| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
8f1fe45 simplewallet: fix merge error with new welcome command (moneromooo-monero)
|
|
|
|
d843f200 simplewallet: add a welcome/disclaimer message command (moneromooo-monero)
|
|
0eee6cd7 block_weight: catch exceptions in main for clean exit on error (moneromooo-monero)
4b3bb829 epee: init a new ssl related variable in ctor (moneromooo-monero)
|
|
0575794f console: simple shell over console.py (moneromooo-monero)
047af5c3 console.py: can now connect to several daemons/wallets (moneromooo-monero)
9f9571aa cmake: always detect python, it's neeed for some tests (moneromooo-monero)
8646bd00 functional_tests: exit with 1 if any test fails (moneromooo-monero)
6fd8834d console.py: add tab completion (moneromooo-monero)
04a20cb2 functional_tests: cold signing key images/outputs import/export (moneromooo-monero)
798e3cad functional_tests: add double spend detection tests (moneromooo-monero)
7c657bb2 functional_tests: add alt chains tests (moneromooo-monero)
f8be31d2 functional_tests: add wallet creation language tests (moneromooo-monero)
2d68b31f functional_tests: add more wallet tests (moneromooo-monero)
23f86dad python-rpc: add set_log_level and set_log_categories (moneromooo-monero)
b3a32d55 functional_tests: add describe_transfer tests (moneromooo-monero)
108f4375 console.py: support connecting to any host, not just 127.0.0.1 (moneromooo-monero)
064ab123 functional_tests: add more blockchain related tests (moneromooo-monero)
21b1ac1d functional_tests: add bans tests (moneromooo-monero)
|
|
I saw one when landing on www.tribler.org, and it seemed
like a good idea to have something similar, alongside some
more general "what is monero" text.
|
|
|
|
|
|
to avoid the "python -i" part
|
|
Also throw exceptions instead of print+exit, since that makes
the error print last, below the python stack trace, where it's
much less easy to miss it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
get_transfer_by_txid, get_height, open/close
|
|
|
|
|
|
|
|
Related to emission, reorgs, getting tx data back, output
distribution and histogram
|
|
|
|
3de49afc README.md: fork table, copy lines from release branch (Gingeropolous)
e172fbae README.md: fix missing comma (Tyler Saballus)
97f0899b README.md: minor spelling issue (Justin Gerber)
|
|
0be5b2ee simplewallet: new unset_ring command (moneromooo-monero)
|
|
c12b43cb wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
3f1e9e84 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
36c037ec wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
cd1eaff2 wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
|
|
def40161 miner: fix race when stopping mining with start mining enabled (moneromooo-monero)
|
|
113e4877 blockchain_stats: fix sign in formatting function (moneromooo-monero)
adaea3ea various: remove unused variables (moneromooo-monero)
631ef00e blockchain: some debug info when adding txes-from-block fails (moneromooo-monero)
|
|
83fc45a4 Add NanoX support (cslashm)
|
|
eda2661a Allow pruning before v10 (moneromooo-monero)
|
|
c746f45d Add hash of top block to /getheight RPC (Howard Chu)
|
|
a2561653 wallet: new option to start background mining (moneromooo-monero)
|
|
aff80e70 blockchain: fix returned height in create_block_template (moneromooo-monero)
|
|
9f8dc4ce simplewallet: new net_stats command (moneromooo-monero)
|
|
displays total sent and received bytes
|
|
07b716bf util: name replace_file arguments better (moneromooo-monero)
|
|
c2f271d1 device/trezor: increase live-refresh timeout (Dusan Klinec)
|
|
089c7637 cryptonote: rework block blob size sanity check (moneromooo-monero)
|
|
f064efae README: add and remove dependencies on OSX line (George)
|
|
2e578b82 Enabling daemon-rpc SSL now requires non-system CA verification (Lee Clagett)
d58f3682 Require manual override for user chain certificates. (Lee Clagett)
97cd1fa9 Only check top-level certificate against fingerprint list. (Lee Clagett)
7c388fb3 Call `use_certificate_chain_file` instead of `use_certificate_file` (Lee Clagett)
eca0fea4 Perform RFC 2818 hostname verification in client SSL handshakes (Lee Clagett)
0416764c Require server verification when SSL is enabled. (Lee Clagett)
96d602ac Add `verify_fail_if_no_cert` option for proper client authentication (Lee Clagett)
21eb1b07 Pass SSL arguments via one class and use shared_ptr instead of reference (Lee Clagett)
1f5ed328 Change default SSL to "enabled" if user specifies fingerprint/certificate (Lee Clagett)
f18a069f Do not require client certificate unless server has some whitelisted. (Lee Clagett)
a3b02848 Change SSL certificate file list to OpenSSL builtin load_verify_location (Lee Clagett)
|
|
|
|
|
|
The word 'dont' is not spelled correctly.
|
|
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
|
|
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
|
|
This allows "chain" certificates to be used with the fingerprint
whitelist option. A user can get a system-ca signature as backup while
clients explicitly whitelist the server certificate. The user specified
CA can also be combined with fingerprint whitelisting.
|
|
The former has the same behavior with single self signed certificates
while allowing the server to have separate short-term authentication
keys with long-term authorization keys.
|
|
If the verification mode is `system_ca`, clients will now do hostname
verification. Thus, only certificates from expected hostnames are
allowed when SSL is enabled. This can be overridden by forcible setting
the SSL mode to autodetect.
Clients will also send the hostname even when `system_ca` is not being
performed. This leaks possible metadata, but allows servers providing
multiple hostnames to respond with the correct certificate. One example
is cloudflare, which getmonero.org is currently using.
|
|
If SSL is "enabled" via command line without specifying a fingerprint or
certificate, the system CA list is checked for server verification and
_now_ fails the handshake if that check fails. This change was made to
remain consistent with standard SSL/TLS client behavior. This can still
be overridden by using the allow any certificate flag.
If the SSL behavior is autodetect, the system CA list is still checked
but a warning is logged if this fails. The stream is not rejected
because a re-connect will be attempted - its better to have an
unverified encrypted stream than an unverified + unencrypted stream.
|
|
Using `verify_peer` on server side requests a certificate from the
client. If no certificate is provided, the server silently accepts the
connection and rejects if the client sends an unexpected certificate.
Adding `verify_fail_if_no_cert` has no affect on client and for server
requires that the peer sends a certificate or fails the handshake. This
is the desired behavior when the user specifies a fingerprint or CA file.
|
|
|
|
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
|
|
Currently a client must provide a certificate, even if the server is
configured to allow all certificates. This drops that requirement from
the client - unless the server is configured to use a CA file or
fingerprint(s) for verification - which is the standard behavior for SSL
servers.
The "system-wide" CA is not being used as a "fallback" to verify clients
before or after this patch.
|
|
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.
This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
|
|
e8cf7dcc rpc: merge the two get_info implementations (moneromooo-monero)
|
|
71907980 unit_tests: fix long term block weight test after cache change (moneromooo-monero)
|
|
|
|
1569776a Add missing include (Leon Klingele)
|
|
b0c552f5 cryptonote_protocol_handler: add block/tx hashes in notify logs (moneromooo-monero)
|
|
dffdccdc No longer use deprecated RSA_generate_key in favor of RSA_generate_key_ex (Martijn Otto)
|
|
1bc78cc2 tests: trezor_test fix (Dusan Klinec)
|
|
a299dc96 rpc.gettransactions: fill as_json with partial tx in pruned mode (stoffu)
|
|
050bb337 wallet2: factor the watchonly/multisig/etc fields on creation (moneromooo-monero)
|
|
59776a64 epee: some more minor JSON parsing speedup (moneromooo-monero)
|
|
d45b85e1 wallet2: skip derivation precalc for blocks we know we'll skip (moneromooo-monero)
|
|
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
|
|
678262ab wallet_rpc_server: allow english/local language names in create_wallet (moneromooo-monero)
|
|
5e1a3e48 lmdb: fix size_t size issues on 32 bit (moneromooo-monero)
|
|
cafa15b9 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
|
|
849a768f perf_timer: move some debug levels to info for consistency (moneromooo-monero)
|
|
0218bc49 test: hmac_keccak - fix number of chunks counting (Dusan Klinec)
|
|
16eda54b wallet: use original user address if we have a short payment id (moneromooo-monero)
|
|
Use the actual block weight limit, assuming that weight is always
greater or equal to size
|
|
The setup-background-mining option can be used to select
background mining when a wallet loads. The user will be asked
the first time the wallet is created.
|
|
|
|
8bb253b0 libwallet_merged: add missing net target (selsta)
|
|
|
|
|
|
Useful when debugging, though not much for users
|
|
d3018d0f api/wallet: fix some wrong namespace (stoffu)
|
|
|
|
|
|
|
|
It makes more sense than (uint64_t)-1, which is going to look
like very much confirmed when not checking in_pool
|
|
|
|
It was not filled out for in and pool types
|
|
|
|
|
|
|
|
|
|
f825055d wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
67aa4adc wallet_rpc_server: add a set_daemon RPC (moneromooo-monero)
705acbac wallet2: init some variables to default values if loading old wallets (moneromooo-monero)
f82bc29e wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
01efdc6a wallet_rpc_server: set confirmations to 0 for pending/pool txes (moneromooo-monero)
|
|
|
|
|
|
|
|
It was not filled out for in and pool types
|
|
|
|
|
|
1a91385e block_weight: fix python 2/3 compatibility (moneromooo-monero)
|
|
9f49722c Fix build on FreeBSD (Nathan Dorfman)
|
|
19f8089f p2p: don't lookup seed nodes when offline (moneromooo-monero)
|
|
18faa6da wallet: add freeze/thaw/frozen commands (moneromooo-monero)
|
|
7c440915 Add get_tx_proof support, needed for new sanity check (cslashm)
98fdcb2a Add support for V11 protocol with BulletProofV2 and short amount. New scheme key destination contrfol Fix dummy decryption in debug mode (cslashm)
3a981a33 Add application version compatibility check. (cslashm)
|
|
f1a3796a wallet2: fix tx sanity check change test for the sweep_all case (moneromooo-monero)
|
|
ae6885f6 blockchain: incremental long term block weight cache (moneromooo-monero)
9b687c78 blockchain: simple cache for the long term block weights (moneromooo-monero)
|
|
32973434 python-rpc: add getblockheadersrange daemon RPC (moneromooo-monero)
c7bfdc35 python-rpc: add console.py (moneromooo-monero)
22b644f4 functional_tests: move RPC API to utils, it is not test specific (moneromooo-monero)
30c865f0 functional_tests: add balance tests (moneromooo-monero)
fdfa832f functional_tests: add missing parameters to get_balance (moneromooo-monero)
cf6d7759 functional_tests: add proofs tests (tx key, in/out tx, reserve) (moneromooo-monero)
a3144bd7 functional_tests: add more transfer tests (moneromooo-monero)
5d580bfa functional_tests: add get_bulk_transfer tests (moneromooo-monero)
0becbd16 functional_tests: add message signing/verification tests (moneromooo-monero)
a5dbf7f5 functional_tests: add multisig and cold signing tests (moneromooo-monero)
b2fc5719 functional_tests: support several daemons/wallets (moneromooo-monero)
9e979ffa functional_tests: add txpool RPC tests (moneromooo-monero)
3e93c157 functional_tests: add integrated address tests (moneromooo-monero)
b384309e functional_tests: add basic transfer tests (moneromooo-monero)
ef7681b6 functional_tests: plug RPC tests into the cmake machinery (moneromooo-monero)
18a2ed45 functional_tests: add basic mining tests (moneromooo-monero)
98e280fc functional_tests: add wallet address/subaddress RPC tests (moneromooo-monero)
8dcd4d3d functional_tests: improve RPC blockchain tests (moneromooo-monero)
|
|
023f2c77 wallet_rpc_server: remove mixin from transfer RPCs (moneromooo-monero)
|
|
c23ea796 New interactive daemon command 'print_net_stats': Global traffic stats (rbrunner7)
|
|
|
|
dc20d774 rpc: add miner tx hash to block header response (moneromooo-monero)
|
|
760d3a2a daemon: init public_port in all ctors (moneromooo-monero)
|
|
85f2f8c9 Fix daemon startup parameter '--limit-rate' processing after parameter defaults (rbrunner7)
|
|
1730a44f core: improve block rate monitor trigger probabilities (moneromooo-monero)
|
|
d7dd8575 Upgraded static dependency versions and hashes in Dockerfile. (Norman Moeschter)
|
|
43042a28 Implement array_entry_t copy constructor (Guido Vranken)
|
|
a7211793 rpc: quantize db size up to 5 GB in restricted mode (moneromooo-monero)
|
|
e99b2b12 simplewallet: make the long payment ids warnigns more warney (moneromooo-monero)
|
|
8a97563a Use threadpool instead of new threads for DNS queries (Howard Chu)
|
|
4500236f wallet2: make use_fork_rules handle chain heights lower than leeway (moneromooo-monero)
|
|
0a6cb30d wallet: flush output cache upon reorg (moneromooo-monero)
|
|
23fb056a wallet_rpc_server: new auto_refresh RPC (moneromooo-monero)
|
|
4ee15655 wallet_rpc_server: fix buffer read overflow in string assignment (moneromooo-monero)
|
|
8fd7452b wallet: move light wallet RPC out of core RPC (moneromooo-monero)
|
|
a8b98a0b wallet: fix memory only wallets (moneromooo-monero)
|
|
2b10f22a mnemonics: fix half length seed to bytes conversion (moneromooo-monero)
|
|
77e9815d blockchain: do not try to pop the genesis block (moneromooo-monero)
|
|
328d291f wallet2: set seed language when creating from json (moneromooo-monero)
|
|
a52366c1 wallet2: fix generation from json when restore height is not set (moneromooo-monero)
|
|
39f000b3 miner: fix possible exit crash due to race in stop (moneromooo-monero)
|
|
ab6c3b1d tests: fix path in instructions (moneromooo-monero)
|
|
1d14b3f0 ringct: fix capitalization for scaler mult (fuwa)
|
|
91f4c7f4 Make difficulty 128 bit instead of 64 bit (moneromooo-monero)
|
|
This check is now not needed anymore, and would prevent people
from using --prune-blockchain when starting a new sync
|
|
|
|
|
|
|
|
It's now needed for CNv4, and was not retained when cached
|
|
It was confusing unless you read code and the rename(2) man page.
|
|
|
|
|
|
|
|
Enhance debug info
|
|
New scheme key destination contrfol
Fix dummy decryption in debug mode
|
|
|
|
|
|
ef92620c socks: fix build with boost 1.70 (moneromooo-monero)
|
|
|
|
RSA_generate_key_ex
|
|
7acfa9f3 Added socks proxy (tor/i2pd/kovri) support to wallet (Lee Clagett)
|
|
There's half a dozen calls, and it's easy to miss some when
adding a new field.
|
|
|
|
|
|
|
|
|
|
|
|
The block 202612 fix can be left tested at the end, if we
already know we're not in the general case
|
|
This saves a duplicate serialization step
|
|
|
|
|
|
|
|
and return both in get_languages
|
|
at least when using restore_deterministic_wallet
|
|
|
|
|
|
The original intent of one false positive a week on average
was not met, since what we really want is not the probability
of having N blocks in T seconds, but either N blocks of fewer
in T seconds, or N blocks or more in T seconds.
Some of this could be cached since it calculates the same fairly
complex floating point values, but it seems pretty fast already.
|
|
It makes more sense than (uint64_t)-1, which is going to look
like very much confirmed when not checking in_pool
|
|
Based on Boolberry work by:
jahrsg <jahr@jahr.me>
cr.zoidberg <crypto.zoidberg@gmail.com>
|
|
|
|
|
|
cce948a5 simplewallet: add some missing spacing before uses data (moneromooo-monero)
|
|
6ef816de console_handler: print newline on EOF (moneromooo-monero)
|
|
f962449d wallet_rpc_server: include out subaddress indices in get_transfers (moneromooo-monero)
|
|
adf6d773 wallet: fix offline signing calling a daemon RPC (moneromooo-monero)
|
|
dc0c0c91 tests: disable wallet SSL init for tests involving wallet2 (moneromooo-monero)
|
|
be6f426a rpc: Allow submitting tx as hex blob over ZMQ (Nathan Dorfman)
|
|
223c6b07 dns_utils: really add default DNSSEC servers on failure (moneromooo-monero)
|
|
e9519e98 cryptonote: fix calculating coinbase tx hash (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
It allows one to connect to a running daemon or wallet, and use
its RPC API from python.
Usage: python -i console.py <port>
It will detect whether it's talking to a daemon or wallet and
initialize itself accordingly.
|
|
This will cause DNS requests, which will block and timeout
if there is really no network connectivity
|
|
|
|
|
|
|
|
These commands let one freeze outputs by key image, so they
do not appear in balance, nor are considered when creating
a transaction, etc
This is helpful when receiving an output from a suspected spy,
who might try to track your other outputs by seeing with what
other outputs it gets spent.
The frozen command may be used without parameters to list all
currently frozen outputs.
|
|
|
|
manual relay, transfer to integrated address, and a few negative
transfer tests
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also set error flag on exception when handling new txes
to keep tests working
|
