issue and feel that it could be reasonably supported, please
report an issue. This server is enabled by default.
## Security
@ -93,25 +80,23 @@ Start a local instance of `lbcd` and have the `lbcwallet` connecting to it.
``` sh
# Start a lbcd with its RPC credentials
./lbcd --txindex --rpcuser=lbcduser --rpcpass=lbcdpass
./lbcd --txindex --rpcuser=rpcuser --rpcpass=rpcpass
# Start a lbcwallet with its RPC credentials along with the lbcd's RPC credentials
# The default lbcd instance to conect to is already localhost:9245 so we don't need to specify it explicitly here.
./lbcwallet --username=rpcuser --password=rpcpass --lbcdusername=lbcduser --lbcdpassword=lbcdpass # --rpcconnect=localhost:9245
./lbcwallet --rpcuser=rpcuser --rpcpass=rpcpass # --rpcconnect=localhost:9245
#
# rpcuser/rpcpass lbcduser/lbcdpass
# rpcuser/rpcpass rpcuser/rpcpass
# lbcctl <-------------------> lbcwallet <--------------------> lbcd
# RPC port 9244 RPC port 9245
#
```
If the `lbcd` and `lbcwallet` use the same RPC credentials, we can skip the `--lbcdusername` and `--lbcdpassword`
``` sh
./lbcd --txindex --rpcuser=rpcuser --rpcpass=rpcpass
./lbcwallet --username=rpcuser --password=rpcpass
./lbcwallet --rpcuser=rpcuser --rpcpass=rpcpass
#
# rpcuser/rpcpass rpcuser/rpcpass

View file

@ -70,8 +70,6 @@ type config struct {
CAFile *cfgutil.ExplicitString `long:"cafile" description:"File containing root certificates to authenticate a TLS connections with lbcd"`
DisableClientTLS bool `long:"noclienttls" description:"Disable TLS for the RPC client"`
SkipVerify bool `long:"skipverify" description:"Skip verifying TLS for the RPC client"`
LbcdUsername string `long:"lbcdusername" description:"Username for lbcd authentication"`
LbcdPassword string `long:"lbcdpassword" default-mask:"-" description:"Password for lbcd authentication"`
Proxy string `long:"proxy" description:"Connect via SOCKS5 proxy (eg. 127.0.0.1:9050)"`
ProxyUser string `long:"proxyuser" description:"Username for proxy server"`
ProxyPass string `long:"proxypass" default-mask:"-" description:"Password for proxy server"`
@ -90,9 +88,9 @@ type config struct {
DisableServerTLS bool `long:"noservertls" description:"Disable TLS for the RPC server"`
LegacyRPCListeners []string `long:"rpclisten" description:"Listen for legacy RPC connections on this interface/port (default port: 9244, testnet: 19244, regtest: 29244, simnet: 29244)"`
LegacyRPCMaxClients int64 `long:"rpcmaxclients" description:"Max number of legacy RPC clients for standard connections"`
LegacyRPCMaxWebsockets int64 `long:"rpcmaxwebsockets" description:"Max number of legacy RPC websocket connections"`
Username string `short:"u" long:"username" description:"Username for legacy RPC and lbcd authentication (if lbcdusername is unset)"`
Password string `short:"P" long:"password" default-mask:"-" description:"Password for legacy RPC and lbcd authentication (if lbcdpassword is unset)"`
LegacyRPCMaxWebsockets int64 `long:"rpcmaxwebsockets" description:"Max number of RPC websocket connections"`
RPCUser string `short:"u" long:"rpcuser" description:"Username for RPC and lbcd authentication"`
RPCPass string `short:"P" long:"rpcpass" default-mask:"-" description:"Password for RPC and lbcd authentication"`
// Deprecated options
DataDir *cfgutil.ExplicitString `short:"b" long:"datadir" default-mask:"-" description:"DEPRECATED -- use appdata instead"`
@ -601,17 +599,6 @@ func loadConfig() (*config, []string, error) {
cfg.RPCCert.Value = cleanAndExpandPath(cfg.RPCCert.Value)
cfg.RPCKey.Value = cleanAndExpandPath(cfg.RPCKey.Value)
// If the lbcd username or password are unset, use the same auth as for
// the client. The two settings were previously shared for lbcd and
// client auth, so this avoids breaking backwards compatibility while
// allowing users to use different auth settings for lbcd and wallet.
if cfg.LbcdUsername == "" {
cfg.LbcdUsername = cfg.Username
}
if cfg.LbcdPassword == "" {
cfg.LbcdPassword = cfg.Password
}
// Warn about missing config file after the final command line parse
// succeeds. This prevents the warning on help messages and invalid
// options.

View file

@ -214,7 +214,7 @@ func readCAFile() []byte {
func startChainRPC(certs []byte) (*chain.RPCClient, error) {
log.Infof("Attempting RPC client connection to %v", cfg.RPCConnect)
rpcc, err := chain.NewRPCClient(activeNet.Params, cfg.RPCConnect,
cfg.LbcdUsername, cfg.LbcdPassword, certs, cfg.DisableClientTLS,
cfg.RPCPass, cfg.RPCPass, certs, cfg.DisableClientTLS,
cfg.SkipVerify, 0)
if err != nil {
return nil, err

View file

@ -126,8 +126,8 @@ func startRPCServers(walletLoader *wallet.Loader) (*legacyrpc.Server, error) {
}
if cfg.Username == "" || cfg.Password == "" {
log.Info("Legacy RPC server disabled (requires username and password)")
if cfg.RPCUser == "" || cfg.RPCPass == "" {
log.Info("RPC server disabled (requires rpcuser and rpcpass)")
} else if len(cfg.LegacyRPCListeners) != 0 {
listeners := makeListeners(cfg.LegacyRPCListeners, legacyListen)
if len(listeners) == 0 {
@ -135,8 +135,8 @@ func startRPCServers(walletLoader *wallet.Loader) (*legacyrpc.Server, error) {
return nil, err
}
opts := legacyrpc.Options{
Username: cfg.Username,
Password: cfg.Password,
Username: cfg.RPCUser,
Password: cfg.RPCPass,
MaxPOSTClients: cfg.LegacyRPCMaxClients,
MaxWebsocketClients: cfg.LegacyRPCMaxWebsockets,
}

View file

@ -88,15 +88,8 @@
; Username and password to authenticate to lbcd a RPC server and authenticate
; new client connections
; username=
; password=
; Alternative username and password for lbcd. If set, these will be used
; instead of the username and password set above for authentication to a
; lbcd RPC server.
; lbcdusername=
; lbcdpassword=
; rpcuser=
; rpcpass=
; ------------------------------------------------------------------------------
; Debug