Skip to content

rpc: Implement random-cookie based authentication #1999

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
zkbot merged 1 commit into from
Jan 18, 2017
Merged

rpc: Implement random-cookie based authentication #1999

zkbot merged 1 commit into from
Jan 18, 2017

Conversation

@str4d
Copy link
Contributor

@str4d str4d commented Jan 9, 2017

Cherry-picked from bitcoin/bitcoin#6388.

Closes #1950.

@laanwj @str4d
rpc: Implement random-cookie based authentication
e957192 
When no `-rpcpassword` is specified, use a special 'cookie' file for
authentication. This file is generated with random content when the
daemon starts, and deleted when it exits. Read access to this file
controls who can access through RPC. By default this file is stored in
the data directory but it be overriden with `-rpccookiefile`.

This is similar to Tor CookieAuthentication: see
https://www.torproject.org/docs/tor-manual.html.en

Alternative to zcash#6258. Like that pull, this allows running bitcoind
without any manual configuration. However, daemons should ideally never write to
their configuration files, so I prefer this solution.
@str4d str4d added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. A-rpc-interface Area: RPC interface special to Zooko usability labels Jan 9, 2017
@str4d str4d requested a review from bitcartel January 9, 2017 17:09
@str4d str4d modified the milestone: 1.0.5 Jan 9, 2017
bitcartel
bitcartel reviewed Jan 17, 2017
View reviewed changes
Copy link
Contributor

@bitcartel bitcartel left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK once the following issue is addressed: option '-server' is by default 1, so with this backport, when simply launching zcashd out of the box, the rpc interface is available.

I think we should change bitcoind.cpp line 145 SoftSetBoolArg("-server", true); to false, and also update the configuration instructions to add 'server=1' to zcash.conf: https://github.com/zcash/zcash/wiki/1.0-User-Guide

@str4d
Copy link
Contributor Author

str4d commented Jan 17, 2017

I disagree, for two reasons:

  • From a security perspective, this is strictly equivalent to the user blindly copy-pasting the generated rpcuser and rpcpassword into their zcash.conf - namely, anyone with read access to the Zcash data dir can access the RPC.
  • From a usability perspective, your concern is already addressed. Now that Require zcash.conf to start zcashd #2013 has been merged, zcashd cannot be launched out of the box, and some user interaction is required. Specifically, if the user blindly follows the messages we show them, then the end result of this PR is no different to what would happen with current master.

@bitcartel
Copy link
Contributor

bitcartel commented Jan 18, 2017

@str4d I was reviewing the PR in isolation and not taking into account #2013. I agree with your comment.
ACK

@ebfull
Copy link
Contributor

ebfull commented Jan 18, 2017

@zkbot r+

@zkbot
Copy link
Contributor

zkbot commented Jan 18, 2017

📌 Commit e957192 has been approved by ebfull

@zkbot
Copy link
Contributor

zkbot commented Jan 18, 2017

⌛ Testing commit e957192 with merge 94f427a...

zkbot added a commit that referenced this pull request Jan 18, 2017
@zkbot
Auto merge of #1999 - str4d:1950-random-cookie-rpc-auth, r=ebfull
94f427a 
rpc: Implement random-cookie based authentication

Cherry-picked from bitcoin/bitcoin#6388.

Closes #1950.
@zkbot
Copy link
Contributor

zkbot commented Jan 18, 2017

☀️ Test successful - zcash

@zkbot zkbot merged commit e957192 into zcash:master Jan 18, 2017
ondrejsika added a commit to ondrejsika/zcash that referenced this pull request Jan 25, 2017
@ondrejsika
Merge tag 'v1.0.5' into ondrejsika/regtest-200-9
ae1d8bf 
Zcash 1.0.5

This release contains a number of bug fixes and minor usability improvements, including:

1. The chain is now fully rescanned when keys are imported that are older than the wallet. (zcash#1978)
2. The number of commitments in the note commitment tree is now displayed by `getblockchaininfo`. (zcash#1946)
3. `zcash.conf` now must exist in order to start zcashd. (zcash#2013)
4. Fixed a bug where `z_sendmany` logged incorrect txid fragments when sending from transparent addresses. (zcash#1980)
5. We integrated upstream's cookie-based RPC authentication. (zcash#1999)
6. We added a restriction to wallet export paths to protect user security. (zcash#2006)
7. `z_getoperationstatus` is now sorted chronologically. (zcash#2015)
8. Messages containing newlines are now rendered properly by the metrics UI. (zcash#1972)
9. We added more tools for benchmarking JoinSplit creation. (zcash#1953)
10. We now show serialized transaction size in `listtransactions`, more operation details in `z_getoperationstatus`, and the age of the note being spent in `z_sendmany` logging. (zcash#2001, zcash#1976, zcash#1977)
11. We now instruct users to run `fetch-params` if the parameters could not be found locally. (zcash#1979)
12. We handle exceptions better in some situations for more user-friendly error messages. (zcash#1976)

For a more complete list of changes, see our [1.0.5 milestone](https://github.com/zcash/zcash/milestone/49?closed=1).
jmprcx added a commit to z-classic/zclassic that referenced this pull request Jan 31, 2017
@jmprcx
Merge tag 'v1.0.5' into v1.0.5-multios
f1f6c3a 
Zcash 1.0.5

This release contains a number of bug fixes and minor usability improvements, including:

1. The chain is now fully rescanned when keys are imported that are older than the wallet. (zcash#1978)
2. The number of commitments in the note commitment tree is now displayed by `getblockchaininfo`. (zcash#1946)
3. `zcash.conf` now must exist in order to start zcashd. (zcash#2013)
4. Fixed a bug where `z_sendmany` logged incorrect txid fragments when sending from transparent addresses. (zcash#1980)
5. We integrated upstream's cookie-based RPC authentication. (zcash#1999)
6. We added a restriction to wallet export paths to protect user security. (zcash#2006)
7. `z_getoperationstatus` is now sorted chronologically. (zcash#2015)
8. Messages containing newlines are now rendered properly by the metrics UI. (zcash#1972)
9. We added more tools for benchmarking JoinSplit creation. (zcash#1953)
10. We now show serialized transaction size in `listtransactions`, more operation details in `z_getoperationstatus`, and the age of the note being spent in `z_sendmany` logging. (zcash#2001, zcash#1976, zcash#1977)
11. We now instruct users to run `fetch-params` if the parameters could not be found locally. (zcash#1979)
12. We handle exceptions better in some situations for more user-friendly error messages. (zcash#1976)

For a more complete list of changes, see our [1.0.5 milestone](https://github.com/zcash/zcash/milestone/49?closed=1).

Conflicts:
	README.md
	configure.ac
	contrib/debian/changelog
	contrib/debian/control
	contrib/debian/manpages/zcash-cli.1
	contrib/debian/manpages/zcashd.1
	contrib/gitian-descriptors/gitian-linux.yml
	doc/authors.md
	src/Makefile.gtest.include
	src/chainparams.cpp
	src/clientversion.h
	src/init.cpp
	src/main.h
	src/metrics.cpp
	src/metrics.h
	src/util.cpp
	src/wallet/asyncrpcoperation_sendmany.cpp
	src/wallet/asyncrpcoperation_sendmany.h
	src/wallet/rpcwallet.cpp
	src/zcbenchmarks.cpp
	zcutil/build-debian-package.sh
@str4d str4d deleted the 1950-random-cookie-rpc-auth branch February 13, 2017 14:27
This was referenced Feb 13, 2017
Open
Open
@str4d str4d mentioned this pull request Dec 20, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@bitcartel bitcartel bitcartel left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@str4d str4d

Labels

A-rpc-interface Area: RPC interface S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. special to Zooko usability

Projects

None yet

Milestone

1.0.5

Development

Successfully merging this pull request may close these issues.

5 participants

@str4d @bitcartel @ebfull @zkbot @laanwj