diff --git a/src/common/memwipe.h b/contrib/epee/include/memwipe.h similarity index 100% rename from src/common/memwipe.h rename to contrib/epee/include/memwipe.h diff --git a/contrib/epee/include/net/http_auth.h b/contrib/epee/include/net/http_auth.h index 841cebc17..71f56b570 100644 --- a/contrib/epee/include/net/http_auth.h +++ b/contrib/epee/include/net/http_auth.h @@ -71,8 +71,8 @@ namespace net_utils std::uint32_t counter; }; - http_server_auth() : user() {} - http_server_auth(login credentials); + http_server_auth() : user(), rng() {} + http_server_auth(login credentials, std::function r); //! \return Auth response, or `boost::none` iff `request` had valid auth. boost::optional get_response(const http_request_info& request) @@ -81,10 +81,13 @@ namespace net_utils return do_get_response(request); return boost::none; } + private: boost::optional do_get_response(const http_request_info& request); boost::optional user; + + std::function rng; }; //! Implements RFC 2617 digest auth. Digests from RFC 7616 can be added. diff --git a/contrib/epee/include/net/http_protocol_handler.h b/contrib/epee/include/net/http_protocol_handler.h index 652d8ff6f..b4485d1cd 100644 --- a/contrib/epee/include/net/http_protocol_handler.h +++ b/contrib/epee/include/net/http_protocol_handler.h @@ -160,6 +160,7 @@ namespace net_utils struct custum_handler_config: public http_server_config { i_http_server_handler* m_phandler; + std::function rng; }; /************************************************************************/ @@ -176,7 +177,7 @@ namespace net_utils : simple_http_connection_handler(psnd_hndlr, config), m_config(config), m_conn_context(conn_context), - m_auth(m_config.m_user ? http_server_auth{*m_config.m_user} : http_server_auth{}) + m_auth(m_config.m_user ? http_server_auth{*m_config.m_user, config.rng} : http_server_auth{}) {} inline bool handle_request(const http_request_info& query_info, http_response_info& response) { diff --git a/contrib/epee/include/net/http_server_impl_base.h b/contrib/epee/include/net/http_server_impl_base.h index 8b8e31b51..1a97e610a 100644 --- a/contrib/epee/include/net/http_server_impl_base.h +++ b/contrib/epee/include/net/http_server_impl_base.h @@ -55,13 +55,14 @@ namespace epee : m_net_server(external_io_service) {} - bool init(const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0", + bool init(std::function rng, const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0", std::vector access_control_origins = std::vector(), boost::optional user = boost::none) { //set self as callback handler m_net_server.get_config_object().m_phandler = static_cast(this); + m_net_server.get_config_object().rng = std::move(rng); //here set folder for hosting reqests m_net_server.get_config_object().m_folder = ""; diff --git a/contrib/epee/include/net/network_throttle.hpp b/contrib/epee/include/net/network_throttle.hpp index fffd22a6a..225ffee04 100644 --- a/contrib/epee/include/net/network_throttle.hpp +++ b/contrib/epee/include/net/network_throttle.hpp @@ -99,8 +99,6 @@ struct calculate_times_struct { typedef calculate_times_struct calculate_times_struct; -namespace cryptonote { class cryptonote_protocol_handler_base; } // a friend class // TODO friend not working - /*** @brief Access to simple throttles, with singlton to access global network limits */ @@ -117,7 +115,6 @@ class network_throttle_manager { static boost::mutex m_lock_get_global_throttle_inreq; static boost::mutex m_lock_get_global_throttle_out; - friend class cryptonote::cryptonote_protocol_handler_base; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS! friend class connection_basic; // FRIEND - to directly access global throttle-s. !! REMEMBER TO USE LOCKS! friend class connection_basic_pimpl; // ditto diff --git a/contrib/epee/src/CMakeLists.txt b/contrib/epee/src/CMakeLists.txt index b6967e8fc..9d104ceeb 100644 --- a/contrib/epee/src/CMakeLists.txt +++ b/contrib/epee/src/CMakeLists.txt @@ -26,12 +26,16 @@ # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF # THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp +add_library(epee STATIC hex.cpp http_auth.cpp mlog.cpp net_utils_base.cpp string_tools.cpp wipeable_string.cpp memwipe.c connection_basic.cpp network_throttle.cpp network_throttle-detail.cpp) if (USE_READLINE AND GNU_READLINE_FOUND) add_library(epee_readline STATIC readline_buffer.cpp) endif() +if(HAVE_C11) +SET_PROPERTY(SOURCE memwipe.c PROPERTY COMPILE_FLAGS -std=c11) +endif() + # Build and install libepee if we're building for GUI if (BUILD_GUI_DEPS) if(IOS) @@ -49,7 +53,6 @@ endif() target_link_libraries(epee PUBLIC - cncrypto easylogging ${Boost_FILESYSTEM_LIBRARY} PRIVATE diff --git a/contrib/epee/src/connection_basic.cpp b/contrib/epee/src/connection_basic.cpp index 534044a79..5848d1268 100644 --- a/contrib/epee/src/connection_basic.cpp +++ b/contrib/epee/src/connection_basic.cpp @@ -78,7 +78,6 @@ // TODO: #include "net/network_throttle-detail.hpp" -#include "cryptonote_core/cryptonote_core.h" #undef MONERO_DEFAULT_LOG_CATEGORY #define MONERO_DEFAULT_LOG_CATEGORY "net.p2p" diff --git a/contrib/epee/src/http_auth.cpp b/contrib/epee/src/http_auth.cpp index f06f05528..5b8d892ff 100644 --- a/contrib/epee/src/http_auth.cpp +++ b/contrib/epee/src/http_auth.cpp @@ -66,7 +66,6 @@ #include #include -#include "crypto/crypto.h" #include "hex.h" #include "md5_l.h" #include "string_coding.h" @@ -711,8 +710,8 @@ namespace epee { namespace http { - http_server_auth::http_server_auth(login credentials) - : user(session{std::move(credentials)}) { + http_server_auth::http_server_auth(login credentials, std::function r) + : user(session{std::move(credentials)}), rng(std::move(r)) { } boost::optional http_server_auth::do_get_response(const http_request_info& request) @@ -746,7 +745,7 @@ namespace epee user->counter = 0; { std::array rand_128bit{{}}; - crypto::rand(rand_128bit.size(), rand_128bit.data()); + rng(rand_128bit.size(), rand_128bit.data()); user->nonce = string_encoding::base64_encode(rand_128bit.data(), rand_128bit.size()); } return create_digest_response(user->nonce, is_stale); diff --git a/src/common/memwipe.c b/contrib/epee/src/memwipe.c similarity index 100% rename from src/common/memwipe.c rename to contrib/epee/src/memwipe.c diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index 7ad08ea83..50887e35c 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -35,7 +35,6 @@ set(common_sources download.cpp util.cpp i18n.cpp - memwipe.c password.cpp perf_timer.cpp threadpool.cpp @@ -64,7 +63,6 @@ set(common_private_headers util.h varint.h i18n.h - memwipe.h password.h perf_timer.h stack_trace.h @@ -92,9 +90,5 @@ target_link_libraries(common ${OPENSSL_LIBRARIES} ${EXTRA_LIBRARIES}) -if(HAVE_C11) -SET_PROPERTY(SOURCE memwipe.c PROPERTY COMPILE_FLAGS -std=c11) -endif() - #monero_install_headers(common # ${common_headers}) diff --git a/src/common/password.cpp b/src/common/password.cpp index dc0856160..011123300 100644 --- a/src/common/password.cpp +++ b/src/common/password.cpp @@ -46,7 +46,7 @@ #include "readline_buffer.h" #endif -#include "common/memwipe.h" +#include "memwipe.h" namespace { diff --git a/src/common/util.cpp b/src/common/util.cpp index 2a2f50c4f..a4a435104 100644 --- a/src/common/util.cpp +++ b/src/common/util.cpp @@ -39,6 +39,7 @@ #include "wipeable_string.h" using namespace epee; +#include "crypto/crypto.h" #include "util.h" #include "memwipe.h" #include "cryptonote_config.h" diff --git a/src/crypto/CMakeLists.txt b/src/crypto/CMakeLists.txt index fd71a87e7..764b30273 100644 --- a/src/crypto/CMakeLists.txt +++ b/src/crypto/CMakeLists.txt @@ -76,6 +76,7 @@ monero_add_library(cncrypto ${crypto_private_headers}) target_link_libraries(cncrypto PUBLIC + epee ${Boost_SYSTEM_LIBRARY} PRIVATE ${EXTRA_LIBRARIES}) diff --git a/src/crypto/chacha.h b/src/crypto/chacha.h index a9665030d..c11e4aa2f 100644 --- a/src/crypto/chacha.h +++ b/src/crypto/chacha.h @@ -39,7 +39,7 @@ #if defined(__cplusplus) #include -#include "common/memwipe.h" +#include "memwipe.h" #include "hash.h" namespace crypto { diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index 0ce5e6d7a..a929302c1 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -41,7 +41,7 @@ #include "common/pod-class.h" #include "common/util.h" -#include "common/memwipe.h" +#include "memwipe.h" #include "generic-ops.h" #include "hex.h" #include "span.h" diff --git a/src/mnemonics/CMakeLists.txt b/src/mnemonics/CMakeLists.txt index 5ce2198ae..79964e873 100644 --- a/src/mnemonics/CMakeLists.txt +++ b/src/mnemonics/CMakeLists.txt @@ -57,6 +57,7 @@ monero_add_library(mnemonics ${mnemonics_private_headers}) target_link_libraries(mnemonics PUBLIC + epee easylogging ${Boost_SYSTEM_LIBRARY} PRIVATE diff --git a/src/p2p/CMakeLists.txt b/src/p2p/CMakeLists.txt index 123b0a272..3fc053dc7 100644 --- a/src/p2p/CMakeLists.txt +++ b/src/p2p/CMakeLists.txt @@ -46,5 +46,6 @@ target_link_libraries(p2p ${Boost_FILESYSTEM_LIBRARY} ${Boost_SYSTEM_LIBRARY} ${Boost_THREAD_LIBRARY} + ${Boost_SERIALIZATION_LIBRARY} PRIVATE ${EXTRA_LIBRARIES}) diff --git a/src/rpc/CMakeLists.txt b/src/rpc/CMakeLists.txt index 748c6b8c1..19ea93902 100644 --- a/src/rpc/CMakeLists.txt +++ b/src/rpc/CMakeLists.txt @@ -101,6 +101,7 @@ target_link_libraries(rpc_base epee ${Boost_REGEX_LIBRARY} ${Boost_THREAD_LIBRARY} + ${Boost_PROGRAM_OPTIONS_LIBRARY} PRIVATE ${EXTRA_LIBRARIES}) @@ -125,6 +126,7 @@ target_link_libraries(daemon_messages target_link_libraries(daemon_rpc_server LINK_PRIVATE + rpc cryptonote_core cryptonote_protocol daemon_messages diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp index a6109cb89..4966b107d 100644 --- a/src/rpc/core_rpc_server.cpp +++ b/src/rpc/core_rpc_server.cpp @@ -106,8 +106,9 @@ namespace cryptonote if (rpc_config->login) http_login.emplace(std::move(rpc_config->login->username), std::move(rpc_config->login->password).password()); + auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); }; return epee::http_server_impl_base::init( - std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login) + rng, std::move(port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login) ); } //------------------------------------------------------------------------------------------------------------------------------ diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index a66a33c22..f36a12a1d 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -62,7 +62,7 @@ using namespace epee; #include "rapidjson/writer.h" #include "rapidjson/stringbuffer.h" #include "common/json_util.h" -#include "common/memwipe.h" +#include "memwipe.h" #include "common/base58.h" #include "ringct/rctSigs.h" diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp index 3aba76da0..4c1788f0b 100644 --- a/src/wallet/wallet_rpc_server.cpp +++ b/src/wallet/wallet_rpc_server.cpp @@ -229,8 +229,9 @@ namespace tools m_http_client.set_server(walvars->get_daemon_address(), walvars->get_daemon_login()); m_net_server.set_threads_prefix("RPC"); + auto rng = [](size_t len, uint8_t *ptr) { return crypto::rand(len, ptr); }; return epee::http_server_impl_base::init( - std::move(bind_port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login) + rng, std::move(bind_port), std::move(rpc_config->bind_ip), std::move(rpc_config->access_control_origins), std::move(http_login) ); } //------------------------------------------------------------------------------------------------------------------------------ diff --git a/tests/unit_tests/http.cpp b/tests/unit_tests/http.cpp index 5e427f064..0e8f9f747 100644 --- a/tests/unit_tests/http.cpp +++ b/tests/unit_tests/http.cpp @@ -60,12 +60,18 @@ #include "md5_l.h" #include "string_tools.h" +#include "crypto/crypto.h" namespace { namespace http = epee::net_utils::http; using fields = std::unordered_map; using auth_responses = std::vector; +void rng(size_t len, uint8_t *ptr) +{ + crypto::rand(len, ptr); +} + std::string quoted(std::string str) { str.insert(str.begin(), '"'); @@ -250,13 +256,13 @@ std::string get_nc(std::uint32_t count) TEST(HTTP_Server_Auth, NotRequired) { - http::http_server_auth auth{}; + http::http_server_auth auth{}; // no rng here EXPECT_FALSE(auth.get_response(http::http_request_info{})); } TEST(HTTP_Server_Auth, MissingAuth) { - http::http_server_auth auth{{"foo", "bar"}}; + http::http_server_auth auth{{"foo", "bar"}, rng}; EXPECT_TRUE(bool(auth.get_response(http::http_request_info{}))); { http::http_request_info request{}; @@ -267,7 +273,7 @@ TEST(HTTP_Server_Auth, MissingAuth) TEST(HTTP_Server_Auth, BadSyntax) { - http::http_server_auth auth{{"foo", "bar"}}; + http::http_server_auth auth{{"foo", "bar"}, rng}; EXPECT_TRUE(bool(auth.get_response(make_request({{u8"algorithm", "fo\xFF"}})))); EXPECT_TRUE(bool(auth.get_response(make_request({{u8"cnonce", "\"000\xFF\""}})))); EXPECT_TRUE(bool(auth.get_response(make_request({{u8"cnonce \xFF =", "\"000\xFF\""}})))); @@ -277,7 +283,7 @@ TEST(HTTP_Server_Auth, BadSyntax) TEST(HTTP_Server_Auth, MD5) { http::login user{"foo", "bar"}; - http::http_server_auth auth{user}; + http::http_server_auth auth{user, rng}; const auto response = auth.get_response(make_request(fields{})); ASSERT_TRUE(bool(response)); @@ -326,7 +332,7 @@ TEST(HTTP_Server_Auth, MD5_sess) constexpr const char cnonce[] = "not a good cnonce"; http::login user{"foo", "bar"}; - http::http_server_auth auth{user}; + http::http_server_auth auth{user, rng}; const auto response = auth.get_response(make_request(fields{})); ASSERT_TRUE(bool(response)); @@ -378,7 +384,7 @@ TEST(HTTP_Server_Auth, MD5_auth) constexpr const char qop[] = "auth"; http::login user{"foo", "bar"}; - http::http_server_auth auth{user}; + http::http_server_auth auth{user, rng}; const auto response = auth.get_response(make_request(fields{})); ASSERT_TRUE(bool(response)); @@ -446,7 +452,7 @@ TEST(HTTP_Server_Auth, MD5_sess_auth) constexpr const char qop[] = "auth"; http::login user{"foo", "bar"}; - http::http_server_auth auth{user}; + http::http_server_auth auth{user, rng}; const auto response = auth.get_response(make_request(fields{})); ASSERT_TRUE(bool(response)); @@ -523,7 +529,7 @@ TEST(HTTP_Auth, DogFood) const http::login user{"some_user", "ultimate password"}; - http::http_server_auth server{user}; + http::http_server_auth server{user, rng}; http::http_client_auth client{user}; http::http_request_info request{}; diff --git a/tests/unit_tests/memwipe.cpp b/tests/unit_tests/memwipe.cpp index 2d8980ef7..59f50cef8 100644 --- a/tests/unit_tests/memwipe.cpp +++ b/tests/unit_tests/memwipe.cpp @@ -30,7 +30,7 @@ #include #include "misc_log_ex.h" -#include "common/memwipe.h" +#include "memwipe.h" // Probably won't catch the optimized out case, but at least we test // it works in the normal case