Age | Commit message (Collapse) | Author | Files | Lines |
|
057c279c epee: add SSL support (Martijn Otto)
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
|
|
|
|
|
|
|
|
3d2772a0 wallet-rpc: get balance for all accounts and subaddresses (stoffu)
|
|
8a1ff079 wallet-rpc: get transfers for all accounts and subaddresses (Jethro Grassie)
|
|
5c81a9f1 wallet_rpc_server: add a validate_address RPC (moneromooo-monero)
|
|
d2c95ab9 Don't decrypt keys in view only wallets in wallet_keys_unlocker (Doyle)
|
|
9d58749b wallet2: fix hashchain going out of sync on refresh error (moneromooo-monero)
|
|
24569454 epee: add SSL support (moneromooo-monero)
|
|
fa2fbc39 wallet2: fix mishandling rct outputs in coinbase tx (moneromooo-monero)
|
|
|
|
Reported by cutcoin
|
|
|
|
|
|
|
|
|
|
RPC connections now have optional tranparent SSL.
An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.
SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.
Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.
To generate long term certificates:
openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT
/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.
SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
|
|
|
|
acfff8d0 rpc: fix internal daemon calls in restricted rpc getting partial data (moneromooo-monero)
|
|
23813c71 blockchain: add --reorg-notify (moneromooo-monero)
f6db59b0 notify: handle arbitrary tags (moneromooo-monero)
ff959216 notify: warn if the spec contains one of '"\ (moneromooo-monero)
13852678 common: set MONERO_DEFAULT_LOG_CATEGORY for notify and spawn (moneromooo-monero)
|
|
|
|
b8c5f550 wallet api: don't truncate address in subaddress_account (selsta)
|
|
|
|
2112060d wallet2: fix duplicate tx notifications for pool txes (moneromooo-monero)
|
|
96e35506 wallet2: fix incorrect patch for determining fork rules (moneromooo-monero)
|
|
8258a9e7 wallet: do not check txpool in background mode (moneromooo-monero)
|
|
b6534c40 ringct: remove unused senderPk from ecdhTuple (moneromooo-monero)
7d375981 ringct: the commitment mask is now deterministic (moneromooo-monero)
99d946e6 ringct: encode 8 byte amount, saving 24 bytes per output (moneromooo-monero)
cdc3ccec ringct: save 3 bytes on bulletproof size (moneromooo-monero)
f931e16c add a bulletproof version, new bulletproof type, and rct config (moneromooo-monero)
|
|
Found by knaccc
|
|
This makes it easier to modify the bulletproof format
|
|
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.
No other data is currently pruned.
There are three ways to prune a blockchain:
- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility
The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.
The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.
Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
|
|
|
|
c6d38718 core: include a dummy encrypted payment id when no payment is used (moneromooo-monero)
b7441c4a core, wallet: remember original text version of destination address (moneromooo-monero)
a9b1c04a crptonote_core: do not error out sending unparsable extra field (moneromooo-monero)
|
|
0a29660f message_store: init me field (moneromooo-monero)
|
|
|
|
This allows filling in transfer_details when a cold signed tx
gets seen in a block next
|
|
13785ec9 wallet api/device: set estimated restore height if none is provided (selsta)
|
|
9092fc4b wallet: do not display daemon controlled text if untrusted (moneromooo-monero)
|
|
d7354c78 wallet_rpc_server: add all field to export_key_images (moneromooo-monero)
|
|
de9dcdd1 wallet2: finalize_multisig now rejects non N-1/N multisig wallets (moneromooo-monero)
|
|
99765b21 Remove unused hash in export_key_images (doy-lee)
|
|
841a6acd wallet2: fix accessing unwound stack on exception (moneromooo-monero)
|
|
808a1f1e wallet2: cut down on the number of useless derivation threads (moneromooo-monero)
|
|
219548f2 Sync hashchain bug fixed (naughtyfox)
|
|
611db08a Wallet: Initialize members without default ctor. (Tadeas Moravec)
|
|
Same behaviour as subaddress.cpp now.
|
|
Half of the patch was correct, but half was introducing another bug,
where a wallet asking for a fork that the daemon does not know about
yet would decide to use those rules.
|
|
|
|
This avoids the constant message about needed to run refresh
to enter a password.
Also mention the txpool when asking for the password if the
reason is a pool tx.
|
|
050ee521 wallet_api: fix usage of LOG_ERROR (moneromooo-monero)
|
|
68f095f0 message_store: fix error message adding const char * with offset (moneromooo-monero)
|
|
Coverity 190651
|
|
|
|
2d7b0236 wallet2: clear all payments on soft rescan_bc (moneromooo-monero)
|
|
|
|
It can get heavy for large wallets
|
|
|
|
e37154a build: protobuf dependency fixes, libusb build (ph4r05)
|
|
|
|
To use if you want all key images, not just the ones for
recently imported outputs
|
|
|
|
|
|
|
|
- docker protobuf dependencies, cross-compilation
- device/trezor protobuf build fixes, try_compile
- libusb built under all platforms, used by trezor for direct connect
|
|
|
|
|
|
|
|
Found by Coverity (188336 in Anonimal's Coverity account).
|
|
|
|
d71f89e2 device/trezor: device/trezor: correct device initialization, status check (Dusan Klinec)
65b9bca7 device/trezor: python2 compatibility - bundle dependencies (Dusan Klinec)
9cf636af device/trezor: ask for KI sync on first refresh (Dusan Klinec)
d21dad70 device: enable to use multiple independent device wallets (Dusan Klinec)
318cc784 device/trezor: passphrase entry on host (Dusan Klinec)
|
|
They'll get duplicated otherwise
|
|
When doing a first refresh on HW-token based wallet KI sync is required if money were received. Received money may indicate wallet was already used before the restore I.e., some transaction could have been already sent from the wallet. The spent UTXO would not be detected as spent which could lead to double spending errors on submitting a new transaction.
Thus if the wallet is HW-token based with the cold signing protocol and the first refresh detected received money the user is asked to perform the key image sync.
|
|
- adds a new option `--hw-device-deriv-path` to the simple wallet. Enables to specify wallet derivation path / wallet code (path avoided so it can be misinterpreted as a file path).
- devices can use different derivation mechanisms. Trezor uses standard SLIP-10 mechanism with fixed SLIP-44 prefix for Monero
- Trezor: when empty, the default derivation mechanism is used with 44'/128'/0'. When entered the derivation path is 44'/128'/PATH.
- Trezor: the path is always taken as elements are hardened (1<<31 bit turned on)
|
|
aee7a4e3 wallet_rpc_server: do not use RPC data if the call failed (moneromooo-monero)
1a0733e5 windows_service: fix memory leak (moneromooo-monero)
0dac3c64 unit_tests: do not rethrow a copy of an exception (moneromooo-monero)
5d9915ab cryptonote: fix get_unit for non default settings (moneromooo-monero)
d4f50cb1 remove some unused code (moneromooo-monero)
61163971 a few minor (but easy) performance tweaks (moneromooo-monero)
30023074 tests: slow_memmem now returns size_t (moneromooo-monero)
|
|
b5573fc2 wallet2: resume processing when tx extra is partially broken (stoffu)
|
|
56e616e8 wallet2: add n_vouts to capture list (moneromooo-monero)
|
|
bd98e99c Removed a lot of unnecessary includes (Martijn Otto)
|
|
2b3595d0 various: do not propagate exception through dtor (moneromooo-monero)
|
|
6732fc7f Fix issue 4793 - M/N multisig transaction signature (naughtyfox)
|
|
- simple device callback object added. Device can request passphrase/PIN entry via the callback or notify user some action is required
- callback is routed to wallet2, which routes the callback to i_wallet_callback so CLI or GUI wallets can support passphrase entry for HW tokens
- wallet: device open needs wallet callback first - passphrase protected device needs wallet callback so user can enter passphrase
|
|
fc98f7a0 rpc: speedup get_outs.bin (moneromooo-monero)
|
|
|
|
b9b307d1 rpc: speedup get_output_distribution (moneromooo-monero)
|
|
1a4d1603 wallet2: remove redundant chacha key generation in store_keys (stoffu)
|
|
Found by codacy.com
|
|
Found by codacy.com
|
|
Found by codacy.com
|
|
Motivated by https://monero.stackexchange.com/questions/10483
Some exchanges appear to have customized the wallet software
in an inappropriate way, making the tx extra field partially
unreadable. PR #3716 changed the wallet behavior disallowing
such partially valid tx extra.
An example tx reported by the user is
e87c675a85f34ecac58a8846613d25062f1813e1023c552b705afad32b972c38
where the normal tx pubkey appears again with the aditional
tx pubkeys tag `04` which is inappropriate.
|
|
|
|
|
|
and decrease the amount of data carried around
|
|
7ae36e91 wallet_rpc_server: account for watch-only/non-deterministic/multisig when querying seed (stoffu)
|
|
e198b06e Fix: out_of_hashchain_bounds_error in refresh (Hasan Pekdemir)
|
|
177a9d76 wallet: warn if lockable memory limit is too low (moneromooo-monero)
|
|
0afdb00b wallet2: fix print_ring printing double entries for transactions (moneromooo-monero)
|
|
8f3963d2 wallet2: demote a few uninteresting recurring logs to TRACE (moneromooo-monero)
|
|
1c04c21d wallet_rpc_server: include additional tx keys in sign_transfer response (stoffu)
|
|
1598f01c wallet2: use padded bulletproofs for multisig signing (stoffu)
|
|
|
|
Coverity 189689, 189690, 189692, 189695
|
|
6e1282b6 wallet2: fix off by one in output picking (moneromooo-monero)
|
|
157054b8 hardfork: initialize current_fork_index in ctor (moneromooo-monero)
2362baf7 network_throttle: initialize m_last_sample_time in ctor (moneromooo-monero)
d9400f69 serializtion: add missing mainnet and stagenet fields for 0mq (moneromooo-monero)
cbe0122b wallet2: initialize amount to 0 in tx_scan_info_t ctor (moneromooo-monero)
|
|
f3019efe wallet-rpc: add on_restore_deterministic RPC call. (Hasan Pekdemir)
|
|
840bf155 build: fix Ubuntu 16.04 (GCC 5.4.0) compilation (xiphon)
|
|
|
|
|
|
|
|
1fd017cf Fix build of monero-gui by adding device_trezor to wallet_merged (buricl)
|
|
9335d5a2 wallet2: save ring in the ringdb once a tx is created (moneromooo-monero)
|
|
107f3398 wallet2: fix ring reuse breaking when using histogram (moneromooo-monero)
|
|
f26ce08c wallet: add a non destructive blockchain rescan (moneromooo-monero)
|
|
e86af52e wallet2: rewrite keys file in a safer manner (Nathan Dorfman)
|
|
1f35de23 simplewallet: display locked/unlocked state in show_transfers (moneromooo-monero)
|
|
|
|
and take into account wallet level minimum spend age
|
|
querying seed
Followup on #4653
|
|
and disable annoying test that requires ridiculous amounts
of skullduggery every time some format changes
|
|
|
|
70877b1d wallet2/create_transactions_2: removed obsolete '/ 1024' on min_fee calc (Paul Shapiro)
|
|
7f0dd094 wallet2: sanity check rct output distribution from the daemon (moneromooo-monero)
|
|
6097472a Update ZMQ fee estimate and add ZMQ output distribution (Lee Clagett)
|
|
cf646e3a wallet2/create_transactions_2: removed extraneous shuffle before sort of unused_*_indices_per_subaddr (Paul Shapiro)
|
|
76681b9b wallet2/create_transactions_2: fixed typo in try_tx=true's estimate_fee args (Paul Shapiro)
|
|
15:43 < hahsun> Im on stagenet and I suddenly get this exception: 2018-11-04 14:42:52.416 [RPC0] ERROR wallet.wallet2 src/wallet/wallet2.cpp:2070 !m_blockchain.is_in_bounds(current_index). THROW EXCEPTION: error::out_of_hashchain_bounds_error
16:01 <+moneromooo> OK, possibly because the blckchain is always seeded with the genesis block hash...
16:02 <+moneromooo> So that case should be allowed, assuming it doesn't break the code around it.
16:05 <+moneromooo> OK if stop_height == size || (size==1 && stop_heigt ==0)
16:05 <+moneromooo> Throw if not that.
16:06 < hahsun> k
|
|
|
|
|
|
|
|
When a tx gets from unconfirmed to conirmed, the rings for that
transaction were being added twice
|
|
|
|
Followup on #4552
|
|
ade369f9 Add RPC error code for non-deterministic wallet (Michał Sałaban)
|
|
Analogous to #4540
|
|
|
|
It seems the more prudent thing to do here. It will not catch
attempts to use that value before it is initialized when using
ASAN or valgrind, but in a case where it does, it will have
smaller repercussions.
So it seems appropriate in this particular case.
Coverity 182498
|
|
|
|
Even if it is never relayed, it ensures a daemon supplying
fake outs on demand will never be asked for a set with the
real input being the only intersecting member (only a problem
with people who trust their privacy to some stranger's node,
but it seems to be a massively common thing, even in Monero)
|
|
|
|
3ffbec15 rpc: init m_rpc_version in Message ctor (moneromooo-monero)
bfa2dce1 rpc: remove unused ctors (moneromooo-monero)
7cc39845 account: init creation timestamp to 0 (moneromooo-monero)
32123789 wallet2: initialize some scalar fields in ctor where appropriate (moneromooo-monero)
4eca42b2 blockchain_db: initialize m_hardfork in ctor just in case (moneromooo-monero)
|
|
a7960542 WalletAPI: rescanBlockchain, rescanBlockchainAsync (mmitkevich)
|
|
04ddf02e Return appropriate RPC error code when key image signature check fails (Michał Sałaban)
|
|
67e76aa0 wallet_rpc_server: optionally return tx keys in sign_transfer (moneromooo-monero)
|
|
977fc1bc wallet_rpc_server: add describe_transfer RPC (moneromooo-monero)
|
|
it doesn't display the details, which are already displayed
in show_transfer
|
|
|
|
in order to unbias selection from blocks with few txes
|
|
|
|
|
|
|
|
unused_*_indices_per_subaddr
|
|
92a0827e wallet2: make fake out selection messages less spammy (moneromooo-monero)
|
|
|
|
Apparently some people seem to think it's a censorship list...
|
|
99d45a95 wallet_rpc_server: fix change_wallet_password RPC (moneromooo-monero)
|
|
|
|
It was creating a new wallet without a password first (this should
be fixed), then not changing the password correctly
|
|
Coverity 188336
|
|
|
|
d886b97f SOFTWARE is the default wallet device (m2049r)
|
|
|
|
|
|
|
|
|
|
|
|
This code was deciding which bulletproof configuration to use
based on ptx which weren't created yet.
|
|
for unsigned tx sets using a view only wallet
|
|
9acf42d3 Multisig M/N functionality core tests added (naughtyfox)
9f3963e8 Arbitrary M/N multisig schemes: * support in wallet2 * support in monero-wallet-cli * support in monero-wallet-rpc * support in wallet api * support in monero-gen-trusted-multisig * unit tests for multisig wallets creation (naughtyfox)
|
|
Some strings were not detected by lupdate because "tr() cannot be called without
context".
|
|
34a85e0c wallet2: disable height based segregation (moneromooo-monero)
|
|
|
|
It can still be enable via DNS if a key reusing fork pops up
|
|
bccd88dd wallet2: clear found out for every tx key (doy-lee)
|
|
2c74b1a1 wallet_rpc_server: include all transfer records for a txid (moneromooo-monero)
|
|
25e5890d wallet: fix --generate-from-json using wrong password (moneromooo-monero)
|
|
Avoids triggering the sanity check
|
|
* support in wallet2
* support in monero-wallet-cli
* support in monero-wallet-rpc
* support in wallet api
* support in monero-gen-trusted-multisig
* unit tests for multisig wallets creation
|
|
Since subaddresses were added, a tx can now create more than
one payment
|
|
|
|
amount and offset (instead of pubkey)
|
|
73403004 add --block-notify to monerod and --tx-notify to monero-wallet-{cli,rpc} (moneromooo-monero)
|
|
7dd11711 wallet2: fix transfers between subaddresses hitting the sanity check (moneromooo-monero)
|
|
bcf3f6af fuzz_tests: catch unhandled exceptions (moneromooo-monero)
3ebd05d4 miner: restore stream flags after changing them (moneromooo-monero)
a093092e levin_protocol_handler_async: do not propagate exception through dtor (moneromooo-monero)
1eebb82b net_helper: do not propagate exceptions through dtor (moneromooo-monero)
fb6a3630 miner: do not propagate exceptions through dtor (moneromooo-monero)
2e2139ff epee: do not propagate exception through dtor (moneromooo-monero)
0749a8bd db_lmdb: do not propagate exceptions in dtor (moneromooo-monero)
1b0afeeb wallet_rpc_server: exit cleanly on unhandled exceptions (moneromooo-monero)
418a9936 unit_tests: catch unhandled exceptions (moneromooo-monero)
ea7f9543 threadpool: do not propagate exceptions through the dtor (moneromooo-monero)
6e855422 gen_multisig: nice exit on unhandled exception (moneromooo-monero)
53df2deb db_lmdb: catch error in mdb_stat calls during migration (moneromooo-monero)
e67016dd blockchain_blackball: catch failure to commit db transaction (moneromooo-monero)
661439f4 mlog: don't remove old logs if we failed to rename the current file (moneromooo-monero)
5fdcda50 easylogging++: test for NULL before dereference (moneromooo-monero)
7ece1550 performance_test: fix bad last argument calling add_arg (moneromooo-monero)
a085da32 unit_tests: add check for page size > 0 before dividing (moneromooo-monero)
d8b1ec8b unit_tests: use std::shared_ptr to shut coverity up about leaks (moneromooo-monero)
02563bf4 simplewallet: top level exception catcher to print nicer messages (moneromooo-monero)
c57a65b2 blockchain_blackball: fix shift range for 32 bit archs (moneromooo-monero)
|
|
921b0fb1 use default create_address_file argument (m2049r)
|
|
06d05c21 device: set device name correctly if key_on_device is set (Dusan Klinec)
|
|
83debef9 wallet_rpc_server: remove verbose field in incoming_transfers query (moneromooo-monero)
|
|
a21da905 Wallet: use unique_ptr for WalletImpl members (oneiric)
|
|
7a056f44 WalletAPI: multisigSignData bug fixed (naughtyfox)
|
|
43a06350 ringdb: use cursors to be a bit faster (moneromooo-monero)
|
|
7964d4f8 wallet2: handle corner case in picking fake outputs (moneromooo-monero)
|
|
e350cc5a wallet2: fix duplicate output making it to the RPC (moneromooo-monero)
bf9a0f4c epee: fix stack overflow on crafted input (moneromooo-monero)
45683ee0 epee: fix invalid memory write reading an array entry (moneromooo-monero)
|
|
|
|
6e270fbd wallet2_api: fix for latest code changes (moneromooo-monero)
|
|
b35beaa8 wallet_rpc_server: include account index in incoming_transfers RPC (moneromooo-monero)
|
|
|
|
|
|
Thanks iDunk for the windows testing
|
|
Thanks iDunk for building patches on windows
|
|
66901901 README: harmonize command formatting inside README.md (Andrea)
8cd98408 disable AES on s390x architecture (Tuan M. Hoang)
4ed30bab wallet: implement coin splitting for sweep_* 'outputs' option (whythat)
24f52396 wallet: add 'outputs' option for sweep_* commands (whythat)
52e19d69 README: Compile boost with cxxflags=-fPIC cflags=-fPIC (Italocoin Project)
0c77523d README: fill in libsodium package name for Arch (phloatingman)
|