Implemented Admin Password hashing using sha256 #9
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ukane-philemon
force-pushed
the
HashAdminPassword
branch
2 times, most recently
from
72ec7e4
to
cbbdedf
Compare
ukane-philemon
force-pushed
the
HashAdminPassword
branch
4 times, most recently
from
9bdcee8
to
4079ab0
Compare
This allows both tspend and treasury policies to be set by clients on a per-ticket basis. Preferences can be set when initially registering a ticket with `/payfee`, and can be later updated using `/setvotechoices`. Any requests which alter treasury/tspend policy will be stored in the database using the existing accountability system. **Note:** This does not include consistency checking, it will need to be added later when dcrwallet has an RPC to retrieve policies in batches.
* This allow using error.Is and error.As within vsp. * Add test cases for apiError type.
GitHub is now capable of rendering mermaid.js diagrams, so we don't need to maintain a separate source and rendered .png file. The mermaid source can be embedded directly into the documentation itself.
- Rather than manually downloading and invoking golangci-lint, use the GitHub action provided by the developers. - Configure golangci with a config file rather than passing command line args. This enables the same config to be used locally and on CI without introducing duplication. It also allows much more flexibililty in configuration than using CLI args alone.
Ensure that Tickets loaded from the database are returned with empty maps instead of nil maps. To be back-ported to 1.1.0 release.
Make the existing startup warning more obvious, and add a new one for when a pre-release version of vspd is used on mainnet.
- Ensure errors are properly wrapped with `%w` - Error strings should not starts with caps. - Add missing params to "Bad signature" error log
These messages should always be logged, even if log level is set to WARN or ERROR.
* Remove global cache variable. Rather than maintaining cached data in a global variable, instantiate a cache struct and keep it in the `Server` struct. * Store net params in RPC clients. This means net params only need to be supplied once at startup, and also removes a global instance of net params in `background.go`.
CanTicketVote already has the full rawTx, so it doesn't need the hash passed in separately.
Running as sub-tests has the benefit of automatically logging the test name, no need to include it in failure messages manually. It even works if the test panics.
Theres no need to declare separate vars for the testNode and then create it later, it can just be created up-front.
I assume "hist at max" is leftover from when it was possible to set more than one alt sign address.
`CanTicketVote` doesn't really fit into the RPC client code as it is more of a business logic function. Moving it into the webapi package is more appropriate.
No reason for this to be a standalone func with a param when it can be a method of VspDatabase. This will be useful later when VspDatabase contains its own logger.
We already have a file with hard-coded parameters for each Decred network, so having logic to figure out parameters later is unnecessary.
- Rename all instances to "shutdownCtx" to be really explicit. This context is special in that it can be closed at any time without warning, so it should be obvious to the reader. - Don't use shutdownCtx in RPC clients. Clients should not stop working immediately when shutdown is signalled, they need to keep working while the process is shutting down.
Theres no reason for run() to return an error, it can simply return an exit code for the process.
ukane-philemon
force-pushed
the
HashAdminPassword
branch
2 times, most recently
from
7548759
to
499d19a
Compare
ukane-philemon
force-pushed
the
HashAdminPassword
branch
from
499d19a
to
38430c4
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Per SEI CERT C Coding Standard, it is best practice not to store plain text passwords in memory or on disk. This was achieved by storing the sha256 hash of the admin pass, removing the provided password bytes from memory, and constant-time comparing the hashes of incoming passwords with the stored hash of the admin pass. For input on startup, the secure terminal is used to input the admin pass every start-up.