aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--contrib/epee/include/net/http_auth.h7
-rw-r--r--contrib/epee/include/net/http_protocol_handler.h3
-rw-r--r--contrib/epee/include/net/http_server_impl_base.h3
-rw-r--r--contrib/epee/include/net/network_throttle.hpp3
-rw-r--r--contrib/epee/src/CMakeLists.txt1
-rw-r--r--contrib/epee/src/connection_basic.cpp1
-rw-r--r--contrib/epee/src/http_auth.cpp7
-rw-r--r--src/common/util.cpp1
-rw-r--r--src/rpc/core_rpc_server.cpp3
-rw-r--r--src/wallet/wallet_rpc_server.cpp3
-rw-r--r--tests/unit_tests/http.cpp22
11 files changed, 31 insertions, 23 deletions
diff --git a/contrib/epee/include/net/http_auth.h b/contrib/epee/include/net/http_auth.h
index 841cebc17..71f56b570 100644
--- a/contrib/epee/include/net/http_auth.h
+++ b/contrib/epee/include/net/http_auth.h
@@ -71,8 +71,8 @@ namespace net_utils
std::uint32_t counter;
};
- http_server_auth() : user() {}
- http_server_auth(login credentials);
+ http_server_auth() : user(), rng() {}
+ http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r);
//! \return Auth response, or `boost::none` iff `request` had valid auth.
boost::optional<http_response_info> get_response(const http_request_info& request)
@@ -81,10 +81,13 @@ namespace net_utils
return do_get_response(request);
return boost::none;
}
+
private:
boost::optional<http_response_info> do_get_response(const http_request_info& request);
boost::optional<session> user;
+
+ std::function<void(size_t, uint8_t*)> rng;
};
//! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added.
diff --git a/contrib/epee/include/net/http_protocol_handler.h b/contrib/epee/include/net/http_protocol_handler.h
index 652d8ff6f..b4485d1cd 100644
--- a/contrib/epee/include/net/http_protocol_handler.h
+++ b/contrib/epee/include/net/http_protocol_handler.h
@@ -160,6 +160,7 @@ namespace net_utils
struct custum_handler_config: public http_server_config
{
i_http_server_handler<t_connection_context>* m_phandler;
+ std::function<void(size_t, uint8_t*)> rng;
};
/************************************************************************/
@@ -176,7 +177,7 @@ namespace net_utils
: simple_http_connection_handler<t_connection_context>(psnd_hndlr, config),
m_config(config),
m_conn_context(conn_context),
- m_auth(m_config.m_user ? http_server_auth{*m_config.m_user} : http_server_auth{})
+ m_auth(m_config.m_user ? http_server_auth{*m_config.m_user, config.rng} : http_server_auth{})
{}
inline bool handle_request(const http_request_info& query_info, http_response_info& response)
{
diff --git a/contrib/epee/include/net/http_server_impl_base.h b/contrib/epee/include/net/http_server_impl_base.h
index 8b8e31b51..1a97e610a 100644
--- a/contrib/epee/include/net/http_server_impl_base.h
+++ b/contrib/epee/include/net/http_server_impl_base.h
@@ -55,13 +55,14 @@ namespace epee
: m_net_server(external_io_service)
{}
- bool init(const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0",
+ bool init(std::function<void(size_t, uint8_t*)> rng, const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0",
std::vector<std::string> access_control_origins = std::vector<std::string>(),
boost::optional<net_utils::http::login> user = boost::none)
{
//set self as callback handler
m_net_server.get_config_object().m_phandler = static_cast<t_child_class*>(this);
+ m_net_server.get_config_object().rng = std::move(rng);
//here set folder for hosting reqests
m_net_server.get_config_object().m_folder = "";
diff --git a/contrib/epee/include/net/network_throttle.hpp b/contrib/epee/include/net/network_throttle.hpp
index fffd22a6a..225ffee04 100644
--- a/contrib/epee/include/net/network_throttle.hpp
+++ b/contrib/epee/include/net/network_throttle.hpp
@@ -99,8 +99,6 @@ struct calculate_times_struct {
typedef calculate_times_struct calculate_times_struct;
-namespace cryptonote { class cryptonote_protocol_handler_base; } // a friend class // TODO friend not working
-
/***
@brief Access to simple throttles, with singlton to access global network limits
*/
@@ -117,7 +115,6 @@ class network_throttle_manager {
static boost::mutex m_lock_get_global_throttle_inreq;
static boost::mutex m_lock_get_global_throttle_out;
- friend class cryptonote::cryptonote_protocol_handler_base; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS!
friend class connection_basic; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS!
friend class connection_basic_pimpl; // ditto
diff --git a/contrib/epee/src/CMakeLists.txt b/contrib/epee/src/CMakeLists.txt
index b6967e8fc..ee118724d 100644
--- a/contrib/epee/src/CMakeLists.txt
+++ b/contrib/epee/src/CMakeLists.txt
@@ -49,7 +49,6 @@ endif()
target_link_libraries(epee
PUBLIC
- cncrypto
easylogging
${Boost_FILESYSTEM_LIBRARY}
PRIVATE
diff --git a/contrib/epee/src/connection_basic.cpp b/contrib/epee/src/connection_basic.cpp
index 534044a79..5848d1268 100644
--- a/contrib/epee/src/connection_basic.cpp
+++ b/contrib/epee/src/connection_basic.cpp
@@ -78,7 +78,6 @@
// TODO:
#include "net/network_throttle-detail.hpp"
-#include "cryptonote_core/cryptonote_core.h"
#undef MONERO_DEFAULT_LOG_CATEGORY
#define MONERO_DEFAULT_LOG_CATEGORY "net.p2p"
diff --git a/contrib/epee/src/http_auth.cpp b/contrib/epee/src/http_auth.cpp
index f06f05528..5b8d892ff 100644
--- a/contrib/epee/src/http_auth.cpp
+++ b/contrib/epee/src/http_auth.cpp
@@ -66,7 +66,6 @@
#include <tuple>
#include <type_traits>
-#include "crypto/crypto.h"
#include "hex.h"
#include "md5_l.h"
#include "string_coding.h"
@@ -711,8 +710,8 @@ namespace epee
{
namespace http
{
- http_server_auth::http_server_auth(login credentials)
- : user(session{std::move(credentials)}) {
+ http_server_auth::http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r)
+ : user(session{std::move(credentials)}), rng(std::move(r)) {
}
boost::optional<http_response_info> http_server_auth::do_get_response(const http_request_info& request)
@@ -746,7 +745,7 @@ namespace epee
user->counter = 0;
{
std::array<std::uint8_t, 16> rand_128bit{{}};
- crypto::rand(rand_128bit.size(), rand_128bit.data());
+ rng(rand_128bit.size(), rand_128bit.data());
user->nonce = string_encoding::base64_encode(rand_128bit.data(), rand_128bit.size());
}
return create_digest_response(user->nonce, is_stale);
diff --git a/src/common/util.cpp b/src/common/util.cpp
index 2a2f50c4f..a4a435104 100644
--- a/src/common/util.cpp
+++ b/src/common/util.cpp
@@ -39,6 +39,7 @@
#include "wipeable_string.h"
using namespace epee;
+#include "crypto/crypto.h"
#include "util.h"
#include "memwipe.h"
#include "cryptonote_config.h"
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index a6109cb89..4966b107d 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -106,8 +106,9 @@ namespace cryptonote
if (rpc_config->login)
http_login.emplace(std::move(rpc_config->login->username), std::move(rpc_config->login->password).password());
+ auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); };
return epee::http_server_impl_base<core_rpc_server, connection_context>::init(
- std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
+ rng, std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
);
}
//------------------------------------------------------------------------------------------------------------------------------
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index 3aba76da0..4c1788f0b 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -229,8 +229,9 @@ namespace tools
m_http_client.set_server(walvars->get_daemon_address(), walvars->get_daemon_login());
m_net_server.set_threads_prefix("RPC");
+ auto rng = [](size_t len, uint8_t *ptr) { return crypto::rand(len, ptr); };
return epee::http_server_impl_base<wallet_rpc_server, connection_context>::init(
- std::move(bind_port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
+ rng, std::move(bind_port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login)
);
}
//------------------------------------------------------------------------------------------------------------------------------
diff --git a/tests/unit_tests/http.cpp b/tests/unit_tests/http.cpp
index 5e427f064..0e8f9f747 100644
--- a/tests/unit_tests/http.cpp
+++ b/tests/unit_tests/http.cpp
@@ -60,12 +60,18 @@
#include "md5_l.h"
#include "string_tools.h"
+#include "crypto/crypto.h"
namespace {
namespace http = epee::net_utils::http;
using fields = std::unordered_map<std::string, std::string>;
using auth_responses = std::vector<fields>;
+void rng(size_t len, uint8_t *ptr)
+{
+ crypto::rand(len, ptr);
+}
+
std::string quoted(std::string str)
{
str.insert(str.begin(), '"');
@@ -250,13 +256,13 @@ std::string get_nc(std::uint32_t count)
TEST(HTTP_Server_Auth, NotRequired)
{
- http::http_server_auth auth{};
+ http::http_server_auth auth{}; // no rng here
EXPECT_FALSE(auth.get_response(http::http_request_info{}));
}
TEST(HTTP_Server_Auth, MissingAuth)
{
- http::http_server_auth auth{{"foo", "bar"}};
+ http::http_server_auth auth{{"foo", "bar"}, rng};
EXPECT_TRUE(bool(auth.get_response(http::http_request_info{})));
{
http::http_request_info request{};
@@ -267,7 +273,7 @@ TEST(HTTP_Server_Auth, MissingAuth)
TEST(HTTP_Server_Auth, BadSyntax)
{
- http::http_server_auth auth{{"foo", "bar"}};
+ http::http_server_auth auth{{"foo", "bar"}, rng};
EXPECT_TRUE(bool(auth.get_response(make_request({{u8"algorithm", "fo\xFF"}}))));
EXPECT_TRUE(bool(auth.get_response(make_request({{u8"cnonce", "\"000\xFF\""}}))));
EXPECT_TRUE(bool(auth.get_response(make_request({{u8"cnonce \xFF =", "\"000\xFF\""}}))));
@@ -277,7 +283,7 @@ TEST(HTTP_Server_Auth, BadSyntax)
TEST(HTTP_Server_Auth, MD5)
{
http::login user{"foo", "bar"};
- http::http_server_auth auth{user};
+ http::http_server_auth auth{user, rng};
const auto response = auth.get_response(make_request(fields{}));
ASSERT_TRUE(bool(response));
@@ -326,7 +332,7 @@ TEST(HTTP_Server_Auth, MD5_sess)
constexpr const char cnonce[] = "not a good cnonce";
http::login user{"foo", "bar"};
- http::http_server_auth auth{user};
+ http::http_server_auth auth{user, rng};
const auto response = auth.get_response(make_request(fields{}));
ASSERT_TRUE(bool(response));
@@ -378,7 +384,7 @@ TEST(HTTP_Server_Auth, MD5_auth)
constexpr const char qop[] = "auth";
http::login user{"foo", "bar"};
- http::http_server_auth auth{user};
+ http::http_server_auth auth{user, rng};
const auto response = auth.get_response(make_request(fields{}));
ASSERT_TRUE(bool(response));
@@ -446,7 +452,7 @@ TEST(HTTP_Server_Auth, MD5_sess_auth)
constexpr const char qop[] = "auth";
http::login user{"foo", "bar"};
- http::http_server_auth auth{user};
+ http::http_server_auth auth{user, rng};
const auto response = auth.get_response(make_request(fields{}));
ASSERT_TRUE(bool(response));
@@ -523,7 +529,7 @@ TEST(HTTP_Auth, DogFood)
const http::login user{"some_user", "ultimate password"};
- http::http_server_auth server{user};
+ http::http_server_auth server{user, rng};
http::http_client_auth client{user};
http::http_request_info request{};