rpc: Remove chain-specific RequireRPCPassword #6398

1. 
   laanwj commented at 1:27 pm on July 8, 2015: member

   I’ve never liked the chain-specific exception to having to set a password. Also it conflicts with #6388 which makes it generally valid to set no password (as it then enables random cookie authentication).

   This pull removes the flag, so that all chains are regarded the same. It also adapts the tests so that they no longer rely on the previous behavior.

2. laanwj added the label RPC on Jul 8, 2015
3. 
   Diapolo commented at 2:01 pm on July 8, 2015: none

   utACK
4. 
   jonasschnelli commented at 2:16 pm on July 8, 2015: contributor

   Tested above of #6388.

   ACK.

5. 
   jgarzik commented at 5:31 pm on July 8, 2015: contributor

   ACK
6. 
   laanwj commented at 8:00 am on July 9, 2015: member

   Hmm, this username==password here is sub-optiomal

   Yes. Thinking of it, it is kind of a lame check. Maybe better to just remove it.

7. 
   sipa commented at 4:22 pm on July 9, 2015: member

   ACK
8. rpc: Remove chain-specific RequireRPCPassword

   I've never liked the chain-specific exception to having to set a
   password. It gives issues with #6388 which makes it valid to
   set no password in every case (as it enables random cookie authentication).
   
   This pull removes the flag, so that all chains are regarded the same.
   
   It also removes the username==password test, which doesn't provide any
   substantial extra security.

   85ee55b5c3
9. laanwj force-pushed on Jul 10, 2015
10. laanwj merged this on Jul 13, 2015
11. laanwj closed this on Jul 13, 2015

    ---

12. laanwj referenced this in commit 3d9362d5ac on Jul 13, 2015
13. zkbot referenced this in commit 9af55822fb on Feb 15, 2017
14. zkbot referenced this in commit a7cf698873 on Mar 4, 2017
15. MarcoFalke locked this on Sep 8, 2021

Contributors
laanwj Diapolo jonasschnelli jgarzik sipa

Labels
RPC/REST/ZMQ