Age | Commit message (Collapse) | Author | Files | Lines |
|
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
|
|
just in case
|
|
Large amounts might run out of stack
Reported by guidov
|
|
|
|
|
|
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
|
|
Count transactions as well
|
|
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.
This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
|
|
f2f207d miner: fix double free of thread attributes (ston1th)
|
|
GCC wants operator= aand copy ctor to be both defined, or neither
|
|
issue: #5568
|
|
|
|
f950517a core: update pruning if using --prune-blockchain on a pruned blockchain (moneromooo-monero)
|
|
35da33be blockchain: do not try to pop blocks down to the genesis block (moneromooo-monero)
4b51f9a3 core: do not commit half constructed batch db txn (moneromooo-monero)
|
|
9bfa4c20 Fix allow any cert mode in wallet rpc when configured over rpc (Lee Clagett)
3544596f Add ssl_options support to monerod's rpc mode. (Lee Clagett)
c9aaccf3 Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. (Lee Clagett)
|
|
b6830db2 Fix #5553 (Howard Chu)
|
|
Avoids a massive amount of spurious warnings if the last update before
the daemon exited was a while ago and the daemon was syncing
|
|
|
|
|
|
|
|
|
|
|
|
Make sure the tip hash still matches the cached block
|
|
also add a note when receiving the tx, because the user
might not notice the "XXX blocks to unlock" in the balance.
|
|
3f612cda Changed odd bullet point to low level header (Rohaq)
af9bc4ec Used subeaders to avoid slightly wonky looking formatting (Rohaq)
1873af35 Made code block usage consistent across all .md files (Rohaq)
68103075 Updated Copyright notice (Rohaq)
39bd157f Added Table of Contents to main README.md (Rohaq)
|
|
e1016bce password: do not use line input on windows (moneromooo-monero)
|
|
615f287 wallet: fix certificate fingerprint length check (moneromooo-monero)
|
|
46244dd wallet_rpc_server: use original addresses in destinations in get_transfers (moneromooo-monero)
|
|
1e8f3f6 rpc: fail update RPC when running offline (moneromooo-monero)
|
|
d47292e error: fix compile error on windows with depends (moneromooo-monero)
|
|
|
|
Fixed by crCr62U0
|
|
This keeps its builtin command editing away
Thanks iDunk for testing on Windows
|
|
And add them for pending transfers, where they were missing
|
|
|
|
e9809382 fix wide difficulty conversion with some versions of boost (moneromooo-monero)
|
|
1c44e658 wallet2: reject standalone short payment IDs in monero: URI API (moneromooo-monero)
|
|
7e5158aa mnemonics: fix 4 byte UTF-8 rewriting (moneromooo-monero)
|
|
ccc1e311 wallet_rpc_server: reject standalone short payment id in address book (moneromooo-monero)
|
|
b4ca72dd wallet2: fix infinite loop picking outputs in corner case (moneromooo-monero)
|
|
a4c4a2d8 blockchain: keep a rolling long term block weight median (moneromooo-monero)
|
|
0eb0d6b8 rpc: improve get_output_distribution (moneromooo-monero)
|
|
28a7d315 p2p: do not send last_seen timestamp to peers (moneromooo-monero)
|
|
state_not_recoverable is not defined there
|
|
|
|
5e0da6fb change SSL certificate fingerprint whitelisting from SHA1 to SHA-256 (moneromooo-monero)
|
|
98fb98f9 wallet_rpc_server: adding missing return on error in set_daemon (moneromooo-monero)
9074c0d8 wallet_rpc_server: return false on error in set_log_categories (moneromooo-monero)
968848a7 wallet_rpc_server: fix crash in validate_address if no wallet is loaded (moneromooo-monero)
|
|
64983fce wallet2: default to trying to keep 5 outputs of 2+ monero (moneromooo-monero)
|
|
0aaf5e2a device/trezor: device sorting and filtering improved (Dusan Klinec)
|
|
|
|
|
|
|
|
|
|
If we have fewer outputs available on the chain than what we
require, but the output we're spending already has a ring,
it would loop picking outputs randomly, but never find enough.
Also tune logs for better debugging this kind of thing.
|
|
SHA1 is too close to bruteforceable
|
|
|
|
Reported by SmajeNz0
|
|
Reported by SmajeNz0
|
|
It can now handle small reorgs without having to rescan the
whole blockchain.
Also add a test for it.
|
|
- Trezor type detection refactored, T1 disabled (was enabled before which was a bug)
- Sort connected devices by env TREZOR_PATH
- Compatibility with Trezor ecosystem using TREZOR_PATH env var
- Enables to pick particular Trezor to use in GUI as we don't have the multi-device selection yet
- Dump all detected devices to log for better debugging / troubleshooting
|
|
4be18df3 tx_sanity_check: relax uniqueness check a bit (moneromooo-monero)
b386ae57 wallet2: add missing "sanity check failed" reason message (moneromooo-monero)
|
|
c519d1df wallet2: fix wrong change being recorded in sweep_all (moneromooo-monero)
|
|
7af49ef0 daemonizer: add --non-interactive for windows (moneromooo-monero)
|
|
97e1c927 wallet: fix key image computation signaling to the device (Dusan Klinec)
|
|
31a9aa83 wallet_rpc_server: add block_height and frozen to incoming_transfers (moneromooo-monero)
|
|
This can be used for fingerprinting and working out the
network topology.
Instead of sending the first N (which are sorted by last
seen time), we sent a random subset of the first N+N/5,
which ensures reasonably recent peers are used, while
preventing repeated calls from deducing new entries are
peers the target node just connected to.
The list is also randomly shuffled so the original set of
timestamps cannot be approximated.
|
|
In the case where previously a second unneeded output would be
added to a transaction. This should help *some* of the cases
where outputs are slowly being consolidated, leading to the
whole balance being locked when sending monero.
|
|
It triggers easily on testnet
|
|
|
|
leading to the sanity check triggering
|
|
The RPC functional tests need it
Thanks to iDunk for debugging/testing
|
|
|
|
|
|
|
|
0f52fe4c Windows: work around a boost 1.70 and cmake SNAFU (iDunk5400)
b414b69f Windows: fix a build error in MSYS2 with boost 1.70.0 (iDunk5400)
|
|
fbbe75d7 device/trezor: button request callback fix (Dusan Klinec)
|
|
588e6700 simplewallet: fix output representation offset (moneromooo-monero)
35e0a968 wallet2: "output lineup" fake out selection (moneromooo-monero)
|
|
84047cb7 wallet_rpc_server: add unlocked field to incoming_transfers output (moneromooo-monero)
|
|
58eade68 simplewallet: add the change amount to the prompt when locking (moneromooo-monero)
|
|
71102267 wallet_rpc_server: set suggested_confirmations_threshold for pool txes (moneromooo-monero)
|
|
|
|
|
|
Based on python code by sarang:
https://github.com/SarangNoether/skunkworks/blob/outputs/outputs/simulate.py
|
|
|
|
|
|
|
|
5fafb90e testdb: add override keyword where missing (stoffu)
|
|
and delete obsolete BlockchainBDB::get_tx_output_indices along the way
|
|
|
|
|
|
|
|
c30d93fc rpc: add a pruned bool to the prune_blockchain call (moneromooo-monero)
|
|
926e0472 simplewallet: add another warning about long payment ids (moneromooo-monero)
|
|
d009f6dd rpc: fix get_block_hashes.bin from wallet on pruned blockchain (moneromooo-monero)
bb0ef5b1 blockchain: lock the blockchain while pruning (moneromooo-monero)
|
|
b18f0b10 wallet: new --offline option (moneromooo-monero)
|
|
7d79222f daemon: remove debug info (moneromooo-monero)
8fec0f98 functional_tests: add sweep_single test (moneromooo-monero)
9880d61b wallet_rpc_server: remove unused code (moneromooo-monero)
8a61b33d rpc: omit irrelevant fields for pool txes in gettransactions (moneromooo-monero)
56508524 rpc: add relayed in get_transaction output (moneromooo-monero)
82e510f1 rpc: set default log category in core_rpc_server.h (moneromooo-monero)
|
|
6643b047 Increment m_threads_active when mining thread starts (Doyle)
|
|
07dd5536 hardfork: remove "no hf version db" recreation check (moneromooo-monero)
|
|
b3648232 daemon: fix ratio not being floating point (moneromooo-monero)
e1b097b9 core_rpc_server: remove dummy assigning int to bool (moneromooo-monero)
|
|
f26e0b5d cryptonote_protocol: warn when the last connection goes (moneromooo-monero)
|
|
acb68dba bulletproofs: cut down on keyV allocations (moneromooo-monero)
|
|
5140c15e daemon: if a log file has a /, interpret it from the cwd (moneromooo-monero)
|
|
ccb996af rpc: new sanity check on relayed transactions (moneromooo-monero)
|
|
34f8c237 simplewallet: fix warning about long payment id using the old option (moneromooo-monero)
|
|
bcb86ae6 wallet_rpc_server: fix inconsistent wallet caches on reload (moneromooo-monero)
|
|
f3425f8d rpc.getblocktemplate: set reserved_offset to zero when reserve_size==0 (stoffu)
|
|
58585986 p2p: fix integer overflow in host bans (moneromooo-monero)
|
|
93bb2f48 ringct: prevent use of full ringct signatures for more than one input (moneromooo-monero)
|
|
2c221d1b wallet2: update estimate_rct_tx_size for smaller rct proofs (moneromooo-monero)
|
|
374f388d wallet_rpc_server: add a all flag to export_outputs (moneromooo-monero)
|
|
e9fac29a unit_tests/long_term_block_weight: some tweaks that seem to make more sense (stoffu)
467f4c7e tests/block_weight: use integer division when computing median (stoffu)
815d08dc tests/block_weight: remove unused MULTIPLIER_SMALL (stoffu)
661f1fb8 blockchain: remove unused calc of short_term_constraint (stoffu)
|
|
bea1918a blockchain_import: error out if preparing to handle blocks fails (moneromooo-monero)
|
|
ffdbcfb6 core: don't check block rate nor fork time in regtest mode (moneromooo-monero)
|
|
5e673c03 blockchain_db: fix db txn ending too early (moneromooo-monero)
|
|
|
|
|
|
|
|
We want to get all blocks here, even pruned ones
|
|
|
|
It will avoid connecting to a daemon (so useful for cold signing
using a RPC wallet), and not perform DNS queries.
|
|
|
|
|
|
|
|
|
|
e78cea74 rpc: fix off by one in get_height (moneromooo-monero)
|
|
c4f8a8a6 build fix: combinator.h stdexcept missing include (Dusan Klinec)
|
|
cbf32241 rpc: make wide_difficulty hexadecimal (moneromooo-monero)
|
|
41901b8d device/trezor: env-configurable ports (Dusan Klinec)
c97a1f79 tests: trezor tests fixes and improvements (Dusan Klinec)
|
|
b40392fb wallet2: add --no-dns flag (moneromooo-monero)
|
|
15f27c80 wallet2: support multi out txes without change in sanity check (moneromooo-monero)
|
|
a2195b9b crypto: replace rand<T>()%N idiom with unbiased rand_idx(N) (stoffu)
|
|
383c38fd fix init warning on whatever compiler version (italocoin)
|
|
c68fe787 device/trezor: add button pressed request (Dusan Klinec)
827f52ad wallet: API changes to enable passphrase entry (Dusan Klinec)
|
|
|
|
This is now obsolete, and this removes the warning on startup
on a new db that confuses some people
|
|
|
|
Coverity 197648
|
|
Coverity 197653
|
|
The db txn in add_block ending caused the entire overarching
batch txn to stop.
Also add a new guard class so a db txn can be stopped in the
face of exceptions.
Also use a read only db txn in init when the db itself is
read only, and do not save the max tx size in that case.
|
|
|
|
rather than from data dir where it normally is.
It makes things like --log-file ./foo.log behave as you'd expect.
|
|
This will weed out some transactions with silly rings
|
|
|
|
Loading the same wallet as the currently loaded one would autosave
the current state after loading it, leading to some kind of rollback
effect. We now save before loading to avoid this. If loading fails,
it means the current wallet will be saved (or maybe not, depending
on where the failure occurs: most of the sanity checks occur before
saving). There is a new autosave_current flag to open/restore calls
so the (enabled by default) autosave can be skipped.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
d843f200 simplewallet: add a welcome/disclaimer message command (moneromooo-monero)
|
|
0575794f console: simple shell over console.py (moneromooo-monero)
047af5c3 console.py: can now connect to several daemons/wallets (moneromooo-monero)
9f9571aa cmake: always detect python, it's neeed for some tests (moneromooo-monero)
8646bd00 functional_tests: exit with 1 if any test fails (moneromooo-monero)
6fd8834d console.py: add tab completion (moneromooo-monero)
04a20cb2 functional_tests: cold signing key images/outputs import/export (moneromooo-monero)
798e3cad functional_tests: add double spend detection tests (moneromooo-monero)
7c657bb2 functional_tests: add alt chains tests (moneromooo-monero)
f8be31d2 functional_tests: add wallet creation language tests (moneromooo-monero)
2d68b31f functional_tests: add more wallet tests (moneromooo-monero)
23f86dad python-rpc: add set_log_level and set_log_categories (moneromooo-monero)
b3a32d55 functional_tests: add describe_transfer tests (moneromooo-monero)
108f4375 console.py: support connecting to any host, not just 127.0.0.1 (moneromooo-monero)
064ab123 functional_tests: add more blockchain related tests (moneromooo-monero)
21b1ac1d functional_tests: add bans tests (moneromooo-monero)
|
|
I saw one when landing on www.tribler.org, and it seemed
like a good idea to have something similar, alongside some
more general "what is monero" text.
|
|
Related to emission, reorgs, getting tx data back, output
distribution and histogram
|
|
0be5b2ee simplewallet: new unset_ring command (moneromooo-monero)
|
|
c12b43cb wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
3f1e9e84 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
36c037ec wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
cd1eaff2 wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
|
|
def40161 miner: fix race when stopping mining with start mining enabled (moneromooo-monero)
|
|
113e4877 blockchain_stats: fix sign in formatting function (moneromooo-monero)
adaea3ea various: remove unused variables (moneromooo-monero)
631ef00e blockchain: some debug info when adding txes-from-block fails (moneromooo-monero)
|
|
83fc45a4 Add NanoX support (cslashm)
|
|
eda2661a Allow pruning before v10 (moneromooo-monero)
|
|
c746f45d Add hash of top block to /getheight RPC (Howard Chu)
|
|
a2561653 wallet: new option to start background mining (moneromooo-monero)
|
|
aff80e70 blockchain: fix returned height in create_block_template (moneromooo-monero)
|
|
displays total sent and received bytes
|
|
07b716bf util: name replace_file arguments better (moneromooo-monero)
|
|
c2f271d1 device/trezor: increase live-refresh timeout (Dusan Klinec)
|
|
089c7637 cryptonote: rework block blob size sanity check (moneromooo-monero)
|
|
|
|
if we don't want to export new outputs only
|
|
|
|
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
|
|
|
|
Coverity 197562
|
|
|
|
|
|
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
|
|
|
|
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
|
|
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.
This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
|
|
|
|
b0c552f5 cryptonote_protocol_handler: add block/tx hashes in notify logs (moneromooo-monero)
|
|
a299dc96 rpc.gettransactions: fill as_json with partial tx in pruned mode (stoffu)
|
|
050bb337 wallet2: factor the watchonly/multisig/etc fields on creation (moneromooo-monero)
|
|
d45b85e1 wallet2: skip derivation precalc for blocks we know we'll skip (moneromooo-monero)
|
|
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
|
|
678262ab wallet_rpc_server: allow english/local language names in create_wallet (moneromooo-monero)
|
|
5e1a3e48 lmdb: fix size_t size issues on 32 bit (moneromooo-monero)
|
|
cafa15b9 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
|
|
849a768f perf_timer: move some debug levels to info for consistency (moneromooo-monero)
|
|
16eda54b wallet: use original user address if we have a short payment id (moneromooo-monero)
|
|
|
|
This should be friendlier for clients which don't have bignum support
|
|
Use the actual block weight limit, assuming that weight is always
greater or equal to size
|
|
The setup-background-mining option can be used to select
background mining when a wallet loads. The user will be asked
the first time the wallet is created.
|
|
|
|
|
|
|
|
|
|
|
|
Useful when debugging, though not much for users
|