Commit graph

1727 commits

Author SHA1 Message Date
Lee Clagett
2e578b8214 Enabling daemon-rpc SSL now requires non-system CA verification
If `--daemon-ssl enabled` is set in the wallet, then a user certificate,
fingerprint, or onion/i2p address must be provided.
2019-04-07 13:02:43 -04:00
Lee Clagett
d58f368289 Require manual override for user chain certificates.
An override for the wallet to daemon connection is provided, but not for
other SSL contexts. The intent is to prevent users from supplying a
system CA as the "user" whitelisted certificate, which is less secure
since the key is controlled by a third party.
2019-04-07 00:44:37 -04:00
Lee Clagett
21eb1b0725 Pass SSL arguments via one class and use shared_ptr instead of reference 2019-04-07 00:44:37 -04:00
Lee Clagett
1f5ed328aa Change default SSL to "enabled" if user specifies fingerprint/certificate
Currently if a user specifies a ca file or fingerprint to verify peer,
the default behavior is SSL autodetect which allows for mitm downgrade
attacks. It should be investigated whether a manual override should be
allowed - the configuration is likely always invalid.
2019-04-06 23:47:07 -04:00
Lee Clagett
a3b0284837 Change SSL certificate file list to OpenSSL builtin load_verify_location
Specifying SSL certificates for peer verification does an exact match,
making it a not-so-obvious alias for the fingerprints option. This
changes the checks to OpenSSL which loads concatenated certificate(s)
from a single file and does a certificate-authority (chain of trust)
check instead. There is no drop in security - a compromised exact match
fingerprint has the same worse case failure. There is increased security
in allowing separate long-term CA key and short-term SSL server keys.

This also removes loading of the system-default CA files if a custom
CA file or certificate fingerprint is specified.
2019-04-06 23:47:06 -04:00
Riccardo Spagni
c7e536db23
Merge pull request #5350
050bb337 wallet2: factor the watchonly/multisig/etc fields on creation (moneromooo-monero)
2019-04-06 16:00:40 +02:00
Riccardo Spagni
cd8fe937ad
Merge pull request #5347
d45b85e1 wallet2: skip derivation precalc for blocks we know we'll skip (moneromooo-monero)
2019-04-06 15:59:56 +02:00
Riccardo Spagni
4ac78e1612
Merge pull request #5346
c84ea299 cryptonote_basic: some more minor speedups (moneromooo-monero)
e40eb2ad cryptonote_basic: speedup calculate_block_hash (moneromooo-monero)
547a9708 cryptonote: block parsing + hash calculation speedup (moneromooo-monero)
11604b6d blockchain: avoid unneeded block copy (moneromooo-monero)
8461df04 save some database calls when getting top block hash and height (moneromooo-monero)
3bbc3661 Avoid repeated (de)serialization when syncing (moneromooo-monero)
2019-04-06 15:59:43 +02:00
Riccardo Spagni
7e5651c346
Merge pull request #5345
678262ab wallet_rpc_server: allow english/local language names in create_wallet (moneromooo-monero)
2019-04-06 15:59:10 +02:00
Riccardo Spagni
9e72f785d6
Merge pull request #5343
cafa15b9 wallet2: set confirmations to 0 for pool txes in proofs (moneromooo-monero)
2019-04-06 15:58:25 +02:00
Riccardo Spagni
e1f0e6da5c
Merge pull request #5340
16eda54b wallet: use original user address if we have a short payment id (moneromooo-monero)
2019-04-06 15:56:52 +02:00
selsta
8bb253b0db
libwallet_merged: add missing net target 2019-04-02 21:22:51 +02:00
stoffu
d3018d0f0b
api/wallet: fix some wrong namespace 2019-04-02 10:11:49 +09:00
Riccardo Spagni
b6726aaa6c
Merge pull request #5319
f825055d wallet_rpc_server: error out on getting the spend key from a hot wallet (moneromooo-monero)
67aa4adc wallet_rpc_server: add a set_daemon RPC (moneromooo-monero)
705acbac wallet2: init some variables to default values if loading old wallets (moneromooo-monero)
f82bc29e wallet_rpc_server: always fill out subaddr_indices in get_transfers (moneromooo-monero)
01efdc6a wallet_rpc_server: set confirmations to 0 for pending/pool txes (moneromooo-monero)
2019-04-01 20:56:52 +02:00
moneromooo-monero
f825055d22
wallet_rpc_server: error out on getting the spend key from a hot wallet 2019-04-01 16:03:29 +00:00
moneromooo-monero
67aa4adcfc
wallet_rpc_server: add a set_daemon RPC 2019-04-01 16:03:25 +00:00
moneromooo-monero
705acbac4d
wallet2: init some variables to default values if loading old wallets 2019-04-01 16:03:23 +00:00
moneromooo-monero
f82bc29ec2
wallet_rpc_server: always fill out subaddr_indices in get_transfers
It was not filled out for in and pool types
2019-04-01 16:03:20 +00:00
moneromooo-monero
01efdc6a7e
wallet_rpc_server: set confirmations to 0 for pending/pool txes 2019-04-01 16:03:17 +00:00
Riccardo Spagni
286dec012d
Merge pull request #5333
18faa6da wallet: add freeze/thaw/frozen commands (moneromooo-monero)
2019-04-01 17:36:16 +02:00
Riccardo Spagni
b8ab510f23
Merge pull request #5332
7c440915 Add get_tx_proof support, needed for new sanity check (cslashm)
98fdcb2a Add support for V11 protocol with BulletProofV2 and short amount. New scheme key destination contrfol Fix dummy decryption in debug mode (cslashm)
3a981a33 Add application version compatibility check. (cslashm)
2019-04-01 17:35:12 +02:00
Riccardo Spagni
3b52940471
Merge pull request #5349
f1a3796a wallet2: fix tx sanity check change test for the sweep_all case (moneromooo-monero)
2019-04-01 17:34:43 +02:00
Riccardo Spagni
3b1fa543ca
Merge pull request #5329
023f2c77 wallet_rpc_server: remove mixin from transfer RPCs (moneromooo-monero)
2019-04-01 17:32:20 +02:00
Riccardo Spagni
8b57e33789
Merge pull request #5305
4500236f wallet2: make use_fork_rules handle chain heights lower than leeway (moneromooo-monero)
2019-04-01 17:26:23 +02:00
Riccardo Spagni
30a3a73609
Merge pull request #5303
0a6cb30d wallet: flush output cache upon reorg (moneromooo-monero)
2019-04-01 17:26:10 +02:00
Riccardo Spagni
94880540e7
Merge pull request #5302
23fb056a wallet_rpc_server: new auto_refresh RPC (moneromooo-monero)
2019-04-01 17:25:53 +02:00
Riccardo Spagni
b09f1bdb8f
Merge pull request #5299
4ee15655 wallet_rpc_server: fix buffer read overflow in string assignment (moneromooo-monero)
2019-04-01 17:24:33 +02:00
Riccardo Spagni
4a06b3ee62
Merge pull request #5298
8fd7452b wallet: move light wallet RPC out of core RPC (moneromooo-monero)
2019-04-01 17:24:13 +02:00
Riccardo Spagni
f13d38350a
Merge pull request #5297
a8b98a0b wallet: fix memory only wallets (moneromooo-monero)
2019-04-01 17:23:37 +02:00
Riccardo Spagni
6cb0a26d9d
Merge pull request #5292
328d291f wallet2: set seed language when creating from json (moneromooo-monero)
2019-04-01 17:22:22 +02:00
Riccardo Spagni
a6b798e72f
Merge pull request #5291
a52366c1 wallet2: fix generation from json when restore height is not set (moneromooo-monero)
2019-04-01 17:21:14 +02:00
cslashm
7c44091541 Add get_tx_proof support, needed for new sanity check
Enhance debug info
2019-03-28 18:26:15 +01:00
moneromooo-monero
050bb337d7
wallet2: factor the watchonly/multisig/etc fields on creation
There's half a dozen calls, and it's easy to miss some when
adding a new field.
2019-03-27 08:51:16 +00:00
moneromooo-monero
f1a3796a43
wallet2: fix tx sanity check change test for the sweep_all case 2019-03-25 22:41:22 +00:00
moneromooo-monero
d45b85e170
wallet2: skip derivation precalc for blocks we know we'll skip 2019-03-25 14:28:05 +00:00
moneromooo-monero
547a9708de
cryptonote: block parsing + hash calculation speedup
This saves a duplicate serialization step
2019-03-25 13:43:17 +00:00
moneromooo-monero
678262ab65
wallet_rpc_server: allow english/local language names in create_wallet
and return both in get_languages
2019-03-25 12:52:43 +00:00
moneromooo-monero
a8b98a0bd7
wallet: fix memory only wallets
at least when using restore_deterministic_wallet
2019-03-25 12:49:25 +00:00
Lee Clagett
7acfa9f3cc Added socks proxy (tor/i2pd/kovri) support to wallet 2019-03-25 01:35:13 +00:00
moneromooo-monero
cafa15b904
wallet2: set confirmations to 0 for pool txes in proofs
It makes more sense than (uint64_t)-1, which is going to look
like very much confirmed when not checking in_pool
2019-03-24 21:59:06 +00:00
Riccardo Spagni
4176a399de
Merge pull request #5282
f962449d wallet_rpc_server: include out subaddress indices in get_transfers (moneromooo-monero)
2019-03-24 19:37:07 +02:00
Riccardo Spagni
8cb4293e82
Merge pull request #5277
adf6d773 wallet: fix offline signing calling a daemon RPC (moneromooo-monero)
2019-03-24 19:35:39 +02:00
moneromooo-monero
16eda54b38
wallet: use original user address if we have a short payment id 2019-03-24 08:58:59 +00:00
moneromooo-monero
18faa6da0c
wallet: add freeze/thaw/frozen commands
These commands let one freeze outputs by key image, so they
do not appear in balance, nor are considered when creating
a transaction, etc

This is helpful when receiving an output from a suspected spy,
who might try to track your other outputs by seeing with what
other outputs it gets spent.

The frozen command may be used without parameters to list all
currently frozen outputs.
2019-03-22 09:19:24 +00:00
moneromooo-monero
023f2c7747
wallet_rpc_server: remove mixin from transfer RPCs
it's been a while, only use ring_size now
2019-03-21 14:47:39 +00:00
moneromooo-monero
adf6d7730f
wallet: fix offline signing calling a daemon RPC 2019-03-21 14:46:29 +00:00
moneromooo-monero
b05f10f82e
wallet2: sanity check new tx before sending
We generate and check tx proofs and verify the amounts in those
match what the original amounts were.
2019-03-21 13:03:45 +00:00
Riccardo Spagni
e0a05837ba
Merge pull request #5270
5ade7281 Wallet API: multisig_tx_set passing bug fixed (naughtyfox)
2019-03-21 14:51:41 +02:00
Riccardo Spagni
dcfd5a8892
Merge pull request #5266
576116d4 wallet: fix load failure if the mms isn't usable (moneromooo-monero)
2019-03-21 14:51:30 +02:00
Riccardo Spagni
30e823e7cd
Merge pull request #5248
3f6f90bb wallet2: do not use invalid keys as fake outs in rings (moneromooo-monero)
2019-03-21 14:46:58 +02:00