diff options
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/depends/packages/sodium.mk | 4 | ||||
-rw-r--r-- | contrib/depends/patches/sodium/fix-whitespace.patch | 4 | ||||
-rw-r--r-- | contrib/epee/include/console_handler.h | 9 | ||||
-rw-r--r-- | contrib/epee/include/md5_l.h | 2 | ||||
-rw-r--r-- | contrib/epee/include/net/http_server_handlers_map2.h | 2 | ||||
-rw-r--r-- | contrib/epee/include/net/net_helper.h | 2 | ||||
-rw-r--r-- | contrib/epee/include/span.h | 3 | ||||
-rw-r--r-- | contrib/epee/include/storages/levin_abstract_invoke2.h | 48 | ||||
-rw-r--r-- | contrib/epee/include/string_tools.h | 4 | ||||
-rw-r--r-- | contrib/epee/src/http_auth.cpp | 2 | ||||
-rw-r--r-- | contrib/epee/src/net_ssl.cpp | 42 | ||||
-rwxr-xr-x | contrib/gitian/gitian-build.py | 2 |
12 files changed, 108 insertions, 16 deletions
diff --git a/contrib/depends/packages/sodium.mk b/contrib/depends/packages/sodium.mk index dbf86fc5a..462bd2415 100644 --- a/contrib/depends/packages/sodium.mk +++ b/contrib/depends/packages/sodium.mk @@ -1,8 +1,8 @@ package=sodium -$(package)_version=1.0.16 +$(package)_version=1.0.18 $(package)_download_path=https://download.libsodium.org/libsodium/releases/ $(package)_file_name=libsodium-$($(package)_version).tar.gz -$(package)_sha256_hash=eeadc7e1e1bcef09680fb4837d448fbdf57224978f865ac1c16745868fbd0533 +$(package)_sha256_hash=6f504490b342a4f8a4c4a02fc9b866cbef8622d5df4e5452b46be121e46636c1 $(package)_patches=fix-whitespace.patch define $(package)_set_vars diff --git a/contrib/depends/patches/sodium/fix-whitespace.patch b/contrib/depends/patches/sodium/fix-whitespace.patch index efbfe4e83..c3d3af0b4 100644 --- a/contrib/depends/patches/sodium/fix-whitespace.patch +++ b/contrib/depends/patches/sodium/fix-whitespace.patch @@ -5,8 +5,8 @@ index b29f769..ca008ae 100755 @@ -591,7 +591,7 @@ MAKEFLAGS= PACKAGE_NAME='libsodium' PACKAGE_TARNAME='libsodium' - PACKAGE_VERSION='1.0.16' --PACKAGE_STRING='libsodium 1.0.16' + PACKAGE_VERSION='1.0.18' +-PACKAGE_STRING='libsodium 1.0.18' +PACKAGE_STRING='libsodium' PACKAGE_BUGREPORT='https://github.com/jedisct1/libsodium/issues' PACKAGE_URL='https://github.com/jedisct1/libsodium' diff --git a/contrib/epee/include/console_handler.h b/contrib/epee/include/console_handler.h index 13747b0c8..1b716fca4 100644 --- a/contrib/epee/include/console_handler.h +++ b/contrib/epee/include/console_handler.h @@ -605,10 +605,17 @@ eof: std::unique_ptr<boost::thread> m_console_thread; async_console_handler m_console_handler; public: + ~console_handlers_binder() { + stop_handling(); + if (m_console_thread.get() != nullptr) + { + m_console_thread->join(); + } + } + bool start_handling(std::function<std::string(void)> prompt, const std::string& usage_string = "", std::function<void(void)> exit_handler = NULL) { m_console_thread.reset(new boost::thread(boost::bind(&console_handlers_binder::run_handling, this, prompt, usage_string, exit_handler))); - m_console_thread->detach(); return true; } bool start_handling(const std::string &prompt, const std::string& usage_string = "", std::function<void(void)> exit_handler = NULL) diff --git a/contrib/epee/include/md5_l.h b/contrib/epee/include/md5_l.h index a45d91bc8..bc7122650 100644 --- a/contrib/epee/include/md5_l.h +++ b/contrib/epee/include/md5_l.h @@ -85,7 +85,7 @@ namespace md5 MD5Update( &ctx, input, ilen ); MD5Final( output, &ctx); - memset( &ctx, 0, sizeof( MD5_CTX) ); + memwipe( &ctx, sizeof( MD5_CTX )); return true; } diff --git a/contrib/epee/include/net/http_server_handlers_map2.h b/contrib/epee/include/net/http_server_handlers_map2.h index 07ed8157b..0c0653cd6 100644 --- a/contrib/epee/include/net/http_server_handlers_map2.h +++ b/contrib/epee/include/net/http_server_handlers_map2.h @@ -120,6 +120,7 @@ #define BEGIN_JSON_RPC_MAP(uri) else if(query_info.m_URI == uri) \ { \ uint64_t ticks = epee::misc_utils::get_tick_count(); \ + response_info.m_mime_tipe = "application/json"; \ epee::serialization::portable_storage ps; \ if(!ps.load_from_json(query_info.m_body)) \ { \ @@ -148,6 +149,7 @@ #define PREPARE_OBJECTS_FROM_JSON(command_type) \ handled = true; \ + response_info.m_mime_tipe = "application/json"; \ boost::value_initialized<epee::json_rpc::request<command_type::request> > req_; \ epee::json_rpc::request<command_type::request>& req = static_cast<epee::json_rpc::request<command_type::request>&>(req_);\ if(!req.load(ps)) \ diff --git a/contrib/epee/include/net/net_helper.h b/contrib/epee/include/net/net_helper.h index 81545e502..9446e3588 100644 --- a/contrib/epee/include/net/net_helper.h +++ b/contrib/epee/include/net/net_helper.h @@ -103,8 +103,8 @@ namespace net_utils blocked_mode_client() : m_io_service(), m_ctx(boost::asio::ssl::context::tlsv12), - m_connector(direct_connect{}), m_ssl_socket(new boost::asio::ssl::stream<boost::asio::ip::tcp::socket>(m_io_service, m_ctx)), + m_connector(direct_connect{}), m_ssl_options(epee::net_utils::ssl_support_t::e_ssl_support_autodetect), m_initialized(true), m_connected(false), diff --git a/contrib/epee/include/span.h b/contrib/epee/include/span.h index e100452ca..59895535f 100644 --- a/contrib/epee/include/span.h +++ b/contrib/epee/include/span.h @@ -110,7 +110,8 @@ namespace epee constexpr std::size_t size() const noexcept { return len; } constexpr std::size_t size_bytes() const noexcept { return size() * sizeof(value_type); } - const T &operator[](size_t idx) const { return ptr[idx]; } + T &operator[](size_t idx) noexcept { return ptr[idx]; } + const T &operator[](size_t idx) const noexcept { return ptr[idx]; } private: T* ptr; diff --git a/contrib/epee/include/storages/levin_abstract_invoke2.h b/contrib/epee/include/storages/levin_abstract_invoke2.h index 06eb9bdaf..b18e04a27 100644 --- a/contrib/epee/include/storages/levin_abstract_invoke2.h +++ b/contrib/epee/include/storages/levin_abstract_invoke2.h @@ -34,10 +34,28 @@ #undef MONERO_DEFAULT_LOG_CATEGORY #define MONERO_DEFAULT_LOG_CATEGORY "net" +namespace +{ + template<typename context_t> + void on_levin_traffic(const context_t &context, bool initiator, bool sent, bool error, size_t bytes, const char *category) + { + MCINFO("net.p2p.traffic", context << bytes << " bytes " << (sent ? "sent" : "received") << (error ? "/corrupt" : "") + << " for category " << category << " initiated by " << (initiator ? "us" : "peer")); + } + template<typename context_t> + void on_levin_traffic(const context_t &context, bool initiator, bool sent, bool error, size_t bytes, int command) + { + char buf[32]; + snprintf(buf, sizeof(buf), "command-%u", command); + return on_levin_traffic(context, initiator, sent, error, bytes, buf); + } +} + namespace epee { namespace net_utils { +#if 0 template<class t_arg, class t_result, class t_transport> bool invoke_remote_command2(int command, const t_arg& out_struct, t_result& result_struct, t_transport& transport) { @@ -83,16 +101,18 @@ namespace epee } return true; } +#endif template<class t_arg, class t_result, class t_transport> - bool invoke_remote_command2(boost::uuids::uuid conn_id, int command, const t_arg& out_struct, t_result& result_struct, t_transport& transport) + bool invoke_remote_command2(const epee::net_utils::connection_context_base context, int command, const t_arg& out_struct, t_result& result_struct, t_transport& transport) { - + const boost::uuids::uuid &conn_id = context.m_connection_id; typename serialization::portable_storage stg; out_struct.store(stg); std::string buff_to_send, buff_to_recv; stg.store_to_binary(buff_to_send); + on_levin_traffic(context, true, true, false, buff_to_send.size(), command); int res = transport.invoke(command, buff_to_send, buff_to_recv, conn_id); if( res <=0 ) { @@ -102,24 +122,30 @@ namespace epee typename serialization::portable_storage stg_ret; if(!stg_ret.load_from_binary(buff_to_recv)) { + on_levin_traffic(context, true, false, true, buff_to_recv.size(), command); LOG_ERROR("Failed to load_from_binary on command " << command); return false; } + on_levin_traffic(context, true, false, false, buff_to_recv.size(), command); return result_struct.load(stg_ret); } template<class t_result, class t_arg, class callback_t, class t_transport> - bool async_invoke_remote_command2(boost::uuids::uuid conn_id, int command, const t_arg& out_struct, t_transport& transport, const callback_t &cb, size_t inv_timeout = LEVIN_DEFAULT_TIMEOUT_PRECONFIGURED) + bool async_invoke_remote_command2(const epee::net_utils::connection_context_base &context, int command, const t_arg& out_struct, t_transport& transport, const callback_t &cb, size_t inv_timeout = LEVIN_DEFAULT_TIMEOUT_PRECONFIGURED) { + const boost::uuids::uuid &conn_id = context.m_connection_id; typename serialization::portable_storage stg; const_cast<t_arg&>(out_struct).store(stg);//TODO: add true const support to searilzation std::string buff_to_send; stg.store_to_binary(buff_to_send); + on_levin_traffic(context, true, true, false, buff_to_send.size(), command); int res = transport.invoke_async(command, epee::strspan<uint8_t>(buff_to_send), conn_id, [cb, command](int code, const epee::span<const uint8_t> buff, typename t_transport::connection_context& context)->bool { t_result result_struct = AUTO_VAL_INIT(result_struct); if( code <=0 ) { + if (!buff.empty()) + on_levin_traffic(context, true, false, true, buff.size(), command); LOG_PRINT_L1("Failed to invoke command " << command << " return code " << code); cb(code, result_struct, context); return false; @@ -127,16 +153,19 @@ namespace epee serialization::portable_storage stg_ret; if(!stg_ret.load_from_binary(buff)) { + on_levin_traffic(context, true, false, true, buff.size(), command); LOG_ERROR("Failed to load_from_binary on command " << command); cb(LEVIN_ERROR_FORMAT, result_struct, context); return false; } if (!result_struct.load(stg_ret)) { + on_levin_traffic(context, true, false, true, buff.size(), command); LOG_ERROR("Failed to load result struct on command " << command); cb(LEVIN_ERROR_FORMAT, result_struct, context); return false; } + on_levin_traffic(context, true, false, false, buff.size(), command); cb(code, result_struct, context); return true; }, inv_timeout); @@ -149,14 +178,15 @@ namespace epee } template<class t_arg, class t_transport> - bool notify_remote_command2(boost::uuids::uuid conn_id, int command, const t_arg& out_struct, t_transport& transport) + bool notify_remote_command2(const typename t_transport::connection_context &context, int command, const t_arg& out_struct, t_transport& transport) { - + const boost::uuids::uuid &conn_id = context.m_connection_id; serialization::portable_storage stg; out_struct.store(stg); std::string buff_to_send; stg.store_to_binary(buff_to_send); + on_levin_traffic(context, true, true, false, buff_to_send.size(), command); int res = transport.notify(command, epee::strspan<uint8_t>(buff_to_send), conn_id); if(res <=0 ) { @@ -173,6 +203,7 @@ namespace epee serialization::portable_storage strg; if(!strg.load_from_binary(in_buff)) { + on_levin_traffic(context, false, false, true, in_buff.size(), command); LOG_ERROR("Failed to load_from_binary in command " << command); return -1; } @@ -181,9 +212,11 @@ namespace epee if (!static_cast<t_in_type&>(in_struct).load(strg)) { + on_levin_traffic(context, false, false, true, in_buff.size(), command); LOG_ERROR("Failed to load in_struct in command " << command); return -1; } + on_levin_traffic(context, false, false, false, in_buff.size(), command); int res = cb(command, static_cast<t_in_type&>(in_struct), static_cast<t_out_type&>(out_struct), context); serialization::portable_storage strg_out; static_cast<t_out_type&>(out_struct).store(strg_out); @@ -193,6 +226,7 @@ namespace epee LOG_ERROR("Failed to store_to_binary in command" << command); return -1; } + on_levin_traffic(context, false, true, false, buff_out.size(), command); return res; } @@ -203,15 +237,18 @@ namespace epee serialization::portable_storage strg; if(!strg.load_from_binary(in_buff)) { + on_levin_traffic(context, false, false, true, in_buff.size(), command); LOG_ERROR("Failed to load_from_binary in notify " << command); return -1; } boost::value_initialized<t_in_type> in_struct; if (!static_cast<t_in_type&>(in_struct).load(strg)) { + on_levin_traffic(context, false, false, true, in_buff.size(), command); LOG_ERROR("Failed to load in_struct in notify " << command); return -1; } + on_levin_traffic(context, false, false, false, in_buff.size(), command); return cb(command, in_struct, context); } @@ -296,6 +333,7 @@ namespace epee #define END_INVOKE_MAP2() \ LOG_ERROR("Unknown command:" << command); \ + on_levin_traffic(context, false, false, true, in_buff.size(), "invalid-command"); \ return LEVIN_ERROR_CONNECTION_HANDLER_NOT_DEFINED; \ } } diff --git a/contrib/epee/include/string_tools.h b/contrib/epee/include/string_tools.h index 1be5eb5e1..319c0121b 100644 --- a/contrib/epee/include/string_tools.h +++ b/contrib/epee/include/string_tools.h @@ -188,8 +188,10 @@ POP_WARNINGS return boost::lexical_cast<std::string>(val); } //---------------------------------------------------------------------------- - inline std::string to_string_hex(uint32_t val) + template<typename T> + inline std::string to_string_hex(const T &val) { + static_assert(std::is_arithmetic<T>::value, "only arithmetic types"); std::stringstream ss; ss << std::hex << val; std::string s; diff --git a/contrib/epee/src/http_auth.cpp b/contrib/epee/src/http_auth.cpp index 289069daa..5f4907cc2 100644 --- a/contrib/epee/src/http_auth.cpp +++ b/contrib/epee/src/http_auth.cpp @@ -584,8 +584,8 @@ namespace explicit server_parameters(const auth_message& request, const DigestIter& digest) : nonce(request.nonce) , opaque(request.opaque) - , stale(request.stale) , realm(request.realm) + , stale(request.stale) , value_generator() , index(boost::fusion::distance(boost::fusion::begin(digest_algorithms), digest)) { diff --git a/contrib/epee/src/net_ssl.cpp b/contrib/epee/src/net_ssl.cpp index 16454fce0..06997d3ba 100644 --- a/contrib/epee/src/net_ssl.cpp +++ b/contrib/epee/src/net_ssl.cpp @@ -43,6 +43,10 @@ // openssl req -new -key /tmp/KEY -out /tmp/REQ // openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT +#ifdef _WIN32 +static void add_windows_root_certs(SSL_CTX *ctx) noexcept; +#endif + namespace { struct openssl_bio_free @@ -324,7 +328,12 @@ boost::asio::ssl::context ssl_options_t::create_context() const switch (verification) { case ssl_verification_t::system_ca: +#ifdef _WIN32 + try { add_windows_root_certs(ssl_context.native_handle()); } + catch (const std::exception &e) { ssl_context.set_default_verify_paths(); } +#else ssl_context.set_default_verify_paths(); +#endif break; case ssl_verification_t::user_certificates: ssl_context.set_verify_depth(0); @@ -558,3 +567,36 @@ bool ssl_support_from_string(ssl_support_t &ssl, boost::string_ref s) } // namespace } // namespace +#ifdef _WIN32 + +// https://stackoverflow.com/questions/40307541 +// Because Windows always has to do things wonkily +#include <wincrypt.h> +static void add_windows_root_certs(SSL_CTX *ctx) noexcept +{ + HCERTSTORE hStore = CertOpenSystemStore(0, "ROOT"); + if (hStore == NULL) { + return; + } + + X509_STORE *store = X509_STORE_new(); + PCCERT_CONTEXT pContext = NULL; + while ((pContext = CertEnumCertificatesInStore(hStore, pContext)) != NULL) { + // convert from DER to internal format + X509 *x509 = d2i_X509(NULL, + (const unsigned char **)&pContext->pbCertEncoded, + pContext->cbCertEncoded); + if(x509 != NULL) { + X509_STORE_add_cert(store, x509); + X509_free(x509); + } + } + + CertFreeCertificateContext(pContext); + CertCloseStore(hStore, 0); + + // attach X509_STORE to boost ssl context + SSL_CTX_set_cert_store(ctx, store); +} +#endif + diff --git a/contrib/gitian/gitian-build.py b/contrib/gitian/gitian-build.py index 64eb218bb..0b36fb4a1 100755 --- a/contrib/gitian/gitian-build.py +++ b/contrib/gitian/gitian-build.py @@ -66,7 +66,7 @@ def rebuild(): print('\nCompiling ' + args.version + ' ' + os_name) infile = 'inputs/monero/contrib/gitian/gitian-' + tag_name + '.yml' subprocess.check_call(['bin/gbuild', '-j', args.jobs, '-m', args.memory, '--commit', 'monero='+args.commit, '--url', 'monero='+args.url, infile]) - subprocess.check_call(['bin/gsign', '-p', args.sign_prog, '--signer', args.signer, '--release', args.version+'-linux', '--destination', '../sigs/', infile]) + subprocess.check_call(['bin/gsign', '-p', args.sign_prog, '--signer', args.signer, '--release', args.version+'-'+tag_name, '--destination', '../sigs/', infile]) subprocess.check_call('mv build/out/monero-*.' + suffix + ' ../out/'+args.version, shell=True) print('Moving var/install.log to var/install-' + tag_name + '.log') subprocess.check_call('mv var/install.log var/install-' + tag_name + '.log', shell=True) |