Commit graph

8375 commits

Author SHA1 Message Date
Riccardo Spagni
de970334f5
bump version to 0.14.1.2 2019-07-18 16:57:30 +02:00
Riccardo Spagni
4850520b6a
update checkpoints.dat hash 2019-07-18 16:54:43 +02:00
Riccardo Spagni
a69dc81844
prep for 0.14.1.1 2019-07-17 22:25:53 +02:00
Riccardo Spagni
8eb075e789
Merge pull request #5732
a96c1a46 cryptonote_protocol: drop peers we can't download from when syncing (moneromooo-monero)
ab361df2 p2p: add a few missing connection close calls (moneromooo-monero)
2019-07-17 21:18:20 +02:00
luigi1111
fd3ff74164
Merge pull request #5746
3140a37 wallet_rpc_server: fix get_bulk_payments with short payment ids (moneromooo-monero)
2019-07-12 20:28:15 -05:00
luigi1111
309f2def9e
Merge pull request #5738
4ee095c p2p: don't connect to more than one IP per class B if we can (moneromooo-monero)
2019-07-12 20:26:43 -05:00
luigi1111
e4e8954c04
Merge pull request #5724
c223832 keccak: guard against misaligned memory accesses on ARM (moneromooo-monero)
2019-07-12 20:23:08 -05:00
luigi1111
f9a3d7fec8
Merge pull request #5704
8f22279 Depends: Update HIDAPI version (TheCharlatan)
2019-07-12 20:21:41 -05:00
luigi1111
496bc96fe9
Merge pull request #5690
1dbfc81 Add debug targets to depends Makefile (TheCharlatan)
cbbb24c Remove clutter in depends installed packages (TheCharlatan)
496cd46 Add ncurses package for linux and darwin readline (TheCharlatan)
2019-07-12 20:17:58 -05:00
moneromooo-monero
3140a378da
wallet_rpc_server: fix get_bulk_payments with short payment ids 2019-07-09 14:39:44 +00:00
moneromooo-monero
4ee095c200
p2p: don't connect to more than one IP per class B if we can 2019-07-05 18:25:52 +00:00
moneromooo-monero
c2238327d0
keccak: guard against misaligned memory accesses on ARM
The code generated is exactly the same as the direct access
one on x86_64
2019-07-04 22:13:16 +00:00
moneromooo-monero
a96c1a46d4
cryptonote_protocol: drop peers we can't download from when syncing
Any peer that's behind us while syncing is useless to us (though
not to them). This ensures that we don't get our peer slots filled
with peers that we can't use. Once we've synced, we can connect
to them and they can then sync off us if they want.
2019-07-04 21:56:10 +00:00
moneromooo-monero
ab361df2cd
p2p: add a few missing connection close calls 2019-07-04 21:56:10 +00:00
luigi1111
9d7107c870
Merge pull request #5663
5d6b43b core: fix --prune-blockchain not pruning if no blockchain exists (moneromooo-monero)
2019-07-04 14:46:37 -05:00
luigi1111
59ba0eee69
Merge pull request #5650
3c071d2 blockchain: silence an error getting blocks for pruned nodes (moneromooo-monero)
2019-07-04 14:44:05 -05:00
luigi1111
591c72613b
Merge pull request #5647
2ff99fb db_lmdb: commit pruning txn at checkpoints (moneromooo-monero)
2019-07-04 14:41:36 -05:00
luigi1111
633f14b976
Merge pull request #5681
037f94c Remove Xiala.net from the list of dns resolvers (tobtoht)
2019-07-01 01:12:23 -05:00
luigi1111
2db997828a
Merge pull request #5678
15c699f rpc: set sanity_check_failed to false when successful (stoffu)
2019-07-01 00:22:07 -05:00
luigi1111
393c33f86c
Merge pull request #5675
da3e20e tx_sanity_check: relax the median check a lot (moneromooo-monero)
2019-07-01 00:18:40 -05:00
luigi1111
58e21d0320
Merge pull request #5668
4237707 p2p: don't forget pruning seed or public RPC port when updating peers (moneromooo-monero)
2019-07-01 00:17:18 -05:00
TheCharlatan
8f2227940d Depends: Update HIDAPI version
The macos binaries in release v0.14.1.0 were compiled with the buggy
hidapi-0.8.0-rc1 version. This resulted in users not being able to use
their Ledger with the latest cli wallet. After the patch depends now
fetches the source from the libusb hidapi repository that has taken over
maintenance of hidapi.
2019-06-27 17:32:46 +02:00
moneromooo-monero
4237707d3e
p2p: don't forget pruning seed or public RPC port when updating peers
Older nodes don't pass that information around
2019-06-26 10:20:19 +00:00
TheCharlatan
496cd46d80 Add ncurses package for linux and darwin readline
Readline support is now compiled with the ncurses backend.
2019-06-25 19:16:20 +02:00
TheCharlatan
cbbb24cfe1 Remove clutter in depends installed packages
To speedup the depends cached builds, remove some some clutter from the package
files. This mainly incldues removing all the shared libraries and .la
linker files. It also gives stronger guarantees that monero only links
the static libs without any external rvalues.
2019-06-25 09:21:33 +02:00
TheCharlatan
1dbfc812e1 Add debug targets to depends Makefile
Packages can now be built individually and for each stage. This allows
easier debugging.
2019-06-25 09:20:47 +02:00
tobtoht
037f94c54e
Remove Xiala.net from the list of dns resolvers
It is down permanently. See: https://xiala.net/
"Ende November 2018 werden alle Dienste von xiala.net abgeschaltet."
2019-06-21 09:40:10 +00:00
stoffu
15c699f0a6
rpc: set sanity_check_failed to false when successful 2019-06-20 14:32:49 +09:00
moneromooo-monero
da3e20ee01
tx_sanity_check: relax the median check a lot
we don't want to prevent bona fide txes, just obvious bad ones
2019-06-19 23:31:38 +00:00
moneromooo-monero
5d6b43b672
core: fix --prune-blockchain not pruning if no blockchain exists 2019-06-17 16:26:43 +00:00
moneromooo-monero
3c071d203f
blockchain: silence an error getting blocks for pruned nodes
This happens often when a pre-pruning node asks a pruned node
for data it does not have
2019-06-16 11:03:41 +00:00
moneromooo-monero
2ff99fb47f
db_lmdb: commit pruning txn at checkpoints
to avoid errors when the txn is too large
2019-06-15 09:50:54 +00:00
Riccardo Spagni
6335509727
Merge pull request #5641
633f1542 prep for 0.14.1 release (Riccardo Spagni)
2019-06-14 16:20:02 +02:00
Riccardo Spagni
1d5e8f461d
Merge pull request #5639
2eef90d6 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
0564da5f ensure no NULL is passed to memcpy (moneromooo-monero)
bc09766b abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
1387549e serialization: check stream good flag at the end (moneromooo-monero)
a00cabd4 tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
f2152192 cryptonote: throw on tx hash calculation error (moneromooo-monero)
db2b9fba serialization: fail on read_varint error (moneromooo-monero)
68ad5481 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
1cc61018 cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
8f66b705 cryptonote_protocol_handler: prevent potential DoS (anonimal)
39169ace epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
2019-06-14 16:19:45 +02:00
Riccardo Spagni
633f1542e2
prep for 0.14.1 release 2019-06-14 16:16:52 +02:00
moneromooo-monero
2eef90d6ef
rpc: restrict the recent cutoff size in restricted RPC mode 2019-06-14 08:47:33 +00:00
moneromooo-monero
0564da5fdc
ensure no NULL is passed to memcpy
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
2019-06-14 08:47:29 +00:00
moneromooo-monero
bc09766bf9
abstract_tcp_server2: improve DoS resistance 2019-06-14 08:47:26 +00:00
moneromooo-monero
1387549e90
serialization: check stream good flag at the end
just in case
2019-06-14 08:47:23 +00:00
moneromooo-monero
a00cabd4f3
tree-hash: allocate variable memory on heap, not stack
Large amounts might run out of stack

Reported by guidov
2019-06-14 08:47:20 +00:00
moneromooo-monero
f215219252
cryptonote: throw on tx hash calculation error 2019-06-14 08:47:17 +00:00
moneromooo-monero
db2b9fba65
serialization: fail on read_varint error 2019-06-14 08:47:14 +00:00
moneromooo-monero
68ad548193
cryptonote_protocol: fix another potential P2P DoS
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
2019-06-14 08:47:11 +00:00
moneromooo-monero
1cc61018e5
cryptonote_protocol: expand basic DoS protection
Count transactions as well
2019-06-14 08:47:08 +00:00
anonimal
8f66b7053a
cryptonote_protocol_handler: prevent potential DoS
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.

This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
2019-06-14 08:47:05 +00:00
moneromooo-monero
39169ace09
epee: basic sanity check on allocation size from untrusted source
Reported by guidov
2019-06-14 08:47:01 +00:00
luigi1111
7b3df89bd4
Merge pull request #5632
3a0fbea Don't use -march=native (hyc)
f8b2f25 Allow parallel make (hyc)
01ced20 Delete redundant cppzmq dependency (hyc)
1dc4ebf Use 9 digit build IDs (hyc)
2019-06-12 14:47:33 -05:00
luigi1111
a22bb544a3
Merge pull request #5552
c27d961 [depends] update openssl to 1.0.2r (who-biz)
2019-06-12 14:43:51 -05:00
Howard Chu
1dc4ebfd6c
Use 9 digit build IDs 2019-06-12 16:47:33 +01:00
Howard Chu
01ced20eca
Delete redundant cppzmq dependency 2019-06-12 10:20:44 +01:00