doc: mention RPC random cookie authentication in release notes

This commit is contained in:
Wladimir J. van der Laan 2015-07-13 13:31:38 +02:00
parent 71cbeaad9a
commit 0937290553

View file

@ -4,6 +4,21 @@ release-notes at release time)
Notable changes Notable changes
=============== ===============
Random-cookie RPC authentication
---------------------------------
When no `-rpcpassword` is specified, the daemon now uses a special 'cookie'
file for authentication. This file is generated with random content when the
daemon starts, and deleted when it exits. Its contents are used as
authentication token. Read access to this file controls who can access through
RPC. By default it is stored in the data directory but its location can be
overridden with the option `-rpccookiefile`.
This is similar to Tor's CookieAuthentication: see
https://www.torproject.org/docs/tor-manual.html.en
This allows running bitcoind without having to do any manual configuration.
Example header Example header
---------------------- ----------------------