From 5309da72a61cc2f0d8a2f81372b7404d48170721 Mon Sep 17 00:00:00 2001 From: XMRig Date: Wed, 1 Jan 2020 19:12:20 +0700 Subject: [PATCH] Added environment variables support for TLS settings. --- CHANGELOG.md | 4 ++++ src/proxy/tls/TlsConfig.cpp | 23 +++++++---------------- src/proxy/tls/TlsConfig.h | 8 ++++---- src/proxy/tls/TlsContext.cpp | 22 +++++++++++++--------- src/proxy/tls/TlsContext.h | 12 +++++++++--- src/version.h | 6 +++--- 6 files changed, 40 insertions(+), 35 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c83fe79..f9b78b1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +# v5.x.x +- [#1469](https://github.com/xmrig/xmrig/issues/1469) Fixed build with gcc 4.8. +- Added environment variables support for TLS settings: `cert`, `cert_key`, `dhparam`. + # v5.5.0 - [#179](https://github.com/xmrig/xmrig/issues/179) Added support for [environment variables](https://xmrig.com/docs/miner/environment-variables) in config file. - [#375](https://github.com/xmrig/xmrig-proxy/pull/375) Bugfixes: 64bit diff in logs + `"print-time"` config. diff --git a/src/proxy/tls/TlsConfig.cpp b/src/proxy/tls/TlsConfig.cpp index e9b81f2..ac07556 100644 --- a/src/proxy/tls/TlsConfig.cpp +++ b/src/proxy/tls/TlsConfig.cpp @@ -6,7 +6,8 @@ * Copyright 2016 Jay D Dee * Copyright 2017-2018 XMR-Stak , * Copyright 2018 Lee Clagett - * Copyright 2016-2019 XMRig , + * Copyright 2018-2020 SChernykh + * Copyright 2016-2020 XMRig , * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -27,12 +28,6 @@ #include "rapidjson/document.h" -xmrig::TlsConfig::TlsConfig() : - m_protocols(0) -{ -} - - /** * "cert" load TLS certificate chain from file. * "cert_key" load TLS private key from file. @@ -40,8 +35,7 @@ xmrig::TlsConfig::TlsConfig() : * "ciphersuites" set list of available TLSv1.3 ciphersuites. * "dhparam" load DH parameters for DHE ciphers from file. */ -xmrig::TlsConfig::TlsConfig(const rapidjson::Value &object) : - m_protocols(0) +xmrig::TlsConfig::TlsConfig(const rapidjson::Value &object) { setProtocols(object["protocols"]); setCert(object["cert"].GetString()); @@ -56,9 +50,6 @@ xmrig::TlsConfig::TlsConfig(const rapidjson::Value &object) : } -xmrig::TlsConfig::~TlsConfig() = default; - - rapidjson::Value xmrig::TlsConfig::toJSON(rapidjson::Document &doc) const { using namespace rapidjson; @@ -70,19 +61,19 @@ rapidjson::Value xmrig::TlsConfig::toJSON(rapidjson::Document &doc) const std::vector protocols; if (m_protocols & TLSv1) { - protocols.push_back("TLSv1"); + protocols.emplace_back("TLSv1"); } if (m_protocols & TLSv1_1) { - protocols.push_back("TLSv1.1"); + protocols.emplace_back("TLSv1.1"); } if (m_protocols & TLSv1_2) { - protocols.push_back("TLSv1.2"); + protocols.emplace_back("TLSv1.2"); } if (m_protocols & TLSv1_3) { - protocols.push_back("TLSv1.3"); + protocols.emplace_back("TLSv1.3"); } obj.AddMember("protocols", String::join(protocols, ' ').toJSON(doc), allocator); diff --git a/src/proxy/tls/TlsConfig.h b/src/proxy/tls/TlsConfig.h index c18af27..1d4b3c3 100644 --- a/src/proxy/tls/TlsConfig.h +++ b/src/proxy/tls/TlsConfig.h @@ -6,7 +6,8 @@ * Copyright 2016 Jay D Dee * Copyright 2017-2018 XMR-Stak , * Copyright 2018 Lee Clagett - * Copyright 2016-2019 XMRig , + * Copyright 2018-2020 SChernykh + * Copyright 2016-2020 XMRig , * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -43,9 +44,8 @@ public: TLSv1_3 = 8 }; - TlsConfig(); + TlsConfig() = default; TlsConfig(const rapidjson::Value &object); - ~TlsConfig(); inline bool isValid() const { return !m_cert.isEmpty() && !m_key.isEmpty(); } inline const char *cert() const { return m_cert.data(); } @@ -66,7 +66,7 @@ public: void setProtocols(const rapidjson::Value &protocols); private: - uint32_t m_protocols; + uint32_t m_protocols = 0; String m_cert; String m_ciphers; String m_cipherSuites; diff --git a/src/proxy/tls/TlsContext.cpp b/src/proxy/tls/TlsContext.cpp index 89feb0c..57d68fd 100644 --- a/src/proxy/tls/TlsContext.cpp +++ b/src/proxy/tls/TlsContext.cpp @@ -6,7 +6,8 @@ * Copyright 2016 Jay D Dee * Copyright 2017-2018 XMR-Stak , * Copyright 2018 Lee Clagett - * Copyright 2016-2018 XMRig , + * Copyright 2018-2020 SChernykh + * Copyright 2016-2020 XMRig , * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -23,15 +24,16 @@ */ +#include "proxy/tls/TlsContext.h" +#include "base/io/log/Log.h" +#include "base/kernel/Env.h" +#include "proxy/tls/TlsConfig.h" + + #include #include -#include "base/io/log/Log.h" -#include "proxy/tls/TlsConfig.h" -#include "proxy/tls/TlsContext.h" - - xmrig::TlsContext::TlsContext() : m_ctx(nullptr) { @@ -59,13 +61,15 @@ bool xmrig::TlsContext::load(const TlsConfig &config) return false; } - if (SSL_CTX_use_certificate_chain_file(m_ctx, config.cert()) <= 0) { + const auto cert = Env::expand(config.cert()); + if (SSL_CTX_use_certificate_chain_file(m_ctx, cert) <= 0) { LOG_ERR("SSL_CTX_use_certificate_chain_file(\"%s\") failed.", config.cert()); return false; } - if (SSL_CTX_use_PrivateKey_file(m_ctx, config.key(), SSL_FILETYPE_PEM) <= 0) { + const auto key = Env::expand(config.key()); + if (SSL_CTX_use_PrivateKey_file(m_ctx, key, SSL_FILETYPE_PEM) <= 0) { LOG_ERR("SSL_CTX_use_PrivateKey_file(\"%s\") failed.", config.key()); return false; @@ -120,7 +124,7 @@ bool xmrig::TlsContext::setDH(const char *dhparam) return true; } - BIO *bio = BIO_new_file(dhparam, "r"); + BIO *bio = BIO_new_file(Env::expand(dhparam), "r"); if (bio == nullptr) { LOG_ERR("BIO_new_file(\"%s\") failed.", dhparam); diff --git a/src/proxy/tls/TlsContext.h b/src/proxy/tls/TlsContext.h index 638a500..a536345 100644 --- a/src/proxy/tls/TlsContext.h +++ b/src/proxy/tls/TlsContext.h @@ -6,7 +6,8 @@ * Copyright 2016 Jay D Dee * Copyright 2017-2018 XMR-Stak , * Copyright 2018 Lee Clagett - * Copyright 2016-2018 XMRig , + * Copyright 2018-2020 SChernykh + * Copyright 2016-2020 XMRig , * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,10 +27,13 @@ #define XMRIG_TLSCONTEXT_H -#include +#include "base/tools/Object.h" -typedef struct ssl_ctx_st SSL_CTX; +#include + + +using SSL_CTX = struct ssl_ctx_st; namespace xmrig { @@ -41,6 +45,8 @@ class TlsConfig; class TlsContext { public: + XMRIG_DISABLE_COPY_MOVE(TlsContext) + TlsContext(); ~TlsContext(); diff --git a/src/version.h b/src/version.h index 6601c1e..3142ff4 100644 --- a/src/version.h +++ b/src/version.h @@ -5,8 +5,8 @@ * Copyright 2014-2016 Wolf9466 * Copyright 2016 Jay D Dee * Copyright 2017-2018 XMR-Stak , - * Copyright 2018-2019 SChernykh - * Copyright 2016-2019 XMRig , + * Copyright 2018-2020 SChernykh + * Copyright 2016-2020 XMRig , * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -31,7 +31,7 @@ #define APP_VERSION "5.5.1-dev" #define APP_DOMAIN "xmrig.com" #define APP_SITE "www.xmrig.com" -#define APP_COPYRIGHT "Copyright (C) 2016-2019 xmrig.com" +#define APP_COPYRIGHT "Copyright (C) 2016-2020 xmrig.com" #define APP_KIND "proxy" #define APP_VER_MAJOR 5