Merge pull request #2985

6d8b29ef fix some link errors in debug mode for macos (stoffu)
fdd4c5e5 move memwipe to epee to avoid common<->crypto circular dependencies (moneromooo-monero)
40ab12a7 epee: remove dependency on common (moneromooo-monero)

contrib/epee/include/net/http_auth.h

@@ -71,8 +71,8 @@ namespace net_utils
         std::uint32_t counter;
       };
 
-      http_server_auth() : user() {}
-      http_server_auth(login credentials);
+      http_server_auth() : user(), rng() {}
+      http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r);
 
       //! \return Auth response, or `boost::none` iff `request` had valid auth.
       boost::optional<http_response_info> get_response(const http_request_info& request)
@@ -81,10 +81,13 @@ namespace net_utils
           return do_get_response(request);
         return boost::none;
       }
+
     private:
       boost::optional<http_response_info> do_get_response(const http_request_info& request);
 
       boost::optional<session> user;
+
+      std::function<void(size_t, uint8_t*)> rng;
     };
 
     //! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added.

contrib/epee/include/net/http_protocol_handler.h

@@ -160,6 +160,7 @@ namespace net_utils
 		struct custum_handler_config: public http_server_config
 		{
 			i_http_server_handler<t_connection_context>* m_phandler;
+			std::function<void(size_t, uint8_t*)> rng;
 		};
 
 		/************************************************************************/
@@ -176,7 +177,7 @@ namespace net_utils
 				: simple_http_connection_handler<t_connection_context>(psnd_hndlr, config),
 					m_config(config),
 					m_conn_context(conn_context),
-					m_auth(m_config.m_user ? http_server_auth{*m_config.m_user} : http_server_auth{})
+					m_auth(m_config.m_user ? http_server_auth{*m_config.m_user, config.rng} : http_server_auth{})
 			{}
 			inline bool handle_request(const http_request_info& query_info, http_response_info& response)
 			{

contrib/epee/include/net/http_server_impl_base.h

@@ -55,13 +55,14 @@ namespace epee
         : m_net_server(external_io_service)
     {}
 
-    bool init(const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0",
+    bool init(std::function<void(size_t, uint8_t*)> rng, const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0",
       std::vector<std::string> access_control_origins = std::vector<std::string>(),
       boost::optional<net_utils::http::login> user = boost::none)
     {
 
       //set self as callback handler
       m_net_server.get_config_object().m_phandler = static_cast<t_child_class*>(this);
+      m_net_server.get_config_object().rng = std::move(rng);
 
       //here set folder for hosting reqests
       m_net_server.get_config_object().m_folder = "";

contrib/epee/include/net/network_throttle.hpp

@@ -99,8 +99,6 @@ struct calculate_times_struct {
 typedef calculate_times_struct calculate_times_struct;
 
 
-namespace cryptonote { class cryptonote_protocol_handler_base; } // a friend class // TODO friend not working
-
 /*** 
 @brief Access to simple throttles, with singlton to access global network limits
 */
@@ -117,7 +115,6 @@ class network_throttle_manager {
     static boost::mutex m_lock_get_global_throttle_inreq;
     static boost::mutex m_lock_get_global_throttle_out;
 
-		friend class cryptonote::cryptonote_protocol_handler_base; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS!
 		friend class connection_basic; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS!
 		friend class connection_basic_pimpl; // ditto
 

contrib/epee/src/CMakeLists.txt

@@ -26,12 +26,16 @@
 # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 # THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp
+add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp memwipe.c
     connection_basic.cpp network_throttle.cpp network_throttle-detail.cpp)
 if (USE_READLINE AND GNU_READLINE_FOUND)
   add_library(epee_readline STATIC readline_buffer.cpp)
 endif()
 
+if(HAVE_C11)
+SET_PROPERTY(SOURCE memwipe.c PROPERTY COMPILE_FLAGS -std=c11)
+endif()
+
 # Build and install libepee if we're building for GUI
 if (BUILD_GUI_DEPS)
     if(IOS)
@@ -49,7 +53,6 @@ endif()
 
 target_link_libraries(epee
   PUBLIC
-    cncrypto
     easylogging
     ${Boost_FILESYSTEM_LIBRARY}
   PRIVATE

contrib/epee/src/connection_basic.cpp

@@ -78,7 +78,6 @@
 
 // TODO:
 #include "net/network_throttle-detail.hpp"
-#include "cryptonote_core/cryptonote_core.h"
 
 #undef MONERO_DEFAULT_LOG_CATEGORY
 #define MONERO_DEFAULT_LOG_CATEGORY "net.p2p"

contrib/epee/src/http_auth.cpp

@@ -66,7 +66,6 @@
 #include <tuple>
 #include <type_traits>
 
-#include "crypto/crypto.h"
 #include "hex.h"
 #include "md5_l.h"
 #include "string_coding.h"
@@ -711,8 +710,8 @@ namespace epee
   {
     namespace http
     {
-      http_server_auth::http_server_auth(login credentials)
-        : user(session{std::move(credentials)}) {
+      http_server_auth::http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r)
+        : user(session{std::move(credentials)}), rng(std::move(r)) {
       }
 
       boost::optional<http_response_info> http_server_auth::do_get_response(const http_request_info& request)
@@ -746,7 +745,7 @@ namespace epee
         user->counter = 0;
         {
           std::array<std::uint8_t, 16> rand_128bit{{}};
-          crypto::rand(rand_128bit.size(), rand_128bit.data());
+          rng(rand_128bit.size(), rand_128bit.data());
           user->nonce = string_encoding::base64_encode(rand_128bit.data(), rand_128bit.size());
         }
         return create_digest_response(user->nonce, is_stale);

src/common/CMakeLists.txt

@@ -35,7 +35,6 @@ set(common_sources
   download.cpp
   util.cpp
   i18n.cpp
-  memwipe.c
   password.cpp
   perf_timer.cpp
   threadpool.cpp
@@ -64,7 +63,6 @@ set(common_private_headers
   util.h
   varint.h
   i18n.h
-  memwipe.h
   password.h
   perf_timer.h
   stack_trace.h
@@ -92,9 +90,5 @@ target_link_libraries(common
     ${OPENSSL_LIBRARIES}
     ${EXTRA_LIBRARIES})
 
-if(HAVE_C11)
-SET_PROPERTY(SOURCE memwipe.c PROPERTY COMPILE_FLAGS -std=c11)
-endif()
-
 #monero_install_headers(common
 #  ${common_headers})

src/common/password.cpp

@@ -46,7 +46,7 @@
   #include "readline_buffer.h"
 #endif
 
-#include "common/memwipe.h"
+#include "memwipe.h"
 
 namespace
 {

src/common/util.cpp

@@ -39,6 +39,7 @@
 #include "wipeable_string.h"
 using namespace epee;
 
+#include "crypto/crypto.h"
 #include "util.h"
 #include "memwipe.h"
 #include "cryptonote_config.h"

src/crypto/CMakeLists.txt

@@ -76,6 +76,7 @@ monero_add_library(cncrypto
   ${crypto_private_headers})
 target_link_libraries(cncrypto
   PUBLIC
+    epee
     ${Boost_SYSTEM_LIBRARY}
   PRIVATE
     ${EXTRA_LIBRARIES})

src/crypto/chacha.h

@@ -39,7 +39,7 @@
 #if defined(__cplusplus)
 #include <memory.h>
 
-#include "common/memwipe.h"
+#include "memwipe.h"
 #include "hash.h"
 
 namespace crypto {

src/crypto/crypto.h

@@ -41,7 +41,7 @@
 
 #include "common/pod-class.h"
 #include "common/util.h"
-#include "common/memwipe.h"
+#include "memwipe.h"
 #include "generic-ops.h"
 #include "hex.h"
 #include "span.h"

src/mnemonics/CMakeLists.txt

@@ -57,6 +57,7 @@ monero_add_library(mnemonics
   ${mnemonics_private_headers})
 target_link_libraries(mnemonics
   PUBLIC
+    epee
     easylogging
     ${Boost_SYSTEM_LIBRARY}
   PRIVATE

src/p2p/CMakeLists.txt

@@ -46,5 +46,6 @@ target_link_libraries(p2p
     ${Boost_FILESYSTEM_LIBRARY}
     ${Boost_SYSTEM_LIBRARY}
     ${Boost_THREAD_LIBRARY}
+    ${Boost_SERIALIZATION_LIBRARY}
   PRIVATE
     ${EXTRA_LIBRARIES})

src/rpc/CMakeLists.txt

@@ -101,6 +101,7 @@ target_link_libraries(rpc_base
     epee
     ${Boost_REGEX_LIBRARY}
     ${Boost_THREAD_LIBRARY}
+    ${Boost_PROGRAM_OPTIONS_LIBRARY}
   PRIVATE
     ${EXTRA_LIBRARIES})
 
@@ -125,6 +126,7 @@ target_link_libraries(daemon_messages
 
 target_link_libraries(daemon_rpc_server
   LINK_PRIVATE
+    rpc
     cryptonote_core
     cryptonote_protocol
     daemon_messages

src/rpc/core_rpc_server.cpp

@@ -106,8 +106,9 @@ namespace cryptonote
     if (rpc_config->login)
       http_login.emplace(std::move(rpc_config->login->username), std::move(rpc_config->login->password).password());
 
+    auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); };
     return epee::http_server_impl_base<core_rpc_server, connection_context>::init(
-      std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
+      rng, std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
     );
   }
   //------------------------------------------------------------------------------------------------------------------------------

src/wallet/wallet2.cpp

@@ -62,7 +62,7 @@ using namespace epee;
 #include "rapidjson/writer.h"
 #include "rapidjson/stringbuffer.h"
 #include "common/json_util.h"
-#include "common/memwipe.h"
+#include "memwipe.h"
 #include "common/base58.h"
 #include "ringct/rctSigs.h"
 

src/wallet/wallet_rpc_server.cpp

@@ -229,8 +229,9 @@ namespace tools
     m_http_client.set_server(walvars->get_daemon_address(), walvars->get_daemon_login());
 
     m_net_server.set_threads_prefix("RPC");
+    auto rng = [](size_t len, uint8_t *ptr) { return crypto::rand(len, ptr); };
     return epee::http_server_impl_base<wallet_rpc_server, connection_context>::init(
-      std::move(bind_port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
+      rng, std::move(bind_port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
     );
   }
   //------------------------------------------------------------------------------------------------------------------------------

tests/unit_tests/http.cpp

@@ -60,12 +60,18 @@
 
 #include "md5_l.h"
 #include "string_tools.h"
+#include "crypto/crypto.h"
 
 namespace {
 namespace http = epee::net_utils::http;
 using fields = std::unordered_map<std::string, std::string>;
 using auth_responses = std::vector<fields>;
 
+void rng(size_t len, uint8_t *ptr)
+{
+  crypto::rand(len, ptr);
+}
+
 std::string quoted(std::string str)
 {
   str.insert(str.begin(), '"');
@@ -250,13 +256,13 @@ std::string get_nc(std::uint32_t count)
 
 TEST(HTTP_Server_Auth, NotRequired)
 {
-  http::http_server_auth auth{};
+  http::http_server_auth auth{}; // no rng here
   EXPECT_FALSE(auth.get_response(http::http_request_info{}));
 }
 
 TEST(HTTP_Server_Auth, MissingAuth)
 {
-  http::http_server_auth auth{{"foo", "bar"}};
+  http::http_server_auth auth{{"foo", "bar"}, rng};
   EXPECT_TRUE(bool(auth.get_response(http::http_request_info{})));
   {
     http::http_request_info request{};
@@ -267,7 +273,7 @@ TEST(HTTP_Server_Auth, MissingAuth)
 
 TEST(HTTP_Server_Auth, BadSyntax)
 {
-  http::http_server_auth auth{{"foo", "bar"}};
+  http::http_server_auth auth{{"foo", "bar"}, rng};
   EXPECT_TRUE(bool(auth.get_response(make_request({{u8"algorithm", "fo\xFF"}}))));
   EXPECT_TRUE(bool(auth.get_response(make_request({{u8"cnonce", "\"000\xFF\""}}))));
   EXPECT_TRUE(bool(auth.get_response(make_request({{u8"cnonce \xFF =", "\"000\xFF\""}}))));
@@ -277,7 +283,7 @@ TEST(HTTP_Server_Auth, BadSyntax)
 TEST(HTTP_Server_Auth, MD5)
 {
   http::login user{"foo", "bar"};
-  http::http_server_auth auth{user};
+  http::http_server_auth auth{user, rng};
 
   const auto response = auth.get_response(make_request(fields{}));
   ASSERT_TRUE(bool(response));
@@ -326,7 +332,7 @@ TEST(HTTP_Server_Auth, MD5_sess)
   constexpr const char cnonce[] = "not a good cnonce";
 
   http::login user{"foo", "bar"};
-  http::http_server_auth auth{user};
+  http::http_server_auth auth{user, rng};
 
   const auto response = auth.get_response(make_request(fields{}));
   ASSERT_TRUE(bool(response));
@@ -378,7 +384,7 @@ TEST(HTTP_Server_Auth, MD5_auth)
   constexpr const char qop[] = "auth";
 
   http::login user{"foo", "bar"};
-  http::http_server_auth auth{user};
+  http::http_server_auth auth{user, rng};
 
   const auto response = auth.get_response(make_request(fields{}));
   ASSERT_TRUE(bool(response));
@@ -446,7 +452,7 @@ TEST(HTTP_Server_Auth, MD5_sess_auth)
   constexpr const char qop[] = "auth";
 
   http::login user{"foo", "bar"};
-  http::http_server_auth auth{user};
+  http::http_server_auth auth{user, rng};
 
   const auto response = auth.get_response(make_request(fields{}));
   ASSERT_TRUE(bool(response));
@@ -523,7 +529,7 @@ TEST(HTTP_Auth, DogFood)
 
   const http::login user{"some_user", "ultimate password"};
 
-  http::http_server_auth server{user};
+  http::http_server_auth server{user, rng};
   http::http_client_auth client{user};
 
   http::http_request_info request{};

tests/unit_tests/memwipe.cpp

@@ -30,7 +30,7 @@
 
 #include <stdint.h>
 #include "misc_log_ex.h"
-#include "common/memwipe.h"
+#include "memwipe.h"
 
 // Probably won't catch the optimized out case, but at least we test
 // it works in the normal case