Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log.

This commit is contained in:
Mark Friedenbach 2014-10-16 16:16:29 -07:00
parent e8f6d54f1f
commit d4746d56c0
4 changed files with 12 additions and 2 deletions

View file

@ -14,6 +14,9 @@
static bool noui_ThreadSafeMessageBox(const std::string& message, const std::string& caption, unsigned int style) static bool noui_ThreadSafeMessageBox(const std::string& message, const std::string& caption, unsigned int style)
{ {
bool fSecure = style & CClientUIInterface::SECURE;
style &= ~CClientUIInterface::SECURE;
std::string strCaption; std::string strCaption;
// Check for usage of predefined caption // Check for usage of predefined caption
switch (style) { switch (style) {
@ -30,7 +33,8 @@ static bool noui_ThreadSafeMessageBox(const std::string& message, const std::str
strCaption += caption; // Use supplied caption (can be empty) strCaption += caption; // Use supplied caption (can be empty)
} }
LogPrintf("%s: %s\n", strCaption, message); if (!fSecure)
LogPrintf("%s: %s\n", strCaption, message);
fprintf(stderr, "%s: %s\n", strCaption.c_str(), message.c_str()); fprintf(stderr, "%s: %s\n", strCaption.c_str(), message.c_str());
return false; return false;
} }

View file

@ -992,6 +992,9 @@ void BitcoinGUI::showProgress(const QString &title, int nProgress)
static bool ThreadSafeMessageBox(BitcoinGUI *gui, const std::string& message, const std::string& caption, unsigned int style) static bool ThreadSafeMessageBox(BitcoinGUI *gui, const std::string& message, const std::string& caption, unsigned int style)
{ {
bool modal = (style & CClientUIInterface::MODAL); bool modal = (style & CClientUIInterface::MODAL);
// The SECURE flag has no effect in the Qt GUI.
// bool secure = (style & CClientUIInterface::SECURE);
style &= ~CClientUIInterface::SECURE;
bool ret = false; bool ret = false;
// In case of modal message, use blocking connection to wait for user to click a button // In case of modal message, use blocking connection to wait for user to click a button
QMetaObject::invokeMethod(gui, "message", QMetaObject::invokeMethod(gui, "message",

View file

@ -581,7 +581,7 @@ void StartRPCThreads()
strWhatAmI, strWhatAmI,
GetConfigFile().string(), GetConfigFile().string(),
EncodeBase58(&rand_pwd[0],&rand_pwd[0]+32)), EncodeBase58(&rand_pwd[0],&rand_pwd[0]+32)),
"", CClientUIInterface::MSG_ERROR); "", CClientUIInterface::MSG_ERROR | CClientUIInterface::SECURE);
StartShutdown(); StartShutdown();
return; return;
} }

View file

@ -63,6 +63,9 @@ public:
/** Force blocking, modal message box dialog (not just OS notification) */ /** Force blocking, modal message box dialog (not just OS notification) */
MODAL = 0x10000000U, MODAL = 0x10000000U,
/** Do not print contents of message to debug log */
SECURE = 0x40000000U,
/** Predefined combinations for certain default usage cases */ /** Predefined combinations for certain default usage cases */
MSG_INFORMATION = ICON_INFORMATION, MSG_INFORMATION = ICON_INFORMATION,
MSG_WARNING = (ICON_WARNING | BTN_OK | MODAL), MSG_WARNING = (ICON_WARNING | BTN_OK | MODAL),