From 9f8bc4946b3993ad4437936dcae705d2c8f1116a Mon Sep 17 00:00:00 2001 From: osensei Date: Sat, 14 May 2016 03:06:04 -0300 Subject: [PATCH] Don't allow 'flush_txpool' and 'setbans' JSON_RPC methods when running in restricted mode. --- contrib/epee/include/net/http_server_handlers_map2.h | 6 ++++-- src/rpc/core_rpc_server.h | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/contrib/epee/include/net/http_server_handlers_map2.h b/contrib/epee/include/net/http_server_handlers_map2.h index a822cce3e..3a7d5333b 100644 --- a/contrib/epee/include/net/http_server_handlers_map2.h +++ b/contrib/epee/include/net/http_server_handlers_map2.h @@ -168,8 +168,8 @@ response_info.m_header_info.m_content_type = " application/json"; \ LOG_PRINT( query_info.m_URI << "[" << method_name << "] processed with " << ticks1-ticks << "/"<< ticks2-ticks1 << "/" << ticks3-ticks2 << "ms", LOG_LEVEL_2); -#define MAP_JON_RPC_WE(method_name, callback_f, command_type) \ - else if(callback_name == method_name) \ +#define MAP_JON_RPC_WE_IF(method_name, callback_f, command_type, cond) \ + else if((callback_name == method_name) && (cond)) \ { \ PREPARE_OBJECTS_FROM_JSON(command_type) \ epee::json_rpc::error_response fail_resp = AUTO_VAL_INIT(fail_resp); \ @@ -184,6 +184,8 @@ return true;\ } +#define MAP_JON_RPC_WE(method_name, callback_f, command_type) MAP_JON_RPC_WE_IF(method_name, callback_f, command_type, true) + #define MAP_JON_RPC_WERI(method_name, callback_f, command_type) \ else if(callback_name == method_name) \ { \ diff --git a/src/rpc/core_rpc_server.h b/src/rpc/core_rpc_server.h index 4bed148fe..c6579c0c2 100644 --- a/src/rpc/core_rpc_server.h +++ b/src/rpc/core_rpc_server.h @@ -107,9 +107,9 @@ namespace cryptonote MAP_JON_RPC_WE("get_connections", on_get_connections, COMMAND_RPC_GET_CONNECTIONS) MAP_JON_RPC_WE("get_info", on_get_info_json, COMMAND_RPC_GET_INFO) MAP_JON_RPC_WE("hard_fork_info", on_hard_fork_info, COMMAND_RPC_HARD_FORK_INFO) - MAP_JON_RPC_WE("setbans", on_set_bans, COMMAND_RPC_SETBANS) + MAP_JON_RPC_WE_IF("setbans", on_set_bans, COMMAND_RPC_SETBANS, !m_restricted) MAP_JON_RPC_WE("getbans", on_get_bans, COMMAND_RPC_GETBANS) - MAP_JON_RPC_WE("flush_txpool", on_flush_txpool, COMMAND_RPC_FLUSH_TRANSACTION_POOL) + MAP_JON_RPC_WE_IF("flush_txpool", on_flush_txpool, COMMAND_RPC_FLUSH_TRANSACTION_POOL, !m_restricted) MAP_JON_RPC_WE("get_output_histogram", on_get_output_histogram, COMMAND_RPC_GET_OUTPUT_HISTOGRAM) END_JSON_RPC_MAP() END_URI_MAP2()