Commit graph

684 commits

Author SHA1 Message Date
luigi1111
8774384ace
Merge pull request #5528
f61a315 net_utils: fix m_ssl type from time_t to bool (moneromooo-monero)
2019-07-24 14:05:18 -05:00
moneromooo-monero
65c4004963
allow blocking whole subnets 2019-07-16 11:35:53 +00:00
luigi1111
f9a3d7fec8
Merge pull request #5704
8f22279 Depends: Update HIDAPI version (TheCharlatan)
2019-07-12 20:21:41 -05:00
TheCharlatan
8f2227940d Depends: Update HIDAPI version
The macos binaries in release v0.14.1.0 were compiled with the buggy
hidapi-0.8.0-rc1 version. This resulted in users not being able to use
their Ledger with the latest cli wallet. After the patch depends now
fetches the source from the libusb hidapi repository that has taken over
maintenance of hidapi.
2019-06-27 17:32:46 +02:00
TheCharlatan
496cd46d80 Add ncurses package for linux and darwin readline
Readline support is now compiled with the ncurses backend.
2019-06-25 19:16:20 +02:00
TheCharlatan
cbbb24cfe1 Remove clutter in depends installed packages
To speedup the depends cached builds, remove some some clutter from the package
files. This mainly incldues removing all the shared libraries and .la
linker files. It also gives stronger guarantees that monero only links
the static libs without any external rvalues.
2019-06-25 09:21:33 +02:00
TheCharlatan
1dbfc812e1 Add debug targets to depends Makefile
Packages can now be built individually and for each stage. This allows
easier debugging.
2019-06-25 09:20:47 +02:00
moneromooo-monero
0564da5fdc
ensure no NULL is passed to memcpy
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
2019-06-14 08:47:29 +00:00
moneromooo-monero
bc09766bf9
abstract_tcp_server2: improve DoS resistance 2019-06-14 08:47:26 +00:00
moneromooo-monero
39169ace09
epee: basic sanity check on allocation size from untrusted source
Reported by guidov
2019-06-14 08:47:01 +00:00
luigi1111
7b3df89bd4
Merge pull request #5632
3a0fbea Don't use -march=native (hyc)
f8b2f25 Allow parallel make (hyc)
01ced20 Delete redundant cppzmq dependency (hyc)
1dc4ebf Use 9 digit build IDs (hyc)
2019-06-12 14:47:33 -05:00
luigi1111
a22bb544a3
Merge pull request #5552
c27d961 [depends] update openssl to 1.0.2r (who-biz)
2019-06-12 14:43:51 -05:00
Howard Chu
1dc4ebfd6c
Use 9 digit build IDs 2019-06-12 16:47:33 +01:00
Howard Chu
01ced20eca
Delete redundant cppzmq dependency 2019-06-12 10:20:44 +01:00
Howard Chu
f8b2f250b7
Allow parallel make 2019-06-12 09:00:50 +01:00
Howard Chu
3a0fbea1ff
Don't use -march=native 2019-06-12 09:00:44 +01:00
luigi1111
9c0e9c40ec
Merge pull request #5618
b0a04f7 epee: fix SSL autodetect on reconnection (xiphon)
2019-06-11 18:15:48 -05:00
xiphon
b0a04f7d45 epee: fix SSL autodetect on reconnection 2019-06-10 10:40:16 +00:00
moneromooo-monero
35c20c4332
Fix GCC 9.1 build warnings
GCC wants operator= aand copy ctor to be both defined, or neither
2019-06-09 09:39:18 +00:00
Lee Clagett
3544596f9f Add ssl_options support to monerod's rpc mode. 2019-05-22 00:09:11 -04:00
who-biz
c27d96129e [depends] update openssl to 1.0.2r
- This addresses https://www.openssl.org/news/secadv/20190226.txt (CVE: 2019-1559) which impacted all versions of openssl-1.0.

Note that this does not address CVE-2019-1543 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543), which impacts all versions of openssl 1.1 through 1.1.0j and 1.1.1b.

The above (1.1) is patched in openssl, where it was marked as low severity.  Similar issues possibly present in monero, should be looked into w.r.t. CVE-2019-1543.
2019-05-18 02:18:55 -04:00
Riccardo Spagni
e8487fa46b
Merge pull request #5539
3f612cda Changed odd bullet point to low level header (Rohaq)
af9bc4ec Used subeaders to avoid slightly wonky looking formatting (Rohaq)
1873af35 Made code block usage consistent across all .md files (Rohaq)
68103075 Updated Copyright notice (Rohaq)
39bd157f Added Table of Contents to main README.md (Rohaq)
2019-05-15 16:10:41 +02:00
luigi1111
14723fc6e7
Merge pull request #5527
9a7a453 net_ssl: free certs after setting them up (moneromooo-monero)
2019-05-14 15:55:25 -05:00
luigi1111
1fc1c7318c
Merge pull request #5519
b8b957d cmake: fix incorrect hint for OPENSSL_ROOT_DIR (moneromooo-monero)
367bb80 mlog: default to not showing SSL errors (moneromooo-monero)
2019-05-14 15:52:32 -05:00
Rohaq
1873af35bf Made code block usage consistent across all .md files 2019-05-12 05:16:26 +01:00
moneromooo-monero
f61a315e8b
net_utils: fix m_ssl type from time_t to bool 2019-05-10 14:14:49 +00:00
moneromooo-monero
9a7a453f25
net_ssl: free certs after setting them up 2019-05-10 00:16:49 +00:00
Riccardo Spagni
c0bc6d96cd
Merge pull request #5509
a62e0725 net_ssl: SSL config tweaks for compatibility and security (moneromooo-monero)
2019-05-07 17:39:20 +02:00
Riccardo Spagni
2d04b0e500
Merge pull request #5499
a4c4a2d8 blockchain: keep a rolling long term block weight median (moneromooo-monero)
2019-05-07 17:31:45 +02:00
Riccardo Spagni
123df0eaf7
Merge pull request #5419
f29fecd5 build: debug and test builds via contrib (Dusan Klinec)
2019-05-07 17:26:32 +02:00
moneromooo-monero
a62e072571
net_ssl: SSL config tweaks for compatibility and security
add two RSA based ciphers for Windows/depends compatibility
also enforce server cipher ordering
also set ECDH to auto because vtnerd says it is good :)

When built with the depends system, openssl does not include any
cipher on the current whitelist, so add this one, which fixes the
problem, and does seem sensible.
2019-05-07 10:01:42 +00:00
moneromooo-monero
367bb80ae7
mlog: default to not showing SSL errors 2019-05-06 07:38:52 +00:00
moneromooo-monero
a4c4a2d8aa
blockchain: keep a rolling long term block weight median 2019-05-02 09:47:01 +00:00
moneromooo-monero
5e0da6fb68
change SSL certificate fingerprint whitelisting from SHA1 to SHA-256
SHA1 is too close to bruteforceable
2019-04-26 11:37:15 +00:00
Riccardo Spagni
5d09e39174
Merge pull request #5482
9956500d net_helper: clear recv buffer on eof (moneromooo-monero)
2019-04-24 22:40:12 +02:00
Riccardo Spagni
d86dd5fa7c
Merge pull request #5479
edbae2d0 levin_protocol_handler_async: tune down preallocation a fair bit (moneromooo-monero)
2019-04-24 22:39:30 +02:00
moneromooo-monero
9956500d14
net_helper: clear recv buffer on eof 2019-04-23 13:23:17 +00:00
moneromooo-monero
edbae2d05b
levin_protocol_handler_async: tune down preallocation a fair bit
It can allocate a lot when getting a lot of connections
(in particular, the stress test on windows apparently pushes
that memory to actual use, rather than just allocated)
2019-04-22 22:35:32 +00:00
moneromooo-monero
7a9316ebef
serialization: set default log category 2019-04-21 09:26:25 +00:00
moneromooo-monero
b672d4d6e5
epee: use boost/timer/timer.hpp, boost/timer.hpp is deprecated 2019-04-18 15:12:34 +00:00
Riccardo Spagni
ba1b6d36c4
Merge pull request #5447
02c01c0b Add Brewfile to allow for an even easier management of dependencies (Florian)
2019-04-16 22:47:56 +02:00
Riccardo Spagni
c8ce4217cf
Merge pull request #5445
b18f0b10 wallet: new --offline option (moneromooo-monero)
2019-04-16 22:46:53 +02:00
Riccardo Spagni
e9527f5eed
Merge pull request #5436
61d63900 net_helper: avoid unnecessary memcpy (moneromooo-monero)
2019-04-16 22:43:15 +02:00
Riccardo Spagni
c603044398
Merge pull request #5432
c3cf930f abstract_tcp_server2: fix timeout on exit (moneromooo-monero)
2019-04-16 22:41:18 +02:00
Florian
02c01c0bd8 Add Brewfile to allow for an even easier management of dependencies 2019-04-15 14:46:26 +02:00
moneromooo-monero
b18f0b1051
wallet: new --offline option
It will avoid connecting to a daemon (so useful for cold signing
using a RPC wallet), and not perform DNS queries.
2019-04-15 09:14:12 +00:00
Riccardo Spagni
e46dc055d1
Merge pull request #5369
e72c2c5d do not build in parallel as it is non-deterministic (Jane Mercer)
2019-04-15 09:13:48 +02:00
moneromooo-monero
61d63900b9
net_helper: avoid unnecessary memcpy 2019-04-13 13:24:58 +00:00
moneromooo-monero
c3cf930f75
abstract_tcp_server2: fix timeout on exit
When closing connections due to exiting, the IO service is
already gone, so the data exchange needed for a gracious SSL
shutdown cannot happen. We just close the socket in that case.
2019-04-12 18:13:31 +00:00
moneromooo-monero
4b3bb829c2
epee: init a new ssl related variable in ctor 2019-04-11 11:10:15 +00:00