diff --git a/.github/workflows/build-release-binaries.yml b/.github/workflows/build-release-binaries.yml index 48888845..c18c3124 100644 --- a/.github/workflows/build-release-binaries.yml +++ b/.github/workflows/build-release-binaries.yml @@ -45,7 +45,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout tagged commit - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 with: ref: ${{ github.event.release.target_commitish }} token: ${{ secrets.BOTTY_GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 74f28c71..5c426a8b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - uses: dtolnay/rust-toolchain@master with: @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - uses: Swatinem/rust-cache@v2.7.3 @@ -49,12 +49,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - uses: Swatinem/rust-cache@v2.7.3 - name: Install sqlx-cli - run: cargo install sqlx-cli --locked + run: cargo install --locked --version 0.6.3 sqlx-cli - name: Run sqlite_dev_setup.sh script run: | @@ -76,7 +76,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout sources - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - uses: Swatinem/rust-cache@v2.7.3 @@ -129,7 +129,7 @@ jobs: tool-cache: false - name: Checkout sources - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - uses: Swatinem/rust-cache@v2.7.3 @@ -166,7 +166,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v4.1.2 - uses: Swatinem/rust-cache@v2.7.3 diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index ac24fe3f..c62d47eb 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -11,7 +11,7 @@ jobs: if: github.event.pull_request.merged == true && startsWith(github.event.pull_request.head.ref, 'release/') runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.2 - name: Extract version from branch name id: extract-version diff --git a/.github/workflows/draft-new-release.yml b/.github/workflows/draft-new-release.yml index d980d388..5188be0a 100644 --- a/.github/workflows/draft-new-release.yml +++ b/.github/workflows/draft-new-release.yml @@ -12,7 +12,7 @@ jobs: name: "Draft a new release" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.2 with: token: ${{ secrets.BOTTY_GITHUB_TOKEN }} diff --git a/.github/workflows/preview-release.yml b/.github/workflows/preview-release.yml index d27a645a..f45ff1b4 100644 --- a/.github/workflows/preview-release.yml +++ b/.github/workflows/preview-release.yml @@ -10,7 +10,7 @@ jobs: name: Create preview release runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v4.1.2 - name: Delete 'preview' release uses: larryjoelane/delete-release-action@v1.0.24 diff --git a/Cargo.lock b/Cargo.lock index ca45efb0..f1772062 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -98,9 +98,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.80" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ad32ce52e4161730f7098c077cd2ed6229b5804ccf99e5366be1ab72a98b4e1" +checksum = "0952808a6c2afd1aa8947271f3a60f1a6763c7b912d210184c5149b5cf147247" [[package]] name = "arrayref" @@ -154,9 +154,9 @@ dependencies = [ [[package]] name = "async-trait" -version = "0.1.77" +version = "0.1.78" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c980ee35e870bd1a4d2c8294d4c04d0499e67bca1e4b5cefcc693c2fa00caea9" +checksum = "461abc97219de0eaaf81fe3ef974a540158f3d079c2ab200f891f1a2ef201e85" dependencies = [ "proc-macro2", "quote", @@ -273,6 +273,12 @@ version = "0.21.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" +[[package]] +name = "base64" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" + [[package]] name = "bdk" version = "0.28.0" @@ -692,12 +698,6 @@ dependencies = [ "vec_map", ] -[[package]] -name = "color_quant" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d7b894f5411737b7867f4827955924d7c254fc9f4d91a6aad6b097804b1018b" - [[package]] name = "colored" version = "2.0.4" @@ -731,7 +731,7 @@ dependencies = [ "nom", "pathdiff", "serde", - "toml 0.8.10", + "toml 0.8.12", ] [[package]] @@ -1801,14 +1801,12 @@ dependencies = [ [[package]] name = "image" -version = "0.24.7" +version = "0.25.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f3dfdbdd72063086ff443e297b61695500514b1e41095b6fb9a5ab48a70a711" +checksum = "a9b4f005360d32e9325029b38ba47ebd7a56f3316df09249368939562d518645" dependencies = [ "bytemuck", "byteorder", - "color_quant", - "num-rational 0.4.1", "num-traits", ] @@ -2735,7 +2733,7 @@ dependencies = [ "num-complex", "num-integer", "num-iter", - "num-rational 0.1.42", + "num-rational", "num-traits", ] @@ -2800,17 +2798,6 @@ dependencies = [ "rustc-serialize", ] -[[package]] -name = "num-rational" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0" -dependencies = [ - "autocfg", - "num-integer", - "num-traits", -] - [[package]] name = "num-traits" version = "0.2.15" @@ -3261,9 +3248,9 @@ dependencies = [ [[package]] name = "qrcode" -version = "0.13.0" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "166f136dfdb199f98186f3649cf7a0536534a61417a1a30221b492b4fb60ce3f" +checksum = "23e719ca51966ff9f5a8436edb00d6115b3c606a0bb27c8f8ca74a38ff2b036d" dependencies = [ "image", ] @@ -3493,9 +3480,9 @@ dependencies = [ [[package]] name = "reqwest" -version = "0.11.24" +version = "0.11.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c6920094eb85afde5e4a138be3f2de8bbdf28000f0029e72c45025a56b042251" +checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62" dependencies = [ "base64 0.21.7", "bytes", @@ -4421,9 +4408,9 @@ checksum = "290d54ea6f91c969195bdbcd7442c8c2a2ba87da8bf60a7ee86a235d4bc1e125" [[package]] name = "strum" -version = "0.26.1" +version = "0.26.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "723b93e8addf9aa965ebe2d11da6d7540fa2283fcea14b3371ff055f7ba13f5f" +checksum = "5d8cec3501a5194c432b2b7976db6b7d10ec95c253208b45f83f7136aa985e29" dependencies = [ "strum_macros 0.26.1", ] @@ -4475,7 +4462,7 @@ dependencies = [ "async-trait", "atty", "backoff", - "base64 0.21.7", + "base64 0.22.0", "bdk", "big-bytes", "bitcoin", @@ -4487,6 +4474,7 @@ dependencies = [ "curve25519-dalek-ng", "data-encoding", "dialoguer", + "digest 0.10.7", "directories-next", "ecdsa_fun", "ed25519-dalek", @@ -4522,7 +4510,7 @@ dependencies = [ "spectral", "sqlx", "structopt", - "strum 0.26.1", + "strum 0.26.2", "tempfile", "testcontainers", "thiserror", @@ -4532,7 +4520,7 @@ dependencies = [ "tokio-tar", "tokio-tungstenite", "tokio-util", - "toml 0.8.10", + "toml 0.8.12", "torut", "tracing", "tracing-appender", @@ -4656,18 +4644,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.57" +version = "1.0.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e45bcbe8ed29775f228095caf2cd67af7a4ccf756ebff23a306bf3e8b47b24b" +checksum = "03468839009160513471e86a034bb2c5c0e4baae3b43f79ffc55c4a5427b3297" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.57" +version = "1.0.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a953cb265bef375dae3de6663da4d3804eee9682ea80d8e2542529b73c531c81" +checksum = "c61f3ba182994efc43764a46c018c347bc492c79f024e705f46567b418f6d4f7" dependencies = [ "proc-macro2", "quote", @@ -4893,9 +4881,9 @@ dependencies = [ [[package]] name = "toml" -version = "0.8.10" +version = "0.8.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a9aad4a3066010876e8dcf5a8a06e70a558751117a145c6ce2b82c2e2054290" +checksum = "e9dd1545e8208b4a5af1aa9bbd0b4cf7e9ea08fabc5d0a5c67fcaafa17433aa3" dependencies = [ "serde", "serde_spanned", @@ -4914,9 +4902,9 @@ dependencies = [ [[package]] name = "toml_edit" -version = "0.22.4" +version = "0.22.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c9ffdf896f8daaabf9b66ba8e77ea1ed5ed0f72821b398aba62352e95062951" +checksum = "c12219811e0c1ba077867254e5ad62ee2c9c190b0d957110750ac0cda1ae96cd" dependencies = [ "indexmap 2.1.0", "serde", @@ -5296,9 +5284,9 @@ checksum = "05e42f7c18b8f902290b009cde6d651262f956c98bc51bca4cd1d511c9cd85c7" [[package]] name = "uuid" -version = "1.7.0" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f00cc9702ca12d3c81455259621e676d0f7251cec66a21e98fe2e9a37db93b2a" +checksum = "a183cf7feeba97b4dd1c0d46788634f6221d87fa961b305bed08c851829efcc0" dependencies = [ "getrandom 0.2.11", "serde", @@ -5726,9 +5714,9 @@ checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" [[package]] name = "winnow" -version = "0.5.28" +version = "0.6.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c830786f7720c2fd27a1a0e27a709dbd3c4d009b56d098fc742d4f4eab91fe2" +checksum = "dffa400e67ed5a4dd237983829e66475f0a4a26938c4b04c21baede6262215b8" dependencies = [ "memchr", ] diff --git a/swap/Cargo.toml b/swap/Cargo.toml index 7b87629a..a04864f8 100644 --- a/swap/Cargo.toml +++ b/swap/Cargo.toml @@ -14,7 +14,7 @@ async-compression = { version = "0.3", features = [ "bzip2", "tokio" ] } async-trait = "0.1" atty = "0.2" backoff = { version = "0.4", features = [ "tokio" ] } -base64 = "0.21" +base64 = "0.22" bdk = "0.28" big-bytes = "1" bitcoin = { version = "0.29", features = [ "rand", "serde" ] } @@ -25,6 +25,7 @@ conquer-once = "0.4" curve25519-dalek = { package = "curve25519-dalek-ng", version = "4" } data-encoding = "2.5" dialoguer = "0.11" +digest = "0.10.7" directories-next = "2" ecdsa_fun = { git = "https://github.com/LLFourn/secp256kfun", default-features = false, features = [ "libsecp_compat", "serde", "adaptor" ] } ed25519-dalek = "1" @@ -38,7 +39,7 @@ monero = { version = "0.12", features = [ "serde_support" ] } monero-rpc = { path = "../monero-rpc" } pem = "3.0" proptest = "1" -qrcode = "0.13" +qrcode = "0.14" rand = "0.8" rand_chacha = "0.3" reqwest = { version = "0.11", features = [ "rustls-tls", "stream", "socks" ], default-features = false } @@ -66,7 +67,7 @@ tracing-appender = "0.2" tracing-futures = { version = "0.2", features = [ "std-future", "futures-03" ] } tracing-subscriber = { version = "0.3", default-features = false, features = [ "fmt", "ansi", "env-filter", "time", "tracing-log", "json" ] } url = { version = "2", features = [ "serde" ] } -uuid = { version = "1.7", features = [ "serde", "v4" ] } +uuid = { version = "1.8", features = [ "serde", "v4" ] } void = "1" [target.'cfg(not(windows))'.dependencies] diff --git a/swap/src/monero/wallet_rpc.rs b/swap/src/monero/wallet_rpc.rs index e44d800e..e227c3f3 100644 --- a/swap/src/monero/wallet_rpc.rs +++ b/swap/src/monero/wallet_rpc.rs @@ -1,11 +1,13 @@ use ::monero::Network; use anyhow::{bail, Context, Error, Result}; use big_bytes::BigByte; +use data_encoding::HEXLOWER; use futures::{StreamExt, TryStreamExt}; use monero_rpc::wallet::{Client, MoneroWalletRpc as _}; use reqwest::header::CONTENT_LENGTH; use reqwest::Url; use serde::Deserialize; +use sha2::{Digest, Sha256}; use std::fmt; use std::fmt::{Debug, Display, Formatter}; use std::io::ErrorKind; @@ -45,19 +47,29 @@ compile_error!("unsupported operating system"); #[cfg(all(target_os = "macos", target_arch = "x86_64"))] const DOWNLOAD_URL: &str = "https://downloads.getmonero.org/cli/monero-mac-x64-v0.18.1.2.tar.bz2"; +#[cfg(all(target_os = "macos", target_arch = "x86_64"))] +const DOWNLOAD_HASH: &str = "ba1108c7a5e5efe15b6a628fb007c50f01c231f61137bba7427605286dbc6f01"; #[cfg(all(target_os = "macos", target_arch = "aarch64"))] -const DOWNLOAD_URL: &str = "https://downloads.getmonero.org/cli/monero-mac-armv8-v0.18.0.0.tar.bz2"; +const DOWNLOAD_URL: &str = "https://downloads.getmonero.org/cli/monero-mac-armv8-v0.18.1.2.tar.bz2"; +#[cfg(all(target_os = "macos", target_arch = "aarch64"))] +const DOWNLOAD_HASH: &str = "620b825c04f84845ed09de03b207a3230a34f74b30a8a07dde504a7d376ee4b9"; #[cfg(all(target_os = "linux", target_arch = "x86_64"))] const DOWNLOAD_URL: &str = "https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.1.2.tar.bz2"; +#[cfg(all(target_os = "linux", target_arch = "x86_64"))] +const DOWNLOAD_HASH: &str = "7d51e7072351f65d0c7909e745827cfd3b00abe5e7c4cc4c104a3c9b526da07e"; #[cfg(all(target_os = "linux", target_arch = "arm"))] const DOWNLOAD_URL: &str = "https://downloads.getmonero.org/cli/monero-linux-armv7-v0.18.1.2.tar.bz2"; +#[cfg(all(target_os = "linux", target_arch = "arm"))] +const DOWNLOAD_HASH: &str = "94ece435ed60f85904114643482c2b6716f74bf97040a7af237450574a9cf06d"; #[cfg(target_os = "windows")] const DOWNLOAD_URL: &str = "https://downloads.getmonero.org/cli/monero-win-x64-v0.18.1.2.zip"; +#[cfg(target_os = "windows")] +const DOWNLOAD_HASH: &str = "0a3d4d1af7e094c05352c31b2dafcc6ccbc80edc195ca9eaedc919c36accd05a"; #[cfg(any(target_os = "macos", target_os = "linux"))] const PACKED_FILE: &str = "monero-wallet-rpc"; @@ -226,8 +238,14 @@ impl WalletRpc { DOWNLOAD_URL ); + let mut hasher = Sha256::new(); + let byte_stream = response .bytes_stream() + .map_ok(|bytes| { + hasher.update(&bytes); + bytes + }) .map_err(|err| std::io::Error::new(ErrorKind::Other, err)); #[cfg(not(target_os = "windows"))] @@ -256,6 +274,18 @@ impl WalletRpc { file.write_all(&bytes).await?; } + let result = hasher.finalize(); + let result_hash = HEXLOWER.encode(result.as_ref()); + if result_hash != DOWNLOAD_HASH { + bail!( + "SHA256 of download ({}) does not match expected ({})!", + result_hash, + DOWNLOAD_HASH + ); + } else { + tracing::debug!("Hashes match"); + } + file.flush().await?; tracing::debug!("Extracting archive");