Commit graph

34 commits

Author SHA1 Message Date
luigi1111
8774384ace
Merge pull request #5528
f61a315 net_utils: fix m_ssl type from time_t to bool (moneromooo-monero)
2019-07-24 14:05:18 -05:00
moneromooo-monero
65c4004963
allow blocking whole subnets 2019-07-16 11:35:53 +00:00
moneromooo-monero
35c20c4332
Fix GCC 9.1 build warnings
GCC wants operator= aand copy ctor to be both defined, or neither
2019-06-09 09:39:18 +00:00
moneromooo-monero
f61a315e8b
net_utils: fix m_ssl type from time_t to bool 2019-05-10 14:14:49 +00:00
Lee Clagett
7acfa9f3cc Added socks proxy (tor/i2pd/kovri) support to wallet 2019-03-25 01:35:13 +00:00
Riccardo Spagni
4466f4504e
Merge pull request #5091
123fc2a2 i2p: initial support (Jethro Grassie)
2019-03-04 21:20:34 +02:00
moneromooo-monero
2456945408
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-02-02 20:05:33 +00:00
Jethro Grassie
123fc2a25a
i2p: initial support 2019-01-30 13:37:45 -05:00
Lee Clagett
973403bc9f Adding initial support for broadcasting transactions over Tor
- Support for ".onion" in --add-exclusive-node and --add-peer
  - Add --anonymizing-proxy for outbound Tor connections
  - Add --anonymous-inbounds for inbound Tor connections
  - Support for sharing ".onion" addresses over Tor connections
  - Support for broadcasting transactions received over RPC exclusively
    over Tor (else broadcast over public IP when Tor not enabled).
2019-01-28 23:56:33 +00:00
moneromooo-monero
b750fb27b0
Pruning
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.

No other data is currently pruned.

There are three ways to prune a blockchain:

- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility

The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.

The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.

Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
2019-01-22 20:30:51 +00:00
moneromooo-monero
55c7fb87a9
epee: adaptive connection timeout system
a connection's timeout is halved for every extra connection
from the same host.

Also keep track of when we don't need to use a connection
anymore, so we can close it and free the resource for another
connection.

Also use the longer timeout for non routable local addresses.
2018-06-10 19:39:38 +01:00
moneromooo-monero
09ce03d612
move includes around to lessen overall load 2017-12-16 22:46:38 +00:00
moneromooo-monero
27aa8ce95b
net_utils_base: fix peer list parsing
Fields are written with their "name" as key, and that name changed.
2017-12-09 22:16:58 +00:00
Lee Clagett
8b00687735 Upgrades to epee::net_utils::network_address
- internal nullptr checks
  - prevent modifications to network_address (shallow copy issues)
  - automagically works with any type containing interface functions
  - removed fnv1a hashing
  - ipv4_network_address now flattened with no base class
2017-10-05 11:57:09 -04:00
moneromooo-monero
2e82b232e8
epee: give virtual dtor to network_address_base
It has virtual functions and is used as a base class
2017-09-18 12:30:48 +01:00
moneromooo-monero
c6ba7d110f
p2p: move m_in_timedsync from connection_context to p2p_connection_context
It's got no place in the base class as it's P2P specific field
2017-08-01 18:41:57 +01:00
moneromooo-monero
8f96cfc20a
Remove typeid use in network_address
Since I had to add an ID to the derived classes anyway,
this can be used instead. This removes an apparently
pointless warning from CLANG too.
2017-06-28 09:11:24 +01:00
Riccardo Spagni
f31b89012d
Merge pull request #2073
07c4276c Don't issue a new timedsync while one is already in progress (Howard Chu)
cf3a376c Don't timeout a slow operation that's making progress (Howard Chu)
340830de Fix PR#2039 (Howard Chu)
2017-06-24 12:41:09 +02:00
kenshi84
007937e217
net_utils_base: added missing template keyword 2017-06-19 08:11:28 +09:00
Howard Chu
07c4276cbe
Don't issue a new timedsync while one is already in progress
A timedsync is issued every minute on a connection, but the input
tineout is 2 minutes. This means a new sync request could be issued
while a slow sync request was already in progress. The additional
request will further clog the network on a slow connection, and
cause a premature timeout.
2017-06-15 16:54:03 +01:00
moneromooo-monero
072102cfd2
abstracted nework addresses
All code which was using ip and port now uses a new IPv4 object,
subclass of a new network_address class. This will allow easy
addition of I2P addresses later (and also IPv6, etc).
Both old style and new style peer lists are now sent in the P2P
protocol, which is inefficient but allows peers using both
codebases to talk to each other. This will be removed in the
future. No other subclasses than IPv4 exist yet.
2017-05-27 11:35:54 +01:00
Lee Clagett
50cd179a60 Removed boost/asio.hpp include from epee/string_tools.h 2017-03-18 22:05:14 -04:00
moneromooo-monero
61dfa310d7
epee: fix some log macros not printing context nicely 2017-02-12 17:16:11 +00:00
moneromooo-monero
5833d66f65
Change logging to easylogging++
This replaces the epee and data_loggers logging systems with
a single one, and also adds filename:line and explicit severity
levels. Categories may be defined, and logging severity set
by category (or set of categories). epee style 0-4 log level
maps to a sensible severity configuration. Log files now also
rotate when reaching 100 MB.

To select which logs to output, use the MONERO_LOGS environment
variable, with a comma separated list of categories (globs are
supported), with their requested severity level after a colon.
If a log matches more than one such setting, the last one in
the configuration string applies. A few examples:

This one is (mostly) silent, only outputting fatal errors:

MONERO_LOGS=*:FATAL

This one is very verbose:

MONERO_LOGS=*:TRACE

This one is totally silent (logwise):

MONERO_LOGS=""

This one outputs all errors and warnings, except for the
"verify" category, which prints just fatal errors (the verify
category is used for logs about incoming transactions and
blocks, and it is expected that some/many will fail to verify,
hence we don't want the spam):

MONERO_LOGS=*:WARNING,verify:FATAL

Log levels are, in decreasing order of priority:
FATAL, ERROR, WARNING, INFO, DEBUG, TRACE

Subcategories may be added using prefixes and globs. This
example will output net.p2p logs at the TRACE level, but all
other net* logs only at INFO:

MONERO_LOGS=*:ERROR,net*:INFO,net.p2p:TRACE

Logs which are intended for the user (which Monero was using
a lot through epee, but really isn't a nice way to go things)
should use the "global" category. There are a few helper macros
for using this category, eg: MGINFO("this shows up by default")
or MGINFO_RED("this is red"), to try to keep a similar look
and feel for now.

Existing epee log macros still exist, and map to the new log
levels, but since they're used as a "user facing" UI element
as much as a logging system, they often don't map well to log
severities (ie, a log level 0 log may be an error, or may be
something we want the user to see, such as an important info).
In those cases, I tried to use the new macros. In other cases,
I left the existing macros in. When modifying logs, it is
probably best to switch to the new macros with explicit levels.

The --log-level options and set_log commands now also accept
category settings, in addition to the epee style log levels.
2017-01-16 00:25:46 +00:00
redfish
c2d7300d2e contrib: epee: add exception spec to throwing destructors
The destructors get a noexcept(true) spec by default, but these
destructors in fact throw exceptions. An alternative fix might be to not
throw (most if not all of these throws are non-essential
error-reporting/logging).
2016-05-18 01:02:27 -04:00
rfree2monero
5ce4256e3d 2014 network limit 1.1 +utils +toc -doc -drmonero
Update of the PR with network limits

works very well for all speeds
(but remember that low download speed can stop upload
because we then slow down downloading of blockchain
requests too)

more debug options

fixed pedantic warnings in our code
should work again on Mac OS X and FreeBSD
fixed warning about size_t
tested on Debian, Ubuntu, Windows(testing now)

TCP options and ToS (QoS) flag
FIXED peer number limit
FIXED some spikes in ingress/download
FIXED problems when other up and down limit
2015-02-20 22:13:00 +01:00
Riccardo Spagni
0e1b7c9999
moved non-critical p2p errors to l2 2014-10-02 19:15:58 +02:00
fluffypony
cf5a8b1d6c moved non-critical warnings and errors to log level 1 2014-09-09 11:32:00 +02:00
fluffypony
32f9d2b783 move modified epee code to new classes, revert license 2014-07-25 18:29:08 +02:00
fluffypony
6fc995fe5d License updated to BSD 3-clause 2014-07-23 15:03:52 +02:00
mydesktop
3a3a817678 0.8.8update 2014-05-25 13:06:40 -04:00
Antonio Juarez
29c2859a3e json rpc for wallet and bugfix 2014-04-02 17:00:17 +01:00
Antonio Juarez
8efa1313f3 some fixes 2014-03-20 11:46:11 +00:00
Antonio Juarez
296ae46ed8 moved all stuff to github 2014-03-03 22:07:58 +00:00