aboutsummaryrefslogtreecommitdiff
path: root/src/rpc
diff options
context:
space:
mode:
Diffstat (limited to 'src/rpc')
-rw-r--r--src/rpc/core_rpc_server.cpp59
-rw-r--r--src/rpc/core_rpc_server.h2
-rw-r--r--src/rpc/core_rpc_server_commands_defs.h8
3 files changed, 41 insertions, 28 deletions
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index 3e580a0fb..b540520c7 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -91,7 +91,7 @@ namespace cryptonote
command_line::add_arg(desc, arg_rpc_ssl);
command_line::add_arg(desc, arg_rpc_ssl_private_key);
command_line::add_arg(desc, arg_rpc_ssl_certificate);
- command_line::add_arg(desc, arg_rpc_ssl_allowed_certificates);
+ command_line::add_arg(desc, arg_rpc_ssl_ca_certificates);
command_line::add_arg(desc, arg_rpc_ssl_allowed_fingerprints);
command_line::add_arg(desc, arg_rpc_ssl_allow_any_cert);
command_line::add_arg(desc, arg_bootstrap_daemon_address);
@@ -149,36 +149,38 @@ namespace cryptonote
if (rpc_config->login)
http_login.emplace(std::move(rpc_config->login->username), std::move(rpc_config->login->password).password());
- epee::net_utils::ssl_support_t ssl_support;
- const std::string ssl = command_line::get_arg(vm, arg_rpc_ssl);
- if (!epee::net_utils::ssl_support_from_string(ssl_support, ssl))
+ epee::net_utils::ssl_options_t ssl_options = epee::net_utils::ssl_support_t::e_ssl_support_autodetect;
+ if (command_line::get_arg(vm, arg_rpc_ssl_allow_any_cert))
+ ssl_options.verification = epee::net_utils::ssl_verification_t::none;
+ else
{
- MFATAL("Invalid RPC SSL support: " << ssl);
- return false;
+ std::string ssl_ca_path = command_line::get_arg(vm, arg_rpc_ssl_ca_certificates);
+ const std::vector<std::string> ssl_allowed_fingerprint_strings = command_line::get_arg(vm, arg_rpc_ssl_allowed_fingerprints);
+ std::vector<std::vector<uint8_t>> ssl_allowed_fingerprints{ ssl_allowed_fingerprint_strings.size() };
+ std::transform(ssl_allowed_fingerprint_strings.begin(), ssl_allowed_fingerprint_strings.end(), ssl_allowed_fingerprints.begin(), epee::from_hex::vector);
+
+ if (!ssl_ca_path.empty() || !ssl_allowed_fingerprints.empty())
+ ssl_options = epee::net_utils::ssl_options_t{std::move(ssl_allowed_fingerprints), std::move(ssl_ca_path)};
}
- const std::string ssl_private_key = command_line::get_arg(vm, arg_rpc_ssl_private_key);
- const std::string ssl_certificate = command_line::get_arg(vm, arg_rpc_ssl_certificate);
- const std::vector<std::string> ssl_allowed_certificate_paths = command_line::get_arg(vm, arg_rpc_ssl_allowed_certificates);
- std::list<std::string> ssl_allowed_certificates;
- for (const std::string &path: ssl_allowed_certificate_paths)
+
+ ssl_options.auth = epee::net_utils::ssl_authentication_t{
+ command_line::get_arg(vm, arg_rpc_ssl_private_key), command_line::get_arg(vm, arg_rpc_ssl_certificate)
+ };
+
+ // user specified CA file or fingeprints implies enabled SSL by default
+ if (ssl_options.verification != epee::net_utils::ssl_verification_t::user_certificates || !command_line::is_arg_defaulted(vm, arg_rpc_ssl))
{
- ssl_allowed_certificates.push_back({});
- if (!epee::file_io_utils::load_file_to_string(path, ssl_allowed_certificates.back()))
+ const std::string ssl = command_line::get_arg(vm, arg_rpc_ssl);
+ if (!epee::net_utils::ssl_support_from_string(ssl_options.support, ssl))
{
- MERROR("Failed to load certificate: " << path);
- ssl_allowed_certificates.back() = std::string();
+ MFATAL("Invalid RPC SSL support: " << ssl);
+ return false;
}
}
- const std::vector<std::string> ssl_allowed_fingerprint_strings = command_line::get_arg(vm, arg_rpc_ssl_allowed_fingerprints);
- std::vector<std::vector<uint8_t>> ssl_allowed_fingerprints{ ssl_allowed_fingerprint_strings.size() };
- std::transform(ssl_allowed_fingerprint_strings.begin(), ssl_allowed_fingerprint_strings.end(), ssl_allowed_fingerprints.begin(), epee::from_hex::vector);
- const bool ssl_allow_any_cert = command_line::get_arg(vm, arg_rpc_ssl_allow_any_cert);
-
auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); };
return epee::http_server_impl_base<core_rpc_server, connection_context>::init(
- rng, std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login),
- ssl_support, std::make_pair(ssl_private_key, ssl_certificate), std::move(ssl_allowed_certificates), std::move(ssl_allowed_fingerprints), ssl_allow_any_cert
+ rng, std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login), std::move(ssl_options)
);
}
//------------------------------------------------------------------------------------------------------------------------------
@@ -200,7 +202,9 @@ namespace cryptonote
if (use_bootstrap_daemon_if_necessary<COMMAND_RPC_GET_HEIGHT>(invoke_http_mode::JON, "/getheight", req, res, r))
return r;
- res.height = m_core.get_current_blockchain_height();
+ crypto::hash hash;
+ m_core.get_blockchain_top(res.height, hash);
+ res.hash = string_tools::pod_to_hex(hash);
res.status = CORE_RPC_STATUS_OK;
return true;
}
@@ -971,6 +975,7 @@ namespace cryptonote
const miner& lMiner = m_core.get_miner();
res.active = lMiner.is_mining();
res.is_background_mining_enabled = lMiner.get_is_background_mining_enabled();
+ store_difficulty(m_core.get_blockchain_storage().get_difficulty_for_next_block(), res.difficulty, res.wide_difficulty, res.difficulty_top64);
res.block_target = m_core.get_blockchain_storage().get_current_hard_fork_version() < 2 ? DIFFICULTY_TARGET_V1 : DIFFICULTY_TARGET_V2;
if ( lMiner.is_mining() ) {
@@ -2408,9 +2413,9 @@ namespace cryptonote
, ""
};
- const command_line::arg_descriptor<std::vector<std::string>> core_rpc_server::arg_rpc_ssl_allowed_certificates = {
- "rpc-ssl-allowed-certificates"
- , "List of paths to PEM format certificates of allowed peers (all allowed if empty)"
+ const command_line::arg_descriptor<std::string> core_rpc_server::arg_rpc_ssl_ca_certificates = {
+ "rpc-ssl-ca-certificates"
+ , "Path to file containing concatenated PEM format certificate(s) to replace system CA(s)."
};
const command_line::arg_descriptor<std::vector<std::string>> core_rpc_server::arg_rpc_ssl_allowed_fingerprints = {
@@ -2420,7 +2425,7 @@ namespace cryptonote
const command_line::arg_descriptor<bool> core_rpc_server::arg_rpc_ssl_allow_any_cert = {
"rpc-ssl-allow-any-cert"
- , "Allow any peer certificate, rather than just those on the allowed list"
+ , "Allow any peer certificate"
, false
};
diff --git a/src/rpc/core_rpc_server.h b/src/rpc/core_rpc_server.h
index 8f5d83f1b..a42ca2494 100644
--- a/src/rpc/core_rpc_server.h
+++ b/src/rpc/core_rpc_server.h
@@ -60,7 +60,7 @@ namespace cryptonote
static const command_line::arg_descriptor<std::string> arg_rpc_ssl;
static const command_line::arg_descriptor<std::string> arg_rpc_ssl_private_key;
static const command_line::arg_descriptor<std::string> arg_rpc_ssl_certificate;
- static const command_line::arg_descriptor<std::vector<std::string>> arg_rpc_ssl_allowed_certificates;
+ static const command_line::arg_descriptor<std::string> arg_rpc_ssl_ca_certificates;
static const command_line::arg_descriptor<std::vector<std::string>> arg_rpc_ssl_allowed_fingerprints;
static const command_line::arg_descriptor<bool> arg_rpc_ssl_allow_any_cert;
static const command_line::arg_descriptor<std::string> arg_bootstrap_daemon_address;
diff --git a/src/rpc/core_rpc_server_commands_defs.h b/src/rpc/core_rpc_server_commands_defs.h
index 1f14267f6..7811db979 100644
--- a/src/rpc/core_rpc_server_commands_defs.h
+++ b/src/rpc/core_rpc_server_commands_defs.h
@@ -102,11 +102,13 @@ namespace cryptonote
uint64_t height;
std::string status;
bool untrusted;
+ std::string hash;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(height)
KV_SERIALIZE(status)
KV_SERIALIZE(untrusted)
+ KV_SERIALIZE(hash)
END_KV_SERIALIZE_MAP()
};
typedef epee::misc_utils::struct_init<response_t> response;
@@ -821,6 +823,9 @@ namespace cryptonote
uint8_t bg_target;
uint32_t block_target;
uint64_t block_reward;
+ uint64_t difficulty;
+ std::string wide_difficulty;
+ uint64_t difficulty_top64;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(status)
@@ -836,6 +841,9 @@ namespace cryptonote
KV_SERIALIZE(bg_target)
KV_SERIALIZE(block_target)
KV_SERIALIZE(block_reward)
+ KV_SERIALIZE(difficulty)
+ KV_SERIALIZE(wide_difficulty)
+ KV_SERIALIZE(difficulty_top64)
END_KV_SERIALIZE_MAP()
};
typedef epee::misc_utils::struct_init<response_t> response;
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-08 08:06:45 +0000