Commit Graph

306 Commits

Author SHA1 Message Date
Lee Clagett 7414e2bac1 Change epee binary output from std::stringstream to byte_stream 2020-10-10 15:28:40 +00:00
moneromooo-monero c5f6629f4a
epee: tighten the URL parsing regexp a little
fixes massive amounts of time spent on pathological inputs

Found by OSS-Fuzz
2020-11-09 13:05:39 +00:00
Alexander Blair d73b1b6560
Merge pull request #6727
13eee1d6a rpc: reject wrong sized txid (moneromooo-monero)
92e6b7df2 easylogging++: fix crash with reentrant logging (moneromooo-monero)
6dd95d530 epee: guard against exceptions in RPC handlers (moneromooo-monero)
90016ad74 blockchain: guard against exceptions in add_new_block/children (moneromooo-monero)
2020-08-16 12:55:25 -07:00
Alexander Blair 7db379cc82
Merge pull request #6720
86abf558c epee: Remove unused functions in local_ip.h (Jean Pierre Dudey)
2020-08-16 12:54:17 -07:00
moneromooo-monero 6dd95d5308
epee: guard against exceptions in RPC handlers 2020-07-30 22:52:12 +00:00
Jean Pierre Dudey 86abf558cb epee: Remove unused functions in local_ip.h
Signed-off-by: Jean Pierre Dudey <me@jeandudey.tech>
2020-07-22 19:06:01 -05:00
xiphon 76c16822d0 wallet2_api: implement runtime proxy configuration 2020-07-20 13:45:12 +00:00
Alexander Blair 3ba6c7fd30
Merge pull request #6516
8656a8c9f remove double includes (sumogr)
2020-07-19 03:34:28 -07:00
Alexander Blair a0d179e528
Merge pull request #6512
5ef0607da Update copyright year to 2020 (SomaticFanatic)
2020-07-19 03:32:59 -07:00
Lee Clagett 7aeb503547 Fix boost <1.60 compilation and fix boost 1.73+ warnings 2020-05-31 21:18:11 -04:00
sumogr 8656a8c9ff remove double includes 2020-05-11 13:53:17 +00:00
SomaticFanatic 5ef0607da6 Update copyright year to 2020
Update copyright year to 2020
2020-05-06 22:36:54 -04:00
luigi1111 c9b800a787
Merge pull request #6446
e509ede trezor: adapt to new passphrase mechanism (ph4r05)
2020-05-01 15:32:52 -05:00
Dusan Klinec e509ede2aa
trezor: adapt to new passphrase mechanism
- choice where to enter passphrase is now made on the host
- use wipeable string in the comm stack
- wipe passphrase memory
- protocol optimizations, prepare for new firmware version
- minor fixes and improvements
- tests fixes, HF12 support
2020-04-27 18:17:56 +02:00
woodser 87d75584e8 Allow wallet2.h to run in WebAssembly
- Add abstract_http_client.h which http_client.h extends.
- Replace simple_http_client with abstract_http_client in wallet2,
message_store, message_transporter, and node_rpc_proxy.
- Import and export wallet data in wallet2.
- Use #if defined __EMSCRIPTEN__ directives to skip incompatible code.
2020-04-15 13:22:46 -04:00
luigi1111 c4f75fe898
Merge pull request #6339
c61abf8 remove empty statements (shopglobal)
2020-04-04 12:47:31 -05:00
moneromooo-monero 21fe6a289b
p2p: fix frequent weak_ptr exception on connection
When a handshake fails, it can fail due to timeout or destroyed
connection, in which case the connection will be, or already is,
closed, and we don't want to do it twice.
Additionally, when closing a connection directly from the top
level code, ensure the connection is gone from the m_connects
list so it won't be used again.

AFAICT this is now clean in netstat, /proc/PID/fd and print_cn.

This fixes a noisy (but harmless) exception.
2020-03-31 20:29:41 +00:00
Alexander Blair 857abc368c
Merge pull request #6244
352bd132 abstract_tcp_server2: guard against negative timeouts (moneromooo-monero)
2020-03-12 00:56:29 -07:00
Alexander Blair 092a57df99
Merge pull request #6243
4771a7ae p2p: remove obsolete local time in handshake (moneromooo-monero)
2fbbc4a2 p2p: avoid sending the same peer list over and over (moneromooo-monero)
3004835b epee: remove backward compatible endian specific address serialization (moneromooo-monero)
39a343d7 p2p: remove backward compatible peer list (moneromooo-monero)
60631802 p2p: simplify last_seen serialization now we have optional stores (moneromooo-monero)
9467b2e4 cryptonote_protocol: omit top 64 bits of difficulty when 0 (moneromooo-monero)
b595583f serialization: do not write optional fields with default value (moneromooo-monero)
5f98b46d p2p: remove obsolete local time from TIMED_SYNC (moneromooo-monero)
2020-03-12 00:32:46 -07:00
Interchained c61abf87c0 remove empty statements
Cleaning up a little around the code base.
2020-02-17 11:55:15 -05:00
Alexander Blair a62f7dc573
Merge pull request #6182
e896cca8 epee: reorder a couple init list fields to match declaration (moneromooo-monero)
2020-02-06 00:34:15 -08:00
moneromooo-monero 3004835b51
epee: remove backward compatible endian specific address serialization 2020-01-26 18:37:34 +00:00
Alexander Blair 8039fd4cab
Merge pull request #6143
6efeefbc epee: set application/json MIME type on json errors (moneromooo-monero)
2020-01-16 17:46:13 -08:00
moneromooo-monero 352bd13254
abstract_tcp_server2: guard against negative timeouts 2019-12-16 18:24:52 +00:00
moneromooo-monero e896cca86e
epee: reorder a couple init list fields to match declaration
This is a bug waiting to happen
2019-11-25 19:27:54 +00:00
moneromooo-monero 6efeefbca2
epee: set application/json MIME type on json errors 2019-11-15 19:39:20 +00:00
moneromooo-monero 3d649d528a
epee: close connection when the peer has done so
This fixes rapid reconnections failing as the peer hasn't yet
worked out the other side is gone, and will reject "duplicate"
connections until a timeout.
2019-11-11 20:05:24 +00:00
luigi1111 42d84ad35e
Merge pull request #6006
9f3be3b epee: use SO_REUSEADDR on non-Windows targets (xiphon)
2019-10-24 12:41:59 -05:00
xiphon 9f3be3baed epee: use SO_REUSEADDR on non-Windows targets 2019-10-22 18:40:01 +00:00
luigi1111 6b58d6248a
Merge pull request #5996
23ba69e epee: fix SSL server handshake, run_one() can block, use poll_one() (xiphon)
2019-10-22 10:26:31 -05:00
luigi1111 18f62f89d8
Merge pull request #5986
1080136 abstract_tcp_server2: move 'Trying to connect' from error to debug (moneromooo-monero)
2019-10-22 10:23:04 -05:00
xiphon 23ba69ec88 epee: fix SSL server handshake, run_one() can block, use poll_one() 2019-10-18 18:32:33 +00:00
luigi1111 7ec8d9640e
Merge pull request #5911
e48dcb7 levin: armour against some 'should not happen' case (moneromooo-monero)
2019-10-16 13:35:55 -05:00
moneromooo-monero e48dcb7a01
levin: armour against some "should not happen" case
If adding a response handler after the protocol is released,
they could never be cancelled again, and would end up keeping
a ref that never goes away
2019-10-15 10:30:08 +00:00
luigi1111 8fcdf77d7b
Merge pull request #5947
c9cfbf7 epee: tcp server - set SO_LINGER instead of SO_REUSEADDR option (xiphon)
2019-10-14 20:04:02 -05:00
luigi1111 4118e4b1e9
Merge pull request #5937
4b654f6 abstract_tcp_server2: log pointer, not contents, where appropriate (moneromooo-monero)
2019-10-14 18:08:47 -05:00
moneromooo-monero 10801362f4
abstract_tcp_server2: move "Trying to connect" from error to debug
and fix the message grammar
2019-10-14 14:15:21 +00:00
luigi1111 18da0fa240
Merge pull request #5918
4371791 epee: implement handshake timeout for SSL connections (xiphon)
2019-10-08 14:30:45 -05:00
luigi1111 ca975bcb79
Merge pull request #5917
7d81850 epee: fix network timeouts in blocked_mode_client (xiphon)
2019-10-08 14:28:50 -05:00
xiphon c9cfbf7fb3 epee: tcp server - set SO_LINGER instead of SO_REUSEADDR option 2019-10-02 19:08:02 +00:00
luigi1111 15b9b4e047
Merge pull request #5910
1b91beb abstract_tcp_server2: fix lingering connections (moneromooo-monero)
2019-09-30 18:55:58 -05:00
luigi1111 c6430f9dd0
Merge pull request #5893
Coverity fixes [3a81639, 1bd962d, 2825f07, d099658, d46f701, cd57a10] (anonimal)
2019-09-30 18:43:48 -05:00
moneromooo-monero 4b654f65a3
abstract_tcp_server2: log pointer, not contents, where appropriate 2019-09-27 15:15:32 +00:00
xiphon 4371791977 epee: implement handshake timeout for SSL connections 2019-09-17 22:21:16 +00:00
xiphon 7d81850a46 epee: fix network timeouts in blocked_mode_client 2019-09-16 18:55:36 +00:00
luigi1111 b4ac8969a8
Merge pull request #5898
73f22c4 depends: fix MacOS build with Clang 3.7.1 (vtnerd)
2019-09-14 13:22:35 -05:00
moneromooo-monero 1b91bebd2e
abstract_tcp_server2: fix lingering connections
Resetting the timer after shutdown was initiated would keep
a reference to the object inside ASIO, which would keep the
connection alive until the timer timed out
2019-09-12 12:10:50 +00:00
Lee Clagett 73f22c48e1
depends: fix MacOS build with Clang 3.7.1 2019-09-08 22:49:11 +02:00
anonimal cd57a10c90
epee: abstract_tcp_server2: resolve CID 203919 (DC.WEAK_CRYPTO)
The problem actually exists in two parts:

1. When sending chunks over a connection, if the queue size is
greater than N, the seed is predictable across every monero node.

>"If rand() is used before any calls to srand(), rand() behaves as if
it was seeded with srand(1). Each time rand() is seeded with the same seed, it
must produce the same sequence of values."

2. The CID speaks for itself: "'rand' should not be used for security-related
applications, because linear congruential algorithms are too easy to break."

*But* this is an area of contention.

One could argue that a CSPRNG is warranted in order to fully mitigate any
potential timing attacks based on crafting chunk responses. Others could argue
that the existing LCG, or even an MTG, would suffice (if properly seeded). As a
compromise, I've used an MTG with a full bit space. This should give a healthy
balance of security and speed without relying on the existing crypto library
(which I'm told might break on some systems since epee is not (shouldn't be)
dependent upon the existing crypto library).
2019-09-08 01:14:39 +00:00
moneromooo-monero bc1144e98e
Fix IP address serialization on big endian
IP addresses are stored in network byte order even on little
endian hosts
2019-09-04 14:54:01 +00:00