Commit Graph

9037 Commits

Author SHA1 Message Date
anonimal
cd57a10c90
epee: abstract_tcp_server2: resolve CID 203919 (DC.WEAK_CRYPTO)
The problem actually exists in two parts:

1. When sending chunks over a connection, if the queue size is
greater than N, the seed is predictable across every monero node.

>"If rand() is used before any calls to srand(), rand() behaves as if
it was seeded with srand(1). Each time rand() is seeded with the same seed, it
must produce the same sequence of values."

2. The CID speaks for itself: "'rand' should not be used for security-related
applications, because linear congruential algorithms are too easy to break."

*But* this is an area of contention.

One could argue that a CSPRNG is warranted in order to fully mitigate any
potential timing attacks based on crafting chunk responses. Others could argue
that the existing LCG, or even an MTG, would suffice (if properly seeded). As a
compromise, I've used an MTG with a full bit space. This should give a healthy
balance of security and speed without relying on the existing crypto library
(which I'm told might break on some systems since epee is not (shouldn't be)
dependent upon the existing crypto library).
2019-09-08 01:14:39 +00:00
iDunk5400
ab2819a365
depends: attempt to fix readline
Make readline actually compile, and make ncurses use existing terminfo data (if available).
2019-09-07 22:02:11 +02:00
anonimal
d46f701515
tests: rct_mlsag: resolve CID 203914 (UNINIT_CTOR) 2019-09-07 00:38:49 +00:00
anonimal
d099658522
bootstrap_daemon: resolve CID 203915 (UNCAUGHT_EXCEPT)
The issue is triggered by the captured `this` in RPC server, which
passes reference to throwable `core_rpc_server`:

`core_rpc_server.cpp:164: m_bootstrap_daemon.reset(new bootstrap_daemon([this]{ return get_random_public_node(); }));`

The solution is to simply remove noexcept from the remaining `bootstrap_daemon`
constructors because noexcept is false in this context.

>"An exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::asio::invalid_service_owner>>" is thrown but the throw list "noexcept" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate()."
2019-09-07 00:29:09 +00:00
anonimal
2825f07d95
epee: connection_basic: resolve CID 203916 (UNINIT_CTOR) 2019-09-06 23:18:00 +00:00
anonimal
1bd962d9f9
wallet2: resolve CID 203918 null pointer deference (NULL_RETURNS) 2019-09-06 23:11:37 +00:00
anonimal
3a816398b3
epee: connection_basic: resolve CID 203920 (UNINIT_CTOR) 2019-09-06 22:48:16 +00:00
moneromooo-monero
ae32862604
README: fix master branch spelling, it is not Master 2019-09-06 12:30:31 +00:00
Lev Sizov
928f4be953 Make null hash constants constexpr
Simplify m_template initialization in miner
2019-09-05 17:37:19 +02:00
Martijn Otto
7de6671dc2
Add the iwyu target to get information on unused headers
With this change, building the iwyu target will provide information
on unused headers, which can be removed to reduce compilation times.
2019-09-05 17:27:12 +02:00
moneromooo-monero
2ec455df1f
wallet: fix mismatch between two concepts of "balance"
One considers the blockchain, while the other considers the
blockchain and some recent actions, such as a recently created
transaction which spend some outputs, but isn't yet mined.

Typically, the "balance" command wants the latter, to reflect
the recent action, but things like proving ownership wants
the former.

This fixes a crash in get_reserve_proof, where a preliminary
check and the main code used two concepts of "balance".
2019-09-05 11:19:34 +00:00
moneromooo-monero
340774341f
wallet_rpc_server: add locked field to get_transfers/get_{bulk_,}_payments
Much easier to work with than the raw unlock_time field
2019-09-05 10:54:57 +00:00
moneromooo-monero
bc1144e98e
Fix IP address serialization on big endian
IP addresses are stored in network byte order even on little
endian hosts
2019-09-04 14:54:01 +00:00
moneromooo-monero
c1fa4a7f8c
boost: fix little/big endian compatibility
When no little/big endian flag is given to the writer, it stores
data in host endianness. When loading, if no flag is set, it also
assumes host endianness. This works as long as the loading and
writing are done on machines with the same endianness.

We change this to default to little endian when saving. This will
cause the loader to see the little endian flag, and swap endianness
when loading on a big endian machine. Similarly, writing on a big
endian machine will swap on save, and a little endian machine will
load little endian data.
2019-09-04 14:54:00 +00:00
moneromooo-monero
54fd97ae3f
slow-hash: fix CNv2+ on big endian 2019-09-04 14:53:59 +00:00
moneromooo-monero
4672b5cea9
db_lmdb: print percentages as percentages, not ratios 2019-09-04 14:53:59 +00:00
moneromooo-monero
0e2fda5bf0
unit_tests: fix levin unit test on big endian 2019-09-04 14:53:58 +00:00
moneromooo-monero
516f7b9de0
storages: fix "portable" storage on big endian 2019-09-04 14:53:57 +00:00
moneromooo-monero
32c3834948
storages: fix writing varints on big endian 2019-09-04 14:53:57 +00:00
moneromooo-monero
bdda084651
epee: fix local/loopback checks on big endian
IPv4 addresses are kept in network byte order in memory
2019-09-04 14:53:56 +00:00
moneromooo-monero
d046ca1db0
difficulty: fix check_hash on big endian 2019-09-04 14:53:53 +00:00
luigi1111
1b93cb74bb
Merge pull request #5824
2a41dc0 epee: fix connections not being properly closed in some instances (moneromooo-monero)
2019-09-04 09:40:21 -05:00
luigi1111
a567e884b2
Merge pull request #5822
839fc62 reject setting lookahead major or minor to 0 (moneromoo-monero)
2019-09-04 09:39:07 -05:00
luigi1111
e4f11a68fe
Merge pull request #5819
07cb087 blockchain: Fix alt chain generated coins overflow (iamamyth)
2019-09-04 09:37:32 -05:00
luigi1111
6fe281d315
Merge pull request #5814
bdcdb0e Remove unused code under WINDWOS_PLATFORM guard (tomsmeding)
a84aa04 syncobj.h no longer defines shared_guard, so remove those define's (tomsmeding)
2019-09-04 09:30:29 -05:00
luigi1111
902e4b6ebf
Merge pull request #5806
69465e3 cryptonote_protocol: fix '--no-sync', ignore new blocks and txes (xiphon)
2019-09-04 09:28:22 -05:00
luigi1111
0198b76217
Merge pull request #5799
082730b daemon: automatic public nodes discovering and bootstrap daemon switching (xiphon)
2019-09-04 09:27:02 -05:00
luigi1111
2acd3cee8c
Merge pull request #5796
e3cff3d Gitian build script fixes for MacOS (jonathancross)
2019-09-04 09:23:15 -05:00
luigi1111
101c9678a5
Merge pull request #5764
f26e663 Gitian build (mac, linux): gzip => bzip2 (jonathancross)
2019-09-04 09:21:27 -05:00
luigi1111
23547e6ed6
Merge pull request #5536
1a367d6 simplewallet: lock console on inactivity (moneromooo-monero)
2019-09-04 09:18:38 -05:00
moneromooo-monero
11fa442637
Makefile: add a top level debug target for ASAN 2019-09-04 12:11:44 +00:00
Lev Sizov
4ad191ffa9 Removed unused boost/value_init header 2019-09-02 14:38:29 +02:00
Jesus Ramirez
2cd4fd8972 Changed the use of boost:value_initialized for C++ list initializer 2019-09-02 14:16:29 +02:00
moneromooo-monero
a5c7eebaea
unit_tests: fix build with CLANG 8 and boost 1.69 2019-08-30 11:43:03 +00:00
luigi1111
98af2e954b
Merge pull request #5793
bdfc63a Add ref-counted buffer byte_slice. Currently used for sending TCP data. (vtnerd)
3b24b1d Added support for 'noise' over I1P/Tor to mask Tx transmission. (vtnerd)
2019-08-29 14:36:41 -05:00
moneromooo-monero
0c558378ed
contrib: add a suppressions file for leak sanitizer
with the Cryptonight per-thread buffer
2019-08-29 11:11:59 +00:00
stoffu
f380f69c69
simplewallet: warn if invalid default ring size is set and actually ignore the setting 2019-08-29 15:55:53 +09:00
moneromooo-monero
1a367d6a22
simplewallet: lock console on inactivity 2019-08-28 19:01:48 +00:00
moneromooo-monero
495a7e5b97
rpc: don't include an address in mining_status when not mining
Best case is an address mined previously and it'll get returned,
worst case it was never initialized in the first place
2019-08-28 16:02:37 +00:00
moneromooo-monero
83ca76435b
wallet_rpc_server: call deinit on exit 2019-08-28 15:59:33 +00:00
moneromooo-monero
6e46b06308
cmake: ensure PYTHON_EXECUTABLE is set 2019-08-28 15:56:32 +00:00
moneromooo-monero
1f1fff2679
daemon: print mining algorithm in mining_status even when not mining 2019-08-28 15:55:31 +00:00
moneromooo-monero
21f6c80fcd
rpc: move a leftover light wallet RPC out of daemon RPC 2019-08-28 15:51:28 +00:00
moneromooo-monero
19bfe7e5ab
simplewallet: fix warnings about useless std::move 2019-08-28 15:13:50 +00:00
moneromooo-monero
11f13da8b4
blockchain: fix logging bad number of blocks if first one fails 2019-08-28 14:53:29 +00:00
Tom Smeding
6bbc646e6f Fix bug in mempool get_transaction_stats histogram calculation
The 98th percentile position in the agebytes map was incorrectly
calculated: it assumed the transactions in the mempool all have unique
timestamps at second-granularity. This commit fixes this by correctly
finding the right cumulative number of transactions in the map suffix.

This bug could lead to an out-of-bounds write in the rare case that
all transactions in the mempool were received (and added to the mempool)
at a rate of at least 50 transactions per second. (More specifically,
the number of *unique* receive_time values, which have second-
granularity, must be at most 2% of the number of transactions in the
mempool for this crash to trigger.) If this condition is satisfied, 'it'
points to *before* the agebytes map, 'delta' gets a nonsense value, and
the value of 'i' in the first stats.histo-filling loop will be out of
bounds of stats.histo.
2019-08-28 16:46:31 +02:00
luigi1111
85014813cf
Merge pull request #5707
3a0451a MLSAG speedup and additional checks (SarangNoether)
2019-08-28 02:22:00 -05:00
luigi1111
46c1198fd7
Merge pull request #5844
a7d1577 build: fix depends Travis ncurses build, don't wipe CONFIG_SHELL (xiphon)
2019-08-27 15:23:08 -05:00
Sarang Noether
3a0451a8be MLSAG speedup and additional checks 2019-08-27 16:22:44 -04:00
luigi1111
174c3a05f6
Merge pull request #5820
ac0a229 Fix Android build in Docker (hyperreality)
2019-08-27 15:22:08 -05:00