Commit graph

8346 commits

Author SHA1 Message Date
moneromooo-monero
761a39a9de
p2p: don't forget pruning seed or public RPC port when updating peers
Older nodes don't pass that information around
2019-06-26 10:34:51 +00:00
Riccardo Spagni
29a505d1c1
Merge pull request #5638
6ed1679b prep for 0.14.1 release (Riccardo Spagni)
2019-06-14 16:09:16 +02:00
Riccardo Spagni
c58255ec12
Merge pull request #5640
542cab02 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
434e617a ensure no NULL is passed to memcpy (moneromooo-monero)
279f1f2c abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
756773e5 serialization: check stream good flag at the end (moneromooo-monero)
e3f714aa tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
67baa3a6 cryptonote: throw on tx hash calculation error (moneromooo-monero)
d6bb9ecc serialization: fail on read_varint error (moneromooo-monero)
19490e44 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
fa4aa47e cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
3c953d53 cryptonote_protocol_handler: prevent potential DoS (anonimal)
b873b69d epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
2019-06-14 16:08:59 +02:00
moneromooo-monero
542cab02e1
rpc: restrict the recent cutoff size in restricted RPC mode 2019-06-14 08:48:27 +00:00
moneromooo-monero
434e617a1d
ensure no NULL is passed to memcpy
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
2019-06-14 08:48:25 +00:00
moneromooo-monero
279f1f2c26
abstract_tcp_server2: improve DoS resistance 2019-06-14 08:48:22 +00:00
moneromooo-monero
756773e5fe
serialization: check stream good flag at the end
just in case
2019-06-14 08:48:19 +00:00
moneromooo-monero
e3f714aa2a
tree-hash: allocate variable memory on heap, not stack
Large amounts might run out of stack

Reported by guidov
2019-06-14 08:48:16 +00:00
moneromooo-monero
67baa3a66b
cryptonote: throw on tx hash calculation error 2019-06-14 08:48:13 +00:00
moneromooo-monero
d6bb9ecc6f
serialization: fail on read_varint error 2019-06-14 08:48:10 +00:00
moneromooo-monero
19490e44af
cryptonote_protocol: fix another potential P2P DoS
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
2019-06-14 08:48:07 +00:00
moneromooo-monero
fa4aa47ea0
cryptonote_protocol: expand basic DoS protection
Count transactions as well
2019-06-14 08:48:04 +00:00
anonimal
3c953d5369
cryptonote_protocol_handler: prevent potential DoS
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.

This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
2019-06-14 08:48:01 +00:00
moneromooo-monero
b873b69ded
epee: basic sanity check on allocation size from untrusted source
Reported by guidov
2019-06-14 08:47:58 +00:00
Riccardo Spagni
6ed1679bf8
prep for 0.14.1 release 2019-06-13 17:36:41 +02:00
luigi1111
3395de2e7f
Merge pull request #5633
cfa88ac Don't use -march=native (hyc)
e85bf46 Allow parallel make (hyc)
0ef8391 Delete redundant cppzmq dependency (hyc)
86591eb Use 9 digit build IDs (hyc)
2019-06-12 14:50:01 -05:00
luigi1111
9f2882dbb7
Merge pull request #5631
c27d961 [depends] update openssl to 1.0.2r (who-biz)
2019-06-12 14:45:40 -05:00
Howard Chu
86591ebf64
Use 9 digit build IDs 2019-06-12 16:15:07 +01:00
Howard Chu
0ef8391628
Delete redundant cppzmq dependency 2019-06-12 10:21:19 +01:00
Howard Chu
e85bf46641
Allow parallel make 2019-06-12 09:10:37 +01:00
Howard Chu
cfa88acb2b
Don't use -march=native 2019-06-12 09:10:29 +01:00
luigi1111
538fae4ec2
Merge pull request #5614
4cff925 p2p: fix GCC 9.1 crash (monermooo-monero)
f47488c Fix GCC 9.1 build warnings (moneromooo-monero)
ce13a98 cmake: do not use -mmitigate-rop on GCC >= 9.1 (moneromooo-monero)
2019-06-11 17:22:11 -05:00
luigi1111
0c62e7b15f
Merge pull request #5622
b0a04f7 epee: fix SSL autodetect on reconnection (xiphon)
2019-06-11 17:05:17 -05:00
luigi1111
24806b5035
Merge pull request #5620
117f950 miner: fix double free of thread attributes (ston1th)
2019-06-11 17:02:51 -05:00
luigi1111
0a1731aa7c
Merge pull request #5617
6375111 miniupnpc: update to build on BSD (moneromooo-monero)
2019-06-11 17:01:14 -05:00
xiphon
b0a04f7d45 epee: fix SSL autodetect on reconnection 2019-06-10 10:40:16 +00:00
ston1th
117f9501d8 miner: fix double free of thread attributes
issue: #5568
2019-06-09 12:29:03 +02:00
moneromooo-monero
ce13a98239
cmake: do not use -mmitigate-rop on GCC >= 9.1
It was removed, but it still accepted by the compiler, which warns
for every file
2019-06-09 09:40:55 +00:00
moneromooo-monero
f47488c734
Fix GCC 9.1 build warnings
GCC wants operator= aand copy ctor to be both defined, or neither
2019-06-09 09:39:34 +00:00
moneromooo-monero
6375111fa4
miniupnpc: update to build on BSD 2019-06-08 18:37:42 +00:00
moneromooo-monero
4cff9257e0
p2p: fix GCC 9.1 crash 2019-06-08 17:53:13 +00:00
Riccardo Spagni
256f8d8b66
Merge pull request #5584
eeebad66 functional_tests: fix python3 compatibility (moneromooo-monero)
2019-06-01 20:32:39 +02:00
Riccardo Spagni
9a2883266c
Merge pull request #5578
b7a96a08 core: update pruning if using --prune-blockchain on a pruned blockchain (moneromooo-monero)
2019-06-01 20:32:18 +02:00
Riccardo Spagni
3f2c82326e
Merge pull request #5572
a663ccba blockchain: do not try to pop blocks down to the genesis block (moneromooo-monero)
8f2a99d8 core: do not commit half constructed batch db txn (moneromooo-monero)
2019-06-01 20:31:55 +02:00
Riccardo Spagni
8b9920f0af
Merge pull request #5551
de6cfacc refresh and update translations for new release (erciccione)
2019-06-01 20:31:32 +02:00
Riccardo Spagni
162229286f
Merge pull request #5565
4456a4b9 Fix allow any cert mode in wallet rpc when configured over rpc (Lee Clagett)
fafc5c36 Add ssl_options support to monerod's rpc mode. (Lee Clagett)
ce73cc3a Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. (Lee Clagett)
2019-06-01 20:31:13 +02:00
Riccardo Spagni
2f5efc7f59
Merge pull request #5562
13864702 functional_tests: fix rare get_output_distribution failure (moneromooo-monero)
2019-06-01 20:30:54 +02:00
Riccardo Spagni
0565fe21ec
Merge pull request #5563
205a0ba1 unit_tests: make the density test a bit less stringent (moneromooo-monero)
2019-06-01 20:30:38 +02:00
Riccardo Spagni
ff5b30864a
Merge pull request #5564
b6830db2 Fix #5553 (Howard Chu)
2019-06-01 20:30:01 +02:00
moneromooo-monero
eeebad6630
functional_tests: fix python3 compatibility
Also add missing bans test to the default tests
2019-05-29 12:00:33 +00:00
moneromooo-monero
b7a96a0874
core: update pruning if using --prune-blockchain on a pruned blockchain
Avoids a massive amount of spurious warnings if the last update before
the daemon exited was a while ago and the daemon was syncing
2019-05-28 09:12:29 +00:00
moneromooo-monero
a663ccba71
blockchain: do not try to pop blocks down to the genesis block 2019-05-26 17:11:37 +00:00
moneromooo-monero
8f2a99d8ab
core: do not commit half constructed batch db txn 2019-05-25 16:25:10 +00:00
moneromooo-monero
13864702f1
functional_tests: fix rare get_output_distribution failure
When the wallet auto refreshes after mining the last two blocks
but before popping them, it will then try to use outputs which
are not unlocked yet. This is really a wallet problem, which
will be fixed later.
2019-05-22 11:24:08 +00:00
moneromooo-monero
205a0ba101
unit_tests: make the density test a bit less stringent
It's an inherently random test
2019-05-22 11:23:20 +00:00
Lee Clagett
4456a4b9b3 Fix allow any cert mode in wallet rpc when configured over rpc 2019-05-21 16:17:50 +00:00
Lee Clagett
fafc5c3692 Add ssl_options support to monerod's rpc mode. 2019-05-21 16:17:34 +00:00
Lee Clagett
ce73cc3add Fix configuration bug; wallet2 --daemon-ssl-allow-any-cert now works. 2019-05-21 16:17:13 +00:00
Howard Chu
b6830db2d4
Fix #5553
Make sure the tip hash still matches the cached block
2019-05-19 03:02:33 +01:00
who-biz
c27d96129e [depends] update openssl to 1.0.2r
- This addresses https://www.openssl.org/news/secadv/20190226.txt (CVE: 2019-1559) which impacted all versions of openssl-1.0.

Note that this does not address CVE-2019-1543 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1543), which impacts all versions of openssl 1.1 through 1.1.0j and 1.1.1b.

The above (1.1) is patched in openssl, where it was marked as low severity.  Similar issues possibly present in monero, should be looked into w.r.t. CVE-2019-1543.
2019-05-18 02:18:55 -04:00