diff options
Diffstat (limited to 'contrib/epee/src')
| -rw-r--r-- | contrib/epee/src/CMakeLists.txt | 2 | ||||
| -rw-r--r-- | contrib/epee/src/connection_basic.cpp | 12 | ||||
| -rw-r--r-- | contrib/epee/src/hex.cpp | 2 | ||||
| -rw-r--r-- | contrib/epee/src/http_auth.cpp | 2 | ||||
| -rw-r--r-- | contrib/epee/src/memwipe.c | 2 | ||||
| -rw-r--r-- | contrib/epee/src/net_ssl.cpp | 51 | ||||
| -rw-r--r-- | contrib/epee/src/network_throttle-detail.cpp | 2 | ||||
| -rw-r--r-- | contrib/epee/src/network_throttle.cpp | 2 | ||||
| -rw-r--r-- | contrib/epee/src/wipeable_string.cpp | 2 |
9 files changed, 27 insertions, 50 deletions
diff --git a/contrib/epee/src/CMakeLists.txt b/contrib/epee/src/CMakeLists.txt index e913211ea..0787a9d08 100644 --- a/contrib/epee/src/CMakeLists.txt +++ b/contrib/epee/src/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2014-2018, The Monero Project +# Copyright (c) 2014-2019, The Monero Project # # All rights reserved. # diff --git a/contrib/epee/src/connection_basic.cpp b/contrib/epee/src/connection_basic.cpp index 377fb3452..6354082aa 100644 --- a/contrib/epee/src/connection_basic.cpp +++ b/contrib/epee/src/connection_basic.cpp @@ -2,7 +2,7 @@ /// @author rfree (current maintainer in monero.cc project) /// @brief base for connection, contains e.g. the ratelimit hooks -// Copyright (c) 2014-2018, The Monero Project +// Copyright (c) 2014-2019, The Monero Project // // All rights reserved. // @@ -47,6 +47,12 @@ // TODO: #include "net/network_throttle-detail.hpp" +#if BOOST_VERSION >= 107000 +#define GET_IO_SERVICE(s) ((boost::asio::io_context&)(s).get_executor().context()) +#else +#define GET_IO_SERVICE(s) ((s).get_io_service()) +#endif + #undef MONERO_DEFAULT_LOG_CATEGORY #define MONERO_DEFAULT_LOG_CATEGORY "net.conn" @@ -117,8 +123,8 @@ connection_basic::connection_basic(boost::asio::ip::tcp::socket&& sock, boost::s : m_stats(std::move(stats)), mI( new connection_basic_pimpl("peer") ), - strand_(sock.get_io_service()), - socket_(sock.get_io_service(), ssl_context.context), + strand_(GET_IO_SERVICE(sock)), + socket_(GET_IO_SERVICE(sock), ssl_context.context), m_want_close_connection(false), m_was_shutdown(false), m_ssl_support(ssl_support), diff --git a/contrib/epee/src/hex.cpp b/contrib/epee/src/hex.cpp index 8421dcae9..558983f7e 100644 --- a/contrib/epee/src/hex.cpp +++ b/contrib/epee/src/hex.cpp @@ -1,4 +1,4 @@ -// Copyright (c) 2017-2018, The Monero Project +// Copyright (c) 2017-2019, The Monero Project // // All rights reserved. // diff --git a/contrib/epee/src/http_auth.cpp b/contrib/epee/src/http_auth.cpp index dc968d971..289069daa 100644 --- a/contrib/epee/src/http_auth.cpp +++ b/contrib/epee/src/http_auth.cpp @@ -1,4 +1,4 @@ -// Copyright (c) 2014-2018, The Monero Project +// Copyright (c) 2014-2019, The Monero Project // // All rights reserved. // diff --git a/contrib/epee/src/memwipe.c b/contrib/epee/src/memwipe.c index c2a26c392..ad1ef510d 100644 --- a/contrib/epee/src/memwipe.c +++ b/contrib/epee/src/memwipe.c @@ -1,4 +1,4 @@ -// Copyright (c) 2017-2018, The Monero Project +// Copyright (c) 2017-2019, The Monero Project // // All rights reserved. // diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp index 9a62dd3c2..eb0b0ad65 100644 --- a/contrib/epee/src/net_ssl.cpp +++ b/contrib/epee/src/net_ssl.cpp @@ -74,22 +74,23 @@ bool create_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert) { MGINFO("Generating SSL certificate"); pkey = EVP_PKEY_new(); - openssl_pkey pkey_deleter{pkey}; if (!pkey) { MERROR("Failed to create new private key"); return false; } + + openssl_pkey pkey_deleter{pkey}; RSA *rsa = RSA_generate_key(4096, RSA_F4, NULL, NULL); if (!rsa) { MERROR("Error generating RSA private key"); return false; } - if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) + if (EVP_PKEY_assign_RSA(pkey, rsa) <= 0) // The RSA will be automatically freed when the EVP_PKEY structure is freed. { - RSA_free(rsa); MERROR("Error assigning RSA private key"); + RSA_free(rsa); return false; } @@ -117,43 +118,10 @@ bool create_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert) X509_free(cert); return false; } + (void)pkey_deleter.release(); return true; } -bool create_ssl_certificate(std::string &pkey_buffer, std::string &cert_buffer) -{ - EVP_PKEY *pkey; - X509 *cert; - if (!create_ssl_certificate(pkey, cert)) - return false; - BIO *bio_pkey = BIO_new(BIO_s_mem()), *bio_cert = BIO_new(BIO_s_mem()); - openssl_bio bio_pkey_deleter{bio_pkey}; - bool success = PEM_write_bio_PrivateKey(bio_pkey, pkey, NULL, NULL, 0, NULL, NULL) && PEM_write_bio_X509(bio_cert, cert); - X509_free(cert); - if (!success) - { - MERROR("Failed to write cert and/or pkey: " << ERR_get_error()); - return false; - } - BUF_MEM *buf = NULL; - BIO_get_mem_ptr(bio_pkey, &buf); - if (!buf || !buf->data || !buf->length) - { - MERROR("Failed to write pkey: " << ERR_get_error()); - return false; - } - pkey_buffer = std::string(buf->data, buf->length); - buf = NULL; - BIO_get_mem_ptr(bio_cert, &buf); - if (!buf || !buf->data || !buf->length) - { - MERROR("Failed to write cert: " << ERR_get_error()); - return false; - } - cert_buffer = std::string(buf->data, buf->length); - return success; -} - ssl_context_t create_ssl_context(const std::pair<std::string, std::string> &private_key_and_certificate_path, std::list<std::string> allowed_certificates, std::vector<std::vector<uint8_t>> allowed_fingerprints, bool allow_any_cert) { ssl_context_t ssl_context{boost::asio::ssl::context(boost::asio::ssl::context::tlsv12), std::move(allowed_certificates), std::move(allowed_fingerprints)}; @@ -190,10 +158,13 @@ ssl_context_t create_ssl_context(const std::pair<std::string, std::string> &priv CHECK_AND_ASSERT_THROW_MES(private_key_and_certificate_path.first.empty() == private_key_and_certificate_path.second.empty(), "private key and certificate must be either both given or both empty"); if (private_key_and_certificate_path.second.empty()) { - std::string pkey, cert; + EVP_PKEY *pkey; + X509 *cert; CHECK_AND_ASSERT_THROW_MES(create_ssl_certificate(pkey, cert), "Failed to create certificate"); - ssl_context.context.use_private_key(boost::asio::buffer(pkey), boost::asio::ssl::context::pem); - ssl_context.context.use_certificate(boost::asio::buffer(cert), boost::asio::ssl::context::pem); + CHECK_AND_ASSERT_THROW_MES(SSL_CTX_use_certificate(ctx, cert), "Failed to use generated certificate"); + // don't free the cert, the CTX owns it now + CHECK_AND_ASSERT_THROW_MES(SSL_CTX_use_PrivateKey(ctx, pkey), "Failed to use generated private key"); + EVP_PKEY_free(pkey); } else { diff --git a/contrib/epee/src/network_throttle-detail.cpp b/contrib/epee/src/network_throttle-detail.cpp index 0b42402bd..f89e7aec0 100644 --- a/contrib/epee/src/network_throttle-detail.cpp +++ b/contrib/epee/src/network_throttle-detail.cpp @@ -2,7 +2,7 @@ /// @author rfree (current maintainer in monero.cc project) /// @brief implementaion for throttling of connection (count and rate-limit speed etc) -// Copyright (c) 2014-2018, The Monero Project +// Copyright (c) 2014-2019, The Monero Project // // All rights reserved. // diff --git a/contrib/epee/src/network_throttle.cpp b/contrib/epee/src/network_throttle.cpp index 167738855..f4f0b2c46 100644 --- a/contrib/epee/src/network_throttle.cpp +++ b/contrib/epee/src/network_throttle.cpp @@ -26,7 +26,7 @@ Throttling work by: */ -// Copyright (c) 2014-2018, The Monero Project +// Copyright (c) 2014-2019, The Monero Project // // All rights reserved. // diff --git a/contrib/epee/src/wipeable_string.cpp b/contrib/epee/src/wipeable_string.cpp index 69f92e106..3a6ee5dac 100644 --- a/contrib/epee/src/wipeable_string.cpp +++ b/contrib/epee/src/wipeable_string.cpp @@ -1,4 +1,4 @@ -// Copyright (c) 2017-2018, The Monero Project +// Copyright (c) 2017-2019, The Monero Project // // All rights reserved. // |