davide/purple-electrumwallet
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

daemon: forbid "setconfig" command to change rpcserver settings in-flight

Browse Source 
It is much easier to reason about the rpcserver if we don't allow changing its basic settings while it is already running. What does it mean to change the TCP port it is listening on ("rpcport") if it's already running? It is even problematic to change the rpcpassword: care needs to be taken to already update it for the current server.
(ref https://github.com/spesmilo/electrum/issues/6762)

This commit disallows changing all of the "rpc*" config variables if the daemon is already running.

---

Simultaneously, it also ensures rpc_password is always set and auth cannot be disabled.

Previously if there was a daemon running, and the user ran
`$ electrum setconfig rpcpassword ""` that would leave the RPC unauthenticated
for the current session. However next time the daemon restarted, get_rpc_credentials would see
the unset password and generate one.

I think this was the worst of both worlds:
- we did not really allow removing the rpc password, except for the current session, and
- perhaps unexpectedly, we would generate a new password on daemon restart

Instead now we explicitly make sure the RPC server can never get into a state where it does not have a password set.

Based on a report by `Zuzana Kotásková <36777@mail.vsfs.cz>`
This commit is contained in:
SomberNight
2026-03-24 17:07:26 +00:00
parent 8f21f1d744
commit 0dcef9780b
2 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
electrum/commands.py
+13 -4
View File
@@ -397,10 +397,19 @@ class Commands(Logger):
def _setconfig(self, key, value):
value = self._setconfig_normalize_value(key, value)
if self.daemon and key == SimpleConfig.RPC_USERNAME.key():
self.daemon.commands_server.rpc_user = value
if self.daemon and key == SimpleConfig.RPC_PASSWORD.key():
self.daemon.commands_server.rpc_password = value
if self.daemon and key in (
SimpleConfig.RPC_USERNAME.key(),
SimpleConfig.RPC_PASSWORD.key(),
SimpleConfig.RPC_HOST.key(),
SimpleConfig.RPC_PORT.key(),
SimpleConfig.RPC_SOCKET_TYPE.key(),
SimpleConfig.RPC_SOCKET_FILEPATH.key(),
):
raise UserFacingException(
"error: RPC server settings cannot be changed for already running daemon. "
"Stop the daemon first, and run 'setconfig' in --offline mode. "
"\nFor example: '$ electrum -o setconfig rpcport 7777'."
)
if Plugins.is_plugin_enabler_config_key(key):
self.config.set_key(key, value)
else: