Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DO NOT MERGE] Ssl on top of random unmerged stuff #4011

wants to merge 63 commits into
base: master


None yet
1 participant
Copy link

moneromooo-monero commented Jun 17, 2018

This doesn't apply on master because of random unmerged patches, so this goes here for now.
This is on top of the v3 db, so only use if you don't mind not being able to use a v2 db branch again.

The actual reviewable SSL commit is f2c0467 now 3fd2b80

moneromooo-monero added some commits Apr 14, 2018

optional boost stacktrace to get stack traces on mac and windows too
Thanks to iDunk for lots of testing to get this to work on Windows
easylogging++: cached allowed categories
It turns out this can be fairly heavy when logging a lot
replace std::list with std::vector on some hot paths
also use reserve where appropriate
wallet2: speedup refresh
key derivation and checking for incoming outputs are threaded
in batch before adding blocks to the local blockchain. Other
minor bits and bobs are also cached.
threadpool: allow leaf functions to run concurrently
Decrease the number of worker threads by one to account
for the fact the calling thread acts as a worker thread now
wallet2: cache ringdb key while refreshing
Speeds up syncing with a lot of outgoing outputs as key generation
runs Cryptonight.
wallet2: recover from index out of hashchain bounds error
This can happen when there's a very large reorg on the daemon
(ie, on testnet)
core: lock incoming tx lock when checking the txpool and chain
This gets rid of an innocuous race trying to add the same tx
twice to the txpool

moneromooo-monero added some commits May 24, 2018

db_lmdb: resize blockchain database when 90% filled
instead of a random ratio from 60% to 90%.
tx_pool: initialize bitflags padding since it gets written to storage
Avoids valgrind reporting uninitialized data usage
wallet: do not log by default if we're not asked to log to console
This means monero-wallet-rpc still does, but the user level program
does not.
wallet2: fix bulletproof cold signing
Cold signing was always using Borromean range proofs, causing
a larger tx, and an incorrect fee
epee: adaptive connection timeout system
a connection's timeout is halved for every extra connection
from the same host.

Also keep track of when we don't need to use a connection
anymore, so we can close it and free the resource for another

Also use the longer timeout for non routable local addresses.
abstract_tcp_server2: fix busy calling of idle IO service
This would make monerod use 100% CPU when running with torsocks
without Tor running
wallet: on first refresh, start off with a quantized height
for privacy reasons, so an untrusted node can't easily track
wallets from IP address to IP address, etc. The granularity
is 1024 blocks, which is about a day and a half.
wallet2: fix out of sync account tag cache
This would cause crashes when trying to tag an account that was
just created
epee: add SSL support
P2P and RPC connections now have optional tranparent SSL.

An optional private key and certificate file can be passed,
using the --{p2p,rpc,daemon}-ssl-private-key and
--{p2p,rpc,daemon}-ssl-certificate options. Those have as
argument a path to a PEM format private private key and
certificate, respectively.
If not given, a temporary self signed certificate will be used.

SSL can be enabled or disabled using --{p2p,rpc}-ssl, which
accepts autodetect (default), disabled or enabled.

Access can be restricted to particular certificates using the
--{p2p,rpc}-ssl-allowed-certificates, which takes a list of
paths to PEM encoded certificates. This can allow a wallet to
connect to only the daemon they think they're connected to,
by forcing SSL and listing the paths to the known good

To generate long term certificates:

openssl genrsa -out /tmp/KEY 4096
openssl req -new -key /tmp/KEY -out /tmp/REQ
openssl x509 -req -days 999999 -sha256 -in /tmp/REQ -signkey /tmp/KEY -out /tmp/CERT

/tmp/KEY is the private key, and /tmp/CERT is the certificate,
both in PEM format. /tmp/REQ can be removed. Adjust the last
command to set expiration date, etc, as needed. It doesn't
make a whole lot of sense for monero anyway, since most servers
will run with one time temporary self signed certificates anyway.

SSL support is transparent, so all communication is done on the
existing ports, with SSL autodetection. This means you can start
using an SSL daemon now, but you should not enforce SSL yet or
nothing will talk to you.
mlog: do not display http errors by default
They're controllable by potential attackers and would just spam
rpc: add blockchain disk size to getinfo
This should help new nodes predict how much disk space will be
needed for a full sync
core: cache block template where possible
This avoids constant rechecking of the same things each time
a miner asks for the block template. The tx pool maintains
a cookie to allow users to detect when the pool state changed,
which means the block template needs rebuilding.

@moneromooo-monero moneromooo-monero force-pushed the moneromooo-monero:ssl-on-top-of-random-unmerged-stuff branch from e02733a to d48dd24 Jun 18, 2018


This comment has been minimized.

Copy link
Contributor Author

moneromooo-monero commented Jun 25, 2018

Rebased to #4054

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.