mirror of
https://github.com/bitcoin/bitcoin.git
synced 2026-02-15 09:58:51 +00:00
4272966d02
e49a7274a2141dcb9e188bc4b45c2d7b928ccecd rpc: Avoid join-split roundtrip for user:pass for auth credentials (Vasil Dimov) 98ff38a6f1a8a1e214bd3905a2dcac31ae6c2f52 rpc: Perform HTTP user:pass split once in `RPCAuthorized` (laanwj) 879a17bcb1a5eab2ff1841ce5f3762dcccecb0ba rpc: Store all credentials hashed in memory (laanwj) 4ab9bedee9d86fdecaa4afbbf4214ca6c7d9a94e rpc: Undeprecate rpcuser/rpcpassword, change message to security warning (laanwj) Pull request description: This PR does two things: ### Undeprecate rpcuser/rpcpassword, change message to security warning Back in 2015, in https://github.com/bitcoin/bitcoin/pull/7044, we added configuration option `rpcauth` for multiple RPC users. At the same time the old settings for single-user configuration `rpcuser` and `rpcpassword` were "soon" to be deprecated. The main reason for this deprecation is that while `rpcpassword` stores the password in plain text, `rpcauth` stores a hash, so it doesn't appear in the configuration in plain text. As the options are still in active use, actually removing them is expected to be a hassle to many, and it's not clear that is worth it. As for the security risk, in many kinds of setups (no wallet, containerized, single-user-single-application, local-only, etc) it is an unlikely point of escalation. In the end, it is good to encourage secure practices, but it is the responsibility of the user. Log a clear warning but remove the deprecation notice (this is also the only place where the options appear as deprecated, they were never marked as such in the -help output). <hr> ### Store all credentials hashed in memory This gets rid of the special-casing of `strRPCUserColonPass` by hashing cookies as well as manually provided `-rpcuser`/`-rpcpassword` with a random salt before storing them. Also take the opportunity to modernize the surrounding code a bit. There should be no end-user visible differences in behavior. <hr> Closes #29240. ACKs for top commit: 1440000bytes: utACKe49a7274a2janb84: reACKe49a7274a2vasild: ACK e49a7274a2141dcb9e188bc4b45c2d7b928ccecd Tree-SHA512: 7162848ada4545bc07b5843d1ab6fb7e31fb26de8d6385464b7c166491cd122eac2ec5e70887c414fc136600482df8277dc0cc0541d7b7cf62c4f72e25bb6145