New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RPC: Add option -stdinrpcpass to bitcoin-cli to allow RPC password to be read from standard input #10997

Merged
merged 1 commit into from Aug 24, 2017

Conversation

Projects
None yet
5 participants
@jharvell
Contributor

jharvell commented Aug 6, 2017

Add a new command-line option to bitcoin-cli that allows the RPC password to be read from standard intput. The purpose of this option is to allow secure RPC password input to bitcoin-cli through an external program that is capable of disabling terminal echo.

This option works similarly to the existing -stdin option, and also works when combined with that option.

I have also written a simple ncurses based program that disables echo, gets input from the terminal and writes to standard output. I couldn't find an existing askpass program that doesn't require graphics libraries, since they are primarily used for getting passwords in a graphics environment. Unless someone can point out a suitable existing askpass program, I plan to submit my ncurses program to the contrib directory separately from this pull request.

@jharvell jharvell changed the title from Add option -stdinrpcpass to allow RPC password to be read from stdin to RPC: Add option -stdinrpcpass to allow RPC password to be read from standard input Aug 6, 2017

@jharvell jharvell changed the title from RPC: Add option -stdinrpcpass to allow RPC password to be read from standard input to RPC: Add option -stdinrpcpass to bitcoin-cli to allow RPC password to be read from standard input Aug 7, 2017

@jharvell

This comment has been minimized.

Show comment
Hide comment
@jharvell

jharvell Aug 7, 2017

Contributor

I created an askpass utility program (https://github.com/jharvell/askpass) since I didn't find one to my liking. In particular, this one supports mult-line input which would be needed for -stdinrpcpass combined with -stdin.

Contributor

jharvell commented Aug 7, 2017

I created an askpass utility program (https://github.com/jharvell/askpass) since I didn't find one to my liking. In particular, this one supports mult-line input which would be needed for -stdinrpcpass combined with -stdin.

Show outdated Hide outdated src/bitcoin-cli.cpp
Show outdated Hide outdated src/bitcoin-cli.cpp
@jharvell

This comment has been minimized.

Show comment
Hide comment
@jharvell

jharvell Aug 8, 2017

Contributor

I realized I had committed with the wrong author email. So I did a rebase where I amended the author email. Both commits are the same content, just now with the correct author email (and hash).

Also, let me know if you want me to do one last rebase and squash to a single commit if/before you merge to master.

Contributor

jharvell commented Aug 8, 2017

I realized I had committed with the wrong author email. So I did a rebase where I amended the author email. Both commits are the same content, just now with the correct author email (and hash).

Also, let me know if you want me to do one last rebase and squash to a single commit if/before you merge to master.

@laanwj

This comment has been minimized.

Show comment
Hide comment
@laanwj

laanwj Aug 23, 2017

Member

Looks good to me now utACK. Would be nice if someone could test, though.

Also, let me know if you want me to do one last rebase and squash to a single commit if/before you merge to master.

Yes please.

Member

laanwj commented Aug 23, 2017

Looks good to me now utACK. Would be nice if someone could test, though.

Also, let me know if you want me to do one last rebase and squash to a single commit if/before you merge to master.

Yes please.

@laanwj laanwj self-assigned this Aug 23, 2017

@jonasschnelli

This comment has been minimized.

Show comment
Hide comment
@jonasschnelli

jonasschnelli Aug 23, 2017

Member

utACK 4bd8775 (yes, please squash).

Member

jonasschnelli commented Aug 23, 2017

utACK 4bd8775 (yes, please squash).

@jharvell

This comment has been minimized.

Show comment
Hide comment
@jharvell

jharvell Aug 23, 2017

Contributor

squashed to single commit

Contributor

jharvell commented Aug 23, 2017

squashed to single commit

@laanwj

This comment has been minimized.

Show comment
Hide comment
@laanwj

laanwj Aug 24, 2017

Member

Tested ACK 79191f5

Member

laanwj commented Aug 24, 2017

Tested ACK 79191f5

@laanwj laanwj merged commit 79191f5 into bitcoin:master Aug 24, 2017

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

laanwj added a commit that referenced this pull request Aug 24, 2017

Merge #10997: RPC: Add option -stdinrpcpass to bitcoin-cli to allow R…
…PC password to be read from standard input

79191f5 Add option -stdinrpcpass to allow RPC password to be read from standard input (Joe Harvell)

Pull request description:

  Add a new command-line option to bitcoin-cli that allows the RPC password to be read from standard intput.  The purpose of this option is to allow secure RPC password input to bitcoin-cli through an external program that is capable of disabling terminal echo.

  This option works similarly to the existing -stdin option, and also works when combined with that option.

  I have also written a simple ncurses based program that disables echo, gets input from the terminal and writes to standard output.  I couldn't find an existing askpass program that doesn't require graphics libraries, since they are primarily used for getting passwords in a graphics environment.  Unless someone can point out a suitable existing askpass program, I plan to submit my ncurses program to the contrib directory separately from this pull request.

Tree-SHA512: 6d426d757de325d928fab42ea8e423273a7dea9f838acb745ccf9f9daa2b47e23044ec1c019cda1a081253f5145fc10f79ae82dfe7f8e952e1f271ec56018e14
@@ -293,6 +294,12 @@ int CommandLineRPC(int argc, char *argv[])
argc--;
argv++;
}
std::string rpcPass;
if (gArgs.GetBoolArg("-stdinrpcpass", false)) {
if(!std::getline(std::cin,rpcPass))

This comment has been minimized.

@promag

promag Aug 24, 2017

Member

Nit, missing spaces after if and , and missing {.

@laanwj I'm writing a test for bitcoin-cli, maybe add a commit there to fix these?

@promag

promag Aug 24, 2017

Member

Nit, missing spaces after if and , and missing {.

@laanwj I'm writing a test for bitcoin-cli, maybe add a commit there to fix these?

@jharvell jharvell deleted the jharvell:stdinrpcpass branch Aug 25, 2017

luke-jr added a commit to bitcoinknots/bitcoin that referenced this pull request Sep 2, 2017

laanwj added a commit that referenced this pull request Sep 6, 2017

Merge #11125: Add bitcoin-cli -stdin and -stdinrpcpass functional tests
29e1dfb [test] Add bitcoin-cli -stdin and -stdinrpcpass functional tests (João Barbosa)
ce379b4 [test] Replace check_output with low level version (João Barbosa)
232e3e8 [test] Add assert_raises_process_error to assert process errors (João Barbosa)
5c18a84 [test] Add support for custom arguments to TestNodeCLI (João Barbosa)
e127494 [test] Improve assert_raises_jsonrpc docstring (João Barbosa)
7696841 Fix style in -stdin and -stdinrpcpass handling (João Barbosa)

Pull request description:

  This patch adds tests for `bitcoin-cli` options `-stdin` (#7550) and `-stdinrpcpass` #10997.

Tree-SHA512: fd8133f44876f2b5b41dfd3762b1988598f6b7bf13fb2385ad95876825d9c0b2b896ce4ea6eeb21012158e1f276907f155d37bb967198b609d2d3dddbfa334c1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment