mirror of
https://github.com/ton-blockchain/ton
synced 2025-03-09 15:40:10 +00:00
Merge branch 'testnet' into accelerator
This commit is contained in:
commit
4826f7665f
20 changed files with 234 additions and 32 deletions
52
.github/workflows/create-release.yml
vendored
52
.github/workflows/create-release.yml
vendored
|
@ -12,7 +12,7 @@ jobs:
|
|||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Download Linux x86-64 artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-x86-64-linux.yml
|
||||
path: artifacts
|
||||
|
@ -20,7 +20,7 @@ jobs:
|
|||
skip_unpack: true
|
||||
|
||||
- name: Download and unzip Linux x86-64 artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-x86-64-linux.yml
|
||||
path: artifacts
|
||||
|
@ -28,7 +28,7 @@ jobs:
|
|||
skip_unpack: false
|
||||
|
||||
- name: Download Mac x86-64 artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-x86-64-macos.yml
|
||||
path: artifacts
|
||||
|
@ -36,7 +36,7 @@ jobs:
|
|||
skip_unpack: true
|
||||
|
||||
- name: Download Mac arm64 artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-arm64-macos.yml
|
||||
path: artifacts
|
||||
|
@ -44,7 +44,7 @@ jobs:
|
|||
skip_unpack: true
|
||||
|
||||
- name: Download and unzip Mac x86-64 artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-x86-64-macos.yml
|
||||
path: artifacts
|
||||
|
@ -52,7 +52,7 @@ jobs:
|
|||
skip_unpack: false
|
||||
|
||||
- name: Download and unzip arm64 artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-arm64-macos.yml
|
||||
path: artifacts
|
||||
|
@ -60,7 +60,7 @@ jobs:
|
|||
skip_unpack: false
|
||||
|
||||
- name: Download Windows artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-x86-64-windows.yml
|
||||
path: artifacts
|
||||
|
@ -68,7 +68,7 @@ jobs:
|
|||
skip_unpack: true
|
||||
|
||||
- name: Download and unzip Windows artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: ton-x86-64-windows.yml
|
||||
path: artifacts
|
||||
|
@ -76,7 +76,7 @@ jobs:
|
|||
skip_unpack: false
|
||||
|
||||
- name: Download WASM artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: build-ton-wasm-emscripten.yml
|
||||
path: artifacts
|
||||
|
@ -84,7 +84,7 @@ jobs:
|
|||
skip_unpack: true
|
||||
|
||||
- name: Download Android Tonlib artifacts
|
||||
uses: dawidd6/action-download-artifact@v2
|
||||
uses: dawidd6/action-download-artifact@v6
|
||||
with:
|
||||
workflow: build-ton-linux-android-tonlib.yml
|
||||
path: artifacts
|
||||
|
@ -183,6 +183,14 @@ jobs:
|
|||
asset_name: lite-client.exe
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Windows 2019 single artifact - proxy-liteserver
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
repo_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
file: artifacts/ton-win-binaries/proxy-liteserver.exe
|
||||
asset_name: proxy-liteserver.exe
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Windows 2019 single artifact - rldp-http-proxy
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
|
@ -281,6 +289,14 @@ jobs:
|
|||
asset_name: lite-client-mac-x86-64
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Mac x86-64 single artifact - proxy-liteserver
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
repo_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
file: artifacts/ton-x86_64-macos-binaries/proxy-liteserver
|
||||
asset_name: proxy-liteserver-mac-x86-64
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Mac x86-64 single artifact - rldp-http-proxy
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
|
@ -380,6 +396,14 @@ jobs:
|
|||
asset_name: lite-client-mac-arm64
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Mac arm64 single artifact - proxy-liteserver
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
repo_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
file: artifacts/ton-arm64-macos-binaries/proxy-liteserver
|
||||
asset_name: proxy-liteserver-mac-arm64
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Mac arm64 single artifact - rldp-http-proxy
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
|
@ -478,6 +502,14 @@ jobs:
|
|||
asset_name: lite-client-linux-x86_64
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Linux x86-64 single artifact - proxy-liteserver
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
repo_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
file: artifacts/ton-x86_64-linux-binaries/proxy-liteserver
|
||||
asset_name: proxy-liteserver-linux-x86_64
|
||||
tag: ${{ steps.tag.outputs.TAG }}
|
||||
|
||||
- name: Upload Linux x86-64 single artifact - rldp-http-proxy
|
||||
uses: svenstaro/upload-release-action@v2
|
||||
with:
|
||||
|
|
|
@ -140,13 +140,13 @@ if [ "$with_tests" = true ]; then
|
|||
http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork tlbc emulator \
|
||||
test-ed25519 test-ed25519-crypto test-bigint test-vm test-fift test-cells test-smartcont \
|
||||
test-net test-tdactor test-tdutils test-tonlib-offline test-adnl test-dht test-rldp \
|
||||
test-rldp2 test-catchain test-fec test-tddb test-db test-validator-session-state test-emulator
|
||||
test-rldp2 test-catchain test-fec test-tddb test-db test-validator-session-state test-emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
else
|
||||
ninja storage-daemon storage-daemon-cli blockchain-explorer \
|
||||
tonlib tonlibjson tonlib-cli validator-engine func tolk fift \
|
||||
lite-client pow-miner validator-engine-console generate-random-id json2tlo dht-server \
|
||||
http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork tlbc emulator
|
||||
http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork tlbc emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
fi
|
||||
|
||||
|
@ -174,6 +174,7 @@ if [ "$with_artifacts" = true ]; then
|
|||
cp build/validator-engine/validator-engine artifacts/
|
||||
cp build/utils/generate-random-id artifacts/
|
||||
cp build/utils/json2tlo artifacts/
|
||||
cp build/utils/proxy-liteserver artifacts/
|
||||
cp build/adnl/adnl-proxy artifacts/
|
||||
cp build/emulator/libemulator.dylib artifacts/
|
||||
rsync -r crypto/smartcont artifacts/
|
||||
|
|
|
@ -68,13 +68,13 @@ if [ "$with_tests" = true ]; then
|
|||
http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork tlbc emulator \
|
||||
test-ed25519 test-ed25519-crypto test-bigint test-vm test-fift test-cells test-smartcont \
|
||||
test-net test-tdactor test-tdutils test-tonlib-offline test-adnl test-dht test-rldp \
|
||||
test-rldp2 test-catchain test-fec test-tddb test-db test-validator-session-state test-emulator
|
||||
test-rldp2 test-catchain test-fec test-tddb test-db test-validator-session-state test-emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
else
|
||||
ninja storage-daemon storage-daemon-cli blockchain-explorer \
|
||||
tonlib tonlibjson tonlib-cli validator-engine func tolk fift \
|
||||
lite-client pow-miner validator-engine-console generate-random-id json2tlo dht-server \
|
||||
http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork tlbc emulator
|
||||
http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork tlbc emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
fi
|
||||
|
||||
|
@ -102,6 +102,7 @@ if [ "$with_artifacts" = true ]; then
|
|||
cp build/validator-engine/validator-engine artifacts/
|
||||
cp build/utils/generate-random-id artifacts/
|
||||
cp build/utils/json2tlo artifacts/
|
||||
cp build/utils/proxy-liteserver artifacts/
|
||||
cp build/adnl/adnl-proxy artifacts/
|
||||
cp build/emulator/libemulator.dylib artifacts/
|
||||
cp -R crypto/smartcont artifacts/
|
||||
|
|
|
@ -130,13 +130,13 @@ ninja storage-daemon storage-daemon-cli fift func tolk tonlib tonlibjson tonlib-
|
|||
adnl-proxy create-state emulator test-ed25519 test-ed25519-crypto test-bigint \
|
||||
test-vm test-fift test-cells test-smartcont test-net test-tdactor test-tdutils \
|
||||
test-tonlib-offline test-adnl test-dht test-rldp test-rldp2 test-catchain \
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
else
|
||||
ninja storage-daemon storage-daemon-cli fift func tolk tonlib tonlibjson tonlib-cli \
|
||||
validator-engine lite-client pow-miner validator-engine-console blockchain-explorer \
|
||||
generate-random-id json2tlo dht-server http-proxy rldp-http-proxy \
|
||||
adnl-proxy create-state emulator
|
||||
adnl-proxy create-state emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
fi
|
||||
|
||||
|
@ -154,7 +154,7 @@ if [ "$with_artifacts" = true ]; then
|
|||
mv build/tonlib/libtonlibjson.so.0.5 build/tonlib/libtonlibjson.so
|
||||
cp build/storage/storage-daemon/storage-daemon build/storage/storage-daemon/storage-daemon-cli \
|
||||
build/crypto/fift build/crypto/tlbc build/crypto/func build/tolk/tolk build/crypto/create-state build/blockchain-explorer/blockchain-explorer \
|
||||
build/validator-engine-console/validator-engine-console build/tonlib/tonlib-cli \
|
||||
build/validator-engine-console/validator-engine-console build/tonlib/tonlib-cli build/utils/proxy-liteserver \
|
||||
build/tonlib/libtonlibjson.so build/http/http-proxy build/rldp-http-proxy/rldp-http-proxy \
|
||||
build/dht-server/dht-server build/lite-client/lite-client build/validator-engine/validator-engine \
|
||||
build/utils/generate-random-id build/utils/json2tlo build/adnl/adnl-proxy build/emulator/libemulator.so \
|
||||
|
|
|
@ -58,13 +58,13 @@ ninja storage-daemon storage-daemon-cli fift func tolk tonlib tonlibjson tonlib-
|
|||
adnl-proxy create-state emulator test-ed25519 test-ed25519-crypto test-bigint \
|
||||
test-vm test-fift test-cells test-smartcont test-net test-tdactor test-tdutils \
|
||||
test-tonlib-offline test-adnl test-dht test-rldp test-rldp2 test-catchain \
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
else
|
||||
ninja storage-daemon storage-daemon-cli fift func tolk tonlib tonlibjson tonlib-cli \
|
||||
validator-engine lite-client pow-miner validator-engine-console blockchain-explorer \
|
||||
generate-random-id json2tlo dht-server http-proxy rldp-http-proxy \
|
||||
adnl-proxy create-state emulator
|
||||
adnl-proxy create-state emulator proxy-liteserver
|
||||
test $? -eq 0 || { echo "Can't compile ton"; exit 1; }
|
||||
fi
|
||||
|
||||
|
@ -84,7 +84,7 @@ if [ "$with_artifacts" = true ]; then
|
|||
mv build/tonlib/libtonlibjson.so.0.5 build/tonlib/libtonlibjson.so
|
||||
cp build/storage/storage-daemon/storage-daemon build/storage/storage-daemon/storage-daemon-cli \
|
||||
build/crypto/fift build/crypto/tlbc build/crypto/func build/tolk/tolk build/crypto/create-state build/blockchain-explorer/blockchain-explorer \
|
||||
build/validator-engine-console/validator-engine-console build/tonlib/tonlib-cli \
|
||||
build/validator-engine-console/validator-engine-console build/tonlib/tonlib-cli build/utils/proxy-liteserver \
|
||||
build/tonlib/libtonlibjson.so build/http/http-proxy build/rldp-http-proxy/rldp-http-proxy \
|
||||
build/dht-server/dht-server build/lite-client/lite-client build/validator-engine/validator-engine \
|
||||
build/utils/generate-random-id build/utils/json2tlo build/adnl/adnl-proxy build/emulator/libemulator.so \
|
||||
|
|
|
@ -137,7 +137,7 @@ tonlib-cli validator-engine lite-client pow-miner validator-engine-console gener
|
|||
json2tlo dht-server http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork emulator ^
|
||||
test-ed25519 test-ed25519-crypto test-bigint test-vm test-fift test-cells test-smartcont test-net ^
|
||||
test-tdactor test-tdutils test-tonlib-offline test-adnl test-dht test-rldp test-rldp2 test-catchain ^
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator proxy-liteserver
|
||||
IF %errorlevel% NEQ 0 (
|
||||
echo Can't compile TON
|
||||
exit /b %errorlevel%
|
||||
|
@ -145,7 +145,7 @@ IF %errorlevel% NEQ 0 (
|
|||
) else (
|
||||
ninja storage-daemon storage-daemon-cli blockchain-explorer fift func tolk tonlib tonlibjson ^
|
||||
tonlib-cli validator-engine lite-client pow-miner validator-engine-console generate-random-id ^
|
||||
json2tlo dht-server http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork emulator
|
||||
json2tlo dht-server http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork emulator proxy-liteserver
|
||||
IF %errorlevel% NEQ 0 (
|
||||
echo Can't compile TON
|
||||
exit /b %errorlevel%
|
||||
|
@ -193,6 +193,7 @@ build\lite-client\lite-client.exe ^
|
|||
build\validator-engine\validator-engine.exe ^
|
||||
build\utils\generate-random-id.exe ^
|
||||
build\utils\json2tlo.exe ^
|
||||
build\utils\proxy-liteserver.exe ^
|
||||
build\adnl\adnl-proxy.exe ^
|
||||
build\emulator\emulator.dll) do (strip -s %%I & copy %%I artifacts\)
|
||||
xcopy /e /k /h /i crypto\smartcont artifacts\smartcont
|
||||
|
|
|
@ -140,7 +140,7 @@ tonlib-cli validator-engine lite-client pow-miner validator-engine-console gener
|
|||
json2tlo dht-server http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork emulator ^
|
||||
test-ed25519 test-ed25519-crypto test-bigint test-vm test-fift test-cells test-smartcont test-net ^
|
||||
test-tdactor test-tdutils test-tonlib-offline test-adnl test-dht test-rldp test-rldp2 test-catchain ^
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator
|
||||
test-fec test-tddb test-db test-validator-session-state test-emulator proxy-liteserver
|
||||
IF %errorlevel% NEQ 0 (
|
||||
echo Can't compile TON
|
||||
exit /b %errorlevel%
|
||||
|
@ -148,7 +148,7 @@ IF %errorlevel% NEQ 0 (
|
|||
) else (
|
||||
ninja storage-daemon storage-daemon-cli blockchain-explorer fift func tolk tonlib tonlibjson ^
|
||||
tonlib-cli validator-engine lite-client pow-miner validator-engine-console generate-random-id ^
|
||||
json2tlo dht-server http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork emulator
|
||||
json2tlo dht-server http-proxy rldp-http-proxy adnl-proxy create-state create-hardfork emulator proxy-liteserver
|
||||
IF %errorlevel% NEQ 0 (
|
||||
echo Can't compile TON
|
||||
exit /b %errorlevel%
|
||||
|
|
|
@ -554,11 +554,7 @@ class BitArray {
|
|||
set_same(0);
|
||||
}
|
||||
void set_zero_s() {
|
||||
volatile uint8* p = data();
|
||||
auto x = m;
|
||||
while (x--) {
|
||||
*p++ = 0;
|
||||
}
|
||||
as_slice().fill_zero_secure();
|
||||
}
|
||||
void set_ones() {
|
||||
set_same(1);
|
||||
|
|
|
@ -28,7 +28,7 @@ namespace ton {
|
|||
namespace keyring {
|
||||
|
||||
KeyringImpl::PrivateKeyDescr::PrivateKeyDescr(PrivateKey private_key, bool is_temp)
|
||||
: public_key(private_key.compute_public_key()), is_temp(is_temp) {
|
||||
: public_key(private_key.compute_public_key()), private_key(private_key), is_temp(is_temp) {
|
||||
auto D = private_key.create_decryptor_async();
|
||||
D.ensure();
|
||||
decryptor_sign = D.move_as_ok();
|
||||
|
@ -190,6 +190,16 @@ void KeyringImpl::decrypt_message(PublicKeyHash key_hash, td::BufferSlice data,
|
|||
}
|
||||
}
|
||||
|
||||
void KeyringImpl::export_all_private_keys(td::Promise<std::vector<PrivateKey>> promise) {
|
||||
std::vector<PrivateKey> keys;
|
||||
for (auto& [_, descr] : map_) {
|
||||
if (!descr->is_temp && descr->private_key.exportable()) {
|
||||
keys.push_back(descr->private_key);
|
||||
}
|
||||
}
|
||||
promise.set_value(std::move(keys));
|
||||
}
|
||||
|
||||
td::actor::ActorOwn<Keyring> Keyring::create(std::string db_root) {
|
||||
return td::actor::create_actor<KeyringImpl>("keyring", db_root);
|
||||
}
|
||||
|
|
|
@ -44,6 +44,8 @@ class Keyring : public td::actor::Actor {
|
|||
|
||||
virtual void decrypt_message(PublicKeyHash key_hash, td::BufferSlice data, td::Promise<td::BufferSlice> promise) = 0;
|
||||
|
||||
virtual void export_all_private_keys(td::Promise<std::vector<PrivateKey>> promise) = 0;
|
||||
|
||||
static td::actor::ActorOwn<Keyring> create(std::string db_root);
|
||||
};
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ class KeyringImpl : public Keyring {
|
|||
td::actor::ActorOwn<DecryptorAsync> decryptor_sign;
|
||||
td::actor::ActorOwn<DecryptorAsync> decryptor_decrypt;
|
||||
PublicKey public_key;
|
||||
PrivateKey private_key;
|
||||
bool is_temp;
|
||||
PrivateKeyDescr(PrivateKey private_key, bool is_temp);
|
||||
};
|
||||
|
@ -56,6 +57,8 @@ class KeyringImpl : public Keyring {
|
|||
|
||||
void decrypt_message(PublicKeyHash key_hash, td::BufferSlice data, td::Promise<td::BufferSlice> promise) override;
|
||||
|
||||
void export_all_private_keys(td::Promise<std::vector<PrivateKey>> promise) override;
|
||||
|
||||
KeyringImpl(std::string db_root) : db_root_(db_root) {
|
||||
}
|
||||
|
||||
|
|
|
@ -181,9 +181,9 @@ QueryInfo get_query_info(const lite_api::Function& f) {
|
|||
[&](const lite_api::liteServer_getBlockProof& q) {
|
||||
info.shard_id = ShardIdFull{masterchainId};
|
||||
BlockIdExt from = create_block_id(q.known_block_);
|
||||
BlockIdExt to = create_block_id(q.target_block_);
|
||||
// See LiteQuery::perform_getBlockProof
|
||||
if ((q.mode_ & 1) && (q.mode_ & 0x1000)) {
|
||||
BlockIdExt to = create_block_id(q.target_block_); // target_block is non-null if (mode & 1)
|
||||
info.type = QueryInfo::t_seqno;
|
||||
info.value = std::max(from.seqno(), to.seqno());
|
||||
} else {
|
||||
|
|
|
@ -749,6 +749,8 @@ engine.validator.perfTimerStats stats:(vector engine.validator.PerfTimerStatsByN
|
|||
|
||||
engine.validator.shardOutQueueSize size:long = engine.validator.ShardOutQueueSize;
|
||||
|
||||
engine.validator.exportedPrivateKeys encrypted_data:bytes = engine.validator.ExportedPrivateKeys;
|
||||
|
||||
engine.validator.collationManagerStats.shard shard_id:tonNode.shardId self_collate:Bool select_mode:string active:Bool collators:(vector int256) = engine.validator.collationManagerStats.Shard;
|
||||
engine.validator.collationManagerStats.collator adnl_id:int256 active:Bool alive:Bool ping_in:double last_ping_ago:double last_ping_status:string = engine.validator.collationManagerStats.Collator;
|
||||
engine.validator.collationManagerStats.localId adnl_id:int256 shards:(vector engine.validator.collationManagerStats.shard)
|
||||
|
@ -784,6 +786,7 @@ engine.validator.delListeningPort ip:int port:int categories:(vector int) priori
|
|||
engine.validator.delProxy out_ip:int out_port:int categories:(vector int) priority_categories:(vector int) = engine.validator.Success;
|
||||
|
||||
engine.validator.sign key_hash:int256 data:bytes = engine.validator.Signature;
|
||||
engine.validator.exportAllPrivateKeys encryption_key:PublicKey = engine.validator.ExportedPrivateKeys;
|
||||
|
||||
engine.validator.getStats = engine.validator.Stats;
|
||||
engine.validator.getConfig = engine.validator.JsonConfig;
|
||||
|
|
Binary file not shown.
|
@ -24,4 +24,4 @@ target_include_directories(pack-viewer PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_
|
|||
add_executable(proxy-liteserver proxy-liteserver.cpp)
|
||||
target_link_libraries(proxy-liteserver tdutils tdactor adnl dht tl_api ton_crypto git lite-client-common)
|
||||
|
||||
install(TARGETS generate-random-id RUNTIME DESTINATION bin)
|
||||
install(TARGETS generate-random-id proxy-liteserver RUNTIME DESTINATION bin)
|
||||
|
|
|
@ -35,6 +35,8 @@
|
|||
#include "ton/ton-tl.hpp"
|
||||
#include "td/utils/JsonBuilder.h"
|
||||
#include "auto/tl/ton_api_json.h"
|
||||
#include "keys/encryptor.h"
|
||||
#include "td/utils/port/path.h"
|
||||
#include "tl/tl_json.h"
|
||||
|
||||
#include <cctype>
|
||||
|
@ -283,6 +285,66 @@ td::Status SignFileQuery::receive(td::BufferSlice data) {
|
|||
return td::Status::OK();
|
||||
}
|
||||
|
||||
td::Status ExportAllPrivateKeysQuery::run() {
|
||||
TRY_RESULT_ASSIGN(directory_, tokenizer_.get_token<std::string>());
|
||||
TRY_STATUS(tokenizer_.check_endl());
|
||||
client_pk_ = ton::privkeys::Ed25519::random();
|
||||
return td::Status::OK();
|
||||
}
|
||||
|
||||
td::Status ExportAllPrivateKeysQuery::send() {
|
||||
auto b = ton::create_serialize_tl_object<ton::ton_api::engine_validator_exportAllPrivateKeys>(
|
||||
client_pk_.compute_public_key().tl());
|
||||
td::actor::send_closure(console_, &ValidatorEngineConsole::envelope_send_query, std::move(b), create_promise());
|
||||
return td::Status::OK();
|
||||
}
|
||||
|
||||
td::Status ExportAllPrivateKeysQuery::receive(td::BufferSlice data) {
|
||||
TRY_RESULT_PREFIX(f, ton::fetch_tl_object<ton::ton_api::engine_validator_exportedPrivateKeys>(data.as_slice(), true),
|
||||
"received incorrect answer: ");
|
||||
// Private keys are encrypted using client-provided public key to avoid storing them in
|
||||
// non-secure buffers (not td::SecureString)
|
||||
TRY_RESULT_PREFIX(decryptor, client_pk_.create_decryptor(), "cannot create decryptor: ");
|
||||
TRY_RESULT_PREFIX(keys_data, decryptor->decrypt(f->encrypted_data_.as_slice()), "cannot decrypt data: ");
|
||||
SCOPE_EXIT {
|
||||
keys_data.as_slice().fill_zero_secure();
|
||||
};
|
||||
td::Slice slice = keys_data.as_slice();
|
||||
if (slice.size() < 32) {
|
||||
return td::Status::Error("data is too small");
|
||||
}
|
||||
slice.remove_suffix(32);
|
||||
std::vector<ton::PrivateKey> private_keys;
|
||||
while (!slice.empty()) {
|
||||
if (slice.size() < 4) {
|
||||
return td::Status::Error("unexpected end of data");
|
||||
}
|
||||
td::uint32 size;
|
||||
td::MutableSlice{reinterpret_cast<char *>(&size), 4}.copy_from(slice.substr(0, 4));
|
||||
if (size > slice.size()) {
|
||||
return td::Status::Error("unexpected end of data");
|
||||
}
|
||||
slice.remove_prefix(4);
|
||||
TRY_RESULT_PREFIX(private_key, ton::PrivateKey::import(slice.substr(0, size)), "cannot parse private key: ");
|
||||
if (!private_key.exportable()) {
|
||||
return td::Status::Error("private key is not exportable");
|
||||
}
|
||||
private_keys.push_back(std::move(private_key));
|
||||
slice.remove_prefix(size);
|
||||
}
|
||||
|
||||
TRY_STATUS_PREFIX(td::mkpath(directory_ + "/"), "cannot create directory " + directory_ + ": ");
|
||||
td::TerminalIO::out() << "exported " << private_keys.size() << " private keys" << "\n";
|
||||
for (const ton::PrivateKey &private_key : private_keys) {
|
||||
std::string hash_hex = private_key.compute_short_id().bits256_value().to_hex();
|
||||
TRY_STATUS_PREFIX(td::write_file(directory_ + "/" + hash_hex, private_key.export_as_slice()),
|
||||
"failed to write file: ");
|
||||
td::TerminalIO::out() << "pubkey_hash " << hash_hex << "\n";
|
||||
}
|
||||
td::TerminalIO::out() << "written all files to " << directory_ << "\n";
|
||||
return td::Status::OK();
|
||||
}
|
||||
|
||||
td::Status AddAdnlAddrQuery::run() {
|
||||
TRY_RESULT_ASSIGN(key_hash_, tokenizer_.get_token<ton::PublicKeyHash>());
|
||||
TRY_RESULT_ASSIGN(category_, tokenizer_.get_token<td::uint32>());
|
||||
|
|
|
@ -413,6 +413,30 @@ class SignFileQuery : public Query {
|
|||
std::string out_file_;
|
||||
};
|
||||
|
||||
class ExportAllPrivateKeysQuery : public Query {
|
||||
public:
|
||||
ExportAllPrivateKeysQuery(td::actor::ActorId<ValidatorEngineConsole> console, Tokenizer tokenizer)
|
||||
: Query(console, std::move(tokenizer)) {
|
||||
}
|
||||
td::Status run() override;
|
||||
td::Status send() override;
|
||||
td::Status receive(td::BufferSlice R) override;
|
||||
static std::string get_name() {
|
||||
return "exportallprivatekeys";
|
||||
}
|
||||
static std::string get_help() {
|
||||
return "exportallprivatekeys <directory>\texports all private keys from validator engine and stores them to "
|
||||
"<directory>";
|
||||
}
|
||||
std::string name() const override {
|
||||
return get_name();
|
||||
}
|
||||
|
||||
private:
|
||||
std::string directory_;
|
||||
ton::PrivateKey client_pk_;
|
||||
};
|
||||
|
||||
class AddAdnlAddrQuery : public Query {
|
||||
public:
|
||||
AddAdnlAddrQuery(td::actor::ActorId<ValidatorEngineConsole> console, Tokenizer tokenizer)
|
||||
|
|
|
@ -112,6 +112,7 @@ void ValidatorEngineConsole::run() {
|
|||
add_query_runner(std::make_unique<QueryRunnerImpl<ExportPublicKeyFileQuery>>());
|
||||
add_query_runner(std::make_unique<QueryRunnerImpl<SignQuery>>());
|
||||
add_query_runner(std::make_unique<QueryRunnerImpl<SignFileQuery>>());
|
||||
add_query_runner(std::make_unique<QueryRunnerImpl<ExportAllPrivateKeysQuery>>());
|
||||
add_query_runner(std::make_unique<QueryRunnerImpl<AddAdnlAddrQuery>>());
|
||||
add_query_runner(std::make_unique<QueryRunnerImpl<AddDhtIdQuery>>());
|
||||
add_query_runner(std::make_unique<QueryRunnerImpl<AddValidatorPermanentKeyQuery>>());
|
||||
|
|
|
@ -3466,6 +3466,70 @@ void ValidatorEngine::run_control_query(ton::ton_api::engine_validator_sign &que
|
|||
std::move(query.data_), std::move(P));
|
||||
}
|
||||
|
||||
void ValidatorEngine::run_control_query(ton::ton_api::engine_validator_exportAllPrivateKeys &query,
|
||||
td::BufferSlice data, ton::PublicKeyHash src, td::uint32 perm,
|
||||
td::Promise<td::BufferSlice> promise) {
|
||||
if (!(perm & ValidatorEnginePermissions::vep_unsafe)) {
|
||||
promise.set_value(create_control_query_error(td::Status::Error(ton::ErrorCode::error, "not authorized")));
|
||||
return;
|
||||
}
|
||||
if (keyring_.empty()) {
|
||||
promise.set_value(create_control_query_error(td::Status::Error(ton::ErrorCode::notready, "not started keyring")));
|
||||
return;
|
||||
}
|
||||
|
||||
ton::PublicKey client_pubkey = ton::PublicKey{query.encryption_key_};
|
||||
if (!client_pubkey.is_ed25519()) {
|
||||
promise.set_value(
|
||||
create_control_query_error(td::Status::Error(ton::ErrorCode::protoviolation, "encryption key is not Ed25519")));
|
||||
return;
|
||||
}
|
||||
|
||||
td::actor::send_closure(
|
||||
keyring_, &ton::keyring::Keyring::export_all_private_keys,
|
||||
[promise = std::move(promise),
|
||||
client_pubkey = std::move(client_pubkey)](td::Result<std::vector<ton::PrivateKey>> R) mutable {
|
||||
if (R.is_error()) {
|
||||
promise.set_value(create_control_query_error(R.move_as_error()));
|
||||
return;
|
||||
}
|
||||
// Private keys are encrypted using client-provided public key to avoid storing them in
|
||||
// non-secure buffers (not td::SecureString)
|
||||
std::vector<td::SecureString> serialized_keys;
|
||||
size_t data_size = 32;
|
||||
for (const ton::PrivateKey &key : R.ok()) {
|
||||
serialized_keys.push_back(key.export_as_slice());
|
||||
data_size += serialized_keys.back().size() + 4;
|
||||
}
|
||||
td::SecureString data{data_size};
|
||||
td::MutableSlice slice = data.as_mutable_slice();
|
||||
for (const td::SecureString &s : serialized_keys) {
|
||||
td::uint32 size = td::narrow_cast_safe<td::uint32>(s.size()).move_as_ok();
|
||||
CHECK(slice.size() >= size + 4);
|
||||
slice.copy_from(td::Slice{reinterpret_cast<const td::uint8 *>(&size), 4});
|
||||
slice.remove_prefix(4);
|
||||
slice.copy_from(s.as_slice());
|
||||
slice.remove_prefix(s.size());
|
||||
}
|
||||
CHECK(slice.size() == 32);
|
||||
td::Random::secure_bytes(slice);
|
||||
|
||||
auto r_encryptor = client_pubkey.create_encryptor();
|
||||
if (r_encryptor.is_error()) {
|
||||
promise.set_value(create_control_query_error(r_encryptor.move_as_error_prefix("cannot create encryptor: ")));
|
||||
return;
|
||||
}
|
||||
auto encryptor = r_encryptor.move_as_ok();
|
||||
auto r_encrypted = encryptor->encrypt(data.as_slice());
|
||||
if (r_encryptor.is_error()) {
|
||||
promise.set_value(create_control_query_error(r_encrypted.move_as_error_prefix("cannot encrypt data: ")));
|
||||
return;
|
||||
}
|
||||
promise.set_value(ton::create_serialize_tl_object<ton::ton_api::engine_validator_exportedPrivateKeys>(
|
||||
r_encrypted.move_as_ok()));
|
||||
});
|
||||
}
|
||||
|
||||
void ValidatorEngine::run_control_query(ton::ton_api::engine_validator_setVerbosity &query, td::BufferSlice data,
|
||||
ton::PublicKeyHash src, td::uint32 perm, td::Promise<td::BufferSlice> promise) {
|
||||
if (!(perm & ValidatorEnginePermissions::vep_default)) {
|
||||
|
|
|
@ -489,6 +489,8 @@ class ValidatorEngine : public td::actor::Actor {
|
|||
td::uint32 perm, td::Promise<td::BufferSlice> promise);
|
||||
void run_control_query(ton::ton_api::engine_validator_sign &query, td::BufferSlice data, ton::PublicKeyHash src,
|
||||
td::uint32 perm, td::Promise<td::BufferSlice> promise);
|
||||
void run_control_query(ton::ton_api::engine_validator_exportAllPrivateKeys &query, td::BufferSlice data,
|
||||
ton::PublicKeyHash src, td::uint32 perm, td::Promise<td::BufferSlice> promise);
|
||||
void run_control_query(ton::ton_api::engine_validator_setVerbosity &query, td::BufferSlice data,
|
||||
ton::PublicKeyHash src, td::uint32 perm, td::Promise<td::BufferSlice> promise);
|
||||
void run_control_query(ton::ton_api::engine_validator_getStats &query, td::BufferSlice data, ton::PublicKeyHash src,
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue