Commit Graph

8568 Commits

Author SHA1 Message Date
TheCharlatan 8f2227940d Depends: Update HIDAPI version
The macos binaries in release v0.14.1.0 were compiled with the buggy
hidapi-0.8.0-rc1 version. This resulted in users not being able to use
their Ledger with the latest cli wallet. After the patch depends now
fetches the source from the libusb hidapi repository that has taken over
maintenance of hidapi.
2019-06-27 17:32:46 +02:00
TheCharlatan 59eecc7ed1 Update icu4c to latest support version
Before this commit the icu4c repo was fetched from TheCharlatan's
repository. This step was made, because up until recently the source
code was hosted on sourceforge and their downloads proved very
unreliable. The origin is now the official icu4c repository.
Also remove some commented lines left over from development.
2019-06-27 16:31:28 +02:00
anonimal 962dd93eba
README: add beginnings of "Known Issues"
Referencing https://hackerone.com/reports/592094
2019-06-26 22:32:25 +00:00
moneromooo-monero 4237707d3e
p2p: don't forget pruning seed or public RPC port when updating peers
Older nodes don't pass that information around
2019-06-26 10:20:19 +00:00
TheCharlatan afbf05bc58 Add option to run gitian-build.py on non-debian os
This commits adds the `--no-apt` flag to the gitian-build.py script.
This allows gitian builds to be run without root access and non-debian
based operating systems.
2019-06-26 01:21:59 +02:00
TheCharlatan 496cd46d80 Add ncurses package for linux and darwin readline
Readline support is now compiled with the ncurses backend.
2019-06-25 19:16:20 +02:00
Lazaridis 1a6af8032d
distinguish "build status" from "build" 2019-06-25 14:59:33 +03:00
TheCharlatan cbbb24cfe1 Remove clutter in depends installed packages
To speedup the depends cached builds, remove some some clutter from the package
files. This mainly incldues removing all the shared libraries and .la
linker files. It also gives stronger guarantees that monero only links
the static libs without any external rvalues.
2019-06-25 09:21:33 +02:00
TheCharlatan 1dbfc812e1 Add debug targets to depends Makefile
Packages can now be built individually and for each stage. This allows
easier debugging.
2019-06-25 09:20:47 +02:00
Michal vel m@lbit 1db5357c7b rpc headers fix 2019-06-25 01:49:04 +01:00
moneromooo-monero a604241ef6
simplewallet: don't ask about mining when running a command line
This is likely to be done via a script
2019-06-22 10:50:20 +00:00
moneromooo-monero 3768db227c
p2p: add a reference to Cao, Tong et al. for the last_seen changes
"Exploring the Monero Peer-to-Peer Network". https://eprint.iacr.org/2019/411
2019-06-21 10:34:33 +00:00
tobtoht 037f94c54e
Remove Xiala.net from the list of dns resolvers
It is down permanently. See: https://xiala.net/
"Ende November 2018 werden alle Dienste von xiala.net abgeschaltet."
2019-06-21 09:40:10 +00:00
ston1th 7fb4edccdc cmake: fix tests generator
find_package(PythonInterp) needs to be called before the tests.
2019-06-20 18:53:44 +02:00
stoffu 15c699f0a6
rpc: set sanity_check_failed to false when successful 2019-06-20 14:32:49 +09:00
redfish a5127cca89 tests: functional: fix python syntax 2019-06-19 21:41:37 -04:00
moneromooo-monero da3e20ee01
tx_sanity_check: relax the median check a lot
we don't want to prevent bona fide txes, just obvious bad ones
2019-06-19 23:31:38 +00:00
moneromooo-monero 098aadf084
p2p: close the right number of connections on setting max in/out peers 2019-06-19 11:49:36 +00:00
moneromooo-monero fcbf7b3f74
p2p: propagate out peers limit to payload handler 2019-06-19 11:49:36 +00:00
Dusan Klinec 097cca59c1
wallet_api: catch getTxKey exception
- getTxKey method throws an exception, e.g., when user declines txKey export
2019-06-19 12:09:49 +02:00
moneromooo-monero b2bfcab618
wallet2: fix change subaddress mixup when sending pre rct outputs 2019-06-19 09:39:16 +00:00
moneromooo-monero 5d6b43b672
core: fix --prune-blockchain not pruning if no blockchain exists 2019-06-17 16:26:43 +00:00
Dusan Klinec f074b6b571
device: show address on device display
- Trezor: support for device address display (subaddress, integrated address)
- Wallet::API support added
- Simplewallet:
  - address device [<index>]
  - address new <label>  // shows address on device also
  - integrated_address [device] <payment_id|address>  // new optional "device" arg to display also on the device
2019-06-17 16:49:04 +02:00
Dusan Klinec 64fb0f872a
device: tx_key caching fixed, store recovered txkey 2019-06-17 14:53:39 +02:00
Howard Chu 8ccc30b163
Fix --restore-date usage
The wallet was ignoring --restore-height and --restore-date params and
prompting for them again.
2019-06-16 21:11:33 +01:00
moneromooo-monero f81cb4f24b
unit_tests: add more leeway to the "same distribution" check
This is an inherently probabilistic check, which occasionally fails
for a matching distribution
2019-06-16 12:18:28 +00:00
moneromooo-monero 3c071d203f
blockchain: silence an error getting blocks for pruned nodes
This happens often when a pre-pruning node asks a pruned node
for data it does not have
2019-06-16 11:03:41 +00:00
Howard Chu a182df21d0
Bans for RPC connections
Make bans control RPC sessions too. And auto-ban some bad requests.
Drops HTTP connections whenever response code is 500.
2019-06-16 11:38:08 +01:00
moneromooo-monero 2ff99fb47f
db_lmdb: commit pruning txn at checkpoints
to avoid errors when the txn is too large
2019-06-15 09:50:54 +00:00
Riccardo Spagni 6335509727
Merge pull request #5641
633f1542 prep for 0.14.1 release (Riccardo Spagni)
2019-06-14 16:20:02 +02:00
Riccardo Spagni 1d5e8f461d
Merge pull request #5639
2eef90d6 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
0564da5f ensure no NULL is passed to memcpy (moneromooo-monero)
bc09766b abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
1387549e serialization: check stream good flag at the end (moneromooo-monero)
a00cabd4 tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
f2152192 cryptonote: throw on tx hash calculation error (moneromooo-monero)
db2b9fba serialization: fail on read_varint error (moneromooo-monero)
68ad5481 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
1cc61018 cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
8f66b705 cryptonote_protocol_handler: prevent potential DoS (anonimal)
39169ace epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
2019-06-14 16:19:45 +02:00
Riccardo Spagni 633f1542e2
prep for 0.14.1 release 2019-06-14 16:16:52 +02:00
moneromooo-monero 2eef90d6ef
rpc: restrict the recent cutoff size in restricted RPC mode 2019-06-14 08:47:33 +00:00
moneromooo-monero 0564da5fdc
ensure no NULL is passed to memcpy
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
2019-06-14 08:47:29 +00:00
moneromooo-monero bc09766bf9
abstract_tcp_server2: improve DoS resistance 2019-06-14 08:47:26 +00:00
moneromooo-monero 1387549e90
serialization: check stream good flag at the end
just in case
2019-06-14 08:47:23 +00:00
moneromooo-monero a00cabd4f3
tree-hash: allocate variable memory on heap, not stack
Large amounts might run out of stack

Reported by guidov
2019-06-14 08:47:20 +00:00
moneromooo-monero f215219252
cryptonote: throw on tx hash calculation error 2019-06-14 08:47:17 +00:00
moneromooo-monero db2b9fba65
serialization: fail on read_varint error 2019-06-14 08:47:14 +00:00
moneromooo-monero 68ad548193
cryptonote_protocol: fix another potential P2P DoS
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
2019-06-14 08:47:11 +00:00
moneromooo-monero 1cc61018e5
cryptonote_protocol: expand basic DoS protection
Count transactions as well
2019-06-14 08:47:08 +00:00
anonimal 8f66b7053a
cryptonote_protocol_handler: prevent potential DoS
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.

This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
2019-06-14 08:47:05 +00:00
moneromooo-monero 39169ace09
epee: basic sanity check on allocation size from untrusted source
Reported by guidov
2019-06-14 08:47:01 +00:00
moneromooo-monero 69f9420489
core: do not complain about low block rate if disconnected
In that case, we'll still keep the "Monero is now disconnected
from the network" near the end of the log
2019-06-13 10:25:30 +00:00
moneromooo-monero b712ae0af2
rpc: work around a GCC 7.4.0 (at least) bug
In static member function ‘static boost::optional<cryptonote::rpc::output_distribution_data> cryptonote::rpc::RpcHandler::get_output_distribution(const std::function<bool(long unsigned int, long unsigned int, long unsigned int, long unsigned int&, std::vector<long unsigned int>&, long unsigned int&)>&, uint64_t, uint64_t, uint64_t, const std::function<crypto::hash(long unsigned int)>&, bool, uint64_t)’:
cc1plus: warning: ‘void* __builtin_memset(void*, int, long unsigned int)’: specified size 18446744073709551536 exceeds maximum object size 9223372036854775807 [-Wstringop-overflow=]
2019-06-12 22:27:07 +00:00
luigi1111 7b3df89bd4
Merge pull request #5632
3a0fbea Don't use -march=native (hyc)
f8b2f25 Allow parallel make (hyc)
01ced20 Delete redundant cppzmq dependency (hyc)
1dc4ebf Use 9 digit build IDs (hyc)
2019-06-12 14:47:33 -05:00
luigi1111 a22bb544a3
Merge pull request #5552
c27d961 [depends] update openssl to 1.0.2r (who-biz)
2019-06-12 14:43:51 -05:00
Howard Chu 1dc4ebfd6c
Use 9 digit build IDs 2019-06-12 16:47:33 +01:00
moneromooo-monero 03aa14ec87
tx_sanity_check: don't print an error when not enough outs to check 2019-06-12 12:06:14 +00:00
moneromooo-monero 14881094af
rpc: fix get_transactions getting v1 txes from the txpool
It would try to get their prunable hash, but v1 txes don't have one
2019-06-12 11:59:13 +00:00