Skip to content

Commit

Permalink
config: unify lbcd and lbcwallet RPC credentails
Browse files Browse the repository at this point in the history
1. remove lbcdusername and lbcdpassword
2. rename (username, password) to (rpcuser, rpcpass)

Most users are confused with the lbcduser and username at first,
and choose to use the same credentials between lbcd and lbcwallet.
  • Loading branch information
roylee17 committed Sep 29, 2022
1 parent 7a4cd60 commit be7892a
Show file tree
Hide file tree
Showing 5 changed files with 20 additions and 55 deletions.
35 changes: 10 additions & 25 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,25 +22,12 @@ does mean they could track all transactions involving your addresses
and therefore know your exact balance. In a future release, public data
encryption will extend to transactions as well.

Wallet clients can use one of two RPC servers:

1. A legacy JSON-RPC server mostly compatible with Bitcoin Core

The JSON-RPC server exists to ease the migration of wallet applications
from Core, but complete compatibility is not guaranteed. Some portions of
the API (and especially accounts) have to work differently due to other
design decisions (mostly due to BIP0044). However, if you find a
compatibility issue and feel that it could be reasonably supported, please
report an issue. This server is enabled by default.

2. An experimental gRPC server

The gRPC server uses a new API built for lbcwallet, but the API is not
stabilized and the server is feature gated behind a config option
(`--experimentalrpclisten`). If you don't mind applications breaking due
to API changes, don't want to deal with issues of the legacy API, or need
notifications for changes to the wallet, this is the RPC server to use.
The gRPC server is documented [here](./rpc/documentation/README.md).
The JSON-RPC server exists to ease the migration of wallet applications
from Core, but complete compatibility is not guaranteed. Some portions of
the API (and especially accounts) have to work differently due to other
design decisions (mostly due to BIP0044). However, if you find a
compatibility issue and feel that it could be reasonably supported, please
report an issue. This server is enabled by default.

## Security

Expand Down Expand Up @@ -93,25 +80,23 @@ Start a local instance of `lbcd` and have the `lbcwallet` connecting to it.

``` sh
# Start a lbcd with its RPC credentials
./lbcd --txindex --rpcuser=lbcduser --rpcpass=lbcdpass
./lbcd --txindex --rpcuser=rpcuser --rpcpass=rpcpass

# Start a lbcwallet with its RPC credentials along with the lbcd's RPC credentials
# The default lbcd instance to conect to is already localhost:9245 so we don't need to specify it explicitly here.
./lbcwallet --username=rpcuser --password=rpcpass --lbcdusername=lbcduser --lbcdpassword=lbcdpass # --rpcconnect=localhost:9245
./lbcwallet --rpcuser=rpcuser --rpcpass=rpcpass # --rpcconnect=localhost:9245

#
# rpcuser/rpcpass lbcduser/lbcdpass
# rpcuser/rpcpass rpcuser/rpcpass
# lbcctl <-------------------> lbcwallet <--------------------> lbcd
# RPC port 9244 RPC port 9245
#
```

If the `lbcd` and `lbcwallet` use the same RPC credentials, we can skip the `--lbcdusername` and `--lbcdpassword`

``` sh
./lbcd --txindex --rpcuser=rpcuser --rpcpass=rpcpass

./lbcwallet --username=rpcuser --password=rpcpass
./lbcwallet --rpcuser=rpcuser --rpcpass=rpcpass

#
# rpcuser/rpcpass rpcuser/rpcpass
Expand Down
19 changes: 3 additions & 16 deletions config.go
Original file line number Diff line number Diff line change
Expand Up @@ -70,8 +70,6 @@ type config struct {
CAFile *cfgutil.ExplicitString `long:"cafile" description:"File containing root certificates to authenticate a TLS connections with lbcd"`
DisableClientTLS bool `long:"noclienttls" description:"Disable TLS for the RPC client"`
SkipVerify bool `long:"skipverify" description:"Skip verifying TLS for the RPC client"`
LbcdUsername string `long:"lbcdusername" description:"Username for lbcd authentication"`
LbcdPassword string `long:"lbcdpassword" default-mask:"-" description:"Password for lbcd authentication"`
Proxy string `long:"proxy" description:"Connect via SOCKS5 proxy (eg. 127.0.0.1:9050)"`
ProxyUser string `long:"proxyuser" description:"Username for proxy server"`
ProxyPass string `long:"proxypass" default-mask:"-" description:"Password for proxy server"`
Expand All @@ -90,9 +88,9 @@ type config struct {
DisableServerTLS bool `long:"noservertls" description:"Disable TLS for the RPC server"`
LegacyRPCListeners []string `long:"rpclisten" description:"Listen for legacy RPC connections on this interface/port (default port: 9244, testnet: 19244, regtest: 29244, simnet: 29244)"`
LegacyRPCMaxClients int64 `long:"rpcmaxclients" description:"Max number of legacy RPC clients for standard connections"`
LegacyRPCMaxWebsockets int64 `long:"rpcmaxwebsockets" description:"Max number of legacy RPC websocket connections"`
Username string `short:"u" long:"username" description:"Username for legacy RPC and lbcd authentication (if lbcdusername is unset)"`
Password string `short:"P" long:"password" default-mask:"-" description:"Password for legacy RPC and lbcd authentication (if lbcdpassword is unset)"`
LegacyRPCMaxWebsockets int64 `long:"rpcmaxwebsockets" description:"Max number of RPC websocket connections"`
RPCUser string `short:"u" long:"rpcuser" description:"Username for RPC and lbcd authentication"`
RPCPass string `short:"P" long:"rpcpass" default-mask:"-" description:"Password for RPC and lbcd authentication"`

// Deprecated options
DataDir *cfgutil.ExplicitString `short:"b" long:"datadir" default-mask:"-" description:"DEPRECATED -- use appdata instead"`
Expand Down Expand Up @@ -601,17 +599,6 @@ func loadConfig() (*config, []string, error) {
cfg.RPCCert.Value = cleanAndExpandPath(cfg.RPCCert.Value)
cfg.RPCKey.Value = cleanAndExpandPath(cfg.RPCKey.Value)

// If the lbcd username or password are unset, use the same auth as for
// the client. The two settings were previously shared for lbcd and
// client auth, so this avoids breaking backwards compatibility while
// allowing users to use different auth settings for lbcd and wallet.
if cfg.LbcdUsername == "" {
cfg.LbcdUsername = cfg.Username
}
if cfg.LbcdPassword == "" {
cfg.LbcdPassword = cfg.Password
}

// Warn about missing config file after the final command line parse
// succeeds. This prevents the warning on help messages and invalid
// options.
Expand Down
2 changes: 1 addition & 1 deletion lbcwallet.go
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,7 @@ func readCAFile() []byte {
func startChainRPC(certs []byte) (*chain.RPCClient, error) {
log.Infof("Attempting RPC client connection to %v", cfg.RPCConnect)
rpcc, err := chain.NewRPCClient(activeNet.Params, cfg.RPCConnect,
cfg.LbcdUsername, cfg.LbcdPassword, certs, cfg.DisableClientTLS,
cfg.RPCPass, cfg.RPCPass, certs, cfg.DisableClientTLS,
cfg.SkipVerify, 0)
if err != nil {
return nil, err
Expand Down
8 changes: 4 additions & 4 deletions rpcserver.go
Original file line number Diff line number Diff line change
Expand Up @@ -126,17 +126,17 @@ func startRPCServers(walletLoader *wallet.Loader) (*legacyrpc.Server, error) {

}

if cfg.Username == "" || cfg.Password == "" {
log.Info("Legacy RPC server disabled (requires username and password)")
if cfg.RPCUser == "" || cfg.RPCPass == "" {
log.Info("RPC server disabled (requires rpcuser and rpcpass)")
} else if len(cfg.LegacyRPCListeners) != 0 {
listeners := makeListeners(cfg.LegacyRPCListeners, legacyListen)
if len(listeners) == 0 {
err := errors.New("failed to create listeners for legacy RPC server")
return nil, err
}
opts := legacyrpc.Options{
Username: cfg.Username,
Password: cfg.Password,
Username: cfg.RPCUser,
Password: cfg.RPCPass,
MaxPOSTClients: cfg.LegacyRPCMaxClients,
MaxWebsocketClients: cfg.LegacyRPCMaxWebsockets,
}
Expand Down
11 changes: 2 additions & 9 deletions sample-lbcwallet.conf
Original file line number Diff line number Diff line change
Expand Up @@ -88,15 +88,8 @@

; Username and password to authenticate to lbcd a RPC server and authenticate
; new client connections
; username=
; password=

; Alternative username and password for lbcd. If set, these will be used
; instead of the username and password set above for authentication to a
; lbcd RPC server.
; lbcdusername=
; lbcdpassword=

; rpcuser=
; rpcpass=

; ------------------------------------------------------------------------------
; Debug
Expand Down

0 comments on commit be7892a

Please sign in to comment.