aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--contrib/epee/include/net/net_ssl.h2
-rw-r--r--contrib/epee/src/net_ssl.cpp2
-rw-r--r--src/device_trezor/device_trezor_base.cpp6
-rw-r--r--src/device_trezor/trezor/transport.cpp120
-rw-r--r--src/device_trezor/trezor/transport.hpp5
-rw-r--r--src/rpc/core_rpc_server.cpp9
-rw-r--r--src/wallet/wallet2.cpp22
-rw-r--r--src/wallet/wallet_rpc_server.cpp15
-rwxr-xr-xtests/functional_tests/functional_tests_rpc.py1
9 files changed, 160 insertions, 22 deletions
diff --git a/contrib/epee/include/net/net_ssl.h b/contrib/epee/include/net/net_ssl.h
index 957903ff8..5ef2ff59d 100644
--- a/contrib/epee/include/net/net_ssl.h
+++ b/contrib/epee/include/net/net_ssl.h
@@ -37,6 +37,8 @@
#include <boost/asio/ssl.hpp>
#include <boost/system/error_code.hpp>
+#define SSL_FINGERPRINT_SIZE 32
+
namespace epee
{
namespace net_utils
diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp
index 7bedb18ac..c17d86eca 100644
--- a/contrib/epee/src/net_ssl.cpp
+++ b/contrib/epee/src/net_ssl.cpp
@@ -321,7 +321,7 @@ bool ssl_options_t::has_fingerprint(boost::asio::ssl::verify_context &ctx) const
unsigned int size{ 0 };
// create the digest from the certificate
- if (!X509_digest(cert, EVP_sha1(), digest.data(), &size)) {
+ if (!X509_digest(cert, EVP_sha256(), digest.data(), &size)) {
MERROR("Failed to create certificate fingerprint");
return false;
}
diff --git a/src/device_trezor/device_trezor_base.cpp b/src/device_trezor/device_trezor_base.cpp
index 5adadbfc4..b7adf433d 100644
--- a/src/device_trezor/device_trezor_base.cpp
+++ b/src/device_trezor/device_trezor_base.cpp
@@ -115,10 +115,14 @@ namespace trezor {
MDEBUG("Enumerating Trezor devices...");
enumerate(trans);
+ sort_transports_by_env(trans);
- MDEBUG("Enumeration yielded " << trans.size() << " devices");
+ MDEBUG("Enumeration yielded " << trans.size() << " Trezor devices");
for (auto &cur : trans) {
MDEBUG(" device: " << *(cur.get()));
+ }
+
+ for (auto &cur : trans) {
std::string cur_path = cur->get_path();
if (boost::starts_with(cur_path, this->name)) {
MDEBUG("Device Match: " << cur_path);
diff --git a/src/device_trezor/trezor/transport.cpp b/src/device_trezor/trezor/transport.cpp
index dd9b0b52f..59b281f13 100644
--- a/src/device_trezor/trezor/transport.cpp
+++ b/src/device_trezor/trezor/transport.cpp
@@ -31,11 +31,13 @@
#include <libusb.h>
#endif
+#include <algorithm>
#include <boost/endian/conversion.hpp>
#include <boost/asio/io_service.hpp>
#include <boost/asio/ip/udp.hpp>
#include <boost/date_time/posix_time/posix_time_types.hpp>
#include <boost/format.hpp>
+#include "common/apply_permutation.h"
#include "transport.hpp"
#include "messages/messages-common.pb.h"
@@ -95,6 +97,47 @@ namespace trezor{
return patch | (((uint64_t)minor) << bits_2) | (((uint64_t)major) << (bits_1 + bits_2));
}
+ typedef struct {
+ uint16_t trezor_type;
+ uint16_t id_vendor;
+ uint16_t id_product;
+ } trezor_usb_desc_t;
+
+ static trezor_usb_desc_t TREZOR_DESC_T1 = {1, 0x534C, 0x0001};
+ static trezor_usb_desc_t TREZOR_DESC_T2 = {2, 0x1209, 0x53C1};
+ static trezor_usb_desc_t TREZOR_DESC_T2_BL = {3, 0x1209, 0x53C0};
+
+ static trezor_usb_desc_t TREZOR_DESCS[] = {
+ TREZOR_DESC_T1,
+ TREZOR_DESC_T2,
+ TREZOR_DESC_T2_BL,
+ };
+
+ static size_t TREZOR_DESCS_LEN = sizeof(TREZOR_DESCS)/sizeof(TREZOR_DESCS[0]);
+
+ static ssize_t get_device_idx(uint16_t id_vendor, uint16_t id_product){
+ for(size_t i = 0; i < TREZOR_DESCS_LEN; ++i){
+ if (TREZOR_DESCS[i].id_vendor == id_vendor && TREZOR_DESCS[i].id_product == id_product){
+ return i;
+ }
+ }
+
+ return -1;
+ }
+
+ static bool is_device_supported(ssize_t device_idx){
+ CHECK_AND_ASSERT_THROW_MES(device_idx < (ssize_t)TREZOR_DESCS_LEN, "Device desc idx too big");
+ if (device_idx < 0){
+ return false;
+ }
+
+#ifdef TREZOR_1_SUPPORTED
+ return true;
+#else
+ return TREZOR_DESCS[device_idx].trezor_type != 1;
+#endif
+ }
+
//
// Helpers
//
@@ -312,6 +355,24 @@ namespace trezor{
for(rapidjson::Value::ConstValueIterator itr = bridge_res.Begin(); itr != bridge_res.End(); ++itr){
auto element = itr->GetObject();
auto t = std::make_shared<BridgeTransport>(boost::make_optional(json_get_string(element["path"])));
+
+ auto itr_vendor = element.FindMember("vendor");
+ auto itr_product = element.FindMember("product");
+ if (itr_vendor != element.MemberEnd() && itr_product != element.MemberEnd()
+ && itr_vendor->value.IsNumber() && itr_product->value.IsNumber()){
+ try {
+ const auto id_vendor = (uint16_t) itr_vendor->value.GetUint64();
+ const auto id_product = (uint16_t) itr_product->value.GetUint64();
+ const auto device_idx = get_device_idx(id_vendor, id_product);
+ if (!is_device_supported(device_idx)){
+ MDEBUG("Device with idx " << device_idx << " is not supported. Vendor: " << id_vendor << ", product: " << id_product);
+ continue;
+ }
+ } catch(const std::exception &e){
+ MERROR("Could not detect vendor & product: " << e.what());
+ }
+ }
+
t->m_device_info.emplace();
t->m_device_info->CopyFrom(*itr, t->m_device_info->GetAllocator());
res.push_back(t);
@@ -710,24 +771,20 @@ namespace trezor{
#ifdef WITH_DEVICE_TREZOR_WEBUSB
static bool is_trezor1(libusb_device_descriptor * info){
- return info->idVendor == 0x534C && info->idProduct == 0x0001;
+ return info->idVendor == TREZOR_DESC_T1.id_vendor && info->idProduct == TREZOR_DESC_T1.id_product;
}
static bool is_trezor2(libusb_device_descriptor * info){
- return info->idVendor == 0x1209 && info->idProduct == 0x53C1;
+ return info->idVendor == TREZOR_DESC_T2.id_vendor && info->idProduct == TREZOR_DESC_T2.id_product;
}
static bool is_trezor2_bl(libusb_device_descriptor * info){
- return info->idVendor == 0x1209 && info->idProduct == 0x53C0;
+ return info->idVendor == TREZOR_DESC_T2_BL.id_vendor && info->idProduct == TREZOR_DESC_T2_BL.id_product;
}
- static uint8_t get_trezor_dev_mask(libusb_device_descriptor * info){
- uint8_t mask = 0;
+ static ssize_t get_trezor_dev_id(libusb_device_descriptor *info){
CHECK_AND_ASSERT_THROW_MES(info, "Empty device descriptor");
- mask |= is_trezor1(info) ? 1 : 0;
- mask |= is_trezor2(info) ? 2 : 0;
- mask |= is_trezor2_bl(info) ? 4 : 0;
- return mask;
+ return get_device_idx(info->idVendor, info->idProduct);
}
static void set_libusb_log(libusb_context *ctx){
@@ -844,12 +901,12 @@ namespace trezor{
continue;
}
- const auto trezor_mask = get_trezor_dev_mask(&desc);
- if (!trezor_mask){
+ const auto trezor_dev_idx = get_trezor_dev_id(&desc);
+ if (!is_device_supported(trezor_dev_idx)){
continue;
}
- MTRACE("Found Trezor device: " << desc.idVendor << ":" << desc.idProduct << " mask " << (int)trezor_mask);
+ MTRACE("Found Trezor device: " << desc.idVendor << ":" << desc.idProduct << " dev_idx " << (int)trezor_dev_idx);
auto t = std::make_shared<WebUsbTransport>(boost::make_optional(&desc));
t->m_bus_id = libusb_get_bus_number(devs[i]);
@@ -909,8 +966,8 @@ namespace trezor{
continue;
}
- const auto trezor_mask = get_trezor_dev_mask(&desc);
- if (!trezor_mask) {
+ const auto trezor_dev_idx = get_trezor_dev_id(&desc);
+ if (!is_device_supported(trezor_dev_idx)){
continue;
}
@@ -921,7 +978,7 @@ namespace trezor{
get_libusb_ports(devs[i], path);
MTRACE("Found Trezor device: " << desc.idVendor << ":" << desc.idProduct
- << ", mask: " << (int)trezor_mask
+ << ", dev_idx: " << (int)trezor_dev_idx
<< ". path: " << get_usb_path(bus_id, path));
if (bus_id == m_bus_id && path == m_port_numbers) {
@@ -1110,6 +1167,39 @@ namespace trezor{
#endif
}
+ void sort_transports_by_env(t_transport_vect & res){
+ const char *env_trezor_path = getenv("TREZOR_PATH");
+ if (!env_trezor_path){
+ return;
+ }
+
+ // Sort transports by the longest matching prefix with TREZOR_PATH
+ std::string trezor_path(env_trezor_path);
+ std::vector<size_t> match_idx(res.size());
+ std::vector<size_t> path_permutation(res.size());
+
+ for(size_t i = 0; i < res.size(); ++i){
+ auto cpath = res[i]->get_path();
+ std::string * s1 = &trezor_path;
+ std::string * s2 = &cpath;
+
+ // first has to be shorter in std::mismatch(). Returns first non-matching iterators.
+ if (s1->size() >= s2->size()){
+ std::swap(s1, s2);
+ }
+
+ const auto mism = std::mismatch(s1->begin(), s1->end(), s2->begin());
+ match_idx[i] = mism.first - s1->begin();
+ path_permutation[i] = i;
+ }
+
+ std::sort(path_permutation.begin(), path_permutation.end(), [&](const size_t i0, const size_t i1) {
+ return match_idx[i0] > match_idx[i1];
+ });
+
+ tools::apply_permutation(path_permutation, res);
+ }
+
std::shared_ptr<Transport> transport(const std::string & path){
if (boost::starts_with(path, BridgeTransport::PATH_PREFIX)){
return std::make_shared<BridgeTransport>(path.substr(strlen(BridgeTransport::PATH_PREFIX)));
diff --git a/src/device_trezor/trezor/transport.hpp b/src/device_trezor/trezor/transport.hpp
index cde862547..affd91553 100644
--- a/src/device_trezor/trezor/transport.hpp
+++ b/src/device_trezor/trezor/transport.hpp
@@ -303,6 +303,11 @@ namespace trezor {
void enumerate(t_transport_vect & res);
/**
+ * Sorts found transports by TREZOR_PATH environment variable.
+ */
+ void sort_transports_by_env(t_transport_vect & res);
+
+ /**
* Transforms path to the transport
*/
std::shared_ptr<Transport> transport(const std::string & path);
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index c41fb37d8..97e9b482e 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -28,6 +28,7 @@
//
// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+#include <boost/preprocessor/stringize.hpp>
#include "include_base_utils.h"
#include "string_tools.h"
using namespace epee;
@@ -159,6 +160,14 @@ namespace cryptonote
const std::vector<std::string> ssl_allowed_fingerprint_strings = command_line::get_arg(vm, arg_rpc_ssl_allowed_fingerprints);
std::vector<std::vector<uint8_t>> ssl_allowed_fingerprints{ ssl_allowed_fingerprint_strings.size() };
std::transform(ssl_allowed_fingerprint_strings.begin(), ssl_allowed_fingerprint_strings.end(), ssl_allowed_fingerprints.begin(), epee::from_hex::vector);
+ for (const auto &fpr: ssl_allowed_fingerprints)
+ {
+ if (fpr.size() != SSL_FINGERPRINT_SIZE)
+ {
+ MERROR("SHA-256 fingerprint should be " BOOST_PP_STRINGIZE(SSL_FINGERPRINT_SIZE) " bytes long.");
+ return false;
+ }
+ }
if (!ssl_ca_path.empty() || !ssl_allowed_fingerprints.empty())
ssl_options = epee::net_utils::ssl_options_t{std::move(ssl_allowed_fingerprints), std::move(ssl_ca_path)};
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 6554ef7d5..f5b492771 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -39,6 +39,7 @@
#include <boost/algorithm/string/join.hpp>
#include <boost/asio/ip/address.hpp>
#include <boost/range/adaptor/transformed.hpp>
+#include <boost/preprocessor/stringize.hpp>
#include "include_base_utils.h"
using namespace epee;
@@ -131,6 +132,9 @@ using namespace cryptonote;
#define GAMMA_SHAPE 19.28
#define GAMMA_SCALE (1/1.61)
+#define DEFAULT_MIN_OUTPUT_COUNT 5
+#define DEFAULT_MIN_OUTPUT_VALUE (2*COIN)
+
static const std::string MULTISIG_SIGNATURE_MAGIC = "SigMultisigPkV1";
static const std::string MULTISIG_EXTRA_INFO_MAGIC = "MultisigxV1";
@@ -340,6 +344,11 @@ std::unique_ptr<tools::wallet2> make_basic(const boost::program_options::variabl
{
std::vector<std::vector<uint8_t>> ssl_allowed_fingerprints{ daemon_ssl_allowed_fingerprints.size() };
std::transform(daemon_ssl_allowed_fingerprints.begin(), daemon_ssl_allowed_fingerprints.end(), ssl_allowed_fingerprints.begin(), epee::from_hex::vector);
+ for (const auto &fpr: daemon_ssl_allowed_fingerprints)
+ {
+ THROW_WALLET_EXCEPTION_IF(fpr.size() != SSL_FINGERPRINT_SIZE, tools::error::wallet_internal_error,
+ "SHA-256 fingerprint should be " BOOST_PP_STRINGIZE(SSL_FINGERPRINT_SIZE) " bytes long.");
+ }
ssl_options = epee::net_utils::ssl_options_t{
std::move(ssl_allowed_fingerprints), std::move(daemon_ssl_ca_file)
@@ -9375,9 +9384,16 @@ std::vector<wallet2::pending_tx> wallet2::create_transactions_2(std::vector<cryp
idx = pop_best_value(indices, tx.selected_transfers, true);
// we might not want to add it if it's a large output and we don't have many left
- if (m_transfers[idx].amount() >= m_min_output_value) {
- if (get_count_above(m_transfers, *unused_transfers_indices, m_min_output_value) < m_min_output_count) {
- LOG_PRINT_L2("Second output was not strictly needed, and we're running out of outputs above " << print_money(m_min_output_value) << ", not adding");
+ uint64_t min_output_value = m_min_output_value;
+ uint32_t min_output_count = m_min_output_count;
+ if (min_output_value == 0 && min_output_count == 0)
+ {
+ min_output_value = DEFAULT_MIN_OUTPUT_VALUE;
+ min_output_count = DEFAULT_MIN_OUTPUT_COUNT;
+ }
+ if (m_transfers[idx].amount() >= min_output_value) {
+ if (get_count_above(m_transfers, *unused_transfers_indices, min_output_value) < min_output_count) {
+ LOG_PRINT_L2("Second output was not strictly needed, and we're running out of outputs above " << print_money(min_output_value) << ", not adding");
break;
}
}
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index 4076ae957..22eaffa6f 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -31,6 +31,7 @@
#include <boost/asio/ip/address.hpp>
#include <boost/filesystem/operations.hpp>
#include <boost/algorithm/string.hpp>
+#include <boost/preprocessor/stringize.hpp>
#include <cstdint>
#include "include_base_utils.h"
using namespace epee;
@@ -254,6 +255,14 @@ namespace tools
{
std::vector<std::vector<uint8_t>> allowed_fingerprints{ rpc_ssl_allowed_fingerprints.size() };
std::transform(rpc_ssl_allowed_fingerprints.begin(), rpc_ssl_allowed_fingerprints.end(), allowed_fingerprints.begin(), epee::from_hex::vector);
+ for (const auto &fpr: rpc_ssl_allowed_fingerprints)
+ {
+ if (fpr.size() != SSL_FINGERPRINT_SIZE)
+ {
+ MERROR("SHA-256 fingerprint should be " BOOST_PP_STRINGIZE(SSL_FINGERPRINT_SIZE) " bytes long.");
+ return false;
+ }
+ }
rpc_ssl_options = epee::net_utils::ssl_options_t{
std::move(allowed_fingerprints), std::move(rpc_ssl_ca_file)
@@ -4069,9 +4078,10 @@ namespace tools
{ cryptonote::TESTNET, "testnet" },
{ cryptonote::STAGENET, "stagenet" },
};
+ if (!req.any_net_type && !m_wallet) return not_open(er);
for (const auto &net_type: net_types)
{
- if (!req.any_net_type && net_type.type != m_wallet->nettype())
+ if (!req.any_net_type && (!m_wallet || net_type.type != m_wallet->nettype()))
continue;
if (req.allow_openalias)
{
@@ -4153,6 +4163,7 @@ namespace tools
{
er.code = WALLET_RPC_ERROR_CODE_NO_DAEMON_CONNECTION;
er.message = "SSL is enabled but no user certificate or fingerprints were provided";
+ return false;
}
if (!m_wallet->set_daemon(req.address, boost::none, req.trusted, std::move(ssl_options)))
@@ -4177,7 +4188,7 @@ namespace tools
{
er.code = WALLET_RPC_ERROR_CODE_INVALID_LOG_LEVEL;
er.message = "Error: log level not valid";
- return true;
+ return false;
}
mlog_set_log_level(req.level);
return true;
diff --git a/tests/functional_tests/functional_tests_rpc.py b/tests/functional_tests/functional_tests_rpc.py
index 83b75a088..e754b4e33 100755
--- a/tests/functional_tests/functional_tests_rpc.py
+++ b/tests/functional_tests/functional_tests_rpc.py
@@ -98,6 +98,7 @@ FAIL = []
for test in tests:
try:
print('[TEST STARTED] ' + test)
+ sys.stdout.flush()
cmd = [python, srcdir + '/' + test + ".py"]
subprocess.check_call(cmd)
PASS.append(test)