diff options
| author | Riccardo Spagni <ric@spagni.net> | 2015-03-26 13:49:50 +0200 |
|---|---|---|
| committer | Riccardo Spagni <ric@spagni.net> | 2015-03-26 13:50:06 +0200 |
| commit | 65d6d36449695b65d8d746509bff4606746cc329 (patch) | |
| tree | d9365feebea17feaa388d2683232f3e9d330890d /src/cryptonote_core | |
| parent | Merge pull request #242 (diff) | |
| parent | Enforce DNSSEC for checkpoint updates (diff) | |
| download | monero-65d6d36449695b65d8d746509bff4606746cc329.tar.xz | |
Merge pull request #244
e6740ee Enforce DNSSEC for checkpoint updates (Thomas Winget)
dbf46a7 DNSSEC added (hardcoded key) (Thomas Winget)
Diffstat (limited to 'src/cryptonote_core')
| -rw-r--r-- | src/cryptonote_core/checkpoints_create.cpp | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/src/cryptonote_core/checkpoints_create.cpp b/src/cryptonote_core/checkpoints_create.cpp index 2cc9a8164..43f926682 100644 --- a/src/cryptonote_core/checkpoints_create.cpp +++ b/src/cryptonote_core/checkpoints_create.cpp @@ -138,21 +138,34 @@ bool load_checkpoints_from_dns(cryptonote::checkpoints& checkpoints, bool testne size_t cur_index = first_index; do { + std::string url; if (testnet) { - records = tools::DNSResolver::instance().get_txt_record(testnet_dns_urls[cur_index], avail, valid); + url = testnet_dns_urls[cur_index]; } else { - records = tools::DNSResolver::instance().get_txt_record(dns_urls[cur_index], avail, valid); + url = dns_urls[cur_index]; } - if (records.size() == 0 || (avail && !valid)) + + records = tools::DNSResolver::instance().get_txt_record(url, avail, valid); + if (!avail) + { + LOG_PRINT_L2("DNSSEC not available for checkpoint update at URL: " << url << ", skipping."); + } + if (!valid) + { + LOG_PRINT_L2("DNSSEC validation failed for checkpoint update at URL: " << url << ", skipping."); + } + + if (records.size() == 0 || !avail || !valid) { cur_index++; if (cur_index == dns_urls.size()) { cur_index = 0; } + records.clear(); continue; } break; @@ -160,13 +173,7 @@ bool load_checkpoints_from_dns(cryptonote::checkpoints& checkpoints, bool testne if (records.size() == 0) { - LOG_PRINT_L1("Fetching MoneroPulse checkpoints failed, no TXT records available."); - return true; - } - - if (avail && !valid) - { - LOG_PRINT_L0("WARNING: MoneroPulse failed DNSSEC validation and/or returned no records"); + LOG_PRINT_L0("WARNING: All MoneroPulse checkpoint URLs failed DNSSEC validation and/or returned no records"); return true; } |