Age | Commit message (Collapse) | Author | Files | Lines |
|
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
|
|
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
|
|
This allows "chain" certificates to be used with the fingerprint
whitelist option. A user can get a system-ca signature as backup while
clients explicitly whitelist the server certificate. The user specified
CA can also be combined with fingerprint whitelisting.
|
|
The former has the same behavior with single self signed certificates
while allowing the server to have separate short-term authentication
keys with long-term authorization keys.
|
|
If the verification mode is `system_ca`, clients will now do hostname
verification. Thus, only certificates from expected hostnames are
allowed when SSL is enabled. This can be overridden by forcible setting
the SSL mode to autodetect.
Clients will also send the hostname even when `system_ca` is not being
performed. This leaks possible metadata, but allows servers providing
multiple hostnames to respond with the correct certificate. One example
is cloudflare, which getmonero.org is currently using.
|
|
If SSL is "enabled" via command line without specifying a fingerprint or
certificate, the system CA list is checked for server verification and
_now_ fails the handshake if that check fails. This change was made to
remain consistent with standard SSL/TLS client behavior. This can still
be overridden by using the allow any certificate flag.
If the SSL behavior is autodetect, the system CA list is still checked
but a warning is logged if this fails. The stream is not rejected
because a re-connect will be attempted - its better to have an
unverified encrypted stream than an unverified + unencrypted stream.
|
|
Using `verify_peer` on server side requests a certificate from the
client. If no certificate is provided, the server silently accepts the
connection and rejects if the client sends an unexpected certificate.
Adding `verify_fail_if_no_cert` has no affect on client and for server
requires that the peer sends a certificate or fails the handshake. This
is the desired behavior when the user specifies a fingerprint or CA file.
|
|
|
|
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
|
|
Currently a client must provide a certificate, even if the server is
configured to allow all certificates. This drops that requirement from
the client - unless the server is configured to use a CA file or
fingerprint(s) for verification - which is the standard behavior for SSL
servers.
The "system-wide" CA is not being used as a "fallback" to verify clients
before or after this patch.
|
|
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.
This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
|
|
e8cf7dcc rpc: merge the two get_info implementations (moneromooo-monero)
|
|
71907980 unit_tests: fix long term block weight test after cache change (moneromooo-monero)
|
|
|
|
1569776a Add missing include (Leon Klingele)
|
|
b0c552f5 cryptonote_protocol_handler: add block/tx hashes in notify logs (moneromooo-monero)
|
|
dffdccdc No longer use deprecated RSA_generate_key in favor of RSA_generate_key_ex (Martijn Otto)
|
|
1bc78cc2 tests: trezor_test fix (Dusan Klinec)
|
|
a299dc96 rpc.gettransactions: fill as_json with partial tx in pruned mode (stoffu)
|
|
050bb337 wallet2: factor the watchonly/multisig/etc fields on creation (moneromooo-monero)
|
|
59776a64 epee: some more minor JSON parsing speedup (moneromooo-monero)
|
|
d45b85e1 wallet2: skip derivation precalc for blocks we know we'll skip (moneromooo-monero)
|
|
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
|
|
678262ab wallet_rpc_server: allow english/local language names in create_wallet (moneromooo-monero)
|
|
5e1a3e48 lmdb: fix size_t size issues on 32 bit (moneromooo-monero)
|
|
cafa15b9 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
|
|
849a768f perf_timer: move some debug levels to info for consistency (moneromooo-monero)
|
|
0218bc49 test: hmac_keccak - fix number of chunks counting (Dusan Klinec)
|
|
16eda54b wallet: use original user address if we have a short payment id (moneromooo-monero)
|
|
|
|
8bb253b0 libwallet_merged: add missing net target (selsta)
|
|
|
|
|
|
d3018d0f api/wallet: fix some wrong namespace (stoffu)
|
|
|
|
f825055d wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
67aa4adc wallet_rpc_server: add a set_daemon RPC (moneromooo-monero)
705acbac wallet2: init some variables to default values if loading old wallets (moneromooo-monero)
f82bc29e wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
01efdc6a wallet_rpc_server: set confirmations to 0 for pending/pool txes (moneromooo-monero)
|
|
|
|
|
|
|
|
It was not filled out for in and pool types
|
|
|
|
1a91385e block_weight: fix python 2/3 compatibility (moneromooo-monero)
|
|
9f49722c Fix build on FreeBSD (Nathan Dorfman)
|
|
19f8089f p2p: don't lookup seed nodes when offline (moneromooo-monero)
|
|
18faa6da wallet: add freeze/thaw/frozen commands (moneromooo-monero)
|
|
7c440915 Add get_tx_proof support, needed for new sanity check (cslashm)
98fdcb2a Add support for V11 protocol with BulletProofV2 and short amount. New scheme key destination contrfol Fix dummy decryption in debug mode (cslashm)
3a981a33 Add application version compatibility check. (cslashm)
|
|
f1a3796a wallet2: fix tx sanity check change test for the sweep_all case (moneromooo-monero)
|
|
ae6885f6 blockchain: incremental long term block weight cache (moneromooo-monero)
9b687c78 blockchain: simple cache for the long term block weights (moneromooo-monero)
|
|
32973434 python-rpc: add getblockheadersrange daemon RPC (moneromooo-monero)
c7bfdc35 python-rpc: add console.py (moneromooo-monero)
22b644f4 functional_tests: move RPC API to utils, it is not test specific (moneromooo-monero)
30c865f0 functional_tests: add balance tests (moneromooo-monero)
fdfa832f functional_tests: add missing parameters to get_balance (moneromooo-monero)
cf6d7759 functional_tests: add proofs tests (tx key, in/out tx, reserve) (moneromooo-monero)
a3144bd7 functional_tests: add more transfer tests (moneromooo-monero)
5d580bfa functional_tests: add get_bulk_transfer tests (moneromooo-monero)
0becbd16 functional_tests: add message signing/verification tests (moneromooo-monero)
a5dbf7f5 functional_tests: add multisig and cold signing tests (moneromooo-monero)
b2fc5719 functional_tests: support several daemons/wallets (moneromooo-monero)
9e979ffa functional_tests: add txpool RPC tests (moneromooo-monero)
3e93c157 functional_tests: add integrated address tests (moneromooo-monero)
b384309e functional_tests: add basic transfer tests (moneromooo-monero)
ef7681b6 functional_tests: plug RPC tests into the cmake machinery (moneromooo-monero)
18a2ed45 functional_tests: add basic mining tests (moneromooo-monero)
98e280fc functional_tests: add wallet address/subaddress RPC tests (moneromooo-monero)
8dcd4d3d functional_tests: improve RPC blockchain tests (moneromooo-monero)
|
|
023f2c77 wallet_rpc_server: remove mixin from transfer RPCs (moneromooo-monero)
|
|
c23ea796 New interactive daemon command 'print_net_stats': Global traffic stats (rbrunner7)
|
|
|
|
dc20d774 rpc: add miner tx hash to block header response (moneromooo-monero)
|
|
760d3a2a daemon: init public_port in all ctors (moneromooo-monero)
|
|
85f2f8c9 Fix daemon startup parameter '--limit-rate' processing after parameter defaults (rbrunner7)
|
|
1730a44f core: improve block rate monitor trigger probabilities (moneromooo-monero)
|
|
d7dd8575 Upgraded static dependency versions and hashes in Dockerfile. (Norman Moeschter)
|
|
43042a28 Implement array_entry_t copy constructor (Guido Vranken)
|
|
a7211793 rpc: quantize db size up to 5 GB in restricted mode (moneromooo-monero)
|
|
e99b2b12 simplewallet: make the long payment ids warnigns more warney (moneromooo-monero)
|
|
8a97563a Use threadpool instead of new threads for DNS queries (Howard Chu)
|
|
4500236f wallet2: make use_fork_rules handle chain heights lower than leeway (moneromooo-monero)
|
|
0a6cb30d wallet: flush output cache upon reorg (moneromooo-monero)
|
|
23fb056a wallet_rpc_server: new auto_refresh RPC (moneromooo-monero)
|
|
4ee15655 wallet_rpc_server: fix buffer read overflow in string assignment (moneromooo-monero)
|
|
8fd7452b wallet: move light wallet RPC out of core RPC (moneromooo-monero)
|
|
a8b98a0b wallet: fix memory only wallets (moneromooo-monero)
|
|
2b10f22a mnemonics: fix half length seed to bytes conversion (moneromooo-monero)
|
|
77e9815d blockchain: do not try to pop the genesis block (moneromooo-monero)
|
|
328d291f wallet2: set seed language when creating from json (moneromooo-monero)
|
|
a52366c1 wallet2: fix generation from json when restore height is not set (moneromooo-monero)
|
|
39f000b3 miner: fix possible exit crash due to race in stop (moneromooo-monero)
|
|
ab6c3b1d tests: fix path in instructions (moneromooo-monero)
|
|
1d14b3f0 ringct: fix capitalization for scaler mult (fuwa)
|
|
91f4c7f4 Make difficulty 128 bit instead of 64 bit (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
Enhance debug info
|
|
New scheme key destination contrfol
Fix dummy decryption in debug mode
|
|
|
|
|
|
ef92620c socks: fix build with boost 1.70 (moneromooo-monero)
|
|
|
|
RSA_generate_key_ex
|
|
7acfa9f3 Added socks proxy (tor/i2pd/kovri) support to wallet (Lee Clagett)
|
|
There's half a dozen calls, and it's easy to miss some when
adding a new field.
|
|
|
|
|
|
|
|
|
|
|
|
The block 202612 fix can be left tested at the end, if we
already know we're not in the general case
|
|
This saves a duplicate serialization step
|
|
|
|
|
|
|
|
and return both in get_languages
|
|
at least when using restore_deterministic_wallet
|
|
|
|
|
|
The original intent of one false positive a week on average
was not met, since what we really want is not the probability
of having N blocks in T seconds, but either N blocks of fewer
in T seconds, or N blocks or more in T seconds.
Some of this could be cached since it calculates the same fairly
complex floating point values, but it seems pretty fast already.
|
|
It makes more sense than (uint64_t)-1, which is going to look
like very much confirmed when not checking in_pool
|
|
Based on Boolberry work by:
jahrsg <jahr@jahr.me>
cr.zoidberg <crypto.zoidberg@gmail.com>
|
|
|
|
|
|
cce948a5 simplewallet: add some missing spacing before uses data (moneromooo-monero)
|
|
6ef816de console_handler: print newline on EOF (moneromooo-monero)
|
|
f962449d wallet_rpc_server: include out subaddress indices in get_transfers (moneromooo-monero)
|
|
adf6d773 wallet: fix offline signing calling a daemon RPC (moneromooo-monero)
|
|
dc0c0c91 tests: disable wallet SSL init for tests involving wallet2 (moneromooo-monero)
|
|
be6f426a rpc: Allow submitting tx as hex blob over ZMQ (Nathan Dorfman)
|
|
223c6b07 dns_utils: really add default DNSSEC servers on failure (moneromooo-monero)
|
|
e9519e98 cryptonote: fix calculating coinbase tx hash (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
It allows one to connect to a running daemon or wallet, and use
its RPC API from python.
Usage: python -i console.py <port>
It will detect whether it's talking to a daemon or wallet and
initialize itself accordingly.
|
|
This will cause DNS requests, which will block and timeout
if there is really no network connectivity
|
|
|
|
|
|
|
|
These commands let one freeze outputs by key image, so they
do not appear in balance, nor are considered when creating
a transaction, etc
This is helpful when receiving an output from a suspected spy,
who might try to track your other outputs by seeing with what
other outputs it gets spent.
The frozen command may be used without parameters to list all
currently frozen outputs.
|
|
|
|
manual relay, transfer to integrated address, and a few negative
transfer tests
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also set error flag on exception when handling new txes
to keep tests working
|
|
it's been a while, only use ring_size now
|
|
|
|
b05f10f8 wallet2: sanity check new tx before sending (moneromooo-monero)
|
|
We generate and check tx proofs and verify the amounts in those
match what the original amounts were.
|
|
16590294 abstract_tcp_server2: fix crashy race on socket shutdown (moneromooo-monero)
|
|
2790d4d3 hardfork: update last_versions on popped block (moneromooo-monero)
|
|
5ade7281 Wallet API: multisig_tx_set passing bug fixed (naughtyfox)
|
|
576116d4 wallet: fix load failure if the mms isn't usable (moneromooo-monero)
|
|
22136256 Start monerod as non root user (Jean-Michel DILLY)
|
|
9141a0a1 connection_basic: remove debug exception ^_^ (moneromooo-monero)
|
|
4b21d38d blockchain: speed up getting N blocks weights/long term weights (moneromooo-monero)
|
|
7ac33342 slow-hash: cache TLS references locally once at function start (moneromooo-monero)
|
|
7632dede crypto: fix PaX issue on NetBSD with CNv4 JIT (moneromooo-monero)
89b1630e gtest: build fix for NetBSD (moneromooo-monero)
fa43b547 tests: handle any cmake detected python interpreter (moneromooo-monero)
|
|
a48e49aa aesb: avoid stomping on an existing define on NetBSD (moneromooo-monero)
|
|
3f6f90bb wallet2: do not use invalid keys as fake outs in rings (moneromooo-monero)
|
|
3907588b rpc: make fill_pow restricted (moneromooo-monero)
|
|
c6a70af8 wallet2: key image import fixes (moneromooo-monero)
|
|
efb2bdd3 slow-hash: default to JIT on x86_64 (moneromooo-monero)
|
|
c9b13fbb tests/trezor: HF9 and HF10 tests (Dusan Klinec)
a1fd1d49 device/trezor: HF10 support added, wallet::API (Dusan Klinec)
d74d26f2 crypto: hmac_keccak added (Dusan Klinec)
|
|
7ec4d2c3 SHALL -> MUST (Jesse Jackson)
|
|
5c79abe5 update readme to include blurb on decentralization (Gingeropolous)
|
|
0c7e7bce Adding classes, functions, and utilities for common LMDB operations. (Lee Clagett)
|
|
17769db9 epee: fix build with boost 1.70.0 (moneromooo-monero)
d6d6c46c cmake: handle detecting boost using boost's own cmake files (moneromooo-monero)
|
|
|
|
get_io_service was deprecated, and got removed
|
|
Its version looks like 1.70.1 rather than 107000, so detect range
to know which type we're seeing
|
|
|
|
Coverity 196597
|
|
Coverity 196596
|
|
- tests fixes for HF10, builder change, rct_config; fix_chain
- get_tx_key test
- proper testing after live refresh added
- live refresh synthetic test
- log available funds for easier test construction
- wallet::API tests with mocked daemon
|
|
- import only key images generated by cold signing process
- wallet_api: trezor methods added
- wallet: button request code added
- const added to methods
- wallet2::get_tx_key_device() tries to decrypt stored tx private keys using the device.
- simplewallet supports get_tx_key and get_tx_proof on hw device using the get_tx_key feature
- live refresh enables refresh with trezor i.e. computing key images on the fly. More convenient and efficient for users.
- device: has_ki_live_refresh added
- a thread is watching whether live refresh is being computed, if not for 30 seconds, it terminates the live refresh process - switches Trezor state
|
|
|
|
|
|
|
|
|
|
|
|
4921c794 cn_deserialize: remove some unused code (moneromooo-monero)
|
|
8b514645 add multisig tx sets to describe_transfer rpc endpoint (spoke0)
|
|
eef164f7 cryptonote_protocol_handler: search for syncing peers in "cruise mode" (moneromooo-monero)
|
|
9c4d403a dns_utils: use fallback if the default resolver does not support DNSSEC (moneromooo-monero)
|
|
a54e81e5 daemon: add '--no-sync' arg to optionally disable blockchain sync (xiphon)
|
|
f42263eb wallet: adds rescan_bc option with preserving key images (Dusan Klinec)
|
|
c8c154a2 tests: fix cnv4-jit-test link on mac (moneromooo-monero)
|
|
Manually initialize the array_entry_t iterator to ensure it points
to the correct m_array, thereby preventing a potential use-after-free
situation.
Signed-off-by: Guido Vranken <guidovranken@gmail.com>
|
|
|
|
We want people to really realize it's bad for *their* privacy.
|
|
1677fb06 unbound: update to get the redefinition fix (moneromooo-monero)
|
|
d0e07b3d performance_tests: fix NetBSD build (moneromooo-monero)
7d88d8f2 discontinue use of alloca (moneromooo-monero)
|
|
551104fb daemon: add --public-node mode, RPC port propagation over P2P (xiphon)
|
|
59478c80 daemon: new mining_status command (moneromooo-monero)
|
|
b674728d Better error when sending a tx with a too large extra field (moneromooo-monero)
|
|
8681f8ef OS X -> macOS (Jesse Jackson)
|
|
7c09882a dns_utils: remove MoneroPulse/checkpoints mention in TXT record code (moneromooo-monero)
|
|
bb2aed8e rpc: quantize db size up to 5 GB in restricted mode (moneromooo-monero)
|
|
8630a028 wallet: fix payment ID decryption for construction data (Dusan Klinec)
|
|
75e5aafd device/trezor: dummy payment ID fix (Dusan Klinec)
|
|
36451697 Simplify RPC endpoint, emoving second RPC endpoint generate_from_view_key (Joel)
c17c8188 Remove code duplication (Joel)
acb14c10 Add generate_from_view_key RPC method (Joel)
7dd7a3b7 Add generate_from_keys RPC method (Joel)
|
|
de32dcea Human readable message if maximum outputs reached (italocoin)
|
|
1f2930ce Update 2019 copyright (binaryFate)
|
|
|
|
|