Commit Graph

8079 Commits

Author SHA1 Message Date
moneromooo-monero 61d63900b9
net_helper: avoid unnecessary memcpy 2019-04-13 13:24:58 +00:00
Riccardo Spagni 9c77dbf376
Merge pull request #5386
d843f200 simplewallet: add a welcome/disclaimer message command (moneromooo-monero)
2019-04-11 13:16:28 +02:00
Riccardo Spagni 716f5a2a6a
Merge pull request #5384
0eee6cd7 block_weight: catch exceptions in main for clean exit on error (moneromooo-monero)
4b3bb829 epee: init a new ssl related variable in ctor (moneromooo-monero)
2019-04-11 13:15:20 +02:00
Riccardo Spagni 083271375a
Merge pull request #5383
0575794f console: simple shell over console.py (moneromooo-monero)
047af5c3 console.py: can now connect to several daemons/wallets (moneromooo-monero)
9f9571aa cmake: always detect python, it's neeed for some tests (moneromooo-monero)
8646bd00 functional_tests: exit with 1 if any test fails (moneromooo-monero)
6fd8834d console.py: add tab completion (moneromooo-monero)
04a20cb2 functional_tests: cold signing key images/outputs import/export (moneromooo-monero)
798e3cad functional_tests: add double spend detection tests (moneromooo-monero)
7c657bb2 functional_tests: add alt chains tests (moneromooo-monero)
f8be31d2 functional_tests: add wallet creation language tests (moneromooo-monero)
2d68b31f functional_tests: add more wallet tests (moneromooo-monero)
23f86dad python-rpc: add set_log_level and set_log_categories (moneromooo-monero)
b3a32d55 functional_tests: add describe_transfer tests (moneromooo-monero)
108f4375 console.py: support connecting to any host, not just 127.0.0.1 (moneromooo-monero)
064ab123 functional_tests: add more blockchain related tests (moneromooo-monero)
21b1ac1d functional_tests: add bans tests (moneromooo-monero)
2019-04-11 13:14:44 +02:00
moneromooo-monero d843f20044
simplewallet: add a welcome/disclaimer message command
I saw one when landing on www.tribler.org, and it seemed
like a good idea to have something similar, alongside some
more general "what is monero" text.
2019-04-11 11:11:45 +00:00
moneromooo-monero 0eee6cd7fe
block_weight: catch exceptions in main for clean exit on error 2019-04-11 11:10:18 +00:00
moneromooo-monero 4b3bb829c2
epee: init a new ssl related variable in ctor 2019-04-11 11:10:15 +00:00
moneromooo-monero 0575794f53
console: simple shell over console.py
to avoid the "python -i" part
2019-04-11 11:08:39 +00:00
moneromooo-monero 047af5c343
console.py: can now connect to several daemons/wallets
Also throw exceptions instead of print+exit, since that makes
the error print last, below the python stack trace, where it's
much less easy to miss it.
2019-04-11 11:08:33 +00:00
moneromooo-monero 9f9571aa3d
cmake: always detect python, it's neeed for some tests 2019-04-11 11:08:30 +00:00
moneromooo-monero 8646bd0086
functional_tests: exit with 1 if any test fails 2019-04-11 11:08:27 +00:00
moneromooo-monero 6fd8834d9d
console.py: add tab completion 2019-04-11 11:08:24 +00:00
moneromooo-monero 04a20cb242
functional_tests: cold signing key images/outputs import/export 2019-04-11 11:08:20 +00:00
moneromooo-monero 798e3cad2b
functional_tests: add double spend detection tests 2019-04-11 11:08:17 +00:00
moneromooo-monero 7c657bb2dd
functional_tests: add alt chains tests 2019-04-11 11:08:15 +00:00
moneromooo-monero f8be31d269
functional_tests: add wallet creation language tests 2019-04-11 11:08:12 +00:00
moneromooo-monero 2d68b31f3e
functional_tests: add more wallet tests
get_transfer_by_txid, get_height, open/close
2019-04-11 11:08:09 +00:00
moneromooo-monero 23f86dad02
python-rpc: add set_log_level and set_log_categories 2019-04-11 11:08:06 +00:00
moneromooo-monero b3a32d5505
functional_tests: add describe_transfer tests 2019-04-11 11:08:04 +00:00
moneromooo-monero 108f4375b8
console.py: support connecting to any host, not just 127.0.0.1 2019-04-11 11:08:01 +00:00
moneromooo-monero 064ab12340
functional_tests: add more blockchain related tests
Related to emission, reorgs, getting tx data back, output
distribution and histogram
2019-04-11 11:07:58 +00:00
moneromooo-monero 21b1ac1dd2
functional_tests: add bans tests 2019-04-11 11:07:55 +00:00
Riccardo Spagni e03b9bcdfd
Merge pull request #5411
3de49afc README.md: fork table, copy lines from release branch (Gingeropolous)
e172fbae README.md: fix missing comma (Tyler Saballus)
97f0899b README.md: minor spelling issue (Justin Gerber)
2019-04-11 13:06:35 +02:00
Riccardo Spagni 5db72d12b4
Merge pull request #5388
0be5b2ee simplewallet: new unset_ring command (moneromooo-monero)
2019-04-11 13:05:43 +02:00
Riccardo Spagni 5c02316598
Merge pull request #5382
c12b43cb wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
3f1e9e84 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
36c037ec wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
cd1eaff2 wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
2019-04-11 13:03:55 +02:00
Riccardo Spagni 38717dafc0
Merge pull request #5381
def40161 miner: fix race when stopping mining with start mining enabled (moneromooo-monero)
2019-04-11 13:03:32 +02:00
Riccardo Spagni 915d9e5a1f
Merge pull request #5380
113e4877 blockchain_stats: fix sign in formatting function (moneromooo-monero)
adaea3ea various: remove unused variables (moneromooo-monero)
631ef00e blockchain: some debug info when adding txes-from-block fails (moneromooo-monero)
2019-04-11 13:02:59 +02:00
Riccardo Spagni fa789109f6
Merge pull request #5379
83fc45a4 Add NanoX support (cslashm)
2019-04-11 13:02:47 +02:00
Riccardo Spagni bd429033df
Merge pull request #5378
eda2661a Allow pruning before v10 (moneromooo-monero)
2019-04-11 13:02:35 +02:00
Riccardo Spagni 4a2cc76c84
Merge pull request #5376
c746f45d Add hash of top block to /getheight RPC (Howard Chu)
2019-04-11 13:01:54 +02:00
Riccardo Spagni 3a4008f0fc
Merge pull request #5374
a2561653 wallet: new option to start background mining (moneromooo-monero)
2019-04-11 13:01:30 +02:00
Riccardo Spagni 036daa3af9
Merge pull request #5373
aff80e70 blockchain: fix returned height in create_block_template (moneromooo-monero)
2019-04-11 13:00:55 +02:00
Riccardo Spagni 8e0c5b34dd
Merge pull request #5371
9f8dc4ce simplewallet: new net_stats command (moneromooo-monero)
2019-04-11 13:00:31 +02:00
moneromooo-monero 9f8dc4ce51
simplewallet: new net_stats command
displays total sent and received bytes
2019-04-11 10:46:41 +00:00
Riccardo Spagni 19e37c05d6
Merge pull request #5367
07b716bf util: name replace_file arguments better (moneromooo-monero)
2019-04-11 12:41:55 +02:00
Riccardo Spagni 793651e731
Merge pull request #5366
c2f271d1 device/trezor: increase live-refresh timeout (Dusan Klinec)
2019-04-11 12:41:34 +02:00
Riccardo Spagni 76fbcfe2dd
Merge pull request #5123
089c7637 cryptonote: rework block blob size sanity check (moneromooo-monero)
2019-04-11 12:41:07 +02:00
Riccardo Spagni 7d3cb10838
Merge pull request #4939
f064efae README: add and remove dependencies on OSX line (George)
2019-04-11 12:40:53 +02:00
Riccardo Spagni 7c85f3b28e
Merge pull request #5320
2e578b82 Enabling daemon-rpc SSL now requires non-system CA verification (Lee Clagett)
d58f3682 Require manual override for user chain certificates. (Lee Clagett)
97cd1fa9 Only check top-level certificate against fingerprint list. (Lee Clagett)
7c388fb3 Call `use_certificate_chain_file` instead of `use_certificate_file` (Lee Clagett)
eca0fea4 Perform RFC 2818 hostname verification in client SSL handshakes (Lee Clagett)
0416764c Require server verification when SSL is enabled. (Lee Clagett)
96d602ac Add `verify_fail_if_no_cert` option for proper client authentication (Lee Clagett)
21eb1b07 Pass SSL arguments via one class and use shared_ptr instead of reference (Lee Clagett)
1f5ed328 Change default SSL to "enabled" if user specifies fingerprint/certificate (Lee Clagett)
f18a069f Do not require client certificate unless server has some whitelisted. (Lee Clagett)
a3b02848 Change SSL certificate file list to OpenSSL builtin load_verify_location (Lee Clagett)
2019-04-11 12:39:56 +02:00
Gingeropolous 3de49afc53 README.md: fork table, copy lines from release branch 2019-04-07 21:38:04 +00:00
Tyler Saballus e172fbaef3 README.md: fix missing comma 2019-04-07 21:35:36 +00:00
Justin Gerber 97f0899b8f README.md: minor spelling issue
The word 'dont' is not spelled correctly.
2019-04-07 21:33:22 +00:00
Lee Clagett 2e578b8214 Enabling daemon-rpc SSL now requires non-system CA verification
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
2019-04-07 13:02:43 -04:00
Lee Clagett d58f368289 Require manual override for user chain certificates.
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
2019-04-07 00:44:37 -04:00
Lee Clagett 97cd1fa98d Only check top-level certificate against fingerprint list.
This allows "chain" certificates to be used with the fingerprint
whitelist option. A user can get a system-ca signature as backup while
clients explicitly whitelist the server certificate. The user specified
CA can also be combined with fingerprint whitelisting.
2019-04-07 00:44:37 -04:00
Lee Clagett 7c388fb358 Call `use_certificate_chain_file` instead of `use_certificate_file`
The former has the same behavior with single self signed certificates
while allowing the server to have separate short-term authentication
keys with long-term authorization keys.
2019-04-07 00:44:37 -04:00
Lee Clagett eca0fea45a Perform RFC 2818 hostname verification in client SSL handshakes
If the verification mode is `system_ca`, clients will now do hostname
verification. Thus, only certificates from expected hostnames are
allowed when SSL is enabled. This can be overridden by forcible setting
the SSL mode to autodetect.

Clients will also send the hostname even when `system_ca` is not being
performed. This leaks possible metadata, but allows servers providing
multiple hostnames to respond with the correct certificate. One example
is cloudflare, which getmonero.org is currently using.
2019-04-07 00:44:37 -04:00
Lee Clagett 0416764cae Require server verification when SSL is enabled.
If SSL is "enabled" via command line without specifying a fingerprint or
certificate, the system CA list is checked for server verification and
_now_ fails the handshake if that check fails. This change was made to
remain consistent with standard SSL/TLS client behavior. This can still
be overridden by using the allow any certificate flag.

If the SSL behavior is autodetect, the system CA list is still checked
but a warning is logged if this fails. The stream is not rejected
because a re-connect will be attempted - its better to have an
unverified encrypted stream than an unverified + unencrypted stream.
2019-04-07 00:44:37 -04:00
Lee Clagett 96d602ac84 Add `verify_fail_if_no_cert` option for proper client authentication
Using `verify_peer` on server side requests a certificate from the
client. If no certificate is provided, the server silently accepts the
connection and rejects if the client sends an unexpected certificate.
Adding `verify_fail_if_no_cert` has no affect on client and for server
requires that the peer sends a certificate or fails the handshake. This
is the desired behavior when the user specifies a fingerprint or CA file.
2019-04-07 00:44:37 -04:00
Lee Clagett 21eb1b0725 Pass SSL arguments via one class and use shared_ptr instead of reference 2019-04-07 00:44:37 -04:00