Merge pull request #82 from cogutvalera/issue_1171

Safer way to handle unlock command of cli_wallet #1171

CMakeLists.txt

@@ -34,7 +34,7 @@ endif()
 SET (ORIGINAL_LIB_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES})
 
 SET(BOOST_COMPONENTS)
-LIST(APPEND BOOST_COMPONENTS thread date_time system filesystem program_options signals serialization chrono unit_test_framework context locale iostreams)
+LIST(APPEND BOOST_COMPONENTS thread date_time system filesystem program_options signals serialization chrono unit_test_framework context locale iostreams regex)
 SET( Boost_USE_STATIC_LIBS ON CACHE STRING "ON or OFF" )
 
 IF( ECC_IMPL STREQUAL openssl )

include/fc/rpc/cli.hpp

@@ -32,6 +32,8 @@ namespace fc { namespace rpc {
 
          void set_prompt( const string& prompt );
 
+         void set_regex_secret( const string& expr );
+
       private:
          void run();
 

src/rpc/cli.cpp

@@ -14,8 +14,16 @@
 # endif
 #endif
 
+#include <boost/regex.hpp>
+
 namespace fc { namespace rpc {
 
+static boost::regex& cli_regex_secret()
+{
+   static boost::regex regex_expr;
+   return regex_expr;
+}
+
 static std::vector<std::string>& cli_commands()
 {
    static std::vector<std::string>* cmds = new std::vector<std::string>();
@@ -72,6 +80,11 @@ void cli::set_prompt( const string& prompt )
    _prompt = prompt;
 }
 
+void cli::set_regex_secret( const string& expr )
+{
+   cli_regex_secret() = expr;
+}
+
 void cli::run()
 {
    while( !_run_complete.canceled() )
@@ -87,9 +100,9 @@ void cli::run()
          {
             break;
          }
-         std::cout << line << "\n";
+
          line += char(EOF);
-         fc::variants args = fc::json::variants_from_string(line);;
+         fc::variants args = fc::json::variants_from_string(line);
          if( args.size() == 0 )
             continue;
 
@@ -190,6 +203,19 @@ static int cli_completion(char *token, char ***array)
    return total_matches;
 }
 
+/***
+ * @brief regex match for secret information
+ * @param source the incoming text source
+ * @returns integer 1 in event of regex match for secret information, otherwise 0
+ */
+static int cli_check_secret(const char *source)
+{
+   if (boost::regex_match(source, cli_regex_secret()))
+      return 1;
+   
+   return 0;
+}
+
 /***
  * @brief Read input from the user
  * @param prompt the prompt to display
@@ -213,6 +239,7 @@ void cli::getline( const fc::string& prompt, fc::string& line)
    {
       rl_set_complete_func(my_rl_complete);
       rl_set_list_possib_func(cli_completion);
+      rl_set_check_secret_func(cli_check_secret);
 
       static fc::thread getline_thread("getline");
       getline_thread.async( [&](){
@@ -222,16 +249,7 @@ void cli::getline( const fc::string& prompt, fc::string& line)
          if( line_read == nullptr )
             FC_THROW_EXCEPTION( fc::eof_exception, "" );
          line = line_read;
-         try
+         // we don't need here to add line in editline's history, cause it will be doubled
-         {
-            if (*line_read)
-               add_history(line_read);
-         }
-         catch(...)
-         {
-            free(line_read);
-            throw;
-         }
          free(line_read);
       }).wait();
    }

vendor/editline

@@ -1 +1 @@
-Subproject commit 405f09188868eb69483c2efc55b9837c9ce04494
+Subproject commit fbb1f8800adbb70264fa3893dc221f524e25708c