Commit graph

411 commits

Author SHA1 Message Date
Martijn Otto
057c279cb4
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-03-05 14:16:08 +01:00
moneromooo-monero
e396146aee
default initialize rpc structures 2019-03-04 22:38:03 +00:00
Riccardo Spagni
46fd181cca
Merge pull request #4054
24569454 epee: add SSL support (moneromooo-monero)
2019-03-04 21:17:21 +02:00
moneromooo-monero
b8787f4302
ArticMine's new block weight algorithm
This curbs runaway growth while still allowing substantial
spikes in block weight

Original specification from ArticMine:

here is the scaling proposal
Define: LongTermBlockWeight
Before fork:
LongTermBlockWeight = BlockWeight
At or after fork:
LongTermBlockWeight = min(BlockWeight, 1.4*LongTermEffectiveMedianBlockWeight)
Note: To avoid possible consensus issues over rounding the LongTermBlockWeight for a given block should be calculated to the nearest byte, and stored as a integer in the block itself. The stored LongTermBlockWeight is then used for future calculations of the LongTermEffectiveMedianBlockWeight and not recalculated each time.
Define:   LongTermEffectiveMedianBlockWeight
LongTermEffectiveMedianBlockWeight = max(300000, MedianOverPrevious100000Blocks(LongTermBlockWeight))
Change Definition of EffectiveMedianBlockWeight
From (current definition)
EffectiveMedianBlockWeight  = max(300000, MedianOverPrevious100Blocks(BlockWeight))
To (proposed definition)
EffectiveMedianBlockWeight  = min(max(300000, MedianOverPrevious100Blocks(BlockWeight)), 50*LongTermEffectiveMedianBlockWeight)
Notes:
1) There are no other changes to the existing penalty formula, median calculation, fees etc.
2) There is the requirement to store the LongTermBlockWeight of a block unencrypted in the block itself. This  is to avoid possible consensus issues over rounding and also to prevent the calculations from becoming unwieldy as we move away from the fork.
3) When the  EffectiveMedianBlockWeight cap is reached it is still possible to mine blocks up to 2x the EffectiveMedianBlockWeight by paying the corresponding penalty.

Note: the long term block weight is stored in the database, but not in the actual block itself,
since it requires recalculating anyway for verification.
2019-03-04 09:33:58 +00:00
moneromooo-monero
2456945408
epee: add SSL support
RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{rpc,daemon}-ssl-private-key and
--{rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--rpc-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good
certificates.

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
2019-02-02 20:05:33 +00:00
Lee Clagett
973403bc9f Adding initial support for broadcasting transactions over Tor
- Support for ".onion" in --add-exclusive-node and --add-peer
  - Add --anonymizing-proxy for outbound Tor connections
  - Add --anonymous-inbounds for inbound Tor connections
  - Support for sharing ".onion" addresses over Tor connections
  - Support for broadcasting transactions received over RPC exclusively
    over Tor (else broadcast over public IP when Tor not enabled).
2019-01-28 23:56:33 +00:00
moneromooo-monero
acfff8d0ce
rpc: fix internal daemon calls in restricted rpc getting partial data 2019-01-28 19:35:20 +00:00
moneromooo-monero
b750fb27b0
Pruning
The blockchain prunes seven eighths of prunable tx data.
This saves about two thirds of the blockchain size, while
keeping the node useful as a sync source for an eighth
of the blockchain.

No other data is currently pruned.

There are three ways to prune a blockchain:

- run monerod with --prune-blockchain
- run "prune_blockchain" in the monerod console
- run the monero-blockchain-prune utility

The first two will prune in place. Due to how LMDB works, this
will not reduce the blockchain size on disk. Instead, it will
mark parts of the file as free, so that future data will use
that free space, causing the file to not grow until free space
grows scarce.

The third way will create a second database, a pruned copy of
the original one. Since this is a new file, this one will be
smaller than the original one.

Once the database is pruned, it will stay pruned as it syncs.
That is, there is no need to use --prune-blockchain again, etc.
2019-01-22 20:30:51 +00:00
Riccardo Spagni
3eb96fa512
Merge pull request #5027
9092fc4b wallet: do not display daemon controlled text if untrusted (moneromooo-monero)
2019-01-16 21:38:15 +02:00
Riccardo Spagni
9d57ee9ff6
Merge pull request #4984
008647d7 blockchain_db: speedup tx output gathering (moneromooo-monero)
2019-01-16 19:06:07 +02:00
Riccardo Spagni
577a8f5c84
Merge pull request #4952
570dd369 p2p: use vector instead of list for peer lists (moneromooo-monero)
2019-01-06 20:39:07 +02:00
moneromooo-monero
9092fc4bfd
wallet: do not display daemon controlled text if untrusted 2018-12-30 01:32:57 +00:00
moneromooo-monero
008647d7eb
blockchain_db: speedup tx output gathering
We know all the data we'll want for getblocks.bin is contiguous
2018-12-18 11:55:21 +00:00
Riccardo Spagni
4556f0e2b8
Merge pull request #4908
5ca4994c rpc: speed up the common get_output_distribution case while syncing (moneromooo-monero)
2018-12-12 11:59:04 +02:00
Riccardo Spagni
0fccc78e39
Merge pull request #4903
dc1c1252 add command pop_blocks (Jason Wong)
2018-12-12 11:58:37 +02:00
moneromooo-monero
570dd3690e
p2p: use vector instead of list for peer lists 2018-12-07 13:20:34 +00:00
Riccardo Spagni
7e957c162a
Merge pull request #4879
243f010e rpc: mask values that are nobody else's business in restricted RPC (moneromooo-monero)
2018-12-04 17:34:57 +02:00
Riccardo Spagni
81418cb281
Merge pull request #4894
aee7a4e3 wallet_rpc_server: do not use RPC data if the call failed (moneromooo-monero)
1a0733e5 windows_service: fix memory leak (moneromooo-monero)
0dac3c64 unit_tests: do not rethrow a copy of an exception (moneromooo-monero)
5d9915ab cryptonote: fix get_unit for non default settings (moneromooo-monero)
d4f50cb1 remove some unused code (moneromooo-monero)
61163971 a few minor (but easy) performance tweaks (moneromooo-monero)
30023074 tests: slow_memmem now returns size_t (moneromooo-monero)
2018-12-04 17:33:19 +02:00
moneromooo-monero
243f010edc
rpc: mask values that are nobody else's business in restricted RPC 2018-12-04 15:32:21 +00:00
Riccardo Spagni
e282e9fa40
Merge pull request #4878
517f25ef rpc: add version to get_info (Jethro Grassie)
2018-12-04 17:28:24 +02:00
Riccardo Spagni
e7d30780de
Merge pull request #4869
60f36386 Avoid unnecessary temp block and copy ctor (moneromooo-monero)
2018-12-04 17:12:47 +02:00
Riccardo Spagni
11d86f6008
Merge pull request #4859
6f2497bc Don't cache nettype in core_rpc_server use m_core (doy-lee)
2018-12-04 17:09:21 +02:00
Riccardo Spagni
c00ac446fd
Merge pull request #4854
bd98e99c Removed a lot of unnecessary includes (Martijn Otto)
2018-12-04 17:08:42 +02:00
Jason Wong
dc1c12528d add command pop_blocks
add new public method to Blockchain and update according to code review

update after review: better lock/unlock, try catch and coding style
2018-11-28 12:20:28 +01:00
moneromooo-monero
5ca4994c9c
rpc: speed up the common get_output_distribution case while syncing 2018-11-27 14:01:40 +00:00
Riccardo Spagni
58ce16d4d9
Merge pull request #4821
fc98f7a0 rpc: speedup get_outs.bin (moneromooo-monero)
2018-11-26 21:51:27 +02:00
moneromooo-monero
fc98f7a0a1
rpc: speedup get_outs.bin 2018-11-26 18:56:23 +00:00
moneromooo-monero
d4f50cb109
remove some unused code
Found by codacy.com
2018-11-23 15:37:36 +00:00
moneromooo-monero
3002307418
tests: slow_memmem now returns size_t
Makes more sense than uint64_t for an offset, and agrees with
the %zu used to print results.

Found by codacy.com
2018-11-23 15:36:48 +00:00
Jethro Grassie
517f25efd1
rpc: add version to get_info 2018-11-21 12:56:34 -05:00
moneromooo-monero
b9b307d11a
rpc: speedup get_output_distribution
and decrease the amount of data carried around
2018-11-20 10:11:25 +00:00
moneromooo-monero
60f36386e4
Avoid unnecessary temp block and copy ctor
block already has a default ctor, and the extra object
churn due to its innards (vectors, etc) is pointless.
2018-11-19 17:57:17 +00:00
moneromooo-monero
31d80027b5
tests: add unit tests for get_output_distribution 2018-11-16 19:21:45 +00:00
doy-lee
6f2497bc7a Don't cache nettype in core_rpc_server use m_core
This can go out of sync with m_core's nettype if you run in fakechain
mode since entering fakechain mode is done through code not the command
line and core_rpc_server only looks at the command line to figure out
the nettype.
2018-11-16 15:32:05 +11:00
Martijn Otto
bd98e99c80
Removed a lot of unnecessary includes 2018-11-15 17:29:34 +01:00
Riccardo Spagni
23fc891555
Merge pull request #4750
e61062b6 use current height - 1 for top block height in err msgs (cryptochangements34)
2018-11-14 21:32:21 +02:00
Riccardo Spagni
ff347c98a1
Merge pull request #4747
dad5bbfd return message in stop_mining if mining never started (cryptochangements34)
2018-11-14 21:32:10 +02:00
Riccardo Spagni
299d75b209
Merge pull request #4735
73e504c1 rpc: adjust ring size error message now that too high is also possible (moneromooo-monero)
a5ca7f4f core: fix unmixable special case allowing ring size below 11 (moneromooo-monero)
2018-11-06 21:31:14 +02:00
Dusan Klinec
e178bf234a
rpc: fix linking error of 6097472a, get_output_distribution
Undefined symbols for architecture x86_64:
  "cryptonote::core::get_output_distribution(unsigned long long, unsigned long long, unsigned long long, unsigned long long&, std::__1::vector<unsigned long long, std::__1::allocator<unsigned long long> >&, unsigned long long&) const", referenced from:
      cryptonote::rpc::RpcHandler::get_output_distribution(cryptonote::core&, unsigned long long, unsigned long long, unsigned long long, bool) in rpc_handler.cpp.o
2018-11-04 23:38:52 +01:00
Riccardo Spagni
0c7086bf7f
Merge pull request #4687
6097472a Update ZMQ fee estimate and add ZMQ output distribution (Lee Clagett)
2018-11-04 20:44:49 +02:00
cryptochangements34
e61062b6f2 use current height - 1 for top block height in err msgs 2018-11-02 19:31:31 -04:00
cryptochangements34
dad5bbfdf9
return message in stop_mining if mining never started 2018-10-28 09:50:33 -04:00
moneromooo-monero
73e504c139
rpc: adjust ring size error message now that too high is also possible 2018-10-27 11:16:28 +00:00
Riccardo Spagni
00a7d441d6
Merge pull request #4719
0aff4987 rpc: fix build with older compilers (moneromooo-monero)
2018-10-26 22:41:43 +02:00
Riccardo Spagni
fc06c5daf8
Merge pull request #4617
3ffbec15 rpc: init m_rpc_version in Message ctor (moneromooo-monero)
bfa2dce1 rpc: remove unused ctors (moneromooo-monero)
7cc39845 account: init creation timestamp to 0 (moneromooo-monero)
32123789 wallet2: initialize some scalar fields in ctor where appropriate (moneromooo-monero)
4eca42b2 blockchain_db: initialize m_hardfork in ctor just in case (moneromooo-monero)
2018-10-26 22:39:00 +02:00
moneromooo-monero
0aff49873c
rpc: fix build with older compilers 2018-10-24 20:36:58 +00:00
Lee Clagett
6097472a19 Update ZMQ fee estimate and add ZMQ output distribution 2018-10-23 23:46:31 -04:00
stoffu
e51c978770
rpc: fix wrongly formatted JSON for pruned tx
Fix for #4399.
Also unifies code for serializing pruned tx to binary/json into one.
2018-10-22 10:52:40 +09:00
Riccardo Spagni
2287fb9fb4
Merge pull request #4524
f5f7c2ac rpc: blanket initialize 0MQ request and response structures (moneromooo-monero)
2018-10-20 20:40:56 +02:00
Riccardo Spagni
9f34a3a29a
Merge pull request #4659
b916ca63 rpc: fix output distribution caching ignoring chain changes (moneromooo-monero)
2018-10-20 20:37:54 +02:00