monero/contrib/epee/include/net
anonimal cd57a10c90
epee: abstract_tcp_server2: resolve CID 203919 (DC.WEAK_CRYPTO)
The problem actually exists in two parts:

1. When sending chunks over a connection, if the queue size is
greater than N, the seed is predictable across every monero node.

>"If rand() is used before any calls to srand(), rand() behaves as if
it was seeded with srand(1). Each time rand() is seeded with the same seed, it
must produce the same sequence of values."

2. The CID speaks for itself: "'rand' should not be used for security-related
applications, because linear congruential algorithms are too easy to break."

*But* this is an area of contention.

One could argue that a CSPRNG is warranted in order to fully mitigate any
potential timing attacks based on crafting chunk responses. Others could argue
that the existing LCG, or even an MTG, would suffice (if properly seeded). As a
compromise, I've used an MTG with a full bit space. This should give a healthy
balance of security and speed without relying on the existing crypto library
(which I'm told might break on some systems since epee is not (shouldn't be)
dependent upon the existing crypto library).
2019-09-08 01:14:39 +00:00
..
abstract_tcp_server2.h Add IPv6 support 2019-07-31 20:04:57 -04:00
abstract_tcp_server2.inl epee: abstract_tcp_server2: resolve CID 203919 (DC.WEAK_CRYPTO) 2019-09-08 01:14:39 +00:00
abstract_tcp_server_cp.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
abstract_tcp_server_cp.inl abstracted nework addresses 2017-05-27 11:35:54 +01:00
abstract_tcp_server.h add empty container sanity checks when using front() and back() 2017-12-18 15:15:40 +00:00
buffer.h epee: better network buffer data structure 2018-12-23 16:46:07 +00:00
connection_basic.hpp Added support for "noise" over I1P/Tor to mask Tx transmission. 2019-07-17 14:22:37 +00:00
enums.h Added support for "noise" over I1P/Tor to mask Tx transmission. 2019-07-17 14:22:37 +00:00
http_auth.h Update 2019 copyright 2019-03-05 22:05:34 +01:00
http_base.h Fix file permission issue 2017-11-03 11:27:50 -04:00
http_client_base.h move includes around to lessen overall load 2017-12-16 22:46:38 +00:00
http_client_via_api_helper.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
http_client.h wallet: new --offline option 2019-04-15 09:14:12 +00:00
http_protocol_handler.h wallet-rpc: added IPs to error logging in simple_http_connection_handler 2018-06-13 15:41:51 +10:00
http_protocol_handler.inl Add ref-counted buffer byte_slice. Currently used for sending TCP data. 2019-07-16 16:30:35 +00:00
http_server_cp2.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
http_server_cp.h Change logging to easylogging++ 2017-01-16 00:25:46 +00:00
http_server_handlers_map2.h Bans for RPC connections 2019-06-16 11:38:08 +01:00
http_server_impl_base.h Add IPv6 support 2019-07-31 20:04:57 -04:00
http_server_thread_per_connect.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_protocol_handler.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_server_handlers_map.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_server_impl_base.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
jsonrpc_structs.h default initialize rpc structures 2019-03-04 22:38:03 +00:00
levin_base.h Added support for "noise" over I1P/Tor to mask Tx transmission. 2019-07-17 14:22:37 +00:00
levin_client_async.h Changed RECIEVED to RECEIVED in log messages. 2018-12-04 07:27:08 +01:00
levin_client_async.inl moved all stuff to github 2014-03-03 22:07:58 +00:00
levin_client.h epee: better network buffer data structure 2018-12-23 16:46:07 +00:00
levin_client.inl epee: better network buffer data structure 2018-12-23 16:46:07 +00:00
levin_helper.h epee: fix network packet header field endianness 2018-12-04 15:14:32 +00:00
levin_protocol_handler_async.h Merge pull request #5824 2019-09-04 09:40:21 -05:00
levin_protocol_handler.h Add ref-counted buffer byte_slice. Currently used for sending TCP data. 2019-07-16 16:30:35 +00:00
levin_server_cp2.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
levin_server_cp.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
local_ip.h Add IPv6 support 2019-07-31 20:04:57 -04:00
multiprotocols_server.h move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
munin_connection_handler.h Spelling in errors 2016-12-04 20:12:40 +01:00
munin_node_server.h year updated in license 2015-01-02 18:52:46 +02:00
net_fwd.h Add ssl_options support to monerod's rpc mode. 2019-05-22 00:09:11 -04:00
net_helper.h Added support for "noise" over I1P/Tor to mask Tx transmission. 2019-07-17 14:22:37 +00:00
net_parse_helpers.h Add IPv6 support 2019-07-31 20:04:57 -04:00
net_ssl.h net_ssl: SSL config tweaks for compatibility and security 2019-05-07 10:01:42 +00:00
net_utils_base.h Add IPv6 support 2019-07-31 20:04:57 -04:00
network_throttle-detail.hpp New interactive daemon command 'print_net_stats': Global traffic stats 2019-03-24 16:58:57 +01:00
network_throttle.hpp New interactive daemon command 'print_net_stats': Global traffic stats 2019-03-24 16:58:57 +01:00
protocol_switcher.h year updated in license 2015-01-02 18:52:46 +02:00
rpc_method_name.h year updated in license 2015-01-02 18:52:46 +02:00
smtp_helper.h year updated in license 2015-01-02 18:52:46 +02:00
smtp.h year updated in license 2015-01-02 18:52:46 +02:00
smtp.inl year updated in license 2015-01-02 18:52:46 +02:00