Merge pull request #3948

c367609 blockchain_import: warn+delay about using --dangerous-unverified-import (moneromooo-monero)
This commit is contained in:
luigi1111 2018-06-25 14:58:19 -05:00
commit 741a773025
No known key found for this signature in database
GPG Key ID: F4ACA0183641E010
1 changed files with 16 additions and 4 deletions

View File

@ -593,8 +593,8 @@ int main(int argc, char* argv[])
const command_line::arg_descriptor<std::string> arg_database = { const command_line::arg_descriptor<std::string> arg_database = {
"database", available_dbs.c_str(), default_db_type "database", available_dbs.c_str(), default_db_type
}; };
const command_line::arg_descriptor<bool> arg_verify = {"guard-against-pwnage", const command_line::arg_descriptor<bool> arg_noverify = {"dangerous-unverified-import",
"Verify blocks and transactions during import (only disable if you exported the file yourself)", true}; "Blindly trust the import file and use potentially malicious blocks and transactions during import (only enable if you exported the file yourself)", false};
const command_line::arg_descriptor<bool> arg_batch = {"batch", const command_line::arg_descriptor<bool> arg_batch = {"batch",
"Batch transactions for faster import", true}; "Batch transactions for faster import", true};
const command_line::arg_descriptor<bool> arg_resume = {"resume", const command_line::arg_descriptor<bool> arg_resume = {"resume",
@ -614,7 +614,7 @@ int main(int argc, char* argv[])
// call add_options() directly for these arguments since // call add_options() directly for these arguments since
// command_line helpers support only boolean switch, not boolean argument // command_line helpers support only boolean switch, not boolean argument
desc_cmd_sett.add_options() desc_cmd_sett.add_options()
(arg_verify.name, make_semantic(arg_verify), arg_verify.description) (arg_noverify.name, make_semantic(arg_noverify), arg_noverify.description)
(arg_batch.name, make_semantic(arg_batch), arg_batch.description) (arg_batch.name, make_semantic(arg_batch), arg_batch.description)
(arg_resume.name, make_semantic(arg_resume), arg_resume.description) (arg_resume.name, make_semantic(arg_resume), arg_resume.description)
; ;
@ -633,7 +633,7 @@ int main(int argc, char* argv[])
if (! r) if (! r)
return 1; return 1;
opt_verify = command_line::get_arg(vm, arg_verify); opt_verify = !command_line::get_arg(vm, arg_noverify);
opt_batch = command_line::get_arg(vm, arg_batch); opt_batch = command_line::get_arg(vm, arg_batch);
opt_resume = command_line::get_arg(vm, arg_resume); opt_resume = command_line::get_arg(vm, arg_resume);
block_stop = command_line::get_arg(vm, arg_block_stop); block_stop = command_line::get_arg(vm, arg_block_stop);
@ -738,6 +738,18 @@ int main(int argc, char* argv[])
MINFO("bootstrap file path: " << import_file_path); MINFO("bootstrap file path: " << import_file_path);
MINFO("database path: " << m_config_folder); MINFO("database path: " << m_config_folder);
if (!opt_verify)
{
MCLOG_RED(el::Level::Warning, "global", "\n"
"Import is set to proceed WITHOUT VERIFICATION.\n"
"This is a DANGEROUS operation: if the file was tampered with in transit, or obtained from a malicious source,\n"
"you could end up with a compromised database. It is recommended to NOT use " << arg_noverify.name << ".\n"
"*****************************************************************************************\n"
"You have 90 seconds to press ^C or terminate this program before unverified import starts\n"
"*****************************************************************************************");
sleep(90);
}
cryptonote::cryptonote_protocol_stub pr; //TODO: stub only for this kind of test, make real validation of relayed objects cryptonote::cryptonote_protocol_stub pr; //TODO: stub only for this kind of test, make real validation of relayed objects
cryptonote::core core(&pr); cryptonote::core core(&pr);