65e3abcbf2b9e818f3b9f1ba35f3cfe7df5e3811 doc: document json rpc endpoints (willcl-ark)
Pull request description:
fixes#20246
This documents the two JSON-RPC endpoints available, details when they are active, specifies when they can or must be used, and outlines some known behaviour quirks.
ACKs for top commit:
fanquake:
ACK 65e3abcbf2b9e818f3b9f1ba35f3cfe7df5e3811 - Seems fine. Can be improved if need be.
Tree-SHA512: d557c2caf000a1bdd7b46c9da38afe63dc28446ba4a961526f1af3cec81d994a9da663e02c81ebdc4f609b794585349cfca77a582dc1e788c120de1d3b4c7db6
7117d7503f39f06b74c84777ec4db5d456a8086f Update 'Secure string handling' (Prayank)
Pull request description:
- Add information about possible path traversal attack
- [wallet_name](https://bitcoincore.org/en/doc/0.20.0/rpc/wallet/createwallet/) (string): _The name for the new wallet. If this is a 'path', the wallet will be created at the 'path' location._
Fixes https://github.com/bitcoin/bitcoin/issues/20128 (Not really fixing it but workaround)
This PR is an alternative to https://github.com/bitcoin/bitcoin/pull/20393
ACKs for top commit:
michaelfolkson:
ACK 7117d7503f39f06b74c84777ec4db5d456a8086f
RiccardoMasutti:
ACK 7117d7503f
benthecarman:
ACK 7117d7503f39f06b74c84777ec4db5d456a8086f
Tree-SHA512: 0d6c4f8db5feba848bbb583e87a99e6c4b655deaa2b566164e2632acc1aabf470d4626d2dc4b82c4997effc30d9b474d860d0e0d3e896648c5cc9bfdb623da6d
5a5ea93e87c766dac1251f0369b2737d8e9dadde Doc: add information about security to the JSON-RPC doc (David A. Harding)
Pull request description:
This documents some information about using the RPC interface securely, as suggested in https://github.com/bitcoin-core/bitcoincore.org/pull/637 by @luke-jr and @TheBlueMatt. I think it should fit in well with #14458, but is not dependent on it (and shouldn't have any significant merge conflicts with it).
Tree-SHA512: e09d82c3029ed17a8bcf50722ea25a8c6c514731f3bce01908cbb6fe48bc96a3068a025beabebc602d18e1bc0dc3f2602848abc05dca1d3efe2a988ee50068c0
5c3eaf9983043db1b61a98c95d692a6958670b86 doc: Add warnings for http interfaces limitations (Fabian Jahr)
Pull request description:
`libevent`, which is used for our rest interface, can use up all of the available file descriptors in a system if too many connections are opened at once. If a new block is connected at the same time and can not be written to disk because there are no file descriptors available, the node crashes. Based on my investigation so far the issue is best solved upstream which means we have to wait for the next release (2.2). In the meantime it would be good if we would warn users of this limitation.
See #11368 for more background.
ACKs for top commit:
MarcoFalke:
ACK 5c3eaf9983043db1b61a98c95d692a6958670b86
Tree-SHA512: 73914538588477ead19068f5832fdcc8e0eb736e51f73b3aca501c93165e5ad634c2511a3fcffff251adcd3efda23a742b48211ad9d3b2a29cdeac17201d06a1
