Age | Commit message (Collapse) | Author | Files | Lines |
|
f3b65c6 Request a thread stack size that is large enough for unbound (omartijn)
|
|
2a7d915 Fixed i2p/tor tx flooding bug (white noise disabled) (vtnerd)
|
|
Unbound uses a 64 kb large character array on the stack, which
leads to a stack overflow for some libc implementations. musl
only gives 80 kb in total. This PR changes the stack size for
these threads to 1mb, which solves the segmentation fault.
|
|
|
|
cae488d p2p: reject incoming connections to self (moneromooo-monero)
|
|
e353e3d p2p: sanitize peer lists (moneromooo-monero)
|
|
2e26536 p2p: move log away from global (moneromooo-monero)
|
|
IP addresses are stored in network byte order even on little
endian hosts
|
|
|
|
Also remove the delta time fixup, since we now ignore those
as they're attacker controlled
|
|
It was here while debugging, and I forgot to move it away
|
|
fd60d05 daemon: fix print_pl only printing public zone peers (moneromooo-monero)
|
|
|
|
7b9a420 Replace std::random_shuffle with std::shuffle (tomsmeding)
|
|
3768db2 p2p: add a reference to Cao, Tong et al. for the last_seen changes (moneromooo-monero)
|
|
fcbf7b3 p2p: propagate out peers limit to payload handler (moneromooo-monero)
098aadf p2p: close the right number of connections on setting max in/out peers (moneromooo-monero)
|
|
According to [1], std::random_shuffle is deprecated in C++14 and removed
in C++17. Since std::shuffle is available since C++11 as a replacement
and monero already requires C++11, this is a good replacement.
A cryptographically secure random number generator is used in all cases
to prevent people from perhaps copying an insecure std::shuffle call
over to a place where a secure one would be warranted. A form of
defense-in-depth.
[1]: https://en.cppreference.com/w/cpp/algorithm/random_shuffle
|
|
new cli options (RPC ones also apply to wallet):
--p2p-bind-ipv6-address (default = "::")
--p2p-bind-port-ipv6 (default same as ipv4 port for given nettype)
--rpc-bind-ipv6-address (default = "::1")
--p2p-use-ipv6 (default false)
--rpc-use-ipv6 (default false)
--p2p-require-ipv4 (default true, if ipv4 bind fails and this is
true, will not continue even if ipv6 bind
successful)
--rpc-require-ipv4 (default true, description as above)
ipv6 addresses are to be specified as "[xx:xx:xx::xx:xx]:port" except
in the cases of the cli args for bind address. For those the square
braces can be omitted.
|
|
|
|
068fa1c p2p: delay IGP probing on startup (moneromooo-monero)
|
|
fcfcc3a rpc: in/out peers can now return the setting's value (moneromooo-monero)
|
|
6abaaaa remove obsolete save_graph skeleton code (moneromooo-monero)
|
|
515ac29 p2p: store network address directly in blocked host list (moneromooo-monero)
65c4004 allow blocking whole subnets (moneromooo-monero)
|
|
a96c1a46 cryptonote_protocol: drop peers we can't download from when syncing (moneromooo-monero)
ab361df2 p2p: add a few missing connection close calls (moneromooo-monero)
|
|
|
|
|
|
rather than their string representation
|
|
|
|
|
|
Older nodes don't pass that information around
|
|
"Exploring the Monero Peer-to-Peer Network". https://eprint.iacr.org/2019/411
|
|
|
|
|
|
|
|
We might have external access without having to do this
|
|
|
|
|
|
This can be used for fingerprinting and working out the
network topology.
Instead of sending the first N (which are sorted by last
seen time), we sent a random subset of the first N+N/5,
which ensures reasonably recent peers are used, while
preventing repeated calls from deducing new entries are
peers the target node just connected to.
The list is also randomly shuffled so the original set of
timestamps cannot be approximated.
|
|
58585986 p2p: fix integer overflow in host bans (moneromooo-monero)
|
|
|
|
|
|
19f8089f p2p: don't lookup seed nodes when offline (moneromooo-monero)
|
|
This will cause DNS requests, which will block and timeout
if there is really no network connectivity
|
|
|
|
a54e81e5 daemon: add '--no-sync' arg to optionally disable blockchain sync (xiphon)
|
|
551104fb daemon: add --public-node mode, RPC port propagation over P2P (xiphon)
|
|
|
|
|
|
|
|
123fc2a2 i2p: initial support (Jethro Grassie)
|
|
|
|
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
- Support for ".onion" in --add-exclusive-node and --add-peer
- Add --anonymizing-proxy for outbound Tor connections
- Add --anonymous-inbounds for inbound Tor connections
- Support for sharing ".onion" addresses over Tor connections
- Support for broadcasting transactions received over RPC exclusively
over Tor (else broadcast over public IP when Tor not enabled).
|
|
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.
No other data is currently pruned.
There are three ways to prune a blockchain:
- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility
The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.
The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.
Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
|
|
d1b3990d p2p: don't stop the idle thread when no gray peers are found (moneromooo-monero)
|
|
a5ffc2d5 Remove boost::lexical_cast for uuid and unused uuid function (Lee Clagett)
|
|
85665003 epee: better network buffer data structure (moneromooo-monero)
|
|
|
|
avoids pointless allocs and memcpy
|
|
|
|
|
|
bd98e99c Removed a lot of unnecessary includes (Martijn Otto)
|
|
03fc731b p2p: less frequent incoming connections check (moneromooo-monero)
14a5c206 p2p: tone down "no incoming connections" warning to info if in peers is 0 (moneromooo-monero)
|
|
|
|
|
|
Also add an info if not offline, since it weakens the network
|
|
|
|
2d48861d p2p: only deinitialize what's been initialized in offline mode (moneromooo-monero)
|
|
|
|
as per the source documentation
|
|
76d6d832 Revert "p2p: connect via the bound ip, if any" (moneromooo-monero)
|
|
This reverts commit 909398efc79cb1fa92e330e9a50a316ca5858953.
It looks like it's causing trouble with tor on some setups
|
|
|
|
909398e p2p: connect via the bound ip, if any (moneromooo-monero)
|
|
438d52d remove epee from link lines where it's redundant (moneromooo-monero)
|
|
149da42 db_lmdb: enable batch transactions by default (stoffu)
34cb6b4 add --regtest and --fixed-difficulty for regression testing (vicsn)
9e1403e update get_info RPC and bump RPC version (vicsn)
207b66e first new functional tests (vicsn)
|
|
|
|
on_generateblocks RPC call combines functionality from the on_getblocktemplate and on_submitblock RPC calls to allow rapid block creation. Difficulty is set permanently to 1 for regtest.
Makes use of FAKECHAIN network type, but takes hard fork heights from mainchain
Default reserve_size in generate_blocks RPC call is now 1. If it is 0, the following error occurs 'Failed to calculate offset for'.
Queries hard fork heights info of other network types
|
|
For some reason, this confuses and kills ASAN on startup
as it thinks const uint8_t ipv4_network_address::ID is
defined multiple times.
|
|
08b85a8 cryptonote_config: add get_config to refactor x = testnet ? config::testnet::X : stagenet ? config::stagenet::X : config::X (stoffu)
0cf80ba net_node: resolve host for node addresses given via command line flags (stoffu)
|
|
de1ffe0 p2p: warn when no incoming connections are seen for a while (moneromooo-monero)
|
|
|
|
config::testnet::X : stagenet ? config::stagenet::X : config::X
|
|
|
|
Those were added to the seed nodes list even when they had already
been added. Moreover, the current index was not reset after they
were added, typically causing previous seeds to be used, and some
of those fallback seeds to not be tried.
|
|
|
|
(cherry picked from commit a7366b5feeffaeb65b217b2d6f138e0ab1c90192)
|
|
(cherry picked from commit b16a282f97d8f6c967e8a0b1ecfd75110f095182)
|
|
11c933e1 fix lambda compile error on openbsd (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
1d28c0d8 p2p: restore m_testnet assignment lost during rebase (whythat)
|
|
|
|
|
|
|
|
|
|
eda9fb5b p2p: fix testnet/mainnet port mixup (moneromooo-monero)
|
|
e4646379 keccak: fix mdlen bounds sanity checking (moneromooo-monero)
2e3e90ac pass large parameters by const ref, not value (moneromooo-monero)
61defd89 blockchain: sanity check number of precomputed hash of hash blocks (moneromooo-monero)
9af6b2d1 ringct: fix infinite loop in unused h2b function (moneromooo-monero)
8cea8d0c simplewallet: double check a new multisig wallet is multisig (moneromooo-monero)
9b98a6ac threadpool: catch exceptions in dtor, to avoid terminate (moneromooo-monero)
24803ed9 blockchain_export: fix buffer overflow in exporter (moneromooo-monero)
f3f7da62 perf_timer: rewrite to make it clear there is no division by zero (moneromooo-monero)
c6ea3df0 performance_tests: remove add_arg call stray extra param (moneromooo-monero)
fa6b4566 fuzz_tests: fix an uninitialized var in setup (moneromooo-monero)
03887f11 keccak: fix sanity check bounds test (moneromooo-monero)
ad11db91 blockchain_db: initialize m_open in base class ctor (moneromooo-monero)
bece67f9 miner: restore std::cout precision after modification (moneromooo-monero)
1aabd14c db_lmdb: check hard fork info drop succeeded (moneromooo-monero)
|
|
2e584dcb p2p: do not try to connect to peers in offline mode (moneromooo-monero)
|
|
Coverity 136394 136397 136409 136526 136529 136533 175302
|
|
|
|
It was already possible to limit outgoing connections. One might want
to do this on home network connections with high bandwidth but low
usage caps.
|
|
This rename is needed so that delete_in_connections can be added.
|
|
This is needed so that a max_in_connection_count can be added.
|
|
|
|
fd1dfac5 p2p: don't lookup seed IPs if using an exclusive peer (moneromooo-monero)
b50182ae p2p: don't connect to seeds if using an exclusive peer (moneromooo-monero)
|
|
|
|
|
|
|
|
|
|
|
|
d28c388f p2p: stop net server before closing starting connections (moneromooo-monero)
|
|
|
|
43f5269f Wallets now do not depend on the daemon rpc lib (moneromooo-monero)
bb89ae8b move connection_basic and network_throttle from src/p2p to epee (moneromooo-monero)
4abf25f3 cryptonote_core does not depend on p2p anymore (moneromooo-monero)
|
|
These even had the epee namespace.
This fixes some ugly circular dependencies.
|
|
As a followon side effect, this makes a lot of inline code
included only in particular cpp files (and instanciated
when necessary.
|
|
|
|
abebe392 rpc: add offline state in info rpc (moneromooo-monero)
7696e849 core: make --offline also disable DNS lookups (moneromooo-monero)
|
|
This fixes a hang on exit due to race where a connection adds
itself to the server after the starting connections are closed,
but before the net server marks itself as stopped.
|
|
|
|
Deleted 3 out of 4 calls to method connection_basic::sleep_before_packet
that were erroneous / superfluous, which enabled the elimination of a
"fudge" factor of 2.1 in connection_basic::set_rate_up_limit;
also ended the multiplying of limit values and numbers of bytes
transferred by 1024 before handing them over to the global throttle
objects
|
|
0d9c0db9 Do not build against epee_readline if it was not built (Howard Chu)
178014c9 split off readline code into epee_readline (moneromooo-monero)
a9e14a19 link against readline only for monerod and wallet-wallet-{rpc,cli} (moneromooo-monero)
437421ce wallet: move some scoped_message_writer calls from the libs (moneromooo-monero)
e89994e9 wallet: rejig to avoid prompting in wallet2 (moneromooo-monero)
ec5135e5 move input_line from command_line to simplewallet (moneromooo-monero)
082db75f move cryptonote command line options to cryptonote_core (moneromooo-monero)
|
|
Those have no reason to be in a generic module
|
|
It's nasty, and actually breaks on Solaris, where if.h fails to
build due to:
struct map *if_memmap;
|
|
The commands handler must not be destroyed before the config
object, or we'll be accessing freed memory.
An earlier attempt at using boost::shared_ptr to control object
lifetime turned out to be very invasive, though would be a
better solution in theory.
|
|
- internal nullptr checks
- prevent modifications to network_address (shallow copy issues)
- automagically works with any type containing interface functions
- removed fnv1a hashing
- ipv4_network_address now flattened with no base class
|
|
p2p uses it, and the cpp file needs to know the symbols should
be public
|
|
28b72b6e tx_pool: pre-init tvc.m_verifivation_failed before processing (moneromooo-monero)
50a629b2 core_tests: catch (impossible in practice) tx extra api failure (moneromooo-monero)
fee15ef1 wallet2: catch failure to parse address (moneromooo-monero)
1399e26d net_peerlist: remove dead code (moneromooo-monero)
50e09698 tx_pool: guard against failure getting tx hash (moneromooo-monero)
54cc209a wallet_rpc_server: catch failure to create directory (moneromooo-monero)
3e55099c wallet_rpc_server: init m_vm to NULL in ctor (moneromooo-monero)
7d0dde5e wallet_args: remove redundant default value for --log-file (moneromooo-monero)
ed4a3350 wallet2: catch failure to save keys file (moneromooo-monero)
44434c8a wallet2_api: check whether dynamic_cast returns NULL (moneromooo-monero)
92f2f687 core: check return value from parse_hexstr_to_binbuff (moneromooo-monero)
5475692e wallet2_api: remove an unused, uninitialized, field (moneromooo-monero)
a7ba3de1 libwallet_api_tests: initialize newblock_triggered on reset (moneromooo-monero)
b2763ace wallet2_api: init error code to "no error" in the ctor (moneromooo-monero)
b5faac53 get_blockchain_top now returns void (moneromooo-monero)
2e44d8f2 wallet_rpc_server: guard against exceptions (moneromooo-monero)
4230876b simplewallet: guard against I/O exceptions (moneromooo-monero)
06c1e057 daemon: initialize decode_as_json in RPC request (moneromooo-monero)
11f71af5 http_base: init size_t in http_request_info ctor (moneromooo-monero)
|
|
e29282d2 build: auto update version info without manually deleting version.h (stoffu)
|
|
CID 175290
|
|
054054c9 p2p: disable gray list housekeeping when an exclusive node is given (moneromooo-monero)
|
|
ef005f5e p2p: add a couple early outs when the stop signal is received (moneromooo-monero)
80d361c7 abstract_tcp_server2: improve tracking/cancelling of early connections (moneromooo-monero)
|
|
|
|
e3680b69 Rename m_listenning_port to m_listening_port (MaxXor)
a1ea475f Delete UPnP port mapping on exit (MaxXor)
|
|
Exclusive nodes may be used for privacy reasons, and thus we don't
want to connect to other nodes, even for checking connectivity.
See https://github.com/monero-project/monero/issues/2346
|
|
e3c4395a p2p: init hashes after deserializing a network address (moneromooo-monero)
|
|
|
|
|
|
|
|
Fixes multiple connections to the same address
|
|
Fix sync wedge corner case:
It could happen if a connection went into standby mode, while
it was the one which had requested the next span, and that span
was still waiting for the data, and that peer is not on the
main chain. Other peers can then start asking for that data
again and again, but never get it as only that forked peer does.
And various other fixes
|
|
This avoids quicker exit
|
|
7fdc178a p2p: fix random peer index being too large (moneromooo-monero)
|
|
6ce769c1 p2p: get net log spam down a bit (moneromooo-monero)
|
|
cb2d5110 Tweak net logs so we get more info on why networking can't start (moneromooo-monero)
|
|
This should prevent "silent" failures to start
|
|
|
|
|
|
This avoids failing to connect to the network in case all
known peers are unavailable (which can happen if the peer
list is small).
|
|
This fixes nodes not being able to connect to nodes which use
recent code. While there, init peer_id too.
|
|
158c3ecf core: thread most of handle_incoming_tx (moneromooo-monero)
f57ee382 cryptonote_protocol: retry stale spans early (moneromooo-monero)
90df52e1 cryptonote_protocol: light cleanup (moneromooo-monero)
84e23156 cryptonote_protocol: avoid spurious SYNCHRONIZED OK messages (moneromooo-monero)
5be43fcd cryptonote_protocol_handler: sync speedup (moneromooo-monero)
|
|
214fd81e some include cleanup (moneromooo-monero)
|
|
c6ba7d11 p2p: move m_in_timedsync from connection_context to p2p_connection_context (moneromooo-monero)
|
|
04ebfbfe p2p: close connections when exiting (moneromooo-monero)
9a10148c p2p: fix thread leak (moneromooo-monero)
|
|
06aea2cf move get_proof_of_trust_hash from util.h to p2p_protocol_defs.h (moneromooo-monero)
|
|
A block queue is now placed between block download and
block processing. Blocks are now requested only from one
peer (unless starved).
Includes a new sync_info coommand.
|
|
This will keep leak traces less noisy, as those were one off
allocations that were technically leaking.
|
|
It's got no place in the base class as it's P2P specific field
|
|
|
|
This ensures they don't leak if they were in the middle of an
async operation.
|
|
|
|
This avoids having to include p2p_protocol_defs.h in util.h,
as util.h is used a lot, and p2p_protocol_defs.h includes
a lot of other things that most users don't need.
|
|
Since I had to add an ID to the derived classes anyway,
this can be used instead. This removes an apparently
pointless warning from CLANG too.
|
|
07c4276c Don't issue a new timedsync while one is already in progress (Howard Chu)
cf3a376c Don't timeout a slow operation that's making progress (Howard Chu)
340830de Fix PR#2039 (Howard Chu)
|
|
A timedsync is issued every minute on a connection, but the input
tineout is 2 minutes. This means a new sync request could be issued
while a slow sync request was already in progress. The additional
request will further clog the network on a slow connection, and
cause a premature timeout.
|
|
All code which was using ip and port now uses a new IPv4 object,
subclass of a new network_address class. This will allow easy
addition of I2P addresses later (and also IPv6, etc).
Both old style and new style peer lists are now sent in the P2P
protocol, which is inefficient but allows peers using both
codebases to talk to each other. This will be removed in the
future. No other subclasses than IPv4 exist yet.
|
|
8277e67f Add anchor connections (Miguel Herranz)
|
|
In case the DNS seed(s) is/are down, which would otherwise
cause the fallback seeds to never be used. Also if the seeds
resolve to too few IPs.
|
|
Prevents the system from always picking the gray peers with the most
recent last_seen.
|
|
get_random_gray_peer is used to implement feeler connections, described
in: https://eprint.iacr.org/2015/263.pdf 2. Random selection
|
|
|
|
|
|
They're now used by core to determine the data directory to use
for the txpool directory.
This fixes an assert in the core tests, which don't use the RPC
server, which normally initializes the P2P code.
|
|
|
|
This is only used to load, not save
|
|
Based on https://eprint.iacr.org/2015/263.pdf 4. Anchor connections.
Peer list serialisation version bumped to 5.
|
|
|
|
ca94d0a4 Separate data per P2P port (Miguel Herranz)
|
|
0644eed7 Remove boost/foreach.cpp includes (Miguel Herranz)
36dd3e23 Replace BOOST_REVERSE_FOREACH with ranged for (Miguel Herranz)
629e3101 Replace BOOST_FOREACH with C++11 ranged for (Miguel Herranz)
|
|
poolstate.bin and p2pstate.bin are stored in .bitmonero/ if the default
P2P port is being used.
If another port is used both files are stored in
.bitmonero/PORTNUMBER/.
|
|
CATCH_ENTRY_L0 already returns the second value.
|
|
|
|
|
|
|
|
4cdf0a35 p2p: always recreate a new peer id on startup (moneromooo-monero)
|
|
f8b97aef p2p: show ban/unban logs by default again (moneromooo-monero)
|
|
This prevents easy fingerprinting when you change IPs, and
will be a must when kovri gets used.
|
|
|
|
|
|
|
|
|
|
A random peer from the gray peer list is selected and a connection is
made to check if the peer is alive.
If the connection and handshake are successful the peer is promoted to
the white peer list, in case of failure the peer is evicted from the
gray peer list.
The connection is closed after the check in either case.
|
|
cbcdf8ad Honor depth in get_peerlist_head method (Miguel Herranz)
|
|
0e0e6c5f Reduce to one connection per IP (Miguel Herranz)
3f269e98 Limit incoming connections from the same IP (Miguel Herranz)
|
|
The method returned depth + 2 because:
- push_back was executed before the condition.
- > instead of >= causing one more iteration.
|
|
|