Age | Commit message (Collapse) | Author | Files | Lines |
|
a23dbe6 simplewallet: prompt when spending more than one old out in one tx (moneromooo-monero)
|
|
3b9ce45 wallet_rpc_server: remove unused variable (moneromooo-monero)
|
|
6aa3c2f dns_checks: new helper program to check on DNSSEC lookups (moneromooo-monero)
|
|
515ac29 p2p: store network address directly in blocked host list (moneromooo-monero)
65c4004 allow blocking whole subnets (moneromooo-monero)
|
|
de970334 bump version to 0.14.1.2 (Riccardo Spagni)
4850520b update checkpoints.dat hash (Riccardo Spagni)
|
|
|
|
|
|
a69dc818 prep for 0.14.1.1 (Riccardo Spagni)
|
|
|
|
a96c1a46 cryptonote_protocol: drop peers we can't download from when syncing (moneromooo-monero)
ab361df2 p2p: add a few missing connection close calls (moneromooo-monero)
|
|
|
|
rather than their string representation
|
|
3140a37 wallet_rpc_server: fix get_bulk_payments with short payment ids (moneromooo-monero)
|
|
4ee095c p2p: don't connect to more than one IP per class B if we can (moneromooo-monero)
|
|
c223832 keccak: guard against misaligned memory accesses on ARM (moneromooo-monero)
|
|
8f22279 Depends: Update HIDAPI version (TheCharlatan)
|
|
1dbfc81 Add debug targets to depends Makefile (TheCharlatan)
cbbb24c Remove clutter in depends installed packages (TheCharlatan)
496cd46 Add ncurses package for linux and darwin readline (TheCharlatan)
|
|
|
|
|
|
The code generated is exactly the same as the direct access
one on x86_64
|
|
Any peer that's behind us while syncing is useless to us (though
not to them). This ensures that we don't get our peer slots filled
with peers that we can't use. Once we've synced, we can connect
to them and they can then sync off us if they want.
|
|
|
|
5d6b43b core: fix --prune-blockchain not pruning if no blockchain exists (moneromooo-monero)
|
|
3c071d2 blockchain: silence an error getting blocks for pruned nodes (moneromooo-monero)
|
|
2ff99fb db_lmdb: commit pruning txn at checkpoints (moneromooo-monero)
|
|
037f94c Remove Xiala.net from the list of dns resolvers (tobtoht)
|
|
15c699f rpc: set sanity_check_failed to false when successful (stoffu)
|
|
da3e20e tx_sanity_check: relax the median check a lot (moneromooo-monero)
|
|
4237707 p2p: don't forget pruning seed or public RPC port when updating peers (moneromooo-monero)
|
|
The macos binaries in release v0.14.1.0 were compiled with the buggy
hidapi-0.8.0-rc1 version. This resulted in users not being able to use
their Ledger with the latest cli wallet. After the patch depends now
fetches the source from the libusb hidapi repository that has taken over
maintenance of hidapi.
|
|
Older nodes don't pass that information around
|
|
Readline support is now compiled with the ncurses backend.
|
|
To speedup the depends cached builds, remove some some clutter from the package
files. This mainly incldues removing all the shared libraries and .la
linker files. It also gives stronger guarantees that monero only links
the static libs without any external rvalues.
|
|
Packages can now be built individually and for each stage. This allows
easier debugging.
|
|
It is down permanently. See: https://xiala.net/
"Ende November 2018 werden alle Dienste von xiala.net abgeschaltet."
|
|
|
|
we don't want to prevent bona fide txes, just obvious bad ones
|
|
|
|
This happens often when a pre-pruning node asks a pruned node
for data it does not have
|
|
to avoid errors when the txn is too large
|
|
633f1542 prep for 0.14.1 release (Riccardo Spagni)
|
|
2eef90d6 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
0564da5f ensure no NULL is passed to memcpy (moneromooo-monero)
bc09766b abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
1387549e serialization: check stream good flag at the end (moneromooo-monero)
a00cabd4 tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
f2152192 cryptonote: throw on tx hash calculation error (moneromooo-monero)
db2b9fba serialization: fail on read_varint error (moneromooo-monero)
68ad5481 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
1cc61018 cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
8f66b705 cryptonote_protocol_handler: prevent potential DoS (anonimal)
39169ace epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
|
|
|
|
|
|
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
|
|
|
|
just in case
|
|
Large amounts might run out of stack
Reported by guidov
|
|
|
|
|
|
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
|
|
Count transactions as well
|
|
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.
This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
|
|
Reported by guidov
|
|
3a0fbea Don't use -march=native (hyc)
f8b2f25 Allow parallel make (hyc)
01ced20 Delete redundant cppzmq dependency (hyc)
1dc4ebf Use 9 digit build IDs (hyc)
|
|
c27d961 [depends] update openssl to 1.0.2r (who-biz)
|
|
|
|
|
|
|
|
|
|
f2f207d miner: fix double free of thread attributes (ston1th)
|
|
b0a04f7 epee: fix SSL autodetect on reconnection (xiphon)
|
|
643c86a miniupnpc: update to build on BSD (moneromooo-monero)
|
|
2cbe756 p2p: fix GCC 9.1 crash (moneromooo-monero)
35c20c4 Fix GCC 9.1 build warnings (moneromooo-monero)
e284889 cmake: do not use -mmitigate-rop on GCC >= 9.1 (moneromooo-monero)
|
|
|
|
It was removed, but it still accepted by the compiler, which warns
for every file
|
|
GCC wants operator= aand copy ctor to be both defined, or neither
|
|
issue: #5568
|
|
|
|
|
|
77594c4f functional_tests: fix python3 compatibility (moneromooo-monero)
|
|
f950517a core: update pruning if using --prune-blockchain on a pruned blockchain (moneromooo-monero)
|
|
35da33be blockchain: do not try to pop blocks down to the genesis block (moneromooo-monero)
4b51f9a3 core: do not commit half constructed batch db txn (moneromooo-monero)
|
|
9bfa4c20 Fix allow any cert mode in wallet rpc when configured over rpc (Lee Clagett)
3544596f Add ssl_options support to monerod's rpc mode. (Lee Clagett)
c9aaccf3 Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. (Lee Clagett)
|
|
4ac52e52 functional_tests: fix rare get_output_distribution failure (moneromooo-monero)
|
|
dbecfe7d unit_tests: make the density test a bit less stringent (moneromooo-monero)
|
|
b6830db2 Fix #5553 (Howard Chu)
|
|
Also add missing bans test to the default tests
|
|
Avoids a massive amount of spurious warnings if the last update before
the daemon exited was a while ago and the daemon was syncing
|
|
|
|
|
|
|
|
|
|
|
|
When the wallet auto refreshes after mining the last two blocks
but before popping them, it will then try to use outputs which
are not unlocked yet. This is really a wallet problem, which
will be fixed later.
|
|
It's an inherently random test
|
|
Make sure the tip hash still matches the cached block
|
|
- This addresses https://www.openssl.org/news/secadv/20190226.txt (CVE: 2019-1559) which impacted all versions of openssl-1.0.
Note that this does not address CVE-2019-1543 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543), which impacts all versions of openssl 1.1 through 1.1.0j and 1.1.1b.
The above (1.1) is patched in openssl, where it was marked as low severity. Similar issues possibly present in monero, should be looked into w.r.t. CVE-2019-1543.
|
|
915f59e3 wallet: add unlock_time details to show_transfers (moneromooo-monero)
|
|
also add a note when receiving the tx, because the user
might not notice the "XXX blocks to unlock" in the balance.
|
|
3f612cda Changed odd bullet point to low level header (Rohaq)
af9bc4ec Used subeaders to avoid slightly wonky looking formatting (Rohaq)
1873af35 Made code block usage consistent across all .md files (Rohaq)
68103075 Updated Copyright notice (Rohaq)
39bd157f Added Table of Contents to main README.md (Rohaq)
|
|
e1016bce password: do not use line input on windows (moneromooo-monero)
|
|
615f287 wallet: fix certificate fingerprint length check (moneromooo-monero)
|
|
46244dd wallet_rpc_server: use original addresses in destinations in get_transfers (moneromooo-monero)
|
|
9a7a453 net_ssl: free certs after setting them up (moneromooo-monero)
|
|
1e8f3f6 rpc: fail update RPC when running offline (moneromooo-monero)
|
|
b8b957d cmake: fix incorrect hint for OPENSSL_ROOT_DIR (moneromooo-monero)
367bb80 mlog: default to not showing SSL errors (moneromooo-monero)
|
|
d47292e error: fix compile error on windows with depends (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
Fixed by crCr62U0
|
|
This keeps its builtin command editing away
Thanks iDunk for testing on Windows
|
|
And add them for pending transfers, where they were missing
|
|
|
|
|
|
a62e0725 net_ssl: SSL config tweaks for compatibility and security (moneromooo-monero)
|
|
7d5cc035 cmake: fix some case of "backtrace lib not found" breaking (moneromooo-monero)
|
|
e9809382 fix wide difficulty conversion with some versions of boost (moneromooo-monero)
|
|
1c44e658 wallet2: reject standalone short payment IDs in monero: URI API (moneromooo-monero)
|
|
7e5158aa mnemonics: fix 4 byte UTF-8 rewriting (moneromooo-monero)
|
|
ccc1e311 wallet_rpc_server: reject standalone short payment id in address book (moneromooo-monero)
|
|
b4ca72dd wallet2: fix infinite loop picking outputs in corner case (moneromooo-monero)
|
|
a4c4a2d8 blockchain: keep a rolling long term block weight median (moneromooo-monero)
|
|
0eb0d6b8 rpc: improve get_output_distribution (moneromooo-monero)
|
|
28a7d315 p2p: do not send last_seen timestamp to peers (moneromooo-monero)
|
|
f29fecd5 build: debug and test builds via contrib (Dusan Klinec)
|
|
add two RSA based ciphers for Windows/depends compatibility
also enforce server cipher ordering
also set ECDH to auto because vtnerd says it is good :)
When built with the depends system, openssl does not include any
cipher on the current whitelist, so add this one, which fixes the
problem, and does seem sensible.
|
|
|
|
If you use a ; separated set of include and lib directories,
it'll detect the headers in /usr/include and the libraries
where this points to.
|
|
state_not_recoverable is not defined there
|
|
|
|
a59c2746 unit_tests: fix crash in debug in output_distribution test (moneromooo-monero)
|
|
5e0da6fb change SSL certificate fingerprint whitelisting from SHA1 to SHA-256 (moneromooo-monero)
|
|
98fb98f9 wallet_rpc_server: adding missing return on error in set_daemon (moneromooo-monero)
9074c0d8 wallet_rpc_server: return false on error in set_log_categories (moneromooo-monero)
968848a7 wallet_rpc_server: fix crash in validate_address if no wallet is loaded (moneromooo-monero)
|
|
64983fce wallet2: default to trying to keep 5 outputs of 2+ monero (moneromooo-monero)
|
|
36ced067 functional_tests: flush stdout before popening new process (moneromooo-monero)
|
|
0aaf5e2a device/trezor: device sorting and filtering improved (Dusan Klinec)
|
|
|
|
|
|
It fixes at least one case of building on ARM with Docker
|
|
|
|
|
|
If we have fewer outputs available on the chain than what we
require, but the output we're spending already has a ring,
it would loop picking outputs randomly, but never find enough.
Also tune logs for better debugging this kind of thing.
|
|
SHA1 is too close to bruteforceable
|
|
|
|
Reported by SmajeNz0
|
|
Reported by SmajeNz0
|
|
updating the block size limit needs recent block sizes,
so we feed it dummy ones
|
|
It can now handle small reorgs without having to rescan the
whole blockchain.
Also add a test for it.
|
|
- Trezor type detection refactored, T1 disabled (was enabled before which was a bug)
- Sort connected devices by env TREZOR_PATH
- Compatibility with Trezor ecosystem using TREZOR_PATH env var
- Enables to pick particular Trezor to use in GUI as we don't have the multi-device selection yet
- Dump all detected devices to log for better debugging / troubleshooting
|
|
4be18df3 tx_sanity_check: relax uniqueness check a bit (moneromooo-monero)
b386ae57 wallet2: add missing "sanity check failed" reason message (moneromooo-monero)
|
|
c519d1df wallet2: fix wrong change being recorded in sweep_all (moneromooo-monero)
|
|
c0736643 unit_tests: don't delete log file on windows, it will fail (moneromooo-monero)
|
|
9956500d net_helper: clear recv buffer on eof (moneromooo-monero)
|
|
7af49ef0 daemonizer: add --non-interactive for windows (moneromooo-monero)
|
|
edbae2d0 levin_protocol_handler_async: tune down preallocation a fair bit (moneromooo-monero)
|
|
97e1c927 wallet: fix key image computation signaling to the device (Dusan Klinec)
|
|
7a9316eb serialization: set default log category (moneromooo-monero)
|
|
31a9aa83 wallet_rpc_server: add block_height and frozen to incoming_transfers (moneromooo-monero)
|
|
aba2b2e7 functional_tests: reset blockchain on test start (moneromooo-monero)
375fde94 hardfork: fix off by one updating fork index after popping (moneromooo-monero)
|
|
This can be used for fingerprinting and working out the
network topology.
Instead of sending the first N (which are sorted by last
seen time), we sent a random subset of the first N+N/5,
which ensures reasonably recent peers are used, while
preventing repeated calls from deducing new entries are
peers the target node just connected to.
The list is also randomly shuffled so the original set of
timestamps cannot be approximated.
|
|
In the case where previously a second unneeded output would be
added to a transaction. This should help *some* of the cases
where outputs are slowly being consolidated, leading to the
whole balance being locked when sending monero.
|
|
It triggers easily on testnet
|
|
|
|
leading to the sanity check triggering
|
|
|
|
|
|
|
|
|
|
The RPC functional tests need it
Thanks to iDunk for debugging/testing
|
|
It can allocate a lot when getting a lot of connections
(in particular, the stress test on windows apparently pushes
that memory to actual use, rather than just allocated)
|
|
|
|
|
|
|
|
|
|
|
|
55aae6a9 Fix socks tests in windows and handle errors better (Lee Clagett)
|
|
|
|
3e50a9e8 functional_tests: detect requests python module (moneromooo-monero)
|
|
0f52fe4c Windows: work around a boost 1.70 and cmake SNAFU (iDunk5400)
b414b69f Windows: fix a build error in MSYS2 with boost 1.70.0 (iDunk5400)
|
|
fbbe75d7 device/trezor: button request callback fix (Dusan Klinec)
|
|
5d0dcc18 add translations for it, fr, ja, sv from Pootle and refresh template .ts file (Monero-Pootle)
|
|
b672d4d6 epee: use boost/timer/timer.hpp, boost/timer.hpp is deprecated (moneromooo-monero)
|
|
588e6700 simplewallet: fix output representation offset (moneromooo-monero)
35e0a968 wallet2: "output lineup" fake out selection (moneromooo-monero)
|
|
84047cb7 wallet_rpc_server: add unlocked field to incoming_transfers output (moneromooo-monero)
|
|
58eade68 simplewallet: add the change amount to the prompt when locking (moneromooo-monero)
|
|
71102267 wallet_rpc_server: set suggested_confirmations_threshold for pool txes (moneromooo-monero)
|
|
|
|
Boost got upgraded to 1.70.0 in MSYS2. As a result, cmake (v3.13.4 as of this commit) can not configure boost properly, and cmake configuration fails as a result. This is a workaround as per https://gitlab.kitware.com/cmake/cmake/issues/18865
|
|
|
|
|
|
Based on python code by sarang:
https://github.com/SarangNoether/skunkworks/blob/outputs/outputs/simulate.py
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
299052bc Remove unneeded SFINAE on check_tx/block verification in core_tests (Doyle)
|
|
5fafb90e testdb: add override keyword where missing (stoffu)
|
|
e3dea478 unit_tests: undo is_blocked implementation factoring (moneromooo-monero)
|
|
b0a34668 daemon: fix absolute/relative log file test for windows (moneromooo-monero)
|
|
and delete obsolete BlockchainBDB::get_tx_output_indices along the way
|
|
|
|
The is_host_blocked method is not on master yet
|
|
|