aboutsummaryrefslogtreecommitdiff
path: root/contrib/epee/include/net (unfollow)
AgeCommit message (Collapse)AuthorFilesLines
2020-04-27trezor: adapt to new passphrase mechanismDusan Klinec2-0/+11
- choice where to enter passphrase is now made on the host - use wipeable string in the comm stack - wipe passphrase memory - protocol optimizations, prepare for new firmware version - minor fixes and improvements - tests fixes, HF12 support
2020-04-15Allow wallet2.h to run in WebAssemblywoodser2-152/+111
- Add abstract_http_client.h which http_client.h extends. - Replace simple_http_client with abstract_http_client in wallet2, message_store, message_transporter, and node_rpc_proxy. - Import and export wallet data in wallet2. - Use #if defined __EMSCRIPTEN__ directives to skip incompatible code.
2020-03-31p2p: fix frequent weak_ptr exception on connectionmoneromooo-monero1-1/+6
When a handshake fails, it can fail due to timeout or destroyed connection, in which case the connection will be, or already is, closed, and we don't want to do it twice. Additionally, when closing a connection directly from the top level code, ensure the connection is gone from the m_connects list so it won't be used again. AFAICT this is now clean in netstat, /proc/PID/fd and print_cn. This fixes a noisy (but harmless) exception.
2020-02-17remove empty statementsInterchained2-2/+2
Cleaning up a little around the code base.
2020-01-26epee: remove backward compatible endian specific address serializationmoneromooo-monero1-6/+2
2019-12-16abstract_tcp_server2: guard against negative timeoutsmoneromooo-monero1-5/+16
2019-11-25epee: reorder a couple init list fields to match declarationmoneromooo-monero1-1/+1
This is a bug waiting to happen
2019-11-15epee: set application/json MIME type on json errorsmoneromooo-monero1-0/+2
2019-11-11epee: close connection when the peer has done somoneromooo-monero1-1/+7
This fixes rapid reconnections failing as the peer hasn't yet worked out the other side is gone, and will reject "duplicate" connections until a timeout.
2019-10-22epee: use SO_REUSEADDR on non-Windows targetsxiphon1-2/+6
2019-10-18epee: fix SSL server handshake, run_one() can block, use poll_one()xiphon1-0/+1
2019-10-15levin: armour against some "should not happen" casemoneromooo-monero1-0/+5
If adding a response handler after the protocol is released, they could never be cancelled again, and would end up keeping a ref that never goes away
2019-10-14abstract_tcp_server2: move "Trying to connect" from error to debugmoneromooo-monero1-1/+1
and fix the message grammar
2019-10-02epee: tcp server - set SO_LINGER instead of SO_REUSEADDR optionxiphon1-4/+2
2019-09-27abstract_tcp_server2: log pointer, not contents, where appropriatemoneromooo-monero1-1/+1
2019-09-17epee: implement handshake timeout for SSL connectionsxiphon2-2/+6
2019-09-16epee: fix network timeouts in blocked_mode_clientxiphon1-1/+2
2019-09-12abstract_tcp_server2: fix lingering connectionsmoneromooo-monero1-0/+5
Resetting the timer after shutdown was initiated would keep a reference to the object inside ASIO, which would keep the connection alive until the timer timed out
2019-09-08depends: fix MacOS build with Clang 3.7.1Lee Clagett1-1/+1
2019-09-08epee: abstract_tcp_server2: resolve CID 203919 (DC.WEAK_CRYPTO)anonimal1-1/+13
The problem actually exists in two parts: 1. When sending chunks over a connection, if the queue size is greater than N, the seed is predictable across every monero node. >"If rand() is used before any calls to srand(), rand() behaves as if it was seeded with srand(1). Each time rand() is seeded with the same seed, it must produce the same sequence of values." 2. The CID speaks for itself: "'rand' should not be used for security-related applications, because linear congruential algorithms are too easy to break." *But* this is an area of contention. One could argue that a CSPRNG is warranted in order to fully mitigate any potential timing attacks based on crafting chunk responses. Others could argue that the existing LCG, or even an MTG, would suffice (if properly seeded). As a compromise, I've used an MTG with a full bit space. This should give a healthy balance of security and speed without relying on the existing crypto library (which I'm told might break on some systems since epee is not (shouldn't be) dependent upon the existing crypto library).
2019-09-04Fix IP address serialization on big endianmoneromooo-monero1-1/+15
IP addresses are stored in network byte order even on little endian hosts
2019-09-04epee: fix local/loopback checks on big endianmoneromooo-monero1-0/+7
IPv4 addresses are kept in network byte order in memory
2019-08-20fix feature not introduced until boost 1.66Jethro Grassie1-1/+1
2019-08-19epee: fix connections not being properly closed in some instancesmoneromooo-monero1-1/+1
Fixed by Fixed by crCr62U0
2019-07-31Add IPv6 supportThomas Winget6-64/+416
new cli options (RPC ones also apply to wallet): --p2p-bind-ipv6-address (default = "::") --p2p-bind-port-ipv6 (default same as ipv4 port for given nettype) --rpc-bind-ipv6-address (default = "::1") --p2p-use-ipv6 (default false) --rpc-use-ipv6 (default false) --p2p-require-ipv4 (default true, if ipv4 bind fails and this is true, will not continue even if ipv6 bind successful) --rpc-require-ipv4 (default true, description as above) ipv6 addresses are to be specified as "[xx:xx:xx::xx:xx]:port" except in the cases of the cli args for bind address. For those the square braces can be omitted.
2019-07-17Added support for "noise" over I1P/Tor to mask Tx transmission.Lee Clagett7-61/+158
2019-07-16Add ref-counted buffer byte_slice. Currently used for sending TCP data.Lee Clagett7-147/+89
2019-07-16allow blocking whole subnetsmoneromooo-monero2-2/+49
2019-06-19p2p: close the right number of connections on setting max in/out peersmoneromooo-monero1-0/+24
2019-06-16Bans for RPC connectionsHoward Chu2-2/+6
Make bans control RPC sessions too. And auto-ban some bad requests. Drops HTTP connections whenever response code is 500.
2019-06-14abstract_tcp_server2: improve DoS resistancemoneromooo-monero1-4/+5
2019-06-10epee: fix SSL autodetect on reconnectionxiphon1-6/+4
2019-06-09Fix GCC 9.1 build warningsmoneromooo-monero1-0/+5
GCC wants operator= aand copy ctor to be both defined, or neither
2019-05-22Add ssl_options support to monerod's rpc mode.Lee Clagett1-0/+38
2019-05-10abstract_tcp_server2: move some things out of a lockmoneromooo-monero1-4/+8
The lock is meant for the network throttle object only, and this should help coverity get unconfused
2019-05-10remove obsolete save_graph skeleton codemoneromooo-monero1-2/+0
2019-05-10net_utils: fix m_ssl type from time_t to boolmoneromooo-monero1-1/+1
2019-05-07net_ssl: SSL config tweaks for compatibility and securitymoneromooo-monero1-0/+3
add two RSA based ciphers for Windows/depends compatibility also enforce server cipher ordering also set ECDH to auto because vtnerd says it is good :) When built with the depends system, openssl does not include any cipher on the current whitelist, so add this one, which fixes the problem, and does seem sensible.
2019-04-26change SSL certificate fingerprint whitelisting from SHA1 to SHA-256moneromooo-monero1-0/+2
SHA1 is too close to bruteforceable
2019-04-23net_helper: clear recv buffer on eofmoneromooo-monero1-0/+1
2019-04-22levin_protocol_handler_async: tune down preallocation a fair bitmoneromooo-monero1-1/+1
It can allocate a lot when getting a lot of connections (in particular, the stress test on windows apparently pushes that memory to actual use, rather than just allocated)
2019-04-15wallet: new --offline optionmoneromooo-monero1-0/+12
It will avoid connecting to a daemon (so useful for cold signing using a RPC wallet), and not perform DNS queries.
2019-04-13net_helper: avoid unnecessary memcpymoneromooo-monero1-3/+4
2019-04-12abstract_tcp_server2: fix timeout on exitmoneromooo-monero2-2/+9
When closing connections due to exiting, the IO service is already gone, so the data exchange needed for a gracious SSL shutdown cannot happen. We just close the socket in that case.
2019-04-11epee: init a new ssl related variable in ctormoneromooo-monero1-0/+1
2019-04-11simplewallet: new net_stats commandmoneromooo-monero2-2/+30
displays total sent and received bytes
2019-04-07Enabling daemon-rpc SSL now requires non-system CA verificationLee Clagett1-0/+3
If `--daemon-ssl enabled` is set in the wallet, then a user certificate, fingerprint, or onion/i2p address must be provided.
2019-04-07Require manual override for user chain certificates.Lee Clagett1-1/+2
An override for the wallet to daemon connection is provided, but not for other SSL contexts. The intent is to prevent users from supplying a system CA as the "user" whitelisted certificate, which is less secure since the key is controlled by a third party.
2019-04-07Perform RFC 2818 hostname verification in client SSL handshakesLee Clagett2-2/+14
If the verification mode is `system_ca`, clients will now do hostname verification. Thus, only certificates from expected hostnames are allowed when SSL is enabled. This can be overridden by forcible setting the SSL mode to autodetect. Clients will also send the hostname even when `system_ca` is not being performed. This leaks possible metadata, but allows servers providing multiple hostnames to respond with the correct certificate. One example is cloudflare, which getmonero.org is currently using.
2019-04-07Require server verification when SSL is enabled.Lee Clagett1-0/+6
If SSL is "enabled" via command line without specifying a fingerprint or certificate, the system CA list is checked for server verification and _now_ fails the handshake if that check fails. This change was made to remain consistent with standard SSL/TLS client behavior. This can still be overridden by using the allow any certificate flag. If the SSL behavior is autodetect, the system CA list is still checked but a warning is logged if this fails. The stream is not rejected because a re-connect will be attempted - its better to have an unverified encrypted stream than an unverified + unencrypted stream.
2019-04-07Pass SSL arguments via one class and use shared_ptr instead of referenceLee Clagett7-111/+152
2019-04-06Change SSL certificate file list to OpenSSL builtin load_verify_locationLee Clagett6-23/+20
Specifying SSL certificates for peer verification does an exact match, making it a not-so-obvious alias for the fingerprints option. This changes the checks to OpenSSL which loads concatenated certificate(s) from a single file and does a certificate-authority (chain of trust) check instead. There is no drop in security - a compromised exact match fingerprint has the same worse case failure. There is increased security in allowing separate long-term CA key and short-term SSL server keys. This also removes loading of the system-default CA files if a custom CA file or certificate fingerprint is specified.
2019-03-25epee: some more minor JSON parsing speedupmoneromooo-monero1-3/+3
2019-03-25Added socks proxy (tor/i2pd/kovri) support to walletLee Clagett4-75/+79
2019-03-24New interactive daemon command 'print_net_stats': Global traffic statsrbrunner72-1/+5
2019-03-21epee: fix build with boost 1.70.0moneromooo-monero1-5/+11
get_io_service was deprecated, and got removed
2019-03-19abstract_tcp_server2: fix crashy race on socket shutdownmoneromooo-monero1-5/+6
2019-03-08Fix startup errors with SSL cert generationHoward Chu1-1/+0
Use SSL API directly, skip boost layer
2019-03-05Update 2019 copyrightbinaryFate4-4/+4
2019-03-05epee: add SSL supportMartijn Otto6-19/+24
RPC connections now have optional tranparent SSL. An optional private key and certificate file can be passed, using the --{rpc,daemon}-ssl-private-key and --{rpc,daemon}-ssl-certificate options. Those have as argument a path to a PEM format private private key and certificate, respectively. If not given, a temporary self signed certificate will be used. SSL can be enabled or disabled using --{rpc}-ssl, which accepts autodetect (default), disabled or enabled. Access can be restricted to particular certificates using the --rpc-ssl-allowed-certificates, which takes a list of paths to PEM encoded certificates. This can allow a wallet to connect to only the daemon they think they're connected to, by forcing SSL and listing the paths to the known good certificates. To generate long term certificates: openssl genrsa -out /tmp/KEY 4096 openssl req -new -key /tmp/KEY -out /tmp/REQ openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT /tmp/KEY is the private key, and /tmp/CERT is the certificate, both in PEM format. /tmp/REQ can be removed. Adjust the last command to set expiration date, etc, as needed. It doesn't make a whole lot of sense for monero anyway, since most servers will run with one time temporary self signed certificates anyway. SSL support is transparent, so all communication is done on the existing ports, with SSL autodetection. This means you can start using an SSL daemon now, but you should not enforce SSL yet or nothing will talk to you.
2019-03-04default initialize rpc structuresmoneromooo-monero1-0/+14
2019-02-18epee: Add space after ':' in additional http response headersTom Smeding1-1/+1
2019-02-10Use io_service::work in epee tcp serverLee Clagett2-6/+14
2019-02-02epee: add SSL supportmoneromooo-monero8-198/+539
RPC connections now have optional tranparent SSL. An optional private key and certificate file can be passed, using the --{rpc,daemon}-ssl-private-key and --{rpc,daemon}-ssl-certificate options. Those have as argument a path to a PEM format private private key and certificate, respectively. If not given, a temporary self signed certificate will be used. SSL can be enabled or disabled using --{rpc}-ssl, which accepts autodetect (default), disabled or enabled. Access can be restricted to particular certificates using the --rpc-ssl-allowed-certificates, which takes a list of paths to PEM encoded certificates. This can allow a wallet to connect to only the daemon they think they're connected to, by forcing SSL and listing the paths to the known good certificates. To generate long term certificates: openssl genrsa -out /tmp/KEY 4096 openssl req -new -key /tmp/KEY -out /tmp/REQ openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT /tmp/KEY is the private key, and /tmp/CERT is the certificate, both in PEM format. /tmp/REQ can be removed. Adjust the last command to set expiration date, etc, as needed. It doesn't make a whole lot of sense for monero anyway, since most servers will run with one time temporary self signed certificates anyway. SSL support is transparent, so all communication is done on the existing ports, with SSL autodetection. This means you can start using an SSL daemon now, but you should not enforce SSL yet or nothing will talk to you.
2019-02-01network_throttle: use circular_buffer where appropriatemoneromooo-monero1-1/+2
2019-01-30i2p: initial supportJethro Grassie1-1/+4
2019-01-28Adding initial support for broadcasting transactions over TorLee Clagett5-98/+267
- Support for ".onion" in --add-exclusive-node and --add-peer - Add --anonymizing-proxy for outbound Tor connections - Add --anonymous-inbounds for inbound Tor connections - Support for sharing ".onion" addresses over Tor connections - Support for broadcasting transactions received over RPC exclusively over Tor (else broadcast over public IP when Tor not enabled).
2019-01-28rpc: fix internal daemon calls in restricted rpc getting partial datamoneromooo-monero1-6/+6
2019-01-22Pruningmoneromooo-monero2-2/+10
The blockchain prunes seven eighths of prunable tx data. This saves about two thirds of the blockchain size, while keeping the node useful as a sync source for an eighth of the blockchain. No other data is currently pruned. There are three ways to prune a blockchain: - run monerod with --prune-blockchain - run "prune_blockchain" in the monerod console - run the monero-blockchain-prune utility The first two will prune in place. Due to how LMDB works, this will not reduce the blockchain size on disk. Instead, it will mark parts of the file as free, so that future data will use that free space, causing the file to not grow until free space grows scarce. The third way will create a second database, a pruned copy of the original one. Since this is a new file, this one will be smaller than the original one. Once the database is pruned, it will stay pruned as it syncs. That is, there is no need to use --prune-blockchain again, etc.
2018-12-23epee: better network buffer data structuremoneromooo-monero6-40/+97
avoids pointless allocs and memcpy
2018-12-04epee: fix network packet header field endiannessmoneromooo-monero4-53/+108
2018-12-04Changed RECIEVED to RECEIVED in log messages.Norman Moeschter2-2/+2
2018-11-15Removed a lot of unnecessary includesMartijn Otto4-18/+4
2018-11-07No longer use a list for registering self references in the abstract tcpMartijn Otto2-6/+10
server Updated assert message Use a local variable that won't destruct at the end of the if-branch Updated comment
2018-11-05epee: log HTTP/RPC calls at info levelmoneromooo-monero1-1/+6
It's useful info to have when investigating logs
2018-10-12Remove epee header dependency on cryptonote_coremoneromooo-monero2-6/+5
2018-10-02epee: initialize a few data members where it seems to be appropriatemoneromooo-monero1-1/+3
2018-10-02abstract_tcp_server2: move m_period to subclassmoneromooo-monero1-5/+6
This is where it is actually used, and initialized
2018-10-02connection_basic: remove unused floating time start timemoneromooo-monero1-3/+0
2018-09-29Merge pull request #4459Riccardo Spagni2-1/+8
bcf3f6af fuzz_tests: catch unhandled exceptions (moneromooo-monero) 3ebd05d4 miner: restore stream flags after changing them (moneromooo-monero) a093092e levin_protocol_handler_async: do not propagate exception through dtor (moneromooo-monero) 1eebb82b net_helper: do not propagate exceptions through dtor (moneromooo-monero) fb6a3630 miner: do not propagate exceptions through dtor (moneromooo-monero) 2e2139ff epee: do not propagate exception through dtor (moneromooo-monero) 0749a8bd db_lmdb: do not propagate exceptions in dtor (moneromooo-monero) 1b0afeeb wallet_rpc_server: exit cleanly on unhandled exceptions (moneromooo-monero) 418a9936 unit_tests: catch unhandled exceptions (moneromooo-monero) ea7f9543 threadpool: do not propagate exceptions through the dtor (moneromooo-monero) 6e855422 gen_multisig: nice exit on unhandled exception (moneromooo-monero) 53df2deb db_lmdb: catch error in mdb_stat calls during migration (moneromooo-monero) e67016dd blockchain_blackball: catch failure to commit db transaction (moneromooo-monero) 661439f4 mlog: don't remove old logs if we failed to rename the current file (moneromooo-monero) 5fdcda50 easylogging++: test for NULL before dereference (moneromooo-monero) 7ece1550 performance_test: fix bad last argument calling add_arg (moneromooo-monero) a085da32 unit_tests: add check for page size > 0 before dividing (moneromooo-monero) d8b1ec8b unit_tests: use std::shared_ptr to shut coverity up about leaks (moneromooo-monero) 02563bf4 simplewallet: top level exception catcher to print nicer messages (moneromooo-monero) c57a65b2 blockchain_blackball: fix shift range for 32 bit archs (moneromooo-monero)
2018-09-09abstract_tcp_server2: fix binding to the wrong IPmoneromooo-monero1-4/+4
2018-08-27epee: use the socket::bind variant which does not throwmoneromooo-monero1-2/+18
When this throws in a loop, stack trace generation can take a significant amount of CPU
2018-07-25epee: set jsonrpc to "2.0" in parse error return datamoneromooo-monero1-0/+1
2018-07-15abstract_tcp_server2: fix race on shutdownmoneromooo-monero2-1/+9
2018-07-03http_protocol_handler: fix HTTP/x.y parsingmoneromooo-monero1-1/+1
It was accepting any character for the dot (yeah, massive big I know)
2018-07-03http_protocol_handler: catch invalid numbers when parsingmoneromooo-monero1-4/+12
2018-06-29abstract_tcp_server2: fix use after freemoneromooo-monero1-2/+2
2018-06-18abstract_tcp_server2: restart async accept on errormoneromooo-monero1-4/+19
2018-06-13wallet-rpc: added IPs to error logging in simple_http_connection_handlerjcktm2-18/+18
2018-06-10epee: adaptive connection timeout systemmoneromooo-monero4-19/+75
a connection's timeout is halved for every extra connection from the same host. Also keep track of when we don't need to use a connection anymore, so we can close it and free the resource for another connection. Also use the longer timeout for non routable local addresses.
2018-06-09abstract_tcp_server2: fix busy calling of idle IO servicemoneromooo-monero1-2/+4
This would make monerod use 100% CPU when running with torsocks without Tor running
2018-06-01epee: fix detection of 172.16.0.0/172.31.255.255 local IP rangemoneromooo-monero1-1/+1
2018-05-27http_protocol_handler: limit the number of starting newlinesmoneromooo-monero3-1/+12
2018-05-26abstract_tcp_server2: timeout on RPC connectionsmoneromooo-monero2-1/+68
2018-05-26http_protocol_handler: speedup newline discardingmoneromooo-monero1-2/+5
2018-04-19epee: Drop deprecated Boost.Thread headerJan Beich1-1/+2
In file included from src/cryptonote_basic/hardfork.cpp:33: In file included from src/blockchain_db/blockchain_db.h:42: In file included from src/cryptonote_basic/hardfork.h:31: contrib/epee/include/syncobj.h:37:10: fatal error: 'boost/thread/v2/thread.hpp' file not found #include <boost/thread/v2/thread.hpp> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from src/rpc/daemon_handler.cpp:29: In file included from src/rpc/daemon_handler.h:36: In file included from src/p2p/net_node.h:41: In file included from contrib/epee/include/net/levin_server_cp2.h:32: In file included from contrib/epee/include/net/abstract_tcp_server2.h:324: contrib/epee/include/net/abstract_tcp_server2.inl:44:10: fatal error: 'boost/thread/v2/thread.hpp' file not found #include <boost/thread/v2/thread.hpp> // TODO ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ contrib/epee/include/math_helper.h: In member function 'bool epee::math_helper::average<val, default_base>::set_base()': contrib/epee/include/syncobj.h:227:56: error: 'sleep_for' is not a member of 'boost::this_thread' #define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x) ^ contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL' #define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x) ^~~~~~~~~ contrib/epee/include/syncobj.h:227:56: note: suggested alternative: 'sleep' #define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x) ^ contrib/epee/include/syncobj.h:227:56: note: in definition of macro 'CRITICAL_REGION_LOCAL' #define CRITICAL_REGION_LOCAL(x) {boost::this_thread::sleep_for(boost::chrono::milliseconds(epee::debug::g_test_dbg_lock_sleep()));} epee::critical_region_t<decltype(x)> critical_region_var(x) ^~~~~~~~~
2018-03-15Fix typos in various filesDimitris Apostolou2-2/+2
2018-02-11Fix #602 Turn on socket keepaliveHoward Chu1-0/+3
2018-02-02pass large parameters by const ref, not valuemoneromooo-monero3-10/+10
Coverity 136394 136397 136409 136526 136529 136533 175302
2018-01-29Allow the number of incoming connections to be limitedErik de Castro Lopo1-33/+45
It was already possible to limit outgoing connections. One might want to do this on home network connections with high bandwidth but low usage caps.
2018-01-26Update 2018 copyrightxmr-eric4-4/+4
2018-01-26levin_protocol_handler_async: erase from back of vector instead of frontstoffu1-1/+1
2018-01-10epee: remove dependency on commonmoneromooo-monero4-7/+9
2017-12-23http_client: rewrite header parsing manually for speedmoneromooo-monero1-74/+95
boost::regex is stupendously atrocious at parsing malformed data
2017-12-23tests: add http client fuzz testmoneromooo-monero1-3/+14
2017-12-18network_throttle: remove unused xxx static membermoneromooo-monero1-2/+0
2017-12-18abstract_tcp_server2: log init_server errors as fatalmoneromooo-monero1-1/+11
so they show up by default
2017-12-18net_parse_helpers: fix regex error checkingmoneromooo-monero1-2/+2
2017-12-18add empty container sanity checks when using front() and back()moneromooo-monero1-1/+1
2017-12-18epee: trap failure to parse URI from requestmoneromooo-monero1-1/+6
2017-12-16move connection_basic and network_throttle from src/p2p to epeemoneromooo-monero4-2/+444
These even had the epee namespace. This fixes some ugly circular dependencies.
2017-12-16move includes around to lessen overall loadmoneromooo-monero5-42/+11
2017-12-15levin_protocol_handler_async: another attempt at fixing at exceptionmoneromooo-monero1-3/+12
2017-12-15Revert "epee: keep a ref to a connection we're deleting"moneromooo-monero1-8/+2
This reverts commit f2939bdce8c86b0f96921f731184c361106390c8.
2017-12-15levin_protocol_handler_async: add missing response handler lockingmoneromooo-monero1-5/+9
2017-12-11levin_protocol_handler_async: call handler destroy function on dtormoneromooo-monero1-0/+1
2017-12-09net_utils_base: fix peer list parsingmoneromooo-monero1-3/+25
Fields are written with their "name" as key, and that name changed.
2017-11-28Corrections in rate limiting / trottle code, especially in 'out' directionrbrunner71-5/+4
Deleted 3 out of 4 calls to method connection_basic::sleep_before_packet that were erroneous / superfluous, which enabled the elimination of a "fudge" factor of 2.1 in connection_basic::set_rate_up_limit; also ended the multiplying of limit values and numbers of bytes transferred by 1024 before handing them over to the global throttle objects
2017-11-27new wipeable_string class to replace std::string passphrasesmoneromooo-monero1-3/+3
2017-11-16RPC: CORS add Access-Control-Allow-Headers to OPTIONS preflightTim L1-0/+3
2017-11-14remove "using namespace std" from headersmoneromooo-monero1-2/+0
It's nasty, and actually breaks on Solaris, where if.h fails to build due to: struct map *if_memmap;
2017-11-07RPC: get_info add rpc_connections_countTim L2-0/+11
2017-11-03Fix file permission issueTim L6-0/+0
This branch fixes a file permission issue introduced by https://github.com/monero-project/monero/commit/69c37200aa87f100f731e755bdca7a0dc6ae820a
2017-10-30RPC Add cross origin resource sharing supportTim L6-17/+60
2017-10-20net_helper: fix massive slowdown after SSL supportmoneromooo-monero1-5/+5
2017-10-17epee: use boost type for SSL error coderedfish1-1/+9
Fixes compile error when building with OpenSSL v1.1: contrib/epee/include/net/net_helper.h: In member function ‘void epee::net_utils::blocked_mode_client::shutdown_ssl()’: contrib/epee/include/net/net_helper.h:579:106: error: ‘SSL_R_SHORT_READ’ was not declared in this scope if (ec.category() == boost::asio::error::get_ssl_category() && ec.value() != ERR_PACK(ERR_LIB_SSL, 0, SSL_R_SHORT_READ)) ^ contrib/epee/include/net/net_helper.h:579:106: note: suggested alternative: ‘SSL_F_SSL_READ’ See boost/asio/ssl/error.hpp. Boost handles differences between OpenSSL versions. cmake: fail if Boost is too old for OpenSSL v1.1
2017-10-15epee http_client SSL supportJaquee2-45/+107
2017-10-09Fix an object lifetime bug in net load testsmoneromooo-monero4-5/+26
The commands handler must not be destroyed before the config object, or we'll be accessing freed memory. An earlier attempt at using boost::shared_ptr to control object lifetime turned out to be very invasive, though would be a better solution in theory.
2017-10-07frob level 1 logs a bit for consistencymoneromooo-monero1-2/+2
Level 1 logs map to INFO, so setting log level to 1 should show these. Demote some stuff to DEBUG to avoid spam, though.
2017-10-05Upgrades to epee::net_utils::network_addressLee Clagett2-71/+127
- internal nullptr checks - prevent modifications to network_address (shallow copy issues) - automagically works with any type containing interface functions - removed fnv1a hashing - ipv4_network_address now flattened with no base class
2017-09-25http_base: init size_t in http_request_info ctormoneromooo-monero1-1/+2
CID 161879
2017-09-19epee: keep a ref to a connection we're deletingmoneromooo-monero1-2/+8
close might end up dropping a ref, ending up removing the connection from m_connects, as the lock is recursive. This'd cause an out of bounds exception and kill the idle connection maker thread
2017-09-18epee: give virtual dtor to network_address_basemoneromooo-monero1-0/+3
It has virtual functions and is used as a base class
2017-08-22http_client: add getters for host and portmoneromooo-monero1-0/+3
2017-08-16abstract_tcp_server2: improve tracking/cancelling of early connectionsmoneromooo-monero2-22/+15
We don't actually need to keep them past the call to start, as this adds them to the config object list, and so they'll then be cancelled already when the stop signal arrives. This allows removing the periodic call to cleanup connections.
2017-08-07cryptonote_protocol_handler: sync speedupmoneromooo-monero1-0/+14
A block queue is now placed between block download and block processing. Blocks are now requested only from one peer (unless starved). Includes a new sync_info coommand.
2017-08-01p2p: move m_in_timedsync from connection_context to p2p_connection_contextmoneromooo-monero1-3/+0
It's got no place in the base class as it's P2P specific field
2017-07-05epee: don't send the body of the response to a HEAD HTTP requestGuillaume LE VAILLANT1-1/+1
According to the HTTP spec: "The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response".
2017-07-05Fix spelling errorsErik de Castro Lopo5-8/+8
2017-07-01Fix issue #2119 SEGVHoward Chu1-15/+20
Due to bad refactoring in PR #2073. timeout_handler() doesn't work as a virtual function.
2017-06-28abstract_tcp_server2: guard against accessing lock on a destroyed objectmoneromooo-monero1-3/+3
2017-06-28Remove typeid use in network_addressmoneromooo-monero1-3/+2
Since I had to add an ID to the derived classes anyway, this can be used instead. This removes an apparently pointless warning from CLANG too.
2017-06-19net_utils_base: added missing template keywordkenshi841-1/+1
2017-06-15Don't issue a new timedsync while one is already in progressHoward Chu1-0/+3
A timedsync is issued every minute on a connection, but the input tineout is 2 minutes. This means a new sync request could be issued while a slow sync request was already in progress. The additional request will further clog the network on a slow connection, and cause a premature timeout.
2017-06-15Don't timeout a slow operation that's making progressHoward Chu1-9/+46
If we got at least MIN_BYTES_WANTED (default 512) during any network poll, reset the timeout to allow more time for data to arrive.
2017-05-27abstracted nework addressesmoneromooo-monero7-25/+121
All code which was using ip and port now uses a new IPv4 object, subclass of a new network_address class. This will allow easy addition of I2P addresses later (and also IPv6, etc). Both old style and new style peer lists are now sent in the P2P protocol, which is inefficient but allows peers using both codebases to talk to each other. This will be removed in the future. No other subclasses than IPv4 exist yet.
2017-03-18Removed boost/asio.hpp include from epee/string_tools.hLee Clagett2-0/+2
2017-03-05http_client: allow cancelling a downloadmoneromooo-monero1-2/+10
2017-03-05http_client: allow derived class to get headers at startmoneromooo-monero1-0/+11
2017-02-21http_server_impl_base: set bind message to MGINFOanonimal1-1/+1
2017-02-21update copyright year, fix occasional lack of newline at line endRiccardo Spagni1-1/+1
2017-02-20http_client: add a couple constsmoneromooo-monero1-2/+2
2017-02-12epee: fix some log macros not printing context nicelymoneromooo-monero1-5/+5
2017-02-06Add server auth to monerod, and client auth to wallet-cli and wallet-rpcLee Clagett5-41/+78
2017-01-25Updates to epee HTTP client codeLee Clagett3-183/+63
- http_simple_client now uses std::chrono for timeouts - http_simple_client accepts timeouts per connect / invoke call - shortened names of epee http invoke functions - invoke command functions only take relative path, connection is not automatically performed
2017-01-16Change logging to easylogging++moneromooo-monero25-117/+174
This replaces the epee and data_loggers logging systems with a single one, and also adds filename:line and explicit severity levels. Categories may be defined, and logging severity set by category (or set of categories). epee style 0-4 log level maps to a sensible severity configuration. Log files now also rotate when reaching 100 MB. To select which logs to output, use the MONERO_LOGS environment variable, with a comma separated list of categories (globs are supported), with their requested severity level after a colon. If a log matches more than one such setting, the last one in the configuration string applies. A few examples: This one is (mostly) silent, only outputting fatal errors: MONERO_LOGS=*:FATAL This one is very verbose: MONERO_LOGS=*:TRACE This one is totally silent (logwise): MONERO_LOGS="" This one outputs all errors and warnings, except for the "verify" category, which prints just fatal errors (the verify category is used for logs about incoming transactions and blocks, and it is expected that some/many will fail to verify, hence we don't want the spam): MONERO_LOGS=*:WARNING,verify:FATAL Log levels are, in decreasing order of priority: FATAL, ERROR, WARNING, INFO, DEBUG, TRACE Subcategories may be added using prefixes and globs. This example will output net.p2p logs at the TRACE level, but all other net* logs only at INFO: MONERO_LOGS=*:ERROR,net*:INFO,net.p2p:TRACE Logs which are intended for the user (which Monero was using a lot through epee, but really isn't a nice way to go things) should use the "global" category. There are a few helper macros for using this category, eg: MGINFO("this shows up by default") or MGINFO_RED("this is red"), to try to keep a similar look and feel for now. Existing epee log macros still exist, and map to the new log levels, but since they're used as a "user facing" UI element as much as a logging system, they often don't map well to log severities (ie, a log level 0 log may be an error, or may be something we want the user to see, such as an important info). In those cases, I tried to use the new macros. In other cases, I left the existing macros in. When modifying logs, it is probably best to switch to the new macros with explicit levels. The --log-level options and set_log commands now also accept category settings, in addition to the epee style log levels.
2017-01-11Added (not yet enabled) HTTP client authenticationLee Clagett3-22/+101
2016-12-30Workarounds for gcc 4.8Lee Clagett1-3/+10
2016-12-13Adding HTTP Digest Auth (but not yet enabled)Lee Clagett4-6/+103
2016-12-04Spelling in errorstaushet1-1/+1
2016-11-28epee: add functions to convert from URL format (ie, %XX values)moneromooo-monero1-0/+30
2016-11-28epee: signal cond var before unlockingmoneromooo-monero1-1/+1
This is more canonical, and avoids some helgrind spam
2016-11-23Fix DNS failures in offline mode preventing daemon startupmoneromooo-monero1-3/+3
2016-11-12levin: fix wrong value passed as return code to remote callmoneromooo-monero1-1/+1
When receiving an answer packet, the command code was passed to the callback instead of the error code. This was hiding the "command not found" failure from the peer, and in turn causing the code to attempt to deserialize a non existent reply string.
2016-10-03Removed all code related to fast_exitNanoAkron2-14/+1
2016-09-18epee: optionally restrict HTTP service to a configurable user agentmoneromooo-monero5-12/+31
This is intended to catch traffic coming from a web browser, so we avoid issues with a web page sending a transfer RPC to the wallet. Requiring a particular user agent can act as a simple password scheme, while we wait for 0MQ and proper authentication to be merged.
2016-09-01epee: do not try network resolution if loopback workedmoneromooo-monero1-1/+1
Fixes the wallet being unable to connect to the daemon when there is no NIC.
2016-06-22contrib: epee: add missing noexcept spec to class declredfish1-1/+1
The noexcept specs were added to make GCC 6.1.1 happy (#846), but this one was missing (because GCC did not complain about it on Linux, but does complain on OSX).
2016-05-18contrib: epee: add exception spec to throwing destructorsredfish2-2/+2
The destructors get a noexcept(true) spec by default, but these destructors in fact throw exceptions. An alternative fix might be to not throw (most if not all of these throws are non-essential error-reporting/logging).
2016-05-14Don't allow 'flush_txpool' and 'setbans' JSON_RPC methods when running in ↵osensei1-2/+4
restricted mode.
2016-04-17abstract_tcp_server2: fix send queue limit warning spammoneromooo-monero1-1/+1
When the send queue limit is reached, it is likely to not drain any time soon. If we call close on the connection, it will stay alive, waiting for the queue to drain before actually closing, and will hit that check again and again. Since the queue size limit is the reason we're closing in the first place, we call shutdown directly.
2016-04-17abstract_tcp_server2: avoid deadlock waiting for send queue to drainmoneromooo-monero1-2/+5
If we reach the send queue size limit, we need to release the lock, or we will deadlock and it will never drain. If we reach that limit, it's likely there's another problem in the first place though, so it will probably not drain in practice either, unless some kind of transient network timeout.
2016-03-27abstract_tcp_server2: possible fix for exception in handle_acceptmoneromooo-monero1-4/+17
2016-03-21Revert "Print stack trace upon exceptions"moneromooo-monero1-1/+1
Ain't nobody got time for link/cmake skullduggery. This reverts commit fff238ec94ac6d45fc18c315d7bc590ddfaad63d.
2016-03-20epee: fix potential hang on exitmoneromooo-monero1-0/+8
Also close sockets on failure, just in case
2016-03-19Print stack trace upon exceptionsmoneromooo-monero1-1/+1
Useful for debugging users' logs
2016-03-12epee: fix bug deleting more than one connection at oncemoneromooo-monero1-0/+1
2016-03-11Use boost::thread instead of std::threadHoward Chu2-5/+5
and all other associated IPC
2016-02-18Fix crash in std::map for connections_mapHoward Chu1-1/+2
Use boost::unordered_map instead.
2016-02-13epee: always call the PRNG through the locked APImoneromooo-monero1-1/+1
2016-01-30epee: use generate_random_bytes for new random uuidsmoneromooo-monero1-1/+6
Instead of using boost::uuids::generate_random, which uses uninitialized stuff *on purpose*, just to annoy people who use valgrind
2016-01-27more typos fixedHenning Kopp1-1/+1
2016-01-25more typos fixedHenning Kopp1-1/+1
2016-01-02IP_TOS not supported before Windows7Howard Chu1-1/+4
2015-12-23epee: regularly cleanup connections we kept a reference tomoneromooo-monero2-4/+23
Since connections from the ::connect method are now kept in a deque to be able to cancel them on exit, this leaks both memory and a file descriptor. Here, we clean those up after 30 seconds, to avoid this. 30 seconds is higher then the 5 second timeout used in the async code, so this should be safe. However, this is an assumption which would break if that async code was to start relying on longer timeouts.
2015-12-22epee: fix hang on exitmoneromooo-monero2-1/+25
When the boost ioservice is stopped, pending work notifications will not happen. This includes deadline timers, which would otherwise time out the now cancelled I/O operations. When this happens just after starting a new connect operation, this can leave that operations in a state where it won't receive either the completion notification nor a timeout, causing a hang. This is fixed by keeping a list of connections corresponding to the connect operations, and cancelling them before stopping the boost ioservice. Note that the list of these connections can grow unbounded, as they're never cleaned up. Cleaning them up would involve working out which connections do not have any pending work, and it's not quite clear yet how to go about this.
2015-11-27core_rpc_server: add a --restricted-rpc optionmoneromooo-monero1-2/+4
It does not expose the RPC for commands like start_mining, etc (ie, commands a public node operator might want to be restricted)
2015-11-23Add IP blocking for misbehaving nodes (adapted from Boolberry)Javier Smooth1-3/+1
With minor cleanup and fixes (spelling, indent) by moneromooo
2015-04-10[fix] log level change. compilation: dns, testsrfree2monero1-2/+2
old unbound #warning does not block compilation unit tests build fine. Even though the RPC/P2P network type is required again
2015-04-08[fix] Network 1.8: unlimited the RPC connectionsrfree2monero3-59/+112
works for unit tests build, too
2015-04-01[fix] mac os x includes std::random...rfree2monero1-0/+4
2015-04-01remerged; commands JSON. logging upgrade. doxygenrfree2monero1-1/+0
2015-03-27Restore daemon interactive modeThomas Winget1-4/+4
Daemon interactive mode is now working again. RPC mapped calls in daemon and wallet have both had connection_context removed as an argument as that argument was not being used anywhere.
2015-02-202014 network limit 1.2 +utils +toc -doc -drmonerorfree2monero1-11/+10
new update of the pr with network limits more debug options: discarding downloaded blocks all or after given height. trying to trigger the locking errors. debug levels polished/tuned to sane values. debug/logging improved. warning: this pr should be correct code, but it could make an existing (in master version) locking error appear more often. it's a race on the list (map) of peers, e.g. between closing/deleting them versus working on them in net-limit sleep in sending chunk. the bug is not in this code/this pr, but in the master version. the locking problem of master will be fixed in other pr. problem is ub, and in practice is seems to usually cause program abort (tested on debian stable with updated gcc). see --help for option to add sleep to trigger the error faster.
2015-02-20fixed size_t on windowsrfree2monero1-2/+8
thought it was already fixed, apparently commit got lost somewhere
2015-02-202014 network limit 1.1 +utils +toc -doc -drmonerorfree2monero4-14/+99
Update of the PR with network limits works very well for all speeds (but remember that low download speed can stop upload because we then slow down downloading of blockchain requests too) more debug options fixed pedantic warnings in our code should work again on Mac OS X and FreeBSD fixed warning about size_t tested on Debian, Ubuntu, Windows(testing now) TCP options and ToS (QoS) flag FIXED peer number limit FIXED some spikes in ingress/download FIXED problems when other up and down limit
2015-02-202014 network limit 1.0a +utils +toc -doc -drmonerorfree2monero3-127/+336
commands and options for network limiting works very well e.g. for 50 KiB/sec up and down ToS (QoS) flag peer number limit TODO some spikes in ingress/download TODO problems when other up and down limit added "otshell utils" - simple logging (with colors, text files channels)
2015-01-02year updated in licenseRiccardo Spagni15-15/+15
2014-10-02forgot to add connection context to log lineRiccardo Spagni1-1/+1
2014-10-02moved non-critical p2p errors to l2Riccardo Spagni2-2/+2