Commit graph

8354 commits

Author SHA1 Message Date
moneromooo-monero
200e53cfdd
keccak: guard against misaligned memory accesses on ARM
The code generated is exactly the same as the direct access
one on x86_64
2019-07-04 22:13:57 +00:00
luigi1111
2af1ea5cb5
Merge pull request #5708
c78f7c5 Remove Xiala.net from the list of dns resolvers (tobtoht)
2019-07-01 02:08:17 -05:00
luigi1111
6e3d6f601a
Merge pull request #5684
93eb4d7 rpc: set sanity_check_failed to false when successful (stoffu)
2019-07-01 00:23:18 -05:00
luigi1111
124ea419f0
Merge pull request #5676
bb7b059 tx_sanity_check: relax the median check a lot (monermooo-monero)
2019-07-01 00:20:21 -05:00
luigi1111
ae77f09e68
Merge pull request #5669
761a39a p2p: don't forget pruning seed or public RPC port when updating peers (moneromooo-monero)
2019-07-01 00:15:39 -05:00
tobtoht
c78f7c58e1
Remove Xiala.net from the list of dns resolvers
It is down permanently. See: https://xiala.net/
"Ende November 2018 werden alle Dienste von xiala.net abgeschaltet."
2019-06-28 20:45:36 +00:00
moneromooo-monero
761a39a9de
p2p: don't forget pruning seed or public RPC port when updating peers
Older nodes don't pass that information around
2019-06-26 10:34:51 +00:00
stoffu
93eb4d79b4
rpc: set sanity_check_failed to false when successful 2019-06-22 07:43:36 +09:00
moneromooo-monero
bb7b059d70
tx_sanity_check: relax the median check a lot
we don't want to prevent bona fide txes, just obvious bad ones
2019-06-19 23:31:54 +00:00
Riccardo Spagni
29a505d1c1
Merge pull request #5638
6ed1679b prep for 0.14.1 release (Riccardo Spagni)
2019-06-14 16:09:16 +02:00
Riccardo Spagni
c58255ec12
Merge pull request #5640
542cab02 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
434e617a ensure no NULL is passed to memcpy (moneromooo-monero)
279f1f2c abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
756773e5 serialization: check stream good flag at the end (moneromooo-monero)
e3f714aa tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
67baa3a6 cryptonote: throw on tx hash calculation error (moneromooo-monero)
d6bb9ecc serialization: fail on read_varint error (moneromooo-monero)
19490e44 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
fa4aa47e cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
3c953d53 cryptonote_protocol_handler: prevent potential DoS (anonimal)
b873b69d epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
2019-06-14 16:08:59 +02:00
moneromooo-monero
542cab02e1
rpc: restrict the recent cutoff size in restricted RPC mode 2019-06-14 08:48:27 +00:00
moneromooo-monero
434e617a1d
ensure no NULL is passed to memcpy
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
2019-06-14 08:48:25 +00:00
moneromooo-monero
279f1f2c26
abstract_tcp_server2: improve DoS resistance 2019-06-14 08:48:22 +00:00
moneromooo-monero
756773e5fe
serialization: check stream good flag at the end
just in case
2019-06-14 08:48:19 +00:00
moneromooo-monero
e3f714aa2a
tree-hash: allocate variable memory on heap, not stack
Large amounts might run out of stack

Reported by guidov
2019-06-14 08:48:16 +00:00
moneromooo-monero
67baa3a66b
cryptonote: throw on tx hash calculation error 2019-06-14 08:48:13 +00:00
moneromooo-monero
d6bb9ecc6f
serialization: fail on read_varint error 2019-06-14 08:48:10 +00:00
moneromooo-monero
19490e44af
cryptonote_protocol: fix another potential P2P DoS
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
2019-06-14 08:48:07 +00:00
moneromooo-monero
fa4aa47ea0
cryptonote_protocol: expand basic DoS protection
Count transactions as well
2019-06-14 08:48:04 +00:00
anonimal
3c953d5369
cryptonote_protocol_handler: prevent potential DoS
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.

This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
2019-06-14 08:48:01 +00:00
moneromooo-monero
b873b69ded
epee: basic sanity check on allocation size from untrusted source
Reported by guidov
2019-06-14 08:47:58 +00:00
Riccardo Spagni
6ed1679bf8
prep for 0.14.1 release 2019-06-13 17:36:41 +02:00
luigi1111
3395de2e7f
Merge pull request #5633
cfa88ac Don't use -march=native (hyc)
e85bf46 Allow parallel make (hyc)
0ef8391 Delete redundant cppzmq dependency (hyc)
86591eb Use 9 digit build IDs (hyc)
2019-06-12 14:50:01 -05:00
luigi1111
9f2882dbb7
Merge pull request #5631
c27d961 [depends] update openssl to 1.0.2r (who-biz)
2019-06-12 14:45:40 -05:00
Howard Chu
86591ebf64
Use 9 digit build IDs 2019-06-12 16:15:07 +01:00
Howard Chu
0ef8391628
Delete redundant cppzmq dependency 2019-06-12 10:21:19 +01:00
Howard Chu
e85bf46641
Allow parallel make 2019-06-12 09:10:37 +01:00
Howard Chu
cfa88acb2b
Don't use -march=native 2019-06-12 09:10:29 +01:00
luigi1111
538fae4ec2
Merge pull request #5614
4cff925 p2p: fix GCC 9.1 crash (monermooo-monero)
f47488c Fix GCC 9.1 build warnings (moneromooo-monero)
ce13a98 cmake: do not use -mmitigate-rop on GCC >= 9.1 (moneromooo-monero)
2019-06-11 17:22:11 -05:00
luigi1111
0c62e7b15f
Merge pull request #5622
b0a04f7 epee: fix SSL autodetect on reconnection (xiphon)
2019-06-11 17:05:17 -05:00
luigi1111
24806b5035
Merge pull request #5620
117f950 miner: fix double free of thread attributes (ston1th)
2019-06-11 17:02:51 -05:00
luigi1111
0a1731aa7c
Merge pull request #5617
6375111 miniupnpc: update to build on BSD (moneromooo-monero)
2019-06-11 17:01:14 -05:00
xiphon
b0a04f7d45 epee: fix SSL autodetect on reconnection 2019-06-10 10:40:16 +00:00
ston1th
117f9501d8 miner: fix double free of thread attributes
issue: #5568
2019-06-09 12:29:03 +02:00
moneromooo-monero
ce13a98239
cmake: do not use -mmitigate-rop on GCC >= 9.1
It was removed, but it still accepted by the compiler, which warns
for every file
2019-06-09 09:40:55 +00:00
moneromooo-monero
f47488c734
Fix GCC 9.1 build warnings
GCC wants operator= aand copy ctor to be both defined, or neither
2019-06-09 09:39:34 +00:00
moneromooo-monero
6375111fa4
miniupnpc: update to build on BSD 2019-06-08 18:37:42 +00:00
moneromooo-monero
4cff9257e0
p2p: fix GCC 9.1 crash 2019-06-08 17:53:13 +00:00
Riccardo Spagni
256f8d8b66
Merge pull request #5584
eeebad66 functional_tests: fix python3 compatibility (moneromooo-monero)
2019-06-01 20:32:39 +02:00
Riccardo Spagni
9a2883266c
Merge pull request #5578
b7a96a08 core: update pruning if using --prune-blockchain on a pruned blockchain (moneromooo-monero)
2019-06-01 20:32:18 +02:00
Riccardo Spagni
3f2c82326e
Merge pull request #5572
a663ccba blockchain: do not try to pop blocks down to the genesis block (moneromooo-monero)
8f2a99d8 core: do not commit half constructed batch db txn (moneromooo-monero)
2019-06-01 20:31:55 +02:00
Riccardo Spagni
8b9920f0af
Merge pull request #5551
de6cfacc refresh and update translations for new release (erciccione)
2019-06-01 20:31:32 +02:00
Riccardo Spagni
162229286f
Merge pull request #5565
4456a4b9 Fix allow any cert mode in wallet rpc when configured over rpc (Lee Clagett)
fafc5c36 Add ssl_options support to monerod's rpc mode. (Lee Clagett)
ce73cc3a Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. (Lee Clagett)
2019-06-01 20:31:13 +02:00
Riccardo Spagni
2f5efc7f59
Merge pull request #5562
13864702 functional_tests: fix rare get_output_distribution failure (moneromooo-monero)
2019-06-01 20:30:54 +02:00
Riccardo Spagni
0565fe21ec
Merge pull request #5563
205a0ba1 unit_tests: make the density test a bit less stringent (moneromooo-monero)
2019-06-01 20:30:38 +02:00
Riccardo Spagni
ff5b30864a
Merge pull request #5564
b6830db2 Fix #5553 (Howard Chu)
2019-06-01 20:30:01 +02:00
moneromooo-monero
eeebad6630
functional_tests: fix python3 compatibility
Also add missing bans test to the default tests
2019-05-29 12:00:33 +00:00
moneromooo-monero
b7a96a0874
core: update pruning if using --prune-blockchain on a pruned blockchain
Avoids a massive amount of spurious warnings if the last update before
the daemon exited was a while ago and the daemon was syncing
2019-05-28 09:12:29 +00:00
moneromooo-monero
a663ccba71
blockchain: do not try to pop blocks down to the genesis block 2019-05-26 17:11:37 +00:00