Merge pull request #82 from cogutvalera/issue_1171

Safer way to handle unlock command of cli_wallet #1171
2018-10-28 10:51:22 +01:00 · 2018-10-28 10:51:22 +01:00 · acfe075c5d
commit acfe075c5d
parent 8b6a2dd450 edd6fa8ded
4 changed files with 34 additions and 14 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -34,7 +34,7 @@ endif()
 SET (ORIGINAL_LIB_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES})

 SET(BOOST_COMPONENTS)
-LIST(APPEND BOOST_COMPONENTS thread date_time system filesystem program_options signals serialization chrono unit_test_framework context locale iostreams)
+LIST(APPEND BOOST_COMPONENTS thread date_time system filesystem program_options signals serialization chrono unit_test_framework context locale iostreams regex)
 SET( Boost_USE_STATIC_LIBS ON CACHE STRING "ON or OFF" )

 IF( ECC_IMPL STREQUAL openssl )
--- a/include/fc/rpc/cli.hpp
+++ b/include/fc/rpc/cli.hpp
@ -32,6 +32,8 @@ namespace fc { namespace rpc {

         void set_prompt( const string& prompt );

+         void set_regex_secret( const string& expr );
+
      private:
         void run();

--- a/src/rpc/cli.cpp
+++ b/src/rpc/cli.cpp
@ -14,8 +14,16 @@
 # endif
 #endif

+#include <boost/regex.hpp>
+
 namespace fc { namespace rpc {

+static boost::regex& cli_regex_secret()
+{
+   static boost::regex regex_expr;
+   return regex_expr;
+}
+
 static std::vector<std::string>& cli_commands()
 {
   static std::vector<std::string>* cmds = new std::vector<std::string>();
@ -72,6 +80,11 @@ void cli::set_prompt( const string& prompt )
   _prompt = prompt;
 }

+void cli::set_regex_secret( const string& expr )
+{
+   cli_regex_secret() = expr;
+}
+
 void cli::run()
 {
   while( !_run_complete.canceled() )
@ -87,9 +100,9 @@ void cli::run()
         {
            break;
         }
-         std::cout << line << "\n";
+
         line += char(EOF);
-         fc::variants args = fc::json::variants_from_string(line);;
+         fc::variants args = fc::json::variants_from_string(line);
         if( args.size() == 0 )
            continue;

@ -190,6 +203,19 @@ static int cli_completion(char *token, char ***array)
   return total_matches;
 }

+/***
+ * @brief regex match for secret information
+ * @param source the incoming text source
+ * @returns integer 1 in event of regex match for secret information, otherwise 0
+ */
+static int cli_check_secret(const char *source)
+{
+   if (boost::regex_match(source, cli_regex_secret()))
+      return 1;
+   
+   return 0;
+}
+
 /***
 * @brief Read input from the user
 * @param prompt the prompt to display
@ -213,6 +239,7 @@ void cli::getline( const fc::string& prompt, fc::string& line)
   {
      rl_set_complete_func(my_rl_complete);
      rl_set_list_possib_func(cli_completion);
+      rl_set_check_secret_func(cli_check_secret);

      static fc::thread getline_thread("getline");
      getline_thread.async( [&](){
@ -222,16 +249,7 @@ void cli::getline( const fc::string& prompt, fc::string& line)
         if( line_read == nullptr )
            FC_THROW_EXCEPTION( fc::eof_exception, "" );
         line = line_read;
-         try
-         {
-            if (*line_read)
-               add_history(line_read);
-         }
-         catch(...)
-         {
-            free(line_read);
-            throw;
-         }
+         // we don't need here to add line in editline's history, cause it will be doubled
         free(line_read);
      }).wait();
   }
--- a/vendor/editline
+++ b/vendor/editline
@ -1 +1 @@
-Subproject commit 405f09188868eb69483c2efc55b9837c9ce04494
+Subproject commit fbb1f8800adbb70264fa3893dc221f524e25708c