Qt/RPCConsole: Don't store commands with potentially sensitive information in the history

Filters importprivkey, signrawtransaction, walletpassphrase, walletpassphrasechange, and encryptwallet
This commit is contained in:
Jonas Schnelli 2015-03-13 21:51:27 +01:00 committed by Luke Dashjr
parent fc95daa97f
commit 9044908636
2 changed files with 29 additions and 9 deletions

View file

@ -63,6 +63,14 @@ const struct {
{NULL, NULL}
};
// don't add private key handling cmd's to the history
const QStringList RPCConsole::historyFilter = QStringList()
<< "importprivkey"
<< "signrawtransaction"
<< "walletpassphrase"
<< "walletpassphrasechange"
<< "encryptwallet";
/* Object for executing console RPC commands in a separate thread.
*/
class RPCExecutor : public QObject
@ -755,15 +763,26 @@ void RPCConsole::on_lineEdit_returnPressed()
message(CMD_REQUEST, cmd);
Q_EMIT cmdRequest(cmd);
// Remove command, if already in history
history.removeOne(cmd);
// Append command to history
history.append(cmd);
// Enforce maximum history size
while(history.size() > CONSOLE_HISTORY)
history.removeFirst();
// Set pointer to end of history
historyPtr = history.size();
bool storeHistory = true;
Q_FOREACH(QString unallowedCmd, historyFilter)
{
if (cmd.trimmed().startsWith(unallowedCmd))
storeHistory = false; break;
}
if (storeHistory)
{
// Remove command, if already in history
history.removeOne(cmd);
// Append command to history
history.append(cmd);
// Enforce maximum history size
while(history.size() > CONSOLE_HISTORY)
history.removeFirst();
// Set pointer to end of history
historyPtr = history.size();
}
// Scroll console view to end
scrollToEnd();
}

View file

@ -140,6 +140,7 @@ private:
ClientModel *clientModel;
QStringList history;
int historyPtr;
const static QStringList historyFilter;
QString cmdBeforeBrowsing;
QList<NodeId> cachedNodeids;
const PlatformStyle *platformStyle;