diff --git a/src/Wallet/WalletRpcServer.cpp b/src/Wallet/WalletRpcServer.cpp index 9d72a5c46d..dc87036874 100755 --- a/src/Wallet/WalletRpcServer.cpp +++ b/src/Wallet/WalletRpcServer.cpp @@ -130,12 +130,12 @@ void wallet_rpc_server::processRequest(const CryptoNote::HttpRequest& request, C static std::unordered_map s_methods = { { "getbalance", makeMemberMethod(&wallet_rpc_server::on_getbalance) }, - { "transfer", makeMemberMethod(&wallet_rpc_server::on_transfer) }, { "store", makeMemberMethod(&wallet_rpc_server::on_store) }, { "get_payments", makeMemberMethod(&wallet_rpc_server::on_get_payments) }, { "get_transfers", makeMemberMethod(&wallet_rpc_server::on_get_transfers) }, { "get_height", makeMemberMethod(&wallet_rpc_server::on_get_height) }, // below are the restricted methods, use --enable-extended-rpc + { "transfer", makeMemberMethod(&wallet_rpc_server::on_transfer) }, { "reset", makeMemberMethod(&wallet_rpc_server::on_reset) }, { "stop_wallet", makeMemberMethod(&wallet_rpc_server::on_stop_wallet) }, { "get_address", makeMemberMethod(&wallet_rpc_server::on_get_address) }, @@ -166,6 +166,11 @@ bool wallet_rpc_server::on_getbalance(const wallet_rpc::COMMAND_RPC_GET_BALANCE: } //------------------------------------------------------------------------------------------------------------------------------ bool wallet_rpc_server::on_transfer(const wallet_rpc::COMMAND_RPC_TRANSFER::request& req, wallet_rpc::COMMAND_RPC_TRANSFER::response& res) { + + if(!m_allow_extended_rpc) { + throw JsonRpc::JsonRpcError(WALLET_RPC_ERROR_METHOD_RESTRICTED, "Unable to invoke extended RPC method without explicit --allow-extended-rpc flag."); + } + std::vector transfers; for (auto it = req.destinations.begin(); it != req.destinations.end(); it++) { CryptoNote::WalletLegacyTransfer transfer; @@ -335,6 +340,9 @@ bool wallet_rpc_server::on_stop_wallet(const wallet_rpc::COMMAND_RPC_STOP::reque wallet_rpc_server::send_stop_signal(); } + else { + throw JsonRpc::JsonRpcError(WALLET_RPC_ERROR_METHOD_RESTRICTED, "Unable to invoke extended RPC method without explicit --allow-extended-rpc flag."); + } return true; } @@ -344,6 +352,9 @@ bool wallet_rpc_server::on_get_address(const wallet_rpc::COMMAND_RPC_GET_ADDRESS if(m_allow_extended_rpc) { res.address = m_wallet.getAddress(); } + else { + throw JsonRpc::JsonRpcError(WALLET_RPC_ERROR_METHOD_RESTRICTED, "Unable to invoke extended RPC method without explicit --allow-extended-rpc flag."); + } return true; } @@ -356,6 +367,9 @@ bool wallet_rpc_server::on_view_keys(const wallet_rpc::COMMAND_RPC_VIEW_KEYS::re res.view_key = Common::podToHex(keys.viewSecretKey); res.spend_key = Common::podToHex(keys.spendSecretKey); } + else { + throw JsonRpc::JsonRpcError(WALLET_RPC_ERROR_METHOD_RESTRICTED, "Unable to invoke extended RPC method without explicit --allow-extended-rpc flag."); + } return true; } diff --git a/src/Wallet/WalletRpcServerErrorCodes.h b/src/Wallet/WalletRpcServerErrorCodes.h index b18ec574b7..0cbb2a1a66 100755 --- a/src/Wallet/WalletRpcServerErrorCodes.h +++ b/src/Wallet/WalletRpcServerErrorCodes.h @@ -23,3 +23,4 @@ #define WALLET_RPC_ERROR_CODE_DAEMON_IS_BUSY -3 #define WALLET_RPC_ERROR_CODE_GENERIC_TRANSFER_ERROR -4 #define WALLET_RPC_ERROR_CODE_WRONG_PAYMENT_ID -5 +#define WALLET_RPC_ERROR_METHOD_RESTRICTED -6