aboutsummaryrefslogtreecommitdiff
path: root/src/wallet/wallet2.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/wallet/wallet2.cpp')
-rw-r--r--src/wallet/wallet2.cpp89
1 files changed, 19 insertions, 70 deletions
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index efb7554bb..845b3d8c6 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -51,7 +51,6 @@ using namespace epee;
#include "cryptonote_protocol/blobdatatype.h"
#include "mnemonics/electrum-words.h"
#include "common/i18n.h"
-#include "common/dns_utils.h"
#include "common/util.h"
#include "rapidjson/document.h"
#include "rapidjson/writer.h"
@@ -1635,7 +1634,7 @@ void wallet2::refresh(uint64_t start_height, uint64_t & blocks_fetched, bool& re
process_blocks(blocks_start_height, blocks, o_indices, added_blocks);
blocks_fetched += added_blocks;
pull_thread.join();
- if(!added_blocks)
+ if(blocks_start_height == next_blocks_start_height)
break;
// switch to the new blocks from the daemon
@@ -2144,7 +2143,7 @@ void wallet2::rewrite(const std::string& wallet_name, const std::string& passwor
prepare_file_names(wallet_name);
boost::system::error_code ignored_ec;
THROW_WALLET_EXCEPTION_IF(!boost::filesystem::exists(m_keys_file, ignored_ec), error::file_not_found, m_keys_file);
- bool r = store_keys(m_keys_file, password, false);
+ bool r = store_keys(m_keys_file, password, m_watch_only);
THROW_WALLET_EXCEPTION_IF(!r, error::file_save_error, m_keys_file);
}
/*!
@@ -2859,74 +2858,7 @@ std::vector<std::vector<cryptonote::tx_destination_entry>> split_amounts(
return retVal;
}
} // anonymous namespace
-
-/**
- * @brief gets a monero address from the TXT record of a DNS entry
- *
- * gets the monero address from the TXT record of the DNS entry associated
- * with <url>. If this lookup fails, or the TXT record does not contain an
- * XMR address in the correct format, returns an empty string. <dnssec_valid>
- * will be set true or false according to whether or not the DNS query passes
- * DNSSEC validation.
- *
- * @param url the url to look up
- * @param dnssec_valid return-by-reference for DNSSEC status of query
- *
- * @return a monero address (as a string) or an empty string
- */
-std::vector<std::string> wallet2::addresses_from_url(const std::string& url, bool& dnssec_valid)
-{
- std::vector<std::string> addresses;
- // get txt records
- bool dnssec_available, dnssec_isvalid;
- std::string oa_addr = tools::DNSResolver::instance().get_dns_format_from_oa_address(url);
- auto records = tools::DNSResolver::instance().get_txt_record(oa_addr, dnssec_available, dnssec_isvalid);
-
- // TODO: update this to allow for conveying that dnssec was not available
- if (dnssec_available && dnssec_isvalid)
- {
- dnssec_valid = true;
- }
- else dnssec_valid = false;
-
- // for each txt record, try to find a monero address in it.
- for (auto& rec : records)
- {
- std::string addr = address_from_txt_record(rec);
- if (addr.size())
- {
- addresses.push_back(addr);
- }
- }
-
- return addresses;
-}
-
//----------------------------------------------------------------------------------------------------
-// TODO: parse the string in a less stupid way, probably with regex
-std::string wallet2::address_from_txt_record(const std::string& s)
-{
- // make sure the txt record has "oa1:xmr" and find it
- auto pos = s.find("oa1:xmr");
-
- // search from there to find "recipient_address="
- pos = s.find("recipient_address=", pos);
-
- pos += 18; // move past "recipient_address="
-
- // find the next semicolon
- auto pos2 = s.find(";", pos);
- if (pos2 != std::string::npos)
- {
- // length of address == 95, we can at least validate that much here
- if (pos2 - pos == 95)
- {
- return s.substr(pos, 95);
- }
- }
- return std::string();
-}
-
crypto::hash wallet2::get_payment_id(const pending_tx &ptx) const
{
std::vector<tx_extra_field> tx_extra_fields;
@@ -3526,6 +3458,23 @@ void wallet2::get_outs(std::vector<std::vector<entry>> &outs, const std::list<si
outs.back().reserve(fake_outputs_count + 1);
const rct::key mask = td.is_rct() ? rct::commit(td.amount(), td.m_mask) : rct::zeroCommit(td.amount());
+ // make sure the real outputs we asked for are really included, along
+ // with the correct key and mask: this guards against an active attack
+ // where the node sends dummy data for all outputs, and we then send
+ // the real one, which the node can then tell from the fake outputs,
+ // as it has different data than the dummy data it had sent earlier
+ bool real_out_found = false;
+ for (size_t n = 0; n < requested_outputs_count; ++n)
+ {
+ size_t i = base + n;
+ if (req.outputs[i].index == td.m_global_output_index)
+ if (daemon_resp.outs[i].key == boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key)
+ if (daemon_resp.outs[i].mask == mask)
+ real_out_found = true;
+ }
+ THROW_WALLET_EXCEPTION_IF(!real_out_found, error::wallet_internal_error,
+ "Daemon response did not include the requested real output");
+
// pick real out first (it will be sorted when done)
outs.back().push_back(std::make_tuple(td.m_global_output_index, boost::get<txout_to_key>(td.m_tx.vout[td.m_internal_output_index].target).key, mask));