aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-02-17remove empty statementsInterchained11-14/+14
Cleaning up a little around the code base.
2020-02-17rpc: Add check for too old timestamps in payment signatures.Guillaume Le Vaillant1-0/+5
2020-02-17simplewallet: fix smart mining not starting after first setupmoneromooo-monero1-2/+10
Also avoid rewriting the wallet if the setting is already was we need
2020-02-12wipeable_string: split - treat CR, LF and Tabs as separatorsxiphon2-3/+5
2020-02-12tx_pool: catch theoretical error in get_block_rewardmoneromooo-monero1-1/+5
Coverity 196626
2020-02-12threadpool: lock mutex in createmoneromooo-monero1-0/+1
In some contrived case, it might theoretically be the case that destroy is called from another thread, which would modify the threads array from two threads. Coverity 208372
2020-02-12console_handler: do not let exception past the dormoneromooo-monero1-3/+7
Coverity 208373
2020-02-11wallet2_api: wallet recovery - seed offset passphrase supportxiphon5-6/+14
2020-02-10core: mention time being off in hash rate changes messagemoneromooo-monero1-1/+1
2020-02-08rpc: fix print_pool_sh not finding local txesmoneromooo-monero1-1/+4
2020-02-08device_ledger: include status code name in error messagexiphon2-3/+111
2020-02-07wallet2: mention --daemon-ssl-allow-any-cert in --proxy error msgxiphon1-0/+1
2020-02-07Merge pull request #6048Alexander Blair1-1/+1
c2095fc2 miner: use verification mode for low diff one block nonce searches (moneromooo-monero)
2020-02-06workflows: windows j3 -> j2selsta1-1/+1
2020-02-06gpg_keys: add selsta keyselsta1-0/+29
2020-02-06miner: use verification mode for low diff one block nonce searchesmoneromooo-monero1-1/+1
This avoids lengthy init times when testing
2020-02-06Merge pull request #6184Alexander Blair1-0/+42
2d1afceb net_ssl: load default certificates in CA mode on Windows (moneromooo-monero)
2020-02-06Merge pull request #6183Alexander Blair1-5/+9
3813a992 download: catch exceptions checking for size (moneromooo-monero)
2020-02-06Merge pull request #6182Alexander Blair2-2/+2
e896cca8 epee: reorder a couple init list fields to match declaration (moneromooo-monero)
2020-02-06Merge pull request #6178Alexander Blair1-1/+1
7ac7d5d3 updates: fix source code URL on _WIN32 (selsta)
2020-02-06Merge pull request #6127Alexander Blair4-14/+48
67b4a19e simplewallet: noob-friendly help menu (wowario)
2020-02-06Merge pull request #6103Alexander Blair1-0/+6
4b384003 wallet2: don't try to lock an empty filename (moneromooo-monero)
2020-02-06Merge pull request #6102Alexander Blair3-7/+18
b328de6b wallet_rpc_server: add tx weight in transfer commands responses (moneromooo-monero)
2020-02-06Merge pull request #6100Alexander Blair1-1/+2
4d804443 Fixes a minor formatting error (TheGoose)
2020-02-06Merge pull request #6096Alexander Blair3-4/+43
a633f85d daemon: allow printing N blocks from the end of the chain (moneromooo-monero)
2020-02-06Merge pull request #6095Alexander Blair3-4/+31
7ba31191 daemon: add +meta print_tx parameter (moneromooo-monero)
2020-02-06Merge pull request #6094Alexander Blair1-2/+2
236d2a88 blockchain_stats: make it work on pruned blockchains (moneromooo-monero)
2020-02-06Merge pull request #6078Alexander Blair1-1/+8
b9fc2066 Add a --keep-fakechain option to keep fakechain databases (JamesWrigley)
2020-02-06Merge pull request #6076Alexander Blair1-2/+5
22d30866 simplewallet: add missing inactivity-lock-timeout to set help blurb (moneromooo-monero) 9f57f0df simplewallet: do not mention inactivity if a lock was manual (moneromooo-monero)
2020-02-06Merge pull request #6069Alexander Blair7-19/+67
d64e5aa7 wallet: allow message sign/verify for subaddresses (moneromooo-monero)
2020-02-06Merge pull request #6053Alexander Blair4-13/+11
deb350b7 always print peer IDs in the same format (moneromooo-monero)
2020-02-06Merge pull request #6050Alexander Blair1-2/+3
65301c40 core: point out when we hit the block rate visibility limit (moneromooo-monero)
2020-02-06Merge pull request #6040Alexander Blair1-5/+4
2f8f3a94 rpc: base flush_cache request/response on the new base structs (moneromooo-monero)
2020-02-06Merge pull request #6035Alexander Blair4-6/+20
b90c4bc3 rpc: error out from get_info if the proxied call errors out (moneromooo-monero) fa16df99 make_test_signature: exit nicely on top level exception (moneromooo-monero) 054b2621 node_rpc_proxy: init some new rpc payment fields in invalidate (moneromooo-monero) d0faae2a rpc: init a few missing client_info members (moneromooo-monero) d56a483a rpc: do not propagate exceptions out of a dtor (moneromooo-monero) 3c849188 rpc: always set the update field in update on sucess (moneromooo-monero)
2020-02-04Merge pull request #6233luigi11111-1/+1
8a27645 blockchain: fix flushing txes from the txpool (moneromooo-monero)
2020-02-02workflows: add libwallet compile checkselsta1-0/+15
2020-01-31p2p: fix spurious warning when we're connected to at last one seedmoneromooo-monero1-2/+8
2020-01-29p2p: remove obsolete local time in handshakemoneromooo-monero2-5/+0
Also removes a potential fingerprinting vector
2020-01-29p2p: avoid sending the same peer list over and overmoneromooo-monero3-4/+17
Nodes remember which connections have been sent which peer addresses and won't send it again. This causes more addresses to be sent as the connection lifetime grows, since there is no duplication anymore, which increases the diffusion speed of peer addresses. The whole white list is now considered for sending, not just the most recent seen peers. This further hardens against topology discovery, though it will more readily send peers that have been last seen earlier than it otherwise would. While this does save a fair amount of net bandwidth, it makes heavy use of std::set lookups, which does bring network_address::less up the profile, though not too aggressively.
2020-01-28Translations from Weblate + updated language filesWeblate46-59606/+68576
Found 1148 source text(s) (46 new and 1102 already existing) Removed 9 obsolete entries Spanish Currently translated at 9.0% (100 of 1111 strings) Translate-URL: https://translate.getmonero.org/projects/monero/cli-wallet/es/ Italian Currently translated at 71.9% (799 of 1111 strings) Translate-URL: https://translate.getmonero.org/projects/monero/cli-wallet/it/ Dutch Currently translated at 4.5% (50 of 1111 strings) Translate-URL: https://translate.getmonero.org/projects/monero/cli-wallet/nl/ Dutch Currently translated at 4.5% (50 of 1111 strings) Translate-URL: https://translate.getmonero.org/projects/monero/cli-wallet/nl/ Portuguese (Brazil) Currently translated at 0.3% (3 of 1111 strings) Translate-URL: https://translate.getmonero.org/projects/monero/cli-wallet/pt_BR/
2020-01-28Explicitly define copy assignment operatorMartijn Otto1-0/+7
The implicit copy assignment operator was deprecated because the class has an explicit copy constructor. According to the standard: The generation of the implicitly-defined copy assignment operator is deprecated (since C++11) if T has a user-declared destructor or user-declared copy constructor. Recent versions of gcc (9.1+) and clang (10.0) warn about this.
2020-01-26epee: remove backward compatible endian specific address serializationmoneromooo-monero1-6/+2
2020-01-26p2p: remove backward compatible peer listmoneromooo-monero1-58/+2
2020-01-26p2p: simplify last_seen serialization now we have optional storesmoneromooo-monero1-2/+1
2020-01-26cryptonote_protocol: omit top 64 bits of difficulty when 0moneromooo-monero1-2/+8
2020-01-26serialization: do not write optional fields with default valuemoneromooo-monero2-2/+4
2020-01-26p2p: remove obsolete local time from TIMED_SYNCmoneromooo-monero3-8/+4
2020-01-25Merge pull request #6140Alexander Blair5-3/+70
08635a08 blockchain: speedup fetching pruned contiguous tx blobs (moneromooo-monero)
2020-01-25Merge pull request #6170Alexander Blair7-27/+155
56a4469e network: log traffic and add a simple traffic analysis script (moneromooo-monero)
2020-01-25Merge pull request #6158Alexander Blair8-221/+76
dd8c6b17 wallet: do not split integrated addresses in address book api (moneromooo-monero)
2020-01-26network: log traffic and add a simple traffic analysis scriptmoneromooo-monero7-27/+155
2020-01-26wallet: do not split integrated addresses in address book apimoneromooo-monero8-221/+76
2020-01-25wallet2_api: implement estimateTransactionFeexiphon5-14/+45
2020-01-24Merge pull request #6093Alexander Blair1-2/+2
2e58eb5c lmdb: Remove meaningless const qualifier on function type (Nathan Dorfman)
2020-01-24Merge pull request #6300Alexander Blair1-4/+10
6f330865 fix tests bug added in #6110 (Dusan Klinec)
2020-01-24Merge pull request #6267Alexander Blair1-4/+4
2aa80b1d build: autodetect MSYS2 install path, support non-standard location (xiphon)
2020-01-24Merge pull request #6270Alexander Blair1-0/+62
957ae887 workflows: add build and test workflow (selsta)
2020-01-24Merge pull request #6287Alexander Blair1-20/+0
dbcfae6f README: remove unmaintained build status (selsta)
2020-01-24Merge pull request #6247Alexander Blair1-1/+1
cce4ea02 README: fix translation link (moneromooo-monero)
2020-01-24Merge pull request #6173Alexander Blair1-6/+10
8231c7cd rpc: fix bootstrap RPC payment RPC being made in raw JSON, not JSON RPC (moneromooo-monero) 81c26589 rpc: don't auto fail RPC needing payment in bootstrap mode (moneromooo-monero)
2020-01-24Merge pull request #6172Alexander Blair2-1/+6
d7cf8727 rpc: add received_timestamp for pool txes in gettransactions (moneromooo-monero)
2020-01-24Merge pull request #6164Alexander Blair1-0/+316
dc589ef0 Add TheCharlatan pgp key (TheCharlatan)
2020-01-24Merge pull request #6160Alexander Blair1-1/+1
bd6a5778 Gitian: Fix sigs generation (TheCharlatan)
2020-01-24Merge pull request #6159Alexander Blair1-0/+41
f3e155ea add xiphon's GPG key (xiphon)
2020-01-24Merge pull request #6157Alexander Blair1-1/+9
402dd207 db_lmdb: guard against non NUL terminated keys (moneromooo-monero)
2020-01-24Merge pull request #6154Alexander Blair1-0/+1
3b419333 wallet: don't issue node rpc proxy requests in '--offline' mode (xiphon)
2020-01-24Merge pull request #6153Alexander Blair1-1/+1
24adee4a p2p: don't request flags after closing connection (moneromooo-monero)
2020-01-24Merge pull request #6146Alexander Blair15-97/+280
70c9cd3c Change to Tx diffusion (Dandelion++ fluff) instead of flooding (Lee Clagett)
2020-01-24Merge pull request #6128Alexander Blair1-2/+2
9fe8a76c perf_timer: fix pause/resume macros dereferencing too much (moneromooo-monero)
2020-01-24wallet2: fix store-tx-info loadingmoneromooo-monero1-3/+12
The backward compatibility code was always setting it to 1 in modern wallets since store_tx_keys was not present and thus assumed to be 1 by default. Reported by SeventhAlpaca
2020-01-19fix tests bug added in #6110Dusan Klinec1-4/+10
- e.g., fixes gen_block_big_major_version test, error: generation failed: what=events not set, cannot compute valid RandomX PoW - ask for events only if difficulty > 1 (when it really matters) - throwing an exception changed to logging, so it is easy to spot a problem if tests start to fail.
2020-01-18net: fix incorrect less operator for top/i2p addressesAaron Hook3-25/+407
2020-01-17[randomx] Add missing randomx_vm_set_cache()cohcho1-0/+4
2020-01-16Merge pull request #6145Alexander Blair1-0/+2
1b2953f0 Add __pycache__ directory to .gitignore (Matt Smith)
2020-01-16Merge pull request #6144Alexander Blair3-10/+37
0e0351c4 wallet_rpc_server: add count parameter to create_address (Matt Smith)
2020-01-16Merge pull request #6143Alexander Blair1-0/+2
6efeefbc epee: set application/json MIME type on json errors (moneromooo-monero)
2020-01-16Merge pull request #6141Alexander Blair1-1/+1
b9b5c473 threadpool: use std::move when taking an element off the queue (moneromooo-monero)
2020-01-16Merge pull request #6139Alexander Blair1-1/+5
56dced2d translations: fix "monero_" prefix when taking languages from file (moneromooo-monero) be3a4326 translations: find lrelease disguised as lrelease-qt5 (moneromooo-monero)
2020-01-16Merge pull request #6134Alexander Blair1-8/+8
a7a40e28 Actually concatenate error strings. (Bert Peters)
2020-01-16Merge pull request #6133Alexander Blair2-5/+6
b2ad757f Replace memset with memwipe. (Bert Peters)
2020-01-16Merge pull request #6130Alexander Blair1-1/+1
6dec0013 simplewallet: fix restore height warning (selsta)
2020-01-16Merge pull request #6125Alexander Blair1-1/+8
584d057f epee: fix console_handlers_binder race, wait for thread to finish (xiphon)
2020-01-16Merge pull request #6124Alexander Blair1-1/+6
21d4c216 blockchain: error out if the builtin hashes data size is wrong (moneromooo-monero)
2020-01-16Merge pull request #6120Alexander Blair1-1/+3
feef1c6a epee: fix peer ids being truncated on display (moneromooo-monero)
2020-01-16Merge pull request #6119Alexander Blair1-0/+1
6f45cfa5 p2p: zero last seen timestamp when inserting a new peer (moneromooo-monero)
2020-01-16Merge pull request #6115Alexander Blair3-7/+29
27522aaa core_tests: reset thread pool between tests (moneromooo-monero)
2020-01-17workflows: add build and test workflowselsta1-0/+62
2020-01-16wallet2: reject zero keys in json inputmoneromooo-monero1-0/+4
Because the user might do this for reasons unknown. Values beyond l-1 will be reduced, so are accepted. Reported by who-biz.
2020-01-14wallet: reroll fake outs selection on local tx_sanity_check failurexiphon5-12/+59
2020-01-13build: autodetect MSYS2 install path, support non-standard locationxiphon1-4/+4
2020-01-11Merge pull request #6112Alexander Blair2-36/+35
7c1d31b0 build: fix IOS, build blockchain_db and rpc, skip wallet_rpc_server (xiphon)
2020-01-11Merge pull request #6110Alexander Blair3-22/+180
da6c807f tests: fix HF12 chaingen - construct bc object from events (Dusan Klinec)
2020-01-11Merge pull request #6105Alexander Blair6-0/+86
0de8a0d3 wallet_rpc_server: new estimate_tx_size_and_weight RPC (moneromooo-monero)
2020-01-11Wallet: Distingush amounts for a single subaddressTadeas Moravec4-2/+38
Adding a new `amounts` field ot the output of `get_transfers` RPC method. This field specifies individual payments made to a single subaddress in a single transaction, e.g., made by this command: transfer <addr1> <amount1> <addr1> <amount2>
2020-01-10gitian-build.py: Fixing check for docker command.Jonathan Cross1-2/+5
2020-01-10Daemon: Guard against reporting "synchronized" too earlyrbrunner71-1/+1
The added condition "hshd.current_height >= target" guards against reporting "synchronized" too early in the special situation that the very first peer sending us data is synced to a lower height than ourselves.
2020-01-09ringdb: use a different iv for key and data in rings tablemoneromooo-monero1-18/+37
This is technically a record encrypted in two pieces, so the iv needs to be different. Some backward compatibility is added to read data written by existing code, but new data is written with the new code.
2020-01-09simplewallet: reword mixin in user message in terms of ring sizemoneromooo-monero1-1/+1
2020-01-09wallet2: do not remove known rings when a tx failsmoneromooo-monero1-1/+0
Even if it fails, the ring composition is known to a potential adversary, and so we should reuse the same ring next time
2020-01-09README: remove unmaintained build statusselsta1-20/+0
2020-01-09Fix check_fee() discrepancy.UkoeHB1-2/+2
M100 = max{300kb, min{100block_median, m_long_term_effective_median_block_weight}} not M100 = max{300kb, m_long_term_effective_median_block_weight} Fix base reward in get_dynamic_base_fee_estimate(). get_dynamic_base_fee_estimate() should match check_fee() Fee is calculated based on block reward, and the reward penalty takes into account 0.5*max_block_weight (both before and after HF_VERSION_EFFECTIVE_SHORT_TERM_MEDIAN_IN_PENALTY). Moved median calculation according to best practice of 'keep definitions close to where they are used'.
2020-01-08Merge pull request #6231luigi11112-4/+4
8e338e5 depends: update libsodium to 1.0.18 (TheCharlatan)
2020-01-07p2p: fix off by one adding fallback peersmoneromooo-monero1-2/+2
The code would ignore the first one to be added
2020-01-06Merge pull request #6253Riccardo Spagni1-0/+52
f9b48b91c GPGKey: Add Snipa (Alexander Blair)
2020-01-06Gitian: Change lxc ip linkTheCharlatan2-5/+5
The ip link currently listed in the README no longer works on the newest version of lxc shipped with ubuntu 18.04, this commit corrects this.
2020-01-0510 block time is for incoming outputs, not transactionsrating89us1-1/+1
10 block lock time is for incoming outputs and not only incoming transactions (outgoing transaction has an incoming change output that is also locked for 10 blocks)
2020-01-03p2p: fix adding wrong indices to the filtered peer listmoneromooo-monero1-1/+1
2020-01-03Merge pull request #6232luigi11111-0/+87
aa9ba30 add binaryFate's PGP key (binaryFate)
2019-12-31wallet: allow message sign/verify for subaddressesmoneromooo-monero7-19/+67
2019-12-30wallet: fix exceptions getting the hash of a pruned txmoneromooo-monero4-13/+13
2019-12-20rpc: fill miner_tx_hash againmoneromooo-monero1-0/+1
It was removed to save duplicated generation time, but it can be copied from another instance instead
2019-12-19depends: empty spaces in PATH variable cause build failurekozyilmaz1-3/+3
2019-12-18GPGKey: Add SnipaAlexander Blair1-0/+52
Adds GPG key for Alexander Blair (Snipa)
2019-12-18depends: set several missing build tagsmoneromooo-monero1-0/+10
2019-12-17p2p: drop the peerlist dump to TRACEmoneromooo-monero1-1/+1
It's spammy
2019-12-17README: fix translation linkmoneromooo-monero1-1/+1
2019-12-17wallet2: guard against race with multiple decrypt_keys usersmoneromooo-monero2-0/+9
If more than one thread wants to make sure of the spend secret key, then we decrypt on the first caller and reencrypt on the last caller, otherwise we could use an invalid secret key.
2019-12-16abstract_tcp_server2: guard against negative timeoutsmoneromooo-monero1-5/+16
2019-12-16rpc: drop the obsolete and wrong "unpruned size" logmoneromooo-monero1-6/+4
Since we now get pruned data in the first place, the "unpruned" data size will in fact be the pruned data size, leading to confusion
2019-12-16wallet-cli/rpc: allow sweep_all to use outputs in all subaddresses within an ↵stoffu3-7/+25
account
2019-12-14Corrected message typopalomato1-1/+1
Message was "peer claims higher version that we think" Requested change "peer claims higher version than we think"
2019-12-14wallet2: fix hang in wallet refreshmoneromooo-monero1-1/+1
If the hashes received would move the current blockchain past the stop point, the short history would not be updated, since we do not expect another loop, but the daemon might return earlier hashes, causing the end index to not be enough to reach the threshold and this require another loop, which will download the same hashes and cause an infinite loop.
2019-12-14blockchain: fix flushing txes from the txpoolmoneromooo-monero1-1/+1
2019-12-13add binaryFate's PGP keybinaryFate1-0/+87
2019-12-12depends: update libsodium to 1.0.18TheCharlatan2-4/+4
2019-12-12Merge pull request #6057luigi11112-3/+23
3b8dcc2 wallet2: make keys unlocker reentrant (moneromooo-monero)
2019-12-12Merge pull request #6056luigi11111-1/+2
5a44893 python-rpc: add missing strict_balances parameter for get_accounts (moneromooo-monero)
2019-12-12Merge pull request #6055luigi11111-1/+1
886ed25 blockchain: fix comment wrongly refering to SHA-3 rather than Keccak (moneromooo-monero)
2019-12-12Merge pull request #6054luigi11111-1/+1
017f816 daemon: handle printing higher hash rates (moneromooo-monero)
2019-12-12Merge pull request #6052luigi11111-2/+2
c96b7ee tx_pool: fix error message assuming incorrectly (moneromooo-monero)
2019-12-12Merge pull request #6049luigi11111-34/+27
45fd72b Updated paper references (SarangNoether) 277003f Minor prover simplification (SarangNoether)
2019-12-12Merge pull request #6041luigi11111-1/+11
261abf7 functional_tests: ensure mining stops on error in mining test (moneromooo-monero)
2019-12-12Merge pull request #6037luigi11111-1/+1
f49a8ca easylogging++: add screen.xterm-256color to the 'allow colour' TERM list (moneromooo-monero)
2019-12-12Merge pull request #6027luigi11111-26/+0
9768e96 simplewallet: remove remaining payment id dead code (moneromooo-monero)
2019-12-12Merge pull request #6018luigi11118-4/+190
dce6f05 rpc: Only show version string if it matches expected pattern (ndorf) 3293780 daemon: Use rpc for 'version' command (ndorf)
2019-12-12Merge pull request #5965luigi111135-316/+1372
5d7ae2d Adding support for hidden (anonymity) txpool (vtnerd)
2019-12-12print_coinbase_tx_sum now supports 128 bits sumsmoneromooo-monero8-16/+50
The tail emission will bring the total above 64 bits
2019-12-09Silence miner debugmsg spamHoward Chu1-7/+14
Don't try to allocate the dataset repeatedly if it has already failed.
2019-12-09simplewallet: warn on refresh if refresh-from-block-height seems offmoneromooo-monero1-0/+8
2019-12-07simplewallet: set manual refresh mode in rescan_bcmoneromooo-monero1-0/+2
This ensures we get asked for the password if needed
2019-12-05Fix time comparison mathJason Rhinelander1-2/+2
Dividing `dt` here by 1e6 converts it to seconds, but that is clearly wrong since `REQUEST_NEXT_SCHEDULED_SPAN_THRESHOLD_STANDBY` is measured in microseconds. As a result, this if statement was effectively never used.
2019-12-04--disable-ban-rpc option to prevent RPC users from banningnaughtyfox4-1/+9
2019-12-03ssl: server-side: allow multiple version of TLSBertrand Jacquin1-1/+1
boost::asio::ssl::context is created using specifically TLSv1.2, which blocks the ability to use superior version of TLS like TLSv1.3. Filtering is also made specially later in the code to remove unsafe version for TLS such SSLv2, SSLv3 etc.. This change is removing double filtering to allow TLSv1.2 and above to be used. testssl.sh 3.0rc5 now reports the following (please note monerod was built with USE_EXTRA_EC_CERT): $ ./testssl.sh --openssl=/usr/bin/openssl \ --each-cipher --cipher-per-proto \ --server-defaults --server-preference \ --vulnerable --heartbleed --ccs --ticketbleed \ --robot --renegotiation --compression --breach \ --poodle --tls-fallback --sweet32 --beast --lucky13 \ --freak --logjam --drown --pfs --rc4 --full \ --wide --hints 127.0.0.1:38081 Using "OpenSSL 1.1.1d 10 Sep 2019" [~80 ciphers] on ip-10-97-15-6:/usr/bin/openssl (built: "Dec 3 21:14:51 2019", platform: "linux-x86_64") Start 2019-12-03 21:51:25 -->> 127.0.0.1:38081 (127.0.0.1) <<-- rDNS (127.0.0.1): -- Service detected: HTTP Testing protocols via sockets except NPN+ALPN SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 not offered TLS 1.1 not offered TLS 1.2 offered (OK) TLS 1.3 offered (OK): final NPN/SPDY not offered ALPN/HTTP2 not offered Testing for server implementation bugs No bugs found. Testing cipher categories NULL ciphers (no encryption) not offered (OK) Anonymous NULL Ciphers (no authentication) not offered (OK) Export ciphers (w/o ADH+NULL) not offered (OK) LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK) Triple DES Ciphers / IDEA not offered (OK) Average: SEED + 128+256 Bit CBC ciphers not offered Strong encryption (AEAD ciphers) offered (OK) Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 PFS is offered (OK), ciphers follow (client/browser support is important here) Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC) ----------------------------------------------------------------------------------------------------------------------------- x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384 x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 253 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 253 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 xcca8 ECDHE-RSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 253 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 253 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 Elliptic curves offered: prime256v1 secp384r1 secp521r1 X25519 X448 Testing server preferences Has server cipher order? yes (OK) Negotiated protocol TLSv1.3 Negotiated cipher TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) Cipher order TLSv1.2: ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.3: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 Testing server defaults (Server Hello) TLS extensions (standard) "renegotiation info/#65281" "EC point formats/#11" "supported versions/#43" "key share/#51" "max fragment length/#1" "extended master secret/#23" Session Ticket RFC 5077 hint no -- no lifetime advertised SSL Session ID support yes Session Resumption Tickets no, ID: no TLS clock skew Random values, no fingerprinting possible Server Certificate #1 (in response to request w/o SNI) Signature Algorithm SHA256 with RSA Server key size RSA 4096 bits Server key usage -- Server extended key usage -- Serial / Fingerprints 01 / SHA1 132E42981812F5575FA0AE64922B18A81B38C03F SHA256 EBA3CC4AA09DEF26706E64A70DB4BC8D723533BB67EAE12B503A845019FB61DC Common Name (CN) (no CN field in subject) subjectAltName (SAN) missing (NOT ok) -- Browsers are complaining Issuer Trust (hostname) certificate does not match supplied URI Chain of trust NOT ok (self signed) EV cert (experimental) no "eTLS" (visibility info) not present Certificate Validity (UTC) 181 >= 60 days (2019-12-03 21:51 --> 2020-06-02 21:51) # of certificates provided 1 Certificate Revocation List -- OCSP URI -- NOT ok -- neither CRL nor OCSP URI provided OCSP stapling not offered OCSP must staple extension -- DNS CAA RR (experimental) not offered Certificate Transparency -- Server Certificate #2 (in response to request w/o SNI) Signature Algorithm ECDSA with SHA256 Server key size EC 256 bits Server key usage -- Server extended key usage -- Serial / Fingerprints 01 / SHA1 E17B765DD8124525B1407E827B89A31FB167647D SHA256 AFB7F44B1C33831F521357E5AEEB813044CB02532143E92D35650A3FF792A7C3 Common Name (CN) (no CN field in subject) subjectAltName (SAN) missing (NOT ok) -- Browsers are complaining Issuer Trust (hostname) certificate does not match supplied URI Chain of trust NOT ok (self signed) EV cert (experimental) no "eTLS" (visibility info) not present Certificate Validity (UTC) 181 >= 60 days (2019-12-03 21:51 --> 2020-06-02 21:51) # of certificates provided 1 Certificate Revocation List -- OCSP URI -- NOT ok -- neither CRL nor OCSP URI provided OCSP stapling not offered OCSP must staple extension -- DNS CAA RR (experimental) not offered Certificate Transparency -- Testing HTTP header response @ "/" HTTP Status Code 404 Not found (Hint: supply a path which doesn't give a "404 Not found") HTTP clock skew Got no HTTP time, maybe try different URL? Strict Transport Security not offered Public Key Pinning -- Server banner Epee-based Application banner -- Cookie(s) (none issued at "/") -- maybe better try target URL of 30x Security headers -- Reverse Proxy banner -- Testing vulnerabilities Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension CCS (CVE-2014-0224) not vulnerable (OK) Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session ticket extension ROBOT Server does not support any cipher suites that use RSA key transport Secure Renegotiation (CVE-2009-3555) not vulnerable (OK) Secure Client-Initiated Renegotiation not vulnerable (OK) CRIME, TLS (CVE-2012-4929) not vulnerable (OK) BREACH (CVE-2013-3587) no HTTP compression (OK) - only supplied "/" tested POODLE, SSL (CVE-2014-3566) not vulnerable (OK) TLS_FALLBACK_SCSV (RFC 7507) No fallback possible, no protocol below TLS 1.2 offered (OK) SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK) FREAK (CVE-2015-0204) not vulnerable (OK) DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK) make sure you don't use this certificate elsewhere with SSLv2 enabled services https://censys.io/ipv4?q=EBA3CC4AA09DEF26706E64A70DB4BC8D723533BB67EAE12B503A845019FB61DC could help you to find out LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2 BEAST (CVE-2011-3389) no SSL3 or TLS1 (OK) LUCKY13 (CVE-2013-0169), experimental not vulnerable (OK) RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK) Testing ciphers per protocol via OpenSSL plus sockets against the server, ordered by encryption strength Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC) ----------------------------------------------------------------------------------------------------------------------------- SSLv2 SSLv3 TLS 1 TLS 1.1 TLS 1.2 xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 253 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 253 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 xcca8 ECDHE-RSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 253 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 253 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS 1.3 x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384 x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256 x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256 Running client simulations (HTTP) via sockets Browser Protocol Cipher Suite Name (OpenSSL) Forward Secrecy ------------------------------------------------------------------------------------------------ Android 4.2.2 No connection Android 4.4.2 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256) Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 256 bit ECDH (P-256) Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 256 bit ECDH (P-256) Android 7.0 TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305 253 bit ECDH (X25519) Android 8.1 (native) No connection Android 9.0 (native) TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519) Chrome 65 Win 7 TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305 253 bit ECDH (X25519) Chrome 74 (Win 10) No connection Firefox 62 Win 7 TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305 253 bit ECDH (X25519) Firefox 66 (Win 8.1/10) TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519) IE 6 XP No connection IE 7 Vista No connection IE 8 Win 7 No connection IE 8 XP No connection IE 11 Win 7 No connection IE 11 Win 8.1 No connection IE 11 Win Phone 8.1 No connection IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256) Edge 15 Win 10 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 253 bit ECDH (X25519) Edge 17 (Win 10) TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 253 bit ECDH (X25519) Opera 60 (Win 10) No connection Safari 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256) Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256) Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256) Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256) Tor 17.0.9 Win 7 No connection Java 6u45 No connection Java 7u25 No connection Java 8u161 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 256 bit ECDH (P-256) Java 9.0.4 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 256 bit ECDH (P-256) OpenSSL 1.0.1l TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 256 bit ECDH (P-256) OpenSSL 1.0.2e TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 256 bit ECDH (P-256) OpenSSL 1.1.0j (Debian) TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305 253 bit ECDH (X25519) OpenSSL 1.1.1b (Debian) TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519) Thunderbird (60.6) TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)
2019-12-03simplewallet: fix output age display with duplicate heightsmoneromooo-monero2-11/+14
The highlight check was based on height, so would highlight any output at that height, resulting in several matches if a fake out was picked at the same height as the real spend
2019-12-03simplewallet: fix "outputs in same tx" detectormoneromooo-monero1-0/+1
It was comparing source txids, but txids were empty, so all checks triggered
2019-12-02rpc: add bad-blocks to flush_cache RPCmoneromooo-monero10-7/+47
Flushes m_invalid_blocks in Blockchain.
2019-12-02easylogging++: add emscripten supportmoneromooo-monero1-2/+5
This is upstream, but seems to have got lost in conflicts when merging support for BSDs or android.
2019-12-02Add travis freebsdTheCharlatan2-0/+7
2019-12-01remove unused variable 'ptx' from on_describe_transfer()woodser1-1/+0
2019-12-01unit_tests: remove invalid bulletproofs unit testmoneromooo-monero1-9/+0
It was intended to check a case which is actually valid (0 gamma), but was actually duplicating the bad amount test. Reported by WhatDo_ on IRC.
2019-11-29daemon: run with -rpc-payment-address and --rpc-restricted-bind-portmoneromooo-monero4-7/+11
2019-11-29simplewallet: fix encrypted payment id note triggering on dummy onesmoneromooo-monero1-12/+20
2019-11-28wallet2: better error when restoring a wallet with the wrong keysmoneromooo-monero1-1/+1
2019-11-27rpc: error out from get_info if the proxied call errors outmoneromooo-monero1-2/+1
Coverity 205410
2019-11-27make_test_signature: exit nicely on top level exceptionmoneromooo-monero1-0/+2
Coverity 205411
2019-11-27node_rpc_proxy: init some new rpc payment fields in invalidatemoneromooo-monero1-0/+4
The cache time would take care of these, but it's cleaner that way Coverity 205412
2019-11-27rpc: init a few missing client_info membersmoneromooo-monero1-0/+4
Coverity 205414
2019-11-27rpc: do not propagate exceptions out of a dtormoneromooo-monero1-4/+8
Coverity 205415
2019-11-27rpc: always set the update field in update on sucessmoneromooo-monero1-0/+1
Coverity 205416
2019-11-26net_ssl: load default certificates in CA mode on Windowsmoneromooo-monero1-0/+42
Because it always does things wonkily doens't it
2019-11-26download: catch exceptions checking for sizemoneromooo-monero1-5/+9
Happens on at least one windows box
2019-11-26update readme to encourage joining #monero-devGingeropolous1-0/+1
replaces #6126 because I can't squash things with the github web GUI
2019-11-25rpc: fix bootstrap RPC payment RPC being made in raw JSON, not JSON RPCmoneromooo-monero1-5/+5
2019-11-25epee: reorder a couple init list fields to match declarationmoneromooo-monero2-2/+2
This is a bug waiting to happen
2019-11-25Merge pull request #6174luigi11111-17/+29
9cb8d92 ANONYMITY_NETWORKS.md : fix unintentional wrapping (jonathancross)
2019-11-25simplewallet: point to "set help" in the lock screen messagemoneromooo-monero1-1/+1
2019-11-25util: allow newlines in string to be splitmoneromooo-monero1-1/+14
2019-11-25updates: fix source code URL on _WIN32selsta1-1/+1
2019-11-23ANONYMITY_NETWORKS.md : fix unintentional wrappingJonathan Cross1-17/+29
2019-11-22rpc: don't auto fail RPC needing payment in bootstrap modemoneromooo-monero1-1/+5
2019-11-22rpc: add received_timestamp for pool txes in gettransactionsmoneromooo-monero2-1/+6
2019-11-22wallet_rpc_server: add count parameter to create_addressMatt Smith3-10/+37
2019-11-21Add TheCharlatan pgp keyTheCharlatan1-0/+316
2019-11-20Merge pull request #6117luigi11111-6/+5
0f7c9f4 Gitian Readme: adding android signing & fix v0.15 checksum. (jonathancross)
2019-11-20Gitian: Fix sigs generationTheCharlatan1-1/+1
2019-11-20add xiphon's GPG keyxiphon1-0/+41
2019-11-19Merge pull request #6155luigi11111-30/+8
d8fc8d8 make d2h et al. constant-time (jtgrassie)
2019-11-19db_lmdb: guard against non NUL terminated keysmoneromooo-monero1-1/+9
2019-11-19make d2h et al. constant-timeJethro Grassie1-30/+8
2019-11-19wallet: don't issue node rpc proxy requests in '--offline' modexiphon1-0/+1
2019-11-19p2p: don't request flags after closing connectionmoneromooo-monero1-1/+1
2019-11-18Merge pull request #6148luigi11111-1/+6
47d094c Fix #6147 DB corruption from child process overwrite (hyc)
2019-11-18Merge pull request #6118luigi111136-172/+410
gitian: add FreeBSD support (75c5a04, 607c01a, cca6e5c, 35b5e91, 024a1c7, b14d9ab, 5eea312, 9cbba5a, 2e435df, abeed9a) (hyc)
2019-11-18Fixed bug in ZMQ JSON-RPC method fieldLee Clagett3-4/+70
2019-11-18"Fix" non-determinism in native_cctools buildHoward Chu2-0/+16
By omitting the otool binary which is built non-deterministically. We don't use it anyway.
2019-11-17Fix #6147 DB corruption from child process overwriteHoward Chu1-1/+6
Don't leave stdout/stderr dangling on a fork.
2019-11-17Fixup compiled python in OSXHoward Chu1-1/+1
2019-11-17Fix unwind library orderingHoward Chu2-0/+16
Sort objects being archived
2019-11-17Fixup sodium darwinHoward Chu3-31/+2
get rid of sodium-darwin.mk special case, unify back with sodium.mk
2019-11-17Use standard time for depends cachesHoward Chu5-66/+59
streamline, remove obsolete wrappers
2019-11-17Add ARFLAGSHoward Chu23-20/+89
Needed to invoke deterministic mode on some archivers
2019-11-16Merge pull request #6135luigi11111-1/+1
09f59ec wallet: set non-empty error string on connection failure (xiphon)
2019-11-16Merge pull request #6107luigi11111-1/+7
3d649d5 epee: close connection when the peer has done so (moneromooo-monero)
2019-11-15Add __pycache__ directory to .gitignoreMatt Smith1-0/+2
2019-11-15epee: set application/json MIME type on json errorsmoneromooo-monero1-0/+2
2019-11-15threadpool: use std::move when taking an element off the queuemoneromooo-monero1-1/+1
It has a std::function, which can have a capture context, and the function runtime might be small
2019-11-15blockchain: speedup fetching pruned contiguous tx blobsmoneromooo-monero5-3/+70
About twice as fast, very roughly
2019-11-15translations: fix "monero_" prefix when taking languages from filemoneromooo-monero1-1/+1
2019-11-15translations: find lrelease disguised as lrelease-qt5moneromooo-monero1-0/+4
2019-11-14wallet: set non-empty error string on connection failurexiphon1-1/+1