Commit Graph

5650 Commits

Author SHA1 Message Date
Lee Clagett
2e578b8214 Enabling daemon-rpc SSL now requires non-system CA verification
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
2019-04-07 13:02:43 -04:00
Lee Clagett
d58f368289 Require manual override for user chain certificates.
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
2019-04-07 00:44:37 -04:00
Lee Clagett
21eb1b0725 Pass SSL arguments via one class and use shared_ptr instead of reference 2019-04-07 00:44:37 -04:00
Lee Clagett
1f5ed328aa Change default SSL to "enabled" if user specifies fingerprint/certificate
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
2019-04-06 23:47:07 -04:00
Lee Clagett
a3b0284837 Change SSL certificate file list to OpenSSL builtin load_verify_location
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.

This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
2019-04-06 23:47:06 -04:00
moneromooo-monero
e8cf7dcc2b
rpc: merge the two get_info implementations 2019-04-06 14:04:24 +00:00
Riccardo Spagni
3759e2359f
Merge pull request #5360
b0c552f5 cryptonote_protocol_handler: add block/tx hashes in notify logs (moneromooo-monero)
2019-04-06 16:03:13 +02:00
Riccardo Spagni
18ceac9ca5
Merge pull request #5351
a299dc96 rpc.gettransactions: fill as_json with partial tx in pruned mode (stoffu)
2019-04-06 16:01:44 +02:00
Riccardo Spagni
c7e536db23
Merge pull request #5350
050bb337 wallet2: factor the watchonly/multisig/etc fields on creation (moneromooo-monero)
2019-04-06 16:00:40 +02:00
Riccardo Spagni
cd8fe937ad
Merge pull request #5347
d45b85e1 wallet2: skip derivation precalc for blocks we know we'll skip (moneromooo-monero)
2019-04-06 15:59:56 +02:00
Riccardo Spagni
4ac78e1612
Merge pull request #5346
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
2019-04-06 15:59:43 +02:00
Riccardo Spagni
7e5651c346
Merge pull request #5345
678262ab wallet_rpc_server: allow english/local language names in create_wallet (moneromooo-monero)
2019-04-06 15:59:10 +02:00
Riccardo Spagni
c61b3f0ead
Merge pull request #5344
5e1a3e48 lmdb: fix size_t size issues on 32 bit (moneromooo-monero)
2019-04-06 15:58:50 +02:00
Riccardo Spagni
9e72f785d6
Merge pull request #5343
cafa15b9 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
2019-04-06 15:58:25 +02:00
Riccardo Spagni
6f8e0a28b2
Merge pull request #5342
849a768f perf_timer: move some debug levels to info for consistency (moneromooo-monero)
2019-04-06 15:57:50 +02:00
Riccardo Spagni
e1f0e6da5c
Merge pull request #5340
16eda54b wallet: use original user address if we have a short payment id (moneromooo-monero)
2019-04-06 15:56:52 +02:00
stoffu
a299dc96f7
rpc.gettransactions: fill as_json with partial tx in pruned mode 2019-04-04 18:08:01 +09:00
selsta
8bb253b0db
libwallet_merged: add missing net target 2019-04-02 21:22:51 +02:00
stoffu
d3018d0f0b
api/wallet: fix some wrong namespace 2019-04-02 10:11:49 +09:00
Riccardo Spagni
b6726aaa6c
Merge pull request #5319
f825055d wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
67aa4adc wallet_rpc_server: add a set_daemon RPC (moneromooo-monero)
705acbac wallet2: init some variables to default values if loading old wallets (moneromooo-monero)
f82bc29e wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
01efdc6a wallet_rpc_server: set confirmations to 0 for pending/pool txes (moneromooo-monero)
2019-04-01 20:56:52 +02:00
moneromooo-monero
f825055d22
wallet_rpc_server: error out on getting the spend key from a hot wallet 2019-04-01 16:03:29 +00:00
moneromooo-monero
67aa4adcfc
wallet_rpc_server: add a set_daemon RPC 2019-04-01 16:03:25 +00:00
moneromooo-monero
705acbac4d
wallet2: init some variables to default values if loading old wallets 2019-04-01 16:03:23 +00:00
moneromooo-monero
f82bc29ec2
wallet_rpc_server: always fill out subaddr_indices in get_transfers
It was not filled out for in and pool types
2019-04-01 16:03:20 +00:00
moneromooo-monero
01efdc6a7e
wallet_rpc_server: set confirmations to 0 for pending/pool txes 2019-04-01 16:03:17 +00:00
Riccardo Spagni
0eb2c7b272
Merge pull request #5339
9f49722c Fix build on FreeBSD (Nathan Dorfman)
2019-04-01 17:37:14 +02:00
Riccardo Spagni
6e0242f861
Merge pull request #5334
19f8089f p2p: don't lookup seed nodes when offline (moneromooo-monero)
2019-04-01 17:37:01 +02:00
Riccardo Spagni
286dec012d
Merge pull request #5333
18faa6da wallet: add freeze/thaw/frozen commands (moneromooo-monero)
2019-04-01 17:36:16 +02:00
Riccardo Spagni
b8ab510f23
Merge pull request #5332
7c440915 Add get_tx_proof support, needed for new sanity check (cslashm)
98fdcb2a Add support for V11 protocol with BulletProofV2 and short amount. New scheme key destination contrfol Fix dummy decryption in debug mode (cslashm)
3a981a33 Add application version compatibility check. (cslashm)
2019-04-01 17:35:12 +02:00
Riccardo Spagni
3b52940471
Merge pull request #5349
f1a3796a wallet2: fix tx sanity check change test for the sweep_all case (moneromooo-monero)
2019-04-01 17:34:43 +02:00
Riccardo Spagni
29e4e70f30
Merge pull request #5352
ae6885f6 blockchain: incremental long term block weight cache (moneromooo-monero)
9b687c78 blockchain: simple cache for the long term block weights (moneromooo-monero)
2019-04-01 17:34:02 +02:00
Riccardo Spagni
3b1fa543ca
Merge pull request #5329
023f2c77 wallet_rpc_server: remove mixin from transfer RPCs (moneromooo-monero)
2019-04-01 17:32:20 +02:00
Riccardo Spagni
1ed6441925
Merge pull request #5327
c23ea796 New interactive daemon command 'print_net_stats': Global traffic stats (rbrunner7)
2019-04-01 17:32:01 +02:00
Riccardo Spagni
a69b71dc41
Merge pull request #5326
dc20d774 rpc: add miner tx hash to block header response (moneromooo-monero)
2019-04-01 17:31:36 +02:00
Riccardo Spagni
4f3f15edba
Merge pull request #5325
760d3a2a daemon: init public_port in all ctors (moneromooo-monero)
2019-04-01 17:31:17 +02:00
Riccardo Spagni
13f414cb9f
Merge pull request #5322
85f2f8c9 Fix daemon startup parameter '--limit-rate' processing after parameter defaults (rbrunner7)
2019-04-01 17:31:01 +02:00
Riccardo Spagni
55d7eb06a8
Merge pull request #5317
1730a44f core: improve block rate monitor trigger probabilities (moneromooo-monero)
2019-04-01 17:28:55 +02:00
Riccardo Spagni
97831e5f8b
Merge pull request #5308
a7211793 rpc: quantize db size up to 5 GB in restricted mode (moneromooo-monero)
2019-04-01 17:27:56 +02:00
Riccardo Spagni
5a71fb74f0
Merge pull request #5307
e99b2b12 simplewallet: make the long payment ids warnigns more warney (moneromooo-monero)
2019-04-01 17:27:25 +02:00
Riccardo Spagni
c994dc7ec0
Merge pull request #5306
8a97563a Use threadpool instead of new threads for DNS queries (Howard Chu)
2019-04-01 17:27:09 +02:00
Riccardo Spagni
8b57e33789
Merge pull request #5305
4500236f wallet2: make use_fork_rules handle chain heights lower than leeway (moneromooo-monero)
2019-04-01 17:26:23 +02:00
Riccardo Spagni
30a3a73609
Merge pull request #5303
0a6cb30d wallet: flush output cache upon reorg (moneromooo-monero)
2019-04-01 17:26:10 +02:00
Riccardo Spagni
94880540e7
Merge pull request #5302
23fb056a wallet_rpc_server: new auto_refresh RPC (moneromooo-monero)
2019-04-01 17:25:53 +02:00
Riccardo Spagni
b09f1bdb8f
Merge pull request #5299
4ee15655 wallet_rpc_server: fix buffer read overflow in string assignment (moneromooo-monero)
2019-04-01 17:24:33 +02:00
Riccardo Spagni
4a06b3ee62
Merge pull request #5298
8fd7452b wallet: move light wallet RPC out of core RPC (moneromooo-monero)
2019-04-01 17:24:13 +02:00
Riccardo Spagni
f13d38350a
Merge pull request #5297
a8b98a0b wallet: fix memory only wallets (moneromooo-monero)
2019-04-01 17:23:37 +02:00
Riccardo Spagni
89fb0e3cd6
Merge pull request #5295
2b10f22a mnemonics: fix half length seed to bytes conversion (moneromooo-monero)
2019-04-01 17:23:25 +02:00
Riccardo Spagni
cabd848efa
Merge pull request #5294
77e9815d blockchain: do not try to pop the genesis block (moneromooo-monero)
2019-04-01 17:22:51 +02:00
Riccardo Spagni
6cb0a26d9d
Merge pull request #5292
328d291f wallet2: set seed language when creating from json (moneromooo-monero)
2019-04-01 17:22:22 +02:00
Riccardo Spagni
a6b798e72f
Merge pull request #5291
a52366c1 wallet2: fix generation from json when restore height is not set (moneromooo-monero)
2019-04-01 17:21:14 +02:00