aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/blockchain_db/lmdb/db_lmdb.cpp15
-rw-r--r--src/blockchain_db/lmdb/db_lmdb.h1
-rw-r--r--src/cryptonote_protocol/levin_notify.cpp54
-rw-r--r--src/cryptonote_protocol/levin_notify.h3
-rw-r--r--src/device/device_cold.hpp20
-rw-r--r--src/device_trezor/device_trezor.cpp21
-rw-r--r--src/device_trezor/device_trezor.hpp20
-rw-r--r--src/device_trezor/device_trezor_base.cpp29
-rw-r--r--src/device_trezor/device_trezor_base.hpp3
-rw-r--r--src/p2p/net_node.h6
-rw-r--r--src/p2p/net_node.inl6
-rw-r--r--src/rpc/core_rpc_server.cpp16
-rw-r--r--src/wallet/wallet2.cpp21
13 files changed, 183 insertions, 32 deletions
diff --git a/src/blockchain_db/lmdb/db_lmdb.cpp b/src/blockchain_db/lmdb/db_lmdb.cpp
index 1d7b10648..c059a3e29 100644
--- a/src/blockchain_db/lmdb/db_lmdb.cpp
+++ b/src/blockchain_db/lmdb/db_lmdb.cpp
@@ -467,7 +467,12 @@ void mdb_txn_safe::allow_new_txns()
creation_gate.clear();
}
-void lmdb_resized(MDB_env *env)
+void mdb_txn_safe::increment_txns(int i)
+{
+ num_active_txns += i;
+}
+
+void lmdb_resized(MDB_env *env, int isactive)
{
mdb_txn_safe::prevent_new_txns();
@@ -478,7 +483,11 @@ void lmdb_resized(MDB_env *env)
mdb_env_info(env, &mei);
uint64_t old = mei.me_mapsize;
+ if (isactive)
+ mdb_txn_safe::increment_txns(-1);
mdb_txn_safe::wait_no_active_txns();
+ if (isactive)
+ mdb_txn_safe::increment_txns(1);
int result = mdb_env_set_mapsize(env, 0);
if (result)
@@ -496,7 +505,7 @@ inline int lmdb_txn_begin(MDB_env *env, MDB_txn *parent, unsigned int flags, MDB
{
int res = mdb_txn_begin(env, parent, flags, txn);
if (res == MDB_MAP_RESIZED) {
- lmdb_resized(env);
+ lmdb_resized(env, 1);
res = mdb_txn_begin(env, parent, flags, txn);
}
return res;
@@ -506,7 +515,7 @@ inline int lmdb_txn_renew(MDB_txn *txn)
{
int res = mdb_txn_renew(txn);
if (res == MDB_MAP_RESIZED) {
- lmdb_resized(mdb_txn_env(txn));
+ lmdb_resized(mdb_txn_env(txn), 0);
res = mdb_txn_renew(txn);
}
return res;
diff --git a/src/blockchain_db/lmdb/db_lmdb.h b/src/blockchain_db/lmdb/db_lmdb.h
index 0e6d70039..d87bc6e49 100644
--- a/src/blockchain_db/lmdb/db_lmdb.h
+++ b/src/blockchain_db/lmdb/db_lmdb.h
@@ -154,6 +154,7 @@ struct mdb_txn_safe
static void prevent_new_txns();
static void wait_no_active_txns();
static void allow_new_txns();
+ static void increment_txns(int);
mdb_threadinfo* m_tinfo;
MDB_txn* m_txn;
diff --git a/src/cryptonote_protocol/levin_notify.cpp b/src/cryptonote_protocol/levin_notify.cpp
index 0b065c3c3..53de407b6 100644
--- a/src/cryptonote_protocol/levin_notify.cpp
+++ b/src/cryptonote_protocol/levin_notify.cpp
@@ -287,6 +287,12 @@ namespace levin
boost::asio::steady_timer next_epoch;
boost::asio::steady_timer flush_txs;
boost::asio::io_service::strand strand;
+ struct context_t {
+ std::vector<cryptonote::blobdata> fluff_txs;
+ std::chrono::steady_clock::time_point flush_time;
+ bool m_is_income;
+ };
+ boost::unordered_map<boost::uuids::uuid, context_t> contexts;
net::dandelionpp::connection_map map;//!< Tracks outgoing uuid's for noise channels or Dandelion++ stems
std::deque<noise_channel> channels; //!< Never touch after init; only update elements on `noise_channel.strand`
std::atomic<std::size_t> connection_count; //!< Only update in strand, can be read at any time
@@ -363,14 +369,16 @@ namespace levin
const auto now = std::chrono::steady_clock::now();
auto next_flush = std::chrono::steady_clock::time_point::max();
std::vector<std::pair<std::vector<blobdata>, boost::uuids::uuid>> connections{};
- zone_->p2p->foreach_connection([timer_error, now, &next_flush, &connections] (detail::p2p_context& context)
+ for (auto &e: zone_->contexts)
{
+ auto &id = e.first;
+ auto &context = e.second;
if (!context.fluff_txs.empty())
{
if (context.flush_time <= now || timer_error) // flush on canceled timer
{
context.flush_time = std::chrono::steady_clock::time_point::max();
- connections.emplace_back(std::move(context.fluff_txs), context.m_connection_id);
+ connections.emplace_back(std::move(context.fluff_txs), id);
context.fluff_txs.clear();
}
else // not flushing yet
@@ -378,8 +386,7 @@ namespace levin
}
else // nothing to flush
context.flush_time = std::chrono::steady_clock::time_point::max();
- return true;
- });
+ }
/* Always send with `fluff` flag, even over i2p/tor. The hidden service
will disable the forwarding delay and immediately fluff. The i2p/tor
@@ -427,22 +434,21 @@ namespace levin
MDEBUG("Queueing " << txs.size() << " transaction(s) for Dandelion++ fluffing");
-
- zone->p2p->foreach_connection([txs, now, &zone, &source, &in_duration, &out_duration, &next_flush] (detail::p2p_context& context)
+ for (auto &e: zone->contexts)
{
+ auto &id = e.first;
+ auto &context = e.second;
// When i2p/tor, only fluff to outbound connections
- if (context.handshake_complete() && source != context.m_connection_id && (zone->nzone == epee::net_utils::zone::public_ || !context.m_is_income))
+ if (source != id && (zone->nzone == epee::net_utils::zone::public_ || !context.m_is_income))
{
if (context.fluff_txs.empty())
context.flush_time = now + (context.m_is_income ? in_duration() : out_duration());
next_flush = std::min(next_flush, context.flush_time);
context.fluff_txs.reserve(context.fluff_txs.size() + txs.size());
- for (const blobdata& tx : txs)
- context.fluff_txs.push_back(tx); // must copy instead of move (multiple conns)
+ context.fluff_txs.insert(context.fluff_txs.end(), txs.begin(), txs.end());
}
- return true;
- });
+ }
if (next_flush == std::chrono::steady_clock::time_point::max())
MWARNING("Unable to send transaction(s), no available connections");
@@ -749,6 +755,32 @@ namespace levin
);
}
+ void notify::on_handshake_complete(const boost::uuids::uuid &id, bool is_income)
+ {
+ if (!zone_)
+ return;
+
+ auto& zone = zone_;
+ zone_->strand.dispatch([zone, id, is_income]{
+ zone->contexts[id] = {
+ .fluff_txs = {},
+ .flush_time = std::chrono::steady_clock::time_point::max(),
+ .m_is_income = is_income,
+ };
+ });
+ }
+
+ void notify::on_connection_close(const boost::uuids::uuid &id)
+ {
+ if (!zone_)
+ return;
+
+ auto& zone = zone_;
+ zone_->strand.dispatch([zone, id]{
+ zone->contexts.erase(id);
+ });
+ }
+
void notify::run_epoch()
{
if (!zone_)
diff --git a/src/cryptonote_protocol/levin_notify.h b/src/cryptonote_protocol/levin_notify.h
index abbf9d461..12704746a 100644
--- a/src/cryptonote_protocol/levin_notify.h
+++ b/src/cryptonote_protocol/levin_notify.h
@@ -101,6 +101,9 @@ namespace levin
//! Probe for new outbound connection - skips if not needed.
void new_out_connection();
+ void on_handshake_complete(const boost::uuids::uuid &id, bool is_income);
+ void on_connection_close(const boost::uuids::uuid &id);
+
//! Run the logic for the next epoch immediately. Only use in testing.
void run_epoch();
diff --git a/src/device/device_cold.hpp b/src/device/device_cold.hpp
index d435b448c..07009b9d2 100644
--- a/src/device/device_cold.hpp
+++ b/src/device/device_cold.hpp
@@ -162,6 +162,26 @@ namespace hw {
* Live refresh process termination
*/
virtual void live_refresh_finish() =0;
+
+ /**
+ * Requests public address, uses empty passphrase if asked for.
+ */
+ virtual bool get_public_address_with_no_passphrase(cryptonote::account_public_address &pubkey) =0;
+
+ /**
+ * Reset session ID, restart with a new session.
+ */
+ virtual void reset_session() =0;
+
+ /**
+ * Returns true if device already asked for passphrase entry before (i.e., obviously supports passphrase entry)
+ */
+ virtual bool seen_passphrase_entry_prompt() =0;
+
+ /**
+ * Uses empty passphrase for all passphrase queries.
+ */
+ virtual void set_use_empty_passphrase(bool always_use_empty_passphrase) =0;
};
}
diff --git a/src/device_trezor/device_trezor.cpp b/src/device_trezor/device_trezor.cpp
index c2070b0d1..03e8bbba4 100644
--- a/src/device_trezor/device_trezor.cpp
+++ b/src/device_trezor/device_trezor.cpp
@@ -178,6 +178,15 @@ namespace trezor {
}
}
+ bool device_trezor::get_public_address_with_no_passphrase(cryptonote::account_public_address &pubkey) {
+ m_reply_with_empty_passphrase = true;
+ const auto empty_passphrase_reverter = epee::misc_utils::create_scope_leave_handler([&]() {
+ m_reply_with_empty_passphrase = false;
+ });
+
+ return get_public_address(pubkey);
+ }
+
bool device_trezor::get_secret_keys(crypto::secret_key &viewkey , crypto::secret_key &spendkey) {
try {
MDEBUG("Loading view-only key from the Trezor. Please check the Trezor for a confirmation.");
@@ -206,6 +215,18 @@ namespace trezor {
get_address(index, payment_id, true);
}
+ void device_trezor::reset_session() {
+ m_device_session_id.clear();
+ }
+
+ bool device_trezor::seen_passphrase_entry_prompt() {
+ return m_seen_passphrase_entry_message;
+ }
+
+ void device_trezor::set_use_empty_passphrase(bool always_use_empty_passphrase) {
+ m_always_use_empty_passphrase = always_use_empty_passphrase;
+ }
+
/* ======================================================================= */
/* Helpers */
/* ======================================================================= */
diff --git a/src/device_trezor/device_trezor.hpp b/src/device_trezor/device_trezor.hpp
index d91d1de3f..15337d2b4 100644
--- a/src/device_trezor/device_trezor.hpp
+++ b/src/device_trezor/device_trezor.hpp
@@ -205,6 +205,26 @@ namespace trezor {
const ::tools::wallet2::unsigned_tx_set & unsigned_tx,
::tools::wallet2::signed_tx_set & signed_tx,
hw::tx_aux_data & aux_data) override;
+
+ /**
+ * Requests public address, uses empty passphrase if asked for.
+ */
+ bool get_public_address_with_no_passphrase(cryptonote::account_public_address &pubkey) override;
+
+ /**
+ * Reset session ID, restart with a new session.
+ */
+ virtual void reset_session() override;
+
+ /**
+ * Returns true if device already asked for passphrase entry before (i.e., obviously supports passphrase entry)
+ */
+ bool seen_passphrase_entry_prompt() override;
+
+ /**
+ * Uses empty passphrase for all passphrase queries.
+ */
+ void set_use_empty_passphrase(bool use_always_empty_passphrase) override;
};
#endif
diff --git a/src/device_trezor/device_trezor_base.cpp b/src/device_trezor/device_trezor_base.cpp
index b0b4342f5..016eb2816 100644
--- a/src/device_trezor/device_trezor_base.cpp
+++ b/src/device_trezor/device_trezor_base.cpp
@@ -45,7 +45,10 @@ namespace trezor {
const uint32_t device_trezor_base::DEFAULT_BIP44_PATH[] = {0x8000002c, 0x80000080};
- device_trezor_base::device_trezor_base(): m_callback(nullptr), m_last_msg_type(messages::MessageType_Success) {
+ device_trezor_base::device_trezor_base(): m_callback(nullptr), m_last_msg_type(messages::MessageType_Success),
+ m_reply_with_empty_passphrase(false),
+ m_always_use_empty_passphrase(false),
+ m_seen_passphrase_entry_message(false) {
#ifdef WITH_TREZOR_DEBUGGING
m_debug = false;
#endif
@@ -155,6 +158,9 @@ namespace trezor {
TREZOR_AUTO_LOCK_DEVICE();
m_device_session_id.clear();
m_features.reset();
+ m_seen_passphrase_entry_message = false;
+ m_reply_with_empty_passphrase = false;
+ m_always_use_empty_passphrase = false;
if (m_transport){
try {
@@ -476,6 +482,7 @@ namespace trezor {
return;
}
+ m_seen_passphrase_entry_message = true;
bool on_device = true;
if (msg->has__on_device() && !msg->_on_device()){
on_device = false; // do not enter on device, old devices.
@@ -491,19 +498,21 @@ namespace trezor {
}
boost::optional<epee::wipeable_string> passphrase;
- TREZOR_CALLBACK_GET(passphrase, on_passphrase_request, on_device);
+ if (m_reply_with_empty_passphrase || m_always_use_empty_passphrase) {
+ MDEBUG("Answering passphrase prompt with an empty passphrase, always use empty: " << m_always_use_empty_passphrase);
+ on_device = false;
+ passphrase = epee::wipeable_string("");
+ } else if (m_passphrase){
+ MWARNING("Answering passphrase prompt with a stored passphrase (do not use; passphrase can be seen by a potential malware / attacker)");
+ on_device = false;
+ passphrase = epee::wipeable_string(m_passphrase.get());
+ } else {
+ TREZOR_CALLBACK_GET(passphrase, on_passphrase_request, on_device);
+ }
messages::common::PassphraseAck m;
m.set_on_device(on_device);
if (!on_device) {
- if (!passphrase && m_passphrase) {
- passphrase = m_passphrase;
- }
-
- if (m_passphrase) {
- m_passphrase = boost::none;
- }
-
if (passphrase) {
m.set_allocated_passphrase(new std::string(passphrase->data(), passphrase->size()));
}
diff --git a/src/device_trezor/device_trezor_base.hpp b/src/device_trezor/device_trezor_base.hpp
index 0162b23df..de49397d5 100644
--- a/src/device_trezor/device_trezor_base.hpp
+++ b/src/device_trezor/device_trezor_base.hpp
@@ -101,6 +101,9 @@ namespace trezor {
messages::MessageType m_last_msg_type;
cryptonote::network_type network_type;
+ bool m_reply_with_empty_passphrase;
+ bool m_always_use_empty_passphrase;
+ bool m_seen_passphrase_entry_message;
#ifdef WITH_TREZOR_DEBUGGING
std::shared_ptr<trezor_debug_callback> m_debug_callback;
diff --git a/src/p2p/net_node.h b/src/p2p/net_node.h
index 9e64121be..ac815a100 100644
--- a/src/p2p/net_node.h
+++ b/src/p2p/net_node.h
@@ -111,15 +111,11 @@ namespace nodetool
struct p2p_connection_context_t: base_type //t_payload_net_handler::connection_context //public net_utils::connection_context_base
{
p2p_connection_context_t()
- : fluff_txs(),
- flush_time(std::chrono::steady_clock::time_point::max()),
- peer_id(0),
+ : peer_id(0),
support_flags(0),
m_in_timedsync(false)
{}
- std::vector<cryptonote::blobdata> fluff_txs;
- std::chrono::steady_clock::time_point flush_time;
peerid_type peer_id;
uint32_t support_flags;
bool m_in_timedsync;
diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl
index ac65a57c1..d4b39869c 100644
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
@@ -1429,6 +1429,7 @@ namespace nodetool
ape.first_seen = first_seen_stamp ? first_seen_stamp : time(nullptr);
zone.m_peerlist.append_with_peer_anchor(ape);
+ zone.m_notifier.on_handshake_complete(con->m_connection_id, con->m_is_income);
zone.m_notifier.new_out_connection();
LOG_DEBUG_CC(*con, "CONNECTION HANDSHAKED OK.");
@@ -2543,6 +2544,8 @@ namespace nodetool
return 1;
}
+ zone.m_notifier.on_handshake_complete(context.m_connection_id, context.m_is_income);
+
if(has_too_many_connections(context.m_remote_address))
{
LOG_PRINT_CCONTEXT_L1("CONNECTION FROM " << context.m_remote_address.host_str() << " REFUSED, too many connections from the same address");
@@ -2669,6 +2672,9 @@ namespace nodetool
zone.m_peerlist.remove_from_peer_anchor(na);
}
+ if (!zone.m_net_server.is_stop_signal_sent()) {
+ zone.m_notifier.on_connection_close(context.m_connection_id);
+ }
m_payload_handler.on_connection_close(context);
MINFO("["<< epee::net_utils::print_connection_context(context) << "] CLOSE CONNECTION");
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index 942bfce0a..da36f3c64 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -972,14 +972,26 @@ namespace cryptonote
LOG_PRINT_L2("Found " << found_in_pool << "/" << vh.size() << " transactions in the pool");
}
- std::vector<std::string>::const_iterator txhi = req.txs_hashes.begin();
- std::vector<crypto::hash>::const_iterator vhi = vh.begin();
+ CHECK_AND_ASSERT_MES(txs.size() + missed_txs.size() == vh.size(), false, "mismatched number of txs");
+
+ auto txhi = req.txs_hashes.cbegin();
+ auto vhi = vh.cbegin();
+ auto missedi = missed_txs.cbegin();
+
for(auto& tx: txs)
{
res.txs.push_back(COMMAND_RPC_GET_TRANSACTIONS::entry());
COMMAND_RPC_GET_TRANSACTIONS::entry &e = res.txs.back();
+ while (missedi != missed_txs.end() && *missedi == *vhi)
+ {
+ ++vhi;
+ ++txhi;
+ ++missedi;
+ }
+
crypto::hash tx_hash = *vhi++;
+ CHECK_AND_ASSERT_MES(tx_hash == std::get<0>(tx), false, "mismatched tx hash");
e.tx_hash = *txhi++;
e.prunable_hash = epee::string_tools::pod_to_hex(std::get<2>(tx));
if (req.split || req.prune || std::get<3>(tx).empty())
diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp
index 5a4cafc32..3b59267b2 100644
--- a/src/wallet/wallet2.cpp
+++ b/src/wallet/wallet2.cpp
@@ -4467,7 +4467,26 @@ bool wallet2::load_keys_buf(const std::string& keys_buf, const epee::wipeable_st
m_account.set_device(hwdev);
account_public_address device_account_public_address;
- THROW_WALLET_EXCEPTION_IF(!hwdev.get_public_address(device_account_public_address), error::wallet_internal_error, "Cannot get a device address");
+ bool fetch_device_address = true;
+
+ ::hw::device_cold* dev_cold = nullptr;
+ if (m_key_device_type == hw::device::device_type::TREZOR && (dev_cold = dynamic_cast<::hw::device_cold*>(&hwdev)) != nullptr) {
+ THROW_WALLET_EXCEPTION_IF(!dev_cold->get_public_address_with_no_passphrase(device_account_public_address), error::wallet_internal_error, "Cannot get a device address");
+ if (device_account_public_address == m_account.get_keys().m_account_address) {
+ LOG_PRINT_L0("Wallet opened with an empty passphrase");
+ fetch_device_address = false;
+ dev_cold->set_use_empty_passphrase(true);
+ } else {
+ fetch_device_address = true;
+ LOG_PRINT_L0("Wallet opening with an empty passphrase failed. Retry again: " << fetch_device_address);
+ dev_cold->reset_session();
+ }
+ }
+
+ if (fetch_device_address) {
+ THROW_WALLET_EXCEPTION_IF(!hwdev.get_public_address(device_account_public_address), error::wallet_internal_error, "Cannot get a device address");
+ }
+
THROW_WALLET_EXCEPTION_IF(device_account_public_address != m_account.get_keys().m_account_address, error::wallet_internal_error, "Device wallet does not match wallet address. If the device uses the passphrase feature, please check whether the passphrase was entered correctly (it may have been misspelled - different passphrases generate different wallets, passphrase is case-sensitive). "
"Device address: " + cryptonote::get_account_address_as_str(m_nettype, false, device_account_public_address) +
", wallet address: " + m_account.get_public_address_str(m_nettype));