Merge pull request #7823

24d3d65 monero-wallet-rpc: Prevent --password-file from being used with --wallet-dir (Kermit Alexander II)
3 years ago · dfa6b58d4d
parent 2a02cd0a5f 24d3d65d42
commit dfa6b58d4d
4 changed files with 19 additions and 4 deletions
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@ -49,6 +49,7 @@ using namespace epee;
 #include "cryptonote_core/tx_sanity_check.h"
 #include "wallet_rpc_helpers.h"
 #include "wallet2.h"
+#include "wallet_args.h"
 #include "cryptonote_basic/cryptonote_format_utils.h"
 #include "net/parse.h"
 #include "rpc/core_rpc_server_commands_defs.h"
@ -276,7 +277,7 @@ struct options {
  const command_line::arg_descriptor<bool> trusted_daemon = {"trusted-daemon", tools::wallet2::tr("Enable commands which rely on a trusted daemon"), false};
  const command_line::arg_descriptor<bool> untrusted_daemon = {"untrusted-daemon", tools::wallet2::tr("Disable commands which rely on a trusted daemon"), false};
  const command_line::arg_descriptor<std::string> password = {"password", tools::wallet2::tr("Wallet password (escape/quote as needed)"), "", true};
-  const command_line::arg_descriptor<std::string> password_file = {"password-file", tools::wallet2::tr("Wallet password file"), "", true};
+  const command_line::arg_descriptor<std::string> password_file = wallet_args::arg_password_file();
  const command_line::arg_descriptor<int> daemon_port = {"daemon-port", tools::wallet2::tr("Use daemon instance at port <arg> instead of 18081"), 0};
  const command_line::arg_descriptor<std::string> daemon_login = {"daemon-login", tools::wallet2::tr("Specify username[:password] for daemon RPC client"), "", true};
  const command_line::arg_descriptor<std::string> daemon_ssl = {"daemon-ssl", tools::wallet2::tr("Enable SSL on daemon RPC connections: enabled|disabled|autodetect"), "autodetect"};
@ -532,7 +533,7 @@ std::unique_ptr<tools::wallet2> make_basic(const boost::program_options::variabl

 boost::optional<tools::password_container> get_password(const boost::program_options::variables_map& vm, const options& opts, const std::function<boost::optional<tools::password_container>(const char*, bool)> &password_prompter, const bool verify)
 {
-  if (command_line::has_arg(vm, opts.password) && command_line::has_arg(vm, opts.password_file))
+  if (command_line::has_arg(vm, opts.password) && !command_line::is_arg_defaulted(vm, opts.password_file))
  {
    THROW_WALLET_EXCEPTION(tools::error::wallet_internal_error, tools::wallet2::tr("can't specify more than one of --password and --password-file"));
  }
@ -542,10 +543,11 @@ boost::optional<tools::password_container> get_password(const boost::program_opt
    return tools::password_container{command_line::get_arg(vm, opts.password)};
  }

-  if (command_line::has_arg(vm, opts.password_file))
+  if (!command_line::is_arg_defaulted(vm, opts.password_file))
  {
    std::string password;
-    bool r = epee::file_io_utils::load_file_to_string(command_line::get_arg(vm, opts.password_file),
+    const auto password_file = command_line::get_arg(vm, opts.password_file);
+    bool r = epee::file_io_utils::load_file_to_string(password_file,
                                                      password);
    THROW_WALLET_EXCEPTION_IF(!r, tools::error::wallet_internal_error, tools::wallet2::tr("the password file specified could not be read"));

--- a/src/wallet/wallet_args.cpp
+++ b/src/wallet/wallet_args.cpp
@ -80,6 +80,10 @@ namespace wallet_args
  {
    return {"rpc-client-secret-key", wallet_args::tr("Set RPC client secret key for RPC payments"), ""};
  }
+  command_line::arg_descriptor<std::string> arg_password_file()
+  {
+    return {"password-file", wallet_args::tr("Wallet password file"), ""};
+  }

  const char* tr(const char* str)
  {
--- a/src/wallet/wallet_args.h
+++ b/src/wallet/wallet_args.h
@ -37,6 +37,7 @@ namespace wallet_args
  command_line::arg_descriptor<std::string> arg_generate_from_json();
  command_line::arg_descriptor<std::string> arg_wallet_file();
  command_line::arg_descriptor<std::string> arg_rpc_client_secret_key();
+  command_line::arg_descriptor<std::string> arg_password_file();

  const char* tr(const char* str);

--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@ -4525,10 +4525,12 @@ public:
      const auto arg_wallet_file = wallet_args::arg_wallet_file();
      const auto arg_from_json = wallet_args::arg_generate_from_json();
      const auto arg_rpc_client_secret_key = wallet_args::arg_rpc_client_secret_key();
+      const auto arg_password_file = wallet_args::arg_password_file();

      const auto wallet_file = command_line::get_arg(vm, arg_wallet_file);
      const auto from_json = command_line::get_arg(vm, arg_from_json);
      const auto wallet_dir = command_line::get_arg(vm, arg_wallet_dir);
+      const auto password_file = command_line::get_arg(vm, arg_password_file);
      const auto prompt_for_password = command_line::get_arg(vm, arg_prompt_for_password);
      const auto password_prompt = prompt_for_password ? password_prompter : nullptr;

@ -4538,6 +4540,12 @@ public:
        return false;
      }

+      if(!wallet_dir.empty() && !password_file.empty())
+      {
+        LOG_ERROR(tools::wallet_rpc_server::tr("--password-file is not allowed in combination with --wallet-dir"));
+        return false;
+      }
+
      if (!wallet_dir.empty())
      {
        wal = NULL;