Cypher_Stack/wownero
2
0
Fork 0
mirror of https://git.wownero.com/wownero/wownero.git synced 2025-01-12 18:58:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,022 Commits 21 Branches 51 Tags
Commit Graph

930 Commits

Author SHA1 Message Date
Howard Chu
a182df21d0
Bans for RPC connections 
Make bans control RPC sessions too. And auto-ban some bad requests.
Drops HTTP connections whenever response code is 500.
 2019-06-16 11:38:08 +01:00
moneromooo-monero
0564da5fdc
ensure no NULL is passed to memcpy 
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
 2019-06-14 08:47:29 +00:00
moneromooo-monero
bc09766bf9
abstract_tcp_server2: improve DoS resistance 2019-06-14 08:47:26 +00:00
moneromooo-monero
39169ace09
epee: basic sanity check on allocation size from untrusted source 
Reported by guidov
 2019-06-14 08:47:01 +00:00
luigi1111
7b3df89bd4
Merge pull request #5632 
3a0fbea Don't use -march=native (hyc)
f8b2f25 Allow parallel make (hyc)
01ced20 Delete redundant cppzmq dependency (hyc)
1dc4ebf Use 9 digit build IDs (hyc)
 2019-06-12 14:47:33 -05:00
luigi1111
a22bb544a3
Merge pull request #5552 
c27d961 [depends] update openssl to 1.0.2r (who-biz)
 2019-06-12 14:43:51 -05:00
Howard Chu
1dc4ebfd6c
Use 9 digit build IDs 2019-06-12 16:47:33 +01:00
Howard Chu
01ced20eca
Delete redundant cppzmq dependency 2019-06-12 10:20:44 +01:00
Howard Chu
f8b2f250b7
Allow parallel make 2019-06-12 09:00:50 +01:00
Howard Chu
3a0fbea1ff
Don't use -march=native 2019-06-12 09:00:44 +01:00
luigi1111
9c0e9c40ec
Merge pull request #5618 
b0a04f7 epee: fix SSL autodetect on reconnection (xiphon)
 2019-06-11 18:15:48 -05:00
xiphon
b0a04f7d45 epee: fix SSL autodetect on reconnection 2019-06-10 10:40:16 +00:00
moneromooo-monero
35c20c4332
Fix GCC 9.1 build warnings 
GCC wants operator= aand copy ctor to be both defined, or neither
 2019-06-09 09:39:18 +00:00
Lee Clagett
3544596f9f Add ssl_options support to monerod's rpc mode. 2019-05-22 00:09:11 -04:00
who-biz
c27d96129e [depends] update openssl to 1.0.2r 
- This addresses https://www.openssl.org/news/secadv/20190226.txt (CVE: 2019-1559) which impacted all versions of openssl-1.0.

Note that this does not address CVE-2019-1543 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543), which impacts all versions of openssl 1.1 through 1.1.0j and 1.1.1b.

The above (1.1) is patched in openssl, where it was marked as low severity.  Similar issues possibly present in monero, should be looked into w.r.t. CVE-2019-1543.
 2019-05-18 02:18:55 -04:00
Riccardo Spagni
e8487fa46b
Merge pull request #5539 
3f612cda Changed odd bullet point to low level header (Rohaq)
af9bc4ec Used subeaders to avoid slightly wonky looking formatting (Rohaq)
1873af35 Made code block usage consistent across all .md files (Rohaq)
68103075 Updated Copyright notice (Rohaq)
39bd157f Added Table of Contents to main README.md (Rohaq)
 2019-05-15 16:10:41 +02:00
luigi1111
14723fc6e7
Merge pull request #5527 
9a7a453 net_ssl: free certs after setting them up (moneromooo-monero)
 2019-05-14 15:55:25 -05:00
luigi1111
1fc1c7318c
Merge pull request #5519 
b8b957d cmake: fix incorrect hint for OPENSSL_ROOT_DIR (moneromooo-monero)
367bb80 mlog: default to not showing SSL errors (moneromooo-monero)
 2019-05-14 15:52:32 -05:00
Rohaq
1873af35bf Made code block usage consistent across all .md files 2019-05-12 05:16:26 +01:00
moneromooo-monero
9a6006bad8
abstract_tcp_server2: move some things out of a lock 
The lock is meant for the network throttle object only,
and this should help coverity get unconfused
 2019-05-10 14:18:11 +00:00
moneromooo-monero
6abaaaa994
remove obsolete save_graph skeleton code 2019-05-10 14:17:18 +00:00
moneromooo-monero
f61a315e8b
net_utils: fix m_ssl type from time_t to bool 2019-05-10 14:14:49 +00:00
moneromooo-monero
9a7a453f25
net_ssl: free certs after setting them up 2019-05-10 00:16:49 +00:00
Riccardo Spagni
c0bc6d96cd
Merge pull request #5509 
a62e0725 net_ssl: SSL config tweaks for compatibility and security (moneromooo-monero)
 2019-05-07 17:39:20 +02:00
Riccardo Spagni
2d04b0e500
Merge pull request #5499 
a4c4a2d8 blockchain: keep a rolling long term block weight median (moneromooo-monero)
 2019-05-07 17:31:45 +02:00
Riccardo Spagni
123df0eaf7
Merge pull request #5419 
f29fecd5 build: debug and test builds via contrib (Dusan Klinec)
 2019-05-07 17:26:32 +02:00
moneromooo-monero
a62e072571
net_ssl: SSL config tweaks for compatibility and security 
add two RSA based ciphers for Windows/depends compatibility
also enforce server cipher ordering
also set ECDH to auto because vtnerd says it is good :)

When built with the depends system, openssl does not include any
cipher on the current whitelist, so add this one, which fixes the
problem, and does seem sensible.
 2019-05-07 10:01:42 +00:00
moneromooo-monero
367bb80ae7
mlog: default to not showing SSL errors 2019-05-06 07:38:52 +00:00
moneromooo-monero
a4c4a2d8aa
blockchain: keep a rolling long term block weight median 2019-05-02 09:47:01 +00:00
moneromooo-monero
5e0da6fb68
change SSL certificate fingerprint whitelisting from SHA1 to SHA-256 
SHA1 is too close to bruteforceable
 2019-04-26 11:37:15 +00:00
Riccardo Spagni
5d09e39174
Merge pull request #5482 
9956500d net_helper: clear recv buffer on eof (moneromooo-monero)
 2019-04-24 22:40:12 +02:00
Riccardo Spagni
d86dd5fa7c
Merge pull request #5479 
edbae2d0 levin_protocol_handler_async: tune down preallocation a fair bit (moneromooo-monero)
 2019-04-24 22:39:30 +02:00
moneromooo-monero
9956500d14
net_helper: clear recv buffer on eof 2019-04-23 13:23:17 +00:00
moneromooo-monero
edbae2d05b
levin_protocol_handler_async: tune down preallocation a fair bit 
It can allocate a lot when getting a lot of connections
(in particular, the stress test on windows apparently pushes
that memory to actual use, rather than just allocated)
 2019-04-22 22:35:32 +00:00
moneromooo-monero
7a9316ebef
serialization: set default log category 2019-04-21 09:26:25 +00:00
moneromooo-monero
b672d4d6e5
epee: use boost/timer/timer.hpp, boost/timer.hpp is deprecated 2019-04-18 15:12:34 +00:00
Riccardo Spagni
ba1b6d36c4
Merge pull request #5447 
02c01c0b Add Brewfile to allow for an even easier management of dependencies (Florian)
 2019-04-16 22:47:56 +02:00
Riccardo Spagni
c8ce4217cf
Merge pull request #5445 
b18f0b10 wallet: new --offline option (moneromooo-monero)
 2019-04-16 22:46:53 +02:00
Riccardo Spagni
e9527f5eed
Merge pull request #5436 
61d63900 net_helper: avoid unnecessary memcpy (moneromooo-monero)
 2019-04-16 22:43:15 +02:00
Riccardo Spagni
c603044398
Merge pull request #5432 
c3cf930f abstract_tcp_server2: fix timeout on exit (moneromooo-monero)
 2019-04-16 22:41:18 +02:00
Florian
02c01c0bd8 Add Brewfile to allow for an even easier management of dependencies 2019-04-15 14:46:26 +02:00
moneromooo-monero
b18f0b1051
wallet: new --offline option 
It will avoid connecting to a daemon (so useful for cold signing
using a RPC wallet), and not perform DNS queries.
 2019-04-15 09:14:12 +00:00
Riccardo Spagni
e46dc055d1
Merge pull request #5369 
e72c2c5d do not build in parallel as it is non-deterministic (Jane Mercer)
 2019-04-15 09:13:48 +02:00
moneromooo-monero
61d63900b9
net_helper: avoid unnecessary memcpy 2019-04-13 13:24:58 +00:00
moneromooo-monero
c3cf930f75
abstract_tcp_server2: fix timeout on exit 
When closing connections due to exiting, the IO service is
already gone, so the data exchange needed for a gracious SSL
shutdown cannot happen. We just close the socket in that case.
 2019-04-12 18:13:31 +00:00
moneromooo-monero
4b3bb829c2
epee: init a new ssl related variable in ctor 2019-04-11 11:10:15 +00:00
moneromooo-monero
9f8dc4ce51
simplewallet: new net_stats command 
displays total sent and received bytes
 2019-04-11 10:46:41 +00:00
Dusan Klinec
f29fecd517
build: debug and test builds via contrib 2019-04-10 15:43:52 +02:00
Lee Clagett
2e578b8214 Enabling daemon-rpc SSL now requires non-system CA verification 
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
 2019-04-07 13:02:43 -04:00
Lee Clagett
d58f368289 Require manual override for user chain certificates. 
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
 2019-04-07 00:44:37 -04:00