Commit graph

8376 commits

Author SHA1 Message Date
Riccardo Spagni
f4f00accdb
update checkpoints.dat hash 2019-07-18 16:54:25 +02:00
Riccardo Spagni
65e2222902
prep for 0.14.1.1 2019-07-17 22:25:13 +02:00
Riccardo Spagni
3aa87ad178
Merge pull request #5733
1542d5d9 cryptonote_protocol: drop peers we can't download from when syncing (moneromooo-monero)
ff42af87 p2p: add a few missing connection close calls (moneromooo-monero)
2019-07-17 21:19:24 +02:00
luigi1111
5e81214d5c
Merge pull request #5747
f3febaf wallet_rpc_server: fix get_bulk_payments with short payment ids (moneromooo-monero)
2019-07-12 20:29:32 -05:00
luigi1111
2532f5a9e6
Merge pull request #5737
8072e23 p2p: don't connect to more than one IP per class B if we can (moneromooo-monero)
2019-07-12 20:25:51 -05:00
luigi1111
d89b6226ad
Merge pull request #5726
200e53c keccak: guard against misaligned memory accesses on ARM (moneromooo-monero)
2019-07-12 20:24:05 -05:00
luigi1111
b08cacb677
Merge pull request #5703
6461815 Depends: Update HIDAPI version (TheCharlatan)
2019-07-12 20:20:53 -05:00
luigi1111
fffd616cbe
Merge pull request #5694
5157060 Add debug targets to depends Makefile (TheCharlatan)
8475cbb Remove clutter in depends installed packages (TheCharlatan)
48c2659 Add ncurses package for linux and darwin readline (TheCharlatan)
2019-07-12 20:19:57 -05:00
moneromooo-monero
f3febafe80
wallet_rpc_server: fix get_bulk_payments with short payment ids 2019-07-09 14:39:10 +00:00
moneromooo-monero
8072e23249
p2p: don't connect to more than one IP per class B if we can 2019-07-05 18:25:34 +00:00
moneromooo-monero
200e53cfdd
keccak: guard against misaligned memory accesses on ARM
The code generated is exactly the same as the direct access
one on x86_64
2019-07-04 22:13:57 +00:00
moneromooo-monero
1542d5d978
cryptonote_protocol: drop peers we can't download from when syncing
Any peer that's behind us while syncing is useless to us (though
not to them). This ensures that we don't get our peer slots filled
with peers that we can't use. Once we've synced, we can connect
to them and they can then sync off us if they want.
2019-07-04 21:57:05 +00:00
moneromooo-monero
ff42af873c
p2p: add a few missing connection close calls 2019-07-04 21:57:02 +00:00
luigi1111
bb3c9ec403
Merge pull request #5664
c1eba2b core: fix --prune-blockchain not pruning if no blockchain exists (moneromooo-monero)
2019-07-04 14:47:59 -05:00
luigi1111
0825409608
Merge pull request #5651
c382677 blockchain: silence an error getting blocks for pruned nodes (moneromooo-monero)
2019-07-04 14:45:28 -05:00
luigi1111
ef4429e9ec
Merge pull request #5666
ba035bf db_lmdb: commit pruning txn at checkpoints (moneromooo-monero)
2019-07-04 14:43:15 -05:00
luigi1111
2af1ea5cb5
Merge pull request #5708
c78f7c5 Remove Xiala.net from the list of dns resolvers (tobtoht)
2019-07-01 02:08:17 -05:00
luigi1111
6e3d6f601a
Merge pull request #5684
93eb4d7 rpc: set sanity_check_failed to false when successful (stoffu)
2019-07-01 00:23:18 -05:00
luigi1111
124ea419f0
Merge pull request #5676
bb7b059 tx_sanity_check: relax the median check a lot (monermooo-monero)
2019-07-01 00:20:21 -05:00
luigi1111
ae77f09e68
Merge pull request #5669
761a39a p2p: don't forget pruning seed or public RPC port when updating peers (moneromooo-monero)
2019-07-01 00:15:39 -05:00
tobtoht
c78f7c58e1
Remove Xiala.net from the list of dns resolvers
It is down permanently. See: https://xiala.net/
"Ende November 2018 werden alle Dienste von xiala.net abgeschaltet."
2019-06-28 20:45:36 +00:00
TheCharlatan
64618150ec Depends: Update HIDAPI version
The macos binaries in release v0.14.1.0 were compiled with the buggy
hidapi-0.8.0-rc1 version. This resulted in users not being able to use
their Ledger with the latest cli wallet. After the patch depends now
fetches the source from the libusb hidapi repository that has taken over
maintenance of hidapi.
2019-06-27 17:30:15 +02:00
moneromooo-monero
761a39a9de
p2p: don't forget pruning seed or public RPC port when updating peers
Older nodes don't pass that information around
2019-06-26 10:34:51 +00:00
TheCharlatan
48c26599e6 Add ncurses package for linux and darwin readline
Readline support is now compiled with the ncurses backend.
2019-06-25 19:16:59 +02:00
TheCharlatan
8475cbbd90 Remove clutter in depends installed packages
To speedup the depends cached builds, remove some some clutter from the package
files. This mainly incldues removing all the shared libraries and .la
linker files. It also gives stronger guarantees that monero only links
the static libs without any external rvalues.
2019-06-25 19:16:59 +02:00
TheCharlatan
5157060077 Add debug targets to depends Makefile
Packages can now be built individually and for each stage. This allows
easier debugging.
2019-06-25 19:16:59 +02:00
stoffu
93eb4d79b4
rpc: set sanity_check_failed to false when successful 2019-06-22 07:43:36 +09:00
moneromooo-monero
bb7b059d70
tx_sanity_check: relax the median check a lot
we don't want to prevent bona fide txes, just obvious bad ones
2019-06-19 23:31:54 +00:00
moneromooo-monero
ba035bf827
db_lmdb: commit pruning txn at checkpoints
to avoid errors when the txn is too large
2019-06-18 10:31:38 +00:00
moneromooo-monero
c1eba2b587
core: fix --prune-blockchain not pruning if no blockchain exists 2019-06-17 16:27:15 +00:00
moneromooo-monero
c382677ee3
blockchain: silence an error getting blocks for pruned nodes
This happens often when a pre-pruning node asks a pruned node
for data it does not have
2019-06-16 11:03:14 +00:00
Riccardo Spagni
29a505d1c1
Merge pull request #5638
6ed1679b prep for 0.14.1 release (Riccardo Spagni)
2019-06-14 16:09:16 +02:00
Riccardo Spagni
c58255ec12
Merge pull request #5640
542cab02 rpc: restrict the recent cutoff size in restricted RPC mode (moneromooo-monero)
434e617a ensure no NULL is passed to memcpy (moneromooo-monero)
279f1f2c abstract_tcp_server2: improve DoS resistance (moneromooo-monero)
756773e5 serialization: check stream good flag at the end (moneromooo-monero)
e3f714aa tree-hash: allocate variable memory on heap, not stack (moneromooo-monero)
67baa3a6 cryptonote: throw on tx hash calculation error (moneromooo-monero)
d6bb9ecc serialization: fail on read_varint error (moneromooo-monero)
19490e44 cryptonote_protocol: fix another potential P2P DoS (moneromooo-monero)
fa4aa47e cryptonote_protocol: expand basic DoS protection (moneromooo-monero)
3c953d53 cryptonote_protocol_handler: prevent potential DoS (anonimal)
b873b69d epee: basic sanity check on allocation size from untrusted source (moneromooo-monero)
2019-06-14 16:08:59 +02:00
moneromooo-monero
542cab02e1
rpc: restrict the recent cutoff size in restricted RPC mode 2019-06-14 08:48:27 +00:00
moneromooo-monero
434e617a1d
ensure no NULL is passed to memcpy
NULL is valid when size is 0, but memcpy uses nonnull attributes,
so let's not poke the bear
2019-06-14 08:48:25 +00:00
moneromooo-monero
279f1f2c26
abstract_tcp_server2: improve DoS resistance 2019-06-14 08:48:22 +00:00
moneromooo-monero
756773e5fe
serialization: check stream good flag at the end
just in case
2019-06-14 08:48:19 +00:00
moneromooo-monero
e3f714aa2a
tree-hash: allocate variable memory on heap, not stack
Large amounts might run out of stack

Reported by guidov
2019-06-14 08:48:16 +00:00
moneromooo-monero
67baa3a66b
cryptonote: throw on tx hash calculation error 2019-06-14 08:48:13 +00:00
moneromooo-monero
d6bb9ecc6f
serialization: fail on read_varint error 2019-06-14 08:48:10 +00:00
moneromooo-monero
19490e44af
cryptonote_protocol: fix another potential P2P DoS
When asking for txes in a fluffy transaction, one might ask
for the same (large) tx many times
2019-06-14 08:48:07 +00:00
moneromooo-monero
fa4aa47ea0
cryptonote_protocol: expand basic DoS protection
Count transactions as well
2019-06-14 08:48:04 +00:00
anonimal
3c953d5369
cryptonote_protocol_handler: prevent potential DoS
Essentially, one can send such a large amount of IDs that core exhausts
all free memory. This issue can theoretically be exploited using very
large CN blockchains, such as Monero.

This is a partial fix. Thanks and credit given to CryptoNote author
'cryptozoidberg' for collaboration and the fix. Also thanks to
'moneromooo'. Referencing HackerOne report #506595.
2019-06-14 08:48:01 +00:00
moneromooo-monero
b873b69ded
epee: basic sanity check on allocation size from untrusted source
Reported by guidov
2019-06-14 08:47:58 +00:00
Riccardo Spagni
6ed1679bf8
prep for 0.14.1 release 2019-06-13 17:36:41 +02:00
luigi1111
3395de2e7f
Merge pull request #5633
cfa88ac Don't use -march=native (hyc)
e85bf46 Allow parallel make (hyc)
0ef8391 Delete redundant cppzmq dependency (hyc)
86591eb Use 9 digit build IDs (hyc)
2019-06-12 14:50:01 -05:00
luigi1111
9f2882dbb7
Merge pull request #5631
c27d961 [depends] update openssl to 1.0.2r (who-biz)
2019-06-12 14:45:40 -05:00
Howard Chu
86591ebf64
Use 9 digit build IDs 2019-06-12 16:15:07 +01:00
Howard Chu
0ef8391628
Delete redundant cppzmq dependency 2019-06-12 10:21:19 +01:00
Howard Chu
e85bf46641
Allow parallel make 2019-06-12 09:10:37 +01:00