diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/bitcoinrpc.cpp | 30 | ||||
| -rw-r--r-- | src/crypter.cpp | 24 | ||||
| -rw-r--r-- | src/init.cpp | 2 | ||||
| -rw-r--r-- | src/keystore.cpp | 4 | ||||
| -rw-r--r-- | src/makefile.linux-mingw | 2 | ||||
| -rw-r--r-- | src/makefile.mingw | 2 | ||||
| -rw-r--r-- | src/makefile.osx | 15 | ||||
| -rw-r--r-- | src/makefile.unix | 4 | ||||
| -rw-r--r-- | src/net.cpp | 106 | ||||
| -rw-r--r-- | src/net.h | 61 | ||||
| -rw-r--r-- | src/rpcdump.cpp | 9 |
11 files changed, 33 insertions, 226 deletions
diff --git a/src/bitcoinrpc.cpp b/src/bitcoinrpc.cpp index eb2f04f1d9..8cd4750389 100644 --- a/src/bitcoinrpc.cpp +++ b/src/bitcoinrpc.cpp @@ -14,12 +14,11 @@ #include <boost/iostreams/stream.hpp> #include <boost/algorithm/string.hpp> #include <boost/lexical_cast.hpp> -#ifdef USE_SSL #include <boost/asio/ssl.hpp> #include <boost/filesystem.hpp> #include <boost/filesystem/fstream.hpp> typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> SSLStream; -#endif + #include "json/json_spirit_reader_template.h" #include "json/json_spirit_writer_template.h" #include "json/json_spirit_utils.h" @@ -986,8 +985,6 @@ Value addmultisigaddress(const Array& params, bool fHelp) "If [account] is specified, assign address to [account]."; throw runtime_error(msg); } - if (!fTestNet) - throw runtime_error("addmultisigaddress available only when running -testnet\n"); int nRequired = params[0].get_int(); const Array& keys = params[1].get_array(); @@ -2275,7 +2272,6 @@ bool ClientAllowed(const string& strAddress) return false; } -#ifdef USE_SSL // // IOStream device that speaks SSL but can also speak non-SSL // @@ -2327,7 +2323,6 @@ private: bool fUseSSL; SSLStream& stream; }; -#endif void ThreadRPCServer(void* parg) { @@ -2386,7 +2381,6 @@ void ThreadRPCServer2(void* parg) acceptor.set_option(boost::asio::ip::tcp::acceptor::reuse_address(true)); -#ifdef USE_SSL ssl::context context(io_service, ssl::context::sslv23); if (fUseSSL) { @@ -2404,29 +2398,17 @@ void ThreadRPCServer2(void* parg) "TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH"); SSL_CTX_set_cipher_list(context.impl(), ciphers.c_str()); } -#else - if (fUseSSL) - throw runtime_error("-rpcssl=1, but bitcoin compiled without full openssl libraries."); -#endif loop { // Accept connection -#ifdef USE_SSL SSLStream sslStream(io_service, context); SSLIOStreamDevice d(sslStream, fUseSSL); iostreams::stream<SSLIOStreamDevice> stream(d); -#else - ip::tcp::iostream stream; -#endif ip::tcp::endpoint peer; vnThreadsRunning[THREAD_RPCSERVER]--; -#ifdef USE_SSL acceptor.accept(sslStream.lowest_layer(), peer); -#else - acceptor.accept(*stream.rdbuf(), peer); -#endif vnThreadsRunning[4]++; if (fShutdown) return; @@ -2553,7 +2535,6 @@ Object CallRPC(const string& strMethod, const Array& params) // Connect to localhost bool fUseSSL = GetBoolArg("-rpcssl"); -#ifdef USE_SSL asio::io_service io_service; ssl::context context(io_service, ssl::context::sslv23); context.set_options(ssl::context::no_sslv2); @@ -2562,15 +2543,6 @@ Object CallRPC(const string& strMethod, const Array& params) iostreams::stream<SSLIOStreamDevice> stream(d); if (!d.connect(GetArg("-rpcconnect", "127.0.0.1"), GetArg("-rpcport", "8332"))) throw runtime_error("couldn't connect to server"); -#else - if (fUseSSL) - throw runtime_error("-rpcssl=1, but bitcoin compiled without full openssl libraries."); - - ip::tcp::iostream stream(GetArg("-rpcconnect", "127.0.0.1"), GetArg("-rpcport", "8332")); - if (stream.fail()) - throw runtime_error("couldn't connect to server"); -#endif - // HTTP basic authentication string strUserPass64 = EncodeBase64(mapArgs["-rpcuser"] + ":" + mapArgs["-rpcpassword"]); diff --git a/src/crypter.cpp b/src/crypter.cpp index 6643bcddcd..83041addb4 100644 --- a/src/crypter.cpp +++ b/src/crypter.cpp @@ -73,14 +73,16 @@ bool CCrypter::Encrypt(const CKeyingMaterial& vchPlaintext, std::vector<unsigned EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); - - EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen); - EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0])+nCLen, &nFLen); + bool fOk = true; + EVP_CIPHER_CTX_init(&ctx); + if (fOk) fOk = EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); + if (fOk) fOk = EVP_EncryptUpdate(&ctx, &vchCiphertext[0], &nCLen, &vchPlaintext[0], nLen); + if (fOk) fOk = EVP_EncryptFinal_ex(&ctx, (&vchCiphertext[0])+nCLen, &nFLen); EVP_CIPHER_CTX_cleanup(&ctx); + if (!fOk) return false; + vchCiphertext.resize(nCLen + nFLen); return true; } @@ -98,14 +100,16 @@ bool CCrypter::Decrypt(const std::vector<unsigned char>& vchCiphertext, CKeyingM EVP_CIPHER_CTX ctx; - EVP_CIPHER_CTX_init(&ctx); - EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); - - EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen); - EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0])+nPLen, &nFLen); + bool fOk = true; + EVP_CIPHER_CTX_init(&ctx); + if (fOk) fOk = EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, chKey, chIV); + if (fOk) fOk = EVP_DecryptUpdate(&ctx, &vchPlaintext[0], &nPLen, &vchCiphertext[0], nLen); + if (fOk) fOk = EVP_DecryptFinal_ex(&ctx, (&vchPlaintext[0])+nPLen, &nFLen); EVP_CIPHER_CTX_cleanup(&ctx); + if (!fOk) return false; + vchPlaintext.resize(nPLen + nFLen); return true; } diff --git a/src/init.cpp b/src/init.cpp index eecbc83edb..05b4e87ceb 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -221,14 +221,12 @@ bool AppInit2(int argc, char* argv[]) " -checkblocks=<n> \t\t " + _("How many blocks to check at startup (default: 2500, 0 = all)") + "\n" + " -checklevel=<n> \t\t " + _("How thorough the block verification is (0-6, default: 1)") + "\n"; -#ifdef USE_SSL strUsage += string() + _("\nSSL options: (see the Bitcoin Wiki for SSL setup instructions)") + "\n" + " -rpcssl \t " + _("Use OpenSSL (https) for JSON-RPC connections") + "\n" + " -rpcsslcertificatechainfile=<file.cert>\t " + _("Server certificate file (default: server.cert)") + "\n" + " -rpcsslprivatekeyfile=<file.pem> \t " + _("Server private key (default: server.pem)") + "\n" + " -rpcsslciphers=<ciphers> \t " + _("Acceptable ciphers (default: TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH)") + "\n"; -#endif strUsage += string() + " -? \t\t " + _("This help message") + "\n"; diff --git a/src/keystore.cpp b/src/keystore.cpp index e76f7790f1..23f9e32fa2 100644 --- a/src/keystore.cpp +++ b/src/keystore.cpp @@ -84,6 +84,8 @@ bool CCryptoKeyStore::Unlock(const CKeyingMaterial& vMasterKeyIn) CSecret vchSecret; if(!DecryptSecret(vMasterKeyIn, vchCryptedSecret, Hash(vchPubKey.begin(), vchPubKey.end()), vchSecret)) return false; + if (vchSecret.size() != 32) + return false; CKey key; key.SetPubKey(vchPubKey); key.SetSecret(vchSecret); @@ -146,6 +148,8 @@ bool CCryptoKeyStore::GetKey(const CBitcoinAddress &address, CKey& keyOut) const CSecret vchSecret; if (!DecryptSecret(vMasterKey, vchCryptedSecret, Hash(vchPubKey.begin(), vchPubKey.end()), vchSecret)) return false; + if (vchSecret.size() != 32) + return false; keyOut.SetPubKey(vchPubKey); keyOut.SetSecret(vchSecret); return true; diff --git a/src/makefile.linux-mingw b/src/makefile.linux-mingw index 0bbe612a06..3f7e6114ec 100644 --- a/src/makefile.linux-mingw +++ b/src/makefile.linux-mingw @@ -26,7 +26,7 @@ LIBS= \ -l ssl \ -l crypto -DEFS=-D_MT -DWIN32 -D_WINDOWS -DNOPCH -DUSE_SSL -DBOOST_THREAD_USE_LIB +DEFS=-D_MT -DWIN32 -D_WINDOWS -DNOPCH -DBOOST_THREAD_USE_LIB DEBUGFLAGS=-g CFLAGS=-O2 -w -Wno-invalid-offsetof -Wformat $(DEBUGFLAGS) $(DEFS) $(INCLUDEPATHS) diff --git a/src/makefile.mingw b/src/makefile.mingw index 307fca7834..33cc68b62b 100644 --- a/src/makefile.mingw +++ b/src/makefile.mingw @@ -23,7 +23,7 @@ LIBS= \ -l ssl \ -l crypto -DEFS=-DWIN32 -D_WINDOWS -DNOPCH -DUSE_SSL -DBOOST_THREAD_USE_LIB +DEFS=-DWIN32 -D_WINDOWS -DNOPCH -DBOOST_THREAD_USE_LIB DEBUGFLAGS=-g CFLAGS=-mthreads -O2 -w -Wno-invalid-offsetof -Wformat $(DEBUGFLAGS) $(DEFS) $(INCLUDEPATHS) diff --git a/src/makefile.osx b/src/makefile.osx index 6388a71e11..ed35b33ecb 100644 --- a/src/makefile.osx +++ b/src/makefile.osx @@ -49,12 +49,19 @@ LIBS += \ TESTDEFS += -DBOOST_TEST_DYN_LINK endif -DEFS=-DMAC_OSX -DMSG_NOSIGNAL=0 -DUSE_SSL +DEFS=-DMAC_OSX -DMSG_NOSIGNAL=0 + +ifdef RELEASE +# Compile for maximum compatibility and smallest size. +# This requires that dependencies are compiled +# the same way. +CFLAGS = -mmacosx-version-min=10.5 -arch i386 -O3 +else +CFLAGS = -g +endif -DEBUGFLAGS=-g # ppc doesn't work because we don't support big-endian -CFLAGS=-mmacosx-version-min=10.5 -arch i386 -O3 \ - -Wextra -Wno-sign-compare -Wno-char-subscripts -Wno-invalid-offsetof -Wformat-security \ +CFLAGS += -Wextra -Wno-sign-compare -Wno-char-subscripts -Wno-invalid-offsetof -Wformat-security \ $(DEBUGFLAGS) $(DEFS) $(INCLUDEPATHS) OBJS= \ diff --git a/src/makefile.unix b/src/makefile.unix index 66e020bbef..1fb8e270fb 100644 --- a/src/makefile.unix +++ b/src/makefile.unix @@ -39,10 +39,6 @@ ifneq (${USE_UPNP}, -) DEFS += -DUSE_UPNP=$(USE_UPNP) endif -ifneq (${USE_SSL}, 0) - DEFS += -DUSE_SSL -endif - LIBS+= \ -Wl,-B$(LMODE2) \ -l z \ diff --git a/src/net.cpp b/src/net.cpp index 37e73c421a..7dc2d4c22a 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -289,105 +289,6 @@ void AddressCurrentlyConnected(const CService& addr) -void AbandonRequests(void (*fn)(void*, CDataStream&), void* param1) -{ - // If the dialog might get closed before the reply comes back, - // call this in the destructor so it doesn't get called after it's deleted. - CRITICAL_BLOCK(cs_vNodes) - { - BOOST_FOREACH(CNode* pnode, vNodes) - { - CRITICAL_BLOCK(pnode->cs_mapRequests) - { - for (map<uint256, CRequestTracker>::iterator mi = pnode->mapRequests.begin(); mi != pnode->mapRequests.end();) - { - CRequestTracker& tracker = (*mi).second; - if (tracker.fn == fn && tracker.param1 == param1) - pnode->mapRequests.erase(mi++); - else - mi++; - } - } - } - } -} - - - - - - - -// -// Subscription methods for the broadcast and subscription system. -// Channel numbers are message numbers, i.e. MSG_TABLE and MSG_PRODUCT. -// -// The subscription system uses a meet-in-the-middle strategy. -// With 100,000 nodes, if senders broadcast to 1000 random nodes and receivers -// subscribe to 1000 random nodes, 99.995% (1 - 0.99^1000) of messages will get through. -// - -bool AnySubscribed(unsigned int nChannel) -{ - if (pnodeLocalHost->IsSubscribed(nChannel)) - return true; - CRITICAL_BLOCK(cs_vNodes) - BOOST_FOREACH(CNode* pnode, vNodes) - if (pnode->IsSubscribed(nChannel)) - return true; - return false; -} - -bool CNode::IsSubscribed(unsigned int nChannel) -{ - if (nChannel >= vfSubscribe.size()) - return false; - return vfSubscribe[nChannel]; -} - -void CNode::Subscribe(unsigned int nChannel, unsigned int nHops) -{ - if (nChannel >= vfSubscribe.size()) - return; - - if (!AnySubscribed(nChannel)) - { - // Relay subscribe - CRITICAL_BLOCK(cs_vNodes) - BOOST_FOREACH(CNode* pnode, vNodes) - if (pnode != this) - pnode->PushMessage("subscribe", nChannel, nHops); - } - - vfSubscribe[nChannel] = true; -} - -void CNode::CancelSubscribe(unsigned int nChannel) -{ - if (nChannel >= vfSubscribe.size()) - return; - - // Prevent from relaying cancel if wasn't subscribed - if (!vfSubscribe[nChannel]) - return; - vfSubscribe[nChannel] = false; - - if (!AnySubscribed(nChannel)) - { - // Relay subscription cancel - CRITICAL_BLOCK(cs_vNodes) - BOOST_FOREACH(CNode* pnode, vNodes) - if (pnode != this) - pnode->PushMessage("sub-cancel", nChannel); - } -} - - - - - - - CNode* FindNode(const CNetAddr& ip) @@ -486,13 +387,6 @@ void CNode::CloseSocketDisconnect() void CNode::Cleanup() { - // All of a nodes broadcasts and subscriptions are automatically torn down - // when it goes down, so a node has to stay up to keep its broadcast going. - - // Cancel subscriptions - for (unsigned int nChannel = 0; nChannel < vfSubscribe.size(); nChannel++) - if (vfSubscribe[nChannel]) - CancelSubscribe(nChannel); } @@ -29,7 +29,6 @@ extern int nBestHeight; inline unsigned int ReceiveBufferSize() { return 1000*GetArg("-maxreceivebuffer", 10*1000); } inline unsigned int SendBufferSize() { return 1000*GetArg("-maxsendbuffer", 10*1000); } -static const unsigned int PUBLISH_HOPS = 5; bool RecvLine(SOCKET hSocket, std::string& strLine); bool GetMyExternalIP(CNetAddr& ipRet); @@ -37,8 +36,6 @@ void AddressCurrentlyConnected(const CService& addr); CNode* FindNode(const CNetAddr& ip); CNode* FindNode(const CService& ip); CNode* ConnectNode(CAddress addrConnect, int64 nTimeout=0); -void AbandonRequests(void (*fn)(void*, CDataStream&), void* param1); -bool AnySubscribed(unsigned int nChannel); void MapPort(bool fMapPort); bool BindListenPort(std::string& strError=REF(std::string())); void StartNode(void* parg); @@ -160,9 +157,6 @@ public: CCriticalSection cs_inventory; std::multimap<int64, CInv> mapAskFor; - // publish and subscription - std::vector<char> vfSubscribe; - CNode(SOCKET hSocketIn, CAddress addrIn, bool fInboundIn=false) { nServices = 0; @@ -192,7 +186,6 @@ public: hashLastGetBlocksEnd = 0; nStartingHeight = -1; fGetAddr = false; - vfSubscribe.assign(256, false); nMisbehavior = 0; setInventoryKnown.max_size(SendBufferSize() / 1000); @@ -634,58 +627,4 @@ inline void RelayMessage<>(const CInv& inv, const CDataStream& ss) } - - - - - - -// -// Templates for the publish and subscription system. -// The object being published as T& obj needs to have: -// a set<unsigned int> setSources member -// specializations of AdvertInsert and AdvertErase -// Currently implemented for CTable and CProduct. -// - -template<typename T> -void AdvertStartPublish(CNode* pfrom, unsigned int nChannel, unsigned int nHops, T& obj) -{ - // Add to sources - obj.setSources.insert(pfrom->addr.ip); - - if (!AdvertInsert(obj)) - return; - - // Relay - CRITICAL_BLOCK(cs_vNodes) - BOOST_FOREACH(CNode* pnode, vNodes) - if (pnode != pfrom && (nHops < PUBLISH_HOPS || pnode->IsSubscribed(nChannel))) - pnode->PushMessage("publish", nChannel, nHops, obj); -} - -template<typename T> -void AdvertStopPublish(CNode* pfrom, unsigned int nChannel, unsigned int nHops, T& obj) -{ - uint256 hash = obj.GetHash(); - - CRITICAL_BLOCK(cs_vNodes) - BOOST_FOREACH(CNode* pnode, vNodes) - if (pnode != pfrom && (nHops < PUBLISH_HOPS || pnode->IsSubscribed(nChannel))) - pnode->PushMessage("pub-cancel", nChannel, nHops, hash); - - AdvertErase(obj); -} - -template<typename T> -void AdvertRemoveSource(CNode* pfrom, unsigned int nChannel, unsigned int nHops, T& obj) -{ - // Remove a source - obj.setSources.erase(pfrom->addr.ip); - - // If no longer supported by any sources, cancel it - if (obj.setSources.empty()) - AdvertStopPublish(pfrom, nChannel, nHops, obj); -} - #endif diff --git a/src/rpcdump.cpp b/src/rpcdump.cpp index d59536e254..8180aadfb9 100644 --- a/src/rpcdump.cpp +++ b/src/rpcdump.cpp @@ -6,15 +6,8 @@ #include "init.h" // for pwalletMain #include "bitcoinrpc.h" -// #include <boost/asio.hpp> -// #include <boost/iostreams/concepts.hpp> -// #include <boost/iostreams/stream.hpp> #include <boost/lexical_cast.hpp> -// #ifdef USE_SSL -// #include <boost/asio/ssl.hpp> -// typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> SSLStream; -// #endif -// #include <boost/xpressive/xpressive_dynamic.hpp> + #include "json/json_spirit_reader_template.h" #include "json/json_spirit_writer_template.h" #include "json/json_spirit_utils.h" |