aboutsummaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'contrib')
-rw-r--r--contrib/epee/include/file_io_utils.h20
-rw-r--r--contrib/epee/include/memwipe.h84
-rw-r--r--contrib/epee/include/misc_os_dependent.h4
-rw-r--r--contrib/epee/include/net/abstract_tcp_server.h2
-rw-r--r--contrib/epee/include/net/abstract_tcp_server2.inl12
-rw-r--r--contrib/epee/include/net/http_auth.h7
-rw-r--r--contrib/epee/include/net/http_client.h186
-rw-r--r--contrib/epee/include/net/http_protocol_handler.h3
-rw-r--r--contrib/epee/include/net/http_protocol_handler.inl7
-rw-r--r--contrib/epee/include/net/http_server_impl_base.h3
-rw-r--r--contrib/epee/include/net/levin_protocol_handler_async.h36
-rw-r--r--contrib/epee/include/net/net_parse_helpers.h4
-rw-r--r--contrib/epee/include/net/network_throttle.hpp5
-rw-r--r--contrib/epee/include/serialization/keyvalue_serialization.h1
-rw-r--r--contrib/epee/include/storages/portable_storage_val_converters.h6
-rw-r--r--contrib/epee/include/string_tools.h2
-rw-r--r--contrib/epee/src/CMakeLists.txt7
-rw-r--r--contrib/epee/src/connection_basic.cpp1
-rw-r--r--contrib/epee/src/http_auth.cpp7
-rw-r--r--contrib/epee/src/memwipe.c106
-rw-r--r--contrib/epee/src/mlog.cpp1
-rw-r--r--contrib/epee/src/network_throttle-detail.cpp8
-rw-r--r--contrib/epee/src/network_throttle.cpp3
-rw-r--r--contrib/epee/src/wipeable_string.cpp2
-rwxr-xr-xcontrib/fuzz_testing/fuzz.sh16
25 files changed, 405 insertions, 128 deletions
diff --git a/contrib/epee/include/file_io_utils.h b/contrib/epee/include/file_io_utils.h
index f037b4dd5..989d16fba 100644
--- a/contrib/epee/include/file_io_utils.h
+++ b/contrib/epee/include/file_io_utils.h
@@ -133,6 +133,26 @@ namespace file_io_utils
return false;
}
}
+
+ inline
+ bool get_file_size(const std::string& path_to_file, uint64_t &size)
+ {
+ try
+ {
+ std::ifstream fstream;
+ fstream.exceptions(std::ifstream::failbit | std::ifstream::badbit);
+ fstream.open(path_to_file, std::ios_base::binary | std::ios_base::in | std::ios::ate);
+ size = fstream.tellg();
+ fstream.close();
+ return true;
+ }
+
+ catch(...)
+ {
+ return false;
+ }
+ }
+
}
}
diff --git a/contrib/epee/include/memwipe.h b/contrib/epee/include/memwipe.h
new file mode 100644
index 000000000..c3b4ce8ab
--- /dev/null
+++ b/contrib/epee/include/memwipe.h
@@ -0,0 +1,84 @@
+// Copyright (c) 2017, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
+
+#pragma once
+
+#ifdef __cplusplus
+#include <array>
+
+extern "C" {
+#endif
+
+void *memwipe(void *src, size_t n);
+
+#ifdef __cplusplus
+}
+#endif
+
+#ifdef __cplusplus
+namespace tools {
+
+ /// Scrubs data in the contained type upon destruction.
+ ///
+ /// Primarily useful for making sure that private keys don't stick around in
+ /// memory after the objects that held them have gone out of scope.
+ template <class T>
+ struct scrubbed : public T {
+ using type = T;
+
+ ~scrubbed() {
+ scrub();
+ }
+
+ /// Destroy the contents of the contained type.
+ void scrub() {
+ static_assert(std::is_pod<T>::value,
+ "T cannot be auto-scrubbed. T must be POD.");
+ static_assert(std::is_trivially_destructible<T>::value,
+ "T cannot be auto-scrubbed. T must be trivially destructable.");
+ memwipe(this, sizeof(T));
+ }
+ };
+
+ template <class T, size_t N>
+ using scrubbed_arr = scrubbed<std::array<T, N>>;
+} // namespace tools
+
+// Partial specialization for std::is_pod<tools::scrubbed<T>> so that it can
+// pretend to be the containted type in those contexts.
+namespace std
+{
+ template<class t_scrubbee>
+ struct is_pod<tools::scrubbed<t_scrubbee>> {
+ static const bool value = is_pod<t_scrubbee>::value;
+ };
+}
+
+#endif // __cplusplus
diff --git a/contrib/epee/include/misc_os_dependent.h b/contrib/epee/include/misc_os_dependent.h
index 81cecf714..99690b301 100644
--- a/contrib/epee/include/misc_os_dependent.h
+++ b/contrib/epee/include/misc_os_dependent.h
@@ -23,6 +23,10 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
+#ifdef _WIN32
+#include <Winsock2.h>
+#endif
+
#ifdef WIN32
#ifndef WIN32_LEAN_AND_MEAN
#define WIN32_LEAN_AND_MEAN
diff --git a/contrib/epee/include/net/abstract_tcp_server.h b/contrib/epee/include/net/abstract_tcp_server.h
index 000305cfa..cbad1717c 100644
--- a/contrib/epee/include/net/abstract_tcp_server.h
+++ b/contrib/epee/include/net/abstract_tcp_server.h
@@ -305,7 +305,7 @@ namespace net_utils
m_connections.back().powner = this;
m_connections.back().m_self_it = --m_connections.end();
m_connections.back().m_context.m_remote_address = remote_address;
- m_connections.back().m_htread = threads_helper::create_thread(ConnectionHandlerProc, &m_connections.back());
+ m_connections.back().m_htread = threads_helper::create_thread(ConnectionHandlerProc, &m_connections.back()); // ugh, seems very risky
return true;
}
diff --git a/contrib/epee/include/net/abstract_tcp_server2.inl b/contrib/epee/include/net/abstract_tcp_server2.inl
index 04d884af2..870f6c2b2 100644
--- a/contrib/epee/include/net/abstract_tcp_server2.inl
+++ b/contrib/epee/include/net/abstract_tcp_server2.inl
@@ -735,7 +735,17 @@ PRAGMA_WARNING_DISABLE_VS(4355)
boost::asio::placeholders::error));
return true;
- CATCH_ENTRY_L0("boosted_tcp_server<t_protocol_handler>::init_server", false);
+ }
+ catch (const std::exception &e)
+ {
+ MFATAL("Error starting server: " << e.what());
+ return false;
+ }
+ catch (...)
+ {
+ MFATAL("Error starting server");
+ return false;
+ }
}
//-----------------------------------------------------------------------------
PUSH_WARNINGS
diff --git a/contrib/epee/include/net/http_auth.h b/contrib/epee/include/net/http_auth.h
index 841cebc17..71f56b570 100644
--- a/contrib/epee/include/net/http_auth.h
+++ b/contrib/epee/include/net/http_auth.h
@@ -71,8 +71,8 @@ namespace net_utils
std::uint32_t counter;
};
- http_server_auth() : user() {}
- http_server_auth(login credentials);
+ http_server_auth() : user(), rng() {}
+ http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r);
//! \return Auth response, or `boost::none` iff `request` had valid auth.
boost::optional<http_response_info> get_response(const http_request_info& request)
@@ -81,10 +81,13 @@ namespace net_utils
return do_get_response(request);
return boost::none;
}
+
private:
boost::optional<http_response_info> do_get_response(const http_request_info& request);
boost::optional<session> user;
+
+ std::function<void(size_t, uint8_t*)> rng;
};
//! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added.
diff --git a/contrib/epee/include/net/http_client.h b/contrib/epee/include/net/http_client.h
index 1a9d5d064..1edf65928 100644
--- a/contrib/epee/include/net/http_client.h
+++ b/contrib/epee/include/net/http_client.h
@@ -27,6 +27,7 @@
#pragma once
+#include <ctype.h>
#include <boost/shared_ptr.hpp>
#include <boost/regex.hpp>
#include <boost/lexical_cast.hpp>
@@ -236,7 +237,8 @@ namespace net_utils
namespace http
{
- class http_simple_client: public i_target_handler
+ template<typename net_client_type>
+ class http_simple_client_template: public i_target_handler
{
private:
enum reciev_machine_state
@@ -259,7 +261,7 @@ namespace net_utils
};
- blocked_mode_client m_net_client;
+ net_client_type m_net_client;
std::string m_host_buff;
std::string m_port;
http_client_auth m_auth;
@@ -276,7 +278,7 @@ namespace net_utils
bool m_ssl;
public:
- explicit http_simple_client()
+ explicit http_simple_client_template()
: i_target_handler()
, m_net_client()
, m_host_buff()
@@ -428,6 +430,15 @@ namespace net_utils
CRITICAL_REGION_LOCAL(m_lock);
return invoke(uri, "POST", body, timeout, ppresponse_info, additional_params);
}
+ //---------------------------------------------------------------------------
+ bool test(const std::string &s, std::chrono::milliseconds timeout) // TEST FUNC ONLY
+ {
+ CRITICAL_REGION_LOCAL(m_lock);
+ m_net_client.set_test_data(s);
+ m_state = reciev_machine_state_header;
+ return handle_reciev(timeout);
+ }
+ //---------------------------------------------------------------------------
private:
//---------------------------------------------------------------------------
inline bool handle_reciev(std::chrono::milliseconds timeout)
@@ -742,87 +753,107 @@ namespace net_utils
return true;
}
//---------------------------------------------------------------------------
- inline
- bool parse_header(http_header_info& body_info, const std::string& m_cache_to_process)
- {
+ inline bool parse_header(http_header_info& body_info, const std::string& m_cache_to_process)
+ {
MTRACE("http_stream_filter::parse_cached_header(*)");
-
- STATIC_REGEXP_EXPR_1(rexp_mach_field,
- "\n?((Connection)|(Referer)|(Content-Length)|(Content-Type)|(Transfer-Encoding)|(Content-Encoding)|(Host)|(Cookie)|(User-Agent)|(Origin)"
- // 12 3 4 5 6 7 8 9 10 11
- "|([\\w-]+?)) ?: ?((.*?)(\r?\n))[^\t ]",
- //12 13 14 15
- boost::regex::icase | boost::regex::normal);
- boost::smatch result;
- std::string::const_iterator it_current_bound = m_cache_to_process.begin();
- std::string::const_iterator it_end_bound = m_cache_to_process.end();
-
-
-
- //lookup all fields and fill well-known fields
- while( boost::regex_search( it_current_bound, it_end_bound, result, rexp_mach_field, boost::match_default) && result[0].matched)
+ const char *ptr = m_cache_to_process.c_str();
+ while (ptr[0] != '\r' || ptr[1] != '\n')
{
- const size_t field_val = 14;
- //const size_t field_etc_name = 11;
-
- int i = 2; //start position = 2
- if(result[i++].matched)//"Connection"
- body_info.m_connection = result[field_val];
- else if(result[i++].matched)//"Referrer"
- body_info.m_referer = result[field_val];
- else if(result[i++].matched)//"Content-Length"
- body_info.m_content_length = result[field_val];
- else if(result[i++].matched)//"Content-Type"
- body_info.m_content_type = result[field_val];
- else if(result[i++].matched)//"Transfer-Encoding"
- body_info.m_transfer_encoding = result[field_val];
- else if(result[i++].matched)//"Content-Encoding"
- body_info.m_content_encoding = result[field_val];
- else if(result[i++].matched)//"Host"
- { body_info.m_host = result[field_val];
- string_tools::trim(body_info.m_host);
+ // optional \n
+ if (*ptr == '\n')
+ ++ptr;
+ // an identifier composed of letters or -
+ const char *key_pos = ptr;
+ while (isalnum(*ptr) || *ptr == '_' || *ptr == '-')
+ ++ptr;
+ const char *key_end = ptr;
+ // optional space (not in RFC, but in previous code)
+ if (*ptr == ' ')
+ ++ptr;
+ CHECK_AND_ASSERT_MES(*ptr == ':', true, "http_stream_filter::parse_cached_header() invalid header in: " << m_cache_to_process);
+ ++ptr;
+ // optional whitespace, but not newlines - line folding is obsolete, let's ignore it
+ while (isblank(*ptr))
+ ++ptr;
+ const char *value_pos = ptr;
+ while (*ptr != '\r' && *ptr != '\n')
+ ++ptr;
+ const char *value_end = ptr;
+ // optional trailing whitespace
+ while (value_end > value_pos && isblank(*(value_end-1)))
+ --value_end;
+ if (*ptr == '\r')
+ ++ptr;
+ CHECK_AND_ASSERT_MES(*ptr == '\n', true, "http_stream_filter::parse_cached_header() invalid header in: " << m_cache_to_process);
+ ++ptr;
+
+ const std::string key = std::string(key_pos, key_end - key_pos);
+ const std::string value = std::string(value_pos, value_end - value_pos);
+ if (!key.empty())
+ {
+ if (!string_tools::compare_no_case(key, "Connection"))
+ body_info.m_connection = value;
+ else if(!string_tools::compare_no_case(key, "Referrer"))
+ body_info.m_referer = value;
+ else if(!string_tools::compare_no_case(key, "Content-Length"))
+ body_info.m_content_length = value;
+ else if(!string_tools::compare_no_case(key, "Content-Type"))
+ body_info.m_content_type = value;
+ else if(!string_tools::compare_no_case(key, "Transfer-Encoding"))
+ body_info.m_transfer_encoding = value;
+ else if(!string_tools::compare_no_case(key, "Content-Encoding"))
+ body_info.m_content_encoding = value;
+ else if(!string_tools::compare_no_case(key, "Host"))
+ body_info.m_host = value;
+ else if(!string_tools::compare_no_case(key, "Cookie"))
+ body_info.m_cookie = value;
+ else if(!string_tools::compare_no_case(key, "User-Agent"))
+ body_info.m_user_agent = value;
+ else if(!string_tools::compare_no_case(key, "Origin"))
+ body_info.m_origin = value;
+ else
+ body_info.m_etc_fields.emplace_back(key, value);
}
- else if(result[i++].matched)//"Cookie"
- body_info.m_cookie = result[field_val];
- else if(result[i++].matched)//"User-Agent"
- body_info.m_user_agent = result[field_val];
- else if(result[i++].matched)//"Origin"
- body_info.m_origin = result[field_val];
- else if(result[i++].matched)//e.t.c (HAVE TO BE MATCHED!)
- body_info.m_etc_fields.emplace_back(result[12], result[field_val]);
- else
- {CHECK_AND_ASSERT_MES(false, false, "http_stream_filter::parse_cached_header() not matched last entry in:"<<m_cache_to_process);}
-
- it_current_bound = result[(int)result.size()-1]. first;
}
- return true;
-
+ return true;
}
- inline
- bool analize_first_response_line()
+ //---------------------------------------------------------------------------
+ inline bool analize_first_response_line()
{
-
- //First line response, look like this: "HTTP/1.1 200 OK"
- STATIC_REGEXP_EXPR_1(rexp_match_first_response_line, "^HTTP/(\\d+).(\\d+) ((\\d)\\d{2})( [^\n]*)?\r?\n", boost::regex::icase | boost::regex::normal);
- // 1 2 34 5
- //size_t match_len = 0;
- boost::smatch result;
- if(boost::regex_search( m_header_cache, result, rexp_match_first_response_line, boost::match_default) && result[0].matched)
- {
- CHECK_AND_ASSERT_MES(result[1].matched&&result[2].matched, false, "http_stream_filter::handle_invoke_reply_line() assert failed...");
- m_response_info.m_http_ver_hi = boost::lexical_cast<int>(result[1]);
- m_response_info.m_http_ver_lo = boost::lexical_cast<int>(result[2]);
- m_response_info.m_response_code = boost::lexical_cast<int>(result[3]);
-
- m_header_cache.erase(to_nonsonst_iterator(m_header_cache, result[0].first), to_nonsonst_iterator(m_header_cache, result[0].second));
- return true;
- }else
- {
- LOG_ERROR("http_stream_filter::handle_invoke_reply_line(): Failed to match first response line:" << m_header_cache);
- return false;
- }
-
+ //First line response, look like this: "HTTP/1.1 200 OK"
+ const char *ptr = m_header_cache.c_str();
+ CHECK_AND_ASSERT_MES(!memcmp(ptr, "HTTP/", 5), false, "Invalid first response line: " + m_header_cache);
+ ptr += 5;
+ CHECK_AND_ASSERT_MES(isdigit(*ptr), false, "Invalid first response line: " + m_header_cache);
+ unsigned long ul;
+ char *end;
+ ul = strtoul(ptr, &end, 10);
+ CHECK_AND_ASSERT_MES(ul <= INT_MAX && *end =='.', false, "Invalid first response line: " + m_header_cache);
+ m_response_info.m_http_ver_hi = ul;
+ ptr = end + 1;
+ CHECK_AND_ASSERT_MES(isdigit(*ptr), false, "Invalid first response line: " + m_header_cache + ", ptr: " << ptr);
+ ul = strtoul(ptr, &end, 10);
+ CHECK_AND_ASSERT_MES(ul <= INT_MAX && isblank(*end), false, "Invalid first response line: " + m_header_cache + ", ptr: " << ptr);
+ m_response_info.m_http_ver_lo = ul;
+ ptr = end + 1;
+ while (isblank(*ptr))
+ ++ptr;
+ CHECK_AND_ASSERT_MES(isdigit(*ptr), false, "Invalid first response line: " + m_header_cache);
+ ul = strtoul(ptr, &end, 10);
+ CHECK_AND_ASSERT_MES(ul >= 100 && ul <= 999 && isspace(*end), false, "Invalid first response line: " + m_header_cache);
+ m_response_info.m_response_code = ul;
+ ptr = end;
+ // ignore the optional text, till the end
+ while (*ptr != '\r' && *ptr != '\n')
+ ++ptr;
+ if (*ptr == '\r')
+ ++ptr;
+ CHECK_AND_ASSERT_MES(*ptr == '\n', false, "Invalid first response line: " << m_header_cache);
+ ++ptr;
+
+ m_header_cache.erase(0, ptr - m_header_cache.c_str());
+ return true;
}
inline
bool set_reply_content_encoder()
@@ -957,6 +988,7 @@ namespace net_utils
return true;
}
};
+ typedef http_simple_client_template<blocked_mode_client> http_simple_client;
}
}
}
diff --git a/contrib/epee/include/net/http_protocol_handler.h b/contrib/epee/include/net/http_protocol_handler.h
index 652d8ff6f..b4485d1cd 100644
--- a/contrib/epee/include/net/http_protocol_handler.h
+++ b/contrib/epee/include/net/http_protocol_handler.h
@@ -160,6 +160,7 @@ namespace net_utils
struct custum_handler_config: public http_server_config
{
i_http_server_handler<t_connection_context>* m_phandler;
+ std::function<void(size_t, uint8_t*)> rng;
};
/************************************************************************/
@@ -176,7 +177,7 @@ namespace net_utils
: simple_http_connection_handler<t_connection_context>(psnd_hndlr, config),
m_config(config),
m_conn_context(conn_context),
- m_auth(m_config.m_user ? http_server_auth{*m_config.m_user} : http_server_auth{})
+ m_auth(m_config.m_user ? http_server_auth{*m_config.m_user, config.rng} : http_server_auth{})
{}
inline bool handle_request(const http_request_info& query_info, http_response_info& response)
{
diff --git a/contrib/epee/include/net/http_protocol_handler.inl b/contrib/epee/include/net/http_protocol_handler.inl
index c555707ac..c18f7f706 100644
--- a/contrib/epee/include/net/http_protocol_handler.inl
+++ b/contrib/epee/include/net/http_protocol_handler.inl
@@ -345,7 +345,12 @@ namespace net_utils
{
analize_http_method(result, m_query_info.m_http_method, m_query_info.m_http_ver_hi, m_query_info.m_http_ver_hi);
m_query_info.m_URI = result[10];
- parse_uri(m_query_info.m_URI, m_query_info.m_uri_content);
+ if (!parse_uri(m_query_info.m_URI, m_query_info.m_uri_content))
+ {
+ m_state = http_state_error;
+ MERROR("Failed to parse URI: m_query_info.m_URI");
+ return false;
+ }
m_query_info.m_http_method_str = result[2];
m_query_info.m_full_request_str = result[0];
diff --git a/contrib/epee/include/net/http_server_impl_base.h b/contrib/epee/include/net/http_server_impl_base.h
index 8b8e31b51..1a97e610a 100644
--- a/contrib/epee/include/net/http_server_impl_base.h
+++ b/contrib/epee/include/net/http_server_impl_base.h
@@ -55,13 +55,14 @@ namespace epee
: m_net_server(external_io_service)
{}
- bool init(const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0",
+ bool init(std::function<void(size_t, uint8_t*)> rng, const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0",
std::vector<std::string> access_control_origins = std::vector<std::string>(),
boost::optional<net_utils::http::login> user = boost::none)
{
//set self as callback handler
m_net_server.get_config_object().m_phandler = static_cast<t_child_class*>(this);
+ m_net_server.get_config_object().rng = std::move(rng);
//here set folder for hosting reqests
m_net_server.get_config_object().m_folder = "";
diff --git a/contrib/epee/include/net/levin_protocol_handler_async.h b/contrib/epee/include/net/levin_protocol_handler_async.h
index 7b526e4e7..5b825cef9 100644
--- a/contrib/epee/include/net/levin_protocol_handler_async.h
+++ b/contrib/epee/include/net/levin_protocol_handler_async.h
@@ -99,6 +99,7 @@ public:
async_protocol_handler_config():m_pcommands_handler(NULL), m_pcommands_handler_destroy(NULL), m_max_packet_size(LEVIN_DEFAULT_MAX_PACKET_SIZE)
{}
+ ~async_protocol_handler_config() { set_handler(NULL, NULL); }
void del_out_connections(size_t count);
};
@@ -378,12 +379,16 @@ public:
if(m_cache_in_buffer.size() < m_current_head.m_cb)
{
is_continue = false;
- if(cb >= MIN_BYTES_WANTED && !m_invoke_response_handlers.empty())
+ if(cb >= MIN_BYTES_WANTED)
{
- //async call scenario
- boost::shared_ptr<invoke_response_handler_base> response_handler = m_invoke_response_handlers.front();
- response_handler->reset_timer();
- MDEBUG(m_connection_context << "LEVIN_PACKET partial msg received. len=" << cb);
+ CRITICAL_REGION_LOCAL(m_invoke_response_handlers_lock);
+ if (!m_invoke_response_handlers.empty())
+ {
+ //async call scenario
+ boost::shared_ptr<invoke_response_handler_base> response_handler = m_invoke_response_handlers.front();
+ response_handler->reset_timer();
+ MDEBUG(m_connection_context << "LEVIN_PACKET partial msg received. len=" << cb);
+ }
}
break;
}
@@ -745,15 +750,18 @@ void async_protocol_handler_config<t_connection_context>::del_out_connections(si
shuffle(out_connections.begin(), out_connections.end(), std::default_random_engine(seed));
while (count > 0 && out_connections.size() > 0)
{
- boost::uuids::uuid connection_id = *out_connections.begin();
- async_protocol_handler<t_connection_context> *connection = find_connection(connection_id);
- // we temporarily ref the connection so it doesn't drop from the m_connects table
- // when we close it
- connection->start_outer_call();
- close(connection_id);
- del_connection(m_connects.at(connection_id));
- out_connections.erase(out_connections.begin());
- connection->finish_outer_call();
+ try
+ {
+ auto i = out_connections.begin();
+ async_protocol_handler<t_connection_context> *conn = m_connects.at(*i);
+ del_connection(conn);
+ close(*i);
+ out_connections.erase(i);
+ }
+ catch (const std::out_of_range &e)
+ {
+ MWARNING("Connection not found in m_connects, continuing");
+ }
--count;
}
diff --git a/contrib/epee/include/net/net_parse_helpers.h b/contrib/epee/include/net/net_parse_helpers.h
index 08d2a2000..708cce0ff 100644
--- a/contrib/epee/include/net/net_parse_helpers.h
+++ b/contrib/epee/include/net/net_parse_helpers.h
@@ -103,7 +103,7 @@ namespace net_utils
STATIC_REGEXP_EXPR_1(rexp_match_uri, "^([^?#]*)(\\?([^#]*))?(#(.*))?", boost::regex::icase | boost::regex::normal);
boost::smatch result;
- if(!boost::regex_search(uri, result, rexp_match_uri, boost::match_default) && result[0].matched)
+ if(!(boost::regex_search(uri, result, rexp_match_uri, boost::match_default) && result[0].matched))
{
LOG_PRINT_L1("[PARSE URI] regex not matched for uri: " << uri);
content.m_path = uri;
@@ -139,7 +139,7 @@ namespace net_utils
// 12 34 5 6 7
content.port = 0;
boost::smatch result;
- if(!boost::regex_search(url_str, result, rexp_match_uri, boost::match_default) && result[0].matched)
+ if(!(boost::regex_search(url_str, result, rexp_match_uri, boost::match_default) && result[0].matched))
{
LOG_PRINT_L1("[PARSE URI] regex not matched for uri: " << rexp_match_uri);
//content.m_path = uri;
diff --git a/contrib/epee/include/net/network_throttle.hpp b/contrib/epee/include/net/network_throttle.hpp
index 464b34726..225ffee04 100644
--- a/contrib/epee/include/net/network_throttle.hpp
+++ b/contrib/epee/include/net/network_throttle.hpp
@@ -99,8 +99,6 @@ struct calculate_times_struct {
typedef calculate_times_struct calculate_times_struct;
-namespace cryptonote { class cryptonote_protocol_handler_base; } // a friend class // TODO friend not working
-
/***
@brief Access to simple throttles, with singlton to access global network limits
*/
@@ -117,12 +115,9 @@ class network_throttle_manager {
static boost::mutex m_lock_get_global_throttle_inreq;
static boost::mutex m_lock_get_global_throttle_out;
- friend class cryptonote::cryptonote_protocol_handler_base; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS!
friend class connection_basic; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS!
friend class connection_basic_pimpl; // ditto
- static int xxx;
-
public:
static i_network_throttle & get_global_throttle_in(); ///< singleton ; for friend class ; caller MUST use proper locks! like m_lock_get_global_throttle_in
static i_network_throttle & get_global_throttle_inreq(); ///< ditto ; use lock ... use m_lock_get_global_throttle_inreq obviously
diff --git a/contrib/epee/include/serialization/keyvalue_serialization.h b/contrib/epee/include/serialization/keyvalue_serialization.h
index d4413a71b..5791e1998 100644
--- a/contrib/epee/include/serialization/keyvalue_serialization.h
+++ b/contrib/epee/include/serialization/keyvalue_serialization.h
@@ -31,7 +31,6 @@
#include "misc_log_ex.h"
#include "enableable.h"
#include "keyvalue_serialization_overloads.h"
-#include "serialization/serialization.h"
namespace epee
{
diff --git a/contrib/epee/include/storages/portable_storage_val_converters.h b/contrib/epee/include/storages/portable_storage_val_converters.h
index 52aa09eba..5d9664a65 100644
--- a/contrib/epee/include/storages/portable_storage_val_converters.h
+++ b/contrib/epee/include/storages/portable_storage_val_converters.h
@@ -28,6 +28,7 @@
#pragma once
+#include <time.h>
#include <boost/regex.hpp>
#include "misc_language.h"
@@ -149,9 +150,8 @@ POP_WARNINGS
else if (boost::regex_match (from, boost::regex("\\d{4}-[01]\\d-[0-3]\\dT[0-2]\\d:[0-5]\\d:[0-5]\\dZ")))
{
// Convert to unix timestamp
- std::tm tm = {};
- std::istringstream ss(from);
- if (ss >> std::get_time(&tm, "%Y-%m-%dT%H:%M:%S"))
+ struct tm tm;
+ if (strptime(from.c_str(), "%Y-%m-%dT%H:%M:%S", &tm))
to = std::mktime(&tm);
} else
ASSERT_AND_THROW_WRONG_CONVERSION();
diff --git a/contrib/epee/include/string_tools.h b/contrib/epee/include/string_tools.h
index 307323aa1..5a1ef0743 100644
--- a/contrib/epee/include/string_tools.h
+++ b/contrib/epee/include/string_tools.h
@@ -161,7 +161,7 @@ DISABLE_GCC_WARNING(maybe-uninitialized)
val = boost::lexical_cast<XType>(str_id);
return true;
}
- catch(std::exception& /*e*/)
+ catch(const std::exception& /*e*/)
{
//const char* pmsg = e.what();
return false;
diff --git a/contrib/epee/src/CMakeLists.txt b/contrib/epee/src/CMakeLists.txt
index b6967e8fc..9d104ceeb 100644
--- a/contrib/epee/src/CMakeLists.txt
+++ b/contrib/epee/src/CMakeLists.txt
@@ -26,12 +26,16 @@
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
# THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp
+add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp memwipe.c
connection_basic.cpp network_throttle.cpp network_throttle-detail.cpp)
if (USE_READLINE AND GNU_READLINE_FOUND)
add_library(epee_readline STATIC readline_buffer.cpp)
endif()
+if(HAVE_C11)
+SET_PROPERTY(SOURCE memwipe.c PROPERTY COMPILE_FLAGS -std=c11)
+endif()
+
# Build and install libepee if we're building for GUI
if (BUILD_GUI_DEPS)
if(IOS)
@@ -49,7 +53,6 @@ endif()
target_link_libraries(epee
PUBLIC
- cncrypto
easylogging
${Boost_FILESYSTEM_LIBRARY}
PRIVATE
diff --git a/contrib/epee/src/connection_basic.cpp b/contrib/epee/src/connection_basic.cpp
index 534044a79..5848d1268 100644
--- a/contrib/epee/src/connection_basic.cpp
+++ b/contrib/epee/src/connection_basic.cpp
@@ -78,7 +78,6 @@
// TODO:
#include "net/network_throttle-detail.hpp"
-#include "cryptonote_core/cryptonote_core.h"
#undef MONERO_DEFAULT_LOG_CATEGORY
#define MONERO_DEFAULT_LOG_CATEGORY "net.p2p"
diff --git a/contrib/epee/src/http_auth.cpp b/contrib/epee/src/http_auth.cpp
index f06f05528..5b8d892ff 100644
--- a/contrib/epee/src/http_auth.cpp
+++ b/contrib/epee/src/http_auth.cpp
@@ -66,7 +66,6 @@
#include <tuple>
#include <type_traits>
-#include "crypto/crypto.h"
#include "hex.h"
#include "md5_l.h"
#include "string_coding.h"
@@ -711,8 +710,8 @@ namespace epee
{
namespace http
{
- http_server_auth::http_server_auth(login credentials)
- : user(session{std::move(credentials)}) {
+ http_server_auth::http_server_auth(login credentials, std::function<void(size_t, uint8_t*)> r)
+ : user(session{std::move(credentials)}), rng(std::move(r)) {
}
boost::optional<http_response_info> http_server_auth::do_get_response(const http_request_info& request)
@@ -746,7 +745,7 @@ namespace epee
user->counter = 0;
{
std::array<std::uint8_t, 16> rand_128bit{{}};
- crypto::rand(rand_128bit.size(), rand_128bit.data());
+ rng(rand_128bit.size(), rand_128bit.data());
user->nonce = string_encoding::base64_encode(rand_128bit.data(), rand_128bit.size());
}
return create_digest_response(user->nonce, is_stale);
diff --git a/contrib/epee/src/memwipe.c b/contrib/epee/src/memwipe.c
new file mode 100644
index 000000000..da7e9f346
--- /dev/null
+++ b/contrib/epee/src/memwipe.c
@@ -0,0 +1,106 @@
+// Copyright (c) 2017, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+// conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+// of conditions and the following disclaimer in the documentation and/or other
+// materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+// used to endorse or promote products derived from this software without specific
+// prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file Copyright (c) 2009-2015 The Bitcoin Core developers
+
+#define __STDC_WANT_LIB_EXT1__ 1
+#include <string.h>
+#include <stdlib.h>
+#ifdef HAVE_EXPLICIT_BZERO
+#include <strings.h>
+#endif
+#include "memwipe.h"
+
+#if defined(_MSC_VER)
+#define SCARECROW \
+ __asm;
+#else
+#define SCARECROW \
+ __asm__ __volatile__("" : : "r"(ptr) : "memory");
+#endif
+
+#ifdef HAVE_MEMSET_S
+
+void *memwipe(void *ptr, size_t n)
+{
+ if (memset_s(ptr, n, 0, n))
+ {
+ abort();
+ }
+ SCARECROW // might as well...
+ return ptr;
+}
+
+#elif defined HAVE_EXPLICIT_BZERO
+
+void *memwipe(void *ptr, size_t n)
+{
+ explicit_bzero(ptr, n);
+ SCARECROW
+ return ptr;
+}
+
+#else
+
+/* The memory_cleanse implementation is taken from Bitcoin */
+
+/* Compilers have a bad habit of removing "superfluous" memset calls that
+ * are trying to zero memory. For example, when memset()ing a buffer and
+ * then free()ing it, the compiler might decide that the memset is
+ * unobservable and thus can be removed.
+ *
+ * Previously we used OpenSSL which tried to stop this by a) implementing
+ * memset in assembly on x86 and b) putting the function in its own file
+ * for other platforms.
+ *
+ * This change removes those tricks in favour of using asm directives to
+ * scare the compiler away. As best as our compiler folks can tell, this is
+ * sufficient and will continue to be so.
+ *
+ * Adam Langley <agl@google.com>
+ * Commit: ad1907fe73334d6c696c8539646c21b11178f20f
+ * BoringSSL (LICENSE: ISC)
+ */
+static void memory_cleanse(void *ptr, size_t len)
+{
+ memset(ptr, 0, len);
+
+ /* As best as we can tell, this is sufficient to break any optimisations that
+ might try to eliminate "superfluous" memsets. If there's an easy way to
+ detect memset_s, it would be better to use that. */
+ SCARECROW
+}
+
+void *memwipe(void *ptr, size_t n)
+{
+ memory_cleanse(ptr, n);
+ SCARECROW
+ return ptr;
+}
+
+#endif
diff --git a/contrib/epee/src/mlog.cpp b/contrib/epee/src/mlog.cpp
index a30efbc6a..5b9472006 100644
--- a/contrib/epee/src/mlog.cpp
+++ b/contrib/epee/src/mlog.cpp
@@ -59,6 +59,7 @@ static std::string generate_log_filename(const char *base)
strcpy(tmp, "unknown");
else
strftime(tmp, sizeof(tmp), "%Y-%m-%d-%H-%M-%S", &tm);
+ tmp[sizeof(tmp) - 1] = 0;
filename += "-";
filename += tmp;
return filename;
diff --git a/contrib/epee/src/network_throttle-detail.cpp b/contrib/epee/src/network_throttle-detail.cpp
index 317dde8e0..ed6bc07ed 100644
--- a/contrib/epee/src/network_throttle-detail.cpp
+++ b/contrib/epee/src/network_throttle-detail.cpp
@@ -231,8 +231,10 @@ network_time_seconds network_throttle::get_sleep_time_after_tick(size_t packet_s
}
void network_throttle::logger_handle_net(const std::string &filename, double time, size_t size) {
- boost::mutex mutex;
- mutex.lock(); {
+ static boost::mutex mutex;
+
+ boost::lock_guard<boost::mutex> lock(mutex);
+ {
std::fstream file;
file.open(filename.c_str(), std::ios::app | std::ios::out );
file.precision(6);
@@ -240,7 +242,7 @@ void network_throttle::logger_handle_net(const std::string &filename, double tim
_warn("Can't open file " << filename);
file << static_cast<int>(time) << " " << static_cast<double>(size/1024) << "\n";
file.close();
- } mutex.unlock();
+ }
}
// fine tune this to decide about sending speed:
diff --git a/contrib/epee/src/network_throttle.cpp b/contrib/epee/src/network_throttle.cpp
index afacc3e96..dd1640a2e 100644
--- a/contrib/epee/src/network_throttle.cpp
+++ b/contrib/epee/src/network_throttle.cpp
@@ -71,9 +71,6 @@ boost::mutex network_throttle_manager::m_lock_get_global_throttle_in;
boost::mutex network_throttle_manager::m_lock_get_global_throttle_inreq;
boost::mutex network_throttle_manager::m_lock_get_global_throttle_out;
-int network_throttle_manager::xxx;
-
-
// ================================================================================================
// methods:
i_network_throttle & network_throttle_manager::get_global_throttle_in() {
diff --git a/contrib/epee/src/wipeable_string.cpp b/contrib/epee/src/wipeable_string.cpp
index 894c47bbd..08a975e58 100644
--- a/contrib/epee/src/wipeable_string.cpp
+++ b/contrib/epee/src/wipeable_string.cpp
@@ -100,7 +100,7 @@ void wipeable_string::grow(size_t sz, size_t reserved)
wipefunc(buffer.data(), old_sz * sizeof(char));
buffer.reserve(reserved);
buffer.resize(sz);
- memcpy(buffer.data(), tmp.get(), sz * sizeof(char));
+ memcpy(buffer.data(), tmp.get(), old_sz * sizeof(char));
wipefunc(tmp.get(), old_sz * sizeof(char));
}
diff --git a/contrib/fuzz_testing/fuzz.sh b/contrib/fuzz_testing/fuzz.sh
index 35b74f7e4..f1c4ff202 100755
--- a/contrib/fuzz_testing/fuzz.sh
+++ b/contrib/fuzz_testing/fuzz.sh
@@ -10,12 +10,20 @@ fi
type="$1"
if test -z "$type"
then
- echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction"
+ echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin"
exit 1
fi
case "$type" in
- block|transaction|signature|cold-outputs|cold-transaction) ;;
- *) echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction"; exit 1 ;;
+ block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin) ;;
+ *) echo "usage: $0 block|transaction|signature|cold-outputs|cold-transaction|load-from-binary|load-from-json|base58|parse-url|http-client|levin"; exit 1 ;;
esac
-afl-fuzz -i tests/data/fuzz/$type -m 150 -t 250 -o fuzz-out/$type build/fuzz/tests/fuzz/${type}_fuzz_tests
+if test -d "fuzz-out/$type"
+then
+ dir="-"
+else
+ dir="tests/data/fuzz/$type"
+fi
+
+mkdir -p fuzz-out
+afl-fuzz -i "$dir" -m none -t 250 -o fuzz-out/$type build/fuzz/tests/fuzz/${type}_fuzz_tests @@