11f13da blockchain: fix logging bad number of blocks if first one fails (moneromooo-monero)
19bfe7e simplewallet: fix warnings about useless std::move (moneromooo-monero)
Resetting the timer after shutdown was initiated would keep
a reference to the object inside ASIO, which would keep the
connection alive until the timer timed out
Such a template would yield an invalid block, though would require
an attacker to have mined a long blockchain with drifting times
(assuming the miner's clock is roughly correct)
Fixed by crCr62U0
9f68669 blockchain_blackball: add --historical-stat which prints historical stats of spent ratio (stoffu)
2425f27blockchain_blackball: use is_output_spent instead of ringdb.blackballed for spentness test (stoffu)
50813c1 ringdb: fix bug in blackballing (stoffu)
d046ca1 difficulty: fix check_hash on big endian (moneromooo-monero)
bdda084 epee: fix local/loopback checks on big endian (moneromooo-monero)
32c3834 storages: fix writing varints on big endian (moneromooo-monero)
516f7b9 storages: fix 'portable' storage on big endian (moneromooo-monero)
0e2fda5 unit_tests: fix levin unit test on big endian (moneromooo-monero)
4672b5c db_lmdb: print percentages as percentages, not ratios (moneromooo-monero)
54fd97a slow-hash: fix CNv2+ on big endian (moneromooo-monero)
c1fa4a7 boost: fix little/big endian compatibility (moneromooo-monero)
bc1144e Fix IP address serialization on big endian (moneromooo-monero)
The problem actually exists in two parts:
1. When sending chunks over a connection, if the queue size is
greater than N, the seed is predictable across every monero node.
>"If rand() is used before any calls to srand(), rand() behaves as if
it was seeded with srand(1). Each time rand() is seeded with the same seed, it
must produce the same sequence of values."
2. The CID speaks for itself: "'rand' should not be used for security-related
applications, because linear congruential algorithms are too easy to break."
*But* this is an area of contention.
One could argue that a CSPRNG is warranted in order to fully mitigate any
potential timing attacks based on crafting chunk responses. Others could argue
that the existing LCG, or even an MTG, would suffice (if properly seeded). As a
compromise, I've used an MTG with a full bit space. This should give a healthy
balance of security and speed without relying on the existing crypto library
(which I'm told might break on some systems since epee is not (shouldn't be)
dependent upon the existing crypto library).
luigi1111