dash/blackcoin-more
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log.

Browse Source
This commit is contained in:
Mark Friedenbach
2014-10-16 16:16:29 -07:00
parent e8f6d54f1f
commit d4746d56c0
4 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/qt/bitcoingui.cpp
View File

@@ -992,6 +992,9 @@ void BitcoinGUI::showProgress(const QString &title, int nProgress)
static bool ThreadSafeMessageBox(BitcoinGUI *gui, const std::string& message, const std::string& caption, unsigned int style)
{
bool modal = (style & CClientUIInterface::MODAL);
// The SECURE flag has no effect in the Qt GUI.
// bool secure = (style & CClientUIInterface::SECURE);
style &= ~CClientUIInterface::SECURE;
bool ret = false;
// In case of modal message, use blocking connection to wait for user to click a button
QMetaObject::invokeMethod(gui, "message",