rpc: allow to pass RPC login via RPC_LOGIN env var

- passing by parameter is insecure as it is shown in the process list
2026-01-15 06:13:28 -08:00 · 2018-08-30 13:35:05 +02:00
parent 91c7d68b2d
commit 76f95f052e
2 changed files with 15 additions and 6 deletions
--- a/src/rpc/rpc_args.cpp
+++ b/src/rpc/rpc_args.cpp
@@ -82,11 +82,17 @@ namespace cryptonote
      }
    }

-    if (command_line::has_arg(vm, arg.rpc_login))
+    const char *env_rpc_login = nullptr;
+    const bool has_rpc_arg = command_line::has_arg(vm, arg.rpc_login);
+    const bool use_rpc_env = !has_rpc_arg && (env_rpc_login = getenv("RPC_LOGIN")) != nullptr && strlen(env_rpc_login) > 0;
+    boost::optional<tools::login> login{};
+    if (has_rpc_arg || use_rpc_env)
    {
-      config.login = tools::login::parse(command_line::get_arg(vm, arg.rpc_login), true, [](bool verify) {
-        return tools::password_container::prompt(verify, "RPC server password");
-      });
+      config.login = tools::login::parse(
+          has_rpc_arg ? command_line::get_arg(vm, arg.rpc_login) : std::string(env_rpc_login), true, [](bool verify) {
+            return tools::password_container::prompt(verify, "RPC server password");
+          });
+
      if (!config.login)
        return boost::none;