monero/contrib/epee/include/net
Martijn Otto 057c279cb4
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-03-05 14:16:08 +01:00
..
abstract_tcp_server2.h epee: add SSL support 2019-03-05 14:16:08 +01:00
abstract_tcp_server2.inl epee: add SSL support 2019-03-05 14:16:08 +01:00
abstract_tcp_server_cp.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
abstract_tcp_server_cp.inl abstracted nework addresses 2017-05-27 11:35:54 +01:00
abstract_tcp_server.h add empty container sanity checks when using front() and back() 2017-12-18 15:15:40 +00:00
buffer.h epee: better network buffer data structure 2018-12-23 16:46:07 +00:00
connection_basic.hpp epee: add SSL support 2019-02-02 20:05:33 +00:00
enums.h Adding initial support for broadcasting transactions over Tor 2019-01-28 23:56:33 +00:00
http_auth.h Update 2018 copyright 2018-01-26 10:03:20 -05:00
http_base.h Fix file permission issue 2017-11-03 11:27:50 -04:00
http_client_base.h move includes around to lessen overall load 2017-12-16 22:46:38 +00:00
http_client_via_api_helper.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
http_client.h epee: add SSL support 2019-03-05 14:16:08 +01:00
http_protocol_handler.h wallet-rpc: added IPs to error logging in simple_http_connection_handler 2018-06-13 15:41:51 +10:00
http_protocol_handler.inl epee: Add space after ':' in additional http response headers 2019-02-18 14:56:28 +01:00
http_server_cp2.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
http_server_cp.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
http_server_handlers_map2.h rpc: fix internal daemon calls in restricted rpc getting partial data 2019-01-28 19:35:20 +00:00
http_server_impl_base.h epee: add SSL support 2019-03-05 14:16:08 +01:00
http_server_thread_per_connect.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_protocol_handler.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_server_handlers_map.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_server_impl_base.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_structs.h default initialize rpc structures 2019-03-04 22:38:03 +00:00
levin_base.h epee: better network buffer data structure 2018-12-23 16:46:07 +00:00
levin_client_async.h Changed RECIEVED to RECEIVED in log messages. 2018-12-04 07:27:08 +01:00
levin_client_async.inl moved all stuff to github 2014-03-03 22:07:58 +00:00
levin_client.h epee: better network buffer data structure 2018-12-23 16:46:07 +00:00
levin_client.inl epee: better network buffer data structure 2018-12-23 16:46:07 +00:00
levin_helper.h epee: fix network packet header field endianness 2018-12-04 15:14:32 +00:00
levin_protocol_handler_async.h Merge pull request #4976 2019-01-16 19:04:22 +02:00
levin_protocol_handler.h epee: fix network packet header field endianness 2018-12-04 15:14:32 +00:00
levin_server_cp2.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
levin_server_cp.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
local_ip.h epee: fix detection of 172.16.0.0/172.31.255.255 local IP range 2018-06-01 21:47:21 +01:00
multiprotocols_server.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
munin_connection_handler.h Spelling in errors 2016-12-04 20:12:40 +01:00
munin_node_server.h year updated in license 2015-01-02 18:52:46 +02:00
net_helper.h epee: add SSL support 2019-03-05 14:16:08 +01:00
net_parse_helpers.h net_parse_helpers: fix regex error checking 2017-12-18 15:15:52 +00:00
net_ssl.h epee: add SSL support 2019-03-05 14:16:08 +01:00
net_utils_base.h Merge pull request #5091 2019-03-04 21:20:34 +02:00
network_throttle-detail.hpp network_throttle: use circular_buffer where appropriate 2019-02-01 21:33:13 +00:00
network_throttle.hpp Update 2018 copyright 2018-01-26 10:03:20 -05:00
protocol_switcher.h year updated in license 2015-01-02 18:52:46 +02:00
rpc_method_name.h year updated in license 2015-01-02 18:52:46 +02:00
smtp_helper.h year updated in license 2015-01-02 18:52:46 +02:00
smtp.h year updated in license 2015-01-02 18:52:46 +02:00
smtp.inl year updated in license 2015-01-02 18:52:46 +02:00