Commit graph

302 commits

Author SHA1 Message Date
luigi1111
86938725ae
Merge pull request #5841
cae488d p2p: reject incoming connections to self (moneromooo-monero)
2019-09-08 19:48:09 -05:00
luigi1111
15dabf7d18
Merge pull request #5839
e353e3d p2p: sanitize peer lists (moneromooo-monero)
2019-09-08 19:45:09 -05:00
luigi1111
3b28ff2d6d
Merge pull request #5838
2e26536 p2p: move log away from global (moneromooo-monero)
2019-09-08 19:43:46 -05:00
moneromooo-monero
bc1144e98e
Fix IP address serialization on big endian
IP addresses are stored in network byte order even on little
endian hosts
2019-09-04 14:54:01 +00:00
moneromooo-monero
cae488dc9b
p2p: reject incoming connections to self 2019-08-22 17:08:29 +00:00
moneromooo-monero
e353e3d757
p2p: sanitize peer lists
Also remove the delta time fixup, since we now ignore those
as they're attacker controlled
2019-08-21 15:54:27 +00:00
moneromooo-monero
2e2653602f
p2p: move log away from global
It was here while debugging, and I forgot to move it away
2019-08-21 14:00:43 +00:00
luigi1111
c9df9d683a
Merge pull request #5696
fd60d05 daemon: fix print_pl only printing public zone peers (moneromooo-monero)
2019-08-20 01:50:10 -05:00
moneromooo-monero
fd60d05d5d
daemon: fix print_pl only printing public zone peers 2019-08-19 23:39:51 +00:00
luigi1111
f205d28e96
Merge pull request #5727
7b9a420 Replace std::random_shuffle with std::shuffle (tomsmeding)
2019-08-19 17:31:39 -05:00
luigi1111
017162b5b2
Merge pull request #5682
3768db2 p2p: add a reference to Cao, Tong et al. for the last_seen changes (moneromooo-monero)
2019-08-15 17:27:30 -05:00
luigi1111
8a0711f2f2
Merge pull request #5674
fcbf7b3 p2p: propagate out peers limit to payload handler (moneromooo-monero)
098aadf p2p: close the right number of connections on setting max in/out peers (moneromooo-monero)
2019-08-15 17:22:39 -05:00
Tom Smeding
7b9a420787 Replace std::random_shuffle with std::shuffle
According to [1], std::random_shuffle is deprecated in C++14 and removed
in C++17. Since std::shuffle is available since C++11 as a replacement
and monero already requires C++11, this is a good replacement.

A cryptographically secure random number generator is used in all cases
to prevent people from perhaps copying an insecure std::shuffle call
over to a place where a secure one would be warranted. A form of
defense-in-depth.

[1]: https://en.cppreference.com/w/cpp/algorithm/random_shuffle
2019-08-15 16:33:15 +02:00
Thomas Winget
155475d971
Add IPv6 support
new cli options (RPC ones also apply to wallet):
  --p2p-bind-ipv6-address (default = "::")
  --p2p-bind-port-ipv6    (default same as ipv4 port for given nettype)
  --rpc-bind-ipv6-address (default = "::1")

  --p2p-use-ipv6          (default false)
  --rpc-use-ipv6          (default false)

  --p2p-require-ipv4      (default true, if ipv4 bind fails and this is
                           true, will not continue even if ipv6 bind
                           successful)
  --rpc-require-ipv4      (default true, description as above)

ipv6 addresses are to be specified as "[xx:xx:xx::xx:xx]:port" except
in the cases of the cli args for bind address.  For those the square
braces can be omitted.
2019-07-31 20:04:57 -04:00
luigi1111
61512cf798
Merge pull request #5610
068fa1c p2p: delay IGP probing on startup (moneromooo-monero)
2019-07-24 14:35:11 -05:00
luigi1111
e241a6280d
Merge pull request #5582
fcfcc3a rpc: in/out peers can now return the setting's value (moneromooo-monero)
2019-07-24 14:18:09 -05:00
luigi1111
e579fe4ae0
Merge pull request #5530
6abaaaa remove obsolete save_graph skeleton code (moneromooo-monero)
2019-07-24 14:07:29 -05:00
luigi1111
1880c1a582
Merge pull request #5363
515ac29 p2p: store network address directly in blocked host list (moneromooo-monero)
65c4004 allow blocking whole subnets (moneromooo-monero)
2019-07-24 13:47:41 -05:00
Riccardo Spagni
8eb075e789
Merge pull request #5732
a96c1a46 cryptonote_protocol: drop peers we can't download from when syncing (moneromooo-monero)
ab361df2 p2p: add a few missing connection close calls (moneromooo-monero)
2019-07-17 21:18:20 +02:00
Lee Clagett
3b24b1d082 Added support for "noise" over I1P/Tor to mask Tx transmission. 2019-07-17 14:22:37 +00:00
moneromooo-monero
65c4004963
allow blocking whole subnets 2019-07-16 11:35:53 +00:00
moneromooo-monero
515ac2951d
p2p: store network address directly in blocked host list
rather than their string representation
2019-07-16 11:35:52 +00:00
moneromooo-monero
4ee095c200
p2p: don't connect to more than one IP per class B if we can 2019-07-05 18:25:52 +00:00
moneromooo-monero
ab361df2cd
p2p: add a few missing connection close calls 2019-07-04 21:56:10 +00:00
moneromooo-monero
4237707d3e
p2p: don't forget pruning seed or public RPC port when updating peers
Older nodes don't pass that information around
2019-06-26 10:20:19 +00:00
moneromooo-monero
3768db227c
p2p: add a reference to Cao, Tong et al. for the last_seen changes
"Exploring the Monero Peer-to-Peer Network". https://eprint.iacr.org/2019/411
2019-06-21 10:34:33 +00:00
moneromooo-monero
098aadf084
p2p: close the right number of connections on setting max in/out peers 2019-06-19 11:49:36 +00:00
moneromooo-monero
fcbf7b3f74
p2p: propagate out peers limit to payload handler 2019-06-19 11:49:36 +00:00
moneromooo-monero
2cbe75661c
p2p: fix GCC 9.1 crash 2019-06-08 17:52:53 +00:00
moneromooo-monero
068fa1ca5c
p2p: delay IGP probing on startup
We might have external access without having to do this
2019-06-06 10:33:02 +00:00
moneromooo-monero
fcfcc3ac86
rpc: in/out peers can now return the setting's value 2019-05-30 12:13:31 +00:00
moneromooo-monero
6abaaaa994
remove obsolete save_graph skeleton code 2019-05-10 14:17:18 +00:00
moneromooo-monero
28a7d31565
p2p: do not send last_seen timestamp to peers
This can be used for fingerprinting and working out the
network topology.

Instead of sending the first N (which are sorted by last
seen time), we sent a random subset of the first N+N/5,
which ensures reasonably recent peers are used, while
preventing repeated calls from deducing new entries are
peers the target node just connected to.

The list is also randomly shuffled so the original set of
timestamps cannot be approximated.
2019-04-24 17:56:12 +00:00
Riccardo Spagni
8d16e92dcb
Merge pull request #5425
58585986 p2p: fix integer overflow in host bans (moneromooo-monero)
2019-04-16 22:38:56 +02:00
moneromooo-monero
5858598604
p2p: fix integer overflow in host bans 2019-04-11 21:59:27 +00:00
stoffu
a2195b9b7f
crypto: replace rand<T>()%N idiom with unbiased rand_idx(N) 2019-04-04 22:38:19 +09:00
Riccardo Spagni
6e0242f861
Merge pull request #5334
19f8089f p2p: don't lookup seed nodes when offline (moneromooo-monero)
2019-04-01 17:37:01 +02:00
moneromooo-monero
19f8089fca
p2p: don't lookup seed nodes when offline
This will cause DNS requests, which will block and timeout
if there is really no network connectivity
2019-03-22 15:47:48 +00:00
rbrunner7
85f2f8c933 Fix daemon startup parameter '--limit-rate' processing after parameter defaults 2019-03-20 16:40:59 +01:00
Riccardo Spagni
bf0f85221b
Merge pull request #5195
a54e81e5 daemon: add '--no-sync' arg to optionally disable blockchain sync (xiphon)
2019-03-19 10:57:28 +02:00
Riccardo Spagni
848591c4d8
Merge pull request #5190
551104fb daemon: add --public-node mode, RPC port propagation over P2P (xiphon)
2019-03-17 17:56:04 +02:00
binaryFate
1f2930ce0b Update 2019 copyright 2019-03-05 22:05:34 +01:00
moneromooo-monero
ceb72be329
p2p: avoid busy loop when we have nothing to connect to 2019-03-05 12:00:45 +00:00
moneromooo-monero
e396146aee
default initialize rpc structures 2019-03-04 22:38:03 +00:00
Riccardo Spagni
4466f4504e
Merge pull request #5091
123fc2a2 i2p: initial support (Jethro Grassie)
2019-03-04 21:20:34 +02:00
xiphon
a54e81e572 daemon: add '--no-sync' arg to optionally disable blockchain sync 2019-02-25 03:22:14 +00:00
xiphon
551104fbf1 daemon: add --public-node mode, RPC port propagation over P2P 2019-02-25 02:40:23 +03:00
moneromooo-monero
2456945408
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-02-02 20:05:33 +00:00
Jethro Grassie
123fc2a25a
i2p: initial support 2019-01-30 13:37:45 -05:00
Lee Clagett
973403bc9f Adding initial support for broadcasting transactions over Tor
- Support for ".onion" in --add-exclusive-node and --add-peer
  - Add --anonymizing-proxy for outbound Tor connections
  - Add --anonymous-inbounds for inbound Tor connections
  - Support for sharing ".onion" addresses over Tor connections
  - Support for broadcasting transactions received over RPC exclusively
    over Tor (else broadcast over public IP when Tor not enabled).
2019-01-28 23:56:33 +00:00