diff options
author | Riccardo Spagni <ric@spagni.net> | 2014-10-02 16:48:01 +0200 |
---|---|---|
committer | Riccardo Spagni <ric@spagni.net> | 2014-10-02 16:48:05 +0200 |
commit | 1cf22b27a6b95e1e44c35157f5c5ccb73efec9da (patch) | |
tree | 770a470c84cd8c7c7ef816dd2c34078d5aebbc7a /src | |
parent | simplewallet ignoring testnet port in RPC mode (diff) | |
parent | Daemon should now exit on conflicting checkpoints (diff) | |
download | monero-1cf22b27a6b95e1e44c35157f5c5ccb73efec9da.tar.xz |
Merge pull request #165
c0bdd51 Daemon should now exit on conflicting checkpoints (Thomas Winget)
f0b4138 various changes to runtime checkpoint updating (Thomas Winget)
7568f89 Fixed segfault with checkpoints loading (Thomas Winget)
b261d92 DNS checkpoint updating added, and daemon flag to enforce them (Thomas Winget)
30caebf reload checkpoints file every ~hr and print if any fail (Thomas Winget)
0e14491 updated DNSResolver/things that use it for DNSSEC (Thomas Winget)
6f2c2e1 Adding an identical existing checkpoint should not error (Thomas Winget)
Diffstat (limited to 'src')
-rw-r--r-- | src/common/dns_utils.cpp | 12 | ||||
-rw-r--r-- | src/common/dns_utils.h | 8 | ||||
-rw-r--r-- | src/cryptonote_core/blockchain_storage.cpp | 80 | ||||
-rw-r--r-- | src/cryptonote_core/blockchain_storage.h | 7 | ||||
-rw-r--r-- | src/cryptonote_core/checkpoints.cpp | 26 | ||||
-rw-r--r-- | src/cryptonote_core/checkpoints.h | 4 | ||||
-rw-r--r-- | src/cryptonote_core/checkpoints_create.cpp | 193 | ||||
-rw-r--r-- | src/cryptonote_core/checkpoints_create.h | 76 | ||||
-rw-r--r-- | src/cryptonote_core/cryptonote_core.cpp | 52 | ||||
-rw-r--r-- | src/cryptonote_core/cryptonote_core.h | 11 | ||||
-rw-r--r-- | src/daemon/daemon.cpp | 9 | ||||
-rw-r--r-- | src/p2p/net_node.inl | 4 | ||||
-rw-r--r-- | src/wallet/wallet2.cpp | 13 |
13 files changed, 407 insertions, 88 deletions
diff --git a/src/common/dns_utils.cpp b/src/common/dns_utils.cpp index 346761e74..0376ab9a9 100644 --- a/src/common/dns_utils.cpp +++ b/src/common/dns_utils.cpp @@ -118,9 +118,11 @@ DNSResolver::~DNSResolver() } } -std::vector<std::string> DNSResolver::get_ipv4(const std::string& url) +std::vector<std::string> DNSResolver::get_ipv4(const std::string& url, bool& dnssec_available, bool& dnssec_valid) { std::vector<std::string> addresses; + dnssec_available = false; + dnssec_valid = false; char urlC[1000]; // waaaay too big, but just in case... strncpy(urlC, url.c_str(), 999); @@ -148,9 +150,11 @@ std::vector<std::string> DNSResolver::get_ipv4(const std::string& url) return addresses; } -std::vector<std::string> DNSResolver::get_ipv6(const std::string& url) +std::vector<std::string> DNSResolver::get_ipv6(const std::string& url, bool& dnssec_available, bool& dnssec_valid) { std::vector<std::string> addresses; + dnssec_available = false; + dnssec_valid = false; char urlC[1000]; // waaaay too big, but just in case... strncpy(urlC, url.c_str(), 999); @@ -178,9 +182,11 @@ std::vector<std::string> DNSResolver::get_ipv6(const std::string& url) return addresses; } -std::vector<std::string> DNSResolver::get_txt_record(const std::string& url) +std::vector<std::string> DNSResolver::get_txt_record(const std::string& url, bool& dnssec_available, bool& dnssec_valid) { std::vector<std::string> records; + dnssec_available = false; + dnssec_valid = false; char urlC[1000]; // waaaay too big, but just in case... strncpy(urlC, url.c_str(), 999); diff --git a/src/common/dns_utils.h b/src/common/dns_utils.h index dd6946dc4..9958e4ca2 100644 --- a/src/common/dns_utils.h +++ b/src/common/dns_utils.h @@ -71,9 +71,11 @@ public: * * @param url A string containing a URL to query for * + * @param dnssec_available + * * @return vector of strings containing ipv4 addresses */ - std::vector<std::string> get_ipv4(const std::string& url); + std::vector<std::string> get_ipv4(const std::string& url, bool& dnssec_available, bool& dnssec_valid); /** * @brief gets ipv6 addresses from DNS query @@ -85,7 +87,7 @@ public: * * @return vector of strings containing ipv6 addresses */ - std::vector<std::string> get_ipv6(const std::string& url); + std::vector<std::string> get_ipv6(const std::string& url, bool& dnssec_available, bool& dnssec_valid); /** * @brief gets all TXT records from a DNS query for the supplied URL; @@ -96,7 +98,7 @@ public: * @return A vector of strings containing a TXT record; or an empty vector */ // TODO: modify this to accomodate DNSSEC - std::vector<std::string> get_txt_record(const std::string& url); + std::vector<std::string> get_txt_record(const std::string& url, bool& dnssec_available, bool& dnssec_valid); /** * @brief Gets the singleton instance of DNSResolver diff --git a/src/cryptonote_core/blockchain_storage.cpp b/src/cryptonote_core/blockchain_storage.cpp index e664a39c5..6f1b4121c 100644 --- a/src/cryptonote_core/blockchain_storage.cpp +++ b/src/cryptonote_core/blockchain_storage.cpp @@ -47,6 +47,7 @@ #include "common/boost_serialization_helper.h" #include "warnings.h" #include "crypto/hash.h" +#include "cryptonote_core/checkpoints_create.h" //#include "serialization/json_archive.h" using namespace cryptonote; @@ -441,6 +442,13 @@ difficulty_type blockchain_storage::get_difficulty_for_next_block() bool blockchain_storage::rollback_blockchain_switching(std::list<block>& original_chain, size_t rollback_height) { CRITICAL_REGION_LOCAL(m_blockchain_lock); + + // fail if rollback_height passed is too high + if (rollback_height > m_blocks.size()) + { + return true; + } + //remove failed subchain for(size_t i = m_blocks.size()-1; i >=rollback_height; i--) { @@ -1773,3 +1781,75 @@ bool blockchain_storage::add_new_block(const block& bl_, block_verification_cont return handle_block_to_main_chain(bl, id, bvc); } +//------------------------------------------------------------------ +void blockchain_storage::check_against_checkpoints(checkpoints& points, bool enforce) +{ + const auto& pts = points.get_points(); + + for (const auto& pt : pts) + { + // if the checkpoint is for a block we don't have yet, move on + if (pt.first >= m_blocks.size()) + { + continue; + } + + if (!m_checkpoints.check_block(pt.first, get_block_hash(m_blocks[pt.first].bl))) + { + // if asked to enforce checkpoints, roll back to a couple of blocks before the checkpoint + if (enforce) + { + LOG_ERROR("Checkpoint failed when adding new checkpoints, rolling back!"); + std::list<block> empty; + rollback_blockchain_switching(empty, pt.first - 2); + } + else + { + LOG_ERROR("Checkpoint failed when adding new checkpoints, this could be very bad."); + } + } + } +} +//------------------------------------------------------------------ +// returns false if any of the checkpoints loading returns false. +// That should happen only if a checkpoint is added that conflicts +// with an existing checkpoint. +bool blockchain_storage::update_checkpoints(const std::string& file_path, bool check_dns) +{ + if (!cryptonote::load_checkpoints_from_json(m_checkpoints, file_path)) + { + return false; + } + + // if we're checking both dns and json, load checkpoints from dns. + // if we're not hard-enforcing dns checkpoints, handle accordingly + if (m_enforce_dns_checkpoints && check_dns) + { + if (!cryptonote::load_checkpoints_from_dns(m_checkpoints)) + { + return false; + } + } + else if (check_dns) + { + checkpoints dns_points; + cryptonote::load_checkpoints_from_dns(dns_points); + if (m_checkpoints.check_for_conflicts(dns_points)) + { + check_against_checkpoints(dns_points, false); + } + else + { + LOG_PRINT_L0("One or more checkpoints fetched from DNS conflicted with existing checkpoints!"); + } + } + + check_against_checkpoints(m_checkpoints, true); + + return true; +} +//------------------------------------------------------------------ +void blockchain_storage::set_enforce_dns_checkpoints(bool enforce_checkpoints) +{ + m_enforce_dns_checkpoints = enforce_checkpoints; +} diff --git a/src/cryptonote_core/blockchain_storage.h b/src/cryptonote_core/blockchain_storage.h index 0f7295516..08c007a4a 100644 --- a/src/cryptonote_core/blockchain_storage.h +++ b/src/cryptonote_core/blockchain_storage.h @@ -78,7 +78,7 @@ namespace cryptonote uint64_t already_generated_coins; }; - blockchain_storage(tx_memory_pool& tx_pool):m_tx_pool(tx_pool), m_current_block_cumul_sz_limit(0), m_is_in_checkpoint_zone(false), m_is_blockchain_storing(false) + blockchain_storage(tx_memory_pool& tx_pool):m_tx_pool(tx_pool), m_current_block_cumul_sz_limit(0), m_is_in_checkpoint_zone(false), m_is_blockchain_storing(false), m_enforce_dns_checkpoints(false) {}; bool init() { return init(tools::get_default_data_dir(), true); } @@ -180,6 +180,9 @@ namespace cryptonote void print_blockchain(uint64_t start_index, uint64_t end_index); void print_blockchain_index(); void print_blockchain_outs(const std::string& file); + void check_against_checkpoints(checkpoints& points, bool enforce); + bool update_checkpoints(const std::string& file_path, bool check_dns); + void set_enforce_dns_checkpoints(bool enforce_checkpoints); private: typedef std::unordered_map<crypto::hash, size_t> blocks_by_id_index; @@ -214,6 +217,8 @@ namespace cryptonote std::atomic<bool> m_is_in_checkpoint_zone; std::atomic<bool> m_is_blockchain_storing; + bool m_enforce_dns_checkpoints; + bool switch_to_alternative_blockchain(std::list<blocks_ext_by_hash::iterator>& alt_chain, bool discard_disconnected_chain); bool pop_block_from_blockchain(); bool purge_block_data_from_blockchain(const block& b, size_t processed_tx_count); diff --git a/src/cryptonote_core/checkpoints.cpp b/src/cryptonote_core/checkpoints.cpp index c76a23841..25759792b 100644 --- a/src/cryptonote_core/checkpoints.cpp +++ b/src/cryptonote_core/checkpoints.cpp @@ -44,8 +44,13 @@ namespace cryptonote { crypto::hash h = null_hash; bool r = epee::string_tools::parse_tpod_from_hex_string(hash_str, h); - CHECK_AND_ASSERT_MES(r, false, "WRONG HASH IN CHECKPOINTS!!!"); - CHECK_AND_ASSERT_MES(0 == m_points.count(height), false, "WRONG HASH IN CHECKPOINTS!!!"); + CHECK_AND_ASSERT_MES(r, false, "Failed to parse checkpoint hash string into binary representation!"); + + // return false if adding at a height we already have AND the hash is different + if (m_points.count(height)) + { + CHECK_AND_ASSERT_MES(h == m_points[height], false, "Checkpoint at given height already exists, and hash for new checkpoint was different!"); + } m_points[height] = h; return true; } @@ -93,6 +98,7 @@ namespace cryptonote uint64_t checkpoint_height = it->first; return checkpoint_height < block_height; } + //--------------------------------------------------------------------------- uint64_t checkpoints::get_max_height() { std::map< uint64_t, crypto::hash >::const_iterator highest = @@ -101,5 +107,21 @@ namespace cryptonote boost::bind(&std::map< uint64_t, crypto::hash >::value_type::first, _2 ) ) ); return highest->first; } + //--------------------------------------------------------------------------- + const std::map<uint64_t, crypto::hash>& checkpoints::get_points() + { + return m_points; + } + bool checkpoints::check_for_conflicts(checkpoints& other) + { + for (auto& pt : other.get_points()) + { + if (m_points.count(pt.first)) + { + CHECK_AND_ASSERT_MES(pt.second == m_points[pt.first], false, "Checkpoint at given height already exists, and hash for new checkpoint was different!"); + } + } + return true; + } } diff --git a/src/cryptonote_core/checkpoints.h b/src/cryptonote_core/checkpoints.h index 3dee48682..132917228 100644 --- a/src/cryptonote_core/checkpoints.h +++ b/src/cryptonote_core/checkpoints.h @@ -30,6 +30,7 @@ #pragma once #include <map> +#include <vector> #include "cryptonote_basic_impl.h" @@ -45,7 +46,8 @@ namespace cryptonote bool check_block(uint64_t height, const crypto::hash& h, bool& is_a_checkpoint) const; bool is_alternative_block_allowed(uint64_t blockchain_height, uint64_t block_height) const; uint64_t get_max_height(); - + const std::map<uint64_t, crypto::hash>& get_points(); + bool check_for_conflicts(checkpoints& other); private: std::map<uint64_t, crypto::hash> m_points; }; diff --git a/src/cryptonote_core/checkpoints_create.cpp b/src/cryptonote_core/checkpoints_create.cpp new file mode 100644 index 000000000..808bc46a7 --- /dev/null +++ b/src/cryptonote_core/checkpoints_create.cpp @@ -0,0 +1,193 @@ +// Copyright (c) 2014, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers + +#include "checkpoints_create.h" +#include "common/dns_utils.h" +#include "include_base_utils.h" +#include <sstream> +#include <random> +#include "storages/portable_storage_template_helper.h" // epee json include + +namespace cryptonote +{ + +struct t_hashline +{ + uint64_t height; + std::string hash; + BEGIN_KV_SERIALIZE_MAP() + KV_SERIALIZE(height) + KV_SERIALIZE(hash) + END_KV_SERIALIZE_MAP() +}; + +struct t_hash_json { + std::vector<t_hashline> hashlines; + BEGIN_KV_SERIALIZE_MAP() + KV_SERIALIZE(hashlines) + END_KV_SERIALIZE_MAP() +}; + +bool create_checkpoints(cryptonote::checkpoints& checkpoints) +{ + ADD_CHECKPOINT(1, "771fbcd656ec1464d3a02ead5e18644030007a0fc664c0a964d30922821a8148"); + ADD_CHECKPOINT(10, "c0e3b387e47042f72d8ccdca88071ff96bff1ac7cde09ae113dbb7ad3fe92381"); + ADD_CHECKPOINT(100, "ac3e11ca545e57c49fca2b4e8c48c03c23be047c43e471e1394528b1f9f80b2d"); + ADD_CHECKPOINT(1000, "5acfc45acffd2b2e7345caf42fa02308c5793f15ec33946e969e829f40b03876"); + ADD_CHECKPOINT(10000, "c758b7c81f928be3295d45e230646de8b852ec96a821eac3fea4daf3fcac0ca2"); + ADD_CHECKPOINT(22231, "7cb10e29d67e1c069e6e11b17d30b809724255fee2f6868dc14cfc6ed44dfb25"); + ADD_CHECKPOINT(29556, "53c484a8ed91e4da621bb2fa88106dbde426fe90d7ef07b9c1e5127fb6f3a7f6"); + ADD_CHECKPOINT(50000, "0fe8758ab06a8b9cb35b7328fd4f757af530a5d37759f9d3e421023231f7b31c"); + ADD_CHECKPOINT(80000, "a62dcd7b536f22e003ebae8726e9e7276f63d594e264b6f0cd7aab27b66e75e3"); + ADD_CHECKPOINT(202612, "bbd604d2ba11ba27935e006ed39c9bfdd99b76bf4a50654bc1e1e61217962698"); + ADD_CHECKPOINT(202613, "e2aa337e78df1f98f462b3b1e560c6b914dec47b610698b7b7d1e3e86b6197c2"); + ADD_CHECKPOINT(202614, "c29e3dc37d8da3e72e506e31a213a58771b24450144305bcba9e70fa4d6ea6fb"); + ADD_CHECKPOINT(205000, "5d3d7a26e6dc7535e34f03def711daa8c263785f73ec1fadef8a45880fde8063"); + ADD_CHECKPOINT(220000, "9613f455933c00e3e33ac315cc6b455ee8aa0c567163836858c2d9caff111553"); + ADD_CHECKPOINT(230300, "bae7a80c46859db355556e3a9204a337ae8f24309926a1312323fdecf1920e61"); + ADD_CHECKPOINT(230700, "93e631240ceac831da1aebfc5dac8f722c430463024763ebafa888796ceaeedf"); + ADD_CHECKPOINT(231350, "b5add137199b820e1ea26640e5c3e121fd85faa86a1e39cf7e6cc097bdeb1131"); + ADD_CHECKPOINT(232150, "955de8e6b6508af2c24f7334f97beeea651d78e9ade3ab18fec3763be3201aa8"); + + return true; +} + +bool load_checkpoints_from_json(cryptonote::checkpoints& checkpoints, std::string json_hashfile_fullpath) +{ + boost::system::error_code errcode; + if (! (boost::filesystem::exists(json_hashfile_fullpath, errcode))) + { + LOG_PRINT_L0("Blockchain checkpoints file not found"); + return true; + } + + LOG_PRINT_L0("Adding checkpoints from blockchain hashfile"); + + uint64_t prev_max_height = checkpoints.get_max_height(); + LOG_PRINT_L0("Hard-coded max checkpoint height is " << prev_max_height); + t_hash_json hashes; + epee::serialization::load_t_from_json_file(hashes, json_hashfile_fullpath); + for (std::vector<t_hashline>::const_iterator it = hashes.hashlines.begin(); it != hashes.hashlines.end(); ) + { + uint64_t height; + height = it->height; + if (height <= prev_max_height) { + LOG_PRINT_L0("ignoring checkpoint height " << height); + } else { + std::string blockhash = it->hash; + LOG_PRINT_L0("Adding checkpoint height " << height << ", hash=" << blockhash); + ADD_CHECKPOINT(height, blockhash); + } + ++it; + } + + return true; +} + +bool load_checkpoints_from_dns(cryptonote::checkpoints& checkpoints) +{ + static const std::vector<std::string> dns_urls = { "checkpoints.moneropulse.se" + , "checkpoints.moneropulse.org" + , "checkpoints.moneropulse.net" + , "checkpoints.moneropulse.co" + }; + bool avail, valid; + std::vector<std::string> records; + + std::random_device rd; + std::mt19937 gen(rd()); + std::uniform_int_distribution<int> dis(0, dns_urls.size() - 1); + int first_index = dis(gen); + + int cur_index = first_index; + do + { + records = tools::DNSResolver::instance().get_txt_record(dns_urls[cur_index], avail, valid); + if (records.size() == 0 || (avail && !valid)) + { + cur_index++; + if (cur_index == dns_urls.size()) + { + cur_index = 0; + } + continue; + } + break; + } while (cur_index != first_index); + + if (records.size() == 0) + { + LOG_PRINT_L1("Fetching checkpoints from DNS TXT records failed, no TXT records available."); + return true; + } + + if (avail && !valid) + { + LOG_PRINT_L0("DNSSEC present and failed validation for query last url, and all other urls either failed validation or returned no records"); + return true; + } + + for (auto& record : records) + { + auto pos = record.find(":"); + if (pos != std::string::npos) + { + uint64_t height; + crypto::hash hash; + + // parse the first part as uint64_t, + // if this fails move on to the next record + std::stringstream ss(record.substr(0, pos)); + if (!(ss >> height)) + { + continue; + } + + // parse the second part as crypto::hash, + // if this fails move on to the next record + std::string hashStr = record.substr(pos + 1); + if (!epee::string_tools::parse_tpod_from_hex_string(hashStr, hash)) + { + continue; + } + + ADD_CHECKPOINT(height, hashStr); + } + } + return true; +} + +bool load_new_checkpoints(cryptonote::checkpoints& checkpoints, std::string json_hashfile_fullpath) +{ + // TODO: replace hard-coded url with const string or #define + return (load_checkpoints_from_json(checkpoints, json_hashfile_fullpath) && load_checkpoints_from_dns(checkpoints)); +} + +} // namespace cryptonote diff --git a/src/cryptonote_core/checkpoints_create.h b/src/cryptonote_core/checkpoints_create.h index 7512ddd95..92a970e9f 100644 --- a/src/cryptonote_core/checkpoints_create.h +++ b/src/cryptonote_core/checkpoints_create.h @@ -36,77 +36,13 @@ #define ADD_CHECKPOINT(h, hash) CHECK_AND_ASSERT(checkpoints.add_checkpoint(h, hash), false); #define JSON_HASH_FILE_NAME "checkpoints.json" -struct t_hashline +namespace cryptonote { - uint64_t height; - std::string hash; - BEGIN_KV_SERIALIZE_MAP() - KV_SERIALIZE(height) - KV_SERIALIZE(hash) - END_KV_SERIALIZE_MAP() -}; -struct t_hash_json { - std::vector<t_hashline> hashlines; - BEGIN_KV_SERIALIZE_MAP() - KV_SERIALIZE(hashlines) - END_KV_SERIALIZE_MAP() -}; + bool create_checkpoints(cryptonote::checkpoints& checkpoints); -namespace cryptonote { - inline bool create_checkpoints(cryptonote::checkpoints& checkpoints) - { - ADD_CHECKPOINT(1, "771fbcd656ec1464d3a02ead5e18644030007a0fc664c0a964d30922821a8148"); - ADD_CHECKPOINT(10, "c0e3b387e47042f72d8ccdca88071ff96bff1ac7cde09ae113dbb7ad3fe92381"); - ADD_CHECKPOINT(100, "ac3e11ca545e57c49fca2b4e8c48c03c23be047c43e471e1394528b1f9f80b2d"); - ADD_CHECKPOINT(1000, "5acfc45acffd2b2e7345caf42fa02308c5793f15ec33946e969e829f40b03876"); - ADD_CHECKPOINT(10000, "c758b7c81f928be3295d45e230646de8b852ec96a821eac3fea4daf3fcac0ca2"); - ADD_CHECKPOINT(22231, "7cb10e29d67e1c069e6e11b17d30b809724255fee2f6868dc14cfc6ed44dfb25"); - ADD_CHECKPOINT(29556, "53c484a8ed91e4da621bb2fa88106dbde426fe90d7ef07b9c1e5127fb6f3a7f6"); - ADD_CHECKPOINT(50000, "0fe8758ab06a8b9cb35b7328fd4f757af530a5d37759f9d3e421023231f7b31c"); - ADD_CHECKPOINT(80000, "a62dcd7b536f22e003ebae8726e9e7276f63d594e264b6f0cd7aab27b66e75e3"); - ADD_CHECKPOINT(202612, "bbd604d2ba11ba27935e006ed39c9bfdd99b76bf4a50654bc1e1e61217962698"); - ADD_CHECKPOINT(202613, "e2aa337e78df1f98f462b3b1e560c6b914dec47b610698b7b7d1e3e86b6197c2"); - ADD_CHECKPOINT(202614, "c29e3dc37d8da3e72e506e31a213a58771b24450144305bcba9e70fa4d6ea6fb"); - ADD_CHECKPOINT(205000, "5d3d7a26e6dc7535e34f03def711daa8c263785f73ec1fadef8a45880fde8063"); - ADD_CHECKPOINT(220000, "9613f455933c00e3e33ac315cc6b455ee8aa0c567163836858c2d9caff111553"); - ADD_CHECKPOINT(230300, "bae7a80c46859db355556e3a9204a337ae8f24309926a1312323fdecf1920e61"); - ADD_CHECKPOINT(230700, "93e631240ceac831da1aebfc5dac8f722c430463024763ebafa888796ceaeedf"); - ADD_CHECKPOINT(231350, "b5add137199b820e1ea26640e5c3e121fd85faa86a1e39cf7e6cc097bdeb1131"); - ADD_CHECKPOINT(232150, "955de8e6b6508af2c24f7334f97beeea651d78e9ade3ab18fec3763be3201aa8"); + bool load_checkpoints_from_json(cryptonote::checkpoints& checkpoints, std::string json_hashfile_fullpath); + bool load_checkpoints_from_dns(cryptonote::checkpoints& checkpoints); + bool load_new_checkpoints(cryptonote::checkpoints& checkpoints, std::string json_hashfile_fullpath); - return true; - } - - inline bool load_checkpoins_from_json(cryptonote::checkpoints& checkpoints, std::string json_hashfile_fullpath) - { - boost::system::error_code errcode; - if (! (boost::filesystem::exists(json_hashfile_fullpath, errcode))) - { - LOG_PRINT_L0("Blockchain checkpoints file not found"); - return true; - } - - LOG_PRINT_L0("Adding checkpoints from blockchain hashfile"); - - uint64_t prev_max_height = checkpoints.get_max_height(); - LOG_PRINT_L0("Hard-coded max checkpoint height is " << prev_max_height); - t_hash_json hashes; - epee::serialization::load_t_from_json_file(hashes, json_hashfile_fullpath); - for (std::vector<t_hashline>::const_iterator it = hashes.hashlines.begin(); it != hashes.hashlines.end(); ) - { - uint64_t height; - height = it->height; - if (height <= prev_max_height) { - LOG_PRINT_L0("ignoring checkpoint height " << height); - } else { - std::string blockhash = it->hash; - LOG_PRINT_L0("Adding checkpoint height " << height << ", hash=" << blockhash); - ADD_CHECKPOINT(height, blockhash); - } - ++it; - } - - return true; - } -} +} // namespace cryptonote diff --git a/src/cryptonote_core/cryptonote_core.cpp b/src/cryptonote_core/cryptonote_core.cpp index 964d61e2f..d9d8a7faf 100644 --- a/src/cryptonote_core/cryptonote_core.cpp +++ b/src/cryptonote_core/cryptonote_core.cpp @@ -41,6 +41,7 @@ using namespace epee; #include "cryptonote_config.h" #include "cryptonote_format_utils.h" #include "misc_language.h" +#include <csignal> DISABLE_VS_WARNINGS(4355) @@ -54,7 +55,10 @@ namespace cryptonote m_miner(this), m_miner_address(boost::value_initialized<account_public_address>()), m_starter_message_showed(false), - m_target_blockchain_height(0) + m_target_blockchain_height(0), + m_checkpoints_path(""), + m_last_dns_checkpoints_update(0), + m_last_json_checkpoints_update(0) { set_cryptonote_protocol(pprotocol); } @@ -71,6 +75,39 @@ namespace cryptonote m_blockchain_storage.set_checkpoints(std::move(chk_pts)); } //----------------------------------------------------------------------------------- + void core::set_checkpoints_file_path(const std::string& path) + { + m_checkpoints_path = path; + } + //----------------------------------------------------------------------------------- + void core::set_enforce_dns_checkpoints(bool enforce_dns) + { + m_blockchain_storage.set_enforce_dns_checkpoints(enforce_dns); + } + //----------------------------------------------------------------------------------------------- + bool core::update_checkpoints() + { + bool res = true; + if (time(NULL) - m_last_dns_checkpoints_update >= 3600) + { + res = m_blockchain_storage.update_checkpoints(m_checkpoints_path, true); + m_last_dns_checkpoints_update = time(NULL); + m_last_json_checkpoints_update = time(NULL); + } + else if (time(NULL) - m_last_json_checkpoints_update >= 600) + { + res = m_blockchain_storage.update_checkpoints(m_checkpoints_path, false); + m_last_json_checkpoints_update = time(NULL); + } + + // if anything fishy happened getting new checkpoints, bring down the house + if (!res) + { + graceful_exit(); + } + return res; + } + //----------------------------------------------------------------------------------- void core::init_options(boost::program_options::options_description& /*desc*/) { } @@ -127,6 +164,10 @@ namespace cryptonote r = m_blockchain_storage.init(m_config_folder, testnet); CHECK_AND_ASSERT_MES(r, false, "Failed to initialize blockchain storage"); + // load json & DNS checkpoints, and verify them + // with respect to what blocks we already have + CHECK_AND_ASSERT_MES(update_checkpoints(), false, "One or more checkpoints loaded from json or dns conflicted with existing checkpoints."); + r = m_miner.init(vm, testnet); CHECK_AND_ASSERT_MES(r, false, "Failed to initialize blockchain storage"); @@ -418,6 +459,10 @@ namespace cryptonote //----------------------------------------------------------------------------------------------- bool core::handle_incoming_block(const blobdata& block_blob, block_verification_context& bvc, bool update_miner_blocktemplate) { + // load json & DNS checkpoints every 10min/hour respectively, + // and verify them with respect to what blocks we already have + CHECK_AND_ASSERT_MES(update_checkpoints(), false, "One or more checkpoints loaded from json or dns conflicted with existing checkpoints."); + bvc = boost::value_initialized<block_verification_context>(); if(block_blob.size() > get_max_block_size()) { @@ -545,4 +590,9 @@ namespace cryptonote uint64_t core::get_target_blockchain_height() const { return m_target_blockchain_height; } + //----------------------------------------------------------------------------------------------- + void core::graceful_exit() + { + raise(SIGTERM); + } } diff --git a/src/cryptonote_core/cryptonote_core.h b/src/cryptonote_core/cryptonote_core.h index ba2aed015..10522451c 100644 --- a/src/cryptonote_core/cryptonote_core.h +++ b/src/cryptonote_core/cryptonote_core.h @@ -30,6 +30,8 @@ #pragma once +#include <ctime> + #include <boost/program_options/options_description.hpp> #include <boost/program_options/variables_map.hpp> @@ -92,6 +94,8 @@ namespace cryptonote void set_cryptonote_protocol(i_cryptonote_protocol* pprotocol); void set_checkpoints(checkpoints&& chk_pts); + void set_checkpoints_file_path(const std::string& path); + void set_enforce_dns_checkpoints(bool enforce_dns); bool get_pool_transactions(std::list<transaction>& txs); size_t get_pool_transactions_count(); @@ -119,6 +123,8 @@ namespace cryptonote void set_target_blockchain_height(uint64_t target_blockchain_height); uint64_t get_target_blockchain_height() const; + bool update_checkpoints(); + private: bool add_new_tx(const transaction& tx, const crypto::hash& tx_hash, const crypto::hash& tx_prefix_hash, size_t blob_size, tx_verification_context& tvc, bool keeped_by_block); bool add_new_tx(const transaction& tx, tx_verification_context& tvc, bool keeped_by_block); @@ -139,6 +145,7 @@ namespace cryptonote bool handle_command_line(const boost::program_options::variables_map& vm, bool testnet); bool on_update_blocktemplate_interval(); bool check_tx_inputs_keyimages_diff(const transaction& tx); + void graceful_exit(); tx_memory_pool m_mempool; @@ -155,6 +162,10 @@ namespace cryptonote std::atomic<bool> m_starter_message_showed; uint64_t m_target_blockchain_height; + + std::string m_checkpoints_path; + time_t m_last_dns_checkpoints_update; + time_t m_last_json_checkpoints_update; }; } diff --git a/src/daemon/daemon.cpp b/src/daemon/daemon.cpp index 5c209482e..da09acfd4 100644 --- a/src/daemon/daemon.cpp +++ b/src/daemon/daemon.cpp @@ -69,6 +69,7 @@ namespace , "Run on testnet. The wallet must be launched with --testnet flag." , false }; + const command_line::arg_descriptor<bool> arg_dns_checkpoints = {"enforce-dns-checkpointing", "checkpoints from DNS server will be enforced", false}; } bool command_line_preprocessor(const boost::program_options::variables_map& vm) @@ -135,6 +136,7 @@ int main(int argc, char* argv[]) command_line::add_arg(desc_cmd_sett, arg_log_level); command_line::add_arg(desc_cmd_sett, arg_console); command_line::add_arg(desc_cmd_sett, arg_testnet_on); + command_line::add_arg(desc_cmd_sett, arg_dns_checkpoints); cryptonote::core::init_options(desc_cmd_sett); cryptonote::core_rpc_server::init_options(desc_cmd_sett); @@ -206,16 +208,19 @@ int main(int argc, char* argv[]) CHECK_AND_ASSERT_MES(res, 1, "Failed to initialize checkpoints"); boost::filesystem::path json(JSON_HASH_FILE_NAME); boost::filesystem::path checkpoint_json_hashfile_fullpath = data_dir / json; - res = cryptonote::load_checkpoins_from_json(checkpoints, checkpoint_json_hashfile_fullpath.string().c_str()); - CHECK_AND_ASSERT_MES(res, 1, "Failed to load initial checkpoints"); //create objects and link them cryptonote::core ccore(NULL); + // tell core if we're enforcing dns checkpoints + bool enforce_dns = command_line::get_arg(vm, arg_dns_checkpoints); + ccore.set_enforce_dns_checkpoints(enforce_dns); + if (testnet_mode) { LOG_PRINT_L0("Starting in testnet mode!"); } else { ccore.set_checkpoints(std::move(checkpoints)); + ccore.set_checkpoints_file_path(checkpoint_json_hashfile_fullpath.string()); } cryptonote::t_cryptonote_protocol_handler<cryptonote::core> cprotocol(ccore, NULL); diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl index 08fd1d1e6..2953bdb7a 100644 --- a/src/p2p/net_node.inl +++ b/src/p2p/net_node.inl @@ -252,7 +252,9 @@ namespace nodetool // for some time yet. for (const std::string& addr_str : m_seed_nodes_list) { - std::vector<std::string> addr_list = tools::DNSResolver::instance().get_ipv4(addr_str); + // TODO: care about dnssec avail/valid + bool avail, valid; + std::vector<std::string> addr_list = tools::DNSResolver::instance().get_ipv4(addr_str, avail, valid); for (const std::string& a : addr_list) { append_net_address(m_seed_nodes, a + ":18080"); diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index 3161f3b16..6fb672798 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -833,12 +833,17 @@ std::vector<std::vector<cryptonote::tx_destination_entry>> split_amounts( */ std::vector<std::string> wallet2::addresses_from_url(const std::string& url, bool& dnssec_valid) { - // TODO: update this correctly once DNSResolver::get_txt_record() supports it. - dnssec_valid = false; - std::vector<std::string> addresses; // get txt records - auto records = tools::DNSResolver::instance().get_txt_record(url); + bool dnssec_available, dnssec_isvalid; + auto records = tools::DNSResolver::instance().get_txt_record(url, dnssec_available, dnssec_isvalid); + + // TODO: update this to allow for conveying that dnssec was not available + if (dnssec_available && dnssec_isvalid) + { + dnssec_valid = true; + } + else dnssec_valid = false; // for each txt record, try to find a monero address in it. for (auto& rec : records) |