diff options
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/epee/include/memwipe.h | 84 | ||||
| -rw-r--r-- | contrib/epee/include/net/http_auth.h | 7 | ||||
| -rw-r--r-- | contrib/epee/include/net/http_protocol_handler.h | 3 | ||||
| -rw-r--r-- | contrib/epee/include/net/http_server_impl_base.h | 3 | ||||
| -rw-r--r-- | contrib/epee/include/net/network_throttle.hpp | 3 | ||||
| -rw-r--r-- | contrib/epee/include/serialization/keyvalue_serialization.h | 1 | ||||
| -rw-r--r-- | contrib/epee/include/storages/levin_abstract_invoke2.h | 26 | ||||
| -rw-r--r-- | contrib/epee/include/storages/portable_storage_val_converters.h | 6 | ||||
| -rw-r--r-- | contrib/epee/src/CMakeLists.txt | 9 | ||||
| -rw-r--r-- | contrib/epee/src/connection_basic.cpp | 1 | ||||
| -rw-r--r-- | contrib/epee/src/http_auth.cpp | 7 | ||||
| -rw-r--r-- | contrib/epee/src/memwipe.c | 106 | ||||
| -rw-r--r-- | contrib/epee/src/wipeable_string.cpp | 2 |
13 files changed, 233 insertions, 25 deletions
diff --git a/contrib/epee/include/memwipe.h b/contrib/epee/include/memwipe.h new file mode 100644 index 000000000..c3b4ce8ab --- /dev/null +++ b/contrib/epee/include/memwipe.h @@ -0,0 +1,84 @@ +// Copyright (c) 2017, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers + +#pragma once + +#ifdef __cplusplus +#include <array> + +extern "C" { +#endif + +void *memwipe(void *src, size_t n); + +#ifdef __cplusplus +} +#endif + +#ifdef __cplusplus +namespace tools { + + /// Scrubs data in the contained type upon destruction. + /// + /// Primarily useful for making sure that private keys don't stick around in + /// memory after the objects that held them have gone out of scope. + template <class T> + struct scrubbed : public T { + using type = T; + + ~scrubbed() { + scrub(); + } + + /// Destroy the contents of the contained type. + void scrub() { + static_assert(std::is_pod<T>::value, + "T cannot be auto-scrubbed. T must be POD."); + static_assert(std::is_trivially_destructible<T>::value, + "T cannot be auto-scrubbed. T must be trivially destructable."); + memwipe(this, sizeof(T)); + } + }; + + template <class T, size_t N> + using scrubbed_arr = scrubbed<std::array<T, N>>; +} // namespace tools + +// Partial specialization for std::is_pod<tools::scrubbed<T>> so that it can +// pretend to be the containted type in those contexts. +namespace std +{ + template<class t_scrubbee> + struct is_pod<tools::scrubbed<t_scrubbee>> { + static const bool value = is_pod<t_scrubbee>::value; + }; +} + +#endif // __cplusplus diff --git a/contrib/epee/include/net/http_auth.h b/contrib/epee/include/net/http_auth.h index 841cebc17..71f56b570 100644 --- a/contrib/epee/include/net/http_auth.h +++ b/contrib/epee/include/net/http_auth.h @@ -71,8 +71,8 @@ namespace net_utils std::uint32_t counter; }; - http_server_auth() : user() {} - http_server_auth(login credentials); + http_server_auth() : user(), rng() {} + http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r); //! \return Auth response, or `boost::none` iff `request` had valid auth. boost::optional<http_response_info> get_response(const http_request_info& request) @@ -81,10 +81,13 @@ namespace net_utils return do_get_response(request); return boost::none; } + private: boost::optional<http_response_info> do_get_response(const http_request_info& request); boost::optional<session> user; + + std::function<void(size_t, uint8_t*)> rng; }; //! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added. diff --git a/contrib/epee/include/net/http_protocol_handler.h b/contrib/epee/include/net/http_protocol_handler.h index 652d8ff6f..b4485d1cd 100644 --- a/contrib/epee/include/net/http_protocol_handler.h +++ b/contrib/epee/include/net/http_protocol_handler.h @@ -160,6 +160,7 @@ namespace net_utils struct custum_handler_config: public http_server_config { i_http_server_handler<t_connection_context>* m_phandler; + std::function<void(size_t, uint8_t*)> rng; }; /************************************************************************/ @@ -176,7 +177,7 @@ namespace net_utils : simple_http_connection_handler<t_connection_context>(psnd_hndlr, config), m_config(config), m_conn_context(conn_context), - m_auth(m_config.m_user ? http_server_auth{*m_config.m_user} : http_server_auth{}) + m_auth(m_config.m_user ? http_server_auth{*m_config.m_user, config.rng} : http_server_auth{}) {} inline bool handle_request(const http_request_info& query_info, http_response_info& response) { diff --git a/contrib/epee/include/net/http_server_impl_base.h b/contrib/epee/include/net/http_server_impl_base.h index 8b8e31b51..1a97e610a 100644 --- a/contrib/epee/include/net/http_server_impl_base.h +++ b/contrib/epee/include/net/http_server_impl_base.h @@ -55,13 +55,14 @@ namespace epee : m_net_server(external_io_service) {} - bool init(const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0", + bool init(std::function<void(size_t, uint8_t*)> rng, const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0", std::vector<std::string> access_control_origins = std::vector<std::string>(), boost::optional<net_utils::http::login> user = boost::none) { //set self as callback handler m_net_server.get_config_object().m_phandler = static_cast<t_child_class*>(this); + m_net_server.get_config_object().rng = std::move(rng); //here set folder for hosting reqests m_net_server.get_config_object().m_folder = ""; diff --git a/contrib/epee/include/net/network_throttle.hpp b/contrib/epee/include/net/network_throttle.hpp index fffd22a6a..225ffee04 100644 --- a/contrib/epee/include/net/network_throttle.hpp +++ b/contrib/epee/include/net/network_throttle.hpp @@ -99,8 +99,6 @@ struct calculate_times_struct { typedef calculate_times_struct calculate_times_struct; -namespace cryptonote { class cryptonote_protocol_handler_base; } // a friend class // TODO friend not working - /*** @brief Access to simple throttles, with singlton to access global network limits */ @@ -117,7 +115,6 @@ class network_throttle_manager { static boost::mutex m_lock_get_global_throttle_inreq; static boost::mutex m_lock_get_global_throttle_out; - friend class cryptonote::cryptonote_protocol_handler_base; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS! friend class connection_basic; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS! friend class connection_basic_pimpl; // ditto diff --git a/contrib/epee/include/serialization/keyvalue_serialization.h b/contrib/epee/include/serialization/keyvalue_serialization.h index d4413a71b..5791e1998 100644 --- a/contrib/epee/include/serialization/keyvalue_serialization.h +++ b/contrib/epee/include/serialization/keyvalue_serialization.h @@ -31,7 +31,6 @@ #include "misc_log_ex.h" #include "enableable.h" #include "keyvalue_serialization_overloads.h" -#include "serialization/serialization.h" namespace epee { diff --git a/contrib/epee/include/storages/levin_abstract_invoke2.h b/contrib/epee/include/storages/levin_abstract_invoke2.h index 8ced9d689..b4f7abca8 100644 --- a/contrib/epee/include/storages/levin_abstract_invoke2.h +++ b/contrib/epee/include/storages/levin_abstract_invoke2.h @@ -60,8 +60,7 @@ namespace epee LOG_ERROR("Failed to load_from_binary on command " << command); return false; } - result_struct.load(stg_ret); - return true; + return result_struct.load(stg_ret); } template<class t_arg, class t_transport> @@ -105,9 +104,7 @@ namespace epee LOG_ERROR("Failed to load_from_binary on command " << command); return false; } - result_struct.load(stg_ret); - - return true; + return result_struct.load(stg_ret); } template<class t_result, class t_arg, class callback_t, class t_transport> @@ -133,7 +130,12 @@ namespace epee cb(LEVIN_ERROR_FORMAT, result_struct, context); return false; } - result_struct.load(stg_ret); + if (!result_struct.load(stg_ret)) + { + LOG_ERROR("Failed to load result struct on command " << command); + cb(LEVIN_ERROR_FORMAT, result_struct, context); + return false; + } cb(code, result_struct, context); return true; }, inv_timeout); @@ -176,7 +178,11 @@ namespace epee boost::value_initialized<t_in_type> in_struct; boost::value_initialized<t_out_type> out_struct; - static_cast<t_in_type&>(in_struct).load(strg); + if (!static_cast<t_in_type&>(in_struct).load(strg)) + { + LOG_ERROR("Failed to load in_struct in command " << command); + return -1; + } int res = cb(command, static_cast<t_in_type&>(in_struct), static_cast<t_out_type&>(out_struct), context); serialization::portable_storage strg_out; static_cast<t_out_type&>(out_struct).store(strg_out); @@ -200,7 +206,11 @@ namespace epee return -1; } boost::value_initialized<t_in_type> in_struct; - static_cast<t_in_type&>(in_struct).load(strg); + if (!static_cast<t_in_type&>(in_struct).load(strg)) + { + LOG_ERROR("Failed to load in_struct in notify " << command); + return -1; + } return cb(command, in_struct, context); } diff --git a/contrib/epee/include/storages/portable_storage_val_converters.h b/contrib/epee/include/storages/portable_storage_val_converters.h index 52aa09eba..36bb28627 100644 --- a/contrib/epee/include/storages/portable_storage_val_converters.h +++ b/contrib/epee/include/storages/portable_storage_val_converters.h @@ -28,6 +28,7 @@ #pragma once +#include <time.h> #include <boost/regex.hpp> #include "misc_language.h" @@ -149,9 +150,14 @@ POP_WARNINGS else if (boost::regex_match (from, boost::regex("\\d{4}-[01]\\d-[0-3]\\dT[0-2]\\d:[0-5]\\d:[0-5]\\dZ"))) { // Convert to unix timestamp +#ifdef HAVE_STRPTIME + struct tm tm; + if (strptime(from.c_str(), "%Y-%m-%dT%H:%M:%S", &tm)) +#else std::tm tm = {}; std::istringstream ss(from); if (ss >> std::get_time(&tm, "%Y-%m-%dT%H:%M:%S")) +#endif to = std::mktime(&tm); } else ASSERT_AND_THROW_WRONG_CONVERSION(); diff --git a/contrib/epee/src/CMakeLists.txt b/contrib/epee/src/CMakeLists.txt index b6967e8fc..538c7ce91 100644 --- a/contrib/epee/src/CMakeLists.txt +++ b/contrib/epee/src/CMakeLists.txt @@ -26,12 +26,16 @@ # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF # THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp +add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp memwipe.c connection_basic.cpp network_throttle.cpp network_throttle-detail.cpp) if (USE_READLINE AND GNU_READLINE_FOUND) add_library(epee_readline STATIC readline_buffer.cpp) endif() +if(HAVE_C11) +SET_PROPERTY(SOURCE memwipe.c PROPERTY COMPILE_FLAGS -std=c11) +endif() + # Build and install libepee if we're building for GUI if (BUILD_GUI_DEPS) if(IOS) @@ -49,7 +53,6 @@ endif() target_link_libraries(epee PUBLIC - cncrypto easylogging ${Boost_FILESYSTEM_LIBRARY} PRIVATE @@ -61,5 +64,5 @@ if (USE_READLINE AND GNU_READLINE_FOUND) PUBLIC easylogging PRIVATE - ${Readline_LIBRARY}) + ${GNU_READLINE_LIBRARY}) endif() diff --git a/contrib/epee/src/connection_basic.cpp b/contrib/epee/src/connection_basic.cpp index 534044a79..5848d1268 100644 --- a/contrib/epee/src/connection_basic.cpp +++ b/contrib/epee/src/connection_basic.cpp @@ -78,7 +78,6 @@ // TODO: #include "net/network_throttle-detail.hpp" -#include "cryptonote_core/cryptonote_core.h" #undef MONERO_DEFAULT_LOG_CATEGORY #define MONERO_DEFAULT_LOG_CATEGORY "net.p2p" diff --git a/contrib/epee/src/http_auth.cpp b/contrib/epee/src/http_auth.cpp index f06f05528..5b8d892ff 100644 --- a/contrib/epee/src/http_auth.cpp +++ b/contrib/epee/src/http_auth.cpp @@ -66,7 +66,6 @@ #include <tuple> #include <type_traits> -#include "crypto/crypto.h" #include "hex.h" #include "md5_l.h" #include "string_coding.h" @@ -711,8 +710,8 @@ namespace epee { namespace http { - http_server_auth::http_server_auth(login credentials) - : user(session{std::move(credentials)}) { + http_server_auth::http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r) + : user(session{std::move(credentials)}), rng(std::move(r)) { } boost::optional<http_response_info> http_server_auth::do_get_response(const http_request_info& request) @@ -746,7 +745,7 @@ namespace epee user->counter = 0; { std::array<std::uint8_t, 16> rand_128bit{{}}; - crypto::rand(rand_128bit.size(), rand_128bit.data()); + rng(rand_128bit.size(), rand_128bit.data()); user->nonce = string_encoding::base64_encode(rand_128bit.data(), rand_128bit.size()); } return create_digest_response(user->nonce, is_stale); diff --git a/contrib/epee/src/memwipe.c b/contrib/epee/src/memwipe.c new file mode 100644 index 000000000..da7e9f346 --- /dev/null +++ b/contrib/epee/src/memwipe.c @@ -0,0 +1,106 @@ +// Copyright (c) 2017, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +// Parts of this file Copyright (c) 2009-2015 The Bitcoin Core developers + +#define __STDC_WANT_LIB_EXT1__ 1 +#include <string.h> +#include <stdlib.h> +#ifdef HAVE_EXPLICIT_BZERO +#include <strings.h> +#endif +#include "memwipe.h" + +#if defined(_MSC_VER) +#define SCARECROW \ + __asm; +#else +#define SCARECROW \ + __asm__ __volatile__("" : : "r"(ptr) : "memory"); +#endif + +#ifdef HAVE_MEMSET_S + +void *memwipe(void *ptr, size_t n) +{ + if (memset_s(ptr, n, 0, n)) + { + abort(); + } + SCARECROW // might as well... + return ptr; +} + +#elif defined HAVE_EXPLICIT_BZERO + +void *memwipe(void *ptr, size_t n) +{ + explicit_bzero(ptr, n); + SCARECROW + return ptr; +} + +#else + +/* The memory_cleanse implementation is taken from Bitcoin */ + +/* Compilers have a bad habit of removing "superfluous" memset calls that + * are trying to zero memory. For example, when memset()ing a buffer and + * then free()ing it, the compiler might decide that the memset is + * unobservable and thus can be removed. + * + * Previously we used OpenSSL which tried to stop this by a) implementing + * memset in assembly on x86 and b) putting the function in its own file + * for other platforms. + * + * This change removes those tricks in favour of using asm directives to + * scare the compiler away. As best as our compiler folks can tell, this is + * sufficient and will continue to be so. + * + * Adam Langley <agl@google.com> + * Commit: ad1907fe73334d6c696c8539646c21b11178f20f + * BoringSSL (LICENSE: ISC) + */ +static void memory_cleanse(void *ptr, size_t len) +{ + memset(ptr, 0, len); + + /* As best as we can tell, this is sufficient to break any optimisations that + might try to eliminate "superfluous" memsets. If there's an easy way to + detect memset_s, it would be better to use that. */ + SCARECROW +} + +void *memwipe(void *ptr, size_t n) +{ + memory_cleanse(ptr, n); + SCARECROW + return ptr; +} + +#endif diff --git a/contrib/epee/src/wipeable_string.cpp b/contrib/epee/src/wipeable_string.cpp index 894c47bbd..08a975e58 100644 --- a/contrib/epee/src/wipeable_string.cpp +++ b/contrib/epee/src/wipeable_string.cpp @@ -100,7 +100,7 @@ void wipeable_string::grow(size_t sz, size_t reserved) wipefunc(buffer.data(), old_sz * sizeof(char)); buffer.reserve(reserved); buffer.resize(sz); - memcpy(buffer.data(), tmp.get(), sz * sizeof(char)); + memcpy(buffer.data(), tmp.get(), old_sz * sizeof(char)); wipefunc(tmp.get(), old_sz * sizeof(char)); } |