Age | Commit message (Collapse) | Author | Files | Lines |
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
24569454 epee: add SSL support (moneromooo-monero)
|
|
This curbs runaway growth while still allowing substantial
spikes in block weight
Original specification from ArticMine:
here is the scaling proposal
Define: LongTermBlockWeight
Before fork:
LongTermBlockWeight = BlockWeight
At or after fork:
LongTermBlockWeight = min(BlockWeight, 1.4*LongTermEffectiveMedianBlockWeight)
Note: To avoid possible consensus issues over rounding the LongTermBlockWeight for a given block should be calculated to the nearest byte, and stored as a integer in the block itself. The stored LongTermBlockWeight is then used for future calculations of the LongTermEffectiveMedianBlockWeight and not recalculated each time.
Define: LongTermEffectiveMedianBlockWeight
LongTermEffectiveMedianBlockWeight = max(300000, MedianOverPrevious100000Blocks(LongTermBlockWeight))
Change Definition of EffectiveMedianBlockWeight
From (current definition)
EffectiveMedianBlockWeight = max(300000, MedianOverPrevious100Blocks(BlockWeight))
To (proposed definition)
EffectiveMedianBlockWeight = min(max(300000, MedianOverPrevious100Blocks(BlockWeight)), 50*LongTermEffectiveMedianBlockWeight)
Notes:
1) There are no other changes to the existing penalty formula, median calculation, fees etc.
2) There is the requirement to store the LongTermBlockWeight of a block unencrypted in the block itself. This is to avoid possible consensus issues over rounding and also to prevent the calculations from becoming unwieldy as we move away from the fork.
3) When the EffectiveMedianBlockWeight cap is reached it is still possible to mine blocks up to 2x the EffectiveMedianBlockWeight by paying the corresponding penalty.
Note: the long term block weight is stored in the database, but not in the actual block itself,
since it requires recalculating anyway for verification.
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
- Support for ".onion" in --add-exclusive-node and --add-peer
- Add --anonymizing-proxy for outbound Tor connections
- Add --anonymous-inbounds for inbound Tor connections
- Support for sharing ".onion" addresses over Tor connections
- Support for broadcasting transactions received over RPC exclusively
over Tor (else broadcast over public IP when Tor not enabled).
|
|
|
|
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.
No other data is currently pruned.
There are three ways to prune a blockchain:
- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility
The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.
The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.
Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
|
|
9092fc4b wallet: do not display daemon controlled text if untrusted (moneromooo-monero)
|
|
008647d7 blockchain_db: speedup tx output gathering (moneromooo-monero)
|
|
570dd369 p2p: use vector instead of list for peer lists (moneromooo-monero)
|
|
|
|
We know all the data we'll want for getblocks.bin is contiguous
|
|
5ca4994c rpc: speed up the common get_output_distribution case while syncing (moneromooo-monero)
|
|
dc1c1252 add command pop_blocks (Jason Wong)
|
|
|
|
243f010e rpc: mask values that are nobody else's business in restricted RPC (moneromooo-monero)
|
|
aee7a4e3 wallet_rpc_server: do not use RPC data if the call failed (moneromooo-monero)
1a0733e5 windows_service: fix memory leak (moneromooo-monero)
0dac3c64 unit_tests: do not rethrow a copy of an exception (moneromooo-monero)
5d9915ab cryptonote: fix get_unit for non default settings (moneromooo-monero)
d4f50cb1 remove some unused code (moneromooo-monero)
61163971 a few minor (but easy) performance tweaks (moneromooo-monero)
30023074 tests: slow_memmem now returns size_t (moneromooo-monero)
|
|
|
|
517f25ef rpc: add version to get_info (Jethro Grassie)
|
|
60f36386 Avoid unnecessary temp block and copy ctor (moneromooo-monero)
|
|
6f2497bc Don't cache nettype in core_rpc_server use m_core (doy-lee)
|
|
bd98e99c Removed a lot of unnecessary includes (Martijn Otto)
|
|
add new public method to Blockchain and update according to code review
update after review: better lock/unlock, try catch and coding style
|
|
|
|
fc98f7a0 rpc: speedup get_outs.bin (moneromooo-monero)
|
|
|
|
Found by codacy.com
|
|
Makes more sense than uint64_t for an offset, and agrees with
the %zu used to print results.
Found by codacy.com
|
|
|
|
and decrease the amount of data carried around
|
|
block already has a default ctor, and the extra object
churn due to its innards (vectors, etc) is pointless.
|
|
|
|
This can go out of sync with m_core's nettype if you run in fakechain
mode since entering fakechain mode is done through code not the command
line and core_rpc_server only looks at the command line to figure out
the nettype.
|
|
|
|
e61062b6 use current height - 1 for top block height in err msgs (cryptochangements34)
|
|
dad5bbfd return message in stop_mining if mining never started (cryptochangements34)
|
|
73e504c1 rpc: adjust ring size error message now that too high is also possible (moneromooo-monero)
a5ca7f4f core: fix unmixable special case allowing ring size below 11 (moneromooo-monero)
|
|
Undefined symbols for architecture x86_64:
"cryptonote::core::get_output_distribution(unsigned long long, unsigned long long, unsigned long long, unsigned long long&, std::__1::vector<unsigned long long, std::__1::allocator<unsigned long long> >&, unsigned long long&) const", referenced from:
cryptonote::rpc::RpcHandler::get_output_distribution(cryptonote::core&, unsigned long long, unsigned long long, unsigned long long, bool) in rpc_handler.cpp.o
|
|
6097472a Update ZMQ fee estimate and add ZMQ output distribution (Lee Clagett)
|
|
|
|
|
|
|
|
0aff4987 rpc: fix build with older compilers (moneromooo-monero)
|
|
3ffbec15 rpc: init m_rpc_version in Message ctor (moneromooo-monero)
bfa2dce1 rpc: remove unused ctors (moneromooo-monero)
7cc39845 account: init creation timestamp to 0 (moneromooo-monero)
32123789 wallet2: initialize some scalar fields in ctor where appropriate (moneromooo-monero)
4eca42b2 blockchain_db: initialize m_hardfork in ctor just in case (moneromooo-monero)
|
|
|
|
|
|
Fix for #4399.
Also unifies code for serializing pruned tx to binary/json into one.
|
|
f5f7c2ac rpc: blanket initialize 0MQ request and response structures (moneromooo-monero)
|
|
b916ca63 rpc: fix output distribution caching ignoring chain changes (moneromooo-monero)
|
|
0 is placeholder for whole chain, so we should compare chain
height changes rather than chain-height-or-zero. Even this isn't
totally foolproof if a blocks are popped and the same number
added again, but it is much better as it prevents the data from
slowly going out of sync.
|
|
|
|
Coverity 182501
|
|
Also prevents coverity from moaning about them not initializing fields
|
|
|
|
|
|
f77ce675 rpc: allow pruning of json encoded txs (cryptochangements34)
|
|
ac934663 rpc: add a "is an update available" flag in get_info (moneromooo-monero)
|
|
4f81cd3a rpc: add cumulative difficulty in block header data (moneromooo-monero)
|
|
03c07b16 rpc: return "already mining" in start_mining if already mining (moneromooo-monero)
|
|
cd647612 rpc: don't include start time if restricted (moneromooo-monero)
|
|
76f95f05 rpc: allow to pass RPC login via RPC_LOGIN env var (Dusan Klinec)
|
|
|
|
|
|
Make it easier for a user to be told when to update
|
|
|
|
|
|
|
|
|
|
- passing by parameter is insecure as it is shown in the process list
|
|
|
|
438d52d remove epee from link lines where it's redundant (moneromooo-monero)
|
|
3e46db9 rpc: add a non binary get_transaction_pool_hashes RPC (moneromooo-monero)
|
|
e5592c4 rpc: add blockchain disk size to getinfo (moneromooo-monero)
|
|
45e419b db: store cumulative rct output distribution in the db for speed (moneromooo-monero)
|
|
50af357 alt_chain_info can now give more info about a particular alt chain (moneromooo-monero)
|
|
149da42 db_lmdb: enable batch transactions by default (stoffu)
34cb6b4 add --regtest and --fixed-difficulty for regression testing (vicsn)
9e1403e update get_info RPC and bump RPC version (vicsn)
207b66e first new functional tests (vicsn)
|
|
This gets rid of the temporary precalc cache.
Also make the RPC able to send data back in binary or JSON,
since there can be a lot of data
This bumps the LMDB database format to v3, with migration.
|
|
5b5828fc zmq_server: fix bind call when address and/or port are empty (moneromooo-monero)
|
|
|
|
on_generateblocks RPC call combines functionality from the on_getblocktemplate and on_submitblock RPC calls to allow rapid block creation. Difficulty is set permanently to 1 for regtest.
Makes use of FAKECHAIN network type, but takes hard fork heights from mainchain
Default reserve_size in generate_blocks RPC call is now 1. If it is 0, the following error occurs 'Failed to calculate offset for'.
Queries hard fork heights info of other network types
|
|
For some reason, this confuses and kills ASAN on startup
as it thinks const uint8_t ipv4_network_address::ID is
defined multiple times.
|
|
a2b557f 6795bd0 209ec96 ed2c81e a830db2 57ea902 31a895e ba8331c f7f1917 41be339 f025ae9 ef2cb63 dcfd299 5d3e702 2704624 2771a18 0e4c7d0 (moneromooo-monero)
|
|
|
|
also use reserve where appropriate
|
|
|
|
|
|
|
|
|
|
|
|
This should help new nodes predict how much disk space will be
needed for a full sync
|
|
a87980f fix build with GCC 8.1.0 (moneromooo-monero)
|
|
|
|
d344736 rpc: convert distribution to cumulative after caching (moneromooo-monero)
|
|
|
|
353e9c0 Core RPC: optionally add POW hash to block_header_response (stoffu)
|
|
This avoids double conversion on a later cache hit
|
|
The distribution was not converted to cumulative after a cache hit
|
|
|
|
This bumps DB version to 2, migration code will run for v1 DBs
|
|
|
|
f9d0827b Fix broken interactive daemon 'limit' commands plus RPC calls (rbrunner7)
|
|
|
|
This skips the vast majority of "dust" output amounts with just
one instance on the chain. Clocks in at 0.15% of the original
time on testnet.
|
|
875c1cab wallet2: increase rpc timeout for get_output_distribution (moneromooo-monero)
70f23217 add top height to get_output_distribution, and cache it for rct (moneromooo-monero)
8c7363fb rpc: add missing perf timer for get_output_distribution (moneromooo-monero)
|
|
This should cache the vast majority of calls for long running wallets
|
|
|
|
73951cbd wallet2: request transactions in slices when scanning for known rings (moneromooo-monero)
25fe67e4 rpc: allow getting pruned blocks from gettransactions (moneromooo-monero)
|
|
11c933e1 fix lambda compile error on openbsd (moneromooo-monero)
|
|
and get them pruned in find_and_save_rings, since it does not need
the pruned data in the first place.
Also set decode_to_json to false where missing, we don't need this
either.
|
|
|
|
|
|
so that those nodes can still be used for sending transactions
|
|
57c0b1ed Fix typos in various files (Dimitris Apostolou)
|
|
|
|
|
|
|
|
|
|
|
|
7539603f Bootstrap daemon (stoffu)
|
|
628b78ae Fix in_peers/out_peers RPC operations (Erik de Castro Lopo)
ece9bcf5 rpc_client: Fix error handling (Erik de Castro Lopo)
8f30350d Fix method name in invoke_http_json_rpc (Erik de Castro Lopo)
32c0f908 Allow the number of incoming connections to be limited (Erik de Castro Lopo)
d609a2c1 Rename delete_connections to delete_out_connections (Erik de Castro Lopo)
b927c0fc Rename connections_count to max_out_connection_count (Erik de Castro Lopo)
|
|
a85dbb3f Fixed typos and wording tweaks (Maxithi)
|
|
|
|
|
|
It was already possible to limit outgoing connections. One might want
to do this on home network connections with high bandwidth but low
usage caps.
|
|
This rename is needed so that delete_in_connections can be added.
|
|
This is needed so that a max_in_connection_count can be added.
|
|
42f86624 rpc: expose recent median block size in getinfo (moneromooo-monero)
|
|
e0404d35 rpc: default do_not_relay to false in sendrawtransaction (moneromooo-monero)
|
|
|
|
|
|
301ec15c Change cryptonote::COMMAND_RPC_SET_LIMIT::response to use int64_t (Nick Johnson)
|
|
fa5c0bab Implement #3045, fixing RPC snakecases (Nick Johnson)
|
|
03ac3890 zmq: use older 3-arg version of setsockopt (stoffu)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
43f5269f Wallets now do not depend on the daemon rpc lib (moneromooo-monero)
bb89ae8b move connection_basic and network_throttle from src/p2p to epee (moneromooo-monero)
4abf25f3 cryptonote_core does not depend on p2p anymore (moneromooo-monero)
|
|
The shared RPC code is now moved off into a separate lib
|
|
As a followon side effect, this makes a lot of inline code
included only in particular cpp files (and instanciated
when necessary.
|
|
|
|
abebe392 rpc: add offline state in info rpc (moneromooo-monero)
7696e849 core: make --offline also disable DNS lookups (moneromooo-monero)
|
|
cf5f6236 Corrections in rate limiting / trottle code, especially in 'out' direction (rbrunner7)
|
|
009eed17 rpc: increase the max number of outs one can request (moneromooo-monero)
|
|
23b6f685 RPC: allow binding of restricted port in addition to core port (Tim L)
|
|
310b790a make connection_id a string in RPC (moneromooo-monero)
|
|
|
|
Deleted 3 out of 4 calls to method connection_basic::sleep_before_packet
that were erroneous / superfluous, which enabled the elimination of a
"fudge" factor of 2.1 in connection_basic::set_rate_up_limit;
also ended the multiplying of limit values and numbers of bytes
transferred by 1024 before handing them over to the global throttle
objects
|
|
43f27c7d core: warn when free disk space is low (moneromooo-monero)
|
|
It's getting hit too easily
|
|
It's sent as JSON, so raw binary is not appropriate
|
|
|
|
0f2c2d4c rpc: remove obsolete busy core checks (moneromooo-monero)
|
|
0d9c0db9 Do not build against epee_readline if it was not built (Howard Chu)
178014c9 split off readline code into epee_readline (moneromooo-monero)
a9e14a19 link against readline only for monerod and wallet-wallet-{rpc,cli} (moneromooo-monero)
437421ce wallet: move some scoped_message_writer calls from the libs (moneromooo-monero)
e89994e9 wallet: rejig to avoid prompting in wallet2 (moneromooo-monero)
ec5135e5 move input_line from command_line to simplewallet (moneromooo-monero)
082db75f move cryptonote command line options to cryptonote_core (moneromooo-monero)
|
|
383ff4f6 remove "using namespace std" from headers (moneromooo-monero)
|
|
|
|
wallet2 is a library, and should not prompt for stdin. Instead,
pass a function so simplewallet can prompt on stdin, and a GUI
might display a window, etc.
|
|
Those have no reason to be in a generic module
|
|
It's nasty, and actually breaks on Solaris, where if.h fails to
build due to:
struct map *if_memmap;
|
|
0bf09154 Fix file permission issue (Tim L)
|
|
fa514082 RPC: get_info add rpc_connections_count (Tim L)
|
|
4a17f0c2 rpc: add performance timers (moneromooo-monero)
|
|
a524b750 rpc: added miner_tx_hash to resp of getblock (stoffu)
|
|
118a1bed rpc: make get_coinbase_tx_sum a restricted RPC (moneromooo-monero)
|
|
10013e94 Protect node privacy by proper filtering in restricted-mode RPC answers (binaryFate)
|
|
|
|
|
|
This patch allows to filter out sensitive information for queries that rely on the pool state, when running in restricted mode.
This filtering is only applied to data sent back to RPC queries. Results of inline commands typed locally in the daemon are not affected.
In practice, when running with `--restricted-rpc`:
* get_transaction_pool will list relayed transactions with the fields "last relayed time" and "received time" set to zero.
* get_transaction_pool will not list transaction that have do_not_relay set to true, and will not list key images that are used only for such transactions
* get_transaction_pool_hashes.bin will not list such transaction
* get_transaction_pool_stats will not count such transactions in any of the aggregated values that are computed
The implementation does not make filtering the default, so developers should be mindful of this if they add new RPC functionality.
Fixes #2590.
|
|
|
|
Transactions in the txpool are marked when another transaction
is seen double spending one or more of its inputs.
This is then exposed wherever appropriate.
Note that being marked with this "double spend seen" flag does
NOT mean this transaction IS a double spend and will never be
mined: it just means that the network has seen at least another
transaction spending at least one of the same inputs, so care
should be taken to wait for a few confirmations before acting
upon that transaction (ie, mostly of use for merchants wanting
to accept unconfirmed transactions).
|
|
161401dd Fix JSON-RPC response object over ZMQ (Lee Clagett)
|
|
This branch fixes a file permission issue introduced by https://github.com/monero-project/monero/commit/69c37200aa87f100f731e755bdca7a0dc6ae820a
|
|
|
|
Enable with perf:DEBUG
|
|
|
|
cba34494 rpc: out_peers now works again (moneromooo-monero)
|
|
|
|
It's pretty slow and I/O intensive
|
|
|
|
7d4ef258 rpc: fix getting txpool transactions (moneromooo-monero)
|
|
|
|
- internal nullptr checks
- prevent modifications to network_address (shallow copy issues)
- automagically works with any type containing interface functions
- removed fnv1a hashing
- ipv4_network_address now flattened with no base class
|
|
309290d1 Source updates are in a source subdirectory (moneromooo-monero)
|
|
792ba4f0 Log categories can now be added to and removed from (moneromooo-monero)
48f92eb6 easylogging++: add categories getter (moneromooo-monero)
f35afe62 epee: factor log level/categories setting (moneromooo-monero)
|
|
2e59f6ea rpc: add new RPCs to get and set limits (MaxXor)
|
|
|
|
|
|
0aaaca29 tx_pool: set the "invalid input" bit when check_tx_inputs fails (moneromooo-monero)
9236823b simplewallet: print tx rejection reason where it was missing (moneromooo-monero)
3dee3301 core_rpc_server: print tx rejection reason at L0 too (moneromooo-monero)
|
|
28b72b6e tx_pool: pre-init tvc.m_verifivation_failed before processing (moneromooo-monero)
50a629b2 core_tests: catch (impossible in practice) tx extra api failure (moneromooo-monero)
fee15ef1 wallet2: catch failure to parse address (moneromooo-monero)
1399e26d net_peerlist: remove dead code (moneromooo-monero)
50e09698 tx_pool: guard against failure getting tx hash (moneromooo-monero)
54cc209a wallet_rpc_server: catch failure to create directory (moneromooo-monero)
3e55099c wallet_rpc_server: init m_vm to NULL in ctor (moneromooo-monero)
7d0dde5e wallet_args: remove redundant default value for --log-file (moneromooo-monero)
ed4a3350 wallet2: catch failure to save keys file (moneromooo-monero)
44434c8a wallet2_api: check whether dynamic_cast returns NULL (moneromooo-monero)
92f2f687 core: check return value from parse_hexstr_to_binbuff (moneromooo-monero)
5475692e wallet2_api: remove an unused, uninitialized, field (moneromooo-monero)
a7ba3de1 libwallet_api_tests: initialize newblock_triggered on reset (moneromooo-monero)
b2763ace wallet2_api: init error code to "no error" in the ctor (moneromooo-monero)
b5faac53 get_blockchain_top now returns void (moneromooo-monero)
2e44d8f2 wallet_rpc_server: guard against exceptions (moneromooo-monero)
4230876b simplewallet: guard against I/O exceptions (moneromooo-monero)
06c1e057 daemon: initialize decode_as_json in RPC request (moneromooo-monero)
11f71af5 http_base: init size_t in http_request_info ctor (moneromooo-monero)
|
|
e29282d2 build: auto update version info without manually deleting version.h (stoffu)
|
|
It was always returning true, and could not be foreseen to
usefully return errors in the future. This silences CID 162652
as well as saves some checking code in a few places.
|
|
a15e8583 wallet2: guard against daemon sending txes in the wrong order (moneromooo-monero)
8fe5f609 rpc: order transactions in the order they were requested (moneromooo-monero)
|
|
b5cbdce8 wallet2: correctly handle in/out payments for view-only wallet (stoffu)
|