Commit Graph

201 Commits

Author SHA1 Message Date
Dusan Klinec bb8eab24da
epee: certificate generation fix, pkey deleted
- pkey gets deleted by the pkey_deleter but the caller tries to serialize it which causes errors as the memory is freed
2019-03-10 20:09:51 +01:00
moneromooo-monero 9141a0a1ef
connection_basic: remove debug exception ^_^ 2019-03-08 20:13:51 +00:00
Howard Chu b8c2e21cba
Fix startup errors with SSL cert generation
Use SSL API directly, skip boost layer
2019-03-08 15:15:24 +00:00
binaryFate 1f2930ce0b Update 2019 copyright 2019-03-05 22:05:34 +01:00
Martijn Otto 057c279cb4
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-03-05 14:16:08 +01:00
Riccardo Spagni 722a856d7e
Merge pull request #5096
7c3ade44 network_throttle: use circular_buffer where appropriate (moneromooo-monero)
2019-03-04 21:21:25 +02:00
moneromooo-monero 2456945408
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-02-02 20:05:33 +00:00
moneromooo-monero 7c3ade4410
network_throttle: use circular_buffer where appropriate 2019-02-01 21:33:13 +00:00
Lee Clagett 973403bc9f Adding initial support for broadcasting transactions over Tor
- Support for ".onion" in --add-exclusive-node and --add-peer
  - Add --anonymizing-proxy for outbound Tor connections
  - Add --anonymous-inbounds for inbound Tor connections
  - Support for sharing ".onion" addresses over Tor connections
  - Support for broadcasting transactions received over RPC exclusively
    over Tor (else broadcast over public IP when Tor not enabled).
2019-01-28 23:56:33 +00:00
Jethro Grassie ca86ef1beb
readline: don't dereference possible NULL pointer 2019-01-21 01:57:14 -05:00
Riccardo Spagni 3e9bb9626a
Merge pull request #5001
a5ffc2d5 Remove boost::lexical_cast for uuid and unused uuid function (Lee Clagett)
2019-01-16 19:27:13 +02:00
Riccardo Spagni 846362842c
Merge pull request #4976
85665003 epee: better network buffer data structure (moneromooo-monero)
2019-01-16 19:04:22 +02:00
Riccardo Spagni e723eb960d
Merge pull request #4951
b21a60ef mlocker: set default log category (moneromooo-monero)
2019-01-06 20:38:33 +02:00
luigi1111 53760ee044
Merge pull request #4957
0e2f5cb perf_timer: make all logs Info level (moneromooo-monero)
2018-12-31 16:30:47 -06:00
moneromooo-monero 85665003a7
epee: better network buffer data structure
avoids pointless allocs and memcpy
2018-12-23 16:46:07 +00:00
Lee Clagett a5ffc2d5ad Remove boost::lexical_cast for uuid and unused uuid function 2018-12-23 11:11:30 +00:00
Riccardo Spagni 5e9225e637
Merge pull request #4925
ab783b17 easylogging++: ensure logger is initialized before main (moneromooo-monero)
9b69a0ae daemon: print monero version at startup when calling a detached daemon (moneromooo-monero)
4d71d463 mlocker: remove early page size log (moneromooo-monero)
2018-12-12 12:01:18 +02:00
moneromooo-monero 0e2f5cb5fc
perf_timer: make all logs Info level
and make them not default at log level 1
2018-12-08 10:53:09 +00:00
moneromooo-monero b21a60efd9
mlocker: set default log category 2018-12-07 13:13:24 +00:00
Riccardo Spagni 16dc6900fb
Merge pull request #4883
40485a73 mlocker: fix access to global lock map after dtor on exit (moneromooo-monero)
2018-12-04 17:30:46 +02:00
Riccardo Spagni d4a0fb2b89
Merge pull request #4880
96e6b439 blockchain_stats: don't use gmtime_r on Windows (moneromooo-monero)
2018-12-04 17:29:46 +02:00
Riccardo Spagni 3d745573d7
Merge pull request #4876
1132436f Only show a single mlock() error, to avoid flooding the log (Martijn Otto)
2018-12-04 17:16:29 +02:00
Riccardo Spagni f6e8ab0dc6
Merge pull request #4875
23829ebb mlocker: don't throw from lock/unlock (moneromooo-monero)
2018-12-04 17:15:07 +02:00
Riccardo Spagni c00ac446fd
Merge pull request #4854
bd98e99c Removed a lot of unnecessary includes (Martijn Otto)
2018-12-04 17:08:42 +02:00
Riccardo Spagni 398f7076bb
Merge pull request #4853
2b3595d0 various: do not propagate exception through dtor (moneromooo-monero)
2018-12-04 17:07:51 +02:00
moneromooo-monero 4d71d46373
mlocker: remove early page size log
It comes before the logger is initialized, so gets displayed
even though it should not be by default, and apparenly comes
too early for (some versions of) Android, where it crashes.
2018-11-30 16:52:50 +00:00
Martijn Otto 1132436f97
Only show a single mlock() error, to avoid flooding the log 2018-11-26 09:37:07 +01:00
moneromooo-monero 40485a73b6
mlocker: fix access to global lock map after dtor on exit
as the lock, it now leaks
2018-11-22 01:43:42 +00:00
moneromooo-monero 96e6b43970
blockchain_stats: don't use gmtime_r on Windows
In some cases, it doesn't like it (I don't know the details).

Factor into a new epee function
2018-11-21 00:50:53 +00:00
moneromooo-monero 23829ebb09
mlocker: don't throw from lock/unlock
This prevents exceptions from showing up in various awkward
places such as dtors, since the only exception that can be
thrown is a lock failure, and nothing handles a lock failure
anyway.
2018-11-20 15:26:00 +00:00
Riccardo Spagni 42dbb3aa1b
Merge pull request #4785
0cfd2ae5 mlocker: fix dtor ordering problem (moneromooo-monero)
2018-11-16 11:06:09 +02:00
Martijn Otto bd98e99c80
Removed a lot of unnecessary includes 2018-11-15 17:29:34 +01:00
moneromooo-monero 2b3595d0fe
various: do not propagate exception through dtor
Coverity 189689, 189690, 189692, 189695
2018-11-15 15:53:21 +00:00
moneromooo-monero 0cfd2ae5e7
mlocker: fix dtor ordering problem
leak the mutex instead, it's a one off
2018-11-02 12:59:43 +00:00
moneromooo-monero 2362baf735
network_throttle: initialize m_last_sample_time in ctor
Coverity 136593
2018-10-29 16:23:14 +00:00
Riccardo Spagni 442c58e994
Merge pull request #4573
8f3c7937 readline_buffer: fix "cursor in prompt" bug (moneromooo-monero)
2018-10-26 22:34:04 +02:00
Riccardo Spagni 6ef07b10b9
Merge pull request #4520
2e2daebc ANSI colors in Windows 10 (iDunk5400)
2018-10-20 20:34:47 +02:00
moneromooo-monero 8f3c793749
readline_buffer: fix "cursor in prompt" bug
It happens when readline displays a prompt just before switching
to a shorter one
2018-10-12 21:03:59 +00:00
iDunk5400 2e2daebcc9
ANSI colors in Windows 10 2018-10-08 14:56:16 +02:00
moneromooo-monero 00901e9c93
epee: initialize a few data members where it seems to be appropriate 2018-10-02 17:28:50 +00:00
moneromooo-monero 758d768486
connection_basic: remove unused floating time start time 2018-10-02 17:28:46 +00:00
Riccardo Spagni effcbf2060
Merge pull request #4459
bcf3f6af fuzz_tests: catch unhandled exceptions (moneromooo-monero)
3ebd05d4 miner: restore stream flags after changing them (moneromooo-monero)
a093092e levin_protocol_handler_async: do not propagate exception through dtor (moneromooo-monero)
1eebb82b net_helper: do not propagate exceptions through dtor (moneromooo-monero)
fb6a3630 miner: do not propagate exceptions through dtor (moneromooo-monero)
2e2139ff epee: do not propagate exception through dtor (moneromooo-monero)
0749a8bd db_lmdb: do not propagate exceptions in dtor (moneromooo-monero)
1b0afeeb wallet_rpc_server: exit cleanly on unhandled exceptions (moneromooo-monero)
418a9936 unit_tests: catch unhandled exceptions (moneromooo-monero)
ea7f9543 threadpool: do not propagate exceptions through the dtor (moneromooo-monero)
6e855422 gen_multisig: nice exit on unhandled exception (moneromooo-monero)
53df2deb db_lmdb: catch error in mdb_stat calls during migration (moneromooo-monero)
e67016dd blockchain_blackball: catch failure to commit db transaction (moneromooo-monero)
661439f4 mlog: don't remove old logs if we failed to rename the current file (moneromooo-monero)
5fdcda50 easylogging++: test for NULL before dereference (moneromooo-monero)
7ece1550 performance_test: fix bad last argument calling add_arg (moneromooo-monero)
a085da32 unit_tests: add check for page size > 0 before dividing (moneromooo-monero)
d8b1ec8b unit_tests: use std::shared_ptr to shut coverity up about leaks (moneromooo-monero)
02563bf4 simplewallet: top level exception catcher to print nicer messages (moneromooo-monero)
c57a65b2 blockchain_blackball: fix shift range for 32 bit archs (moneromooo-monero)
2018-09-29 22:20:38 +02:00
Riccardo Spagni b4ec67b2f7
Merge pull request #4443
b2972927 osx compilation fix: missing boost libs added (Dusan Klinec)
2018-09-29 22:20:09 +02:00
Riccardo Spagni b88bbf59c3
Merge pull request #4377
4d52ec0c mlog: do not display http errors by default (moneromooo-monero)
2018-09-21 20:41:17 +02:00
moneromooo-monero 4d52ec0ca4
mlog: do not display http errors by default
They're controllable by potential attackers and would just spam
2018-09-14 09:23:00 +00:00
moneromooo-monero 07ec748c82
wipeable_string: add hex_to_pod function 2018-09-12 09:26:09 +00:00
luigi1111 140eb78231
Merge pull request #4179
262e391 mlog: handle filenames without parent directories (moneromooo-monero)
2018-08-22 20:39:09 -05:00
moneromooo-monero 70271fa788
common: add a class to safely wrap mlock/munlock
This class will allow mlocking small objects, of which there
may be several per page. It adds refcounting so pages are only
munlocked when the last object on that page munlocks.
2018-08-16 11:57:46 +00:00
moneromooo-monero ea37614efe
wallet: wipe seed from memory where appropriate 2018-08-16 09:17:52 +00:00
moneromooo-monero 262e391fb1
mlog: handle filenames without parent directories
eg, --log-file=foo.log

This would otherwise throw and crash with a stack overflow
2018-07-26 22:49:54 +01:00
moneromooo-monero 8d578f1f2d
memwipe: don't call the workhorse for 0 bytes
Some of them don't like it
2018-07-10 15:37:22 +01:00
luigi1111 c0c6102260
Merge pull request #3972
8766528 epee: fallback to a counter if gmtime fails when rotating logs (moneromooo-monero)
2018-06-25 15:21:25 -05:00
stoffu 63d0ab09b5
mlog: --max-log-files to set the max number of rotated log files 2018-06-13 12:44:27 +09:00
moneromooo-monero 87665281ea
epee: fallback to a counter if gmtime fails when rotating logs 2018-06-09 19:23:48 +01:00
moneromooo-monero 18c2f6e21d
mlog: fix setting no logs 2018-04-25 20:42:11 +01:00
moneromooo-monero 4789f8598f
wipeable_string: don't try to wipe an empty buffer
memset_s doesn't like it
2018-02-18 14:02:36 +00:00
stoffu dfabc005d1
memwipe: add missing #include <stdio.h> 2018-02-17 01:06:05 +09:00
Riccardo Spagni 0c71197892
Merge pull request #3217
fde4489e wipeable_string: call memwipe directly (moneromooo-monero)
2018-02-16 14:23:08 +01:00
Riccardo Spagni 666a76652b
Merge pull request #3187
851bd057 call _exit instead of abort in release mode (moneromooo-monero)
2018-02-16 14:20:31 +01:00
moneromooo-monero 851bd057ec
call _exit instead of abort in release mode
Avoids cores being created, as they're nowadays often piped
to some call home system
2018-02-01 13:32:46 +00:00
moneromooo-monero fde4489e1d
wipeable_string: call memwipe directly
since the original reason for the indirect call (that memwipe
was not in contrib) is now gone
2018-01-31 12:25:30 +00:00
xmr-eric 84a7f6a482 Readd copyright starting date 2018-01-26 10:03:20 -05:00
xmr-eric 18216f19dd Update 2018 copyright 2018-01-26 10:03:20 -05:00
Jethro Grassie 21bd21576d
remove unnecessary include 2018-01-18 19:03:05 -05:00
Jethro Grassie be1826c0fb
Keep readline optional 2018-01-11 13:51:13 -05:00
Riccardo Spagni 1c11ec71b5
Merge pull request #2995
6ccc51f6 wipeable_string: fix buffer overread (moneromooo-monero)
2018-01-10 11:53:42 +01:00
moneromooo-monero fdd4c5e577
move memwipe to epee to avoid common<->crypto circular dependencies 2018-01-10 01:57:54 +00:00
moneromooo-monero 40ab12a773
epee: remove dependency on common 2018-01-10 01:57:51 +00:00
Riccardo Spagni 2b00899bb2
Merge pull request #2920
bd5cce07 network_throttle: fix ineffective locking (moneromooo-monero)
e0a61299 network_throttle: remove unused xxx static member (moneromooo-monero)
24f584d9 cryptonote_core: remove unused functions with off by one bugs (moneromooo-monero)
b1634aa3 blockchain: don't leave dangling pointers in this (moneromooo-monero)
8e60b81c cryptonote_core: fix db leak on error (moneromooo-monero)
213e326c abstract_tcp_server2: log init_server errors as fatal (moneromooo-monero)
b51dc566 use const refs in for loops for non tiny types (moneromooo-monero)
f0568ca6 net_parse_helpers: fix regex error checking (moneromooo-monero)
b49ddc76 check accessing an element past the end of a container (moneromooo-monero)
2305bf26 check return value for generate_key_derivation and derive_public_key (moneromooo-monero)
a4240d9f catch const exceptions (moneromooo-monero)
45a1c4c0 add empty container sanity checks when using front() and back() (moneromooo-monero)
56fa6ce1 tests: fix a buffer overread in a unit test (moneromooo-monero)
b4524892 rpc: guard against json parsing a non object (moneromooo-monero)
c2ed8618 easylogging++: avoid buffer underflow (moneromooo-monero)
187a6ab2 epee: trap failure to parse URI from request (moneromooo-monero)
061789b5 checkpoints: trap failure to load JSON checkpoints (moneromooo-monero)
ba2fefb9 checkpoints: pass std::string by const ref, not const value (moneromooo-monero)
38c8f4e0 mlog: terminate a string at last char, just in case (moneromooo-monero)
d753d716 fix a few leaks by throwing objects, not newed pointers to objects (moneromooo-monero)
fe568db8 p2p: use size_t for arbitrary counters instead of uint8_t (moneromooo-monero)
46d6fa35 cryptonote_protocol: sanity check chain hashes from peer (moneromooo-monero)
25584f86 cryptonote_protocol: print peer versions when unexpected (moneromooo-monero)
490a5d41 rpc: do not try to use an invalid txid in relay_tx (moneromooo-monero)
2017-12-25 21:17:52 +02:00
moneromooo-monero 6ccc51f645
wipeable_string: fix buffer overread 2017-12-23 15:30:04 +00:00
moneromooo-monero 6c94516fb4
wipeable_string: move a wipe from reserve to grow
That way, all implicit wipes ends up in grow, which is more robust
2017-12-19 14:06:42 +00:00
moneromooo-monero 5f801b6adf
wipeable_string: ignore reserve size less than actual size
This was asserting, but stoffu pointed out the std::string standard
considers this ok and ignorable
2017-12-19 14:00:41 +00:00
moneromooo-monero 9ec44a2b06
wipeable_string: fix clear and push_back 2017-12-19 11:55:45 +00:00
moneromooo-monero bd5cce07b3
network_throttle: fix ineffective locking 2017-12-18 15:16:11 +00:00
moneromooo-monero e0a61299fb
network_throttle: remove unused xxx static member 2017-12-18 15:16:09 +00:00
moneromooo-monero 38c8f4e0a3
mlog: terminate a string at last char, just in case 2017-12-18 15:15:16 +00:00
Riccardo Spagni 066fd7aced
Merge pull request #2877
43f5269f Wallets now do not depend on the daemon rpc lib (moneromooo-monero)
bb89ae8b move connection_basic and network_throttle from src/p2p to epee (moneromooo-monero)
4abf25f3 cryptonote_core does not depend on p2p anymore (moneromooo-monero)
2017-12-17 12:59:44 +02:00
moneromooo-monero bb89ae8b20
move connection_basic and network_throttle from src/p2p to epee
These even had the epee namespace.
This fixes some ugly circular dependencies.
2017-12-16 23:28:43 +00:00
moneromooo-monero 09ce03d612
move includes around to lessen overall load 2017-12-16 22:46:38 +00:00
moneromooo-monero 3dffe71b72
new wipeable_string class to replace std::string passphrases 2017-11-27 22:25:57 +00:00
moneromooo-monero 178014c995
split off readline code into epee_readline 2017-11-14 17:06:35 +00:00
redfish 4b228dd356 cmake: epee: use var from FindOpenSSL.cmake
This fixes linking when path to openssl
is defined manually:
cmake -DOPENSSL_ROOT_DIR='/usr/include/openssl-1.0;/usr/lib/openssl-1.0' ...

This is useful for building with OpenSSL v1.0
when default system installation is v1.1.

The linking error is undefined SSL_load_error_strings symbol.
This is due to -L /usr/lib/openssl-1.0 not making it onto
the linkline (so -lssl pulls in the default system openssl).
2017-10-17 16:13:07 -04:00
moneromooo-monero 52ec0e7f4e
epee: link against ssl/crypto for the new SSL code 2017-10-15 19:11:34 +01:00
moneromooo-monero bc1b93333e
frob level 1 logs a bit for consistency
Level 1 logs map to INFO, so setting log level to 1 should
show these. Demote some stuff to DEBUG to avoid spam, though.
2017-10-07 20:03:42 +01:00
Lee Clagett 8b00687735 Upgrades to epee::net_utils::network_address
- internal nullptr checks
  - prevent modifications to network_address (shallow copy issues)
  - automagically works with any type containing interface functions
  - removed fnv1a hashing
  - ipv4_network_address now flattened with no base class
2017-10-05 11:57:09 -04:00
Riccardo Spagni 3bab2676ec
Merge pull request #2512
792ba4f0 Log categories can now be added to and removed from (moneromooo-monero)
48f92eb6 easylogging++: add categories getter (moneromooo-monero)
f35afe62 epee: factor log level/categories setting (moneromooo-monero)
2017-10-02 23:28:59 +04:00
moneromooo-monero 792ba4f0fe
Log categories can now be added to and removed from
Also, set_log without parameters now prints the log categories
2017-09-22 18:08:14 +01:00
moneromooo-monero f35afe62a4
epee: factor log level/categories setting 2017-09-22 14:14:58 +01:00
selsta 91def9a59b daemon, wallet: add --max-log-file-size option 2017-09-17 04:42:45 +02:00
Howard Chu c088d38a57
Simplify readline support
And don't use std::mutex
2017-08-22 08:30:04 +01:00
Jethro Grassie 1249a2a550
Construct on first use for completion_commands 2017-08-16 09:34:32 -04:00
Jethro Grassie 67dd4933e6
Add sync lock on stop
Also added and moved two free's hoping to fix leaks.
2017-08-16 08:58:12 -04:00
moneromooo-monero cb2d5110ff
Tweak net logs so we get more info on why networking can't start
This should prevent "silent" failures to start
2017-08-15 19:49:25 +01:00
Riccardo Spagni b76ba219d9
Merge pull request #2189
335fc8ab mlog: fix crash accessing stale data when rotating logs (moneromooo-monero)
2017-08-07 15:25:46 +02:00
Riccardo Spagni 5ef8b76b32
Merge pull request #2197
d75cff1a Fix readline prompt when command does not output (Jethro Grassie)
2017-08-07 15:08:17 +02:00
Jethro Grassie d75cff1a0e
Fix readline prompt when command does not output 2017-07-24 09:54:27 -04:00
moneromooo-monero 599436a452
mlog: default to msgwriter logs only for log level 1
There might be privacy issues doing it by default
2017-07-24 10:34:52 +01:00
moneromooo-monero 335fc8ab23
mlog: fix crash accessing stale data when rotating logs 2017-07-22 19:15:44 +01:00
Riccardo Spagni ab594cfee9
Merge pull request #2159
6955976b Add various readline related fixes (Jethro Grassie)
2017-07-19 11:52:27 +02:00
Riccardo Spagni e050853ed3
Merge pull request #2157
6a23cd07 Add notification on stop (Jethro Grassie)
2017-07-19 11:52:11 +02:00