Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc: Indicate -rpcauth option password hashing alg #14741

Merged
merged 1 commit into from Dec 13, 2018

Conversation

Projects
None yet
6 participants
@dongcarl
Copy link
Contributor

commented Nov 17, 2018

By indicating the password hashing algorithm, users of bitcoin distributions without the script in share/rpcauth and users who don't want to rely on said script can use alternative means to generate the password hash.

Question for reviewers: perhaps we should also indicate that it is specifically a HMAC-SHA-256 of the UTF-8 encoding of their password?

@fanquake fanquake added the Docs label Nov 17, 2018

Show resolved Hide resolved doc/man/bitcoind.1 Outdated

@dongcarl dongcarl force-pushed the dongcarl:2018-11-improve-rpcauth-help branch Nov 19, 2018

@dongcarl

This comment has been minimized.

Copy link
Contributor Author

commented Nov 19, 2018

Fixed.

@laanwj

This comment has been minimized.

Copy link
Member

commented Nov 21, 2018

utACK

Question for reviewers: perhaps we should also indicate that it is specifically a HMAC-SHA-256 of the UTF-8 encoding of their password?

Maybe in some more detailed spec document, but I don't think the option help is a place to go into such detail. It's consistent with the use of UTF-8 throughout the entire application. Mentioning it for the specific option might make people think "then where should I not use UTF-8?".

@DrahtBot

This comment has been minimized.

Copy link
Contributor

commented Nov 22, 2018

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Conflicts

Reviewers, this pull request conflicts with the following ones:

  • #14532 (Never bind INADDR_ANY by default, and warn when doing so explicitly by luke-jr)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

@dongcarl dongcarl force-pushed the dongcarl:2018-11-improve-rpcauth-help branch to dcb70b1 Nov 24, 2018

@DrahtBot DrahtBot removed the Needs rebase label Nov 24, 2018

@ryanofsky
Copy link
Contributor

left a comment

utACK dcb70b1. Could add doc: or [doc] prefix to PR description to indicate this a documentation-only change.

@dongcarl dongcarl changed the title Indicate -rpcauth option password hashing alg doc: Indicate -rpcauth option password hashing alg Dec 5, 2018

@fanquake

This comment has been minimized.

Copy link
Member

commented Dec 13, 2018

utACK dcb70b1

@laanwj laanwj merged commit dcb70b1 into bitcoin:master Dec 13, 2018

2 checks passed

continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

laanwj added a commit that referenced this pull request Dec 13, 2018

Merge #14741: doc: Indicate -rpcauth option password hashing alg
dcb70b1 Indicate -rpcauth option password hashing alg (Carl Dong)

Pull request description:

  By indicating the password hashing algorithm, users of bitcoin distributions without the script in `share/rpcauth` and users who don't want to rely on said script can use alternative means to generate the password hash.

  Question for reviewers: perhaps we should also indicate that it is specifically a HMAC-SHA-256 of the _**UTF-8**_ encoding of their password?

Tree-SHA512: 86b546c2e78699fa253da0c1e76b21ef60e9b6a5778826ac5136e764d70e3213044cc05cdb4786ba27968781647c46e358a823bbc2db7d45d041d291ee03b83c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.