bitcoin-cli: -stdinwalletpassphrase and non-echo stdin passwords #13716
Conversation
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
2 times, most recently
from
6644848 to
64eb9b5
Compare
|
Concept ACK |
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsNo conflicts as of last run. |
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
2 times, most recently
from
f4fb12b to
3f49a30
Compare
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
from
3f49a30 to
eee2aeb
Compare
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
from
eee2aeb to
fb1f6c9
Compare
src/util.cpp
Outdated
There was a problem hiding this comment.
As this is only used in bitcoin-cli, it doesn't need to be in util.cpp (which is shared between the server and client), would be better in a client-specific utility, e.g. compat/noecho.{cpp,h} or something like that, that is only linked into -cli.
There was a problem hiding this comment.
Good point. Fixing.
src/util.cpp
Outdated
There was a problem hiding this comment.
is this generally supported on all UNIX, or does it need checks in the build system?
There was a problem hiding this comment.
termios.h? It seems to be pretty standard FWICT.
There was a problem hiding this comment.
going to test on FreeBSD and OpenBSD
|
Concept ACK |
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
from
fb1f6c9 to
abd986f
Compare
src/bitcoin-cli.cpp
Outdated
There was a problem hiding this comment.
- need to re-enable echoing before the normal
-stdinprocessing - make sure that this is not called unless either
-stdinrpcpassor-stdinwalletpassphraseis called to avoid interfering with scripts that pipe in data, not attached to a TTY
There was a problem hiding this comment.
Good points. Addressed both.
Hitting enter adds a newline on my mac. Where do you want one to be added? After the |
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
from
b197e57 to
110e821
Compare
|
@kallewoof it didn't return a new line for me (macOS 10.14.3):
re-tACK 110e821 |
|
Oh, okay! So this is the case for pre-existing |
|
re-tACK d1688c9 |
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
2 times, most recently
from
e80b84a to
404beda
Compare
src/bitcoin-cli.cpp
Outdated
There was a problem hiding this comment.
you could use fputs here (same below) and avoid introducing the locale dependency exception
There was a problem hiding this comment.
tfm::format(std::cerr, ... should work as well
There was a problem hiding this comment.
D'oh, yeah. Removing linter changes and using fputs.
src/bitcoin-cli.cpp
Outdated
There was a problem hiding this comment.
please only print this extra newline if stdin terminal is detected, and not when, say, piping in from a script (same below 2x)
There was a problem hiding this comment.
Understood. I think the latest version achieves this. (See StdinTerminal().)
$ ./bitcoin-cli -datadir=d -regtest encryptwallet foobar38
wallet encrypted; The keypool has been flushed and a new HD seed was generated (if you are using HD). You need to make a new backup.
$ ./bitcoin-cli -datadir=d -regtest -stdinwalletpassphrase walletpassphrase 10
Wallet passphrase>
$ echo foobar38 | ./bitcoin-cli -datadir=d -regtest -stdinwalletpassphrase walletpassphrase 10
$ echo xfoobar38 | ./bitcoin-cli -datadir=d -regtest -stdinwalletpassphrase walletpassphrase 10
error code: -14
error message:
Error: The wallet passphrase entered was incorrect.
kallewoof
force-pushed
the
stdinwalletpassphrase
branch
from
f42176b to
50c4afa
Compare
|
Thanks, LGTM now |
…passwords 50c4afa add newline after -stdin* (Karl-Johan Alm) 7f11fba cli: add -stdinwalletpassphrase for (slightly more) secure CLI (Karl-Johan Alm) 0da503e add stdin helpers for password input support (Karl-Johan Alm) Pull request description: This PR * adds `-stdinwalletpassphrase` for use with `walletpasshprase(change)` * adds no-echo for passwords (`-stdinrpcpass` and above) It may not be ideal, but it's better than having to clear the screen whenever you unlock the wallet. ACKs for top commit: laanwj: code review ACK 50c4afa Tree-SHA512: 473db8a303ff360ffaa36ac81a2f82be2136fa82696df0bc4f33cb44033a3ae258b5aa5bbcc1f101f88ae9abe9598ed564ce52877ab139bd5d709833f5275ec6
Summary: This helpers will be used for no-echo input when typing passwords in a terminal. This is a backport of Core [[bitcoin/bitcoin#13716 | PR13716]] [1/3] Commit bitcoin/bitcoin@0da503e Test Plan: `cmake .. -GNinja && ninja` Reviewers: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Reviewed By: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Subscribers: deadalnix Differential Revision: https://reviews.bitcoinabc.org/D8106
Summary: > This PR > > - adds -stdinwalletpassphrase for use with walletpasshprase(change) > - adds no-echo for passwords (-stdinrpcpass and above) This is a backport of Core [[bitcoin/bitcoin#13716 | PR13716]] [2/3] Commit: bitcoin/bitcoin@7f11fba Depends D8106 Test Plan: ``` src/bitcoin-cli -help src/bitcoin-cli -stdinrpcpass getnetworkinfo src/bitcoin-cli -stdinrpcpass -stdinwalletpassphrase walletpassphrase ``` Reviewers: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Reviewed By: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Subscribers: deadalnix Differential Revision: https://reviews.bitcoinabc.org/D8107
Summary: This is a backport of Core [[bitcoin/bitcoin#13716 | PR13716]] [3/3] Commit: bitcoin/bitcoin@50c4afa Depends on D8107 Test Plan: Verify that newlines are added between the two passwords: `src/bitcoin-cli -stdinrpcpass -stdinwalletpassphrase walletpassphrase` Reviewers: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Reviewed By: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Subscribers: deadalnix Differential Revision: https://reviews.bitcoinabc.org/D8108
9 participants
This PR
-stdinwalletpassphrasefor use withwalletpasshprase(change)-stdinrpcpassand above)It may not be ideal, but it's better than having to clear the screen whenever you unlock the wallet.