Age | Commit message (Collapse) | Author | Files | Lines |
|
7d79222f daemon: remove debug info (moneromooo-monero)
8fec0f98 functional_tests: add sweep_single test (moneromooo-monero)
9880d61b wallet_rpc_server: remove unused code (moneromooo-monero)
8a61b33d rpc: omit irrelevant fields for pool txes in gettransactions (moneromooo-monero)
56508524 rpc: add relayed in get_transaction output (moneromooo-monero)
82e510f1 rpc: set default log category in core_rpc_server.h (moneromooo-monero)
|
|
6643b047 Increment m_threads_active when mining thread starts (Doyle)
|
|
07dd5536 hardfork: remove "no hf version db" recreation check (moneromooo-monero)
|
|
428249c5 easylogging++: minimal stdout logging format (moneromooo-monero)
|
|
b3648232 daemon: fix ratio not being floating point (moneromooo-monero)
e1b097b9 core_rpc_server: remove dummy assigning int to bool (moneromooo-monero)
|
|
f26e0b5d cryptonote_protocol: warn when the last connection goes (moneromooo-monero)
|
|
acb68dba bulletproofs: cut down on keyV allocations (moneromooo-monero)
|
|
61d63900 net_helper: avoid unnecessary memcpy (moneromooo-monero)
|
|
5140c15e daemon: if a log file has a /, interpret it from the cwd (moneromooo-monero)
|
|
ccb996af rpc: new sanity check on relayed transactions (moneromooo-monero)
|
|
c3cf930f abstract_tcp_server2: fix timeout on exit (moneromooo-monero)
|
|
34f8c237 simplewallet: fix warning about long payment id using the old option (moneromooo-monero)
|
|
bcb86ae6 wallet_rpc_server: fix inconsistent wallet caches on reload (moneromooo-monero)
|
|
f3425f8d rpc.getblocktemplate: set reserved_offset to zero when reserve_size==0 (stoffu)
|
|
58585986 p2p: fix integer overflow in host bans (moneromooo-monero)
|
|
93bb2f48 ringct: prevent use of full ringct signatures for more than one input (moneromooo-monero)
|
|
2c221d1b wallet2: update estimate_rct_tx_size for smaller rct proofs (moneromooo-monero)
|
|
374f388d wallet_rpc_server: add a all flag to export_outputs (moneromooo-monero)
|
|
e9fac29a unit_tests/long_term_block_weight: some tweaks that seem to make more sense (stoffu)
467f4c7e tests/block_weight: use integer division when computing median (stoffu)
815d08dc tests/block_weight: remove unused MULTIPLIER_SMALL (stoffu)
661f1fb8 blockchain: remove unused calc of short_term_constraint (stoffu)
|
|
f4f1471c readme: add some more instructions for translators (erciccione)
|
|
d4a78c74 build: libusb static compilation fix (Dusan Klinec)
|
|
ac874e2d tests: fix test_options initialization error (Dusan Klinec)
|
|
66d73d2f easylogging++: update to v9.96.7 (moneromooo-monero)
|
|
bea1918a blockchain_import: error out if preparing to handle blocks fails (moneromooo-monero)
|
|
ffdbcfb6 core: don't check block rate nor fork time in regtest mode (moneromooo-monero)
|
|
d34599da wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
|
|
5e673c03 blockchain_db: fix db txn ending too early (moneromooo-monero)
|
|
|
|
|
|
|
|
We want to get all blocks here, even pruned ones
|
|
|
|
|
|
It will avoid connecting to a daemon (so useful for cold signing
using a RPC wallet), and not perform DNS queries.
|
|
|
|
|
|
|
|
|
|
|
|
b6420e12 lmdb: catch non-LMDB negative errors before strerror (moneromooo-monero)
|
|
e78cea74 rpc: fix off by one in get_height (moneromooo-monero)
|
|
8df82707 Fix linker issues using easylogging (Martijn Otto)
|
|
c4f8a8a6 build fix: combinator.h stdexcept missing include (Dusan Klinec)
|
|
cbf32241 rpc: make wide_difficulty hexadecimal (moneromooo-monero)
|
|
41901b8d device/trezor: env-configurable ports (Dusan Klinec)
c97a1f79 tests: trezor tests fixes and improvements (Dusan Klinec)
|
|
b40392fb wallet2: add --no-dns flag (moneromooo-monero)
|
|
15f27c80 wallet2: support multi out txes without change in sanity check (moneromooo-monero)
|
|
c5d3ea2f tests: add a few try/catch in main to shut coverity up (moneromooo-monero)
|
|
a2195b9b crypto: replace rand<T>()%N idiom with unbiased rand_idx(N) (stoffu)
|
|
e72c2c5d do not build in parallel as it is non-deterministic (Jane Mercer)
|
|
383c38fd fix init warning on whatever compiler version (italocoin)
|
|
c68fe787 device/trezor: add button pressed request (Dusan Klinec)
827f52ad wallet: API changes to enable passphrase entry (Dusan Klinec)
|
|
|
|
This is now obsolete, and this removes the warning on startup
on a new db that confuses some people
|
|
|
|
It's a bit of a hack, but doing it right would need a lot
of changes to the easylogging++ source.
|
|
Coverity 197648
|
|
Coverity 197653
|
|
That should hopefully shut coverity up
|
|
The db txn in add_block ending caused the entire overarching
batch txn to stop.
Also add a new guard class so a db txn can be stopped in the
face of exceptions.
Also use a read only db txn in init when the db itself is
read only, and do not save the max tx size in that case.
|
|
|
|
|
|
rather than from data dir where it normally is.
It makes things like --log-file ./foo.log behave as you'd expect.
|
|
8f1fe45 simplewallet: fix merge error with new welcome command (moneromooo-monero)
|
|
This will weed out some transactions with silly rings
|
|
When closing connections due to exiting, the IO service is
already gone, so the data exchange needed for a gracious SSL
shutdown cannot happen. We just close the socket in that case.
|
|
|
|
Loading the same wallet as the currently loaded one would autosave
the current state after loading it, leading to some kind of rollback
effect. We now save before loading to avoid this. If loading fails,
it means the current wallet will be saved (or maybe not, depending
on where the failure occurs: most of the sanity checks occur before
saving). There is a new autosave_current flag to open/restore calls
so the (enabled by default) autosave can be skipped.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
d843f200 simplewallet: add a welcome/disclaimer message command (moneromooo-monero)
|
|
0eee6cd7 block_weight: catch exceptions in main for clean exit on error (moneromooo-monero)
4b3bb829 epee: init a new ssl related variable in ctor (moneromooo-monero)
|
|
0575794f console: simple shell over console.py (moneromooo-monero)
047af5c3 console.py: can now connect to several daemons/wallets (moneromooo-monero)
9f9571aa cmake: always detect python, it's neeed for some tests (moneromooo-monero)
8646bd00 functional_tests: exit with 1 if any test fails (moneromooo-monero)
6fd8834d console.py: add tab completion (moneromooo-monero)
04a20cb2 functional_tests: cold signing key images/outputs import/export (moneromooo-monero)
798e3cad functional_tests: add double spend detection tests (moneromooo-monero)
7c657bb2 functional_tests: add alt chains tests (moneromooo-monero)
f8be31d2 functional_tests: add wallet creation language tests (moneromooo-monero)
2d68b31f functional_tests: add more wallet tests (moneromooo-monero)
23f86dad python-rpc: add set_log_level and set_log_categories (moneromooo-monero)
b3a32d55 functional_tests: add describe_transfer tests (moneromooo-monero)
108f4375 console.py: support connecting to any host, not just 127.0.0.1 (moneromooo-monero)
064ab123 functional_tests: add more blockchain related tests (moneromooo-monero)
21b1ac1d functional_tests: add bans tests (moneromooo-monero)
|
|
I saw one when landing on www.tribler.org, and it seemed
like a good idea to have something similar, alongside some
more general "what is monero" text.
|
|
|
|
|
|
to avoid the "python -i" part
|
|
Also throw exceptions instead of print+exit, since that makes
the error print last, below the python stack trace, where it's
much less easy to miss it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
get_transfer_by_txid, get_height, open/close
|
|
|
|
|
|
|
|
Related to emission, reorgs, getting tx data back, output
distribution and histogram
|
|
|
|
3de49afc README.md: fork table, copy lines from release branch (Gingeropolous)
e172fbae README.md: fix missing comma (Tyler Saballus)
97f0899b README.md: minor spelling issue (Justin Gerber)
|
|
0be5b2ee simplewallet: new unset_ring command (moneromooo-monero)
|
|
c12b43cb wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
3f1e9e84 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
36c037ec wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
cd1eaff2 wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
|
|
def40161 miner: fix race when stopping mining with start mining enabled (moneromooo-monero)
|
|
113e4877 blockchain_stats: fix sign in formatting function (moneromooo-monero)
adaea3ea various: remove unused variables (moneromooo-monero)
631ef00e blockchain: some debug info when adding txes-from-block fails (moneromooo-monero)
|
|
83fc45a4 Add NanoX support (cslashm)
|
|
eda2661a Allow pruning before v10 (moneromooo-monero)
|
|
c746f45d Add hash of top block to /getheight RPC (Howard Chu)
|
|
a2561653 wallet: new option to start background mining (moneromooo-monero)
|
|
aff80e70 blockchain: fix returned height in create_block_template (moneromooo-monero)
|
|
9f8dc4ce simplewallet: new net_stats command (moneromooo-monero)
|
|
displays total sent and received bytes
|
|
07b716bf util: name replace_file arguments better (moneromooo-monero)
|
|
c2f271d1 device/trezor: increase live-refresh timeout (Dusan Klinec)
|
|
089c7637 cryptonote: rework block blob size sanity check (moneromooo-monero)
|
|
f064efae README: add and remove dependencies on OSX line (George)
|
|
2e578b82 Enabling daemon-rpc SSL now requires non-system CA verification (Lee Clagett)
d58f3682 Require manual override for user chain certificates. (Lee Clagett)
97cd1fa9 Only check top-level certificate against fingerprint list. (Lee Clagett)
7c388fb3 Call `use_certificate_chain_file` instead of `use_certificate_file` (Lee Clagett)
eca0fea4 Perform RFC 2818 hostname verification in client SSL handshakes (Lee Clagett)
0416764c Require server verification when SSL is enabled. (Lee Clagett)
96d602ac Add `verify_fail_if_no_cert` option for proper client authentication (Lee Clagett)
21eb1b07 Pass SSL arguments via one class and use shared_ptr instead of reference (Lee Clagett)
1f5ed328 Change default SSL to "enabled" if user specifies fingerprint/certificate (Lee Clagett)
f18a069f Do not require client certificate unless server has some whitelisted. (Lee Clagett)
a3b02848 Change SSL certificate file list to OpenSSL builtin load_verify_location (Lee Clagett)
|
|
|
|
- configurable hardforks via env vars
|
|
|
|
if we don't want to export new outputs only
|
|
|
|
|
|
|
|
|
|
|
|
- added link to guide for Pootle
- link directly to CLI project on Pootle
- improved wording
|
|
|
|
|
|
The word 'dont' is not spelled correctly.
|
|
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
|
|
|
|
|
|
|
|
|
|
Coverity 197562
|
|
|
|
|
|
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
|
|
This allows "chain" certificates to be used with the fingerprint
whitelist option. A user can get a system-ca signature as backup while
clients explicitly whitelist the server certificate. The user specified
CA can also be combined with fingerprint whitelisting.
|
|
The former has the same behavior with single self signed certificates
while allowing the server to have separate short-term authentication
keys with long-term authorization keys.
|
|
If the verification mode is `system_ca`, clients will now do hostname
verification. Thus, only certificates from expected hostnames are
allowed when SSL is enabled. This can be overridden by forcible setting
the SSL mode to autodetect.
Clients will also send the hostname even when `system_ca` is not being
performed. This leaks possible metadata, but allows servers providing
multiple hostnames to respond with the correct certificate. One example
is cloudflare, which getmonero.org is currently using.
|
|
If SSL is "enabled" via command line without specifying a fingerprint or
certificate, the system CA list is checked for server verification and
_now_ fails the handshake if that check fails. This change was made to
remain consistent with standard SSL/TLS client behavior. This can still
be overridden by using the allow any certificate flag.
If the SSL behavior is autodetect, the system CA list is still checked
but a warning is logged if this fails. The stream is not rejected
because a re-connect will be attempted - its better to have an
unverified encrypted stream than an unverified + unencrypted stream.
|
|
Using `verify_peer` on server side requests a certificate from the
client. If no certificate is provided, the server silently accepts the
connection and rejects if the client sends an unexpected certificate.
Adding `verify_fail_if_no_cert` has no affect on client and for server
requires that the peer sends a certificate or fails the handshake. This
is the desired behavior when the user specifies a fingerprint or CA file.
|
|
|
|
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
|
|
Currently a client must provide a certificate, even if the server is
configured to allow all certificates. This drops that requirement from
the client - unless the server is configured to use a CA file or
fingerprint(s) for verification - which is the standard behavior for SSL
servers.
The "system-wide" CA is not being used as a "fallback" to verify clients
before or after this patch.
|
|
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.
This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
|
|
|
|
e8cf7dcc rpc: merge the two get_info implementations (moneromooo-monero)
|
|
71907980 unit_tests: fix long term block weight test after cache change (moneromooo-monero)
|
|
|
|
1569776a Add missing include (Leon Klingele)
|
|
b0c552f5 cryptonote_protocol_handler: add block/tx hashes in notify logs (moneromooo-monero)
|
|
dffdccdc No longer use deprecated RSA_generate_key in favor of RSA_generate_key_ex (Martijn Otto)
|
|
1bc78cc2 tests: trezor_test fix (Dusan Klinec)
|
|
a299dc96 rpc.gettransactions: fill as_json with partial tx in pruned mode (stoffu)
|
|
050bb337 wallet2: factor the watchonly/multisig/etc fields on creation (moneromooo-monero)
|
|
59776a64 epee: some more minor JSON parsing speedup (moneromooo-monero)
|
|
d45b85e1 wallet2: skip derivation precalc for blocks we know we'll skip (moneromooo-monero)
|
|
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
|
|
678262ab wallet_rpc_server: allow english/local language names in create_wallet (moneromooo-monero)
|
|
5e1a3e48 lmdb: fix size_t size issues on 32 bit (moneromooo-monero)
|
|
cafa15b9 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
|
|
849a768f perf_timer: move some debug levels to info for consistency (moneromooo-monero)
|
|
0218bc49 test: hmac_keccak - fix number of chunks counting (Dusan Klinec)
|
|
16eda54b wallet: use original user address if we have a short payment id (moneromooo-monero)
|
|
|
|
This should be friendlier for clients which don't have bignum support
|
|
Use the actual block weight limit, assuming that weight is always
greater or equal to size
|
|
The setup-background-mining option can be used to select
background mining when a wallet loads. The user will be asked
the first time the wallet is created.
|
|
|
|
|
|
|
|
|
|
8bb253b0 libwallet_merged: add missing net target (selsta)
|
|
|
|
|
|
|
|
Useful when debugging, though not much for users
|
|
d3018d0f api/wallet: fix some wrong namespace (stoffu)
|
|
|
|
|
|
|
|
It makes more sense than (uint64_t)-1, which is going to look
like very much confirmed when not checking in_pool
|
|
|
|
It was not filled out for in and pool types
|
|
|
|
|
|
|
|
|
|
f825055d wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
67aa4adc wallet_rpc_server: add a set_daemon RPC (moneromooo-monero)
705acbac wallet2: init some variables to default values if loading old wallets (moneromooo-monero)
f82bc29e wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
01efdc6a wallet_rpc_server: set confirmations to 0 for pending/pool txes (moneromooo-monero)
|
|
|
|
|
|
|
|
It was not filled out for in and pool types
|
|
|
|
|
|
1a91385e block_weight: fix python 2/3 compatibility (moneromooo-monero)
|
|
9f49722c Fix build on FreeBSD (Nathan Dorfman)
|
|
19f8089f p2p: don't lookup seed nodes when offline (moneromooo-monero)
|
|
18faa6da wallet: add freeze/thaw/frozen commands (moneromooo-monero)
|
|
7c440915 Add get_tx_proof support, needed for new sanity check (cslashm)
98fdcb2a Add support for V11 protocol with BulletProofV2 and short amount. New scheme key destination contrfol Fix dummy decryption in debug mode (cslashm)
3a981a33 Add application version compatibility check. (cslashm)
|
|
f1a3796a wallet2: fix tx sanity check change test for the sweep_all case (moneromooo-monero)
|
|
ae6885f6 blockchain: incremental long term block weight cache (moneromooo-monero)
9b687c78 blockchain: simple cache for the long term block weights (moneromooo-monero)
|