Commit Graph

346 Commits

Author SHA1 Message Date
Riccardo Spagni
e89aa2ec56
Merge pull request #5421
e78cea74 rpc: fix off by one in get_height (moneromooo-monero)
2019-04-15 09:22:50 +02:00
Riccardo Spagni
9bd0983d5e
Merge pull request #5402
cbf32241 rpc: make wide_difficulty hexadecimal (moneromooo-monero)
2019-04-15 09:18:10 +02:00
moneromooo-monero
e78cea74bd
rpc: fix off by one in get_height 2019-04-11 17:24:02 +00:00
moneromooo-monero
064ab12340
functional_tests: add more blockchain related tests
Related to emission, reorgs, getting tx data back, output
distribution and histogram
2019-04-11 11:07:58 +00:00
Riccardo Spagni
4a2cc76c84
Merge pull request #5376
c746f45d Add hash of top block to /getheight RPC (Howard Chu)
2019-04-11 13:01:54 +02:00
Riccardo Spagni
3a4008f0fc
Merge pull request #5374
a2561653 wallet: new option to start background mining (moneromooo-monero)
2019-04-11 13:01:30 +02:00
Lee Clagett
21eb1b0725 Pass SSL arguments via one class and use shared_ptr instead of reference 2019-04-07 00:44:37 -04:00
Lee Clagett
1f5ed328aa Change default SSL to "enabled" if user specifies fingerprint/certificate
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
2019-04-06 23:47:07 -04:00
Lee Clagett
a3b0284837 Change SSL certificate file list to OpenSSL builtin load_verify_location
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.

This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
2019-04-06 23:47:06 -04:00
moneromooo-monero
e8cf7dcc2b
rpc: merge the two get_info implementations 2019-04-06 14:04:24 +00:00
moneromooo-monero
cbf3224180
rpc: make wide_difficulty hexadecimal
This should be friendlier for clients which don't have bignum support
2019-04-05 16:30:16 +00:00
moneromooo-monero
a2561653cb
wallet: new option to start background mining
The setup-background-mining option can be used to select
background mining when a wallet loads. The user will be asked
the first time the wallet is created.
2019-04-04 18:10:45 +00:00
stoffu
a299dc96f7
rpc.gettransactions: fill as_json with partial tx in pruned mode 2019-04-04 18:08:01 +09:00
Riccardo Spagni
1ed6441925
Merge pull request #5327
c23ea796 New interactive daemon command 'print_net_stats': Global traffic stats (rbrunner7)
2019-04-01 17:32:01 +02:00
Riccardo Spagni
a69b71dc41
Merge pull request #5326
dc20d774 rpc: add miner tx hash to block header response (moneromooo-monero)
2019-04-01 17:31:36 +02:00
Riccardo Spagni
97831e5f8b
Merge pull request #5308
a7211793 rpc: quantize db size up to 5 GB in restricted mode (moneromooo-monero)
2019-04-01 17:27:56 +02:00
Howard Chu
c746f45d3e
Add hash of top block to /getheight RPC 2019-04-01 01:02:58 +01:00
moneromooo-monero
91f4c7f45f
Make difficulty 128 bit instead of 64 bit
Based on Boolberry work by:
  jahrsg <jahr@jahr.me>
  cr.zoidberg <crypto.zoidberg@gmail.com>
2019-03-24 21:03:19 +00:00
rbrunner7
c23ea7962d New interactive daemon command 'print_net_stats': Global traffic stats 2019-03-24 16:58:57 +01:00
Riccardo Spagni
df50181ab2
Merge pull request #5237
3907588b rpc: make fill_pow restricted (moneromooo-monero)
2019-03-21 14:46:20 +02:00
moneromooo-monero
dc20d77459
rpc: add miner tx hash to block header response 2019-03-21 00:24:12 +00:00
moneromooo-monero
a7211793ba
rpc: quantize db size up to 5 GB in restricted mode 2019-03-17 21:27:52 +00:00
Riccardo Spagni
848591c4d8
Merge pull request #5190
551104fb daemon: add --public-node mode, RPC port propagation over P2P (xiphon)
2019-03-17 17:56:04 +02:00
Riccardo Spagni
429930534d
Merge pull request #5185
59478c80 daemon: new mining_status command (moneromooo-monero)
2019-03-17 17:55:32 +02:00
Riccardo Spagni
fd231226b9
Merge pull request #5177
bb2aed8e rpc: quantize db size up to 5 GB in restricted mode (moneromooo-monero)
2019-03-17 17:52:56 +02:00
moneromooo-monero
59478c80dd
daemon: new mining_status command 2019-03-09 20:51:53 +00:00
moneromooo-monero
3907588bf6
rpc: make fill_pow restricted
It's slow work, so let's not expose it
2019-03-06 00:05:41 +00:00
binaryFate
1f2930ce0b Update 2019 copyright 2019-03-05 22:05:34 +01:00
Martijn Otto
057c279cb4
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-03-05 14:16:08 +01:00
Riccardo Spagni
46fd181cca
Merge pull request #4054
24569454 epee: add SSL support (moneromooo-monero)
2019-03-04 21:17:21 +02:00
moneromooo-monero
b8787f4302
ArticMine's new block weight algorithm
This curbs runaway growth while still allowing substantial
spikes in block weight

Original specification from ArticMine:

here is the scaling proposal
Define: LongTermBlockWeight
Before fork:
LongTermBlockWeight = BlockWeight
At or after fork:
LongTermBlockWeight = min(BlockWeight, 1.4*LongTermEffectiveMedianBlockWeight)
Note: To avoid possible consensus issues over rounding the LongTermBlockWeight for a given block should be calculated to the nearest byte, and stored as a integer in the block itself. The stored LongTermBlockWeight is then used for future calculations of the LongTermEffectiveMedianBlockWeight and not recalculated each time.
Define:   LongTermEffectiveMedianBlockWeight
LongTermEffectiveMedianBlockWeight = max(300000, MedianOverPrevious100000Blocks(LongTermBlockWeight))
Change Definition of EffectiveMedianBlockWeight
From (current definition)
EffectiveMedianBlockWeight  = max(300000, MedianOverPrevious100Blocks(BlockWeight))
To (proposed definition)
EffectiveMedianBlockWeight  = min(max(300000, MedianOverPrevious100Blocks(BlockWeight)), 50*LongTermEffectiveMedianBlockWeight)
Notes:
1) There are no other changes to the existing penalty formula, median calculation, fees etc.
2) There is the requirement to store the LongTermBlockWeight of a block unencrypted in the block itself. This  is to avoid possible consensus issues over rounding and also to prevent the calculations from becoming unwieldy as we move away from the fork.
3) When the  EffectiveMedianBlockWeight cap is reached it is still possible to mine blocks up to 2x the EffectiveMedianBlockWeight by paying the corresponding penalty.

Note: the long term block weight is stored in the database, but not in the actual block itself,
since it requires recalculating anyway for verification.
2019-03-04 09:33:58 +00:00
xiphon
551104fbf1 daemon: add --public-node mode, RPC port propagation over P2P 2019-02-25 02:40:23 +03:00
moneromooo-monero
bb2aed8e4d
rpc: quantize db size up to 5 GB in restricted mode 2019-02-21 23:49:53 +00:00
moneromooo-monero
2456945408
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-02-02 20:05:33 +00:00
Lee Clagett
973403bc9f Adding initial support for broadcasting transactions over Tor
- Support for ".onion" in --add-exclusive-node and --add-peer
  - Add --anonymizing-proxy for outbound Tor connections
  - Add --anonymous-inbounds for inbound Tor connections
  - Support for sharing ".onion" addresses over Tor connections
  - Support for broadcasting transactions received over RPC exclusively
    over Tor (else broadcast over public IP when Tor not enabled).
2019-01-28 23:56:33 +00:00
moneromooo-monero
acfff8d0ce
rpc: fix internal daemon calls in restricted rpc getting partial data 2019-01-28 19:35:20 +00:00
moneromooo-monero
b750fb27b0
Pruning
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.

No other data is currently pruned.

There are three ways to prune a blockchain:

- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility

The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.

The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.

Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
2019-01-22 20:30:51 +00:00
Riccardo Spagni
3eb96fa512
Merge pull request #5027
9092fc4b wallet: do not display daemon controlled text if untrusted (moneromooo-monero)
2019-01-16 21:38:15 +02:00
Riccardo Spagni
9d57ee9ff6
Merge pull request #4984
008647d7 blockchain_db: speedup tx output gathering (moneromooo-monero)
2019-01-16 19:06:07 +02:00
Riccardo Spagni
577a8f5c84
Merge pull request #4952
570dd369 p2p: use vector instead of list for peer lists (moneromooo-monero)
2019-01-06 20:39:07 +02:00
moneromooo-monero
9092fc4bfd
wallet: do not display daemon controlled text if untrusted 2018-12-30 01:32:57 +00:00
moneromooo-monero
008647d7eb
blockchain_db: speedup tx output gathering
We know all the data we'll want for getblocks.bin is contiguous
2018-12-18 11:55:21 +00:00
Riccardo Spagni
0fccc78e39
Merge pull request #4903
dc1c1252 add command pop_blocks (Jason Wong)
2018-12-12 11:58:37 +02:00
moneromooo-monero
570dd3690e
p2p: use vector instead of list for peer lists 2018-12-07 13:20:34 +00:00
Riccardo Spagni
7e957c162a
Merge pull request #4879
243f010e rpc: mask values that are nobody else's business in restricted RPC (moneromooo-monero)
2018-12-04 17:34:57 +02:00
Riccardo Spagni
81418cb281
Merge pull request #4894
aee7a4e3 wallet_rpc_server: do not use RPC data if the call failed (moneromooo-monero)
1a0733e5 windows_service: fix memory leak (moneromooo-monero)
0dac3c64 unit_tests: do not rethrow a copy of an exception (moneromooo-monero)
5d9915ab cryptonote: fix get_unit for non default settings (moneromooo-monero)
d4f50cb1 remove some unused code (moneromooo-monero)
61163971 a few minor (but easy) performance tweaks (moneromooo-monero)
30023074 tests: slow_memmem now returns size_t (moneromooo-monero)
2018-12-04 17:33:19 +02:00
moneromooo-monero
243f010edc
rpc: mask values that are nobody else's business in restricted RPC 2018-12-04 15:32:21 +00:00
Riccardo Spagni
e282e9fa40
Merge pull request #4878
517f25ef rpc: add version to get_info (Jethro Grassie)
2018-12-04 17:28:24 +02:00
Riccardo Spagni
e7d30780de
Merge pull request #4869
60f36386 Avoid unnecessary temp block and copy ctor (moneromooo-monero)
2018-12-04 17:12:47 +02:00
Riccardo Spagni
11d86f6008
Merge pull request #4859
6f2497bc Don't cache nettype in core_rpc_server use m_core (doy-lee)
2018-12-04 17:09:21 +02:00