Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log.
This commit is contained in:
parent
e8f6d54f1f
commit
d4746d56c0
4 changed files with 12 additions and 2 deletions
|
@ -14,6 +14,9 @@
|
||||||
|
|
||||||
static bool noui_ThreadSafeMessageBox(const std::string& message, const std::string& caption, unsigned int style)
|
static bool noui_ThreadSafeMessageBox(const std::string& message, const std::string& caption, unsigned int style)
|
||||||
{
|
{
|
||||||
|
bool fSecure = style & CClientUIInterface::SECURE;
|
||||||
|
style &= ~CClientUIInterface::SECURE;
|
||||||
|
|
||||||
std::string strCaption;
|
std::string strCaption;
|
||||||
// Check for usage of predefined caption
|
// Check for usage of predefined caption
|
||||||
switch (style) {
|
switch (style) {
|
||||||
|
@ -30,7 +33,8 @@ static bool noui_ThreadSafeMessageBox(const std::string& message, const std::str
|
||||||
strCaption += caption; // Use supplied caption (can be empty)
|
strCaption += caption; // Use supplied caption (can be empty)
|
||||||
}
|
}
|
||||||
|
|
||||||
LogPrintf("%s: %s\n", strCaption, message);
|
if (!fSecure)
|
||||||
|
LogPrintf("%s: %s\n", strCaption, message);
|
||||||
fprintf(stderr, "%s: %s\n", strCaption.c_str(), message.c_str());
|
fprintf(stderr, "%s: %s\n", strCaption.c_str(), message.c_str());
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -992,6 +992,9 @@ void BitcoinGUI::showProgress(const QString &title, int nProgress)
|
||||||
static bool ThreadSafeMessageBox(BitcoinGUI *gui, const std::string& message, const std::string& caption, unsigned int style)
|
static bool ThreadSafeMessageBox(BitcoinGUI *gui, const std::string& message, const std::string& caption, unsigned int style)
|
||||||
{
|
{
|
||||||
bool modal = (style & CClientUIInterface::MODAL);
|
bool modal = (style & CClientUIInterface::MODAL);
|
||||||
|
// The SECURE flag has no effect in the Qt GUI.
|
||||||
|
// bool secure = (style & CClientUIInterface::SECURE);
|
||||||
|
style &= ~CClientUIInterface::SECURE;
|
||||||
bool ret = false;
|
bool ret = false;
|
||||||
// In case of modal message, use blocking connection to wait for user to click a button
|
// In case of modal message, use blocking connection to wait for user to click a button
|
||||||
QMetaObject::invokeMethod(gui, "message",
|
QMetaObject::invokeMethod(gui, "message",
|
||||||
|
|
|
@ -581,7 +581,7 @@ void StartRPCThreads()
|
||||||
strWhatAmI,
|
strWhatAmI,
|
||||||
GetConfigFile().string(),
|
GetConfigFile().string(),
|
||||||
EncodeBase58(&rand_pwd[0],&rand_pwd[0]+32)),
|
EncodeBase58(&rand_pwd[0],&rand_pwd[0]+32)),
|
||||||
"", CClientUIInterface::MSG_ERROR);
|
"", CClientUIInterface::MSG_ERROR | CClientUIInterface::SECURE);
|
||||||
StartShutdown();
|
StartShutdown();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -63,6 +63,9 @@ public:
|
||||||
/** Force blocking, modal message box dialog (not just OS notification) */
|
/** Force blocking, modal message box dialog (not just OS notification) */
|
||||||
MODAL = 0x10000000U,
|
MODAL = 0x10000000U,
|
||||||
|
|
||||||
|
/** Do not print contents of message to debug log */
|
||||||
|
SECURE = 0x40000000U,
|
||||||
|
|
||||||
/** Predefined combinations for certain default usage cases */
|
/** Predefined combinations for certain default usage cases */
|
||||||
MSG_INFORMATION = ICON_INFORMATION,
|
MSG_INFORMATION = ICON_INFORMATION,
|
||||||
MSG_WARNING = (ICON_WARNING | BTN_OK | MODAL),
|
MSG_WARNING = (ICON_WARNING | BTN_OK | MODAL),
|
||||||
|
|
Loading…
Reference in a new issue