From ca18ffb90ab2011070cbbfc0f25a67516916e33a Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Thu, 27 Aug 2020 12:17:40 +0200
Subject: [PATCH] generate-secrets: fetch rpcauth.py from github

No need to vendor this.
---
 pkgs/generate-secrets/default.nix        | 10 ++++--
 pkgs/generate-secrets/rpcauth/rpcauth.py | 46 ------------------------
 2 files changed, 8 insertions(+), 48 deletions(-)
 delete mode 100644 pkgs/generate-secrets/rpcauth/rpcauth.py

diff --git a/pkgs/generate-secrets/default.nix b/pkgs/generate-secrets/default.nix
index 10c20f2..00a15cf 100644
--- a/pkgs/generate-secrets/default.nix
+++ b/pkgs/generate-secrets/default.nix
@@ -1,9 +1,15 @@
 { pkgs }: with pkgs;
 
 let
-  rpcauth = pkgs.writeScriptBin "rpcauth" (builtins.readFile ./rpcauth/rpcauth.py);
+  rpcauthSrc = builtins.fetchurl {
+    url = "https://raw.githubusercontent.com/bitcoin/bitcoin/d6cde007db9d3e6ee93bd98a9bbfdce9bfa9b15b/share/rpcauth/rpcauth.py";
+    sha256 = "189mpplam6yzizssrgiyv70c9899ggh8cac76j4n7v0xqzfip07n";
+  };
+  rpcauth = pkgs.writeScriptBin "rpcauth" ''
+    exec ${pkgs.python35}/bin/python ${rpcauthSrc} "$@"
+  '';
 in
 writeScript "generate-secrets" ''
-  export PATH=${lib.makeBinPath [ coreutils apg openssl gnugrep rpcauth python35 ]}
+  export PATH=${lib.makeBinPath [ coreutils apg openssl gnugrep rpcauth ]}
   . ${./generate-secrets.sh} ${./openssl.cnf}
 ''
diff --git a/pkgs/generate-secrets/rpcauth/rpcauth.py b/pkgs/generate-secrets/rpcauth/rpcauth.py
deleted file mode 100644
index b14c801..0000000
--- a/pkgs/generate-secrets/rpcauth/rpcauth.py
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/env python3
-# Copyright (c) 2015-2018 The Bitcoin Core developers
-# Distributed under the MIT software license, see the accompanying
-# file COPYING or http://www.opensource.org/licenses/mit-license.php.
-
-from argparse import ArgumentParser
-from base64 import urlsafe_b64encode
-from binascii import hexlify
-from getpass import getpass
-from os import urandom
-
-import hmac
-
-def generate_salt(size):
-    """Create size byte hex salt"""
-    return hexlify(urandom(size)).decode()
-
-def generate_password():
-    """Create 32 byte b64 password"""
-    return urlsafe_b64encode(urandom(32)).decode('utf-8')
-
-def password_to_hmac(salt, password):
-    m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), 'SHA256')
-    return m.hexdigest()
-
-def main():
-    parser = ArgumentParser(description='Create login credentials for a JSON-RPC user')
-    parser.add_argument('username', help='the username for authentication')
-    parser.add_argument('password', help='leave empty to generate a random password or specify "-" to prompt for password', nargs='?')
-    args = parser.parse_args()
-
-    if not args.password:
-        args.password = generate_password()
-    elif args.password == '-':
-        args.password = getpass()
-
-    # Create 16 byte hex salt
-    salt = generate_salt(16)
-    password_hmac = password_to_hmac(salt, args.password)
-
-    print('String to be appended to bitcoin.conf:')
-    print('rpcauth={0}:{1}${2}'.format(args.username, salt, password_hmac))
-    print('Your password:\n{0}'.format(args.password))
-
-if __name__ == '__main__':
-    main()