Commit Graph

1142 Commits

Author SHA1 Message Date
Riccardo Spagni
77f9bfa4d5
Merge pull request #5493
5e0da6fb change SSL certificate fingerprint whitelisting from SHA1 to SHA-256 (moneromooo-monero)
2019-05-02 11:30:28 +02:00
Riccardo Spagni
efd2412e77
Merge pull request #5489
64983fce wallet2: default to trying to keep 5 outputs of 2+ monero (moneromooo-monero)
2019-05-02 11:29:25 +02:00
moneromooo-monero
1c44e65863
wallet2: reject standalone short payment IDs in monero: URI API 2019-05-01 18:41:39 +00:00
moneromooo-monero
1a66a86f94
remove unused code 2019-04-29 20:52:40 +00:00
moneromooo-monero
b4ca72dde9
wallet2: fix infinite loop picking outputs in corner case
If we have fewer outputs available on the chain than what we
require, but the output we're spending already has a ring,
it would loop picking outputs randomly, but never find enough.
Also tune logs for better debugging this kind of thing.
2019-04-29 10:02:20 +00:00
moneromooo-monero
5e0da6fb68
change SSL certificate fingerprint whitelisting from SHA1 to SHA-256
SHA1 is too close to bruteforceable
2019-04-26 11:37:15 +00:00
Riccardo Spagni
581994b61c
Merge pull request #5486
4be18df3 tx_sanity_check: relax uniqueness check a bit (moneromooo-monero)
b386ae57 wallet2: add missing "sanity check failed" reason message (moneromooo-monero)
2019-04-24 22:41:40 +02:00
Riccardo Spagni
2e2ee3d823
Merge pull request #5485
c519d1df wallet2: fix wrong change being recorded in sweep_all (moneromooo-monero)
2019-04-24 22:41:18 +02:00
moneromooo-monero
64983fcee4
wallet2: default to trying to keep 5 outputs of 2+ monero
In the case where previously a second unneeded output would be
added to a transaction. This should help *some* of the cases
where outputs are slowly being consolidated, leading to the
whole balance being locked when sending monero.
2019-04-24 12:25:43 +00:00
moneromooo-monero
df83ed74e4
consensus: from v12, enforce >= 2 outputs 2019-04-23 22:09:35 +00:00
moneromooo-monero
b386ae5725
wallet2: add missing "sanity check failed" reason message 2019-04-23 21:59:57 +00:00
moneromooo-monero
c519d1df34
wallet2: fix wrong change being recorded in sweep_all
leading to the sanity check triggering
2019-04-23 21:58:55 +00:00
Dusan Klinec
97e1c9278c
wallet: fix key image computation signaling to the device 2019-04-22 16:14:50 +02:00
moneromooo-monero
588e670089
simplewallet: fix output representation offset 2019-04-18 15:14:41 +00:00
moneromooo-monero
35e0a968bd
wallet2: "output lineup" fake out selection
Based on python code by sarang:
https://github.com/SarangNoether/skunkworks/blob/outputs/outputs/simulate.py
2019-04-18 15:14:38 +00:00
Riccardo Spagni
c8ce4217cf
Merge pull request #5445
b18f0b10 wallet: new --offline option (moneromooo-monero)
2019-04-16 22:46:53 +02:00
Riccardo Spagni
1f01070a0c
Merge pull request #5434
ccb996af rpc: new sanity check on relayed transactions (moneromooo-monero)
2019-04-16 22:41:40 +02:00
Riccardo Spagni
8966ac314c
Merge pull request #5422
2c221d1b wallet2: update estimate_rct_tx_size for smaller rct proofs (moneromooo-monero)
2019-04-16 22:38:11 +02:00
Riccardo Spagni
96696d1e75
Merge pull request #5418
374f388d wallet_rpc_server: add a all flag to export_outputs (moneromooo-monero)
2019-04-16 22:37:52 +02:00
moneromooo-monero
b18f0b1051
wallet: new --offline option
It will avoid connecting to a daemon (so useful for cold signing
using a RPC wallet), and not perform DNS queries.
2019-04-15 09:14:12 +00:00
Riccardo Spagni
8bf0a3f123
Merge pull request #5396
b40392fb wallet2: add --no-dns flag (moneromooo-monero)
2019-04-15 09:17:26 +02:00
Riccardo Spagni
98f4c8af98
Merge pull request #5395
15f27c80 wallet2: support multi out txes without change in sanity check (moneromooo-monero)
2019-04-15 09:17:07 +02:00
Riccardo Spagni
89b8ecfc7c
Merge pull request #5392
a2195b9b crypto: replace rand<T>()%N idiom with unbiased rand_idx(N) (stoffu)
2019-04-15 09:14:28 +02:00
Riccardo Spagni
37aea526a9
Merge pull request #5355
c68fe787 device/trezor: add button pressed request (Dusan Klinec)
827f52ad wallet: API changes to enable passphrase entry (Dusan Klinec)
2019-04-15 09:12:20 +02:00
moneromooo-monero
ccb996afc6
rpc: new sanity check on relayed transactions
This will weed out some transactions with silly rings
2019-04-12 20:22:09 +00:00
moneromooo-monero
2c221d1b6c
wallet2: update estimate_rct_tx_size for smaller rct proofs 2019-04-11 17:31:18 +00:00
Riccardo Spagni
5db72d12b4
Merge pull request #5388
0be5b2ee simplewallet: new unset_ring command (moneromooo-monero)
2019-04-11 13:05:43 +02:00
Riccardo Spagni
5c02316598
Merge pull request #5382
c12b43cb wallet: add number of blocks required for the balance to fully unlock (moneromooo-monero)
3f1e9e84 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
36c037ec wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
cd1eaff2 wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
2019-04-11 13:03:55 +02:00
Riccardo Spagni
3a4008f0fc
Merge pull request #5374
a2561653 wallet: new option to start background mining (moneromooo-monero)
2019-04-11 13:01:30 +02:00
moneromooo-monero
9f8dc4ce51
simplewallet: new net_stats command
displays total sent and received bytes
2019-04-11 10:46:41 +00:00
moneromooo-monero
374f388de2
wallet_rpc_server: add a all flag to export_outputs
if we don't want to export new outputs only
2019-04-10 10:37:34 +00:00
Lee Clagett
2e578b8214 Enabling daemon-rpc SSL now requires non-system CA verification
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
2019-04-07 13:02:43 -04:00
Dusan Klinec
c68fe7873b
device/trezor: add button pressed request 2019-04-07 13:35:49 +02:00
Lee Clagett
d58f368289 Require manual override for user chain certificates.
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
2019-04-07 00:44:37 -04:00
Lee Clagett
21eb1b0725 Pass SSL arguments via one class and use shared_ptr instead of reference 2019-04-07 00:44:37 -04:00
Lee Clagett
1f5ed328aa Change default SSL to "enabled" if user specifies fingerprint/certificate
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
2019-04-06 23:47:07 -04:00
Lee Clagett
a3b0284837 Change SSL certificate file list to OpenSSL builtin load_verify_location
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.

This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
2019-04-06 23:47:06 -04:00
Riccardo Spagni
c7e536db23
Merge pull request #5350
050bb337 wallet2: factor the watchonly/multisig/etc fields on creation (moneromooo-monero)
2019-04-06 16:00:40 +02:00
Riccardo Spagni
cd8fe937ad
Merge pull request #5347
d45b85e1 wallet2: skip derivation precalc for blocks we know we'll skip (moneromooo-monero)
2019-04-06 15:59:56 +02:00
Riccardo Spagni
4ac78e1612
Merge pull request #5346
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
2019-04-06 15:59:43 +02:00
Riccardo Spagni
9e72f785d6
Merge pull request #5343
cafa15b9 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
2019-04-06 15:58:25 +02:00
moneromooo-monero
a2561653cb
wallet: new option to start background mining
The setup-background-mining option can be used to select
background mining when a wallet loads. The user will be asked
the first time the wallet is created.
2019-04-04 18:10:45 +00:00
moneromooo-monero
b40392fb02
wallet2: add --no-dns flag 2019-04-04 14:32:40 +00:00
stoffu
a2195b9b7f
crypto: replace rand<T>()%N idiom with unbiased rand_idx(N) 2019-04-04 22:38:19 +09:00
moneromooo-monero
15f27c80b9
wallet2: support multi out txes without change in sanity check 2019-04-03 20:58:21 +00:00
moneromooo-monero
0be5b2ee78
simplewallet: new unset_ring command
Useful when debugging, though not much for users
2019-04-02 14:18:07 +00:00
moneromooo-monero
c12b43cb5a
wallet: add number of blocks required for the balance to fully unlock 2019-04-01 19:31:19 +00:00
moneromooo-monero
3f1e9e84c0
wallet2: set confirmations to 0 for pool txes in proofs
It makes more sense than (uint64_t)-1, which is going to look
like very much confirmed when not checking in_pool
2019-04-01 19:31:10 +00:00
Riccardo Spagni
b6726aaa6c
Merge pull request #5319
f825055d wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
67aa4adc wallet_rpc_server: add a set_daemon RPC (moneromooo-monero)
705acbac wallet2: init some variables to default values if loading old wallets (moneromooo-monero)
f82bc29e wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
01efdc6a wallet_rpc_server: set confirmations to 0 for pending/pool txes (moneromooo-monero)
2019-04-01 20:56:52 +02:00
moneromooo-monero
67aa4adcfc
wallet_rpc_server: add a set_daemon RPC 2019-04-01 16:03:25 +00:00
moneromooo-monero
705acbac4d
wallet2: init some variables to default values if loading old wallets 2019-04-01 16:03:23 +00:00
Riccardo Spagni
286dec012d
Merge pull request #5333
18faa6da wallet: add freeze/thaw/frozen commands (moneromooo-monero)
2019-04-01 17:36:16 +02:00
Riccardo Spagni
b8ab510f23
Merge pull request #5332
7c440915 Add get_tx_proof support, needed for new sanity check (cslashm)
98fdcb2a Add support for V11 protocol with BulletProofV2 and short amount. New scheme key destination contrfol Fix dummy decryption in debug mode (cslashm)
3a981a33 Add application version compatibility check. (cslashm)
2019-04-01 17:35:12 +02:00
Riccardo Spagni
3b52940471
Merge pull request #5349
f1a3796a wallet2: fix tx sanity check change test for the sweep_all case (moneromooo-monero)
2019-04-01 17:34:43 +02:00
Riccardo Spagni
8b57e33789
Merge pull request #5305
4500236f wallet2: make use_fork_rules handle chain heights lower than leeway (moneromooo-monero)
2019-04-01 17:26:23 +02:00
Riccardo Spagni
30a3a73609
Merge pull request #5303
0a6cb30d wallet: flush output cache upon reorg (moneromooo-monero)
2019-04-01 17:26:10 +02:00
Riccardo Spagni
4a06b3ee62
Merge pull request #5298
8fd7452b wallet: move light wallet RPC out of core RPC (moneromooo-monero)
2019-04-01 17:24:13 +02:00
Riccardo Spagni
f13d38350a
Merge pull request #5297
a8b98a0b wallet: fix memory only wallets (moneromooo-monero)
2019-04-01 17:23:37 +02:00
Riccardo Spagni
6cb0a26d9d
Merge pull request #5292
328d291f wallet2: set seed language when creating from json (moneromooo-monero)
2019-04-01 17:22:22 +02:00
Riccardo Spagni
a6b798e72f
Merge pull request #5291
a52366c1 wallet2: fix generation from json when restore height is not set (moneromooo-monero)
2019-04-01 17:21:14 +02:00
cslashm
7c44091541 Add get_tx_proof support, needed for new sanity check
Enhance debug info
2019-03-28 18:26:15 +01:00
moneromooo-monero
050bb337d7
wallet2: factor the watchonly/multisig/etc fields on creation
There's half a dozen calls, and it's easy to miss some when
adding a new field.
2019-03-27 08:51:16 +00:00
moneromooo-monero
f1a3796a43
wallet2: fix tx sanity check change test for the sweep_all case 2019-03-25 22:41:22 +00:00
moneromooo-monero
d45b85e170
wallet2: skip derivation precalc for blocks we know we'll skip 2019-03-25 14:28:05 +00:00
moneromooo-monero
547a9708de
cryptonote: block parsing + hash calculation speedup
This saves a duplicate serialization step
2019-03-25 13:43:17 +00:00
moneromooo-monero
a8b98a0bd7
wallet: fix memory only wallets
at least when using restore_deterministic_wallet
2019-03-25 12:49:25 +00:00
Lee Clagett
7acfa9f3cc Added socks proxy (tor/i2pd/kovri) support to wallet 2019-03-25 01:35:13 +00:00
moneromooo-monero
cafa15b904
wallet2: set confirmations to 0 for pool txes in proofs
It makes more sense than (uint64_t)-1, which is going to look
like very much confirmed when not checking in_pool
2019-03-24 21:59:06 +00:00
Riccardo Spagni
8cb4293e82
Merge pull request #5277
adf6d773 wallet: fix offline signing calling a daemon RPC (moneromooo-monero)
2019-03-24 19:35:39 +02:00
moneromooo-monero
18faa6da0c
wallet: add freeze/thaw/frozen commands
These commands let one freeze outputs by key image, so they
do not appear in balance, nor are considered when creating
a transaction, etc

This is helpful when receiving an output from a suspected spy,
who might try to track your other outputs by seeing with what
other outputs it gets spent.

The frozen command may be used without parameters to list all
currently frozen outputs.
2019-03-22 09:19:24 +00:00
moneromooo-monero
adf6d7730f
wallet: fix offline signing calling a daemon RPC 2019-03-21 14:46:29 +00:00
moneromooo-monero
b05f10f82e
wallet2: sanity check new tx before sending
We generate and check tx proofs and verify the amounts in those
match what the original amounts were.
2019-03-21 13:03:45 +00:00
Riccardo Spagni
dcfd5a8892
Merge pull request #5266
576116d4 wallet: fix load failure if the mms isn't usable (moneromooo-monero)
2019-03-21 14:51:30 +02:00
Riccardo Spagni
30e823e7cd
Merge pull request #5248
3f6f90bb wallet2: do not use invalid keys as fake outs in rings (moneromooo-monero)
2019-03-21 14:46:58 +02:00
Riccardo Spagni
5e03bd06c1
Merge pull request #5235
c6a70af8 wallet2: key image import fixes (moneromooo-monero)
2019-03-21 14:45:58 +02:00
Riccardo Spagni
48e3a341f8
Merge pull request #5211
c9b13fbb tests/trezor: HF9 and HF10 tests (Dusan Klinec)
a1fd1d49 device/trezor: HF10 support added, wallet::API (Dusan Klinec)
d74d26f2 crypto: hmac_keccak added (Dusan Klinec)
2019-03-21 14:44:04 +02:00
Dusan Klinec
a1fd1d499c
device/trezor: HF10 support added, wallet::API
- import only key images generated by cold signing process
- wallet_api: trezor methods added
- wallet: button request code added
- const added to methods
- wallet2::get_tx_key_device() tries to decrypt stored tx private keys using the device.
- simplewallet supports get_tx_key and get_tx_proof on hw device using the get_tx_key feature
- live refresh enables refresh with trezor i.e. computing key images on the fly. More convenient and efficient for users.
- device: has_ki_live_refresh added
- a thread is watching whether live refresh is being computed, if not for 30 seconds, it terminates the live refresh process - switches Trezor state
2019-03-20 21:11:02 +01:00
Riccardo Spagni
695d51a481
Merge pull request #5203
8b514645 add multisig tx sets to describe_transfer rpc endpoint (spoke0)
2019-03-19 10:59:42 +02:00
Riccardo Spagni
38dcd975f2
Merge pull request #4889
f42263eb wallet: adds rescan_bc option with preserving key images (Dusan Klinec)
2019-03-19 10:55:45 +02:00
Riccardo Spagni
e1be617ea2
Merge pull request #5182
b674728d Better error when sending a tx with a too large extra field (moneromooo-monero)
2019-03-17 17:55:13 +02:00
Riccardo Spagni
761ef99e77
Merge pull request #5168
8630a028 wallet: fix payment ID decryption for construction data (Dusan Klinec)
2019-03-17 17:52:41 +02:00
Riccardo Spagni
4c91eb23a0
Merge pull request #5061
1f2930ce Update 2019 copyright (binaryFate)
2019-03-17 17:49:30 +02:00
moneromooo-monero
4500236f25
wallet2: make use_fork_rules handle chain heights lower than leeway 2019-03-17 14:22:50 +00:00
moneromooo-monero
0a6cb30d62
wallet: flush output cache upon reorg
Fixes output usage tracking
2019-03-17 10:34:07 +00:00
moneromooo-monero
8fd7452b6e
wallet: move light wallet RPC out of core RPC
It's not nothing to do with it
2019-03-15 13:34:08 +00:00
Dusan Klinec
f42263ebb6
wallet: adds rescan_bc option with preserving key images
- enables to perform rescan_spent / ki sync with untrusted daemon. Spent check status involves RPC calls which require trusted daemon status as it leaks information. The new call performs soft reset while preserving key images thus a sequence: refresh, ki sync / import, rescan_bc keep_ki will correctly perform spent checking without need for trusted daemon.

- useful to detect spent outputs with untrusted daemon on watch_only / multisig / hw-cold wallets after expensive key image sync.

- cli: rescan_bc keep_ki
2019-03-15 12:55:29 +01:00
moneromooo-monero
328d291fe4
wallet2: set seed language when creating from json 2019-03-15 00:16:50 +00:00
moneromooo-monero
a52366c1bf
wallet2: fix generation from json when restore height is not set
It was not recovering then, but creating a new random address
2019-03-14 23:41:41 +00:00
moneromooo-monero
bc61b5ca95
wallet2: don't store 0 amount outputs, they'll fail to be spent
It's better to just ignore them, the user does not really need
to know they're here. If the mask is wrong, they'll fail to be
used, and sweeping will fail as it tries to use it.

Reported by Josh Davis.
2019-03-12 18:42:30 +00:00
moneromooo-monero
576116d415
wallet: fix load failure if the mms isn't usable 2019-03-11 16:11:48 +00:00
moneromooo-monero
3f6f90bb31
wallet2: do not use invalid keys as fake outs in rings 2019-03-07 15:49:13 +00:00
moneromooo-monero
c6a70af86a
wallet2: key image import fixes
- return the right output data when offset is not zero
- do not consider import failed if result height is zero
  (it can be 0 if unknown)
- select the right tx pubkey when using subaddresses (it's faster,
  and we might select the wrong one if we got an output using one
  of the additional tx keys)
- account for skipped outputs for spent/unspent balance info

"spent" is arguably wrong, since it will count spent change
multiple times as it goes through receive/spend cycles.
2019-03-05 22:41:44 +00:00
binaryFate
1f2930ce0b Update 2019 copyright 2019-03-05 22:05:34 +01:00
Riccardo Spagni
5bbbe3902b
Merge pull request #4852
057c279c epee: add SSL support (Martijn Otto)
2019-03-05 16:21:30 +02:00
spoke0
8b51464516 add multisig tx sets to describe_transfer rpc endpoint 2019-03-05 14:42:43 +01:00
Martijn Otto
057c279cb4
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-03-05 14:16:08 +01:00
moneromooo-monero
b747e836c8
wallet2: don't calculate prefix hash when we don't need it 2019-03-05 10:28:55 +00:00
moneromooo-monero
ef93b0995c
various: remove unused variables 2019-03-04 22:24:49 +00:00
Riccardo Spagni
66014706bb
Merge pull request #5131
d2c95ab9 Don't decrypt keys in view only wallets in wallet_keys_unlocker (Doyle)
2019-03-04 21:28:09 +02:00
Riccardo Spagni
b0d326bf2a
Merge pull request #5084
9d58749b wallet2: fix hashchain going out of sync on refresh error (moneromooo-monero)
2019-03-04 21:19:12 +02:00