Merge pull request #204 from wowario/checkpoints

update checkpoints.dat

.gitmodules

@@ -12,3 +12,6 @@
 [submodule "external/trezor-common"]
 	path = external/trezor-common
 	url = https://github.com/trezor/trezor-common.git
+[submodule "external/randomwow"]
+	path = external/randomwow
+	url = https://github.com/wownero/RandomWOW

.travis.yml

@@ -10,37 +10,33 @@ cache:
 env:
   global:
     - MAKEJOBS=-j3
-    - RUN_TESTS=false
-    - BOOST_TEST_RANDOM=1$TRAVIS_BUILD_ID
     - CCACHE_SIZE=100M
     - CCACHE_TEMPDIR=/tmp/.ccache-temp
     - CCACHE_COMPRESS=1
     - CCACHE_DIR=$HOME/.ccache
     - BASE_OUTDIR=$TRAVIS_BUILD_DIR/out
     - SDK_URL=https://bitcoincore.org/depends-sources/sdks
-    - PYTHON_DEBUG=1
-    - WINEDEBUG=fixme-all
     - DOCKER_PACKAGES="build-essential libtool cmake autotools-dev automake pkg-config bsdmainutils curl git ca-certificates ccache"
   matrix:
 # ARM v7
-    - HOST=arm-linux-gnueabihf PACKAGES="gperf g++-arm-linux-gnueabihf"
+    - HOST=arm-linux-gnueabihf PACKAGES="python3 gperf g++-arm-linux-gnueabihf"
 # ARM v8
-    - HOST=aarch64-linux-gnu PACKAGES="gperf g++-aarch64-linux-gnu"
+    - HOST=aarch64-linux-gnu PACKAGES="python3 gperf g++-aarch64-linux-gnu"
 # i686 Win
-    - HOST=i686-w64-mingw32 PACKAGES="python3 nsis g++-mingw-w64-i686"
+    - HOST=i686-w64-mingw32 DEP_OPTS="NO_QT=1" PACKAGES="python3 g++-mingw-w64-i686 qttools5-dev-tools"
 # i686 Linux
-    - HOST=i686-pc-linux-gnu PACKAGES="gperf cmake g++-multilib bc python3-zmq" RUN_TESTS=true
+    - HOST=i686-pc-linux-gnu PACKAGES="gperf cmake g++-multilib python3-zmq"
 # Win64
-    - HOST=x86_64-w64-mingw32 PACKAGES="cmake python3 nsis g++-mingw-w64-x86-64 wine-binfmt wine64 bc" RUN_TESTS=true
+    - HOST=x86_64-w64-mingw32 DEP_OPTS="NO_QT=1" PACKAGES="cmake python3 g++-mingw-w64-x86-64 qttools5-dev-tools"
 # x86_64 Linux
-    - HOST=x86_64-unknown-linux-gnu PACKAGES="gperf cmake python3-zmq protobuf-compiler libdbus-1-dev libharfbuzz-dev libprotobuf-dev" RUN_TESTS=true
+    - HOST=x86_64-unknown-linux-gnu PACKAGES="gperf cmake python3-zmq libdbus-1-dev libharfbuzz-dev"
 # Cross-Mac
     - HOST=x86_64-apple-darwin11 PACKAGES="cmake imagemagick libcap-dev librsvg2-bin libz-dev libbz2-dev libtiff-tools python-dev python3-setuptools-git" OSX_SDK=10.11
 
 before_install:
     - export PATH=$(echo $PATH | tr ':' "\n" | sed '/\/opt\/python/d' | tr "\n" ":" | sed "s|::|:|g")
 install:
-    - env | grep -E '^(CCACHE_|WINEDEBUG|DISPLAY|BOOST_TEST_RANDOM|CONFIG_SHELL)' | tee /tmp/env
+    - env | grep -E '^(CCACHE_|DISPLAY|CONFIG_SHELL)' | tee /tmp/env
     - if [[ $HOST = *-mingw32 ]]; then DOCKER_ADMIN="--cap-add SYS_ADMIN"; fi
     - DOCKER_ID=$(docker run $DOCKER_ADMIN -idt --mount type=bind,src=$TRAVIS_BUILD_DIR,dst=$TRAVIS_BUILD_DIR --mount type=bind,src=$CCACHE_DIR,dst=$CCACHE_DIR -w $TRAVIS_BUILD_DIR --env-file /tmp/env ubuntu:18.04)
     - DOCKER_EXEC="docker exec $DOCKER_ID"
@@ -52,6 +48,7 @@ before_script:
     - if [ -n "$OSX_SDK" -a ! -f contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz ]; then curl --location --fail $SDK_URL/MacOSX${OSX_SDK}.sdk.tar.gz -o contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz; fi
     - if [ -n "$OSX_SDK" -a -f contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz ]; then tar -C contrib/depends/SDKs -xf contrib/depends/sdk-sources/MacOSX${OSX_SDK}.sdk.tar.gz; fi
     - if [[ $HOST = *-mingw32 ]]; then $DOCKER_EXEC bash -c "update-alternatives --set $HOST-g++ \$(which $HOST-g++-posix)"; fi
+    - if [[ $HOST = *-mingw32 ]]; then $DOCKER_EXEC bash -c "update-alternatives --set $HOST-gcc \$(which $HOST-gcc-posix)"; fi
     - if [ -z "$NO_DEPENDS" ]; then $DOCKER_EXEC bash -c "CONFIG_SHELL= make $MAKEJOBS -C contrib/depends HOST=$HOST $DEP_OPTS"; fi
 script:
     - git submodule init && git submodule update

ANONYMITY_NETWORKS.md

@@ -0,0 +1,210 @@
+# Anonymity Networks with Monero
+
+Currently only Tor and I2P have been integrated into Monero. The usage of
+these networks is still considered experimental - there are a few pessimistic
+cases where privacy is leaked. The design is intended to maximize privacy of
+the source of a transaction by broadcasting it over an anonymity network, while
+relying on IPv4 for the remainder of messages to make surrounding node attacks
+(via sybil) more difficult.
+
+
+## Behavior
+
+If _any_ anonymity network is enabled, transactions being broadcast that lack
+a valid "context" (i.e. the transaction did not come from a p2p connection),
+will only be sent to peers on anonymity networks. If an anonymity network is
+enabled but no peers over an anonymity network are available, an error is
+logged and the transaction is kept for future broadcasting over an anonymity
+network. The transaction will not be broadcast unless an anonymity connection
+is made or until `monerod` is shutdown and restarted with only public
+connections enabled.
+
+Anonymity networks can also be used with `monero-wallet-cli` and
+`monero-wallet-rpc` - the wallets will connect to a daemon through a proxy. The
+daemon must provide a hidden service for the RPC itself, which is separate from
+the hidden service for P2P connections.
+
+
+## P2P Commands
+
+Only handshakes, peer timed syncs and transaction broadcast messages are
+supported over anonymity networks. If one `--add-exclusive-node` p2p address
+is specified, then no syncing will take place and only transaction broadcasting
+can occur. It is therefore recommended that `--add-exclusive-node` be combined
+with additional exclusive IPv4 address(es).
+
+
+## Usage
+
+Anonymity networks have no seed nodes (the feature is still considered
+experimental), so a user must specify an address. If configured properly,
+additional peers can be found through typical p2p peerlist sharing.
+
+### Outbound Connections
+
+Connecting to an anonymous address requires the command line option
+`--proxy` which tells `monerod` the ip/port of a socks proxy provided by a
+separate process. On most systems the configuration will look like:
+
+> `--proxy tor,127.0.0.1:9050,10`
+> `--proxy i2p,127.0.0.1:9000`
+
+which tells `monerod` that ".onion" p2p addresses can be forwarded to a socks
+proxy at IP 127.0.0.1 port 9050 with a max of 10 outgoing connections and
+".b32.i2p" p2p addresses can be forwarded to a socks proxy at IP 127.0.0.1 port
+9000 with the default max outgoing connections. Since there are no seed nodes
+for anonymity connections, peers must be manually specified:
+
+> `--add-exclusive-node rveahdfho7wo4b2m.onion:28083`
+> `--add-peer rveahdfho7wo4b2m.onion:28083`
+
+Either option can be listed multiple times, and can specify any mix of Tor,
+I2P, and IPv4 addresses. Using `--add-exclusive-node` will prevent the usage of
+seed nodes on ALL networks, which will typically be undesireable.
+
+### Inbound Connections
+
+Receiving anonymity connections is done through the option
+`--anonymous-inbound`. This option tells `monerod` the inbound address, network
+type, and max connections:
+
+> `--anonymous-inbound rveahdfho7wo4b2m.onion:28083,127.0.0.1:28083,25`
+> `--anonymous-inbound cmeua5767mz2q5jsaelk2rxhf67agrwuetaso5dzbenyzwlbkg2q.b32.i2p:5000,127.0.0.1:30000`
+
+which tells `monerod` that a max of 25 inbound Tor connections are being
+received at address "rveahdfho7wo4b2m.onion:28083" and forwarded to `monerod`
+localhost port 28083, and a default max I2P connections are being received at
+address "cmeua5767mz2q5jsaelk2rxhf67agrwuetaso5dzbenyzwlbkg2q.b32.i2p:5000" and
+forwarded to `monerod` localhost port 30000.
+These addresses will be shared with outgoing peers, over the same network type,
+otherwise the peer will not be notified of the peer address by the proxy.
+
+### Wallet RPC
+
+An anonymity network can be configured to forward incoming connections to a
+`monerod` RPC port - which is independent from the configuration for incoming
+P2P anonymity connections. The anonymity network (Tor/i2p) is
+[configured in the same manner](#configuration), except the localhost port
+must be the RPC port (typically 18081 for mainnet) instead of the p2p port:
+
+> HiddenServiceDir /var/lib/tor/data/monero
+> HiddenServicePort 18081 127.0.0.1:18081
+
+Then the wallet will be configured to use a Tor/i2p address:
+> `--proxy 127.0.0.1:9050`
+> `--daemon-address rveahdfho7wo4b2m.onion`
+
+The proxy must match the address type - a Tor proxy will not work properly with
+i2p addresses, etc.
+
+i2p and onion addresses provide the information necessary to authenticate and
+encrypt the connection from end-to-end. If desired, SSL can also be applied to
+the connection with `--daemon-address https://rveahdfho7wo4b2m.onion` which
+requires a server certificate that is signed by a "root" certificate on the
+machine running the wallet. Alternatively, `--daemon-cert-file` can be used to
+specify a certificate to authenticate the server.
+
+Proxies can also be used to connect to "clearnet" (ipv4 addresses or ICANN
+domains), but `--daemon-cert-file` _must_ be used for authentication and
+encryption.
+
+### Network Types
+
+#### Tor & I2P
+
+Options `--add-exclusive-node` and `--add-peer` recognize ".onion" and
+".b32.i2p" addresses, and will properly forward those addresses to the proxy
+provided with `--proxy tor,...` or `--proxy i2p,...`.
+
+Option `--anonymous-inbound` also recognizes ".onion" and ".b32.i2p" addresses,
+and will automatically be sent out to outgoing Tor/I2P connections so the peer
+can distribute the address to its other peers.
+
+##### Configuration
+
+Tor must be configured for hidden services. An example configuration ("torrc")
+might look like:
+
+> HiddenServiceDir /var/lib/tor/data/monero
+> HiddenServicePort 28083 127.0.0.1:28083
+
+This will store key information in `/var/lib/tor/data/monero` and will forward
+"Tor port" 28083 to port 28083 of ip 127.0.0.1. The file
+`/usr/lib/tor/data/monero/hostname` will contain the ".onion" address for use
+with `--anonymous-inbound`.
+
+I2P must be configured with a standard server tunnel. Configuration differs by
+I2P implementation.
+
+## Privacy Limitations
+
+There are currently some techniques that could be used to _possibly_ identify
+the machine that broadcast a transaction over an anonymity network.
+
+### Timestamps
+
+The peer timed sync command sends the current time in the message. This value
+can be used to link an onion address to an IPv4/IPv6 address. If a peer first
+sees a transaction over Tor, it could _assume_ (possibly incorrectly) that the
+transaction originated from the peer. If both the Tor connection and an
+IPv4/IPv6 connection have timestamps that are approximately close in value they
+could be used to link the two connections. This is less likely to happen if the
+system clock is fairly accurate - many peers on the Monero network should have
+similar timestamps.
+
+#### Mitigation
+
+Keep the system clock accurate so that fingerprinting is more difficult. In
+the future a random offset might be applied to anonymity networks so that if
+the system clock is noticeably off (and therefore more fingerprintable),
+linking the public IPv4/IPv6 connections with the anonymity networks will be
+more difficult.
+
+### Bandwidth Usage
+
+An ISP can passively monitor `monerod` connections from a node and observe when
+a transaction is sent over a Tor/I2P connection via timing analysis + size of
+data sent during that timeframe. I2P should provide better protection against
+this attack - its connections are not circuit based. However, if a node is
+only using I2P for broadcasting Monero transactions, the total aggregate of
+I2P data would also leak information.
+
+#### Mitigation
+
+There is no current mitigation for the user right now. This attack is fairly
+sophisticated, and likely requires support from the internet host of a Monero
+user.
+
+In the near future, "whitening" the amount of data sent over anonymity network
+connections will be performed. An attempt will be made to make a transaction
+broadcast indistinguishable from a peer timed sync command.
+
+### Intermittent Monero Syncing
+
+If a user only runs `monerod` to send a transaction then quit, this can also
+be used by an ISP to link a user to a transaction.
+
+#### Mitigation
+
+Run `monerod` as often as possible to conceal when transactions are being sent.
+Future versions will also have peers that first receive a transaction over an
+anonymity network delay the broadcast to public peers by a randomized amount.
+This will not completetely mitigate a user who syncs up sends then quits, in
+part because this rule is not enforceable, so this mitigation strategy is
+simply a best effort attempt.
+
+### Active Bandwidth Shaping
+
+An attacker could attempt to bandwidth shape traffic in an attempt to determine
+the source of a Tor/I2P connection. There isn't great mitigation against
+this, but I2P should provide better protection against this attack since
+the connections are not circuit based.
+
+#### Mitigation
+
+The best mitigiation is to use I2P instead of Tor. However, I2P
+has a smaller set of users (less cover traffic) and academic reviews, so there
+is a tradeoff in potential isses. Also, anyone attempting this strategy really
+wants to uncover a user, it seems unlikely that this would be performed against
+every Tor/I2P user.
+

CMakeLists.txt

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 #
 # All rights reserved.
 #
@@ -44,6 +44,8 @@ message(STATUS "CMake version ${CMAKE_VERSION}")
 
 project(monero)
 
+enable_language(C ASM)
+
 function (die msg)
   if (NOT WIN32)
     string(ASCII 27 Esc)
@@ -113,6 +115,9 @@ string(TOLOWER ${CMAKE_BUILD_TYPE} CMAKE_BUILD_TYPE_LOWER)
 # to identify the target architecture, to direct logic in this cmake script.
 # Since ARCH is a cached variable, it will not be set on first cmake invocation.
 if (NOT ARCH OR ARCH STREQUAL "" OR ARCH STREQUAL "native" OR ARCH STREQUAL "default")
+  if(CMAKE_SYSTEM_PROCESSOR STREQUAL "")
+    set(CMAKE_SYSTEM_PROCESSOR ${CMAKE_HOST_SYSTEM_PROCESSOR})
+  endif()
   set(ARCH_ID "${CMAKE_SYSTEM_PROCESSOR}")
 else()
   set(ARCH_ID "${ARCH}")
@@ -172,6 +177,15 @@ else()
   message(STATUS "Building without build tag")
 endif()
 
+# Update and init submodules by default
+if(NOT MANUAL_SUBMODULES)
+  find_package(Git)
+  if(GIT_FOUND)
+    message(STATUS "Initializing submodules")
+    execute_process(COMMAND git "submodule" "update" "--init" "--recursive" WORKING_DIRECTORY ${CMAKE_SOURCE_DIR})
+  endif()
+endif()
+
 if(NOT MANUAL_SUBMODULES)
   find_package(Git)
   if(GIT_FOUND)
@@ -191,6 +205,7 @@ if(NOT MANUAL_SUBMODULES)
     check_submodule(external/unbound)
     check_submodule(external/rapidjson)
     check_submodule(external/trezor-common)
+    check_submodule(external/randomwow)
   endif()
 endif()
 
@@ -239,7 +254,7 @@ endif()
 set_property(GLOBAL PROPERTY USE_FOLDERS ON)
 enable_testing()
 
-option(BUILD_DOCUMENTATION "Build the Doxygen documentation." ON)
+option(BUILD_DOCUMENTATION "Build the Doxygen documentation." OFF)
 option(BUILD_TESTS "Build tests." OFF)
 
 # Check whether we're on a 32-bit or 64-bit system
@@ -483,6 +498,14 @@ ExternalProject_Add(generate_translations_header
 include_directories("${CMAKE_CURRENT_BINARY_DIR}/translations")
 add_subdirectory(external)
 
+# Final setup for miniupnpc
+if(UPNP_STATIC OR IOS)
+  add_definitions("-DUPNP_STATIC")
+else()
+  add_definitions("-DUPNP_DYNAMIC")
+  include_directories(${UPNP_INCLUDE})
+endif()
+
 # Final setup for libunbound
 include_directories(${UNBOUND_INCLUDE})
 link_directories(${UNBOUND_LIBRARY_DIRS})
@@ -592,9 +615,6 @@ else()
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${ARCH_FLAG}")
 
   set(WARNINGS "-Wall -Wextra -Wpointer-arith -Wundef -Wvla -Wwrite-strings -Wno-error=extra -Wno-error=deprecated-declarations -Wno-unused-parameter -Wno-unused-variable -Wno-error=unused-variable -Wno-error=undef -Wno-error=uninitialized")
-  if(NOT MINGW)
-    set(WARNINGS_AS_ERRORS_FLAG "-Werror")
-  endif()
   if(CMAKE_C_COMPILER_ID STREQUAL "Clang")
     if(ARM)
       set(WARNINGS "${WARNINGS} -Wno-error=inline-asm")
@@ -689,6 +709,12 @@ else()
     set(LD_SECURITY_FLAGS "${LD_SECURITY_FLAGS} -Wl,-z,noexecheap")
   endif()
 
+  if(BACKCOMPAT)
+      add_linker_flag_if_supported(-Wl,--wrap=__divmoddi4 LD_BACKCOMPAT_FLAGS)
+      add_linker_flag_if_supported(-Wl,--wrap=glob LD_BACKCOMPAT_FLAGS)
+      message(STATUS "Using Lib C back compat flags: ${LD_BACKCOMPAT_FLAGS}")
+  endif()
+
   # some windows linker bits
   if (WIN32)
     add_linker_flag_if_supported(-Wl,--dynamicbase LD_SECURITY_FLAGS)
@@ -701,7 +727,7 @@ else()
 
   set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=c11 -D_GNU_SOURCE ${MINGW_FLAG} ${STATIC_ASSERT_FLAG} ${WARNINGS} ${C_WARNINGS} ${COVERAGE_FLAGS} ${PIC_FLAG} ${C_SECURITY_FLAGS}")
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11 -D_GNU_SOURCE ${MINGW_FLAG} ${STATIC_ASSERT_CPP_FLAG} ${WARNINGS} ${CXX_WARNINGS} ${COVERAGE_FLAGS} ${PIC_FLAG} ${CXX_SECURITY_FLAGS}")
-  set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${LD_SECURITY_FLAGS}")
+  set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} ${LD_SECURITY_FLAGS} ${LD_BACKCOMPAT_FLAGS}")
 
   # With GCC 6.1.1 the compiled binary malfunctions due to aliasing. Until that
   # is fixed in the code (Issue #847), force compiler to be conservative.
@@ -870,6 +896,7 @@ set(OLD_LIB_SUFFIXES ${CMAKE_FIND_LIBRARY_SUFFIXES})
 if(STATIC)
   if(MINGW)
     set(CMAKE_FIND_LIBRARY_SUFFIXES .a)
+    set(Boost_NO_BOOST_CMAKE ON)
   endif()
 
   set(Boost_USE_STATIC_LIBS ON)
@@ -879,13 +906,19 @@ find_package(Boost 1.58 QUIET REQUIRED COMPONENTS system filesystem thread date_
 
 set(CMAKE_FIND_LIBRARY_SUFFIXES ${OLD_LIB_SUFFIXES})
 if(NOT Boost_FOUND)
-  die("Could not find Boost libraries, please make sure you have installed Boost or libboost-all-dev (1.58) or the equivalent")
+  die("Could not find Boost libraries, please make sure you have installed Boost or libboost-all-dev (>=1.58) or the equivalent")
 elseif(Boost_FOUND)
   message(STATUS "Found Boost Version: ${Boost_VERSION}")
-  if (Boost_VERSION VERSION_LESS 106200 AND NOT (OPENSSL_VERSION VERSION_LESS 1.1))
-      message(FATAL_ERROR "Boost older than 1.62 is too old to link with OpenSSL 1.1 or newer. "
+  if (Boost_VERSION VERSION_LESS 10 AND Boost_VERSION VERSION_LESS 1.62.0 AND NOT (OPENSSL_VERSION VERSION_LESS 1.1))
+    set(BOOST_BEFORE_1_62 true)
+  endif()
+  if (NOT Boost_VERSION VERSION_LESS 10 AND Boost_VERSION VERSION_LESS 106200 AND NOT (OPENSSL_VERSION VERSION_LESS 1.1))
+    set(BOOST_BEFORE_1_62 true)
+  endif()
+  if (BOOST_BEFORE_1_62)
+      message(FATAL_ERROR "Boost ${Boost_VERSION} (older than 1.62) is too old to link with OpenSSL ${OPENSSL_VERSION} (1.1 or newer) found at ${OPENSSL_INCLUDE_DIR} and ${OPENSSL_LIBRARIES}. "
                           "Update Boost or install OpenSSL 1.0 and set path to it when running cmake: "
-                          "cmake -DOPENSSL_ROOT_DIR='/usr/include/openssl-1.0;/usr/lib/openssl-1.0'")
+                          "cmake -DOPENSSL_ROOT_DIR='/usr/include/openssl-1.0'")
   endif()
 endif()
 
@@ -894,7 +927,7 @@ if(MINGW)
   set(CMAKE_CXX_FLAGS_DEBUG "${CMAKE_CXX_FLAGS_DEBUG} -Wa,-mbig-obj")
   set(EXTRA_LIBRARIES mswsock;ws2_32;iphlpapi;crypt32;bcrypt)
   if(DEPENDS)
-    set(ICU_LIBRARIES sicuio sicuin sicuuc sicudt sicutu iconv)
+    set(ICU_LIBRARIES icuio icui18n icuuc icudata icutu iconv)
   else()
     set(ICU_LIBRARIES icuio icuin icuuc icudt icutu iconv)
   endif()
@@ -1014,3 +1047,5 @@ option(INSTALL_VENDORED_LIBUNBOUND "Install libunbound binary built from source
 
 
 CHECK_C_COMPILER_FLAG(-std=c11 HAVE_C11)
+
+find_package(PythonInterp)

CMakeLists_IOS.txt

@@ -1,4 +1,4 @@
-# Portions Copyright (c) 2017-2018, The Monero Project
+# Portions Copyright (c) 2017-2019, The Monero Project
 # This file is based off of the https://code.google.com/archive/p/ios-cmake/
 # It has been altered for Monero iOS development
 #

CONTRIBUTING.md

@@ -19,7 +19,8 @@ posted to #monero-dev on irc.freenode.net).
 
 Patches should be self contained. A good rule of thumb is to have
 one patch per separate issue, feature, or logical change. Also, no
-other changes, such as random whitespace changes or reindentation.
+other changes, such as random whitespace changes, reindentation,
+or fixing typoes, spelling, or wording, unless user visible.
 Following the code style of the particular chunk of code you're
 modifying is encouraged. Proper squashing should be done (eg, if
 you're making a buggy patch, then a later patch to fix the bug,
@@ -87,26 +88,26 @@ C4 is meant to provide a reusable optimal collaboration model for open source so
 
 ### Preliminaries
 
-- The project SHALL use the git distributed revision control system.
-- The project SHALL be hosted on github.com or equivalent, herein called the "Platform".
-- The project SHALL use the Platform issue tracker.
+- The project MUST use the git distributed revision control system.
+- The project MUST be hosted on github.com or equivalent, herein called the "Platform".
+- The project MUST use the Platform issue tracker.
   - Non-GitHub example:
     - "Platform" could be a vanilla git repo and Trac hosted on the same machine/network.
     - The Platform issue tracker would be Trac.
 - The project SHOULD have clearly documented guidelines for code style.
 - A "Contributor" is a person who wishes to provide a patch, being a set of commits that solve some clearly identified problem.
 - A "Maintainer" is a person who merges patches to the project. Maintainers are not developers; their job is to enforce process.
-- Contributors SHALL NOT have commit access to the repository unless they are also Maintainers.
-- Maintainers SHALL have commit access to the repository.
-- Everyone, without distinction or discrimination, SHALL have an equal right to become a Contributor under the terms of this contract.
+- Contributors MUST NOT have commit access to the repository unless they are also Maintainers.
+- Maintainers MUST have commit access to the repository.
+- Everyone, without distinction or discrimination, MUST have an equal right to become a Contributor under the terms of this contract.
 
 ### Licensing and ownership
 
-- The project SHALL use a share-alike license, such as BSD-3, the GPLv3 or a variant thereof (LGPL, AGPL), or the MPLv2.
-- All contributions to the project source code ("patches") SHALL use the same license as the project.
-- All patches are owned by their authors. There SHALL NOT be any copyright assignment process.
-- The copyrights in the project SHALL be owned collectively by all its Contributors.
-- Each Contributor SHALL be responsible for identifying themselves in the project Contributor list.
+- The project MUST use a share-alike license, such as BSD-3, the GPLv3 or a variant thereof (LGPL, AGPL), or the MPLv2.
+- All contributions to the project source code ("patches") MUST use the same license as the project.
+- All patches are owned by their authors. There MUST NOT be any copyright assignment process.
+- The copyrights in the project MUST be owned collectively by all its Contributors.
+- Each Contributor MUST be responsible for identifying themselves in the project Contributor list.
 
 ### Patch requirements
 
@@ -115,27 +116,27 @@ C4 is meant to provide a reusable optimal collaboration model for open source so
 - A patch SHOULD be a minimal and accurate answer to exactly one identified and agreed problem.
 - A patch MUST adhere to the code style guidelines of the project if these are defined.
 - A patch MUST adhere to the "Evolution of Public Contracts" guidelines defined below.
-- A patch SHALL NOT include non-trivial code from other projects unless the Contributor is the original author of that code.
+- A patch MUST NOT include non-trivial code from other projects unless the Contributor is the original author of that code.
 - A patch MUST compile cleanly and pass project self-tests on at least the principle target platform.
 - A patch commit message SHOULD consist of a single short (less than 50 character) line summarizing the change, optionally followed by a blank line and then a more thorough description.
 - A "Correct Patch" is one that satisfies the above requirements.
 
 ### Development process
 
-- Change on the project SHALL be governed by the pattern of accurately identifying problems and applying minimal, accurate solutions to these problems.
+- Change on the project MUST be governed by the pattern of accurately identifying problems and applying minimal, accurate solutions to these problems.
 - To request changes, a user SHOULD log an issue on the project Platform issue tracker.
 - The user or Contributor SHOULD write the issue by describing the problem they face or observe.
 - The user or Contributor SHOULD seek consensus on the accuracy of their observation, and the value of solving the problem.
-- Users SHALL NOT log feature requests, ideas, or suggestions unrelated to Monero code or Monero's dependency code or Monero's potential/future dependency code or research which successfully implements Monero.
-- Users SHALL NOT log any solutions to problems (verifiable or hypothetical) of which are not explicitly documented and/or not provable and/or cannot be reasonably proven.
-- Thus, the release history of the project SHALL be a list of meaningful issues logged and solved.
-- To work on an issue, a Contributor SHALL fork the project repository and then work on their forked repository.
-- To submit a patch, a Contributor SHALL create a Platform pull request back to the project.
-- A Contributor SHALL NOT commit changes directly to the project.
+- Users MUST NOT log feature requests, ideas, or suggestions unrelated to Monero code or Monero's dependency code or Monero's potential/future dependency code or research which successfully implements Monero.
+- Users MUST NOT log any solutions to problems (verifiable or hypothetical) of which are not explicitly documented and/or not provable and/or cannot be reasonably proven.
+- Thus, the release history of the project MUST be a list of meaningful issues logged and solved.
+- To work on an issue, a Contributor MUST fork the project repository and then work on their forked repository.
+- To submit a patch, a Contributor MUST create a Platform pull request back to the project.
+- A Contributor MUST NOT commit changes directly to the project.
 - To discuss a patch, people MAY comment on the Platform pull request, on the commit, or elsewhere.
-- To accept or reject a patch, a Maintainer SHALL use the Platform interface.
+- To accept or reject a patch, a Maintainer MUST use the Platform interface.
 - Maintainers SHOULD NOT merge their own patches except in exceptional cases, such as non-responsiveness from other Maintainers for an extended period (more than 30 days) or unless urgent as defined by the Monero Maintainers Team.
-- Maintainers SHALL NOT make value judgments on correct patches unless the Maintainer (as may happen in rare circumstances) is a core code developer.
+- Maintainers MUST NOT make value judgments on correct patches unless the Maintainer (as may happen in rare circumstances) is a core code developer.
 - Maintainers MUST NOT merge pull requests in less than 168 hours (1 week) unless deemed urgent by at least 2 people from the Monero Maintainer Team.
 - The Contributor MAY tag an issue as "Ready" after making a pull request for the issue.
 - The user who created an issue SHOULD close the issue after checking the patch is successful.
@@ -145,27 +146,27 @@ C4 is meant to provide a reusable optimal collaboration model for open source so
 
 ### Creating stable releases
 
-- The project SHALL have one branch ("master") that always holds the latest in-progress version and SHOULD always build.
-- The project SHALL NOT use topic branches for any reason. Personal forks MAY use topic branches.
-- To make a stable release someone SHALL fork the repository by copying it and thus become maintainer of this repository.
+- The project MUST have one branch ("master") that always holds the latest in-progress version and SHOULD always build.
+- The project MUST NOT use topic branches for any reason. Personal forks MAY use topic branches.
+- To make a stable release someone MUST fork the repository by copying it and thus become maintainer of this repository.
 - Forking a project for stabilization MAY be done unilaterally and without agreement of project maintainers.
-- A patch to a stabilization project declared "stable" SHALL be accompanied by a reproducible test case.
+- A patch to a stabilization project declared "stable" MUST be accompanied by a reproducible test case.
 
 ### Evolution of public contracts
 
-- All Public Contracts (APIs or protocols) SHALL be documented.
+- All Public Contracts (APIs or protocols) MUST be documented.
 - All Public Contracts SHOULD have space for extensibility and experimentation.
 - A patch that modifies a stable Public Contract SHOULD not break existing applications unless there is overriding consensus on the value of doing this.
 - A patch that introduces new features to a Public Contract SHOULD do so using new names.
 - Old names SHOULD be deprecated in a systematic fashion by marking new names as "experimental" until they are stable, then marking the old names as "deprecated".
 - When sufficient time has passed, old deprecated names SHOULD be marked "legacy" and eventually removed.
-- Old names SHALL NOT be reused by new features.
+- Old names MUST NOT be reused by new features.
 - When old names are removed, their implementations MUST provoke an exception (assertion) if used by applications.
 
 ### Project administration
 
-- The project founders SHALL act as Administrators to manage the set of project Maintainers.
-- The Administrators SHALL ensure their own succession over time by promoting the most effective Maintainers.
-- A new Contributor who makes a correct patch SHALL be invited to become a Maintainer.
+- The project founders MUST act as Administrators to manage the set of project Maintainers.
+- The Administrators MUST ensure their own succession over time by promoting the most effective Maintainers.
+- A new Contributor who makes a correct patch MUST be invited to become a Maintainer.
 - Administrators MAY remove Maintainers who are inactive for an extended period of time, or who repeatedly fail to apply this process accurately.
 - Administrators SHOULD block or ban "bad actors" who cause stress and pain to others in the project. This should be done after public discussion, with a chance for all parties to speak. A bad actor is someone who repeatedly ignores the rules and culture of the project, who is needlessly argumentative or hostile, or who is offensive, and who is unable to self-correct their behavior when asked to do so by others.

Dockerfile

@@ -20,14 +20,18 @@ RUN set -ex && \
         automake \
         bzip2 \
         xsltproc \
-        gperf
+        gperf \
+        unzip
 
 WORKDIR /usr/local
 
+ENV CFLAGS='-fPIC'
+ENV CXXFLAGS='-fPIC'
+
 #Cmake
-ARG CMAKE_VERSION=3.13.0
-ARG CMAKE_VERSION_DOT=v3.13
-ARG CMAKE_HASH=4058b2f1a53c026564e8936698d56c3b352d90df067b195cb749a97a3d273c90 
+ARG CMAKE_VERSION=3.14.0
+ARG CMAKE_VERSION_DOT=v3.14
+ARG CMAKE_HASH=aa76ba67b3c2af1946701f847073f4652af5cbd9f141f221c97af99127e75502
 RUN set -ex \
     && curl -s -O https://cmake.org/files/${CMAKE_VERSION_DOT}/cmake-${CMAKE_VERSION}.tar.gz \
     && echo "${CMAKE_HASH}  cmake-${CMAKE_VERSION}.tar.gz" | sha256sum -c \
@@ -38,41 +42,41 @@ RUN set -ex \
     && make install
 
 ## Boost
-ARG BOOST_VERSION=1_68_0
-ARG BOOST_VERSION_DOT=1.68.0
-ARG BOOST_HASH=7f6130bc3cf65f56a618888ce9d5ea704fa10b462be126ad053e80e553d6d8b7
+ARG BOOST_VERSION=1_69_0
+ARG BOOST_VERSION_DOT=1.69.0
+ARG BOOST_HASH=8f32d4617390d1c2d16f26a27ab60d97807b35440d45891fa340fc2648b04406
 RUN set -ex \
     && curl -s -L -o  boost_${BOOST_VERSION}.tar.bz2 https://dl.bintray.com/boostorg/release/${BOOST_VERSION_DOT}/source/boost_${BOOST_VERSION}.tar.bz2 \
     && echo "${BOOST_HASH}  boost_${BOOST_VERSION}.tar.bz2" | sha256sum -c \
     && tar -xvf boost_${BOOST_VERSION}.tar.bz2 \
     && cd boost_${BOOST_VERSION} \
     && ./bootstrap.sh \
-    && ./b2 --build-type=minimal link=static runtime-link=static --with-chrono --with-date_time --with-filesystem --with-program_options --with-regex --with-serialization --with-system --with-thread --with-locale threading=multi threadapi=pthread cflags="-fPIC" cxxflags="-fPIC" stage
+    && ./b2 --build-type=minimal link=static runtime-link=static --with-chrono --with-date_time --with-filesystem --with-program_options --with-regex --with-serialization --with-system --with-thread --with-locale threading=multi threadapi=pthread cflags="$CFLAGS" cxxflags="$CXXFLAGS" stage
 ENV BOOST_ROOT /usr/local/boost_${BOOST_VERSION}
 
 # OpenSSL
-ARG OPENSSL_VERSION=1.1.0j
-ARG OPENSSL_HASH=31bec6c203ce1a8e93d5994f4ed304c63ccf07676118b6634edded12ad1b3246
+ARG OPENSSL_VERSION=1.1.1b
+ARG OPENSSL_HASH=5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b
 RUN set -ex \
     && curl -s -O https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz \
     && echo "${OPENSSL_HASH}  openssl-${OPENSSL_VERSION}.tar.gz" | sha256sum -c \
     && tar -xzf openssl-${OPENSSL_VERSION}.tar.gz \
     && cd openssl-${OPENSSL_VERSION} \
-    && ./Configure linux-x86_64 no-shared --static -fPIC \
+    && ./Configure linux-x86_64 no-shared --static "$CFLAGS" \
     && make build_generated \
     && make libcrypto.a \
     && make install
 ENV OPENSSL_ROOT_DIR=/usr/local/openssl-${OPENSSL_VERSION}
 
 # ZMQ
-ARG ZMQ_VERSION=v4.2.5
-ARG ZMQ_HASH=d062edd8c142384792955796329baf1e5a3377cd
+ARG ZMQ_VERSION=v4.3.1
+ARG ZMQ_HASH=2cb1240db64ce1ea299e00474c646a2453a8435b
 RUN set -ex \
     && git clone https://github.com/zeromq/libzmq.git -b ${ZMQ_VERSION} \
     && cd libzmq \
     && test `git rev-parse HEAD` = ${ZMQ_HASH} || exit 1 \
     && ./autogen.sh \
-    && CFLAGS="-fPIC" CXXFLAGS="-fPIC" ./configure --enable-static --disable-shared \
+    && ./configure --enable-static --disable-shared \
     && make \
     && make install \
     && ldconfig
@@ -87,39 +91,39 @@ RUN set -ex \
     && mv *.hpp /usr/local/include
 
 # Readline
-ARG READLINE_VERSION=7.0
-ARG READLINE_HASH=750d437185286f40a369e1e4f4764eda932b9459b5ec9a731628393dd3d32334
+ARG READLINE_VERSION=8.0
+ARG READLINE_HASH=e339f51971478d369f8a053a330a190781acb9864cf4c541060f12078948e461
 RUN set -ex \
     && curl -s -O https://ftp.gnu.org/gnu/readline/readline-${READLINE_VERSION}.tar.gz \
     && echo "${READLINE_HASH}  readline-${READLINE_VERSION}.tar.gz" | sha256sum -c \
     && tar -xzf readline-${READLINE_VERSION}.tar.gz \
     && cd readline-${READLINE_VERSION} \
-    && CFLAGS="-fPIC" CXXFLAGS="-fPIC" ./configure \
+    && ./configure \
     && make \
     && make install
 
 # Sodium
-ARG SODIUM_VERSION=1.0.16
-ARG SODIUM_HASH=675149b9b8b66ff44152553fb3ebf9858128363d
+ARG SODIUM_VERSION=1.0.17
+ARG SODIUM_HASH=b732443c442239c2e0184820e9b23cca0de0828c
 RUN set -ex \
     && git clone https://github.com/jedisct1/libsodium.git -b ${SODIUM_VERSION} \
     && cd libsodium \
     && test `git rev-parse HEAD` = ${SODIUM_HASH} || exit 1 \
     && ./autogen.sh \
-    && CFLAGS="-fPIC" CXXFLAGS="-fPIC" ./configure \
+    && ./configure \
     && make \
     && make check \
     && make install
 
 # Udev
-ARG UDEV_VERSION=v3.2.6
-ARG UDEV_HASH=0c35b136c08d64064efa55087c54364608e65ed6
+ARG UDEV_VERSION=v3.2.7
+ARG UDEV_HASH=4758e346a14126fc3a964de5831e411c27ebe487
 RUN set -ex \
     && git clone https://github.com/gentoo/eudev -b ${UDEV_VERSION} \
     && cd eudev \
     && test `git rev-parse HEAD` = ${UDEV_HASH} || exit 1 \
     && ./autogen.sh \
-    && CFLAGS="-fPIC" CXXFLAGS="-fPIC" ./configure --disable-gudev --disable-introspection --disable-hwdb --disable-manpages --disable-shared \
+    && ./configure --disable-gudev --disable-introspection --disable-hwdb --disable-manpages --disable-shared \
     && make \
     && make install
 
@@ -131,7 +135,7 @@ RUN set -ex \
     && cd libusb \
     && test `git rev-parse HEAD` = ${USB_HASH} || exit 1 \
     && ./autogen.sh \
-    && CFLAGS="-fPIC" CXXFLAGS="-fPIC" ./configure --disable-shared \
+    && ./configure --disable-shared \
     && make \
     && make install
 
@@ -143,10 +147,24 @@ RUN set -ex \
     && cd hidapi \
     && test `git rev-parse HEAD` = ${HIDAPI_HASH} || exit 1 \
     && ./bootstrap \
-    && CFLAGS="-fPIC" CXXFLAGS="-fPIC" ./configure --enable-static --disable-shared \
+    && ./configure --enable-static --disable-shared \
     && make \
     && make install
 
+# Protobuf
+ARG PROTOBUF_VERSION=v3.7.0
+ARG PROTOBUF_HASH=582743bf40c5d3639a70f98f183914a2c0cd0680
+RUN set -ex \
+    && git clone https://github.com/protocolbuffers/protobuf -b ${PROTOBUF_VERSION} \
+    && cd protobuf \
+    && test `git rev-parse HEAD` = ${PROTOBUF_HASH} || exit 1 \
+    && git submodule update --init --recursive \
+    && ./autogen.sh \
+    && ./configure --enable-static --disable-shared \
+    && make \
+    && make install \
+    && ldconfig
+
 WORKDIR /src
 COPY . .
 
@@ -170,8 +188,14 @@ RUN set -ex && \
     rm -rf /var/lib/apt
 COPY --from=builder /src/build/release/bin /usr/local/bin/
 
+# Create monero user
+RUN adduser --system --group --disabled-password monero && \
+	mkdir -p /wallet /home/monero/.bitmonero && \
+	chown -R monero:monero /home/monero/.bitmonero && \
+	chown -R monero:monero /wallet
+
 # Contains the blockchain
-VOLUME /root/.bitmonero
+VOLUME /home/monero/.bitmonero
 
 # Generate your wallet via accessing the container and run:
 # cd /wallet
@@ -181,5 +205,8 @@ VOLUME /wallet
 EXPOSE 18080
 EXPOSE 18081
 
+# switch to user monero
+USER monero
+
 ENTRYPOINT ["monerod", "--p2p-bind-ip=0.0.0.0", "--p2p-bind-port=18080", "--rpc-bind-ip=0.0.0.0", "--rpc-bind-port=18081", "--non-interactive", "--confirm-external-bind"]
 

LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2014-2018, The Monero Project
+Copyright (c) 2014-2019, The Monero Project
 
 All rights reserved.
 
@@ -29,3 +29,13 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 Parts of the project are originally copyright (c) 2012-2013 The Cryptonote
 developers
+
+Parts of the project are originally copyright (c) 2014 The Boolberry
+developers, distributed under the MIT licence:
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+

Makefile

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 #
 # All rights reserved.
 #
@@ -63,9 +63,13 @@ debug-test:
 	mkdir -p $(builddir)/debug
 	cd $(builddir)/debug && cmake -D BUILD_TESTS=ON -D CMAKE_BUILD_TYPE=Debug $(topdir) &&  $(MAKE) && $(MAKE) ARGS="-E libwallet_api_tests" test
 
+debug-test-trezor:
+	mkdir -p $(builddir)/debug
+	cd $(builddir)/debug && cmake -D BUILD_TESTS=ON -D TREZOR_DEBUG=ON -D CMAKE_BUILD_TYPE=Debug $(topdir) &&  $(MAKE) && $(MAKE) ARGS="-E libwallet_api_tests" test
+
 debug-all:
 	mkdir -p $(builddir)/debug
-	cd $(builddir)/debug && cmake -D BUILD_TESTS=ON -D BUILD_SHARED_LIBS=OFF -D CMAKE_BUILD_TYPE=Debug $(topdir) && $(MAKE)
+	cd $(builddir)/debug && cmake -D BUILD_TESTS=OFF -D BUILD_SHARED_LIBS=OFF -D CMAKE_BUILD_TYPE=Debug $(topdir) && $(MAKE)
 
 debug-static-all:
 	mkdir -p $(builddir)/debug
@@ -81,7 +85,7 @@ debug-static-win32:
  
 cmake-release:
 	mkdir -p $(builddir)/release
-	cd $(builddir)/release && cmake -D CMAKE_BUILD_TYPE=Release $(topdir)
+	cd $(builddir)/release && cmake -D BUILD_TESTS=OFF -D CMAKE_BUILD_TYPE=Release $(topdir)
 
 release: cmake-release
 	cd $(builddir)/release && $(MAKE)
@@ -92,11 +96,11 @@ release-test:
 
 release-all:
 	mkdir -p $(builddir)/release
-	cd $(builddir)/release && cmake -D BUILD_TESTS=ON -D CMAKE_BUILD_TYPE=release $(topdir) && $(MAKE)
+	cd $(builddir)/release && cmake -D BUILD_TESTS=OFF -D CMAKE_BUILD_TYPE=release $(topdir) && $(MAKE)
 
 release-static:
 	mkdir -p $(builddir)/release
-	cd $(builddir)/release && cmake -D STATIC=ON -D ARCH="x86-64" -D BUILD_64=ON -D CMAKE_BUILD_TYPE=release $(topdir) && $(MAKE)
+	cd $(builddir)/release && cmake -D BUILD_TESTS=OFF -D STATIC=ON -D ARCH="x86-64" -D BUILD_64=ON -D CMAKE_BUILD_TYPE=release $(topdir) && $(MAKE)
 
 coverage:
 	mkdir -p $(builddir)/debug

PKGBUILD

@@ -0,0 +1,39 @@
+# Maintainer: wowario <wowario at protonmail dot com>
+# Contributor: wowario <wowario at protonmail dot com>
+
+pkgbase=('wownero-git')
+pkgname=('wownero-git')
+pkgver=0.5.0.2
+pkgrel=1
+pkgdesc="a fairly launched privacy-centric meme coin with no premine and a finite supply"
+license=('custom:Cryptonote')
+arch=('x86_64')
+url="http://wownero.org/"
+depends=('boost-libs' 'zeromq' 'unbound' 'libusb')
+makedepends=('git' 'cmake' 'boost')
+provides=('wownero-git')
+
+source=("${pkgname}"::"git+https://github.com/wownero/wownero")
+
+sha256sums=('SKIP')
+
+pkgver() {
+  cd "${srcdir}/${pkgname}"
+  printf "$(echo ${pkgver} | sed 's/\.r.*//').r%s.g%s" \
+         "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
+}
+
+build() {
+  cd "${srcdir}/${pkgname}"
+  git fetch --tags && git checkout tags/v0.5.0.2 -b v0.5.0.2
+  USE_SINGLE_BUILDDIR=1 make
+}
+
+package_wownero-git() {
+  install -Dm644 "${srcdir}/${pkgname}/LICENSE" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+  install -Dm644 "${srcdir}/${pkgname}/utils/conf/wownerod.conf" "${pkgdir}/etc/wownerod.conf"
+  install -Dm644 "${srcdir}/${pkgname}/utils/systemd/wownerod.service" "${pkgdir}/usr/lib/systemd/system/wownerod.service"
+  install -Dm755 "${srcdir}/${pkgname}/build/release/bin/wownerod" "${pkgdir}/usr/bin/wownerod"
+  install -Dm755 "${srcdir}/${pkgname}/build/release/bin/wownero-wallet-cli" "${pkgdir}/usr/bin/wownero-wallet-cli"
+  install -Dm755 "${srcdir}/${pkgname}/build/release/bin/wownero-wallet-rpc" "${pkgdir}/usr/bin/wownero-wallet-rpc"
+}

README.i18n.md

@@ -15,23 +15,33 @@ You do not need anything from Qt in order to use the final translations.
 
 To update ts files after changing source code:
 
-    ./utils/translations/update-translations.sh
+```bash
+./utils/translations/update-translations.sh
+```
 
 To add a new language, eg Spanish (ISO code es):
 
-    cp translations/monero.ts translations/monero_es.ts
+```bash
+cp translations/monero.ts translations/monero_es.ts
+```
 
 To edit translations for Spanish:
 
-    linguist translations/monero_es.ts
+```bash
+linguist translations/monero_es.ts
+```
 
 To build translations after modifying them:
 
-    ./utils/translations/build-translations.sh
+```bash
+./utils/translations/build-translations.sh
+```
 
 To test a translation:
 
-    LANG=es ./build/release/bin/monero-wallet-cli
+```bash
+LANG=es ./build/release/bin/monero-wallet-cli
+```
 
 To add new translatable strings in the source code:
 
@@ -39,6 +49,8 @@ Use the `tr(string)` function if possible. If the code is in a class, and this c
 
 If you're getting messages of the form:
 
-    Class 'cryptonote::simple_wallet' lacks Q_OBJECT macro
+```
+Class 'cryptonote::simple_wallet' lacks Q_OBJECT macro
+```
 
 all is fine, we don't actually need that here.

README.md

@@ -1,578 +1,106 @@
-# Monero
+# ~~Mo~~Wownero -  Such privacy! Many coins! Wow! 🐕
 
-Copyright (c) 2014-2018 The Monero Project.   
+Copyright (c) 2014-2019 The Monero Project.   
 Portions Copyright (c) 2012-2013 The Cryptonote developers.
 
-## Development resources
+## Resources
 
-- Web: [getmonero.org](https://getmonero.org)
-- Forum: [forum.getmonero.org](https://forum.getmonero.org)
-- Mail: [dev@getmonero.org](mailto:dev@getmonero.org)
-- GitHub: [https://github.com/monero-project/monero](https://github.com/monero-project/monero)
-- IRC: [#monero-dev on Freenode](https://webchat.freenode.net/?randomnick=1&channels=%23monero-dev&prompt=1&uio=d4)
+- Web: [wownero.org](http://wownero.org)
+- Twitter: [@w0wn3r0](https://twitter.com/w0wn3r0)
+- Discord: [discord.gg/sQt74ep](https://discord.gg/sQt74ep)
+- Reddit: [/r/wownero](https://www.reddit.com/r/wownero)
+- Mail: [wownero@protonmail.com](mailto:wownero@protonmail.com)
+- GitHub: [https://github.com/wownero/wownero](https://github.com/wownero/wownero)
+- IRC: [#wownero on Freenode](https://kiwiirc.com/client/irc.freenode.net/?nick=suchchatter|?#wownero)
+- Bitmessage Chan: wownero (`BM-2cSzWtrj2pzLva9GF1Jp2TYsnLjrnJpvba`)
+- Network stats: [https://freeboard.io/board/c8mM2c](https://freeboard.io/board/c8mM2c)
+- Wownero Funding System: [https://funding.wownero.com](https://funding.wownero.com)
+- Keybase Chat Group: [https://keybase.io/team/wownero](https://keybase.io/team/wownero)
 
-## Vulnerability response
-
-- Our [Vulnerability Response Process](https://github.com/monero-project/meta/blob/master/VULNERABILITY_RESPONSE_PROCESS.md) encourages responsible disclosure
-- We are also available via [HackerOne](https://hackerone.com/monero)
-
-## Research
-
-The [Monero Research Lab](https://src.getmonero.org/resources/research-lab/) is an open forum where the community coordinates research into Monero cryptography, protocols, fungibility, analysis, and more. We welcome collaboration and contributions from outside researchers! Because not all Lab work and publications are distributed as traditional preprints or articles, they may be easy to miss if you are conducting literature reviews for your own Monero research. You are encouraged to get in touch with our researchers if you have questions, wish to collaborate, or would like guidance to help avoid unnecessarily duplicating earlier or known work.
-
-Our researchers are available on IRC in [#monero-research-lab on Freenode](https://webchat.freenode.net/?randomnick=1&channels=%23monero-research-lab&prompt=1&uio=d4) or by email:
-
-- Sarang Noether, Ph.D.: [sarang@getmonero.org](mailto:sarang@getmonero.org) or [sarang.noether@protonmail.com](mailto:sarang.noether@protonmail.com); [research repository](https://github.com/SarangNoether/research-lab)
-- Surae Noether (Brandon Goodell), Ph.D.: [surae@getmonero.org](mailto:surae@getmonero.org) or [surae.noether@protonmail.com](mailto:surae.noether@protonmail.com); [research repository](https://github.com/b-g-goodell/research-lab)
-
-## Announcements
-
-- You can subscribe to an [announcement listserv](https://lists.getmonero.org) to get critical announcements from the Monero core team. The announcement list can be very helpful for knowing when software updates are needed.
-
-## Build
-
-### IMPORTANT 
-
-These builds are of the master branch, which is used for active development and can be either unstable or incompatible with release software. Please compile release branches.
-
-| Operating System      | Processor | Status |
-| --------------------- | -------- |--------|
-| Ubuntu 16.04          |  i686    | [![Ubuntu 16.04 i686](https://build.getmonero.org/png?builder=monero-static-ubuntu-i686)](https://build.getmonero.org/builders/monero-static-ubuntu-i686)
-| Ubuntu 16.04          |  amd64   | [![Ubuntu 16.04 amd64](https://build.getmonero.org/png?builder=monero-static-ubuntu-amd64)](https://build.getmonero.org/builders/monero-static-ubuntu-amd64)
-| Ubuntu 16.04          |  armv7   | [![Ubuntu 16.04 armv7](https://build.getmonero.org/png?builder=monero-static-ubuntu-arm7)](https://build.getmonero.org/builders/monero-static-ubuntu-arm7)
-| Debian Stable         |  armv8   | [![Debian armv8](https://build.getmonero.org/png?builder=monero-static-debian-armv8)](https://build.getmonero.org/builders/monero-static-debian-armv8)
-| OSX 10.11             |  amd64   | [![OSX 10.11 amd64](https://build.getmonero.org/png?builder=monero-static-osx-10.11)](https://build.getmonero.org/builders/monero-static-osx-10.11)
-| OSX 10.12             |  amd64   | [![OSX 10.12 amd64](https://build.getmonero.org/png?builder=monero-static-osx-10.12)](https://build.getmonero.org/builders/monero-static-osx-10.12)
-| OSX 10.13             |  amd64   | [![OSX 10.13 amd64](https://build.getmonero.org/png?builder=monero-static-osx-10.13)](https://build.getmonero.org/builders/monero-static-osx-10.13)
-| FreeBSD 11            |  amd64   | [![FreeBSD 11 amd64](https://build.getmonero.org/png?builder=monero-static-freebsd64)](https://build.getmonero.org/builders/monero-static-freebsd64)
-| DragonFly BSD 4.6     |  amd64   | [![DragonFly BSD amd64](https://build.getmonero.org/png?builder=monero-static-dragonflybsd-amd64)](https://build.getmonero.org/builders/monero-static-dragonflybsd-amd64)
-| Windows (MSYS2/MinGW) |  i686    | [![Windows (MSYS2/MinGW) i686](https://build.getmonero.org/png?builder=monero-static-win32)](https://build.getmonero.org/builders/monero-static-win32)
-| Windows (MSYS2/MinGW) |  amd64   | [![Windows (MSYS2/MinGW) amd64](https://build.getmonero.org/png?builder=monero-static-win64)](https://build.getmonero.org/builders/monero-static-win64)
-
-## Coverage
-
-| Type      | Status |
-|-----------|--------|
-| Coverity  | [![Coverity Status](https://scan.coverity.com/projects/9657/badge.svg)](https://scan.coverity.com/projects/9657/)
-| Coveralls | [![Coveralls Status](https://coveralls.io/repos/github/monero-project/monero/badge.svg?branch=master)](https://coveralls.io/github/monero-project/monero?branch=master)
-| License   | [![License](https://img.shields.io/badge/license-BSD3-blue.svg)](https://opensource.org/licenses/BSD-3-Clause)
+Blockchain Explorers
+- https://explore.wownero.com
+- https://explorer.wowkira.com
+- http://explorer.wowne.ro
+- http://wow4edxxxudchgj7.onion
+- http://wow5eqtzqvsg5jctqzg5g7uk3u62sfqiacj5x6lo4by7bvnj6jkvubyd.onion
 
 ## Introduction
 
-Monero is a private, secure, untraceable, decentralised digital currency. You are your bank, you control your funds, and nobody can trace your transfers unless you allow them to do so.
-
-**Privacy:** Monero uses a cryptographically sound system to allow you to send and receive funds without your transactions being easily revealed on the blockchain (the ledger of transactions that everyone has). This ensures that your purchases, receipts, and all transfers remain absolutely private by default.
-
-**Security:** Using the power of a distributed peer-to-peer consensus network, every transaction on the network is cryptographically secured. Individual wallets have a 25 word mnemonic seed that is only displayed once, and can be written down to backup the wallet. Wallet files are encrypted with a passphrase to ensure they are useless if stolen.
-
-**Untraceability:** By taking advantage of ring signatures, a special property of a certain type of cryptography, Monero is able to ensure that transactions are not only untraceable, but have an optional measure of ambiguity that ensures that transactions cannot easily be tied back to an individual user or computer.
-
-## About this project
-
-This is the core implementation of Monero. It is open source and completely free to use without restrictions, except for those specified in the license agreement below. There are no restrictions on anyone creating an alternative implementation of Monero that uses the protocol and network in a compatible manner.
-
-As with many development projects, the repository on Github is considered to be the "staging" area for the latest changes. Before changes are merged into that branch on the main repository, they are tested by individual developers in their own branches, submitted as a pull request, and then subsequently tested by contributors who focus on testing and code reviews. That having been said, the repository should be carefully considered before using it in a production environment, unless there is a patch in the repository for a particular show-stopping issue you are experiencing. It is generally a better idea to use a tagged release for stability.
-
-**Anyone is welcome to contribute to Monero's codebase!** If you have a fix or code change, feel free to submit it as a pull request directly to the "master" branch. In cases where the change is relatively small or does not affect other parts of the codebase it may be merged in immediately by any one of the collaborators. On the other hand, if the change is particularly large or complex, it is expected that it will be discussed at length either well in advance of the pull request being submitted, or even directly on the pull request.
-
-## Supporting the project
-
-Monero is a 100% community-sponsored endeavor. If you want to join our efforts, the easiest thing you can do is support the project financially. Both Monero and Bitcoin donations can be made to **donate.getmonero.org** if using a client that supports the [OpenAlias](https://openalias.org) standard. Alternatively you can send XMR to the Monero donation address via the `donate` command (type `help` in the command-line wallet for details).
-
-The Monero donation address is: `44AFFq5kSiGBoZ4NMDwYtN18obc8AemS33DBLWs3H7otXft3XjrpDtQGv7SqSsaBYBb98uNbr2VBBEt7f2wfn3RVGQBEP3A` (viewkey: `f359631075708155cc3d92a32b75a7d02a5dcf27756707b47a2b31b21c389501`)
-
-The Bitcoin donation address is: `1KTexdemPdxSBcG55heUuTjDRYqbC5ZL8H`
-
-Core development funding and/or some supporting services are also graciously provided by sponsors:
-
-[<img width="80" src="https://static.getmonero.org/images/sponsors/mymonero.png"/>](https://mymonero.com)
-[<img width="150" src="https://static.getmonero.org/images/sponsors/kitware.png?1"/>](https://kitware.com)
-[<img width="100" src="https://static.getmonero.org/images/sponsors/dome9.png"/>](https://dome9.com)
-[<img width="150" src="https://static.getmonero.org/images/sponsors/araxis.png"/>](https://araxis.com)
-[<img width="150" src="https://static.getmonero.org/images/sponsors/jetbrains.png"/>](https://www.jetbrains.com/)
-[<img width="150" src="https://static.getmonero.org/images/sponsors/navicat.png"/>](https://www.navicat.com/)
-[<img width="150" src="https://static.getmonero.org/images/sponsors/symas.png"/>](https://www.symas.com/)
-
-There are also several mining pools that kindly donate a portion of their fees, [a list of them can be found on our Bitcointalk post](https://bitcointalk.org/index.php?topic=583449.0).
-
-## License
-
-See [LICENSE](LICENSE).
-
-## Contributing
-
-If you want to help out, see [CONTRIBUTING](CONTRIBUTING.md) for a set of guidelines.
+Wownero is a privacy-centric memecoin that was fairly launched on April 1, 2018 with no pre-mine, stealth-mine or ICO. Wownero has a maximum supply of around 184 million WOW with a slow and steady emission over 50 years. It is a fork of Monero, but with its own genesis block, so there is no degradation of privacy due to ring signatures using different participants for the same tx outputs on opposing forks.
 
 ## Scheduled software upgrades
 
-Monero uses a fixed-schedule software upgrade (hard fork) mechanism to implement new features. This means that users of Monero (end users and service providers) should run current versions and upgrade their software on a regular schedule. Software upgrades occur during the months of April and October. The required software for these upgrades will be available prior to the scheduled date. Please check the repository prior to this date for the proper Monero software version. Below is the historical schedule and the projected schedule for the next upgrade.
+Wownero uses a fixed-schedule software upgrade (hard fork) mechanism to implement new features. This means that users of Wownero (end users and service providers) should run current versions and upgrade their software on a regular schedule. The required software for these upgrades will be available prior to the scheduled date. Please check the repository prior to this date for the proper Wownero software version. Below is the historical schedule and the projected schedule for the next upgrade.
 Dates are provided in the format YYYY-MM-DD. 
 
-
-| Software upgrade block height | Date       | Fork version | Minimum Monero version | Recommended Monero version | Details                                                                            |  
+| Software upgrade block height | Date       | Release Name | Minimum Wownero version | Recommended Wownero version | Details                                                                            |  
 | ------------------------------ | -----------| ----------------- | ---------------------- | -------------------------- | ---------------------------------------------------------------------------------- |
-| 1009827                        | 2016-03-22 | v2                | v0.9.4                 | v0.9.4                     | Allow only >= ringsize 3, blocktime = 120 seconds, fee-free blocksize 60 kb       |
-| 1141317                        | 2016-09-21 | v3                | v0.9.4                 | v0.10.0                    | Splits coinbase into denominations  |
-| 1220516                        | 2017-01-05 | v4                | v0.10.1                | v0.10.2.1                  | Allow normal and RingCT transactions |
-| 1288616                        | 2017-04-15 | v5                | v0.10.3.0              | v0.10.3.1                  | Adjusted minimum blocksize and fee algorithm      |
-| 1400000                        | 2017-09-16 | v6                | v0.11.0.0              | v0.11.0.0                  | Allow only RingCT transactions, allow only >= ringsize 5      |
-| 1546000                        | 2018-04-06 | v7                | v0.12.0.0              | v0.12.3.0                  | Cryptonight variant 1, ringsize >= 7, sorted inputs
-| 1685555                        | 2018-10-18 | v8                | v0.13.0.0              | v0.13.0.4                  | max transaction size at half the penalty free block size, bulletproofs enabled, cryptonight variant 2, fixed ringsize [11](https://youtu.be/KOO5S4vxi0o)
-| 1686275                        | 2018-10-19 | v9                | v0.13.0.0              | v0.13.0.4                  | bulletproofs required
-| XXXXXXX                        | 2019-04-XX | XX                | XXXXXXXXX              | XXXXXXXXX                  | X
+| 1                              | 2018-04-01 | Awesome Akita                | v0.1.0.0               | v0.1.0.0                  | Cryptonight variant 1, ringsize >= 8, sorted inputs
+| 6969                           | 2018-04-24 | Busty Brazzers                | v0.2.0.0               | v0.2.0.0                  | Bulletproofs, LWMA difficulty algorithm, ringsize >= 10, reduce unlock to 4
+| 53666                          | 2018-10-06 | Cool Cage                | v0.3.0.0               | v0.3.1.3                  | Cryptonight variant 2, LWMA v2, ringsize = 22, MMS
+| 63469                          | 2018-11-11 | Dank Doge               | v0.4.0.0               | v0.4.0.0                  | LWMA v4
+| 81769                          | 2019-02-19 | Erotic EggplantEmoji    | v0.5.0.0               | v0.5.0.2                  | Cryptonight/wow, LWMA v1 with N=144, Updated Bulletproofs, Fee Per Byte, Auto-churn
+| 114969                          | 2019-06-14 | F For Fappening    | v0.6.0.0               | v0.6.0.0                  | RandomWOW, new block weight algorithm, slightly more efficient RingCT format
 
 X's indicate that these details have not been determined as of commit date.
 
-## Release staging schedule and protocol
+## Release staging and Contributing
 
-Approximately three months prior to a scheduled software upgrade, a branch from Master will be created with the new release version tag. Pull requests that address bugs should then be made to both Master and the new release branch. Pull requests that require extensive review and testing (generally, optimizations and new features) should *not* be made to the release branch. 
+**Anyone is welcome to contribute to Wownero's codebase!** 
 
-## Compiling Monero from source
+If you have a fix or code change, feel free to submit it as a pull request. Ahead of a scheduled software upgrade, a development branch will be created with the new release version tag. Pull requests that address bugs should be made to Master. Pull requests that require review and testing (generally, optimizations and new features) should be made to the development branch. All pull requests will be considered safe until the US dollar valuation of 1 Wownero equals $1000. After this valuation has been reached, more research will be needed to introduce experimental cryptography and/or code into the codebase.  
 
-### Dependencies
-
-The following table summarizes the tools and libraries required to build. A
-few of the libraries are also included in this repository (marked as
-"Vendored"). By default, the build uses the library installed on the system,
-and ignores the vendored sources. However, if no library is found installed on
-the system, then the vendored source will be built and used. The vendored
-sources are also used for statically-linked builds because distribution
-packages often include only shared library binaries (`.so`) but not static
-library archives (`.a`).
-
-| Dep          | Min. version  | Vendored | Debian/Ubuntu pkg  | Arch pkg     | Fedora            | Optional | Purpose        |
-| ------------ | ------------- | -------- | ------------------ | ------------ | ----------------- | -------- | -------------- |
-| GCC          | 4.7.3         | NO       | `build-essential`  | `base-devel` | `gcc`             | NO       |                |
-| CMake        | 3.5           | NO       | `cmake`            | `cmake`      | `cmake`           | NO       |                |
-| pkg-config   | any           | NO       | `pkg-config`       | `base-devel` | `pkgconf`         | NO       |                |
-| Boost        | 1.58          | NO       | `libboost-all-dev` | `boost`      | `boost-devel`     | NO       | C++ libraries  |
-| OpenSSL      | basically any | NO       | `libssl-dev`       | `openssl`    | `openssl-devel`   | NO       | sha256 sum     |
-| libzmq       | 3.0.0         | NO       | `libzmq3-dev`      | `zeromq`     | `cppzmq-devel`    | NO       | ZeroMQ library |
-| OpenPGM      | ?             | NO       | `libpgm-dev`       | `libpgm`     | `openpgm-devel`   | NO       | For ZeroMQ     |
-| libnorm[2]   | ?             | NO       | `libnorm-dev`      |              |               `   | YES      | For ZeroMQ     |
-| libunbound   | 1.4.16        | YES      | `libunbound-dev`   | `unbound`    | `unbound-devel`   | NO       | DNS resolver   |
-| libsodium    | ?             | NO       | `libsodium-dev`    | `libsodium`  | `libsodium-devel` | NO       | cryptography   |
-| libunwind    | any           | NO       | `libunwind8-dev`   | `libunwind`  | `libunwind-devel` | YES      | Stack traces   |
-| liblzma      | any           | NO       | `liblzma-dev`      | `xz`         | `xz-devel`        | YES      | For libunwind  |
-| libreadline  | 6.3.0         | NO       | `libreadline6-dev` | `readline`   | `readline-devel`  | YES      | Input editing  |
-| ldns         | 1.6.17        | NO       | `libldns-dev`      | `ldns`       | `ldns-devel`      | YES      | SSL toolkit    |
-| expat        | 1.1           | NO       | `libexpat1-dev`    | `expat`      | `expat-devel`     | YES      | XML parsing    |
-| GTest        | 1.5           | YES      | `libgtest-dev`[1]  | `gtest`      | `gtest-devel`     | YES      | Test suite     |
-| Doxygen      | any           | NO       | `doxygen`          | `doxygen`    | `doxygen`         | YES      | Documentation  |
-| Graphviz     | any           | NO       | `graphviz`         | `graphviz`   | `graphviz`        | YES      | Documentation  |
-
-
-[1] On Debian/Ubuntu `libgtest-dev` only includes sources and headers. You must
-build the library binary manually. This can be done with the following command ```sudo apt-get install libgtest-dev && cd /usr/src/gtest && sudo cmake . && sudo make && sudo mv libg* /usr/lib/ ```
-[2] libnorm-dev is needed if your zmq library was built with libnorm, and not needed otherwise
-
-Debian / Ubuntu one liner for all dependencies  
-``` sudo apt update && sudo apt install build-essential cmake pkg-config libboost-all-dev libssl-dev libzmq3-dev libunbound-dev libsodium-dev libunwind8-dev liblzma-dev libreadline6-dev libldns-dev libexpat1-dev doxygen graphviz libpgm-dev```
-
-### Cloning the repository
-
-Clone recursively to pull-in needed submodule(s):
-
-`$ git clone --recursive https://github.com/monero-project/monero`
-
-If you already have a repo cloned, initialize and update:
-
-`$ cd monero && git submodule init && git submodule update`
-
-### Build instructions
-
-Monero uses the CMake build system and a top-level [Makefile](Makefile) that
-invokes cmake commands as needed.
-
-#### On Linux and OS X
-
-* Install the dependencies
-* Change to the root of the source code directory, change to the most recent release branch, and build:
-
-        cd monero
-        git checkout v0.13.0.4
-        make
-
-    *Optional*: If your machine has several cores and enough memory, enable
-    parallel build by running `make -j<number of threads>` instead of `make`. For
-    this to be worthwhile, the machine should have one core and about 2GB of RAM
-    available per thread.
-
-    *Note*: If cmake can not find zmq.hpp file on OS X, installing `zmq.hpp` from
-    https://github.com/zeromq/cppzmq to `/usr/local/include` should fix that error.
-    
-    *Note*: The instructions above will compile the most stable release of the
-    Monero software. If you would like to use and test the most recent software,
-    use ```git checkout master```. The master branch may contain updates that are
-    both unstable and incompatible with release software, though testing is always 
-    encouraged. 
-
-* The resulting executables can be found in `build/release/bin`
-
-* Add `PATH="$PATH:$HOME/monero/build/release/bin"` to `.profile`
-
-* Run Monero with `monerod --detach`
-
-* **Optional**: build and run the test suite to verify the binaries:
-
-        make release-test
-
-    *NOTE*: `core_tests` test may take a few hours to complete.
-
-* **Optional**: to build binaries suitable for debugging:
-
-         make debug
-
-* **Optional**: to build statically-linked binaries:
-
-         make release-static
-
-Dependencies need to be built with -fPIC. Static libraries usually aren't, so you may have to build them yourself with -fPIC. Refer to their documentation for how to build them.
-
-* **Optional**: build documentation in `doc/html` (omit `HAVE_DOT=YES` if `graphviz` is not installed):
-
-        HAVE_DOT=YES doxygen Doxyfile
-
-#### On the Raspberry Pi
-
-Tested on a Raspberry Pi Zero with a clean install of minimal Raspbian Stretch (2017-09-07 or later) from https://www.raspberrypi.org/downloads/raspbian/. If you are using Raspian Jessie, [please see note in the following section](#note-for-raspbian-jessie-users). 
-
-* `apt-get update && apt-get upgrade` to install all of the latest software
-
-* Install the dependencies for Monero from the 'Debian' column in the table above.
-
-* Increase the system swap size:
-```	
-	sudo /etc/init.d/dphys-swapfile stop  
-	sudo nano /etc/dphys-swapfile  
-	CONF_SWAPSIZE=2048
-	sudo /etc/init.d/dphys-swapfile start  
-```
-* If using an external hard disk without an external power supply, ensure it gets enough power to avoid hardware issues when syncing, by adding the line "max_usb_current=1" to /boot/config.txt
-
-* Clone monero and checkout most recent release version:
-```
-        git clone https://github.com/monero-project/monero.git
-	cd monero
-	git checkout tags/v0.13.0.4
-```
-* Build:
-```
-        make release
-```
-* Wait 4-6 hours
-
-* The resulting executables can be found in `build/release/bin`
-
-* Add `PATH="$PATH:$HOME/monero/build/release/bin"` to `.profile`
-
-* Run Monero with `monerod --detach`
-
-* You may wish to reduce the size of the swap file after the build has finished, and delete the boost directory from your home directory
-
-#### *Note for Raspbian Jessie users:*
-
-If you are using the older Raspbian Jessie image, compiling Monero is a bit more complicated. The version of Boost available in the Debian Jessie repositories is too old to use with Monero, and thus you must compile a newer version yourself. The following explains the extra steps, and has been tested on a Raspberry Pi 2 with a clean install of minimal Raspbian Jessie.
-
-* As before, `apt-get update && apt-get upgrade` to install all of the latest software, and increase the system swap size
-
-```	
-	sudo /etc/init.d/dphys-swapfile stop  
-	sudo nano /etc/dphys-swapfile  
-	CONF_SWAPSIZE=2048  
-	sudo /etc/init.d/dphys-swapfile start  
-```
-
-* Then, install the dependencies for Monero except `libunwind` and `libboost-all-dev`
-
-* Install the latest version of boost (this may first require invoking `apt-get remove --purge libboost*` to remove a previous version if you're not using a clean install):
-```
-	cd  
-	wget https://sourceforge.net/projects/boost/files/boost/1.64.0/boost_1_64_0.tar.bz2  
-	tar xvfo boost_1_64_0.tar.bz2  
-	cd boost_1_64_0  
-	./bootstrap.sh  
-	sudo ./b2  
-```
-* Wait ~8 hours
-```
-	sudo ./bjam cxxflags=-fPIC cflags=-fPIC -a install
-```
-* Wait ~4 hours
-
-* From here, follow the [general Raspberry Pi instructions](#on-the-raspberry-pi) from the "Clone monero and checkout most recent release version" step.
-
-#### On Windows:
-
-Binaries for Windows are built on Windows using the MinGW toolchain within
-[MSYS2 environment](https://www.msys2.org). The MSYS2 environment emulates a
-POSIX system. The toolchain runs within the environment and *cross-compiles*
-binaries that can run outside of the environment as a regular Windows
-application.
-
-**Preparing the build environment**
-
-* Download and install the [MSYS2 installer](https://www.msys2.org), either the 64-bit or the 32-bit package, depending on your system.
-* Open the MSYS shell via the `MSYS2 Shell` shortcut
-* Update packages using pacman:  
-
-        pacman -Syuu  
-
-* Exit the MSYS shell using Alt+F4  
-* Edit the properties for the `MSYS2 Shell` shortcut changing "msys2_shell.bat" to "msys2_shell.cmd -mingw64" for 64-bit builds or "msys2_shell.cmd -mingw32" for 32-bit builds
-* Restart MSYS shell via modified shortcut and update packages again using pacman:  
-
-        pacman -Syuu  
-
-
-* Install dependencies:
-
-    To build for 64-bit Windows:
-
-        pacman -S mingw-w64-x86_64-toolchain make mingw-w64-x86_64-cmake mingw-w64-x86_64-boost mingw-w64-x86_64-openssl mingw-w64-x86_64-zeromq mingw-w64-x86_64-libsodium mingw-w64-x86_64-hidapi
-
-    To build for 32-bit Windows:
- 
-        pacman -S mingw-w64-i686-toolchain make mingw-w64-i686-cmake mingw-w64-i686-boost mingw-w64-i686-openssl mingw-w64-i686-zeromq mingw-w64-i686-libsodium mingw-w64-i686-hidapi
-
-* Open the MingW shell via `MinGW-w64-Win64 Shell` shortcut on 64-bit Windows
-  or `MinGW-w64-Win64 Shell` shortcut on 32-bit Windows. Note that if you are
-  running 64-bit Windows, you will have both 64-bit and 32-bit MinGW shells.
-
-**Cloning**
-
-* To git clone, run:
-
-        git clone --recursive https://github.com/monero-project/monero.git
-
-**Building**
-
-* Change to the cloned directory, run:
-	
-        cd monero
-
-* If you would like a specific [version/tag](https://github.com/monero-project/monero/tags), do a git checkout for that version. eg. 'v0.13.0.0'. If you dont care about the version and just want binaries from master, skip this step:
-	
-        git checkout v0.13.0.4
-
-* If you are on a 64-bit system, run:
-
-        make release-static-win64
-
-* If you are on a 32-bit system, run:
-
-        make release-static-win32
-
-* The resulting executables can be found in `build/release/bin`
-
-* **Optional**: to build Windows binaries suitable for debugging on a 64-bit system, run:
-
-        make debug-static-win64
-	
-* **Optional**: to build Windows binaries suitable for debugging on a 32-bit system, run:
-
-        make debug-static-win32
-
-* The resulting executables can be found in `build/debug/bin`
-
-### On FreeBSD:
-
-The project can be built from scratch by following instructions for Linux above. If you are running monero in a jail you need to add the flag: `allow.sysvipc=1` to your jail configuration, otherwise lmdb will throw the error message: `Failed to open lmdb environment: Function not implemented`.
-
-We expect to add Monero into the ports tree in the near future, which will aid in managing installations using ports or packages.
-
-### On OpenBSD:
-
-#### OpenBSD < 6.2
-
-This has been tested on OpenBSD 5.8.
-
-You will need to add a few packages to your system. `pkg_add db cmake gcc gcc-libs g++ gtest`.
-
-The doxygen and graphviz packages are optional and require the xbase set.
-
-The Boost package has a bug that will prevent librpc.a from building correctly. In order to fix this, you will have to Build boost yourself from scratch. Follow the directions here (under "Building Boost"):
-https://github.com/bitcoin/bitcoin/blob/master/doc/build-openbsd.md
-
-You will have to add the serialization, date_time, and regex modules to Boost when building as they are needed by Monero.
-
-To build: `env CC=egcc CXX=eg++ CPP=ecpp DEVELOPER_LOCAL_TOOLS=1 BOOST_ROOT=/path/to/the/boost/you/built make release-static-64`
-
-#### OpenBSD >= 6.2
-
-You will need to add a few packages to your system. `pkg_add cmake zeromq libiconv`.
-
-The doxygen and graphviz packages are optional and require the xbase set.
-
-
-Build the Boost library using clang. This guide is derived from: https://github.com/bitcoin/bitcoin/blob/master/doc/build-openbsd.md
-
-We assume you are compiling with a non-root user and you have `doas` enabled.
-
-Note: do not use the boost package provided by OpenBSD, as we are installing boost to `/usr/local`.
-
-```
-# Create boost building directory
-mkdir ~/boost
-cd ~/boost
-
-# Fetch boost source
-ftp -o boost_1_64_0.tar.bz2 https://netcologne.dl.sourceforge.net/project/boost/boost/1.64.0/boost_1_64_0.tar.bz2 
-
-# MUST output: (SHA256) boost_1_64_0.tar.bz2: OK
-echo "7bcc5caace97baa948931d712ea5f37038dbb1c5d89b43ad4def4ed7cb683332 boost_1_64_0.tar.bz2" | sha256 -c
-tar xfj boost_1_64_0.tar.bz2
-
-# Fetch and apply boost patches, required for OpenBSD
-ftp -o boost_test_impl_execution_monitor_ipp.patch https://raw.githubusercontent.com/openbsd/ports/bee9e6df517077a7269ff0dfd57995f5c6a10379/devel/boost/patches/patch-boost_test_impl_execution_monitor_ipp
-ftp -o boost_config_platform_bsd_hpp.patch https://raw.githubusercontent.com/openbsd/ports/90658284fb786f5a60dd9d6e8d14500c167bdaa0/devel/boost/patches/patch-boost_config_platform_bsd_hpp
-
-# MUST output: (SHA256) boost_config_platform_bsd_hpp.patch: OK
-echo "1f5e59d1154f16ee1e0cc169395f30d5e7d22a5bd9f86358f738b0ccaea5e51d boost_config_platform_bsd_hpp.patch" | sha256 -c
-# MUST output: (SHA256) boost_test_impl_execution_monitor_ipp.patch: OK
-echo "30cec182a1437d40c3e0bd9a866ab5ddc1400a56185b7e671bb3782634ed0206 boost_test_impl_execution_monitor_ipp.patch" | sha256 -c
-
-cd boost_1_64_0
-patch -p0 < ../boost_test_impl_execution_monitor_ipp.patch
-patch -p0 < ../boost_config_platform_bsd_hpp.patch
-
-# Start building boost
-echo 'using clang : : c++ : <cxxflags>"-fvisibility=hidden -fPIC" <linkflags>"" <archiver>"ar" <striper>"strip"  <ranlib>"ranlib" <rc>"" : ;' > user-config.jam
-./bootstrap.sh --without-icu --with-libraries=chrono,filesystem,program_options,system,thread,test,date_time,regex,serialization,locale --with-toolset=clang
-./b2 toolset=clang cxxflags="-stdlib=libc++" linkflags="-stdlib=libc++" -sICONV_PATH=/usr/local
-doas ./b2 -d0 runtime-link=shared threadapi=pthread threading=multi link=static variant=release --layout=tagged --build-type=complete --user-config=user-config.jam -sNO_BZIP2=1 -sICONV_PATH=/usr/local --prefix=/usr/local install
-```
-
-Build cppzmq
-
-Build the cppzmq bindings.
-
-We assume you are compiling with a non-root user and you have `doas` enabled.
-
-```
-# Create cppzmq building directory
-mkdir ~/cppzmq
-cd ~/cppzmq
-
-# Fetch cppzmq source
-ftp -o cppzmq-4.2.3.tar.gz https://github.com/zeromq/cppzmq/archive/v4.2.3.tar.gz
-
-# MUST output: (SHA256) cppzmq-4.2.3.tar.gz: OK
-echo "3e6b57bf49115f4ae893b1ff7848ead7267013087dc7be1ab27636a97144d373 cppzmq-4.2.3.tar.gz" | sha256 -c
-tar xfz cppzmq-4.2.3.tar.gz
-
-# Start building cppzmq
-cd cppzmq-4.2.3
-mkdir build
-cd build
-cmake ..
-doas make install
-```
-
-Build monero: `env DEVELOPER_LOCAL_TOOLS=1 BOOST_ROOT=/usr/local make release-static`
-
-### On Solaris:
-
-The default Solaris linker can't be used, you have to install GNU ld, then run cmake manually with the path to your copy of GNU ld:
-
-        mkdir -p build/release
-        cd build/release
-        cmake -DCMAKE_LINKER=/path/to/ld -D CMAKE_BUILD_TYPE=Release ../..
-        cd ../..
-
-Then you can run make as usual.
-
-### On Linux for Android (using docker):
-
-        # Build image (for ARM 32-bit)
-        docker build -f utils/build_scripts/android32.Dockerfile -t monero-android .
-        # Build image (for ARM 64-bit)
-        docker build -f utils/build_scripts/android64.Dockerfile -t monero-android .
-        # Create container
-        docker create -it --name monero-android monero-android bash
-        # Get binaries
-        docker cp monero-android:/src/build/release/bin .
-
-### Building portable statically linked binaries
-
-By default, in either dynamically or statically linked builds, binaries target the specific host processor on which the build happens and are not portable to other processors. Portable binaries can be built using the following targets:
-
-* ```make release-static-linux-x86_64``` builds binaries on Linux on x86_64 portable across POSIX systems on x86_64 processors
-* ```make release-static-linux-i686``` builds binaries on Linux on x86_64 or i686 portable across POSIX systems on i686 processors
-* ```make release-static-linux-armv8``` builds binaries on Linux portable across POSIX systems on armv8 processors
-* ```make release-static-linux-armv7``` builds binaries on Linux portable across POSIX systems on armv7 processors
-* ```make release-static-linux-armv6``` builds binaries on Linux portable across POSIX systems on armv6 processors
-* ```make release-static-win64``` builds binaries on 64-bit Windows portable across 64-bit Windows systems
-* ```make release-static-win32``` builds binaries on 64-bit or 32-bit Windows portable across 32-bit Windows systems
-
-### Cross Compiling
-
-You can also cross-compile static binaries on Linux for Windows and macOS with the `depends` system.
-
-* ```make depends target=x86_64-linux-gnu``` for 64-bit linux binaries.
-* ```make depends target=x86_64-w64-mingw32``` for 64-bit windows binaries. Requires: python3 g++-mingw-w64-x86-64 wine1.6 bc
-* ```make depends target=x86_64-apple-darwin11``` for macOS binaries. Requires: cmake imagemagick libcap-dev librsvg2-bin libz-dev libbz2-dev libtiff-tools python-dev
-* ```make depends target=i686-linux-gnu``` for 32-bit linux binaries. Requires: g++-multilib bc
-* ```make depends target=i686-w64-mingw32``` for 32-bit windows binaries. Requires: python3 g++-mingw-w64-i686
-* ```make depends target=arm-linux-gnueabihf``` for armv7 binaries. Requires: g++-arm-linux-gnueabihf
-* ```make depends target=aarch64-linux-gnu``` for armv8 binaries. Requires: g++-aarch64-linux-gnu
-
-The required packages are the names for each toolchain on apt. Depending on your distro, they may have different names.
-
-Using `depends` might also be easier to compile Monero on Windows than using MSYS. Activate Windows Subsystem for Linux (WSL) with a distro (for example Ubuntu), install the apt build-essentials and follow the `depends` steps as depicted above.
-
-## Installing Monero from a package
-
-**DISCLAIMER: These packages are not part of this repository or maintained by this project's contributors, and as such, do not go through the same review process to ensure their trustworthiness and security.**
+## Installing from a package
 
 Packages are available for
 
-* Ubuntu and [snap supported](https://snapcraft.io/docs/core/install) systems, via a community contributed build.
+* Arch Linux/Manjaro
 
-	snap install monero --beta
+        yay -S wownero-git
 
-Installing a snap is very quick. Snaps are secure. They are isolated with all of their dependencies. Snaps also auto update when a new version is released.
+* NixOS
 
-* Arch Linux (via [AUR](https://aur.archlinux.org/)):
-  - Stable release: [`monero`](https://aur.archlinux.org/packages/monero)
-  - Bleeding edge: [`monero-git`](https://aur.archlinux.org/packages/monero-git)
+        nix-shell -p altcoins.wownero
 
-* Void Linux:
+* Ubuntu 18.04/Ubuntu 16.04/Debian 9/Debian 8 (amd64)
 
-        xbps-install -S monero
-
-* GuixSD
-
-        guix package -i monero
-
-* Docker
-
-        # Build using all available cores
-        docker build -t monero .
-
-        # or build using a specific number of cores (reduce RAM requirement)
-        docker build --build-arg NPROC=1 -t monero .
-
-        # either run in foreground
-        docker run -it -v /monero/chain:/root/.bitmonero -v /monero/wallet:/wallet -p 18080:18080 monero
-
-        # or in background
-        docker run -it -d -v /monero/chain:/root/.bitmonero -v /monero/wallet:/wallet -p 18080:18080 monero
-
-* The build needs 3 GB space.
-* Wait one  hour or more
+        sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys B09DF0E4B0C56A94
+        sudo add-apt-repository "deb http://ppa.wownero.com/ bionic main"
+        sudo apt-get update
+        sudo apt-get install wownero
 
 Packaging for your favorite distribution would be a welcome contribution!
 
-## Running monerod
+**DISCLAIMER: These packages are not part of this repository, and as such, do not go through the same review process to ensure their trustworthiness and security.**
+
+
+## Building from Source
+
+* Arch Linux/Manjaro
+
+        sudo pacman -Syu && sudo pacman -S base-devel cmake boost openssl zeromq libpgm unbound libsodium git
+        git clone https://github.com/wownero/wownero
+        cd wownero
+        make
+
+
+* Debian/Ubuntu
+
+        sudo apt update && sudo apt install build-essential cmake pkg-config libboost-all-dev libssl-dev libzmq3-dev libunbound-dev libsodium-dev libpgm-dev git
+        git clone https://github.com/wownero/wownero
+        cd wownero
+        make
+
+
+## Running Binaries
 
 The build places the binary in `bin/` sub-directory within the build directory
 from which cmake was invoked (repository root by default). To run in
 foreground:
 
-    ./bin/monerod
+    ./bin/wownerod
 
-To list all available options, run `./bin/monerod --help`.  Options can be
+To list all available options, run `./bin/wownerod --help`.  Options can be
 specified either on the command line or in a configuration file passed by the
 `--config-file` argument.  To specify an option in the configuration file, add
 a line with the syntax `argumentname=value`, where `argumentname` is the name
@@ -580,130 +108,39 @@ of the argument without the leading dashes, for example `log-level=1`.
 
 To run in background:
 
-    ./bin/monerod --log-file monerod.log --detach
+    ./bin/wownerod --log-file wownerod.log --detach
 
 To run as a systemd service, copy
-[monerod.service](utils/systemd/monerod.service) to `/etc/systemd/system/` and
-[monerod.conf](utils/conf/monerod.conf) to `/etc/`. The [example
-service](utils/systemd/monerod.service) assumes that the user `monero` exists
+[wownerod.service](utils/systemd/wownerod.service) to `/etc/systemd/system/` and
+[wownerod.conf](utils/conf/wownerod.conf) to `/etc/`. The [example
+service](utils/systemd/wownerod.service) assumes that the user `wownero` exists
 and its home is the data directory specified in the [example
-config](utils/conf/monerod.conf).
+config](utils/conf/wownerod.conf).
 
-If you're on Mac, you may need to add the `--max-concurrency 1` option to
-monero-wallet-cli, and possibly monerod, if you get crashes refreshing.
+Once node is synced to network, run the CLI wallet by entering:
 
-## Internationalization
+    ./bin/wownero-wallet-cli
 
-See [README.i18n.md](README.i18n.md).
+Type `help` in CLI wallet to see standard commands (for advanced options, type `help_advanced`).
 
-## Using Tor
+## Wownero Graphical Wallets
 
-While Monero isn't made to integrate with Tor, it can be used wrapped with torsocks, by
-setting the following configuration parameters and environment variables:
+* [Wownero-Light-Wallet](https://github.com/wownero/Wownero-Light-Wallet)
 
-* `--p2p-bind-ip 127.0.0.1` on the command line or `p2p-bind-ip=127.0.0.1` in
-  monerod.conf to disable listening for connections on external interfaces.
-* `--no-igd` on the command line or `no-igd=1` in monerod.conf to disable IGD
-  (UPnP port forwarding negotiation), which is pointless with Tor.
-* `DNS_PUBLIC=tcp` or `DNS_PUBLIC=tcp://x.x.x.x` where x.x.x.x is the IP of the
-  desired DNS server, for DNS requests to go over TCP, so that they are routed
-  through Tor. When IP is not specified, monerod uses the default list of
-  servers defined in [src/common/dns_utils.cpp](src/common/dns_utils.cpp).
-* `TORSOCKS_ALLOW_INBOUND=1` to tell torsocks to allow monerod to bind to interfaces
-   to accept connections from the wallet. On some Linux systems, torsocks
-   allows binding to localhost by default, so setting this variable is only
-   necessary to allow binding to local LAN/VPN interfaces to allow wallets to
-   connect from remote hosts. On other systems, it may be needed for local wallets
-   as well.
-* Do NOT pass `--detach` when running through torsocks with systemd, (see
-  [utils/systemd/monerod.service](utils/systemd/monerod.service) for details).
-* If you use the wallet with a Tor daemon via the loopback IP (eg, 127.0.0.1:9050),
-  then use `--untrusted-daemon` unless it is your own hidden service.
+![](https://light.wownero.com/wowlight.png)
 
-Example command line to start monerod through Tor:
 
-    DNS_PUBLIC=tcp torsocks monerod --p2p-bind-ip 127.0.0.1 --no-igd
+* [Wownerujo Android Wallet](https://github.com/wownero/wownerujo)
 
-### Using Tor on Tails
+![](https://fossdroid.com/images/screenshots/com.wownero.wownerujo/wownerujo-1.png)
+![](https://fossdroid.com/images/screenshots/com.wownero.wownerujo/wownerujo-2.png)
 
-TAILS ships with a very restrictive set of firewall rules. Therefore, you need
-to add a rule to allow this connection too, in addition to telling torsocks to
-allow inbound connections. Full example:
+## Donating to Wownero Project
 
-    sudo iptables -I OUTPUT 2 -p tcp -d 127.0.0.1 -m tcp --dport 18081 -j ACCEPT
-    DNS_PUBLIC=tcp torsocks ./monerod --p2p-bind-ip 127.0.0.1 --no-igd --rpc-bind-ip 127.0.0.1 \
-        --data-dir /home/amnesia/Persistent/your/directory/to/the/blockchain
+Developers are volunteers doing this mostly for shits and giggles. If you would like to support our shenanigans and stimulant addictions, please consider donating to [WFS proposals](https://funding.wownero.com/proposals) or the [dev slush fund](https://funding.wownero.com/donate).
 
-## Debugging
+Donations may also be sent to: 
 
-This section contains general instructions for debugging failed installs or problems encountered with Monero. First ensure you are running the latest version built from the Github repo.
+XMR: `44SQVPGLufPasUcuUQSZiF5c9BFzjcP8ucDxzzFDgLf1VkCEFaidJ3u2AhSKMhPLKA3jc2iS8wQHFcaigM6fXmo6AnFRn5B`
 
-### Obtaining stack traces and core dumps on Unix systems
-
-We generally use the tool `gdb` (GNU debugger) to provide stack trace functionality, and `ulimit` to provide core dumps in builds which crash or segfault.
-
-* To use gdb in order to obtain a stack trace for a build that has stalled:
-
-Run the build.
-
-Once it stalls, enter the following command:
-
-```
-gdb /path/to/monerod `pidof monerod` 
-```
-
-Type `thread apply all bt` within gdb in order to obtain the stack trace
-
-* If however the core dumps or segfaults:
-
-Enter `ulimit -c unlimited` on the command line to enable unlimited filesizes for core dumps
-
-Enter `echo core | sudo tee /proc/sys/kernel/core_pattern` to stop cores from being hijacked by other tools
-
-Run the build.
-
-When it terminates with an output along the lines of "Segmentation fault (core dumped)", there should be a core dump file in the same directory as monerod. It may be named just `core`, or `core.xxxx` with numbers appended.
-
-You can now analyse this core dump with `gdb` as follows:
-
-`gdb /path/to/monerod /path/to/dumpfile`
-
-Print the stack trace with `bt`
-
-* To run monero within gdb:
-
-Type `gdb /path/to/monerod`
-
-Pass command-line options with `--args` followed by the relevant arguments
-
-Type `run` to run monerod
-
-### Analysing memory corruption
-
-There are two tools available:
-
-* ASAN
-
-Configure Monero with the -D SANITIZE=ON cmake flag, eg:
-
-    cd build/debug && cmake -D SANITIZE=ON -D CMAKE_BUILD_TYPE=Debug ../..
-
-You can then run the monero tools normally. Performance will typically halve.
-
-* valgrind
-
-Install valgrind and run as `valgrind /path/to/monerod`. It will be very slow.
-
-### LMDB
-
-Instructions for debugging suspected blockchain corruption as per @HYC
-
-There is an `mdb_stat` command in the LMDB source that can print statistics about the database but it's not routinely built. This can be built with the following command:
-
-`cd ~/monero/external/db_drivers/liblmdb && make`
-
-The output of `mdb_stat -ea <path to blockchain dir>` will indicate inconsistencies in the blocks, block_heights and block_info table.
-
-The output of `mdb_dump -s blocks <path to blockchain dir>` and `mdb_dump -s block_info <path to blockchain dir>` is useful for indicating whether blocks and block_info contain the same keys.
-
-These records are dumped as hex data, where the first line is the key and the second line is the data.
+BTC: `bc1qcw9zglp3fxyl25zswemw7jczlqryms2lsmu464`

cmake/32-bit-toolchain.cmake

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 # 
 # All rights reserved.
 # 

cmake/64-bit-toolchain.cmake

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 # 
 # All rights reserved.
 # 

cmake/CheckTrezor.cmake

@@ -1,16 +1,68 @@
 OPTION(USE_DEVICE_TREZOR "Trezor support compilation" ON)
 OPTION(USE_DEVICE_TREZOR_LIBUSB "Trezor LibUSB compilation" ON)
 OPTION(USE_DEVICE_TREZOR_UDP_RELEASE "Trezor UdpTransport in release mode" OFF)
+OPTION(USE_DEVICE_TREZOR_DEBUG "Trezor Debugging enabled" OFF)
+OPTION(TREZOR_DEBUG "Main trezor debugging switch" OFF)
+
+# Helper function to fix cmake < 3.6.0 FindProtobuf variables
+function(_trezor_protobuf_fix_vars)
+    if(${CMAKE_VERSION} VERSION_LESS "3.6.0")
+        foreach(UPPER
+                PROTOBUF_SRC_ROOT_FOLDER
+                PROTOBUF_IMPORT_DIRS
+                PROTOBUF_DEBUG
+                PROTOBUF_LIBRARY
+                PROTOBUF_PROTOC_LIBRARY
+                PROTOBUF_INCLUDE_DIR
+                PROTOBUF_PROTOC_EXECUTABLE
+                PROTOBUF_LIBRARY_DEBUG
+                PROTOBUF_PROTOC_LIBRARY_DEBUG
+                PROTOBUF_LITE_LIBRARY
+                PROTOBUF_LITE_LIBRARY_DEBUG
+                )
+            if (DEFINED ${UPPER})
+                string(REPLACE "PROTOBUF_" "Protobuf_" Camel ${UPPER})
+                if (NOT DEFINED ${Camel})
+                    set(${Camel} ${${UPPER}} PARENT_SCOPE)
+                endif()
+            endif()
+        endforeach()
+    endif()
+endfunction()
 
 # Use Trezor master switch
 if (USE_DEVICE_TREZOR)
     # Protobuf is required to build protobuf messages for Trezor
     include(FindProtobuf OPTIONAL)
     find_package(Protobuf)
-    if(NOT Protobuf_FOUND)
+    _trezor_protobuf_fix_vars()
+
+    # Protobuf handling the cache variables set in docker.
+    if(NOT Protobuf_FOUND AND NOT Protobuf_LIBRARY AND NOT Protobuf_PROTOC_EXECUTABLE AND NOT Protobuf_INCLUDE_DIR)
         message(STATUS "Could not find Protobuf")
+    elseif(NOT Protobuf_LIBRARY OR NOT EXISTS "${Protobuf_LIBRARY}")
+        message(STATUS "Protobuf library not found: ${Protobuf_LIBRARY}")
+        unset(Protobuf_FOUND)
+    elseif(NOT Protobuf_PROTOC_EXECUTABLE OR NOT EXISTS "${Protobuf_PROTOC_EXECUTABLE}")
+        message(STATUS "Protobuf executable not found: ${Protobuf_PROTOC_EXECUTABLE}")
+        unset(Protobuf_FOUND)
+    elseif(NOT Protobuf_INCLUDE_DIR OR NOT EXISTS "${Protobuf_INCLUDE_DIR}")
+        message(STATUS "Protobuf include dir not found: ${Protobuf_INCLUDE_DIR}")
+        unset(Protobuf_FOUND)
+    else()
+        message(STATUS "Protobuf lib: ${Protobuf_LIBRARY}, inc: ${Protobuf_INCLUDE_DIR}, protoc: ${Protobuf_PROTOC_EXECUTABLE}")
+        set(Protobuf_INCLUDE_DIRS ${Protobuf_INCLUDE_DIR})
+        set(Protobuf_FOUND 1)  # override found if all rquired info was provided by variables
     endif()
 
+    if(TREZOR_DEBUG)
+        set(USE_DEVICE_TREZOR_DEBUG 1)
+    endif()
+
+    # Compile debugging support (for tests)
+    if (USE_DEVICE_TREZOR_DEBUG)
+        add_definitions(-DWITH_TREZOR_DEBUGGING=1)
+    endif()
 else()
     message(STATUS "Trezor support disabled by USE_DEVICE_TREZOR")
 endif()
@@ -37,19 +89,48 @@ if(Protobuf_FOUND AND USE_DEVICE_TREZOR)
     endif()
 endif()
 
-# Try to build protobuf messages
+# Protobuf compilation test
 if(Protobuf_FOUND AND USE_DEVICE_TREZOR AND TREZOR_PYTHON)
-    set(ENV{PROTOBUF_INCLUDE_DIRS} "${Protobuf_INCLUDE_DIRS}")
+    execute_process(COMMAND ${Protobuf_PROTOC_EXECUTABLE} -I "${CMAKE_SOURCE_DIR}/cmake" -I "${Protobuf_INCLUDE_DIR}" "${CMAKE_SOURCE_DIR}/cmake/test-protobuf.proto" --cpp_out ${CMAKE_BINARY_DIR} RESULT_VARIABLE RET OUTPUT_VARIABLE OUT ERROR_VARIABLE ERR)
+    if(RET)
+        message(STATUS "Protobuf test generation failed: ${OUT} ${ERR}")
+    endif()
+
+    try_compile(Protobuf_COMPILE_TEST_PASSED
+        "${CMAKE_BINARY_DIR}"
+        SOURCES
+        "${CMAKE_BINARY_DIR}/test-protobuf.pb.cc"
+        "${CMAKE_SOURCE_DIR}/cmake/test-protobuf.cpp"
+        CMAKE_FLAGS
+        "-DINCLUDE_DIRECTORIES=${Protobuf_INCLUDE_DIR};${CMAKE_BINARY_DIR}"
+        "-DCMAKE_CXX_STANDARD=11"
+        LINK_LIBRARIES ${Protobuf_LIBRARY}
+        OUTPUT_VARIABLE OUTPUT
+    )
+    if(NOT Protobuf_COMPILE_TEST_PASSED)
+        message(STATUS "Protobuf Compilation test failed: ${OUTPUT}.")
+    endif()
+endif()
+
+# Try to build protobuf messages
+if(Protobuf_FOUND AND USE_DEVICE_TREZOR AND TREZOR_PYTHON AND Protobuf_COMPILE_TEST_PASSED)
+    set(ENV{PROTOBUF_INCLUDE_DIRS} "${Protobuf_INCLUDE_DIR}")
     set(ENV{PROTOBUF_PROTOC_EXECUTABLE} "${Protobuf_PROTOC_EXECUTABLE}")
-    execute_process(COMMAND ${TREZOR_PYTHON} tools/build_protob.py WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR}/../src/device_trezor/trezor RESULT_VARIABLE RET OUTPUT_VARIABLE OUT ERROR_VARIABLE ERR)
+    set(TREZOR_PROTOBUF_PARAMS "")
+    if (USE_DEVICE_TREZOR_DEBUG)
+        set(TREZOR_PROTOBUF_PARAMS "--debug")
+    endif()
+    
+    execute_process(COMMAND ${TREZOR_PYTHON} tools/build_protob.py ${TREZOR_PROTOBUF_PARAMS} WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR}/../src/device_trezor/trezor RESULT_VARIABLE RET OUTPUT_VARIABLE OUT ERROR_VARIABLE ERR)
     if(RET)
         message(WARNING "Trezor protobuf messages could not be regenerated (err=${RET}, python ${PYTHON})."
                 "OUT: ${OUT}, ERR: ${ERR}."
                 "Please read src/device_trezor/trezor/tools/README.md")
     else()
-        message(STATUS "Trezor protobuf messages regenerated ${OUT}")
+        message(STATUS "Trezor protobuf messages regenerated out: \"${OUT}.\"")
         set(DEVICE_TREZOR_READY 1)
         add_definitions(-DDEVICE_TREZOR_READY=1)
+        add_definitions(-DPROTOBUF_INLINE_NOT_IN_HEADERS=0)
 
         if(CMAKE_BUILD_TYPE STREQUAL "Debug")
             add_definitions(-DTREZOR_DEBUG=1)
@@ -75,5 +156,26 @@ if(Protobuf_FOUND AND USE_DEVICE_TREZOR AND TREZOR_PYTHON)
                 include_directories(${LibUSB_INCLUDE_DIRS})
             endif()
         endif()
+
+        set(TREZOR_LIBUSB_LIBRARIES "")
+        if(LibUSB_COMPILE_TEST_PASSED)
+            list(APPEND TREZOR_LIBUSB_LIBRARIES ${LibUSB_LIBRARIES})
+            message(STATUS "Trezor compatible LibUSB found at: ${LibUSB_INCLUDE_DIRS}")
+        endif()
+
+        if (BUILD_GUI_DEPS)
+            set(TREZOR_DEP_LIBS "")
+            set(TREZOR_DEP_LINKER "")
+
+            if (Protobuf_LIBRARY)
+                list(APPEND TREZOR_DEP_LIBS ${Protobuf_LIBRARY})
+                string(APPEND TREZOR_DEP_LINKER " -lprotobuf")
+            endif()
+
+            if (TREZOR_LIBUSB_LIBRARIES)
+                list(APPEND TREZOR_DEP_LIBS ${TREZOR_LIBUSB_LIBRARIES})
+                string(APPEND TREZOR_DEP_LINKER " -lusb-1.0")
+            endif()
+        endif()
     endif()
 endif()

cmake/FindBacktrace.cmake

@@ -0,0 +1,98 @@
+# Distributed under the OSI-approved BSD 3-Clause License.  See accompanying
+# file Copyright.txt or https://cmake.org/licensing for details.
+
+#.rst:
+# FindBacktrace
+# -------------
+#
+# Find provider for backtrace(3).
+#
+# Checks if OS supports backtrace(3) via either libc or custom library.
+# This module defines the following variables:
+#
+# ``Backtrace_HEADER``
+#   The header file needed for backtrace(3). Cached.
+#   Could be forcibly set by user.
+# ``Backtrace_INCLUDE_DIRS``
+#   The include directories needed to use backtrace(3) header.
+# ``Backtrace_LIBRARIES``
+#   The libraries (linker flags) needed to use backtrace(3), if any.
+# ``Backtrace_FOUND``
+#   Is set if and only if backtrace(3) support detected.
+#
+# The following cache variables are also available to set or use:
+#
+# ``Backtrace_LIBRARY``
+#   The external library providing backtrace, if any.
+# ``Backtrace_INCLUDE_DIR``
+#   The directory holding the backtrace(3) header.
+#
+# Typical usage is to generate of header file using configure_file() with the
+# contents like the following::
+#
+#  #cmakedefine01 Backtrace_FOUND
+#  #if Backtrace_FOUND
+#  # include <${Backtrace_HEADER}>
+#  #endif
+#
+# And then reference that generated header file in actual source.
+
+include(CMakePushCheckState)
+include(CheckSymbolExists)
+include(FindPackageHandleStandardArgs)
+
+# List of variables to be provided to find_package_handle_standard_args()
+set(_Backtrace_STD_ARGS Backtrace_INCLUDE_DIR)
+
+if(Backtrace_HEADER)
+  set(_Backtrace_HEADER_TRY "${Backtrace_HEADER}")
+else(Backtrace_HEADER)
+  set(_Backtrace_HEADER_TRY "execinfo.h")
+endif(Backtrace_HEADER)
+
+find_path(Backtrace_INCLUDE_DIR "${_Backtrace_HEADER_TRY}")
+set(Backtrace_INCLUDE_DIRS ${Backtrace_INCLUDE_DIR})
+
+if (NOT DEFINED Backtrace_LIBRARY)
+  # First, check if we already have backtrace(), e.g., in libc
+  cmake_push_check_state(RESET)
+  set(CMAKE_REQUIRED_INCLUDES ${Backtrace_INCLUDE_DIRS})
+  set(CMAKE_REQUIRED_QUIET ${Backtrace_FIND_QUIETLY})
+  check_symbol_exists("backtrace" "${_Backtrace_HEADER_TRY}" _Backtrace_SYM_FOUND)
+  cmake_pop_check_state()
+endif()
+
+if(_Backtrace_SYM_FOUND)
+  # Avoid repeating the message() call below each time CMake is run.
+  if(NOT Backtrace_FIND_QUIETLY AND NOT DEFINED Backtrace_LIBRARY)
+    message(STATUS "backtrace facility detected in default set of libraries")
+  endif()
+  set(Backtrace_LIBRARY "" CACHE FILEPATH "Library providing backtrace(3), empty for default set of libraries")
+else()
+  # Check for external library, for non-glibc systems
+  if(Backtrace_INCLUDE_DIR)
+    # OpenBSD has libbacktrace renamed to libexecinfo
+    find_library(Backtrace_LIBRARY "execinfo")
+  elseif()     # respect user wishes
+    set(_Backtrace_HEADER_TRY "backtrace.h")
+    find_path(Backtrace_INCLUDE_DIR ${_Backtrace_HEADER_TRY})
+    find_library(Backtrace_LIBRARY "backtrace")
+  endif()
+
+  # Prepend list with library path as it's more common practice
+  set(_Backtrace_STD_ARGS Backtrace_LIBRARY ${_Backtrace_STD_ARGS})
+endif()
+
+message(STATUS "Backtrace_LIBRARY: ${Backtrace_LIBRARY}")
+if(Backtrace_LIBRARY STREQUAL "NOTFOUND")
+  set(Backtrace_LIBRARY "")
+endif()
+if(Backtrace_LIBRARY STREQUAL "Backtrace_LIBRARY-NOTFOUND")
+  set(Backtrace_LIBRARY "")
+endif()
+
+set(Backtrace_LIBRARIES ${Backtrace_LIBRARY})
+set(Backtrace_HEADER "${_Backtrace_HEADER_TRY}" CACHE STRING "Header providing backtrace(3) facility")
+
+find_package_handle_standard_args(Backtrace FOUND_VAR Backtrace_FOUND REQUIRED_VARS ${_Backtrace_STD_ARGS})
+mark_as_advanced(Backtrace_HEADER Backtrace_INCLUDE_DIR Backtrace_LIBRARY)

cmake/FindLibUSB.cmake

@@ -99,9 +99,18 @@ if ( LibUSB_FOUND )
     check_library_exists ( "${LibUSB_LIBRARIES}" libusb_get_device_list "" LibUSB_VERSION_1.0 )
     check_library_exists ( "${LibUSB_LIBRARIES}" libusb_get_port_numbers "" LibUSB_VERSION_1.0.16 )
 
+    if((STATIC AND UNIX AND NOT APPLE) OR (DEPENDS AND CMAKE_SYSTEM_NAME STREQUAL "Linux"))
+        find_library(LIBUDEV_LIBRARY udev)
+        if(LIBUDEV_LIBRARY)
+            set(LibUSB_LIBRARIES "${LibUSB_LIBRARIES};${LIBUDEV_LIBRARY}")
+        else()
+            message(WARNING "libudev library not found, binaries may fail to link.")
+        endif()
+    endif()
+
     # Library 1.0.16+ compilation test.
     # The check_library_exists does not work well on Apple with shared libs.
-    if (APPLE OR LibUSB_VERSION_1.0.16)
+    if (APPLE OR LibUSB_VERSION_1.0.16 OR STATIC)
         if (APPLE)
             if(DEPENDS)
                 list(APPEND TEST_COMPILE_EXTRA_LIBRARIES "-framework Foundation -framework IOKit")

cmake/FindUnbound.cmake

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 # All rights reserved.
 # 
 # Redistribution and use in source and binary forms, with or without modification, are

cmake/GenVersion.cmake

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 # 
 # All rights reserved.
 # 

cmake/Version.cmake

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 # 
 # All rights reserved.
 # 

cmake/test-libusb-version.c

@@ -1,4 +1,4 @@
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 // 
 // All rights reserved.
 // 

cmake/test-protobuf.cpp

@@ -0,0 +1,43 @@
+// Copyright (c) 2014-2019, The Monero Project
+// 
+// All rights reserved.
+// 
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+// 
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+// 
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+// 
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+// 
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#include <string>
+#include <iostream>
+#include <google/protobuf/message.h>
+#include <google/protobuf/unknown_field_set.h>
+#include "test-protobuf.pb.h"
+
+int main(int argc, char *argv[]) {
+  google::protobuf::UnknownFieldSet ufs;
+  ufs.ClearAndFreeMemory();
+
+  Success sc;
+  sc.set_message("test");
+  sc.SerializeToOstream(&std::cerr);
+  return 0;
+}

cmake/test-protobuf.proto

@@ -0,0 +1,7 @@
+syntax = "proto2";
+
+import "google/protobuf/descriptor.proto";
+
+message Success {
+    optional string message = 1;
+}

cmake/test-static-assert.c

@@ -1,4 +1,4 @@
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 // 
 // All rights reserved.
 // 

cmake/test-static-assert.cpp

@@ -1,4 +1,4 @@
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 // 
 // All rights reserved.
 // 

contrib/CMakeLists.txt

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 # 
 # All rights reserved.
 # 
@@ -26,10 +26,5 @@
 # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 # THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-# warnings are cleared only for GCC on Linux
-if (NOT (MINGW OR APPLE OR FREEBSD OR OPENBSD OR DRAGONFLY))
-  add_compile_options("${WARNINGS_AS_ERRORS_FLAG}") # applies only to targets that follow
-endif()
-
 add_subdirectory(epee)
 

contrib/brew/Brewfile

@@ -0,0 +1,34 @@
+# Brewfile for Monero
+# A homebrew Brewfile installs all required dependencies in one shot
+# see https://coderwall.com/p/afmnbq/homebrew-s-new-feature-brewfiles
+#     https://github.com/Homebrew/homebrew-bundle
+# execute brew bundle in the directory containing the Brewfile
+
+tap "homebrew/bundle"
+tap "homebrew/cask"
+tap "homebrew/cask-versions"
+tap "homebrew/core"
+
+brew "autoconf"
+brew "autogen"
+brew "automake"
+brew "binutils"
+brew "coreutils"
+brew "cmake"
+brew "pkg-config"
+brew "boost"
+brew "openssl"
+brew "hidapi"
+brew "zmq"
+brew "libpgm"
+brew "unbound"
+brew "libsodium"
+brew "miniupnpc"
+brew "readline"
+brew "ldns"
+brew "expat"
+brew "doxygen"
+brew "graphviz"
+brew "libunwind-headers"
+brew "xz"
+brew "protobuf"

contrib/depends/Makefile

@@ -3,9 +3,6 @@
 SOURCES_PATH ?= $(BASEDIR)/sources
 BASE_CACHE ?= $(BASEDIR)/built
 SDK_PATH ?= $(BASEDIR)/SDKs
-NO_QT ?=
-NO_WALLET ?=
-NO_UPNP ?=
 FALLBACK_DOWNLOAD_PATH ?= https://bitcoincore.org/depends-sources
 
 BUILD = $(shell ./config.guess)
@@ -25,9 +22,16 @@ host_toolchain:=$(HOST)-
 endif
 
 ifneq ($(DEBUG),)
-release_type=debug
+release_type=Debug
 else
-release_type=release
+release_type=Release
+endif
+
+ifneq ($(TESTS),)
+build_tests=ON
+release_type=Debug
+else
+build_tests=OFF
 endif
 
 base_build_dir=$(BASEDIR)/work/build
@@ -97,17 +101,10 @@ $(host_arch)_$(host_os)_id_string+=$(shell $(host_CXX) --version 2>/dev/null)
 $(host_arch)_$(host_os)_id_string+=$(shell $(host_RANLIB) --version 2>/dev/null)
 $(host_arch)_$(host_os)_id_string+=$(shell $(host_STRIP) --version 2>/dev/null)
 
-qt_packages_$(NO_QT) = $(qt_packages) $(qt_$(host_os)_packages) $(qt_$(host_arch)_$(host_os)_packages)
-wallet_packages_$(NO_WALLET) = $(wallet_packages)
-upnp_packages_$(NO_UPNP) = $(upnp_packages)
-
-packages += $($(host_arch)_$(host_os)_packages) $($(host_os)_packages) $(qt_packages_) $(wallet_packages_) $(upnp_packages_)
+qt_packages_$(NO_QT) = $(qt_packages) 
+packages += $($(host_arch)_$(host_os)_packages) $($(host_os)_packages) $(qt_packages_)
 native_packages += $($(host_arch)_$(host_os)_native_packages) $($(host_os)_native_packages)
 
-ifneq ($(qt_packages_),)
-native_packages += $(qt_native_packages)
-endif
-
 all_packages = $(packages) $(native_packages)
 
 meta_depends = Makefile funcs.mk builders/default.mk hosts/default.mk hosts/$(host_os).mk builders/$(build_os).mk
@@ -153,9 +150,6 @@ $(host_prefix)/share/config.site : config.site.in $(host_prefix)/.stamp_$(final_
             -e 's|@CPPFLAGS@|$(strip $(host_CPPFLAGS) $(host_$(release_type)_CPPFLAGS))|' \
             -e 's|@LDFLAGS@|$(strip $(host_LDFLAGS) $(host_$(release_type)_LDFLAGS))|' \
             -e 's|@allow_host_packages@|$(ALLOW_HOST_PACKAGES)|' \
-            -e 's|@no_qt@|$(NO_QT)|' \
-            -e 's|@no_wallet@|$(NO_WALLET)|' \
-            -e 's|@no_upnp@|$(NO_UPNP)|' \
             -e 's|@debug@|$(DEBUG)|' \
             $< > $@
 	$(AT)touch $@
@@ -176,10 +170,9 @@ $(host_prefix)/share/toolchain.cmake : toolchain.cmake.in $(host_prefix)/.stamp_
             -e 's|@CPPFLAGS@|$(strip $(host_CPPFLAGS) $(host_$(release_type)_CPPFLAGS))|' \
             -e 's|@LDFLAGS@|$(strip $(host_LDFLAGS) $(host_$(release_type)_LDFLAGS))|' \
             -e 's|@allow_host_packages@|$(ALLOW_HOST_PACKAGES)|' \
-            -e 's|@no_qt@|$(NO_QT)|' \
-            -e 's|@no_wallet@|$(NO_WALLET)|' \
-            -e 's|@no_upnp@|$(NO_UPNP)|' \
             -e 's|@debug@|$(DEBUG)|' \
+            -e 's|@release_type@|$(release_type)|' \
+            -e 's|@build_tests@|$(build_tests)|' \
             -e 's|@depends@|$(host_cmake)|' \
             -e 's|@prefix@|$($(host_arch)_$(host_os)_prefix)|'\
             -e 's|@sdk@|$(SDK_PATH)|'\

contrib/depends/README.md

@@ -2,21 +2,29 @@
 
 To build dependencies for the current arch+OS:
 
-    make
+```bash
+make
+```
 
 To build for another arch/OS:
 
-    make HOST=host-platform-triplet
+```bash
+make HOST=host-platform-triplet
+```
 
 For example:
 
-    make HOST=x86_64-w64-mingw32 -j4
+```bash
+make HOST=x86_64-w64-mingw32 -j4
+```
 
-A prefix will be generated that's suitable for plugging into Bitcoin's
-configure. In the above example, a dir named x86_64-w64-mingw32 will be
-created. To use it for Bitcoin:
+A toolchain will be generated that's suitable for plugging into Monero's
+cmake. In the above example, a dir named x86_64-w64-mingw32 will be
+created. To use it for Monero:
 
-    ./configure --prefix=`pwd`/depends/x86_64-w64-mingw32
+```bash
+cmake -DCMAKE_TOOLCHAIN=`pwd`/contrib/depends/x86_64-w64-mingw32
+```
 
 Common `host-platform-triplets` for cross compilation are:
 
@@ -31,26 +39,24 @@ No other options are needed, the paths are automatically configured.
 Dependency Options:
 The following can be set when running make: make FOO=bar
 
-    SOURCES_PATH: downloaded sources will be placed here
-    BASE_CACHE: built packages will be placed here
-    SDK_PATH: Path where sdk's can be found (used by OSX)
-    FALLBACK_DOWNLOAD_PATH: If a source file can't be fetched, try here before giving up
-    NO_QT: Don't download/build/cache qt and its dependencies
-    NO_WALLET: Don't download/build/cache libs needed to enable the wallet
-    NO_UPNP: Don't download/build/cache packages needed for enabling upnp
-    DEBUG: disable some optimizations and enable more runtime checking
-    HOST_ID_SALT: Optional salt to use when generating host package ids
-    BUILD_ID_SALT: Optional salt to use when generating build package ids
-
-If some packages are not built, for example `make NO_WALLET=1`, the appropriate
-options will be passed to bitcoin's configure. In this case, `--disable-wallet`.
+```
+SOURCES_PATH: downloaded sources will be placed here
+BASE_CACHE: built packages will be placed here
+SDK_PATH: Path where sdk's can be found (used by OSX)
+FALLBACK_DOWNLOAD_PATH: If a source file can't be fetched, try here before giving up
+DEBUG: disable some optimizations and enable more runtime checking
+HOST_ID_SALT: Optional salt to use when generating host package ids
+BUILD_ID_SALT: Optional salt to use when generating build package ids
+```
 
 Additional targets:
 
-    download: run 'make download' to fetch all sources without building them
-    download-osx: run 'make download-osx' to fetch all sources needed for osx builds
-    download-win: run 'make download-win' to fetch all sources needed for win builds
-    download-linux: run 'make download-linux' to fetch all sources needed for linux builds
+```
+download: run 'make download' to fetch all sources without building them
+download-osx: run 'make download-osx' to fetch all sources needed for osx builds
+download-win: run 'make download-win' to fetch all sources needed for win builds
+download-linux: run 'make download-linux' to fetch all sources needed for linux builds
+```
 
 #Darwin (macos) builds:
 
@@ -59,6 +65,16 @@ Download it from apple, or search for it on github. Create a new directoty calle
 directory and place the entire MacOSX10.11.sdk folder in it. The depends build will then pick it up automatically
 (without requiring SDK_PATH). 
 
+
+#Mingw builds
+
+Building for 32/64bit mingw requires switching alternatives to a posix mode
+
+```bash
+update-alternatives --set x86_64-w64-mingw32-g++ x86_64-w64-mingw32-g++-posix
+update-alternatives --set x86_64-w64-mingw32-gcc x86_64-w64-mingw32-gcc-posix
+```
+
 ### Other documentation
 
 - [description.md](description.md): General description of the depends system

contrib/depends/config.site.in

@@ -13,25 +13,6 @@ fi
 if test -z $with_qt_translationdir; then
   with_qt_translationdir=$depends_prefix/translations
 fi
-if test -z $with_qt_bindir && test -z "@no_qt@"; then
-  with_qt_bindir=$depends_prefix/native/bin
-fi
-if test -z $with_protoc_bindir && test -z "@no_qt@"; then
-  with_protoc_bindir=$depends_prefix/native/bin
-fi
-
-
-if test -z $enable_wallet && test -n "@no_wallet@"; then
-  enable_wallet=no
-fi
-
-if test -z $with_miniupnpc && test -n "@no_upnp@"; then
-  with_miniupnpc=no
-fi
-
-if test -z $with_gui && test -n "@no_qt@"; then
-  with_gui=no
-fi
 
 if test x@host_os@ = xdarwin; then
   BREW=no

contrib/depends/packages.md

@@ -9,39 +9,43 @@ General tips:
 ## Identifiers
 Each package is required to define at least these variables:
 
-    $(package)_version:
-    Version of the upstream library or program. If there is no version, a
-    placeholder such as 1.0 can be used.
+```
+$(package)_version:
+Version of the upstream library or program. If there is no version, a
+placeholder such as 1.0 can be used.
 
-    $(package)_download_path:
-    Location of the upstream source, without the file-name. Usually http or
-    ftp.
+$(package)_download_path:
+Location of the upstream source, without the file-name. Usually http or
+ftp.
 
-    $(package)_file_name:
-    The upstream source filename available at the download path.
+$(package)_file_name:
+The upstream source filename available at the download path.
 
-    $(package)_sha256_hash:
-    The sha256 hash of the upstream file
+$(package)_sha256_hash:
+The sha256 hash of the upstream file
+```
 
 These variables are optional:
 
-    $(package)_build_subdir:
-    cd to this dir before running configure/build/stage commands.
-    
-    $(package)_download_file:
-    The file-name of the upstream source if it differs from how it should be
-    stored locally. This can be used to avoid storing file-names with strange
-    characters.
-    
-    $(package)_dependencies:
-    Names of any other packages that this one depends on.
-    
-    $(package)_patches:
-    Filenames of any patches needed to build the package
+```
+$(package)_build_subdir:
+cd to this dir before running configure/build/stage commands.
 
-    $(package)_extra_sources:
-    Any extra files that will be fetched via $(package)_fetch_cmds. These are
-    specified so that they can be fetched and verified via 'make download'.
+$(package)_download_file:
+The file-name of the upstream source if it differs from how it should be
+stored locally. This can be used to avoid storing file-names with strange
+characters.
+
+$(package)_dependencies:
+Names of any other packages that this one depends on.
+
+$(package)_patches:
+Filenames of any patches needed to build the package
+
+$(package)_extra_sources:
+Any extra files that will be fetched via $(package)_fetch_cmds. These are
+specified so that they can be fetched and verified via 'make download'.
+```
 
 
 ## Build Variables:
@@ -49,47 +53,55 @@ After defining the main identifiers, build variables may be added or customized
 before running the build commands. They should be added to a function called
 $(package)_set_vars. For example:
 
-    define $(package)_set_vars
-    ...
-    endef
+```
+define $(package)_set_vars
+...
+endef
+```
 
 Most variables can be prefixed with the host, architecture, or both, to make
 the modifications specific to that case. For example:
 
-    Universal:     $(package)_cc=gcc
-    Linux only:    $(package)_linux_cc=gcc
-    x86_64 only:       $(package)_x86_64_cc = gcc
-    x86_64 linux only: $(package)_x86_64_linux_cc = gcc
+```
+Universal:     $(package)_cc=gcc
+Linux only:    $(package)_linux_cc=gcc
+x86_64 only:       $(package)_x86_64_cc = gcc
+x86_64 linux only: $(package)_x86_64_linux_cc = gcc
+```
 
 These variables may be set to override or append their default values.
 
-    $(package)_cc
-    $(package)_cxx
-    $(package)_objc
-    $(package)_objcxx
-    $(package)_ar
-    $(package)_ranlib
-    $(package)_libtool
-    $(package)_nm
-    $(package)_cflags
-    $(package)_cxxflags
-    $(package)_ldflags
-    $(package)_cppflags
-    $(package)_config_env
-    $(package)_build_env
-    $(package)_stage_env
-    $(package)_build_opts
-    $(package)_config_opts
+```
+$(package)_cc
+$(package)_cxx
+$(package)_objc
+$(package)_objcxx
+$(package)_ar
+$(package)_ranlib
+$(package)_libtool
+$(package)_nm
+$(package)_cflags
+$(package)_cxxflags
+$(package)_ldflags
+$(package)_cppflags
+$(package)_config_env
+$(package)_build_env
+$(package)_stage_env
+$(package)_build_opts
+$(package)_config_opts
+```
 
-The *_env variables are used to add environment variables to the respective
+The `*_env` variables are used to add environment variables to the respective
 commands.
 
 Many variables respect a debug/release suffix as well, in order to use them for
 only the appropriate build config. For example:
 
-    $(package)_cflags_release = -O3
-    $(package)_cflags_i686_debug = -g
-    $(package)_config_opts_release = --disable-debug
+```
+$(package)_cflags_release = -O3
+$(package)_cflags_i686_debug = -g
+$(package)_config_opts_release = --disable-debug
+```
 
 These will be used in addition to the options that do not specify
 debug/release. All builds are considered to be release unless DEBUG=1 is set by
@@ -97,51 +109,57 @@ the user. Other variables may be defined as needed.
 
 ## Build commands:
 
-  For each build, a unique build dir and staging dir are created. For example,
-  `work/build/mylib/1.0-1adac830f6e` and `work/staging/mylib/1.0-1adac830f6e`.
+For each build, a unique build dir and staging dir are created. For example,
+`work/build/mylib/1.0-1adac830f6e` and `work/staging/mylib/1.0-1adac830f6e`.
 
-  The following build commands are available for each recipe:
+The following build commands are available for each recipe:
 
-    $(package)_fetch_cmds:
-    Runs from: build dir
-    Fetch the source file. If undefined, it will be fetched and verified
-    against its hash.
+```
+$(package)_fetch_cmds:
+Runs from: build dir
+Fetch the source file. If undefined, it will be fetched and verified
+against its hash.
 
-    $(package)_extract_cmds:
-    Runs from: build dir
-    Verify the source file against its hash and extract it. If undefined, the
-    source is assumed to be a tarball.
+$(package)_extract_cmds:
+Runs from: build dir
+Verify the source file against its hash and extract it. If undefined, the
+source is assumed to be a tarball.
 
-    $(package)_preprocess_cmds:
-    Runs from: build dir/$(package)_build_subdir
-    Preprocess the source as necessary. If undefined, does nothing.
+$(package)_preprocess_cmds:
+Runs from: build dir/$(package)_build_subdir
+Preprocess the source as necessary. If undefined, does nothing.
 
-    $(package)_config_cmds:
-    Runs from: build dir/$(package)_build_subdir
-    Configure the source. If undefined, does nothing.
+$(package)_config_cmds:
+Runs from: build dir/$(package)_build_subdir
+Configure the source. If undefined, does nothing.
 
-    $(package)_build_cmds:
-    Runs from: build dir/$(package)_build_subdir
-    Build the source. If undefined, does nothing.
+$(package)_build_cmds:
+Runs from: build dir/$(package)_build_subdir
+Build the source. If undefined, does nothing.
 
-    $(package)_stage_cmds:
-    Runs from: build dir/$(package)_build_subdir
-    Stage the build results. If undefined, does nothing.
+$(package)_stage_cmds:
+Runs from: build dir/$(package)_build_subdir
+Stage the build results. If undefined, does nothing.
+```
 
-  The following variables are available for each recipe:
-    
-    $(1)_staging_dir: package's destination sysroot path
-    $(1)_staging_prefix_dir: prefix path inside of the package's staging dir
-    $(1)_extract_dir: path to the package's extracted sources
-    $(1)_build_dir: path where configure/build/stage commands will be run
-    $(1)_patch_dir: path where the package's patches (if any) are found
+The following variables are available for each recipe:
+
+```    
+$(1)_staging_dir: package's destination sysroot path
+$(1)_staging_prefix_dir: prefix path inside of the package's staging dir
+$(1)_extract_dir: path to the package's extracted sources
+$(1)_build_dir: path where configure/build/stage commands will be run
+$(1)_patch_dir: path where the package's patches (if any) are found
+```
 
 Notes on build commands:
 
-For packages built with autotools, $($(package)_autoconf) can be used in the
+For packages built with autotools, `$($(package)_autoconf)` can be used in the
 configure step to (usually) correctly configure automatically. Any
-$($(package)_config_opts) will be appended.
+`$($(package)_config_opts`) will be appended.
 
 Most autotools projects can be properly staged using:
 
-    $(MAKE) DESTDIR=$($(package)_staging_dir) install
+```bash
+$(MAKE) DESTDIR=$($(package)_staging_dir) install
+```

contrib/depends/packages/bdb.mk

@@ -1,31 +0,0 @@
-package=bdb
-$(package)_version=4.8.30
-$(package)_download_path=https://download.oracle.com/berkeley-db
-$(package)_file_name=db-$($(package)_version).NC.tar.gz
-$(package)_sha256_hash=12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef
-$(package)_build_subdir=build_unix
-
-define $(package)_set_vars
-$(package)_config_opts=--disable-shared --enable-cxx --disable-replication
-$(package)_config_opts_mingw32=--enable-mingw
-$(package)_config_opts_linux=--with-pic
-$(package)_cxxflags=-std=c++11
-endef
-
-define $(package)_preprocess_cmds
-  sed -i.old 's/__atomic_compare_exchange/__atomic_compare_exchange_db/' dbinc/atomic.h && \
-  sed -i.old 's/atomic_init/atomic_init_db/' dbinc/atomic.h mp/mp_region.c mp/mp_mvcc.c mp/mp_fget.c mutex/mut_method.c mutex/mut_tas.c && \
-  cp -f $(BASEDIR)/config.guess $(BASEDIR)/config.sub dist
-endef
-
-define $(package)_config_cmds
-  ../dist/$($(package)_autoconf)
-endef
-
-define $(package)_build_cmds
-  $(MAKE) libdb_cxx-4.8.a libdb-4.8.a
-endef
-
-define $(package)_stage_cmds
-  $(MAKE) DESTDIR=$($(package)_staging_dir) install_lib install_include
-endef

contrib/depends/packages/boost.mk

@@ -20,7 +20,7 @@ $(package)_archiver_$(host_os)=$($(package)_ar)
 $(package)_toolset_darwin=darwin
 $(package)_archiver_darwin=$($(package)_libtool)
 $(package)_config_libraries=chrono,filesystem,program_options,system,thread,test,date_time,regex,serialization,locale
-$(package)_cxxflags=-std=c++11 -fvisibility=hidden
+$(package)_cxxflags=-std=c++11
 $(package)_cxxflags_linux=-fPIC
 endef
 

contrib/depends/packages/cmake/conf/mxe-conf.cmake.in

@@ -1,67 +0,0 @@
-# This file is part of MXE. See LICENSE.md for licensing information.
-
-# https://cmake.org/cmake/help/latest
-
-# Can't set `cmake_minimum_required` or `cmake_policy` in toolchain
-# since toolchain is read before CMakeLists.txt
-# See `target-cmake.in` for CMAKE_POLICY_DEFAULT_CMPNNNN
-
-# Check if we are using mxe supplied version
-#   - toolchain is included multiple times so set a guard in
-#     environment to suppress duplicate messages
-if(NOT ${CMAKE_COMMAND} STREQUAL @PREFIX@/@BUILD@/bin/cmake AND NOT DEFINED ENV{_MXE_CMAKE_TOOLCHAIN_INCLUDED})
-    message(WARNING "
-** Warning: direct use of toolchain file is deprecated
-** Please use prefixed wrapper script instead:
-     @TARGET@-cmake [options] <path-to-source>
-       - uses mxe supplied cmake version @CMAKE_VERSION@
-       - loads toolchain
-       - loads common run results
-       - sets various policy defaults
-    ")
-    set(ENV{_MXE_CMAKE_TOOLCHAIN_INCLUDED} TRUE)
-endif()
-
-## General configuration
-set(CMAKE_SYSTEM_NAME Windows)
-set(MSYS 1)
-set(CMAKE_EXPORT_NO_PACKAGE_REGISTRY ON)
-# Workaround for https://www.cmake.org/Bug/view.php?id=14075
-set(CMAKE_CROSS_COMPILING ON)
-
-
-## Library config
-set(BUILD_SHARED_LIBS @CMAKE_SHARED_BOOL@ CACHE BOOL "BUILD_SHARED_LIBS" FORCE)
-set(BUILD_STATIC_LIBS @CMAKE_STATIC_BOOL@ CACHE BOOL "BUILD_STATIC_LIBS" FORCE)
-set(BUILD_SHARED @CMAKE_SHARED_BOOL@ CACHE BOOL "BUILD_SHARED" FORCE)
-set(BUILD_STATIC @CMAKE_STATIC_BOOL@ CACHE BOOL "BUILD_STATIC" FORCE)
-set(LIBTYPE @LIBTYPE@)
-
-
-## Paths etc.
-set(CMAKE_FIND_ROOT_PATH @PREFIX@/@TARGET@)
-set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER)
-set(CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY)
-set(CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY)
-set(CMAKE_PREFIX_PATH @PREFIX@/@TARGET@)
-set(CMAKE_INSTALL_PREFIX @PREFIX@/@TARGET@ CACHE PATH "Installation Prefix")
-# For custom mxe FindPackage scripts
-set(CMAKE_MODULE_PATH "@PREFIX@/share/cmake/modules" ${CMAKE_MODULE_PATH})
-
-
-## Programs
-set(CMAKE_C_COMPILER @PREFIX@/bin/@TARGET@-gcc)
-set(CMAKE_CXX_COMPILER @PREFIX@/bin/@TARGET@-g++)
-set(CMAKE_Fortran_COMPILER @PREFIX@/bin/@TARGET@-gfortran)
-set(CMAKE_RC_COMPILER @PREFIX@/bin/@TARGET@-windres)
-# CMAKE_RC_COMPILE_OBJECT is defined in:
-#     <cmake root>/share/cmake-X.Y/Modules/Platform/Windows-windres.cmake
-set(CPACK_NSIS_EXECUTABLE @TARGET@-makensis)
-
-## Individual package configuration
-file(GLOB mxe_cmake_files
-    "@CMAKE_TOOLCHAIN_DIR@/*.cmake"
-)
-foreach(mxe_cmake_file ${mxe_cmake_files})
-    include(${mxe_cmake_file})
-endforeach()

contrib/depends/packages/cmake/conf/target-cmake.in

@@ -1,29 +0,0 @@
-#!/usr/bin/env bash
-echo "== Using MXE wrapper: @PREFIX@/bin/@TARGET@-cmake"
-
-# https://cmake.org/cmake/help/latest/manual/cmake-policies.7.html
-# https://cmake.org/cmake/help/latest/variable/CMAKE_POLICY_DEFAULT_CMPNNNN.html
-POLICIES=(0017,0020)
-
-unset NO_MXE_TOOLCHAIN
-if echo -- "$@" | grep -Ewq "(--build|-E|--system-information)" ; then
-    NO_MXE_TOOLCHAIN=1
-fi
-if [[ "$NO_MXE_TOOLCHAIN" == "1" ]]; then
-    echo "== Skip using MXE toolchain: @CMAKE_TOOLCHAIN_FILE@"
-    # see https://github.com/mxe/mxe/issues/932
-    exec "@PREFIX@/@BUILD@/bin/cmake" "$@"
-else
-    echo "     - cmake version @CMAKE_VERSION@"
-    echo "     - warnings for unused CMAKE_POLICY_DEFAULT variables can be ignored"
-    echo "== Using MXE toolchain: @CMAKE_TOOLCHAIN_FILE@"
-    echo "== Using MXE runresult: @CMAKE_RUNRESULT_FILE@"
-    if ! ( echo "$@" | grep --silent "DCMAKE_BUILD_TYPE" ) ; then
-        echo '== Adding "-DCMAKE_BUILD_TYPE=Release"'
-        set -- "-DCMAKE_BUILD_TYPE=Release" "$@"
-    fi
-    exec "@PREFIX@/@BUILD@/bin/cmake" \
-              -DCMAKE_TOOLCHAIN_FILE="@CMAKE_TOOLCHAIN_FILE@" \
-              `eval echo -DCMAKE_POLICY_DEFAULT_CMP{$POLICIES}=NEW` \
-              -C"@CMAKE_RUNRESULT_FILE@" "$@"
-fi

contrib/depends/packages/cmake/test/CMakeLists.txt

@@ -1,18 +0,0 @@
-# This file is part of MXE. See LICENSE.md for licensing information.
-
-# 2.8.9 is Debian Wheezy version
-cmake_minimum_required(VERSION 2.8.9)
-
-# use default C and CXX languages
-project(mxe)
-
-# see cmake --help-policy <cmp> for details
-cmake_policy(SET CMP0017 NEW)
-if (POLICY CMP0020)
-    cmake_policy(SET CMP0020 NEW)
-endif()
-
-# so we can find pkg-test.cmake files to include
-set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR}/../.. ${CMAKE_MODULE_PATH})
-
-include(${PKG}-test)

contrib/depends/packages/gtest.mk

@@ -0,0 +1,38 @@
+package=gtest
+$(package)_version=1.8.1
+$(package)_download_path=https://github.com/google/googletest/archive/
+$(package)_file_name=release-$($(package)_version).tar.gz
+$(package)_sha256_hash=9bf1fe5182a604b4135edc1a425ae356c9ad15e9b23f9f12a02e80184c3a249c
+$(package)_cxxflags=-std=c++11
+$(package)_cxxflags_linux=-fPIC
+
+define $(package)_config_cmds
+  cd googletest && \
+    CC="$(host_prefix)/native/bin/$($(package)_cc)" \
+    CXX="$(host_prefix)/native/bin/$($(package)_cxx)" \
+    AR="$(host_prefix)/native/bin/$($(package)_ar)" \
+    RANLIB="$(host_prefix)/native/bin/$($(package)_ranlib)" \
+    LIBTOOL="$(host_prefix)/native/bin/$($(package)_libtool)" \
+    CXXFLAGS="$($(package)_cxxflags)" \
+    CCFLAGS="$($(package)_ccflags)" \
+    CPPFLAGS="$($(package)_cppflags)" \
+    CFLAGS="$($(package)_cflags) $($(package)_cppflags)" \
+    LDLAGS="$($(package)_ldflags)" \
+  cmake -DCMAKE_INSTALL_PREFIX=$(build_prefix) \
+    -DTOOLCHAIN_PREFIX=$(host_toolchain) \
+    -DCMAKE_AR="$(host_prefix)/native/bin/$($(package)_ar)" \
+    -DCMAKE_RANLIB="$(host_prefix)/native/bin/$($(package)_ranlib)" \
+    -DCMAKE_CXX_FLAGS_DEBUG=ON
+endef
+# -DCMAKE_TOOLCHAIN_FILE=$(HOST)/share/toolchain.cmake
+
+define $(package)_build_cmds
+  cd googletest && CC="$(host_prefix)/native/bin/$($(package)_cc)" $(MAKE)
+endef
+
+define $(package)_stage_cmds
+  mkdir $($(package)_staging_prefix_dir)/lib $($(package)_staging_prefix_dir)/include &&\
+  cp googletest/libgtest.a $($(package)_staging_prefix_dir)/lib/ &&\
+  cp googletest/libgtest_main.a $($(package)_staging_prefix_dir)/lib/ &&\
+  cp -a googletest/include/* $($(package)_staging_prefix_dir)/include/
+endef

contrib/depends/packages/icu4c.mk

@@ -6,7 +6,7 @@ $(package)_sha256_hash=1f912c54035533fb4268809701d65c7468d00e292efbc31e644490845
 $(package)_patches=icu-001-dont-build-static-dynamic-twice.patch
 
 define $(package)_set_vars
-  $(package)_build_opts=CFLAGS="$($(package)_cflags) $($(package)_cppflags) -DU_USING_ICU_NAMESPACE=0 --std=gnu++0x -DU_STATIC_IMPLEMENTATION -DU_COMBINED_IMPLEMENTATION -fPIC"
+  $(package)_build_opts=CFLAGS="$($(package)_cflags) $($(package)_cppflags) -DU_USING_ICU_NAMESPACE=0 -DU_STATIC_IMPLEMENTATION -DU_COMBINED_IMPLEMENTATION -fPIC -DENABLE_STATIC=YES -DPGKDATA_MODE=static"
 endef
 
 define $(package)_config_cmds
@@ -17,7 +17,7 @@ define $(package)_config_cmds
   sh ../source/runConfigureICU Linux &&\
   make &&\
   cd ../buildb &&\
-  sh ../source/$($(package)_autoconf) --enable-static=yes --enable-shared=yes --disable-layoutex --prefix=$(host_prefix) --with-cross-build=`pwd`/../builda &&\
+  sh ../source/runConfigureICU MinGW --enable-static=yes --disable-shared --disable-layout --disable-layoutex --disable-tests --disable-samples --prefix=$(host_prefix) --with-cross-build=`pwd`/../builda &&\
   $(MAKE) $($(package)_build_opts)
 endef
 

contrib/depends/packages/libevent.mk

@@ -1,30 +0,0 @@
-package=libevent
-$(package)_version=2.1.8-stable
-$(package)_download_path=https://github.com/libevent/libevent/archive/
-$(package)_file_name=release-$($(package)_version).tar.gz
-$(package)_sha256_hash=316ddb401745ac5d222d7c529ef1eada12f58f6376a66c1118eee803cb70f83d
-
-define $(package)_preprocess_cmds
-  ./autogen.sh
-endef
-
-define $(package)_set_vars
-  $(package)_config_opts=--disable-shared --disable-openssl --disable-libevent-regress --disable-samples
-  $(package)_config_opts_release=--disable-debug-mode
-  $(package)_config_opts_linux=--with-pic
-endef
-
-define $(package)_config_cmds
-  $($(package)_autoconf)
-endef
-
-define $(package)_build_cmds
-  $(MAKE)
-endef
-
-define $(package)_stage_cmds
-  $(MAKE) DESTDIR=$($(package)_staging_dir) install
-endef
-
-define $(package)_postprocess_cmds
-endef

contrib/depends/packages/libusb.mk

@@ -11,13 +11,21 @@ endef
 define $(package)_set_vars
   $(package)_config_opts=--disable-shared
   $(package)_config_opts_linux=--with-pic --disable-udev
+  $(package)_config_opts_mingw32=--disable-udev
+  $(package)_config_opts_darwin=--disable-udev
 endef
 
-define $(package)_config_cmds
-  cp -f $(BASEDIR)/config.guess config.guess &&\
-  cp -f $(BASEDIR)/config.sub config.sub &&\
-  $($(package)_autoconf)
-endef
+ifneq ($(host_os),darwin)
+  define $(package)_config_cmds
+    cp -f $(BASEDIR)/config.guess config.guess &&\
+    cp -f $(BASEDIR)/config.sub config.sub &&\
+    $($(package)_autoconf)
+  endef
+else
+  define $(package)_config_cmds
+    $($(package)_autoconf)
+  endef
+endif
 
 define $(package)_build_cmd
   $(MAKE)
@@ -27,5 +35,5 @@ define $(package)_stage_cmds
   $(MAKE) DESTDIR=$($(package)_staging_dir) install
 endef
 
-define $(package)_postprocess_cmds                                                                                                          cp -f lib/libusb-1.0.a lib/libusb.a
+define $(package)_postprocess_cmds  cp -f lib/libusb-1.0.a lib/libusb.a
 endef

contrib/depends/packages/miniupnpc.mk

@@ -1,28 +0,0 @@
-package=miniupnpc
-$(package)_version=2.0.20170509
-$(package)_download_path=http://miniupnp.free.fr/files
-$(package)_file_name=$(package)-$($(package)_version).tar.gz
-$(package)_sha256_hash=d3c368627f5cdfb66d3ebd64ca39ba54d6ff14a61966dbecb8dd296b7039f16a
-
-define $(package)_set_vars
-$(package)_build_opts=CC="$($(package)_cc)"
-$(package)_build_opts_darwin=OS=Darwin LIBTOOL="$($(package)_libtool)"
-$(package)_build_opts_mingw32=-f Makefile.mingw
-$(package)_build_env+=CFLAGS="$($(package)_cflags) $($(package)_cppflags)" AR="$($(package)_ar)"
-endef
-
-define $(package)_preprocess_cmds
-  mkdir dll && \
-  sed -e 's|MINIUPNPC_VERSION_STRING \"version\"|MINIUPNPC_VERSION_STRING \"$($(package)_version)\"|' -e 's|OS/version|$(host)|' miniupnpcstrings.h.in > miniupnpcstrings.h && \
-  sed -i.old "s|miniupnpcstrings.h: miniupnpcstrings.h.in wingenminiupnpcstrings|miniupnpcstrings.h: miniupnpcstrings.h.in|" Makefile.mingw
-endef
-
-define $(package)_build_cmds
-	$(MAKE) libminiupnpc.a $($(package)_build_opts)
-endef
-
-define $(package)_stage_cmds
-	mkdir -p $($(package)_staging_prefix_dir)/include/miniupnpc $($(package)_staging_prefix_dir)/lib &&\
-	install *.h $($(package)_staging_prefix_dir)/include/miniupnpc &&\
-	install libminiupnpc.a $($(package)_staging_prefix_dir)/lib
-endef

contrib/depends/packages/native_cctools.mk

@@ -52,6 +52,7 @@ endef
 
 define $(package)_stage_cmds
   $(MAKE) DESTDIR=$($(package)_staging_dir) install && \
+  cp $($(package)_extract_dir)/cctools/misc/install_name_tool $($(package)_staging_prefix_dir)/bin/ &&\
   cd $($(package)_extract_dir)/toolchain && \
   mkdir -p $($(package)_staging_prefix_dir)/lib/clang/$($(package)_clang_version)/include && \
   mkdir -p $($(package)_staging_prefix_dir)/bin $($(package)_staging_prefix_dir)/include && \

contrib/depends/packages/native_cmake-unused.mk

@@ -0,0 +1,23 @@
+package=native_cmake
+$(package)_version=3.14.0
+$(package)_version_dot=v3.14
+$(package)_download_path=https://cmake.org/files/$($(package)_version_dot)/
+$(package)_file_name=cmake-$($(package)_version).tar.gz
+$(package)_sha256_hash=aa76ba67b3c2af1946701f847073f4652af5cbd9f141f221c97af99127e75502
+
+define $(package)_set_vars
+$(package)_config_opts=
+endef
+
+define $(package)_config_cmds
+  ./bootstrap &&\
+  ./configure $($(package)_config_opts)
+endef
+
+define $(package)_build_cmd
+  $(MAKE)
+endef
+
+define $(package)_stage_cmds
+  $(MAKE) DESTDIR=$($(package)_staging_dir) install
+endef

contrib/depends/packages/native_protobuf.mk

@@ -0,0 +1,27 @@
+package=protobuf3
+$(package)_version=3.6.1
+$(package)_download_path=https://github.com/protocolbuffers/protobuf/releases/download/v$($(package)_version)/
+$(package)_file_name=protobuf-cpp-$($(package)_version).tar.gz
+$(package)_sha256_hash=b3732e471a9bb7950f090fd0457ebd2536a9ba0891b7f3785919c654fe2a2529
+$(package)_cxxflags=-std=c++11
+
+define $(package)_set_vars
+  $(package)_config_opts=--disable-shared --prefix=$(build_prefix)
+  $(package)_config_opts_linux=--with-pic
+endef
+
+define $(package)_config_cmds
+  $($(package)_autoconf)
+endef
+
+define $(package)_build_cmds
+  $(MAKE) -C src
+endef
+
+define $(package)_stage_cmds
+  $(MAKE) DESTDIR=$($(package)_staging_dir) -C src install
+endef
+
+define $(package)_postprocess_cmds
+  rm lib/libprotoc.a
+endef

contrib/depends/packages/openssl.mk

@@ -1,35 +1,28 @@
 package=openssl
-$(package)_version=1.0.1k
+$(package)_version=1.0.2q
 $(package)_download_path=https://www.openssl.org/source
 $(package)_file_name=$(package)-$($(package)_version).tar.gz
-$(package)_sha256_hash=8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c
+$(package)_sha256_hash=5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684
 
 define $(package)_set_vars
 $(package)_config_env=AR="$($(package)_ar)" RANLIB="$($(package)_ranlib)" CC="$($(package)_cc)"
 $(package)_config_opts=--prefix=$(host_prefix) --openssldir=$(host_prefix)/etc/openssl
-$(package)_config_opts+=no-camellia
 $(package)_config_opts+=no-capieng
-$(package)_config_opts+=no-cast
-$(package)_config_opts+=no-comp
 $(package)_config_opts+=no-dso
 $(package)_config_opts+=no-dtls1
 $(package)_config_opts+=no-ec_nistp_64_gcc_128
 $(package)_config_opts+=no-gost
 $(package)_config_opts+=no-gmp
 $(package)_config_opts+=no-heartbeats
-$(package)_config_opts+=no-idea
 $(package)_config_opts+=no-jpake
 $(package)_config_opts+=no-krb5
 $(package)_config_opts+=no-libunbound
 $(package)_config_opts+=no-md2
-$(package)_config_opts+=no-mdc2
-$(package)_config_opts+=no-rc4
 $(package)_config_opts+=no-rc5
 $(package)_config_opts+=no-rdrand
 $(package)_config_opts+=no-rfc3779
 $(package)_config_opts+=no-rsax
 $(package)_config_opts+=no-sctp
-$(package)_config_opts+=no-seed
 $(package)_config_opts+=no-sha0
 $(package)_config_opts+=no-shared
 $(package)_config_opts+=no-ssl-trace
@@ -39,7 +32,6 @@ $(package)_config_opts+=no-static_engine
 $(package)_config_opts+=no-store
 $(package)_config_opts+=no-unit-test
 $(package)_config_opts+=no-weak-ssl-ciphers
-$(package)_config_opts+=no-whirlpool
 $(package)_config_opts+=no-zlib
 $(package)_config_opts+=no-zlib-dynamic
 $(package)_config_opts+=$($(package)_cflags) $($(package)_cppflags)

contrib/depends/packages/packages.mk

@@ -1,12 +1,15 @@
-packages:=boost openssl libevent zeromq cppzmq zlib expat ldns cppzmq readline libiconv qt hidapi
-native_packages := native_ccache
-
-wallet_packages=bdb
+packages:=boost openssl zeromq cppzmq expat ldns cppzmq readline libiconv hidapi protobuf libusb
+native_packages := native_ccache native_protobuf
 
 darwin_native_packages = native_biplist native_ds_store native_mac_alias
 darwin_packages = sodium-darwin
 
-linux_packages = eudev libusb
+linux_packages = eudev
+qt_packages = qt
+
+ifeq ($(build_tests),ON)
+packages += gtest
+endif
 
 ifeq ($(host_os),linux)
 packages += unwind
@@ -19,6 +22,5 @@ endif
 
 ifneq ($(build_os),darwin)
 darwin_native_packages += native_cctools native_cdrkit native_libdmg-hfsplus
-packages += readline
 endif
 

contrib/depends/packages/qt.mk

@@ -4,7 +4,6 @@ $(package)_download_path=https://download.qt.io/archive/qt/5.7/5.7.1/submodules
 $(package)_suffix=opensource-src-$($(package)_version).tar.gz
 $(package)_file_name=qtbase-$($(package)_suffix)
 $(package)_sha256_hash=95f83e532d23b3ddbde7973f380ecae1bac13230340557276f75f2e37984e410
-$(package)_dependencies=openssl zlib
 $(package)_build_subdir=qtbase
 $(package)_qt_libs=corelib
 $(package)_patches=pidlist_absolute.patch fix_qt_pkgconfig.patch qfixed-coretext.patch
@@ -62,14 +61,14 @@ $(package)_config_opts += -no-xrender
 $(package)_config_opts += -nomake examples
 $(package)_config_opts += -nomake tests
 $(package)_config_opts += -opensource
-$(package)_config_opts += -openssl-linked
+$(package)_config_opts += -no-openssl
 $(package)_config_opts += -optimized-qmake
 $(package)_config_opts += -pch
 $(package)_config_opts += -pkg-config
-$(package)_config_opts += -qt-libpng
-$(package)_config_opts += -qt-libjpeg
+$(package)_config_opts += -no-libpng
+$(package)_config_opts += -no-libjpeg
 $(package)_config_opts += -qt-pcre
-$(package)_config_opts += -system-zlib
+$(package)_config_opts += -no-zlib
 $(package)_config_opts += -reduce-exports
 $(package)_config_opts += -static
 $(package)_config_opts += -silent
@@ -124,7 +123,6 @@ define $(package)_config_cmds
   export PKG_CONFIG_LIBDIR=$(host_prefix)/lib/pkgconfig && \
   export PKG_CONFIG_PATH=$(host_prefix)/share/pkgconfig  && \
   ./configure $($(package)_config_opts) && \
-  echo "host_build: QT_CONFIG ~= s/system-zlib/zlib" >> mkspecs/qconfig.pri && \
   echo "CONFIG += force_bootstrap" >> mkspecs/qconfig.pri && \
   $(MAKE) sub-src-clean && \
   cd ../qttranslations && ../qtbase/bin/qmake qttranslations.pro -o Makefile && \

contrib/depends/packages/readline.mk

@@ -1,9 +1,8 @@
 package=readline
-$(package)_version=6.3
-$(package)_download_path=ftp://ftp.cwru.edu/pub/bash/
+$(package)_version=8.0
+$(package)_download_path=https://ftp.gnu.org/gnu/readline
 $(package)_file_name=$(package)-$($(package)_version).tar.gz
-$(package)_sha256_hash=56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43
-$(package)_patches=readline-1.patch
+$(package)_sha256_hash=e339f51971478d369f8a053a330a190781acb9864cf4c541060f12078948e461
 
 define $(package)_set_vars
   $(package)_build_opts=CC="$($(package)_cc)"
@@ -15,7 +14,6 @@ define $(package)_set_vars
 endef
 
 define $(package)_config_cmds
-  patch -p1 < $($(package)_patch_dir)/readline-1.patch &&\
   export bash_cv_have_mbstate_t=yes &&\
   export bash_cv_wcwidth_broken=yes &&\
   ./configure $($(package)_config_opts)
@@ -29,5 +27,3 @@ define $(package)_stage_cmds
   $(MAKE) DESTDIR=$($(package)_staging_dir) install
 endef
 
-define $(package)_postprocess_cmds
-endef

contrib/depends/packages/sodium-darwin.mk

@@ -1,8 +1,8 @@
 package=sodium-darwin
-$(package)_version=1.0.15
+$(package)_version=1.0.16
 $(package)_download_path=https://download.libsodium.org/libsodium/releases/
 $(package)_file_name=libsodium-$($(package)_version).tar.gz
-$(package)_sha256_hash=fb6a9e879a2f674592e4328c5d9f79f082405ee4bb05cb6e679b90afe9e178f4
+$(package)_sha256_hash=eeadc7e1e1bcef09680fb4837d448fbdf57224978f865ac1c16745868fbd0533
 
 define $(package)_set_vars
 $(package)_build_opts_darwin=OS=Darwin LIBTOOL="$($(package)_libtool)"

contrib/depends/packages/sodium.mk

@@ -1,8 +1,8 @@
 package=sodium
-$(package)_version=1.0.15
+$(package)_version=1.0.16
 $(package)_download_path=https://download.libsodium.org/libsodium/releases/
 $(package)_file_name=libsodium-$($(package)_version).tar.gz
-$(package)_sha256_hash=fb6a9e879a2f674592e4328c5d9f79f082405ee4bb05cb6e679b90afe9e178f4
+$(package)_sha256_hash=eeadc7e1e1bcef09680fb4837d448fbdf57224978f865ac1c16745868fbd0533
 $(package)_patches=fix-whitespace.patch
 
 define $(package)_set_vars

contrib/depends/packages/zlib.mk

@@ -1,27 +0,0 @@
-package=zlib
-$(package)_version=1.2.11
-$(package)_download_path=https://www.zlib.net
-$(package)_file_name=$(package)-$($(package)_version).tar.gz
-$(package)_sha256_hash=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1
-
-define $(package)_set_vars
-$(package)_build_opts= CC="$($(package)_cc)"
-$(package)_build_opts+=CFLAGS="$($(package)_cflags) $($(package)_cppflags) -fPIC"
-$(package)_build_opts+=RANLIB="$($(package)_ranlib)"
-$(package)_build_opts+=AR="$($(package)_ar)"
-$(package)_build_opts_darwin+=AR="$($(package)_libtool)"
-$(package)_build_opts_darwin+=ARFLAGS="-o"
-endef
-
-define $(package)_config_cmds
-  ./configure --static --prefix=$(host_prefix)
-endef
-
-define $(package)_build_cmds
-  $(MAKE) $($(package)_build_opts) libz.a
-endef
-
-define $(package)_stage_cmds
-  $(MAKE) DESTDIR=$($(package)_staging_dir) install $($(package)_build_opts)
-endef
-

contrib/depends/patches/readline/readline-1.patch

@@ -1,187 +0,0 @@
-From c0572cecbeadc8fe24c70c5c39d49210a39ac719 Mon Sep 17 00:00:00 2001
-From: Timothy Gu <timothygu99@gmail.com>
-Date: Tue, 30 Sep 2014 10:32:33 -0700
-Subject: [PATCH 1/2] signals: safeguard the remaining usage of frequently
- missing signals
-
-diff --git a/input.c b/input.c
-index 117dfe8..465f0b9 100644
---- a/input.c
-+++ b/input.c
-@@ -532,9 +532,17 @@ rl_getc (stream)
- 	 Otherwise (not EINTR), some error occurred, also signifying EOF. */
-       if (errno != EINTR)
- 	return (RL_ISSTATE (RL_STATE_READCMD) ? READERR : EOF);
--      else if (_rl_caught_signal == SIGHUP || _rl_caught_signal == SIGTERM)
-+      else if (_rl_caught_signal == SIGTERM
-+#if defined(SIGHUP)
-+               || _rl_caught_signal == SIGHUP
-+#endif
-+              )
- 	return (RL_ISSTATE (RL_STATE_READCMD) ? READERR : EOF);
--      else if (_rl_caught_signal == SIGINT || _rl_caught_signal == SIGQUIT)
-+      else if (_rl_caught_signal == SIGINT
-+#if defined(SIGQUIT)
-+               || _rl_caught_signal == SIGQUIT
-+#endif
-+              )
-         RL_CHECK_SIGNALS ();
- 
-       if (rl_signal_event_hook)
-diff --git a/signals.c b/signals.c
-index 61f02f9..7c921d6 100644
---- a/signals.c
-+++ b/signals.c
-@@ -216,7 +216,9 @@ _rl_handle_signal (sig)
-       /* FALLTHROUGH */
- 
-     case SIGTERM:
-+#if defined (SIGHUP)
-     case SIGHUP:
-+#endif
- #if defined (SIGTSTP)
-     case SIGTSTP:
-     case SIGTTOU:
-@@ -426,7 +428,9 @@ rl_set_signals ()
- 
-       rl_maybe_set_sighandler (SIGINT, rl_signal_handler, &old_int);
-       rl_maybe_set_sighandler (SIGTERM, rl_signal_handler, &old_term);
-+#if defined (SIGHUP)
-       rl_maybe_set_sighandler (SIGHUP, rl_signal_handler, &old_hup);
-+#endif
- #if defined (SIGQUIT)
-       rl_maybe_set_sighandler (SIGQUIT, rl_signal_handler, &old_quit);
- #endif
-@@ -491,7 +495,9 @@ rl_clear_signals ()
- 	 overhead */
-       rl_maybe_restore_sighandler (SIGINT, &old_int);
-       rl_maybe_restore_sighandler (SIGTERM, &old_term);
-+#if defined (SIGHUP)
-       rl_maybe_restore_sighandler (SIGHUP, &old_hup);
-+#endif
- #if defined (SIGQUIT)
-       rl_maybe_restore_sighandler (SIGQUIT, &old_quit);
- #endif
--- 
-1.8.3.2
-
-
-From 6896ffa4fc85bf0dfae58e69a860d2076c1d9fd2 Mon Sep 17 00:00:00 2001
-From: Timothy Gu <timothygu99@gmail.com>
-Date: Tue, 30 Sep 2014 17:16:32 -0700
-Subject: [PATCH 2/2] Handle missing S_IS* macros more gracefully
-
-diff --git a/colors.c b/colors.c
-index 89d9035..ec19844 100644
---- a/colors.c
-+++ b/colors.c
-@@ -152,14 +152,22 @@ _rl_print_color_indicator (char *f)
-         {
-           colored_filetype = C_FILE;
- 
-+#if defined (S_ISUID)
-           if ((mode & S_ISUID) != 0 && is_colored (C_SETUID))
-             colored_filetype = C_SETUID;
--          else if ((mode & S_ISGID) != 0 && is_colored (C_SETGID))
-+          else
-+#endif
-+#if defined (S_ISGID)
-+          if ((mode & S_ISGID) != 0 && is_colored (C_SETGID))
-             colored_filetype = C_SETGID;
--          else if (is_colored (C_CAP) && 0) //f->has_capability)
-+          else
-+#endif
-+          if (is_colored (C_CAP) && 0) //f->has_capability)
-             colored_filetype = C_CAP;
-+#if defined(S_IXUGO)
-           else if ((mode & S_IXUGO) != 0 && is_colored (C_EXEC))
-             colored_filetype = C_EXEC;
-+#endif
-           else if ((1 < astat.st_nlink) && is_colored (C_MULTIHARDLINK))
-             colored_filetype = C_MULTIHARDLINK;
-         }
-@@ -173,8 +181,10 @@ _rl_print_color_indicator (char *f)
-             colored_filetype = C_STICKY_OTHER_WRITABLE;
-           else
- #endif
-+#if defined (S_IWOTH)
-           if ((mode & S_IWOTH) != 0 && is_colored (C_OTHER_WRITABLE))
-             colored_filetype = C_OTHER_WRITABLE;
-+#endif
- #if defined (S_ISVTX)
-           else if ((mode & S_ISVTX) != 0 && is_colored (C_STICKY))
-             colored_filetype = C_STICKY;
-diff --git a/colors.h b/colors.h
-index fc926e5..e62edd0 100644
---- a/colors.h
-+++ b/colors.h
-@@ -96,7 +96,7 @@ enum indicator_no
-   };
- 
- 
--#if !S_IXUGO
-+#if !S_IXUGO && defined(S_IXUSR) && defined(S_IXGRP) && defined(S_IXOTH)
- # define S_IXUGO (S_IXUSR | S_IXGRP | S_IXOTH)
- #endif
- 
-diff --git a/posixstat.h b/posixstat.h
-index 3eb7f29..854a2c9 100644
---- a/posixstat.h
-+++ b/posixstat.h
-@@ -78,30 +78,44 @@
- 
- #if defined (S_IFBLK) && !defined (S_ISBLK)
- #define	S_ISBLK(m)	(((m)&S_IFMT) == S_IFBLK)	/* block device */
-+#elif !defined (S_IFBLK)
-+#define S_ISBLK(m)	0
- #endif
- 
- #if defined (S_IFCHR) && !defined (S_ISCHR)
- #define	S_ISCHR(m)	(((m)&S_IFMT) == S_IFCHR)	/* character device */
-+#elif !defined (S_IFCHR)
-+#define S_ISCHR(m)	0
- #endif
- 
- #if defined (S_IFDIR) && !defined (S_ISDIR)
- #define	S_ISDIR(m)	(((m)&S_IFMT) == S_IFDIR)	/* directory */
-+#elif !defined (S_IFDIR)
-+#define S_ISDIR(m)	0
- #endif
- 
- #if defined (S_IFREG) && !defined (S_ISREG)
- #define	S_ISREG(m)	(((m)&S_IFMT) == S_IFREG)	/* file */
-+#elif !defined (S_IFREG)
-+#define S_ISREG(m)	0
- #endif
- 
- #if defined (S_IFIFO) && !defined (S_ISFIFO)
- #define	S_ISFIFO(m)	(((m)&S_IFMT) == S_IFIFO)	/* fifo - named pipe */
-+#elif !defined (S_IFIFO)
-+#define S_ISFIFO(m)	0
- #endif
- 
- #if defined (S_IFLNK) && !defined (S_ISLNK)
- #define	S_ISLNK(m)	(((m)&S_IFMT) == S_IFLNK)	/* symbolic link */
-+#elif !defined (S_IFLNK)
-+#define S_ISLNK(m)	0
- #endif
- 
- #if defined (S_IFSOCK) && !defined (S_ISSOCK)
- #define	S_ISSOCK(m)	(((m)&S_IFMT) == S_IFSOCK)	/* socket */
-+#elif !defined (S_IFSOCK)
-+#define S_ISSOCK(m)	0
- #endif
- 
- /*
-@@ -137,6 +151,8 @@
- /* These are non-standard, but are used in builtins.c$symbolic_umask() */
- #define S_IRUGO		(S_IRUSR | S_IRGRP | S_IROTH)
- #define S_IWUGO		(S_IWUSR | S_IWGRP | S_IWOTH)
-+#if defined(S_IXUSR) && defined(S_IXGRP) && defined(S_IXOTH)
- #define S_IXUGO		(S_IXUSR | S_IXGRP | S_IXOTH)
-+#endif
- 
- #endif /* _POSIXSTAT_H_ */
--- 
-1.8.3.2
-

contrib/depends/patches/sodium/fix-whitespace.patch

@@ -5,8 +5,8 @@ index b29f769..ca008ae 100755
 @@ -591,7 +591,7 @@ MAKEFLAGS=
  PACKAGE_NAME='libsodium'
  PACKAGE_TARNAME='libsodium'
- PACKAGE_VERSION='1.0.15'
--PACKAGE_STRING='libsodium 1.0.15'
+ PACKAGE_VERSION='1.0.16'
+-PACKAGE_STRING='libsodium 1.0.16'
 +PACKAGE_STRING='libsodium'
  PACKAGE_BUGREPORT='https://github.com/jedisct1/libsodium/issues'
  PACKAGE_URL='https://github.com/jedisct1/libsodium'

contrib/depends/toolchain.cmake.in

@@ -1,9 +1,16 @@
 # Set the system name, either Darwin, Linux, or Windows
 SET(CMAKE_SYSTEM_NAME @depends@)
-SET(CMAKE_BUILD_TYPE release)
+SET(CMAKE_BUILD_TYPE @release_type@)
 
-SET(STATIC true)
-SET(UNBOUND_STATIC true)
+OPTION(STATIC "Link libraries statically" ON)
+OPTION(TREZOR_DEBUG "Main trezor debugging switch" OFF)
+OPTION(BUILD_TESTS "Build tests." OFF)
+
+SET(STATIC ON)
+SET(UNBOUND_STATIC ON)
+
+SET(BUILD_TESTS @build_tests@)
+SET(TREZOR_DEBUG @build_tests@)
 
 # where is the target environment 
 SET(CMAKE_FIND_ROOT_PATH @prefix@ /usr)
@@ -21,6 +28,12 @@ SET(LIBUNWIND_LIBRARY_DIRS @prefix@/lib)
 SET(LIBUSB-1.0_LIBRARY @prefix@/lib/libusb-1.0.a)
 SET(LIBUDEV_LIBRARY @prefix@/lib/libudev.a)
 
+SET(Protobuf_FOUND 1)
+SET(Protobuf_PROTOC_EXECUTABLE @prefix@/native/bin/protoc CACHE FILEPATH "Path to the native protoc")
+SET(Protobuf_INCLUDE_DIR @prefix@/include CACHE PATH "Protobuf include dir")
+SET(Protobuf_INCLUDE_DIRS @prefix@/include CACHE PATH "Protobuf include dir")
+SET(Protobuf_LIBRARY @prefix@/lib/libprotobuf.a CACHE FILEPATH "Protobuf library")
+
 SET(ZMQ_INCLUDE_PATH @prefix@/include)
 SET(ZMQ_LIB @prefix@/lib/libzmq.a)
 
@@ -41,6 +54,8 @@ set (CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER) # Find programs on host
 set (CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY) # Find libs in target
 set (CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY) # Find includes in target
 
+set(CMAKE_SYSTEM_PROCESSOR ${CMAKE_HOST_SYSTEM_PROCESSOR} CACHE STRING "" FORCE)
+
 # specify the cross compiler to be used. Darwin uses clang provided by the SDK.
 if(CMAKE_SYSTEM_NAME STREQUAL "Darwin")
   SET(CMAKE_C_COMPILER @prefix@/native/bin/clang)
@@ -82,6 +97,11 @@ endif()
 
 if(ARCHITECTURE STREQUAL "i686" AND CMAKE_SYSTEM_NAME STREQUAL "Linux")
   SET(LINUX_32 ON)
+  SET(ARCH_ID "i386")
+endif()
+
+if(ARCHITECTURE STREQUAL "x86_64" AND CMAKE_SYSTEM_NAME STREQUAL "Linux")
+  SET(ARCH_ID "x86_64")
 endif()
 
 #Create a new global cmake flag that indicates building with depends

contrib/epee/CMakeLists.txt

@@ -1,4 +1,4 @@
-# Copyright (c) 2014-2018, The Monero Project
+# Copyright (c) 2014-2019, The Monero Project
 # 
 # All rights reserved.
 # 

contrib/epee/demo/iface/transport_defs.h

@@ -81,7 +81,7 @@ namespace demo
 	{
 		const static int ID = 1000;
 
-		struct request
+		struct request_t
 		{		
       std::string example_string_data;
       some_test_data sub;
@@ -91,9 +91,10 @@ namespace demo
         KV_SERIALIZE(sub)
       END_KV_SERIALIZE_MAP()
 		};
+      typedef epee::misc_utils::struct_init<request_t> request;
 
 
-		struct response
+		struct response_t
 		{
 			bool 	 m_success; 
       std::list<some_test_data> subs;
@@ -104,6 +105,7 @@ namespace demo
       END_KV_SERIALIZE_MAP()
 		};
 	};
+      typedef epee::misc_utils::struct_init<response_t> response;
 
 
 
@@ -111,7 +113,7 @@ namespace demo
 	{
 		const static int ID = 1001;
 
-    struct request
+    struct request_t
     {		
       std::string example_string_data2;
 
@@ -119,8 +121,9 @@ namespace demo
         KV_SERIALIZE(example_string_data2)
       END_KV_SERIALIZE_MAP()
     };
+    typedef epee::misc_utils::struct_init<request_t> request;
 
-    struct response
+    struct response_t
     {
       bool 	 m_success; 
 
@@ -129,6 +132,7 @@ namespace demo
         KV_SERIALIZE(m_success)
       END_KV_SERIALIZE_MAP()
     };
+    typedef epee::misc_utils::struct_init<response_t> response;
 	};
 
 

contrib/epee/include/console_handler.h

@@ -357,6 +357,7 @@ eof:
           if (m_stdin_reader.eos())
           {
             MGINFO("EOF on stdin, exiting");
+            std::cout << std::endl;
             break;
           }
           if (!get_line_ret)

contrib/epee/include/hex.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2017-2018, The Monero Project
+// Copyright (c) 2017-2019, The Monero Project
 //
 // All rights reserved.
 //
@@ -32,6 +32,7 @@
 #include <cstdint>
 #include <iosfwd>
 #include <string>
+#include <boost/utility/string_ref.hpp>
 
 #include "wipeable_string.h"
 #include "span.h"
@@ -68,4 +69,10 @@ namespace epee
     //! Write `src` bytes as hex to `out`. `out` must be twice the length
     static void buffer_unchecked(char* out, const span<const std::uint8_t> src) noexcept;
   };
+
+  struct from_hex
+  {
+      //! \return An std::vector of unsigned integers from the `src`
+      static std::vector<uint8_t> vector(boost::string_ref src);
+  };
 }

contrib/epee/include/int-util.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 // 
 // All rights reserved.
 // 

contrib/epee/include/math_helper.h

@@ -32,7 +32,7 @@
 
 #include <list>
 #include <numeric>
-#include <boost/timer.hpp>
+#include <boost/timer/timer.hpp>
 #include <boost/uuid/uuid.hpp>
 #include <boost/uuid/random_generator.hpp>
 
@@ -230,35 +230,57 @@ namespace math_helper
 		}
 
 	}
-	template<int default_interval, bool start_immediate = true>
-	class once_a_time_seconds
+	template<uint64_t scale, int default_interval, bool start_immediate = true>
+	class once_a_time
 	{
+    uint64_t get_time() const
+    {
+#ifdef _WIN32
+      FILETIME fileTime;
+      GetSystemTimeAsFileTime(&fileTime);
+      unsigned __int64 present = 0;
+      present |= fileTime.dwHighDateTime;
+      present = present << 32;
+      present |= fileTime.dwLowDateTime;
+      present /= 10;  // mic-sec
+      return present;
+#else
+      struct timeval tv;
+      gettimeofday(&tv, NULL);
+      return tv.tv_sec * 1000000 + tv.tv_usec;
+#endif
+    }
+
 	public:
-		once_a_time_seconds():m_interval(default_interval)
+		once_a_time():m_interval(default_interval * scale)
 		{
 			m_last_worked_time = 0;
       if(!start_immediate)
-        time(&m_last_worked_time);
+        m_last_worked_time = get_time();
 		}
 
 		template<class functor_t>
 		bool do_call(functor_t functr)
 		{
-			time_t current_time = 0;
-			time(&current_time);
+			uint64_t current_time = get_time();
 
       if(current_time - m_last_worked_time > m_interval)
 			{
 				bool res = functr();
-				time(&m_last_worked_time);
+				m_last_worked_time = get_time();
 				return res;
 			}
 			return true;
 		}
 
 	private:
-		time_t m_last_worked_time;
-		time_t m_interval;
+		uint64_t m_last_worked_time;
+		uint64_t m_interval;
 	};
+
+  template<int default_interval, bool start_immediate = true>
+  class once_a_time_seconds: public once_a_time<1000000, default_interval, start_immediate> {};
+  template<int default_interval, bool start_immediate = true>
+  class once_a_time_milliseconds: public once_a_time<1000, default_interval, start_immediate> {};
 }
 }

contrib/epee/include/memwipe.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2017-2018, The Monero Project
+// Copyright (c) 2017-2019, The Monero Project
 // 
 // All rights reserved.
 // 

contrib/epee/include/misc_language.h

@@ -159,5 +159,10 @@ namespace misc_utils
     return slc;
   }
 
+  template<typename T> struct struct_init: T
+  {
+    struct_init(): T{} {}
+  };
+
 }
 }

contrib/epee/include/misc_log_ex.h

@@ -38,14 +38,21 @@
 #define MAX_LOG_FILE_SIZE 104850000 // 100 MB - 7600 bytes
 #define MAX_LOG_FILES 50
 
-#define MCFATAL(cat,x) CLOG(FATAL,cat) << x
-#define MCERROR(cat,x) CLOG(ERROR,cat) << x
-#define MCWARNING(cat,x) CLOG(WARNING,cat) << x
-#define MCINFO(cat,x) CLOG(INFO,cat) << x
-#define MCDEBUG(cat,x) CLOG(DEBUG,cat) << x
-#define MCTRACE(cat,x) CLOG(TRACE,cat) << x
-#define MCLOG(level,cat,x) ELPP_WRITE_LOG(el::base::Writer, level, el::base::DispatchAction::NormalLog, cat) << x
-#define MCLOG_FILE(level,cat,x) ELPP_WRITE_LOG(el::base::Writer, level, el::base::DispatchAction::FileOnlyLog, cat) << x
+#define MCLOG_TYPE(level, cat, type, x) do { \
+    if (ELPP->vRegistry()->allowed(level, cat)) { \
+      el::base::Writer(level, __FILE__, __LINE__, ELPP_FUNC, type).construct(cat) << x; \
+    } \
+  } while (0)
+
+#define MCLOG(level, cat, x) MCLOG_TYPE(level, cat, el::base::DispatchAction::NormalLog, x)
+#define MCLOG_FILE(level, cat, x) MCLOG_TYPE(level, cat, el::base::DispatchAction::FileOnlyLog, x)
+
+#define MCFATAL(cat,x) MCLOG(el::Level::Fatal,cat, x)
+#define MCERROR(cat,x) MCLOG(el::Level::Error,cat, x)
+#define MCWARNING(cat,x) MCLOG(el::Level::Warning,cat, x)
+#define MCINFO(cat,x) MCLOG(el::Level::Info,cat, x)
+#define MCDEBUG(cat,x) MCLOG(el::Level::Debug,cat, x)
+#define MCTRACE(cat,x) MCLOG(el::Level::Trace,cat, x)
 
 #define MCLOG_COLOR(level,cat,color,x) MCLOG(level,cat,"\033[1;" color "m" << x << "\033[0m")
 #define MCLOG_RED(level,cat,x) MCLOG_COLOR(level,cat,"31",x)
@@ -78,6 +85,16 @@
 #define MGINFO_MAGENTA(x) MCLOG_MAGENTA(el::Level::Info, "global",x)
 #define MGINFO_CYAN(x) MCLOG_CYAN(el::Level::Info, "global",x)
 
+#define IFLOG(level, cat, type, init, x) \
+  do { \
+    if (ELPP->vRegistry()->allowed(level, cat)) { \
+      init; \
+      el::base::Writer(level, __FILE__, __LINE__, ELPP_FUNC, type).construct(cat) << x; \
+    } \
+  } while(0)
+#define MIDEBUG(init, x) IFLOG(el::Level::Debug, MONERO_DEFAULT_LOG_CATEGORY, el::base::DispatchAction::NormalLog, init, x)
+
+
 #define LOG_ERROR(x) MERROR(x)
 #define LOG_PRINT_L0(x) MWARNING(x)
 #define LOG_PRINT_L1(x) MINFO(x)

contrib/epee/include/net/abstract_tcp_server2.h

@@ -41,10 +41,12 @@
 #include <boost/noncopyable.hpp>
 #include <boost/shared_ptr.hpp>
 #include <atomic>
+#include <cassert>
 #include <map>
 #include <memory>
 
 #include <boost/asio.hpp>
+#include <boost/asio/ssl.hpp>
 #include <boost/array.hpp>
 #include <boost/noncopyable.hpp>
 #include <boost/shared_ptr.hpp>
@@ -87,22 +89,39 @@ namespace net_utils
   {
   public:
     typedef typename t_protocol_handler::connection_context t_connection_context;
+
+    struct shared_state : connection_basic_shared_state
+    {
+      shared_state()
+        : connection_basic_shared_state(), pfilter(nullptr), config(), stop_signal_sent(false)
+      {}
+
+      i_connection_filter* pfilter;
+      typename t_protocol_handler::config_type config;
+      bool stop_signal_sent;
+    };
+
     /// Construct a connection with the given io_service.
-   
     explicit connection( boost::asio::io_service& io_service,
-			typename t_protocol_handler::config_type& config, 
-			std::atomic<long> &ref_sock_count,  // the ++/-- counter 
-			std::atomic<long> &sock_number, // the only increasing ++ number generator
-			i_connection_filter * &pfilter
-			,t_connection_type connection_type);
+                        boost::shared_ptr<shared_state> state,
+			t_connection_type connection_type,
+			epee::net_utils::ssl_support_t ssl_support);
+
+    explicit connection( boost::asio::ip::tcp::socket&& sock,
+			 boost::shared_ptr<shared_state> state,
+			t_connection_type connection_type,
+			epee::net_utils::ssl_support_t ssl_support);
+
+
 
     virtual ~connection() noexcept(false);
-    /// Get the socket associated with the connection.
-    boost::asio::ip::tcp::socket& socket();
 
     /// Start the first asynchronous operation for the connection.
     bool start(bool is_income, bool is_multithreaded);
 
+    // `real_remote` is the actual endpoint (if connection is to proxy, etc.)
+    bool start(bool is_income, bool is_multithreaded, network_address real_remote);
+
     void get_context(t_connection_context& context_){context_ = context;}
 
     void call_back_starter();
@@ -128,6 +147,10 @@ namespace net_utils
     //------------------------------------------------------
     boost::shared_ptr<connection<t_protocol_handler> > safe_shared_from_this();
     bool shutdown();
+    /// Handle completion of a receive operation.
+    void handle_receive(const boost::system::error_code& e,
+      std::size_t bytes_transferred);
+
     /// Handle completion of a read operation.
     void handle_read(const boost::system::error_code& e,
       std::size_t bytes_transferred);
@@ -145,10 +168,9 @@ namespace net_utils
 
     /// Buffer for incoming data.
     boost::array<char, 8192> buffer_;
-    //boost::array<char, 1024> buffer_;
+    size_t buffer_ssl_init_fill;
 
     t_connection_context context;
-    i_connection_filter* &m_pfilter;
 
 	// TODO what do they mean about wait on destructor?? --rfree :
     //this should be the last one, because it could be wait on destructor, while other activities possible on other threads
@@ -185,6 +207,13 @@ namespace net_utils
   class boosted_tcp_server
     : private boost::noncopyable
   {
+    enum try_connect_result_t
+    {
+      CONNECT_SUCCESS,
+      CONNECT_FAILURE,
+      CONNECT_NO_SSL,
+    };
+
   public:
     typedef boost::shared_ptr<connection<t_protocol_handler> > connection_ptr;
     typedef typename t_protocol_handler::connection_context t_connection_context;
@@ -198,8 +227,8 @@ namespace net_utils
     std::map<std::string, t_connection_type> server_type_map;
     void create_server_type_map();
 
-    bool init_server(uint32_t port, const std::string address = "0.0.0.0");
-    bool init_server(const std::string port,  const std::string& address = "0.0.0.0");
+    bool init_server(uint32_t port, const std::string address = "0.0.0.0", ssl_options_t ssl_options = ssl_support_t::e_ssl_support_autodetect);
+    bool init_server(const std::string port,  const std::string& address = "0.0.0.0", ssl_options_t ssl_options = ssl_support_t::e_ssl_support_autodetect);
 
     /// Run the server's io_service loop.
     bool run_server(size_t threads_count, bool wait = true, const boost::thread::attributes& attrs = boost::thread::attributes());
@@ -210,7 +239,9 @@ namespace net_utils
     /// Stop the server.
     void send_stop_signal();
 
-    bool is_stop_signal_sent();
+    bool is_stop_signal_sent() const noexcept { return m_stop_signal_sent; };
+
+    const std::atomic<bool>& get_stop_signal() const noexcept { return m_stop_signal_sent; }
 
     void set_threads_prefix(const std::string& prefix_name);
 
@@ -220,17 +251,29 @@ namespace net_utils
 
     void set_connection_filter(i_connection_filter* pfilter);
 
-    bool connect(const std::string& adr, const std::string& port, uint32_t conn_timeot, t_connection_context& cn, const std::string& bind_ip = "0.0.0.0");
-    template<class t_callback>
-    bool connect_async(const std::string& adr, const std::string& port, uint32_t conn_timeot, const t_callback &cb, const std::string& bind_ip = "0.0.0.0");
+    void set_default_remote(epee::net_utils::network_address remote)
+    {
+      default_remote = std::move(remote);
+    }
 
-    typename t_protocol_handler::config_type& get_config_object(){return m_config;}
+    bool add_connection(t_connection_context& out, boost::asio::ip::tcp::socket&& sock, network_address real_remote, epee::net_utils::ssl_support_t ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_autodetect);
+    try_connect_result_t try_connect(connection_ptr new_connection_l, const std::string& adr, const std::string& port, boost::asio::ip::tcp::socket &sock_, const boost::asio::ip::tcp::endpoint &remote_endpoint, const std::string &bind_ip, uint32_t conn_timeout, epee::net_utils::ssl_support_t ssl_support);
+    bool connect(const std::string& adr, const std::string& port, uint32_t conn_timeot, t_connection_context& cn, const std::string& bind_ip = "0.0.0.0", epee::net_utils::ssl_support_t ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_autodetect);
+    template<class t_callback>
+    bool connect_async(const std::string& adr, const std::string& port, uint32_t conn_timeot, const t_callback &cb, const std::string& bind_ip = "0.0.0.0", epee::net_utils::ssl_support_t ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_autodetect);
+
+    typename t_protocol_handler::config_type& get_config_object()
+    {
+      assert(m_state != nullptr); // always set in constructor
+      return m_state->config;
+    }
 
     int get_binded_port(){return m_port;}
 
     long get_connections_count() const
     {
-      auto connections_count = (m_sock_count > 0) ? (m_sock_count - 1) : 0; // Socket count minus listening socket
+      assert(m_state != nullptr); // always set in constructor
+      auto connections_count = m_state->sock_count > 0 ? (m_state->sock_count - 1) : 0; // Socket count minus listening socket
       return connections_count;
     }
 
@@ -292,9 +335,6 @@ namespace net_utils
       return true;
     }
 
-  protected:
-    typename t_protocol_handler::config_type m_config;
-
   private:
     /// Run the server's io_service loop.
     bool worker_thread();
@@ -303,21 +343,30 @@ namespace net_utils
 
     bool is_thread_worker();
 
+    const boost::shared_ptr<typename connection<t_protocol_handler>::shared_state> m_state;
+
     /// The io_service used to perform asynchronous operations.
-    std::unique_ptr<boost::asio::io_service> m_io_service_local_instance;
+    struct worker
+    {
+      worker()
+        : io_service(), work(io_service)
+      {}
+
+      boost::asio::io_service io_service;
+      boost::asio::io_service::work work;
+    };
+    std::unique_ptr<worker> m_io_service_local_instance;
     boost::asio::io_service& io_service_;    
 
     /// Acceptor used to listen for incoming connections.
     boost::asio::ip::tcp::acceptor acceptor_;
+    epee::net_utils::network_address default_remote;
 
     std::atomic<bool> m_stop_signal_sent;
     uint32_t m_port;
-	std::atomic<long> m_sock_count;
-	std::atomic<long> m_sock_number;
     std::string m_address;
     std::string m_thread_name_prefix; //TODO: change to enum server_type, now used
     size_t m_threads_count;
-    i_connection_filter* m_pfilter;
     std::vector<boost::shared_ptr<boost::thread> > m_threads;
     boost::thread::id m_main_thread_id;
     critical_section m_threads_lock;
@@ -330,7 +379,6 @@ namespace net_utils
 
     boost::mutex connections_mutex;
     std::set<connection_ptr> connections_;
-
   }; // class <>boosted_tcp_server
 
 

contrib/epee/include/net/abstract_tcp_server2.inl

@@ -40,6 +40,7 @@
 #include <boost/asio/deadline_timer.hpp>
 #include <boost/date_time/posix_time/posix_time.hpp> // TODO
 #include <boost/thread/condition_variable.hpp> // TODO
+#include <boost/make_shared.hpp>
 #include "warnings.h"
 #include "string_tools.h"
 #include "misc_language.h"
@@ -57,11 +58,19 @@
 #define DEFAULT_TIMEOUT_MS_REMOTE 300000 // 5 minutes
 #define TIMEOUT_EXTRA_MS_PER_BYTE 0.2
 
+
 PRAGMA_WARNING_PUSH
 namespace epee
 {
 namespace net_utils
 {
+  template<typename T>
+  T& check_and_get(boost::shared_ptr<T>& ptr)
+  {
+    CHECK_AND_ASSERT_THROW_MES(bool(ptr), "shared_state cannot be null");
+    return *ptr;
+  }
+
   /************************************************************************/
   /*                                                                      */
   /************************************************************************/
@@ -69,25 +78,34 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 
   template<class t_protocol_handler>
   connection<t_protocol_handler>::connection( boost::asio::io_service& io_service,
-  	typename t_protocol_handler::config_type& config, 
-		std::atomic<long> &ref_sock_count,  // the ++/-- counter 
-		std::atomic<long> &sock_number, // the only increasing ++ number generator
-		i_connection_filter* &pfilter
-		,t_connection_type connection_type
+                boost::shared_ptr<shared_state> state,
+		t_connection_type connection_type,
+		ssl_support_t ssl_support
+	)
+	: connection(boost::asio::ip::tcp::socket{io_service}, std::move(state), connection_type, ssl_support)
+  {
+  }
+
+  template<class t_protocol_handler>
+  connection<t_protocol_handler>::connection( boost::asio::ip::tcp::socket&& sock,
+                boost::shared_ptr<shared_state> state,
+		t_connection_type connection_type,
+		ssl_support_t ssl_support
 	)
 	: 
-		connection_basic(io_service, ref_sock_count, sock_number), 
-		m_protocol_handler(this, config, context),
-		m_pfilter( pfilter ),
+		connection_basic(std::move(sock), state, ssl_support),
+		m_protocol_handler(this, check_and_get(state).config, context),
+		buffer_ssl_init_fill(0),
 		m_connection_type( connection_type ),
 		m_throttle_speed_in("speed_in", "throttle_speed_in"),
 		m_throttle_speed_out("speed_out", "throttle_speed_out"),
-		m_timer(io_service),
+		m_timer(GET_IO_SERVICE(socket_)),
 		m_local(false),
 		m_ready_to_close(false)
   {
     MDEBUG("test, connection constructor set m_connection_type="<<m_connection_type);
   }
+
 PRAGMA_WARNING_DISABLE_VS(4355)
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
@@ -95,17 +113,11 @@ PRAGMA_WARNING_DISABLE_VS(4355)
   {
     if(!m_was_shutdown)
     {
-      _dbg3("[sock " << socket_.native_handle() << "] Socket destroyed without shutdown.");
+      _dbg3("[sock " << socket().native_handle() << "] Socket destroyed without shutdown.");
       shutdown();
     }
 
-    _dbg3("[sock " << socket_.native_handle() << "] Socket destroyed");
-  }
-  //---------------------------------------------------------------------------------
-  template<class t_protocol_handler>
-  boost::asio::ip::tcp::socket& connection<t_protocol_handler>::socket()
-  {
-    return socket_;
+    _dbg3("[sock " << socket().native_handle() << "] Socket destroyed");
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
@@ -127,36 +139,47 @@ PRAGMA_WARNING_DISABLE_VS(4355)
   {
     TRY_ENTRY();
 
+    boost::system::error_code ec;
+    auto remote_ep = socket().remote_endpoint(ec);
+    CHECK_AND_NO_ASSERT_MES(!ec, false, "Failed to get remote endpoint: " << ec.message() << ':' << ec.value());
+    CHECK_AND_NO_ASSERT_MES(remote_ep.address().is_v4(), false, "IPv6 not supported here");
+
+    const unsigned long ip_{boost::asio::detail::socket_ops::host_to_network_long(remote_ep.address().to_v4().to_ulong())};
+    return start(is_income, is_multithreaded, ipv4_network_address{uint32_t(ip_), remote_ep.port()});
+    CATCH_ENTRY_L0("connection<t_protocol_handler>::start()", false);
+  }
+  //---------------------------------------------------------------------------------
+  template<class t_protocol_handler>
+  bool connection<t_protocol_handler>::start(bool is_income, bool is_multithreaded, network_address real_remote)
+  {
+    TRY_ENTRY();
+
     // Use safe_shared_from_this, because of this is public method and it can be called on the object being deleted
     auto self = safe_shared_from_this();
     if(!self)
       return false;
 
     m_is_multithreaded = is_multithreaded;
-
-    boost::system::error_code ec;
-    auto remote_ep = socket_.remote_endpoint(ec);
-    CHECK_AND_NO_ASSERT_MES(!ec, false, "Failed to get remote endpoint: " << ec.message() << ':' << ec.value());
-    CHECK_AND_NO_ASSERT_MES(remote_ep.address().is_v4(), false, "IPv6 not supported here");
-
-    auto local_ep = socket_.local_endpoint(ec);
-    CHECK_AND_NO_ASSERT_MES(!ec, false, "Failed to get local endpoint: " << ec.message() << ':' << ec.value());
-
-    context = boost::value_initialized<t_connection_context>();
-    const unsigned long ip_{boost::asio::detail::socket_ops::host_to_network_long(remote_ep.address().to_v4().to_ulong())};
-    m_local = epee::net_utils::is_ip_loopback(ip_) || epee::net_utils::is_ip_local(ip_);
+    m_local = real_remote.is_loopback() || real_remote.is_local();
 
     // create a random uuid, we don't need crypto strength here
     const boost::uuids::uuid random_uuid = boost::uuids::random_generator()();
 
-    context.set_details(random_uuid, epee::net_utils::ipv4_network_address(ip_, remote_ep.port()), is_income);
+    context = t_connection_context{};
+    bool ssl = m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled;
+    context.set_details(random_uuid, std::move(real_remote), is_income, ssl);
+
+    boost::system::error_code ec;
+    auto local_ep = socket().local_endpoint(ec);
+    CHECK_AND_NO_ASSERT_MES(!ec, false, "Failed to get local endpoint: " << ec.message() << ':' << ec.value());
+
     _dbg3("[sock " << socket_.native_handle() << "] new connection from " << print_connection_context_short(context) <<
       " to " << local_ep.address().to_string() << ':' << local_ep.port() <<
-      ", total sockets objects " << m_ref_sock_count);
+      ", total sockets objects " << get_state().sock_count);
 
-    if(m_pfilter && !m_pfilter->is_remote_host_allowed(context.m_remote_address))
+    if(static_cast<shared_state&>(get_state()).pfilter && !static_cast<shared_state&>(get_state()).pfilter->is_remote_host_allowed(context.m_remote_address))
     {
-      _dbg2("[sock " << socket_.native_handle() << "] host denied " << context.m_remote_address.host_str() << ", shutdowning connection");
+      _dbg2("[sock " << socket().native_handle() << "] host denied " << context.m_remote_address.host_str() << ", shutdowning connection");
       close();
       return false;
     }
@@ -168,11 +191,21 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 
     reset_timer(get_default_timeout(), false);
 
-    socket_.async_read_some(boost::asio::buffer(buffer_),
-      strand_.wrap(
-        boost::bind(&connection<t_protocol_handler>::handle_read, self,
-          boost::asio::placeholders::error,
-          boost::asio::placeholders::bytes_transferred)));
+    // first read on the raw socket to detect SSL for the server
+    buffer_ssl_init_fill = 0;
+    if (is_income && m_ssl_support != epee::net_utils::ssl_support_t::e_ssl_support_disabled)
+      socket().async_receive(boost::asio::buffer(buffer_),
+        boost::asio::socket_base::message_peek,
+        strand_.wrap(
+          boost::bind(&connection<t_protocol_handler>::handle_receive, self,
+            boost::asio::placeholders::error,
+            boost::asio::placeholders::bytes_transferred)));
+    else
+      async_read_some(boost::asio::buffer(buffer_),
+        strand_.wrap(
+          boost::bind(&connection<t_protocol_handler>::handle_read, self,
+            boost::asio::placeholders::error,
+            boost::asio::placeholders::bytes_transferred)));
 #if !defined(_WIN32) || !defined(__i686)
 	// not supported before Windows7, too lazy for runtime check
 	// Just exclude for 32bit windows builds
@@ -180,12 +213,12 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 	int tos = get_tos_flag();
 	boost::asio::detail::socket_option::integer< IPPROTO_IP, IP_TOS >
 	optionTos( tos );
-    socket_.set_option( optionTos );
+    socket().set_option( optionTos );
 	//_dbg1("Set ToS flag to " << tos);
 #endif
 	
 	boost::asio::ip::tcp::no_delay noDelayOption(false);
-	socket_.set_option(noDelayOption);
+	socket().set_option(noDelayOption);
 	
     return true;
 
@@ -210,7 +243,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
   template<class t_protocol_handler>
   boost::asio::io_service& connection<t_protocol_handler>::get_io_service()
   {
-    return socket_.get_io_service();
+    return GET_IO_SERVICE(socket());
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
@@ -222,9 +255,9 @@ PRAGMA_WARNING_DISABLE_VS(4355)
     auto self = safe_shared_from_this();
     if(!self)
       return false;
-    //_dbg3("[sock " << socket_.native_handle() << "] add_ref, m_peer_number=" << mI->m_peer_number);
+    //_dbg3("[sock " << socket().native_handle() << "] add_ref, m_peer_number=" << mI->m_peer_number);
     CRITICAL_REGION_LOCAL(self->m_self_refs_lock);
-    //_dbg3("[sock " << socket_.native_handle() << "] add_ref 2, m_peer_number=" << mI->m_peer_number);
+    //_dbg3("[sock " << socket().native_handle() << "] add_ref 2, m_peer_number=" << mI->m_peer_number);
     if(m_was_shutdown)
       return false;
     ++m_reference_count;
@@ -238,9 +271,9 @@ PRAGMA_WARNING_DISABLE_VS(4355)
   {
     TRY_ENTRY();
     boost::shared_ptr<connection<t_protocol_handler> >  back_connection_copy;
-    LOG_TRACE_CC(context, "[sock " << socket_.native_handle() << "] release");
+    LOG_TRACE_CC(context, "[sock " << socket().native_handle() << "] release");
     CRITICAL_REGION_BEGIN(m_self_refs_lock);
-    CHECK_AND_ASSERT_MES(m_reference_count, false, "[sock " << socket_.native_handle() << "] m_reference_count already at 0 at connection<t_protocol_handler>::release() call");
+    CHECK_AND_ASSERT_MES(m_reference_count, false, "[sock " << socket().native_handle() << "] m_reference_count already at 0 at connection<t_protocol_handler>::release() call");
     // is this the last reference?
     if (--m_reference_count == 0) {
         // move the held reference to a local variable, keeping the object alive until the function terminates
@@ -266,7 +299,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
     std::string address, port;
     boost::system::error_code e;
 
-    boost::asio::ip::tcp::endpoint endpoint = socket_.remote_endpoint(e);
+    boost::asio::ip::tcp::endpoint endpoint = socket().remote_endpoint(e);
     if (e)
     {
       address = "<not connected>";
@@ -278,8 +311,8 @@ PRAGMA_WARNING_DISABLE_VS(4355)
       port = boost::lexical_cast<std::string>(endpoint.port());
     }
     MDEBUG(" connection type " << to_string( m_connection_type ) << " "
-        << socket_.local_endpoint().address().to_string() << ":" << socket_.local_endpoint().port()
-        << " <--> " << address << ":" << port);
+        << socket().local_endpoint().address().to_string() << ":" << socket().local_endpoint().port()
+        << " <--> " << context.m_remote_address.str() << " (via " << address << ":" << port << ")");
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
@@ -287,7 +320,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
     std::size_t bytes_transferred)
   {
     TRY_ENTRY();
-    //_info("[sock " << socket_.native_handle() << "] Async read calledback.");
+    //_info("[sock " << socket().native_handle() << "] Async read calledback.");
     
     if (!e)
     {
@@ -295,6 +328,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 			CRITICAL_REGION_LOCAL(m_throttle_speed_in_mutex);
 			m_throttle_speed_in.handle_trafic_exact(bytes_transferred);
 			context.m_current_speed_down = m_throttle_speed_in.get_current_speed();
+			context.m_max_speed_down = std::max(context.m_max_speed_down, context.m_current_speed_down);
 		}
     
     {
@@ -322,7 +356,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 			} while(delay > 0);
 		} // any form of sleeping
 		
-      //_info("[sock " << socket_.native_handle() << "] RECV " << bytes_transferred);
+      //_info("[sock " << socket().native_handle() << "] RECV " << bytes_transferred);
       logger_handle_net_read(bytes_transferred);
       context.m_last_recv = time(NULL);
       context.m_recv_cnt += bytes_transferred;
@@ -330,7 +364,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
       bool recv_res = m_protocol_handler.handle_recv(buffer_.data(), bytes_transferred);
       if(!recv_res)
       {  
-        //_info("[sock " << socket_.native_handle() << "] protocol_want_close");
+        //_info("[sock " << socket().native_handle() << "] protocol_want_close");
 
         //some error in protocol, protocol handler ask to close connection
         boost::interprocess::ipcdetail::atomic_write32(&m_want_close_connection, 1);
@@ -344,24 +378,24 @@ PRAGMA_WARNING_DISABLE_VS(4355)
       }else
       {
         reset_timer(get_timeout_from_bytes_read(bytes_transferred), false);
-        socket_.async_read_some(boost::asio::buffer(buffer_),
+        async_read_some(boost::asio::buffer(buffer_),
           strand_.wrap(
             boost::bind(&connection<t_protocol_handler>::handle_read, connection<t_protocol_handler>::shared_from_this(),
               boost::asio::placeholders::error,
               boost::asio::placeholders::bytes_transferred)));
-        //_info("[sock " << socket_.native_handle() << "]Async read requested.");
+        //_info("[sock " << socket().native_handle() << "]Async read requested.");
       }
     }else
     {
-      _dbg3("[sock " << socket_.native_handle() << "] Some not success at read: " << e.message() << ':' << e.value());
+      _dbg3("[sock " << socket().native_handle() << "] Some not success at read: " << e.message() << ':' << e.value());
       if(e.value() != 2)
       {
-        _dbg3("[sock " << socket_.native_handle() << "] Some problems at read: " << e.message() << ':' << e.value());
+        _dbg3("[sock " << socket().native_handle() << "] Some problems at read: " << e.message() << ':' << e.value());
         shutdown();
       }
       else
       {
-        _dbg3("[sock " << socket_.native_handle() << "] peer closed connection");
+        _dbg3("[sock " << socket().native_handle() << "] peer closed connection");
         if (m_ready_to_close)
           shutdown();
       }
@@ -375,13 +409,85 @@ PRAGMA_WARNING_DISABLE_VS(4355)
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
+  void connection<t_protocol_handler>::handle_receive(const boost::system::error_code& e,
+    std::size_t bytes_transferred)
+  {
+    TRY_ENTRY();
+    if (e)
+    {
+      // offload the error case
+      handle_read(e, bytes_transferred);
+      return;
+    }
+
+    reset_timer(get_timeout_from_bytes_read(bytes_transferred), false);
+
+    buffer_ssl_init_fill += bytes_transferred;
+    if (buffer_ssl_init_fill <= get_ssl_magic_size())
+    {
+      socket().async_receive(boost::asio::buffer(buffer_.data() + buffer_ssl_init_fill, buffer_.size() - buffer_ssl_init_fill),
+        boost::asio::socket_base::message_peek,
+        strand_.wrap(
+          boost::bind(&connection<t_protocol_handler>::handle_receive, connection<t_protocol_handler>::shared_from_this(),
+            boost::asio::placeholders::error,
+            boost::asio::placeholders::bytes_transferred)));
+      return;
+    }
+
+    // detect SSL
+    if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
+    {
+      if (is_ssl((const unsigned char*)buffer_.data(), buffer_ssl_init_fill))
+      {
+        MDEBUG("That looks like SSL");
+        m_ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_enabled; // read/write to the SSL socket
+      }
+      else
+      {
+        MDEBUG("That does not look like SSL");
+        m_ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_disabled; // read/write to the raw socket
+      }
+    }
+
+    if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled)
+    {
+      // Handshake
+      if (!handshake(boost::asio::ssl::stream_base::server))
+      {
+        MERROR("SSL handshake failed");
+        boost::interprocess::ipcdetail::atomic_write32(&m_want_close_connection, 1);
+        bool do_shutdown = false;
+        CRITICAL_REGION_BEGIN(m_send_que_lock);
+        if(!m_send_que.size())
+          do_shutdown = true;
+        CRITICAL_REGION_END();
+        if(do_shutdown)
+          shutdown();
+        return;
+      }
+    }
+
+    async_read_some(boost::asio::buffer(buffer_),
+      strand_.wrap(
+        boost::bind(&connection<t_protocol_handler>::handle_read, connection<t_protocol_handler>::shared_from_this(),
+          boost::asio::placeholders::error,
+          boost::asio::placeholders::bytes_transferred)));
+
+    // If an error occurs then no new asynchronous operations are started. This
+    // means that all shared_ptr references to the connection object will
+    // disappear and the object will be destroyed automatically after this
+    // handler returns. The connection class's destructor closes the socket.
+    CATCH_ENTRY_L0("connection<t_protocol_handler>::handle_receive", void());
+  }
+  //---------------------------------------------------------------------------------
+  template<class t_protocol_handler>
   bool connection<t_protocol_handler>::call_run_once_service_io()
   {
     TRY_ENTRY();
     if(!m_is_multithreaded)
     {
       //single thread model, we can wait in blocked call
-      size_t cnt = socket_.get_io_service().run_one();
+      size_t cnt = GET_IO_SERVICE(socket()).run_one();
       if(!cnt)//service is going to quit
         return false;
     }else
@@ -391,7 +497,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
       //if no handlers were called
       //TODO: Maybe we need to have have critical section + event + callback to upper protocol to
       //ask it inside(!) critical region if we still able to go in event wait...
-      size_t cnt = socket_.get_io_service().poll_one();     
+      size_t cnt = GET_IO_SERVICE(socket()).poll_one();
       if(!cnt)
         misc_utils::sleep_no_w(1);
     }
@@ -497,9 +603,10 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 		CRITICAL_REGION_LOCAL(m_throttle_speed_out_mutex);
 		m_throttle_speed_out.handle_trafic_exact(cb);
 		context.m_current_speed_up = m_throttle_speed_out.get_current_speed();
+		context.m_max_speed_up = std::max(context.m_max_speed_up, context.m_current_speed_up);
 	}
 
-    //_info("[sock " << socket_.native_handle() << "] SEND " << cb);
+    //_info("[sock " << socket().native_handle() << "] SEND " << cb);
     context.m_last_send = time(NULL);
     context.m_send_cnt += cb;
     //some data should be wrote to stream
@@ -544,7 +651,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
         MDEBUG("do_send_chunk() NOW just queues: packet="<<size_now<<" B, is added to queue-size="<<m_send_que.size());
         //do_send_handler_delayed( ptr , size_now ); // (((H))) // empty function
       
-      LOG_TRACE_CC(context, "[sock " << socket_.native_handle() << "] Async send requested " << m_send_que.front().size());
+      LOG_TRACE_CC(context, "[sock " << socket().native_handle() << "] Async send requested " << m_send_que.front().size());
     }
     else
     { // no active operation
@@ -562,14 +669,14 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 
         CHECK_AND_ASSERT_MES( size_now == m_send_que.front().size(), false, "Unexpected queue size");
         reset_timer(get_default_timeout(), false);
-        boost::asio::async_write(socket_, boost::asio::buffer(m_send_que.front().data(), size_now ) ,
-                                 //strand_.wrap(
+            async_write(boost::asio::buffer(m_send_que.front().data(), size_now ) ,
+                                 strand_.wrap(
                                  boost::bind(&connection<t_protocol_handler>::handle_write, self, _1, _2)
-                                 //)
+                                 )
                                  );
         //_dbg3("(chunk): " << size_now);
         //logger_handle_net_write(size_now);
-        //_info("[sock " << socket_.native_handle() << "] Async send requested " << m_send_que.front().size());
+        //_info("[sock " << socket().native_handle() << "] Async send requested " << m_send_que.front().size());
     }
     
     //do_send_handler_stop( ptr , cb ); // empty function
@@ -654,7 +761,13 @@ PRAGMA_WARNING_DISABLE_VS(4355)
     // Initiate graceful connection closure.
     m_timer.cancel();
     boost::system::error_code ignored_ec;
-    socket_.shutdown(boost::asio::ip::tcp::socket::shutdown_both, ignored_ec);
+    if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled)
+    {
+      const shared_state &state = static_cast<const shared_state&>(get_state());
+      if (!state.stop_signal_sent)
+        socket_.shutdown(ignored_ec);
+    }
+    socket().shutdown(boost::asio::ip::tcp::socket::shutdown_both, ignored_ec);
     if (!m_host.empty())
     {
       try { host_count(m_host, -1); } catch (...) { /* ignore */ }
@@ -672,7 +785,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
     auto self = safe_shared_from_this();
     if(!self)
       return false;
-    //_info("[sock " << socket_.native_handle() << "] Que Shutdown called.");
+    //_info("[sock " << socket().native_handle() << "] Que Shutdown called.");
     m_timer.cancel();
     size_t send_que_size = 0;
     CRITICAL_REGION_BEGIN(m_send_que_lock);
@@ -707,11 +820,11 @@ PRAGMA_WARNING_DISABLE_VS(4355)
   void connection<t_protocol_handler>::handle_write(const boost::system::error_code& e, size_t cb)
   {
     TRY_ENTRY();
-    LOG_TRACE_CC(context, "[sock " << socket_.native_handle() << "] Async send calledback " << cb);
+    LOG_TRACE_CC(context, "[sock " << socket().native_handle() << "] Async send calledback " << cb);
 
     if (e)
     {
-      _dbg1("[sock " << socket_.native_handle() << "] Some problems at write: " << e.message() << ':' << e.value());
+      _dbg1("[sock " << socket().native_handle() << "] Some problems at write: " << e.message() << ':' << e.value());
       shutdown();
       return;
     }
@@ -726,7 +839,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
     CRITICAL_REGION_BEGIN(m_send_que_lock);
     if(m_send_que.empty())
     {
-      _erro("[sock " << socket_.native_handle() << "] m_send_que.size() == 0 at handle_write!");
+      _erro("[sock " << socket().native_handle() << "] m_send_que.size() == 0 at handle_write!");
       return;
     }
 
@@ -746,11 +859,11 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 		if (speed_limit_is_enabled())
 			do_send_handler_write_from_queue(e, m_send_que.front().size() , m_send_que.size()); // (((H)))
 		CHECK_AND_ASSERT_MES( size_now == m_send_que.front().size(), void(), "Unexpected queue size");
-		boost::asio::async_write(socket_, boost::asio::buffer(m_send_que.front().data(), size_now) , 
-        // strand_.wrap(
-          boost::bind(&connection<t_protocol_handler>::handle_write, connection<t_protocol_handler>::shared_from_this(), _1, _2)
-				// )
-        );
+		  async_write(boost::asio::buffer(m_send_que.front().data(), size_now) , 
+           strand_.wrap(
+            boost::bind(&connection<t_protocol_handler>::handle_write, connection<t_protocol_handler>::shared_from_this(), _1, _2)
+			  )
+          );
       //_dbg3("(normal)" << size_now);
     }
     CRITICAL_REGION_END();
@@ -782,12 +895,14 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 
   template<class t_protocol_handler>
   boosted_tcp_server<t_protocol_handler>::boosted_tcp_server( t_connection_type connection_type ) :
-    m_io_service_local_instance(new boost::asio::io_service()),
-    io_service_(*m_io_service_local_instance.get()),
+    m_state(boost::make_shared<typename connection<t_protocol_handler>::shared_state>()),
+    m_io_service_local_instance(new worker()),
+    io_service_(m_io_service_local_instance->io_service),
     acceptor_(io_service_),
+    default_remote(),
     m_stop_signal_sent(false), m_port(0), 
-	m_sock_count(0), m_sock_number(0), m_threads_count(0), 
-	m_pfilter(NULL), m_thread_index(0),
+    m_threads_count(0),
+    m_thread_index(0),
 		m_connection_type( connection_type ),
     new_connection_()
   {
@@ -797,11 +912,13 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 
   template<class t_protocol_handler>
   boosted_tcp_server<t_protocol_handler>::boosted_tcp_server(boost::asio::io_service& extarnal_io_service, t_connection_type connection_type) :
+    m_state(boost::make_shared<typename connection<t_protocol_handler>::shared_state>()),
     io_service_(extarnal_io_service),
     acceptor_(io_service_),
-    m_stop_signal_sent(false), m_port(0), 
-		m_sock_count(0), m_sock_number(0), m_threads_count(0), 
-		m_pfilter(NULL), m_thread_index(0),
+    default_remote(),
+    m_stop_signal_sent(false), m_port(0),
+    m_threads_count(0),
+    m_thread_index(0),
 		m_connection_type(connection_type),
     new_connection_()
   {
@@ -825,12 +942,14 @@ PRAGMA_WARNING_DISABLE_VS(4355)
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
-  bool boosted_tcp_server<t_protocol_handler>::init_server(uint32_t port, const std::string address)
+  bool boosted_tcp_server<t_protocol_handler>::init_server(uint32_t port, const std::string address, ssl_options_t ssl_options)
   {
     TRY_ENTRY();
     m_stop_signal_sent = false;
     m_port = port;
     m_address = address;
+    if (ssl_options)
+      m_state->configure_ssl(std::move(ssl_options));
     // Open the acceptor with the option to reuse the address (i.e. SO_REUSEADDR).
     boost::asio::ip::tcp::resolver resolver(io_service_);
     boost::asio::ip::tcp::resolver::query query(address, boost::lexical_cast<std::string>(port), boost::asio::ip::tcp::resolver::query::canonical_name);
@@ -842,7 +961,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
     boost::asio::ip::tcp::endpoint binded_endpoint = acceptor_.local_endpoint();
     m_port = binded_endpoint.port();
     MDEBUG("start accept");
-    new_connection_.reset(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, m_connection_type));
+    new_connection_.reset(new connection<t_protocol_handler>(io_service_, m_state, m_connection_type, m_state->ssl_options().support));
     acceptor_.async_accept(new_connection_->socket(),
       boost::bind(&boosted_tcp_server<t_protocol_handler>::handle_accept, this,
       boost::asio::placeholders::error));
@@ -864,7 +983,7 @@ PRAGMA_WARNING_DISABLE_VS(4355)
 PUSH_WARNINGS
 DISABLE_GCC_WARNING(maybe-uninitialized)
   template<class t_protocol_handler>
-  bool boosted_tcp_server<t_protocol_handler>::init_server(const std::string port, const std::string& address) 
+  bool boosted_tcp_server<t_protocol_handler>::init_server(const std::string port, const std::string& address, ssl_options_t ssl_options)
   {
     uint32_t p = 0;
 
@@ -872,7 +991,7 @@ DISABLE_GCC_WARNING(maybe-uninitialized)
       MERROR("Failed to convert port no = " << port);
       return false;
     }
-    return this->init_server(p, address);
+    return this->init_server(p, address, std::move(ssl_options));
   }
 POP_WARNINGS
   //---------------------------------------------------------------------------------
@@ -889,9 +1008,8 @@ POP_WARNINGS
     {
       try
       {
-        size_t cnt = io_service_.run();
-        if (cnt == 0)
-          misc_utils::sleep_no_w(1);
+        io_service_.run();
+        return true;
       }
       catch(const std::exception& ex)
       {
@@ -920,7 +1038,8 @@ POP_WARNINGS
   template<class t_protocol_handler>
   void boosted_tcp_server<t_protocol_handler>::set_connection_filter(i_connection_filter* pfilter)
   {
-    m_pfilter = pfilter;
+    assert(m_state != nullptr); // always set in constructor
+    m_state->pfilter = pfilter;
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
@@ -1015,6 +1134,8 @@ POP_WARNINGS
   void boosted_tcp_server<t_protocol_handler>::send_stop_signal()
   {
     m_stop_signal_sent = true;
+    typename connection<t_protocol_handler>::shared_state *state = static_cast<typename connection<t_protocol_handler>::shared_state*>(m_state.get());
+    state->stop_signal_sent = true;
     TRY_ENTRY();
     connections_mutex.lock();
     for (auto &c: connections_)
@@ -1028,12 +1149,6 @@ POP_WARNINGS
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
-  bool boosted_tcp_server<t_protocol_handler>::is_stop_signal_sent()
-  {
-    return m_stop_signal_sent;
-  }
-  //---------------------------------------------------------------------------------
-  template<class t_protocol_handler>
   void boosted_tcp_server<t_protocol_handler>::handle_accept(const boost::system::error_code& e)
   {
     MDEBUG("handle_accept");
@@ -1042,11 +1157,18 @@ POP_WARNINGS
     if (!e)
     {
 		if (m_connection_type == e_connection_type_RPC) {
-			MDEBUG("New server for RPC connections");
+			const char *ssl_message = "unknown";
+			switch (new_connection_->get_ssl_support())
+			{
+				case epee::net_utils::ssl_support_t::e_ssl_support_disabled: ssl_message = "disabled"; break;
+				case epee::net_utils::ssl_support_t::e_ssl_support_enabled: ssl_message = "enabled"; break;
+				case epee::net_utils::ssl_support_t::e_ssl_support_autodetect: ssl_message = "autodetection"; break;
+			}
+			MDEBUG("New server for RPC connections, SSL " << ssl_message);
 			new_connection_->setRpcStation(); // hopefully this is not needed actually
 		}
 		connection_ptr conn(std::move(new_connection_));
-      new_connection_.reset(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, m_connection_type));
+      new_connection_.reset(new connection<t_protocol_handler>(io_service_, m_state, m_connection_type, conn->get_ssl_support()));
       acceptor_.async_accept(new_connection_->socket(),
         boost::bind(&boosted_tcp_server<t_protocol_handler>::handle_accept, this,
         boost::asio::placeholders::error));
@@ -1054,7 +1176,16 @@ POP_WARNINGS
       boost::asio::socket_base::keep_alive opt(true);
       conn->socket().set_option(opt);
 
-      conn->start(true, 1 < m_threads_count);
+      bool res;
+      if (default_remote.get_type_id() == net_utils::address_type::invalid)
+        res = conn->start(true, 1 < m_threads_count);
+      else
+        res = conn->start(true, 1 < m_threads_count, default_remote);
+      if (!res)
+      {
+        conn->cancel();
+        return;
+      }
       conn->save_dbg_log();
       return;
     }
@@ -1069,43 +1200,40 @@ POP_WARNINGS
     }
 
     // error path, if e or exception
-    _erro("Some problems at accept: " << e.message() << ", connections_count = " << m_sock_count);
+    assert(m_state != nullptr); // always set in constructor
+    _erro("Some problems at accept: " << e.message() << ", connections_count = " << m_state->sock_count);
     misc_utils::sleep_no_w(100);
-    new_connection_.reset(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, m_connection_type));
+    new_connection_.reset(new connection<t_protocol_handler>(io_service_, m_state, m_connection_type, new_connection_->get_ssl_support()));
     acceptor_.async_accept(new_connection_->socket(),
       boost::bind(&boosted_tcp_server<t_protocol_handler>::handle_accept, this,
       boost::asio::placeholders::error));
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler>
-  bool boosted_tcp_server<t_protocol_handler>::connect(const std::string& adr, const std::string& port, uint32_t conn_timeout, t_connection_context& conn_context, const std::string& bind_ip)
+  bool boosted_tcp_server<t_protocol_handler>::add_connection(t_connection_context& out, boost::asio::ip::tcp::socket&& sock, network_address real_remote, epee::net_utils::ssl_support_t ssl_support)
+  {
+    if(std::addressof(get_io_service()) == std::addressof(GET_IO_SERVICE(sock)))
+    {
+      connection_ptr conn(new connection<t_protocol_handler>(std::move(sock), m_state, m_connection_type, ssl_support));
+      if(conn->start(false, 1 < m_threads_count, std::move(real_remote)))
+      {
+        conn->get_context(out);
+        conn->save_dbg_log();
+        return true;
+      }
+    }
+    else
+    {
+	MWARNING(out << " was not added, socket/io_service mismatch");
+    }
+    return false;
+  }
+  //---------------------------------------------------------------------------------
+  template<class t_protocol_handler>
+  typename boosted_tcp_server<t_protocol_handler>::try_connect_result_t boosted_tcp_server<t_protocol_handler>::try_connect(connection_ptr new_connection_l, const std::string& adr, const std::string& port, boost::asio::ip::tcp::socket &sock_, const boost::asio::ip::tcp::endpoint &remote_endpoint, const std::string &bind_ip, uint32_t conn_timeout, epee::net_utils::ssl_support_t ssl_support)
   {
     TRY_ENTRY();
 
-    connection_ptr new_connection_l(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, m_connection_type) );
-    connections_mutex.lock();
-    connections_.insert(new_connection_l);
-    MDEBUG("connections_ size now " << connections_.size());
-    connections_mutex.unlock();
-    epee::misc_utils::auto_scope_leave_caller scope_exit_handler = epee::misc_utils::create_scope_leave_handler([&](){ CRITICAL_REGION_LOCAL(connections_mutex); connections_.erase(new_connection_l); });
-    boost::asio::ip::tcp::socket&  sock_ = new_connection_l->socket();
-    
-    //////////////////////////////////////////////////////////////////////////
-    boost::asio::ip::tcp::resolver resolver(io_service_);
-    boost::asio::ip::tcp::resolver::query query(boost::asio::ip::tcp::v4(), adr, port, boost::asio::ip::tcp::resolver::query::canonical_name);
-    boost::asio::ip::tcp::resolver::iterator iterator = resolver.resolve(query);
-    boost::asio::ip::tcp::resolver::iterator end;
-    if(iterator == end)
-    {
-      _erro("Failed to resolve " << adr);
-      return false;
-    }
-    //////////////////////////////////////////////////////////////////////////
-
-
-    //boost::asio::ip::tcp::endpoint remote_endpoint(boost::asio::ip::address::from_string(addr.c_str()), port);
-    boost::asio::ip::tcp::endpoint remote_endpoint(*iterator);
-     
     sock_.open(remote_endpoint.protocol());
     if(bind_ip != "0.0.0.0" && bind_ip != "0" && bind_ip != "" )
     {
@@ -1117,7 +1245,7 @@ POP_WARNINGS
         MERROR("Error binding to " << bind_ip << ": " << ec.message());
         if (sock_.is_open())
           sock_.close();
-        return false;
+        return CONNECT_FAILURE;
       }
     }
 
@@ -1151,14 +1279,14 @@ POP_WARNINGS
       {
         if (sock_.is_open())
           sock_.close();
-        return false;
+        return CONNECT_FAILURE;
       }
       if(local_shared_context->ec == boost::asio::error::would_block && !r)
       {
         //timeout
         sock_.close();
         _dbg3("Failed to connect to " << adr << ":" << port << ", because of timeout (" << conn_timeout << ")");
-        return false;
+        return CONNECT_FAILURE;
       }
     }
     ec = local_shared_context->ec;
@@ -1168,11 +1296,79 @@ POP_WARNINGS
       _dbg3("Some problems at connect, message: " << ec.message());
       if (sock_.is_open())
         sock_.close();
-      return false;
+      return CONNECT_FAILURE;
     }
 
     _dbg3("Connected success to " << adr << ':' << port);
 
+    const ssl_support_t ssl_support = new_connection_l->get_ssl_support();
+    if (ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled || ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
+    {
+      // Handshake
+      MDEBUG("Handshaking SSL...");
+      if (!new_connection_l->handshake(boost::asio::ssl::stream_base::client))
+      {
+        if (ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
+        {
+          boost::system::error_code ignored_ec;
+          sock_.shutdown(boost::asio::ip::tcp::socket::shutdown_both, ignored_ec);
+          sock_.close();
+          return CONNECT_NO_SSL;
+        }
+        MERROR("SSL handshake failed");
+        if (sock_.is_open())
+          sock_.close();
+        return CONNECT_FAILURE;
+      }
+    }
+
+    return CONNECT_SUCCESS;
+
+    CATCH_ENTRY_L0("boosted_tcp_server<t_protocol_handler>::try_connect", CONNECT_FAILURE);
+  }
+  //---------------------------------------------------------------------------------
+  template<class t_protocol_handler>
+  bool boosted_tcp_server<t_protocol_handler>::connect(const std::string& adr, const std::string& port, uint32_t conn_timeout, t_connection_context& conn_context, const std::string& bind_ip, epee::net_utils::ssl_support_t ssl_support)
+  {
+    TRY_ENTRY();
+
+    connection_ptr new_connection_l(new connection<t_protocol_handler>(io_service_, m_state, m_connection_type, ssl_support) );
+    connections_mutex.lock();
+    connections_.insert(new_connection_l);
+    MDEBUG("connections_ size now " << connections_.size());
+    connections_mutex.unlock();
+    epee::misc_utils::auto_scope_leave_caller scope_exit_handler = epee::misc_utils::create_scope_leave_handler([&](){ CRITICAL_REGION_LOCAL(connections_mutex); connections_.erase(new_connection_l); });
+    boost::asio::ip::tcp::socket&  sock_ = new_connection_l->socket();
+
+    //////////////////////////////////////////////////////////////////////////
+    boost::asio::ip::tcp::resolver resolver(io_service_);
+    boost::asio::ip::tcp::resolver::query query(boost::asio::ip::tcp::v4(), adr, port, boost::asio::ip::tcp::resolver::query::canonical_name);
+    boost::asio::ip::tcp::resolver::iterator iterator = resolver.resolve(query);
+    boost::asio::ip::tcp::resolver::iterator end;
+    if(iterator == end)
+    {
+      _erro("Failed to resolve " << adr);
+      return false;
+    }
+    //////////////////////////////////////////////////////////////////////////
+
+
+    //boost::asio::ip::tcp::endpoint remote_endpoint(boost::asio::ip::address::from_string(addr.c_str()), port);
+    boost::asio::ip::tcp::endpoint remote_endpoint(*iterator);
+
+    auto try_connect_result = try_connect(new_connection_l, adr, port, sock_, remote_endpoint, bind_ip, conn_timeout, ssl_support);
+    if (try_connect_result == CONNECT_FAILURE)
+      return false;
+    if (ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect && try_connect_result == CONNECT_NO_SSL)
+    {
+      // we connected, but could not connect with SSL, try without
+      MERROR("SSL handshake failed on an autodetect connection, reconnecting without SSL");
+      new_connection_l->disable_ssl();
+      try_connect_result = try_connect(new_connection_l, adr, port, sock_, remote_endpoint, bind_ip, conn_timeout, epee::net_utils::ssl_support_t::e_ssl_support_disabled);
+      if (try_connect_result != CONNECT_SUCCESS)
+        return false;
+    }
+
     // start adds the connection to the config object's list, so we don't need to have it locally anymore
     connections_mutex.lock();
     connections_.erase(new_connection_l);
@@ -1185,7 +1381,8 @@ POP_WARNINGS
     }
     else
     {
-      _erro("[sock " << new_connection_l->socket().native_handle() << "] Failed to start connection, connections_count = " << m_sock_count);
+      assert(m_state != nullptr); // always set in constructor
+      _erro("[sock " << new_connection_l->socket().native_handle() << "] Failed to start connection, connections_count = " << m_state->sock_count);
     }
     
 	new_connection_l->save_dbg_log();
@@ -1196,10 +1393,10 @@ POP_WARNINGS
   }
   //---------------------------------------------------------------------------------
   template<class t_protocol_handler> template<class t_callback>
-  bool boosted_tcp_server<t_protocol_handler>::connect_async(const std::string& adr, const std::string& port, uint32_t conn_timeout, const t_callback &cb, const std::string& bind_ip)
+  bool boosted_tcp_server<t_protocol_handler>::connect_async(const std::string& adr, const std::string& port, uint32_t conn_timeout, const t_callback &cb, const std::string& bind_ip, epee::net_utils::ssl_support_t ssl_support)
   {
     TRY_ENTRY();    
-    connection_ptr new_connection_l(new connection<t_protocol_handler>(io_service_, m_config, m_sock_count, m_sock_number, m_pfilter, m_connection_type) );
+    connection_ptr new_connection_l(new connection<t_protocol_handler>(io_service_, m_state, m_connection_type, ssl_support) );
     connections_mutex.lock();
     connections_.insert(new_connection_l);
     MDEBUG("connections_ size now " << connections_.size());

contrib/epee/include/net/buffer.h

@@ -0,0 +1,62 @@
+// Copyright (c) 2018, The Monero Project
+// 
+// All rights reserved.
+// 
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+// 
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+// 
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+// 
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+// 
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+
+#include <vector>
+#include "misc_log_ex.h"
+#include "span.h"
+
+#undef MONERO_DEFAULT_LOG_CATEGORY
+#define MONERO_DEFAULT_LOG_CATEGORY "net.buffer"
+
+//#define NET_BUFFER_LOG(x) MDEBUG(x)
+#define NET_BUFFER_LOG(x) ((void)0)
+
+namespace epee
+{
+namespace net_utils
+{
+class buffer
+{
+public:
+  buffer(size_t reserve = 0): offset(0) { storage.reserve(reserve); }
+
+  void append(const void *data, size_t sz);
+  void erase(size_t sz) { NET_BUFFER_LOG("erasing " << sz << "/" << size()); CHECK_AND_ASSERT_THROW_MES(offset + sz <= storage.size(), "erase: sz too large"); offset += sz; if (offset == storage.size()) { storage.resize(0); offset = 0; } }
+  epee::span<const uint8_t> span(size_t sz) const { CHECK_AND_ASSERT_THROW_MES(sz <= size(), "span is too large"); return epee::span<const uint8_t>(storage.data() + offset, sz); }
+  // carve must keep the data in scope till next call, other API calls (such as append, erase) can invalidate the carved buffer
+  epee::span<const uint8_t> carve(size_t sz) { CHECK_AND_ASSERT_THROW_MES(sz <= size(), "span is too large"); offset += sz; return epee::span<const uint8_t>(storage.data() + offset - sz, sz); }
+  size_t size() const { return storage.size() - offset; }
+
+private:
+  std::vector<uint8_t> storage;
+  size_t offset;
+};
+}
+}

contrib/epee/include/net/connection_basic.hpp

@@ -8,7 +8,7 @@
 // ! (how ever if in some wonderful juristdictions that is not the case, then why not make another sub-class withat that members and licence it as epee part)
 // ! Working on above premise, IF this is valid in your juristdictions, then consider this code as released as:
 
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 // 
 // All rights reserved.
 // 
@@ -47,8 +47,10 @@
 #include <memory>
 
 #include <boost/asio.hpp>
+#include <boost/asio/ssl.hpp>
 
 #include "net/net_utils_base.h"
+#include "net/net_ssl.h"
 #include "syncobj.h"
 
 namespace epee
@@ -56,6 +58,30 @@ namespace epee
 namespace net_utils
 {
 
+	class connection_basic_shared_state
+	{
+		ssl_options_t ssl_options_;
+	public:
+		boost::asio::ssl::context ssl_context;
+		std::atomic<long> sock_count;
+		std::atomic<long> sock_number;
+
+		connection_basic_shared_state()
+		  : ssl_options_(ssl_support_t::e_ssl_support_disabled),
+		    ssl_context(boost::asio::ssl::context::tlsv12),
+		    sock_count(0),
+		    sock_number(0)
+		{}
+
+		void configure_ssl(ssl_options_t src)
+		{
+			ssl_options_ = std::move(src);
+			ssl_context = ssl_options_.create_context();
+		}
+
+		const ssl_options_t& ssl_options() const noexcept { return ssl_options_; }
+	};
+
   /************************************************************************/
   /*                                                                      */
   /************************************************************************/
@@ -72,7 +98,10 @@ class connection_basic_pimpl; // PIMPL for this class
   std::string to_string(t_connection_type type);
 
 class connection_basic { // not-templated base class for rapid developmet of some code parts
+		// beware of removing const, net_utils::connection is sketchily doing a cast to prevent storing ptr twice
+		const boost::shared_ptr<connection_basic_shared_state> m_state;
 	public:
+
 		std::unique_ptr< connection_basic_pimpl > mI; // my Implementation
 
 		// moved here from orginal connecton<> - common member variables that do not depend on template in connection<>
@@ -84,15 +113,57 @@ class connection_basic { // not-templated base class for rapid developmet of som
     /// Strand to ensure the connection's handlers are not called concurrently.
     boost::asio::io_service::strand strand_;
     /// Socket for the connection.
-    boost::asio::ip::tcp::socket socket_;
+    boost::asio::ssl::stream<boost::asio::ip::tcp::socket> socket_;
+    ssl_support_t m_ssl_support;
 
-		std::atomic<long> &m_ref_sock_count; // reference to external counter of existing sockets that we will ++/--
 	public:
 		// first counter is the ++/-- count of current sockets, the other socket_number is only-increasing ++ number generator
-		connection_basic(boost::asio::io_service& io_service, std::atomic<long> &ref_sock_count, std::atomic<long> &sock_number);
+		connection_basic(boost::asio::ip::tcp::socket&& socket, boost::shared_ptr<connection_basic_shared_state> state, ssl_support_t ssl_support);
+		connection_basic(boost::asio::io_service &io_service, boost::shared_ptr<connection_basic_shared_state> state, ssl_support_t ssl_support);
 
 		virtual ~connection_basic() noexcept(false);
 
+                //! \return `shared_state` object passed in construction (ptr never changes).
+		connection_basic_shared_state& get_state() noexcept { return *m_state; /* verified in constructor */ }
+		connection_basic(boost::asio::io_service& io_service, std::atomic<long> &ref_sock_count, std::atomic<long> &sock_number, ssl_support_t ssl);
+
+		boost::asio::ip::tcp::socket& socket() { return socket_.next_layer(); }
+		ssl_support_t get_ssl_support() const { return m_ssl_support; }
+		void disable_ssl() { m_ssl_support = epee::net_utils::ssl_support_t::e_ssl_support_disabled; }
+
+		bool handshake(boost::asio::ssl::stream_base::handshake_type type)
+		{
+			//m_state != nullptr verified in constructor
+			return m_state->ssl_options().handshake(socket_, type);
+		}
+
+		template<typename MutableBufferSequence, typename ReadHandler>
+		void async_read_some(const MutableBufferSequence &buffers, ReadHandler &&handler)
+		{
+			if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled)
+				socket_.async_read_some(buffers, std::forward<ReadHandler>(handler));
+			else
+				socket().async_read_some(buffers, std::forward<ReadHandler>(handler));
+		}
+
+		template<typename ConstBufferSequence, typename WriteHandler>
+		void async_write_some(const ConstBufferSequence &buffers, WriteHandler &&handler)
+		{
+			if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled)
+				socket_.async_write_some(buffers, std::forward<WriteHandler>(handler));
+			else
+				socket().async_write_some(buffers, std::forward<WriteHandler>(handler));
+		}
+
+		template<typename ConstBufferSequence, typename WriteHandler>
+		void async_write(const ConstBufferSequence &buffers, WriteHandler &&handler)
+		{
+			if (m_ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled)
+				boost::asio::async_write(socket_, buffers, std::forward<WriteHandler>(handler));
+			else
+				boost::asio::async_write(socket(), buffers, std::forward<WriteHandler>(handler));
+		}
+
 		// various handlers to be called from connection class:
 		void do_send_handler_write(const void * ptr , size_t cb);
 		void do_send_handler_write_from_queue(const boost::system::error_code& e, size_t cb , int q_len); // from handle_write, sending next part

contrib/epee/include/net/enums.h

@@ -0,0 +1,65 @@
+// Copyright (c) 2018, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+
+#include <boost/utility/string_ref.hpp>
+#include <cstdint>
+
+namespace epee
+{
+namespace net_utils
+{
+	enum class address_type : std::uint8_t
+	{
+		// Do not change values, this will break serialization
+		invalid = 0,
+		ipv4 = 1,
+		ipv6 = 2,
+		i2p = 3,
+		tor = 4
+	};
+
+	enum class zone : std::uint8_t
+	{
+		invalid = 0,
+		public_ = 1, // public is keyword
+		i2p = 2,
+		tor = 3
+	};
+
+	// implementations in src/net_utils_base.cpp
+
+	//! \return String name of zone or "invalid" on error.
+	const char* zone_to_string(zone value) noexcept;
+
+	//! \return `zone` enum of `value` or `zone::invalid` on error.
+	zone zone_from_string(boost::string_ref value) noexcept;
+} // net_utils
+} // epee
+

contrib/epee/include/net/http_auth.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 //
 // All rights reserved.
 //

contrib/epee/include/net/http_client.h

@@ -274,8 +274,8 @@ namespace net_utils
 			reciev_machine_state m_state;
 			chunked_state m_chunked_state;
 			std::string m_chunked_cache;
+			bool m_auto_connect;
 			critical_section m_lock;
-			bool m_ssl;
 
 		public:
 			explicit http_simple_client_template()
@@ -292,36 +292,48 @@ namespace net_utils
 				, m_state()
 				, m_chunked_state()
 				, m_chunked_cache()
+				, m_auto_connect(true)
 				, m_lock()
-				, m_ssl(false)
 			{}
 
 			const std::string &get_host() const { return m_host_buff; };
 			const std::string &get_port() const { return m_port; };
 
-			bool set_server(const std::string& address, boost::optional<login> user, bool ssl = false)
+			bool set_server(const std::string& address, boost::optional<login> user, ssl_options_t ssl_options = ssl_support_t::e_ssl_support_autodetect)
 			{
 				http::url_content parsed{};
 				const bool r = parse_url(address, parsed);
 				CHECK_AND_ASSERT_MES(r, false, "failed to parse url: " << address);
-				set_server(std::move(parsed.host), std::to_string(parsed.port), std::move(user), ssl);
+				set_server(std::move(parsed.host), std::to_string(parsed.port), std::move(user), std::move(ssl_options));
 				return true;
 			}
 
-			void set_server(std::string host, std::string port, boost::optional<login> user, bool ssl = false)
+			void set_server(std::string host, std::string port, boost::optional<login> user, ssl_options_t ssl_options = ssl_support_t::e_ssl_support_autodetect)
 			{
 				CRITICAL_REGION_LOCAL(m_lock);
 				disconnect();
 				m_host_buff = std::move(host);
 				m_port = std::move(port);
                                 m_auth = user ? http_client_auth{std::move(*user)} : http_client_auth{};
-				m_ssl = ssl;
+				m_net_client.set_ssl(std::move(ssl_options));
+			}
+
+			void set_auto_connect(bool auto_connect)
+			{
+				m_auto_connect = auto_connect;
+			}
+
+			template<typename F>
+			void set_connector(F connector)
+			{
+				CRITICAL_REGION_LOCAL(m_lock);
+				m_net_client.set_connector(std::move(connector));
 			}
 
       bool connect(std::chrono::milliseconds timeout)
       {
         CRITICAL_REGION_LOCAL(m_lock);
-        return m_net_client.connect(m_host_buff, m_port, timeout, m_ssl);
+        return m_net_client.connect(m_host_buff, m_port, timeout);
       }
 			//---------------------------------------------------------------------------
 			bool disconnect()
@@ -330,10 +342,10 @@ namespace net_utils
 				return m_net_client.disconnect();
 			}
 			//---------------------------------------------------------------------------
-			bool is_connected()
+			bool is_connected(bool *ssl = NULL)
 			{
 				CRITICAL_REGION_LOCAL(m_lock);
-				return m_net_client.is_connected();
+				return m_net_client.is_connected(ssl);
 			}
 			//---------------------------------------------------------------------------
 			virtual bool handle_target_data(std::string& piece_of_transfer)
@@ -362,6 +374,11 @@ namespace net_utils
 				CRITICAL_REGION_LOCAL(m_lock);
 				if(!is_connected())
 				{
+					if (!m_auto_connect)
+					{
+						MWARNING("Auto connect attempt to " << m_host_buff << ":" << m_port << " disabled");
+						return false;
+					}
 					MDEBUG("Reconnecting...");
 					if(!connect(timeout))
 					{
@@ -439,6 +456,16 @@ namespace net_utils
 				return handle_reciev(timeout);
 			}
 			//---------------------------------------------------------------------------
+			uint64_t get_bytes_sent() const
+			{
+				return m_net_client.get_bytes_sent();
+			}
+			//---------------------------------------------------------------------------
+			uint64_t get_bytes_received() const
+			{
+				return m_net_client.get_bytes_received();
+			}
+			//---------------------------------------------------------------------------
 		private: 
 			//---------------------------------------------------------------------------
 			inline bool handle_reciev(std::chrono::milliseconds timeout)
@@ -825,21 +852,21 @@ namespace net_utils
 				const char *ptr = m_header_cache.c_str();
 				CHECK_AND_ASSERT_MES(!memcmp(ptr, "HTTP/", 5), false, "Invalid first response line: " + m_header_cache);
 				ptr += 5;
-				CHECK_AND_ASSERT_MES(isdigit(*ptr), false, "Invalid first response line: " + m_header_cache);
+				CHECK_AND_ASSERT_MES(epee::misc_utils::parse::isdigit(*ptr), false, "Invalid first response line: " + m_header_cache);
 				unsigned long ul;
 				char *end;
 				ul = strtoul(ptr, &end, 10);
 				CHECK_AND_ASSERT_MES(ul <= INT_MAX && *end =='.', false, "Invalid first response line: " + m_header_cache);
 				m_response_info.m_http_ver_hi = ul;
 				ptr = end + 1;
-				CHECK_AND_ASSERT_MES(isdigit(*ptr), false, "Invalid first response line: " + m_header_cache + ", ptr: " << ptr);
+				CHECK_AND_ASSERT_MES(epee::misc_utils::parse::isdigit(*ptr), false, "Invalid first response line: " + m_header_cache + ", ptr: " << ptr);
 				ul = strtoul(ptr, &end, 10);
 				CHECK_AND_ASSERT_MES(ul <= INT_MAX && isblank(*end), false, "Invalid first response line: " + m_header_cache + ", ptr: " << ptr);
 				m_response_info.m_http_ver_lo = ul;
 				ptr = end + 1;
 				while (isblank(*ptr))
 					++ptr;
-				CHECK_AND_ASSERT_MES(isdigit(*ptr), false, "Invalid first response line: " + m_header_cache);
+				CHECK_AND_ASSERT_MES(epee::misc_utils::parse::isdigit(*ptr), false, "Invalid first response line: " + m_header_cache);
 				ul = strtoul(ptr, &end, 10);
 				CHECK_AND_ASSERT_MES(ul >= 100 && ul <= 999 && isspace(*end), false, "Invalid first response line: " + m_header_cache);
 				m_response_info.m_response_code = ul;

contrib/epee/include/net/http_protocol_handler.inl

@@ -677,7 +677,7 @@ namespace net_utils
 
 		//add additional fields, if it is
 		for(fields_list::const_iterator it = response.m_additional_fields.begin(); it!=response.m_additional_fields.end(); it++)
-			buf += it->first + ":" + it->second + "\r\n";
+			buf += it->first + ": " + it->second + "\r\n";
 
 		buf+="\r\n";
 

contrib/epee/include/net/http_server_handlers_map2.h

@@ -54,7 +54,7 @@
   bool handled = false; \
   if(false) return true; //just a stub to have "else if"
 
-#define MAP_URI2(pattern, callback)  else if(std::string::npos != query_info.m_URI.find(pattern)) return callback(query_info, response_info, m_conn_context);
+#define MAP_URI2(pattern, callback)  else if(std::string::npos != query_info.m_URI.find(pattern)) return callback(query_info, response_info, &m_conn_context);
 
 #define MAP_URI_AUTO_XML2(s_pattern, callback_f, command_type) //TODO: don't think i ever again will use xml - ambiguous and "overtagged" format
 
@@ -69,7 +69,7 @@
       uint64_t ticks1 = epee::misc_utils::get_tick_count(); \
       boost::value_initialized<command_type::response> resp;\
       MINFO(m_conn_context << "calling " << s_pattern); \
-      if(!callback_f(static_cast<command_type::request&>(req), static_cast<command_type::response&>(resp))) \
+      if(!callback_f(static_cast<command_type::request&>(req), static_cast<command_type::response&>(resp), &m_conn_context)) \
       { \
         LOG_ERROR("Failed to " << #callback_f << "()"); \
         response_info.m_response_code = 500; \
@@ -92,12 +92,12 @@
       handled = true; \
       uint64_t ticks = misc_utils::get_tick_count(); \
       boost::value_initialized<command_type::request> req; \
-      bool parse_res = epee::serialization::load_t_from_binary(static_cast<command_type::request&>(req), query_info.m_body); \
+      bool parse_res = epee::serialization::load_t_from_binary(static_cast<command_type::request&>(req), epee::strspan<uint8_t>(query_info.m_body)); \
       CHECK_AND_ASSERT_MES(parse_res, false, "Failed to parse bin body data, body size=" << query_info.m_body.size()); \
       uint64_t ticks1 = misc_utils::get_tick_count(); \
       boost::value_initialized<command_type::response> resp;\
       MINFO(m_conn_context << "calling " << s_pattern); \
-      if(!callback_f(static_cast<command_type::request&>(req), static_cast<command_type::response&>(resp))) \
+      if(!callback_f(static_cast<command_type::request&>(req), static_cast<command_type::response&>(resp), &m_conn_context)) \
       { \
         LOG_ERROR("Failed to " << #callback_f << "()"); \
         response_info.m_response_code = 500; \
@@ -182,7 +182,7 @@
   fail_resp.jsonrpc = "2.0"; \
   fail_resp.id = req.id; \
   MINFO(m_conn_context << "Calling RPC method " << method_name); \
-  if(!callback_f(req.params, resp.result, fail_resp.error)) \
+  if(!callback_f(req.params, resp.result, fail_resp.error, &m_conn_context)) \
   { \
     epee::serialization::store_t_to_json(static_cast<epee::json_rpc::error_response&>(fail_resp), response_info.m_body); \
     return true; \
@@ -201,7 +201,7 @@
   fail_resp.jsonrpc = "2.0"; \
   fail_resp.id = req.id; \
   MINFO(m_conn_context << "calling RPC method " << method_name); \
-  if(!callback_f(req.params, resp.result, fail_resp.error, m_conn_context, response_info)) \
+  if(!callback_f(req.params, resp.result, fail_resp.error, response_info, &m_conn_context)) \
   { \
     epee::serialization::store_t_to_json(static_cast<epee::json_rpc::error_response&>(fail_resp), response_info.m_body); \
     return true; \
@@ -215,7 +215,7 @@
 { \
   PREPARE_OBJECTS_FROM_JSON(command_type) \
   MINFO(m_conn_context << "calling RPC method " << method_name); \
-  if(!callback_f(req.params, resp.result)) \
+  if(!callback_f(req.params, resp.result, &m_conn_context)) \
   { \
     epee::json_rpc::error_response fail_resp = AUTO_VAL_INIT(fail_resp); \
     fail_resp.jsonrpc = "2.0"; \

contrib/epee/include/net/http_server_impl_base.h

@@ -58,7 +58,8 @@ namespace epee
 
     bool init(std::function<void(size_t, uint8_t*)> rng, const std::string& bind_port = "0", const std::string& bind_ip = "0.0.0.0",
       std::vector<std::string> access_control_origins = std::vector<std::string>(),
-      boost::optional<net_utils::http::login> user = boost::none)
+      boost::optional<net_utils::http::login> user = boost::none,
+      net_utils::ssl_options_t ssl_options = net_utils::ssl_support_t::e_ssl_support_autodetect)
     {
 
       //set self as callback handler
@@ -75,7 +76,7 @@ namespace epee
       m_net_server.get_config_object().m_user = std::move(user);
 
       MGINFO("Binding on " << bind_ip << ":" << bind_port);
-      bool res = m_net_server.init_server(bind_port, bind_ip);
+      bool res = m_net_server.init_server(bind_port, bind_ip, std::move(ssl_options));
       if(!res)
       {
         LOG_ERROR("Failed to bind server");

contrib/epee/include/net/jsonrpc_structs.h

@@ -18,6 +18,8 @@ namespace epee
       epee::serialization::storage_entry id;
       t_param     params;
 
+      request(): id{}, params{} {}
+
       BEGIN_KV_SERIALIZE_MAP()
         KV_SERIALIZE(jsonrpc)
         KV_SERIALIZE(id)
@@ -30,6 +32,9 @@ namespace epee
     {
       int64_t code;
       std::string message;
+
+      error(): code(0) {}
+
       BEGIN_KV_SERIALIZE_MAP()
         KV_SERIALIZE(code)
         KV_SERIALIZE(message)
@@ -55,6 +60,9 @@ namespace epee
       t_param     result;
       epee::serialization::storage_entry id;
       t_error     error;
+
+      response(): result{}, id(), error{} {}
+
       BEGIN_KV_SERIALIZE_MAP()
         KV_SERIALIZE(jsonrpc)
         KV_SERIALIZE(id)
@@ -69,6 +77,9 @@ namespace epee
       std::string jsonrpc;
       t_param     result;
       epee::serialization::storage_entry id;
+
+      response(): result{}, id{} {}
+
       BEGIN_KV_SERIALIZE_MAP()
         KV_SERIALIZE(jsonrpc)
         KV_SERIALIZE(id)
@@ -82,6 +93,9 @@ namespace epee
       std::string jsonrpc;
       t_error     error;
       epee::serialization::storage_entry id;
+
+      response(): error{}, id{} {}
+
       BEGIN_KV_SERIALIZE_MAP()
         KV_SERIALIZE(jsonrpc)
         KV_SERIALIZE(id)

contrib/epee/include/net/levin_base.h

@@ -80,8 +80,8 @@ namespace levin
   template<class t_connection_context = net_utils::connection_context_base>
   struct levin_commands_handler
   {
-    virtual int invoke(int command, const std::string& in_buff, std::string& buff_out, t_connection_context& context)=0;
-    virtual int notify(int command, const std::string& in_buff, t_connection_context& context)=0;
+    virtual int invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out, t_connection_context& context)=0;
+    virtual int notify(int command, const epee::span<const uint8_t> in_buff, t_connection_context& context)=0;
     virtual void callback(t_connection_context& context){};
 
     virtual void on_connection_new(t_connection_context& context){};

contrib/epee/include/net/levin_client.h

@@ -57,7 +57,7 @@ namespace levin
 		bool is_connected();
 		bool disconnect();
 
-		virtual int invoke(int command, const std::string& in_buff, std::string& buff_out);
+		virtual int invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out);
 		virtual int notify(int command, const std::string& in_buff);
 
 	protected: 
@@ -72,7 +72,7 @@ namespace levin
   {
   public:
 
-    int invoke(int command, const std::string& in_buff, std::string& buff_out);
+    int invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out);
     int notify(int command, const std::string& in_buff);
   };
 

contrib/epee/include/net/levin_client.inl

@@ -74,7 +74,7 @@ levin_client_impl::~levin_client_impl()
 }
 //------------------------------------------------------------------------------
 inline
-int levin_client_impl::invoke(int command, const std::string& in_buff, std::string& buff_out)
+int levin_client_impl::invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out)
 {
 	if(!is_connected())
 		return -1;
@@ -133,7 +133,7 @@ int levin_client_impl::notify(int command, const std::string& in_buff)
 //------------------------------------------------------------------------------
 //------------------------------------------------------------------------------
 inline
-  int levin_client_impl2::invoke(int command, const std::string& in_buff, std::string& buff_out)
+  int levin_client_impl2::invoke(int command, epee::span<const uint8_t>string& in_buff, std::string& buff_out)
 {
   if(!is_connected())
     return -1;

contrib/epee/include/net/levin_client_async.h

@@ -431,7 +431,7 @@ namespace levin
 			}
 			CRITICAL_REGION_END();
 
-			LOG_PRINT_L4("LEVIN_PACKET_RECIEVED. [len=" << head.m_cb << ", flags=" << head.m_flags << ", is_cmd=" << head.m_have_to_return_data <<", cmd_id = " << head.m_command << ", pr_v=" << head.m_protocol_version << ", uid=" << string_tools::get_str_from_guid_a(head.m_id) << "]");
+			LOG_PRINT_L4("LEVIN_PACKET_RECEIVED. [len=" << head.m_cb << ", flags=" << head.m_flags << ", is_cmd=" << head.m_have_to_return_data <<", cmd_id = " << head.m_command << ", pr_v=" << head.m_protocol_version << ", uid=" << string_tools::get_str_from_guid_a(head.m_id) << "]");
 
 			if(is_request)
 			{

contrib/epee/include/net/levin_protocol_handler_async.h

@@ -34,6 +34,7 @@
 #include <atomic>
 
 #include "levin_base.h"
+#include "buffer.h"
 #include "misc_language.h"
 #include "syncobj.h"
 #include "misc_os_dependent.h"
@@ -85,11 +86,11 @@ public:
   uint64_t m_max_packet_size; 
   uint64_t m_invoke_timeout;
 
-  int invoke(int command, const std::string& in_buff, std::string& buff_out, boost::uuids::uuid connection_id);
+  int invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out, boost::uuids::uuid connection_id);
   template<class callback_t>
-  int invoke_async(int command, const std::string& in_buff, boost::uuids::uuid connection_id, const callback_t &cb, size_t timeout = LEVIN_DEFAULT_TIMEOUT_PRECONFIGURED);
+  int invoke_async(int command, const epee::span<const uint8_t> in_buff, boost::uuids::uuid connection_id, const callback_t &cb, size_t timeout = LEVIN_DEFAULT_TIMEOUT_PRECONFIGURED);
 
-  int notify(int command, const std::string& in_buff, boost::uuids::uuid connection_id);
+  int notify(int command, const epee::span<const uint8_t> in_buff, boost::uuids::uuid connection_id);
   bool close(boost::uuids::uuid connection_id);
   bool update_connection_context(const t_connection_context& contxt);
   bool request_callback(boost::uuids::uuid connection_id);
@@ -143,7 +144,7 @@ public:
   config_type& m_config;
   t_connection_context& m_connection_context;
 
-  std::string m_cache_in_buffer;
+  net_utils::buffer m_cache_in_buffer;
   stream_state m_state;
 
   int32_t m_oponent_protocol_ver;
@@ -151,7 +152,7 @@ public:
 
   struct invoke_response_handler_base
   {
-    virtual bool handle(int res, const std::string& buff, connection_context& context)=0;
+    virtual bool handle(int res, const epee::span<const uint8_t> buff, connection_context& context)=0;
     virtual bool is_timer_started() const=0;
     virtual void cancel()=0;
     virtual bool cancel_timer()=0;
@@ -173,7 +174,7 @@ public:
           if(ec == boost::asio::error::operation_aborted)
             return;
           MINFO(con.get_context_ref() << "Timeout on invoke operation happened, command: " << command << " timeout: " << timeout);
-          std::string fake;
+          epee::span<const uint8_t> fake;
           cb(LEVIN_ERROR_CONNECTION_TIMEDOUT, fake, con.get_context_ref());
           con.close();
           con.finish_outer_call();
@@ -191,7 +192,7 @@ public:
     bool m_timer_cancelled;
     uint64_t m_timeout;
     int m_command;
-    virtual bool handle(int res, const std::string& buff, typename async_protocol_handler::connection_context& context)
+    virtual bool handle(int res, const epee::span<const uint8_t> buff, typename async_protocol_handler::connection_context& context)
     {
       if(!cancel_timer())
         return false;
@@ -207,7 +208,7 @@ public:
     {
       if(cancel_timer())
       {
-        std::string fake;
+        epee::span<const uint8_t> fake;
         m_cb(LEVIN_ERROR_CONNECTION_DESTROYED, fake, m_con.get_context_ref());
         m_con.finish_outer_call();
       }
@@ -237,7 +238,7 @@ public:
           if(ec == boost::asio::error::operation_aborted)
             return;
           MINFO(con.get_context_ref() << "Timeout on invoke operation happened, command: " << command << " timeout: " << timeout);
-          std::string fake;
+          epee::span<const uint8_t> fake;
           cb(LEVIN_ERROR_CONNECTION_TIMEDOUT, fake, con.get_context_ref());
           con.close();
           con.finish_outer_call();
@@ -265,6 +266,7 @@ public:
             m_pservice_endpoint(psnd_hndlr), 
             m_config(config), 
             m_connection_context(conn_context), 
+            m_cache_in_buffer(4 * 1024),
             m_state(stream_state_head)
   {
     m_close_called = 0;
@@ -405,18 +407,11 @@ public:
           break;
         }
         {
-          std::string buff_to_invoke;
-          if(m_cache_in_buffer.size()  == m_current_head.m_cb)
-            buff_to_invoke.swap(m_cache_in_buffer);
-          else
-          {
-            buff_to_invoke.assign(m_cache_in_buffer, 0, (std::string::size_type)m_current_head.m_cb);
-            m_cache_in_buffer.erase(0, (std::string::size_type)m_current_head.m_cb);
-          }
+          epee::span<const uint8_t> buff_to_invoke = m_cache_in_buffer.carve((std::string::size_type)m_current_head.m_cb);
 
           bool is_response = (m_oponent_protocol_ver == LEVIN_PROTOCOL_VER_1 && m_current_head.m_flags&LEVIN_PACKET_RESPONSE);
 
-          MDEBUG(m_connection_context << "LEVIN_PACKET_RECIEVED. [len=" << m_current_head.m_cb
+          MDEBUG(m_connection_context << "LEVIN_PACKET_RECEIVED. [len=" << m_current_head.m_cb
             << ", flags" << m_current_head.m_flags 
             << ", r?=" << m_current_head.m_have_to_return_data 
             <<", cmd = " << m_current_head.m_command 
@@ -449,8 +444,8 @@ public:
               }else
               {
                 CRITICAL_REGION_BEGIN(m_local_inv_buff_lock);
-                buff_to_invoke.swap(m_local_inv_buff);
-                buff_to_invoke.clear();
+                m_local_inv_buff = std::string((const char*)buff_to_invoke.data(), buff_to_invoke.size());
+                buff_to_invoke = epee::span<const uint8_t>((const uint8_t*)NULL, 0);
                 m_invoke_result_code = m_current_head.m_return_code;
                 CRITICAL_REGION_END();
                 boost::interprocess::ipcdetail::atomic_write32(&m_invoke_buf_ready, 1);
@@ -503,7 +498,7 @@ public:
         {
           if(m_cache_in_buffer.size() < sizeof(bucket_head2))
           {
-            if(m_cache_in_buffer.size() >= sizeof(uint64_t) && *((uint64_t*)m_cache_in_buffer.data()) != SWAP64LE(LEVIN_SIGNATURE))
+            if(m_cache_in_buffer.size() >= sizeof(uint64_t) && *((uint64_t*)m_cache_in_buffer.span(8).data()) != SWAP64LE(LEVIN_SIGNATURE))
             {
               MWARNING(m_connection_context << "Signature mismatch, connection will be closed");
               return false;
@@ -513,9 +508,9 @@ public:
           }
 
 #if BYTE_ORDER == LITTLE_ENDIAN
-          bucket_head2& phead = *(bucket_head2*)m_cache_in_buffer.data();
+          bucket_head2& phead = *(bucket_head2*)m_cache_in_buffer.span(sizeof(bucket_head2)).data();
 #else
-          bucket_head2 phead = *(bucket_head2*)m_cache_in_buffer.data();
+          bucket_head2 phead = *(bucket_head2*)m_cache_in_buffer.span(sizeof(bucket_head2)).data();
           phead.m_signature = SWAP64LE(phead.m_signature);
           phead.m_cb = SWAP64LE(phead.m_cb);
           phead.m_command = SWAP32LE(phead.m_command);
@@ -530,7 +525,7 @@ public:
           }
           m_current_head = phead;
 
-          m_cache_in_buffer.erase(0, sizeof(bucket_head2));
+          m_cache_in_buffer.erase(sizeof(bucket_head2));
           m_state = stream_state_body;
           m_oponent_protocol_ver = m_current_head.m_protocol_version;
           if(m_current_head.m_cb > m_config.m_max_packet_size)
@@ -562,7 +557,7 @@ public:
   }
 
   template<class callback_t>
-  bool async_invoke(int command, const std::string& in_buff, const callback_t &cb, size_t timeout = LEVIN_DEFAULT_TIMEOUT_PRECONFIGURED)
+  bool async_invoke(int command, const epee::span<const uint8_t> in_buff, const callback_t &cb, size_t timeout = LEVIN_DEFAULT_TIMEOUT_PRECONFIGURED)
   {
     misc_utils::auto_scope_leave_caller scope_exit_handler = misc_utils::create_scope_leave_handler(
       boost::bind(&async_protocol_handler::finish_outer_call, this));
@@ -606,7 +601,7 @@ public:
         break;
       }
 
-      if(!m_pservice_endpoint->do_send(in_buff.data(), (int)in_buff.size()))
+      if(!m_pservice_endpoint->do_send(in_buff.data(), in_buff.size()))
       {
         LOG_ERROR_CC(m_connection_context, "Failed to do_send");
         err_code = LEVIN_ERROR_CONNECTION;
@@ -623,7 +618,7 @@ public:
 
     if (LEVIN_OK != err_code)
     {
-      std::string stub_buff;
+      epee::span<const uint8_t> stub_buff{(const uint8_t*)"", 0};
       // Never call callback inside critical section, that can cause deadlock
       cb(err_code, stub_buff, m_connection_context);
       return false;
@@ -632,7 +627,7 @@ public:
     return true;
   }
 
-  int invoke(int command, const std::string& in_buff, std::string& buff_out)
+  int invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out)
   {
     misc_utils::auto_scope_leave_caller scope_exit_handler = misc_utils::create_scope_leave_handler(
                                       boost::bind(&async_protocol_handler::finish_outer_call, this));
@@ -662,7 +657,7 @@ public:
       return LEVIN_ERROR_CONNECTION;
     }
 
-    if(!m_pservice_endpoint->do_send(in_buff.data(), (int)in_buff.size()))
+    if(!m_pservice_endpoint->do_send(in_buff.data(), in_buff.size()))
     {
       LOG_ERROR_CC(m_connection_context, "Failed to do_send");
       return LEVIN_ERROR_CONNECTION;
@@ -706,7 +701,7 @@ public:
     return m_invoke_result_code;
   }
 
-  int notify(int command, const std::string& in_buff)
+  int notify(int command, const epee::span<const uint8_t> in_buff)
   {
     misc_utils::auto_scope_leave_caller scope_exit_handler = misc_utils::create_scope_leave_handler(
                           boost::bind(&async_protocol_handler::finish_outer_call, this));
@@ -734,7 +729,7 @@ public:
       return -1;
     }
 
-    if(!m_pservice_endpoint->do_send(in_buff.data(), (int)in_buff.size()))
+    if(!m_pservice_endpoint->do_send(in_buff.data(), in_buff.size()))
     {
       LOG_ERROR_CC(m_connection_context, "Failed to do_send()");
       return -1;
@@ -839,7 +834,7 @@ int async_protocol_handler_config<t_connection_context>::find_and_lock_connectio
 }
 //------------------------------------------------------------------------------------------
 template<class t_connection_context>
-int async_protocol_handler_config<t_connection_context>::invoke(int command, const std::string& in_buff, std::string& buff_out, boost::uuids::uuid connection_id)
+int async_protocol_handler_config<t_connection_context>::invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out, boost::uuids::uuid connection_id)
 {
   async_protocol_handler<t_connection_context>* aph;
   int r = find_and_lock_connection(connection_id, aph);
@@ -847,7 +842,7 @@ int async_protocol_handler_config<t_connection_context>::invoke(int command, con
 }
 //------------------------------------------------------------------------------------------
 template<class t_connection_context> template<class callback_t>
-int async_protocol_handler_config<t_connection_context>::invoke_async(int command, const std::string& in_buff, boost::uuids::uuid connection_id, const callback_t &cb, size_t timeout)
+int async_protocol_handler_config<t_connection_context>::invoke_async(int command, const epee::span<const uint8_t> in_buff, boost::uuids::uuid connection_id, const callback_t &cb, size_t timeout)
 {
   async_protocol_handler<t_connection_context>* aph;
   int r = find_and_lock_connection(connection_id, aph);
@@ -896,7 +891,7 @@ void async_protocol_handler_config<t_connection_context>::set_handler(levin_comm
 }
 //------------------------------------------------------------------------------------------
 template<class t_connection_context>
-int async_protocol_handler_config<t_connection_context>::notify(int command, const std::string& in_buff, boost::uuids::uuid connection_id)
+int async_protocol_handler_config<t_connection_context>::notify(int command, const epee::span<const uint8_t> in_buff, boost::uuids::uuid connection_id)
 {
   async_protocol_handler<t_connection_context>* aph;
   int r = find_and_lock_connection(connection_id, aph);

contrib/epee/include/net/net_fwd.h

@@ -0,0 +1,38 @@
+// Copyright (c) 2019, The Monero Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#pragma once
+
+namespace epee
+{
+  namespace net_utils
+  {
+    struct ssl_authentication_t;
+    class ssl_options_t;
+  }
+}

contrib/epee/include/net/net_helper.h

@@ -33,13 +33,19 @@
 //#include <Ws2tcpip.h>
 #include <string>
 #include <boost/version.hpp>
-#include <boost/asio.hpp>
+#include <boost/asio/io_service.hpp>
+#include <boost/asio/ip/tcp.hpp>
+#include <boost/asio/read.hpp>
 #include <boost/asio/ssl.hpp>
 #include <boost/asio/steady_timer.hpp>
+#include <boost/thread/future.hpp>
 #include <boost/lambda/bind.hpp>
 #include <boost/lambda/lambda.hpp>
 #include <boost/interprocess/detail/atomic.hpp>
+#include <boost/system/error_code.hpp>
+#include <functional>
 #include "net/net_utils_base.h"
+#include "net/net_ssl.h"
 #include "misc_language.h"
 
 #undef MONERO_DEFAULT_LOG_CATEGORY
@@ -54,9 +60,22 @@ namespace epee
 {
 namespace net_utils
 {
+	struct direct_connect
+	{
+		boost::unique_future<boost::asio::ip::tcp::socket>
+			operator()(const std::string& addr, const std::string& port, boost::asio::steady_timer&) const;
+	};
+
 
   class blocked_mode_client
 	{
+		enum try_connect_result_t
+		{
+			CONNECT_SUCCESS,
+			CONNECT_FAILURE,
+			CONNECT_NO_SSL,
+		};
+
 		
 		
 				struct handler_obj
@@ -77,31 +96,40 @@ namespace net_utils
 						ref_bytes_transferred = bytes_transferred;
 					}
 				};
-		
+
 	public:
 		inline
-			blocked_mode_client():m_initialized(false), 
-                            m_connected(false), 
-                            m_deadline(m_io_service), 
-                            m_shutdowned(0),
-                            m_ssl(false),
-                            m_ctx(boost::asio::ssl::context::sslv23),
-                            m_ssl_socket(m_io_service,m_ctx)
+			blocked_mode_client() :
+				m_io_service(),
+				m_ctx(boost::asio::ssl::context::tlsv12),
+				m_connector(direct_connect{}),
+				m_ssl_socket(new boost::asio::ssl::stream<boost::asio::ip::tcp::socket>(m_io_service, m_ctx)),
+				m_ssl_options(epee::net_utils::ssl_support_t::e_ssl_support_autodetect),
+				m_initialized(true),
+				m_connected(false),
+				m_deadline(m_io_service),
+				m_shutdowned(0),
+				m_bytes_sent(0),
+				m_bytes_received(0)
 		{
-			
-			
-			m_initialized = true;
-
-
-			// No deadline is required until the first socket operation is started. We
-			// set the deadline to positive infinity so that the actor takes no action
-			// until a specific deadline is set.
-			m_deadline.expires_at(std::chrono::steady_clock::time_point::max());
-
-			// Start the persistent actor that checks for deadline expiry.
-			check_deadline();
-
 		}
+
+		/*! The first/second parameters are host/port respectively. The third
+		    parameter is for setting the timeout callback - the timer is
+		    already set by the caller, the callee only needs to set the
+		    behavior.
+
+		    Additional asynchronous operations should be queued using the
+		    `io_service` from the timer. The implementation should assume
+		    multi-threaded I/O processing.
+
+		    If the callee cannot start an asynchronous operation, an exception
+		    should be thrown to signal an immediate failure.
+
+		    The return value is a future to a connected socket. Asynchronous
+		    failures should use the `set_exception` method. */
+		using connect_func = boost::unique_future<boost::asio::ip::tcp::socket>(const std::string&, const std::string&, boost::asio::steady_timer&);
+
 		inline
 			~blocked_mode_client()
 		{
@@ -110,86 +138,100 @@ namespace net_utils
 			catch(...) { /* ignore */ }
 		}
 
+		inline void set_ssl(ssl_options_t ssl_options)
+		{
+			if (ssl_options)
+				m_ctx = ssl_options.create_context();
+			else
+				m_ctx = boost::asio::ssl::context(boost::asio::ssl::context::tlsv12);
+			m_ssl_options = std::move(ssl_options);
+		}
+
     inline
-      bool connect(const std::string& addr, int port, std::chrono::milliseconds timeout, bool ssl = false, const std::string& bind_ip = "0.0.0.0")
+      bool connect(const std::string& addr, int port, std::chrono::milliseconds timeout)
     {
-      return connect(addr, std::to_string(port), timeout, ssl, bind_ip);
+      return connect(addr, std::to_string(port), timeout);
     }
 
     inline
-			bool connect(const std::string& addr, const std::string& port, std::chrono::milliseconds timeout, bool ssl = false, const std::string& bind_ip = "0.0.0.0")
+			try_connect_result_t try_connect(const std::string& addr, const std::string& port, std::chrono::milliseconds timeout, epee::net_utils::ssl_support_t ssl_support)
 		{
-      m_connected = false;
-      m_ssl = ssl;
-			try
-			{
-				m_ssl_socket.next_layer().close();
-
-				// Set SSL options
-				// disable sslv2
-				m_ctx.set_options(boost::asio::ssl::context::default_workarounds | boost::asio::ssl::context::no_sslv2);
-				m_ctx.set_default_verify_paths();
-
-				// Get a list of endpoints corresponding to the server name.
-				
-
-				//////////////////////////////////////////////////////////////////////////
-
-				boost::asio::ip::tcp::resolver resolver(m_io_service);
-				boost::asio::ip::tcp::resolver::query query(boost::asio::ip::tcp::v4(), addr, port, boost::asio::ip::tcp::resolver::query::canonical_name);
-				boost::asio::ip::tcp::resolver::iterator iterator = resolver.resolve(query);
-				boost::asio::ip::tcp::resolver::iterator end;
-				if(iterator == end)
-				{
-					LOG_ERROR("Failed to resolve " << addr);
-					return false;
-				}
-
-				//////////////////////////////////////////////////////////////////////////
-
-
-				//boost::asio::ip::tcp::endpoint remote_endpoint(boost::asio::ip::address::from_string(addr.c_str()), port);
-				boost::asio::ip::tcp::endpoint remote_endpoint(*iterator);
-
-
-				m_ssl_socket.next_layer().open(remote_endpoint.protocol());
-				if(bind_ip != "0.0.0.0" && bind_ip != "0" && bind_ip != "" )
-				{
-					boost::asio::ip::tcp::endpoint local_endpoint(boost::asio::ip::address::from_string(addr.c_str()), 0);
-					m_ssl_socket.next_layer().bind(local_endpoint);
-				}
-
-				
 				m_deadline.expires_from_now(timeout);
+				boost::unique_future<boost::asio::ip::tcp::socket> connection = m_connector(addr, port, m_deadline);
+				for (;;)
+				{
+					m_io_service.reset();
+					m_io_service.run_one();
 
-
-				boost::system::error_code ec = boost::asio::error::would_block;
-
-				m_ssl_socket.next_layer().async_connect(remote_endpoint, boost::lambda::var(ec) = boost::lambda::_1);
-				while (ec == boost::asio::error::would_block)
-				{	
-					m_io_service.run_one(); 
+					if (connection.is_ready())
+						break;
 				}
-				
-				if (!ec && m_ssl_socket.next_layer().is_open())
+
+				m_ssl_socket->next_layer() = connection.get();
+				m_deadline.cancel();
+				if (m_ssl_socket->next_layer().is_open())
 				{
 					m_connected = true;
 					m_deadline.expires_at(std::chrono::steady_clock::time_point::max());
 					// SSL Options
-					if(m_ssl) {
-						// Disable verification of host certificate
-						m_ssl_socket.set_verify_mode(boost::asio::ssl::verify_peer);
-						// Handshake
-						m_ssl_socket.next_layer().set_option(boost::asio::ip::tcp::no_delay(true));
-						m_ssl_socket.handshake(boost::asio::ssl::stream_base::client);
+					if (ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_enabled || ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
+					{
+						if (!m_ssl_options.handshake(*m_ssl_socket, boost::asio::ssl::stream_base::client, addr))
+						{
+							if (ssl_support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
+							{
+								boost::system::error_code ignored_ec;
+								m_ssl_socket->next_layer().shutdown(boost::asio::ip::tcp::socket::shutdown_both, ignored_ec);
+								m_ssl_socket->next_layer().close();
+								m_connected = false;
+								return CONNECT_NO_SSL;
+							}
+							else
+							{
+								MWARNING("Failed to establish SSL connection");
+								m_connected = false;
+								return CONNECT_FAILURE;
+							}
+						}
+						m_ssl_options.support = ssl_support_t::e_ssl_support_enabled;
 					}
-					return true;
+					return CONNECT_SUCCESS;
 				}else
 				{
-					MWARNING("Some problems at connect, message: " << ec.message());
-					return false;
+					MWARNING("Some problems at connect, expected open socket");
+					return CONNECT_FAILURE;
 				}
 
+		}
+
+    inline
+			bool connect(const std::string& addr, const std::string& port, std::chrono::milliseconds timeout)
+		{
+			m_connected = false;
+			try
+			{
+				m_ssl_socket->next_layer().close();
+
+				// Set SSL options
+				// disable sslv2
+				m_ssl_socket.reset(new boost::asio::ssl::stream<boost::asio::ip::tcp::socket>(m_io_service, m_ctx));
+
+				// Get a list of endpoints corresponding to the server name.
+
+				try_connect_result_t try_connect_result = try_connect(addr, port, timeout, m_ssl_options.support);
+				if (try_connect_result == CONNECT_FAILURE)
+					return false;
+				if (m_ssl_options.support == epee::net_utils::ssl_support_t::e_ssl_support_autodetect)
+				{
+					m_ssl_options.support = epee::net_utils::ssl_support_t::e_ssl_support_enabled;
+					if (try_connect_result == CONNECT_NO_SSL)
+					{
+						MERROR("SSL handshake failed on an autodetect connection, reconnecting without SSL");
+						m_ssl_options.support = epee::net_utils::ssl_support_t::e_ssl_support_disabled;
+						if (try_connect(addr, port, timeout, m_ssl_options.support) != CONNECT_SUCCESS)
+							return false;
+					}
+				}
 			}
 			catch(const boost::system::system_error& er)
 			{
@@ -204,6 +246,11 @@ namespace net_utils
 
 			return true;
 		}
+		//! Change the connection routine (proxy, etc.)
+		void set_connector(std::function<connect_func> connector)
+		{
+			m_connector = std::move(connector);
+		}
 
 		inline 
 		bool disconnect()
@@ -213,12 +260,11 @@ namespace net_utils
 				if(m_connected)
 				{
 					m_connected = false;
-					if(m_ssl)
+					if(m_ssl_options)
 						shutdown_ssl();
-					m_ssl_socket.next_layer().shutdown(boost::asio::ip::tcp::socket::shutdown_both);
+					m_ssl_socket->next_layer().shutdown(boost::asio::ip::tcp::socket::shutdown_both);
 				}
 			}
-			
 			catch(const boost::system::system_error& /*er*/)
 			{
 				//LOG_ERROR("Some problems at disconnect, message: " << er.what());
@@ -257,6 +303,7 @@ namespace net_utils
 				// Block until the asynchronous operation has completed.
 				while (ec == boost::asio::error::would_block)
 				{
+					m_io_service.reset();
 					m_io_service.run_one(); 
 				}
 
@@ -268,6 +315,7 @@ namespace net_utils
 				}else
 				{
 					m_deadline.expires_at(std::chrono::steady_clock::time_point::max());
+					m_bytes_sent += buff.size();
 				}
 			}
 
@@ -324,6 +372,7 @@ namespace net_utils
 				}else
 				{
 					m_deadline.expires_at(std::chrono::steady_clock::time_point::max());
+					m_bytes_sent += sz;
 				}
 			}
 
@@ -342,9 +391,13 @@ namespace net_utils
 			return true;
 		}
 
-		bool is_connected()
+		bool is_connected(bool *ssl = NULL)
 		{
-			return m_connected && m_ssl_socket.next_layer().is_open();
+			if (!m_connected || !m_ssl_socket->next_layer().is_open())
+				return false;
+			if (ssl)
+				*ssl = m_ssl_options.support == ssl_support_t::e_ssl_support_enabled;
+			return true;
 		}
 
 		inline 
@@ -375,13 +428,15 @@ namespace net_utils
 			
 				handler_obj hndlr(ec, bytes_transfered);
 
-				char local_buff[10000] = {0};
+				static const size_t max_size = 16384;
+				buff.resize(max_size);
 				
-				async_read(local_buff, sizeof(local_buff), boost::asio::transfer_at_least(1), hndlr);
+				async_read(&buff[0], max_size, boost::asio::transfer_at_least(1), hndlr);
 
 				// Block until the asynchronous operation has completed.
 				while (ec == boost::asio::error::would_block && !boost::interprocess::ipcdetail::atomic_read32(&m_shutdowned))
 				{
+					m_io_service.reset();
 					m_io_service.run_one(); 
 				}
 
@@ -393,6 +448,7 @@ namespace net_utils
                     {
                       MTRACE("Connection err_code eof.");
                       //connection closed there, empty
+                      buff.clear();
                       return true;
                     }
 
@@ -408,7 +464,8 @@ namespace net_utils
 				/*if(!bytes_transfered)
 					return false;*/
 
-				buff.assign(local_buff, bytes_transfered);
+				m_bytes_received += bytes_transfered;
+				buff.resize(bytes_transfered);
 				return true;
 			}
 
@@ -476,6 +533,7 @@ namespace net_utils
 					m_deadline.expires_at(std::chrono::steady_clock::time_point::max());
 				}
 
+				m_bytes_received += bytes_transfered;
 				if(bytes_transfered != buff.size())
 				{
 					LOG_ERROR("Transferred mismatch with transfer_at_least value: m_bytes_transferred=" << bytes_transfered << " at_least value=" << buff.size());
@@ -506,15 +564,15 @@ namespace net_utils
 		{
 			m_deadline.cancel();
 			boost::system::error_code ec;
-			if(m_ssl)
+			if(m_ssl_options.support != ssl_support_t::e_ssl_support_disabled)
 				shutdown_ssl();
-			m_ssl_socket.next_layer().cancel(ec);
+			m_ssl_socket->next_layer().cancel(ec);
 			if(ec)
 				MDEBUG("Problems at cancel: " << ec.message());
-			m_ssl_socket.next_layer().shutdown(boost::asio::ip::tcp::socket::shutdown_both, ec);
+			m_ssl_socket->next_layer().shutdown(boost::asio::ip::tcp::socket::shutdown_both, ec);
 			if(ec)
 				MDEBUG("Problems at shutdown: " << ec.message());
-			m_ssl_socket.next_layer().close(ec);
+			m_ssl_socket->next_layer().close(ec);
 			if(ec)
 				MDEBUG("Problems at close: " << ec.message());
 			boost::interprocess::ipcdetail::atomic_write32(&m_shutdowned, 1);
@@ -522,10 +580,6 @@ namespace net_utils
 			return true;
 		}
 		
-		void set_connected(bool connected)
-		{
-			m_connected = connected;
-		}
 		boost::asio::io_service& get_io_service()
 		{
 			return m_io_service;
@@ -533,9 +587,19 @@ namespace net_utils
 
 		boost::asio::ip::tcp::socket& get_socket()
 		{
-			return m_ssl_socket.next_layer();
+			return m_ssl_socket->next_layer();
 		}
-		
+
+		uint64_t get_bytes_sent() const
+		{
+			return m_bytes_sent;
+		}
+
+		uint64_t get_bytes_received() const
+		{
+			return m_bytes_received;
+		}
+
 	private:
 
 		void check_deadline()
@@ -550,7 +614,7 @@ namespace net_utils
 				// connect(), read_line() or write_line() functions to return.
 				LOG_PRINT_L3("Timed out socket");
         m_connected = false;
-				m_ssl_socket.next_layer().close();
+				m_ssl_socket->next_layer().close();
 
 				// There is no longer an active deadline. The expiry is set to positive
 				// infinity so that the actor takes no action until a new deadline is set.
@@ -565,9 +629,10 @@ namespace net_utils
 			// ssl socket shutdown blocks if server doesn't respond. We close after 2 secs
 			boost::system::error_code ec = boost::asio::error::would_block;
 			m_deadline.expires_from_now(std::chrono::milliseconds(2000));
-			m_ssl_socket.async_shutdown(boost::lambda::var(ec) = boost::lambda::_1);
+			m_ssl_socket->async_shutdown(boost::lambda::var(ec) = boost::lambda::_1);
 			while (ec == boost::asio::error::would_block)
 			{
+				m_io_service.reset();
 				m_io_service.run_one();
 			}
 			// Ignore "short read" error
@@ -586,39 +651,42 @@ namespace net_utils
 		bool write(const void* data, size_t sz, boost::system::error_code& ec)
 		{
 			bool success;
-			if(m_ssl)
-				success = boost::asio::write(m_ssl_socket, boost::asio::buffer(data, sz), ec);
+			if(m_ssl_options.support == ssl_support_t::e_ssl_support_enabled)
+				success = boost::asio::write(*m_ssl_socket, boost::asio::buffer(data, sz), ec);
 			else
-				success = boost::asio::write(m_ssl_socket.next_layer(), boost::asio::buffer(data, sz), ec);
+				success = boost::asio::write(m_ssl_socket->next_layer(), boost::asio::buffer(data, sz), ec);
 			return success;
 		}
 		
 		void async_write(const void* data, size_t sz, boost::system::error_code& ec) 
 		{
-			if(m_ssl)
-				boost::asio::async_write(m_ssl_socket, boost::asio::buffer(data, sz), boost::lambda::var(ec) = boost::lambda::_1);
+			if(m_ssl_options.support == ssl_support_t::e_ssl_support_enabled)
+				boost::asio::async_write(*m_ssl_socket, boost::asio::buffer(data, sz), boost::lambda::var(ec) = boost::lambda::_1);
 			else
-				boost::asio::async_write(m_ssl_socket.next_layer(), boost::asio::buffer(data, sz), boost::lambda::var(ec) = boost::lambda::_1);
+				boost::asio::async_write(m_ssl_socket->next_layer(), boost::asio::buffer(data, sz), boost::lambda::var(ec) = boost::lambda::_1);
 		}
 		
 		void async_read(char* buff, size_t sz, boost::asio::detail::transfer_at_least_t transfer_at_least, handler_obj& hndlr)
 		{
-			if(!m_ssl)
-				boost::asio::async_read(m_ssl_socket.next_layer(), boost::asio::buffer(buff, sz), transfer_at_least, hndlr);
+			if(m_ssl_options.support != ssl_support_t::e_ssl_support_enabled)
+				boost::asio::async_read(m_ssl_socket->next_layer(), boost::asio::buffer(buff, sz), transfer_at_least, hndlr);
 			else
-				boost::asio::async_read(m_ssl_socket, boost::asio::buffer(buff, sz), transfer_at_least, hndlr);
+				boost::asio::async_read(*m_ssl_socket, boost::asio::buffer(buff, sz), transfer_at_least, hndlr);
 			
 		}
 		
 	protected:
 		boost::asio::io_service m_io_service;
 		boost::asio::ssl::context m_ctx;
-		boost::asio::ssl::stream<boost::asio::ip::tcp::socket> m_ssl_socket;
-		bool m_ssl;
+		std::shared_ptr<boost::asio::ssl::stream<boost::asio::ip::tcp::socket>> m_ssl_socket;
+		std::function<connect_func> m_connector;
+		ssl_options_t m_ssl_options;
 		bool m_initialized;
 		bool m_connected;
 		boost::asio::steady_timer m_deadline;
 		volatile uint32_t m_shutdowned;
+		std::atomic<uint64_t> m_bytes_sent;
+		std::atomic<uint64_t> m_bytes_received;
 	};
 
 
@@ -722,7 +790,7 @@ namespace net_utils
 				// asynchronous operations are cancelled. This allows the blocked
 				// connect(), read_line() or write_line() functions to return.
 				LOG_PRINT_L3("Timed out socket");
-				m_ssl_socket.next_layer().close();
+				m_ssl_socket->next_layer().close();
 
 				// There is no longer an active deadline. The expiry is set to positive
 				// infinity so that the actor takes no action until a new deadline is set.
@@ -735,3 +803,4 @@ namespace net_utils
 	};
 }
 }
+

contrib/epee/include/net/net_ssl.h

@@ -0,0 +1,144 @@
+// Copyright (c) 2006-2013, Andrey N. Sabelnikov, www.sabelnikov.net
+// All rights reserved.
+// 
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are met:
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above copyright
+// notice, this list of conditions and the following disclaimer in the
+// documentation and/or other materials provided with the distribution.
+// * Neither the name of the Andrey N. Sabelnikov nor the
+// names of its contributors may be used to endorse or promote products
+// derived from this software without specific prior written permission.
+// 
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER  BE LIABLE FOR ANY
+// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+// 
+
+
+
+#ifndef _NET_SSL_H
+#define _NET_SSL_H
+
+#include <stdint.h>
+#include <string>
+#include <vector>
+#include <boost/utility/string_ref.hpp>
+#include <boost/asio/ip/tcp.hpp>
+#include <boost/asio/ssl.hpp>
+#include <boost/system/error_code.hpp>
+
+#define SSL_FINGERPRINT_SIZE 32
+
+namespace epee
+{
+namespace net_utils
+{
+	enum class ssl_support_t: uint8_t {
+		e_ssl_support_disabled,
+		e_ssl_support_enabled,
+		e_ssl_support_autodetect,
+	};
+
+  enum class ssl_verification_t : uint8_t
+  {
+    none = 0,         //!< Do not verify peer.
+    system_ca,        //!< Verify peer via system ca only (do not inspect user certificates)
+    user_certificates,//!< Verify peer via specific (non-chain) certificate(s) only.
+    user_ca           //!< Verify peer via specific (possibly chain) certificate(s) only.
+  };
+
+  struct ssl_authentication_t
+  {
+    std::string private_key_path; //!< Private key used for authentication
+    std::string certificate_path; //!< Certificate used for authentication to peer.
+
+    //! Load `private_key_path` and `certificate_path` into `ssl_context`.
+    void use_ssl_certificate(boost::asio::ssl::context &ssl_context) const;
+  };
+
+  /*!
+    \note `verification != disabled && support == disabled` is currently
+      "allowed" via public interface but obviously invalid configuation.
+   */
+  class ssl_options_t
+  {
+    // force sorted behavior in private
+    std::vector<std::vector<std::uint8_t>> fingerprints_;
+
+  public:
+    std::string ca_path;
+    ssl_authentication_t auth;
+    ssl_support_t support;
+    ssl_verification_t verification;
+
+    //! Verification is set to system ca unless SSL is disabled.
+    ssl_options_t(ssl_support_t support)
+      : fingerprints_(),
+        ca_path(),
+        auth(),
+        support(support),
+        verification(support == ssl_support_t::e_ssl_support_disabled ? ssl_verification_t::none : ssl_verification_t::system_ca)
+    {}
+
+    //! Provide user fingerprints and/or ca path. Enables SSL and user_certificate verification
+    ssl_options_t(std::vector<std::vector<std::uint8_t>> fingerprints, std::string ca_path);
+
+    ssl_options_t(const ssl_options_t&) = default;
+    ssl_options_t(ssl_options_t&&) = default;
+
+    ssl_options_t& operator=(const ssl_options_t&) = default;
+    ssl_options_t& operator=(ssl_options_t&&) = default;
+
+    //! \return False iff ssl is disabled, otherwise true.
+    explicit operator bool() const noexcept { return support != ssl_support_t::e_ssl_support_disabled; }
+
+    //! \retrurn True if `host` can be verified using `this` configuration WITHOUT system "root" CAs.
+    bool has_strong_verification(boost::string_ref host) const noexcept;
+
+    //! Search against internal fingerprints. Always false if `behavior() != user_certificate_check`.
+    bool has_fingerprint(boost::asio::ssl::verify_context &ctx) const;
+
+    boost::asio::ssl::context create_context() const;
+
+    /*! \note If `this->support == autodetect && this->verification != none`,
+          then the handshake will not fail when peer verification fails. The
+          assumption is that a re-connect will be attempted, so a warning is
+          logged instead of failure.
+
+        \note It is strongly encouraged that clients using `system_ca`
+          verification provide a non-empty `host` for rfc2818 verification.
+
+        \param socket Used in SSL handshake and verification
+        \param type Client or server
+        \param host This parameter is only used when
+          `type == client && !host.empty()`. The value is sent to the server for
+          situations where multiple hostnames are being handled by a server. If
+          `verification == system_ca` the client also does a rfc2818 check to
+          ensure that the server certificate is to the provided hostname.
+
+        \return True if the SSL handshake completes with peer verification
+          settings. */
+    bool handshake(boost::asio::ssl::stream<boost::asio::ip::tcp::socket> &socket, boost::asio::ssl::stream_base::handshake_type type, const std::string& host = {}) const;
+  };
+
+        // https://security.stackexchange.com/questions/34780/checking-client-hello-for-https-classification
+	constexpr size_t get_ssl_magic_size() { return 9; }
+	bool is_ssl(const unsigned char *data, size_t len);
+	bool ssl_support_from_string(ssl_support_t &ssl, boost::string_ref s);
+
+	bool create_ec_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert);
+	bool create_rsa_ssl_certificate(EVP_PKEY *&pkey, X509 *&cert);
+}
+}
+
+#endif //_NET_SSL_H

contrib/epee/include/net/net_utils_base.h

@@ -33,6 +33,7 @@
 #include <boost/asio/io_service.hpp>
 #include <typeinfo>
 #include <type_traits>
+#include "enums.h"
 #include "serialization/keyvalue_serialization.h"
 #include "misc_log_ex.h"
 
@@ -43,6 +44,18 @@
 #define MAKE_IP( a1, a2, a3, a4 )	(a1|(a2<<8)|(a3<<16)|(a4<<24))
 #endif
 
+#if BOOST_VERSION >= 107000
+#define GET_IO_SERVICE(s) ((boost::asio::io_context&)(s).get_executor().context())
+#else
+#define GET_IO_SERVICE(s) ((s).get_io_service())
+#endif
+
+namespace net
+{
+	class tor_address;
+	class i2p_address;
+}
+
 namespace epee
 {
 namespace net_utils
@@ -53,6 +66,10 @@ namespace net_utils
 		uint16_t m_port;
 
 	public:
+		constexpr ipv4_network_address() noexcept
+			: ipv4_network_address(0, 0)
+		{}
+
 		constexpr ipv4_network_address(uint32_t ip, uint16_t port) noexcept
 			: m_ip(ip), m_port(port) {}
 
@@ -67,9 +84,10 @@ namespace net_utils
 		std::string host_str() const;
 		bool is_loopback() const;
 		bool is_local() const;
-		static constexpr uint8_t get_type_id() noexcept { return ID; }
+		static constexpr address_type get_type_id() noexcept { return address_type::ipv4; }
+		static constexpr zone get_zone() noexcept { return zone::public_; }
+		static constexpr bool is_blockable() noexcept { return true; }
 
-		static const uint8_t ID = 1;
 		BEGIN_KV_SERIALIZE_MAP()
 			KV_SERIALIZE(m_ip)
 			KV_SERIALIZE(m_port)
@@ -103,7 +121,9 @@ namespace net_utils
 			virtual std::string host_str() const = 0;
 			virtual bool is_loopback() const = 0;
 			virtual bool is_local() const = 0;
-			virtual uint8_t get_type_id() const = 0;
+			virtual address_type get_type_id() const = 0;
+			virtual zone get_zone() const = 0;
+			virtual bool is_blockable() const = 0;
 		};
 
 		template<typename T>
@@ -131,7 +151,9 @@ namespace net_utils
 			virtual std::string host_str() const override { return value.host_str(); }
 			virtual bool is_loopback() const override { return value.is_loopback(); }
 			virtual bool is_local() const override { return value.is_local(); }
-			virtual uint8_t get_type_id() const override { return value.get_type_id(); }
+			virtual address_type get_type_id() const override { return value.get_type_id(); }
+			virtual zone get_zone() const override { return value.get_zone(); }
+			virtual bool is_blockable() const override { return value.is_blockable(); }
 		};
 
 		std::shared_ptr<interface> self;
@@ -146,6 +168,23 @@ namespace net_utils
 				throw std::bad_cast{};
 			return static_cast<implementation<Type_>*>(self_)->value;
 		}
+
+		template<typename T, typename t_storage>
+		bool serialize_addr(std::false_type, t_storage& stg, typename t_storage::hsection hparent)
+		{
+			T addr{};
+			if (!epee::serialization::selector<false>::serialize(addr, stg, hparent, "addr"))
+				return false;
+			*this = std::move(addr);
+			return true;
+		}
+
+		template<typename T, typename t_storage>
+		bool serialize_addr(std::true_type, t_storage& stg, typename t_storage::hsection hparent) const
+		{
+			return epee::serialization::selector<true>::serialize(as<T>(), stg, hparent, "addr");
+		}
+
 	public:
 		network_address() : self(nullptr) {}
 		template<typename T>
@@ -158,43 +197,34 @@ namespace net_utils
 		std::string host_str() const { return self ? self->host_str() : "<none>"; }
 		bool is_loopback() const { return self ? self->is_loopback() : false; }
 		bool is_local() const { return self ? self->is_local() : false; }
-		uint8_t get_type_id() const { return self ? self->get_type_id() : 0; }
+		address_type get_type_id() const { return self ? self->get_type_id() : address_type::invalid; }
+		zone get_zone() const { return self ? self->get_zone() : zone::invalid; }
+		bool is_blockable() const { return self ? self->is_blockable() : false; }
 		template<typename Type> const Type &as() const { return as_mutable<const Type>(); }
 
 		BEGIN_KV_SERIALIZE_MAP()
-			uint8_t type = is_store ? this_ref.get_type_id() : 0;
+			// need to `#include "net/[i2p|tor]_address.h"` when serializing `network_address`
+			static constexpr std::integral_constant<bool, is_store> is_store_{};
+
+			std::uint8_t type = std::uint8_t(is_store ? this_ref.get_type_id() : address_type::invalid);
 			if (!epee::serialization::selector<is_store>::serialize(type, stg, hparent_section, "type"))
 				return false;
-			switch (type)
+
+			switch (address_type(type))
 			{
-				case ipv4_network_address::ID:
-				{
-					if (!is_store)
-					{
-						const_cast<network_address&>(this_ref) = ipv4_network_address{0, 0};
-						auto &addr = this_ref.template as_mutable<ipv4_network_address>();
-						if (epee::serialization::selector<is_store>::serialize(addr, stg, hparent_section, "addr"))
-							MDEBUG("Found as addr: " << this_ref.str());
-						else if (epee::serialization::selector<is_store>::serialize(addr, stg, hparent_section, "template as<ipv4_network_address>()"))
-							MDEBUG("Found as template as<ipv4_network_address>(): " << this_ref.str());
-						else if (epee::serialization::selector<is_store>::serialize(addr, stg, hparent_section, "template as_mutable<ipv4_network_address>()"))
-							MDEBUG("Found as template as_mutable<ipv4_network_address>(): " << this_ref.str());
-						else
-						{
-							MWARNING("Address not found");
-							return false;
-						}
-					}
-					else
-					{
-						auto &addr = this_ref.template as_mutable<ipv4_network_address>();
-						if (!epee::serialization::selector<is_store>::serialize(addr, stg, hparent_section, "addr"))
-							return false;
-					}
+				case address_type::ipv4:
+					return this_ref.template serialize_addr<ipv4_network_address>(is_store_, stg, hparent_section);
+				case address_type::tor:
+					return this_ref.template serialize_addr<net::tor_address>(is_store_, stg, hparent_section);
+				case address_type::i2p:
+					return this_ref.template serialize_addr<net::i2p_address>(is_store_, stg, hparent_section);
+				case address_type::invalid:
+				default:
 					break;
-				}
-				default: MERROR("Unsupported network address type: " << (unsigned)type); return false;
 			}
+
+			MERROR("Unsupported network address type: " << (unsigned)type);
+			return false;
 		END_KV_SERIALIZE_MAP()
 	};
 
@@ -211,8 +241,6 @@ namespace net_utils
 	inline bool operator>=(const network_address& lhs, const network_address& rhs)
 	{ return !lhs.less(rhs); }
 
-	bool create_network_address(network_address &address, const std::string &string, uint16_t default_port = 0);
-
 	/************************************************************************/
 	/*                                                                      */
 	/************************************************************************/
@@ -222,54 +250,63 @@ namespace net_utils
     const network_address m_remote_address;
     const bool     m_is_income;
     const time_t   m_started;
+    const time_t   m_ssl;
     time_t   m_last_recv;
     time_t   m_last_send;
     uint64_t m_recv_cnt;
     uint64_t m_send_cnt;
     double m_current_speed_down;
     double m_current_speed_up;
+    double m_max_speed_down;
+    double m_max_speed_up;
 
     connection_context_base(boost::uuids::uuid connection_id,
-                            const network_address &remote_address, bool is_income,
+                            const network_address &remote_address, bool is_income, bool ssl,
                             time_t last_recv = 0, time_t last_send = 0,
                             uint64_t recv_cnt = 0, uint64_t send_cnt = 0):
                                             m_connection_id(connection_id),
                                             m_remote_address(remote_address),
                                             m_is_income(is_income),
                                             m_started(time(NULL)),
+                                            m_ssl(ssl),
                                             m_last_recv(last_recv),
                                             m_last_send(last_send),
                                             m_recv_cnt(recv_cnt),
                                             m_send_cnt(send_cnt),
                                             m_current_speed_down(0),
-                                            m_current_speed_up(0)
+                                            m_current_speed_up(0),
+                                            m_max_speed_down(0),
+                                            m_max_speed_up(0)
     {}
 
     connection_context_base(): m_connection_id(),
-                               m_remote_address(ipv4_network_address{0,0}),
+                               m_remote_address(),
                                m_is_income(false),
                                m_started(time(NULL)),
+                               m_ssl(false),
                                m_last_recv(0),
                                m_last_send(0),
                                m_recv_cnt(0),
                                m_send_cnt(0),
                                m_current_speed_down(0),
-                               m_current_speed_up(0)
+                               m_current_speed_up(0),
+                               m_max_speed_down(0),
+                               m_max_speed_up(0)
     {}
 
     connection_context_base& operator=(const connection_context_base& a)
     {
-      set_details(a.m_connection_id, a.m_remote_address, a.m_is_income);
+      set_details(a.m_connection_id, a.m_remote_address, a.m_is_income, a.m_ssl);
       return *this;
     }
     
   private:
     template<class t_protocol_handler>
     friend class connection;
-    void set_details(boost::uuids::uuid connection_id, const network_address &remote_address, bool is_income)
+    void set_details(boost::uuids::uuid connection_id, const network_address &remote_address, bool is_income, bool ssl)
     {
       this->~connection_context_base();
-      new(this) connection_context_base(connection_id, remote_address, is_income);
+      new(this) connection_context_base(connection_id, remote_address, is_income, ssl);
     }
 
 	};

contrib/epee/include/net/network_throttle-detail.hpp

@@ -2,7 +2,7 @@
 /// @author rfree (current maintainer in monero.cc project)
 /// @brief implementaion for throttling of connection (count and rate-limit speed etc)
 
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 // 
 // All rights reserved.
 // 
@@ -36,6 +36,7 @@
 #ifndef INCLUDED_throttle_detail_hpp
 #define INCLUDED_throttle_detail_hpp
 
+#include <boost/circular_buffer.hpp>
 #include "network_throttle.hpp"
 
 namespace epee
@@ -61,10 +62,12 @@ class network_throttle : public i_network_throttle {
 		network_time_seconds m_slot_size; // the size of one slot. TODO: now hardcoded for 1 second e.g. in time_to_slot()
 		// TODO for big window size, for performance better the substract on change of m_last_sample_time instead of recalculating average of eg >100 elements
 
-		std::vector< packet_info > m_history; // the history of bw usage
+		boost::circular_buffer< packet_info > m_history; // the history of bw usage
 		network_time_seconds m_last_sample_time; // time of last history[0] - so we know when to rotate the buffer
 		network_time_seconds m_start_time; // when we were created
 		bool m_any_packet_yet; // did we yet got any packet to count
+		uint64_t m_total_packets;
+		uint64_t m_total_bytes;
 
 		std::string m_name; // my name for debug and logs
 		std::string m_nameshort; // my name for debug and logs (used in log file name)
@@ -94,6 +97,7 @@ class network_throttle : public i_network_throttle {
 		virtual size_t get_recommended_size_of_planned_transport() const; ///< what should be the size (bytes) of next data block to be transported
 		virtual size_t get_recommended_size_of_planned_transport_window(double force_window) const;  ///< ditto, but for given windows time frame
 		virtual double get_current_speed() const;
+		virtual void get_stats(uint64_t &total_packets, uint64_t &total_bytes) const;
 
 	private:
 		virtual network_time_seconds time_to_slot(network_time_seconds t) const { return std::floor( t ); } // convert exact time eg 13.7 to rounded time for slot number in history 13

contrib/epee/include/net/network_throttle.hpp

@@ -2,7 +2,7 @@
 /// @author rfree (current maintainer in monero.cc project)
 /// @brief interface for throttling of connection (count and rate-limit speed etc)
 
-// Copyright (c) 2014-2018, The Monero Project
+// Copyright (c) 2014-2019, The Monero Project
 // 
 // All rights reserved.
 // 
@@ -152,7 +152,8 @@ class i_network_throttle {
 		virtual size_t get_recommended_size_of_planned_transport() const =0; // what should be the recommended limit of data size that we can transport over current network_throttle in near future
 
 		virtual double get_time_seconds() const =0; // a timer
-        virtual void logger_handle_net(const std::string &filename, double time, size_t size)=0;
+		virtual void logger_handle_net(const std::string &filename, double time, size_t size)=0;
+		virtual void get_stats(uint64_t &total_packets, uint64_t &total_bytes) const =0;
 
 
 };

contrib/epee/include/rolling_median.h

@@ -0,0 +1,236 @@
+// Copyright (c) 2019, The Monero Project
+// 
+// All rights reserved.
+// 
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+// 
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+// 
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+// 
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+// 
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Adapted from source by AShelly:
+// Copyright (c) 2011 ashelly.myopenid.com, licenced under the MIT licence
+// https://stackoverflow.com/questions/5527437/rolling-median-in-c-turlach-implementation
+// https://stackoverflow.com/questions/1309263/rolling-median-algorithm-in-c
+// https://ideone.com/XPbl6
+
+#pragma once
+
+#include <stdlib.h>
+#include <stdint.h>
+
+namespace epee
+{
+namespace misc_utils
+{
+
+template<typename Item>
+struct rolling_median_t
+{
+private:
+  Item* data;  //circular queue of values
+  int*  pos;   //index into `heap` for each value
+  int*  heap;  //max/median/min heap holding indexes into `data`.
+  int   N;     //allocated size.
+  int   idx;   //position in circular queue
+  int   minCt; //count of items in min heap
+  int   maxCt; //count of items in max heap
+  int   sz;    //count of items in heap
+
+private:
+
+  //returns true if heap[i] < heap[j]
+  bool mmless(int i, int j) const
+  {
+    return data[heap[i]] < data[heap[j]];
+  }
+
+  //swaps items i&j in heap, maintains indexes
+  bool mmexchange(int i, int j)
+  {
+    const int t = heap[i];
+    heap[i] = heap[j];
+    heap[j] = t;
+    pos[heap[i]] = i;
+    pos[heap[j]] = j;
+    return 1;
+  }
+
+  //swaps items i&j if i<j;  returns true if swapped
+  bool mmCmpExch(int i, int j)
+  {
+     return mmless(i, j) && mmexchange(i, j);
+  }
+
+  //maintains minheap property for all items below i.
+  void minSortDown(int i)
+  {
+    for (i *= 2; i <= minCt; i *= 2)
+    {
+       if (i < minCt && mmless(i + 1, i))
+         ++i;
+       if (!mmCmpExch(i, i / 2))
+         break;
+    }
+  }
+
+  //maintains maxheap property for all items below i. (negative indexes)
+  void maxSortDown(int i)
+  {
+    for (i *= 2; i >= -maxCt; i *= 2)
+    {
+      if (i > -maxCt && mmless(i, i - 1))
+        --i;
+      if (!mmCmpExch(i / 2, i))
+        break;
+    }
+  }
+
+  //maintains minheap property for all items above i, including median
+  //returns true if median changed
+  bool minSortUp(int i)
+  {
+    while (i > 0 && mmCmpExch(i, i / 2))
+      i /= 2;
+    return i == 0;
+  }
+
+  //maintains maxheap property for all items above i, including median
+  //returns true if median changed
+  bool maxSortUp(int i)
+  {
+     while (i < 0 && mmCmpExch(i / 2, i))
+       i /= 2;
+     return i == 0;
+  }
+
+protected:
+  rolling_median_t &operator=(const rolling_median_t&) = delete;
+  rolling_median_t(const rolling_median_t&) = delete;
+
+public:
+  //creates new rolling_median_t: to calculate `nItems` running median. 
+  rolling_median_t(size_t N): N(N)
+  {
+    int size = N * (sizeof(Item) + sizeof(int) * 2);
+    data = (Item*)malloc(size);
+    pos = (int*) (data + N);
+    heap = pos + N + (N / 2); //points to middle of storage.
+    clear();
+  }
+
+  rolling_median_t(rolling_median_t &&m)
+  {
+    free(data);
+    memcpy(this, &m, sizeof(rolling_median_t));
+    m.data = NULL;
+  }
+  rolling_median_t &operator=(rolling_median_t &&m)
+  {
+    free(data);
+    memcpy(this, &m, sizeof(rolling_median_t));
+    m.data = NULL;
+    return *this;
+  }
+
+  ~rolling_median_t()
+  {
+    free(data);
+  }
+
+  void clear()
+  {
+    idx = 0;
+    minCt = 0;
+    maxCt = 0;
+    sz = 0;
+    int nItems = N;
+    while (nItems--)  //set up initial heap fill pattern: median,max,min,max,...
+    {
+      pos[nItems] = ((nItems + 1) / 2) * ((nItems & 1) ? -1 : 1);
+      heap[pos[nItems]] = nItems;
+    }
+  }
+
+  int size() const
+  {
+    return sz;
+  }
+
+  //Inserts item, maintains median in O(lg nItems)
+  void insert(Item v)
+  {
+    int p = pos[idx];
+    Item old = data[idx];
+    data[idx] = v;
+    idx = (idx + 1) % N;
+    sz = std::min<int>(sz + 1, N);
+    if (p > 0)         //new item is in minHeap
+    {
+      if (minCt < (N - 1) / 2)
+      {
+        ++minCt;
+      }
+      else if (v > old)
+      {
+        minSortDown(p);
+        return;
+      }
+      if (minSortUp(p) && mmCmpExch(0, -1))
+        maxSortDown(-1);
+    }
+    else if (p < 0)   //new item is in maxheap
+    {
+      if (maxCt < N / 2)
+      {
+        ++maxCt;
+      }
+      else if (v < old)
+      {
+        maxSortDown(p);
+        return;
+      }
+      if (maxSortUp(p) && minCt && mmCmpExch(1, 0))
+        minSortDown(1);
+    }
+    else //new item is at median
+    {
+      if (maxCt && maxSortUp(-1))
+        maxSortDown(-1);
+      if (minCt && minSortUp(1))
+        minSortDown(1);
+    }
+  }
+
+  //returns median item (or average of 2 when item count is even)
+  Item median() const
+  {
+    Item v = data[heap[0]];
+    if (minCt < maxCt)
+    {
+      v = (v + data[heap[-1]]) / 2;
+    }
+    return v;
+  }
+};
+
+}
+}

contrib/epee/include/serialization/keyvalue_serialization.h

@@ -32,6 +32,9 @@
 #include "enableable.h"
 #include "keyvalue_serialization_overloads.h"
 
+#undef MONERO_DEFAULT_LOG_CATEGORY
+#define MONERO_DEFAULT_LOG_CATEGORY "serialization"
+
 namespace epee
 {
   /************************************************************************/

contrib/epee/include/serialization/keyvalue_serialization_overloads.h

@@ -33,6 +33,9 @@
 #include <boost/mpl/vector.hpp>
 #include <boost/mpl/contains_fwd.hpp>
 
+#undef MONERO_DEFAULT_LOG_CATEGORY
+#define MONERO_DEFAULT_LOG_CATEGORY "serialization"
+
 namespace epee
 {
   namespace

contrib/epee/include/span.h

@@ -1,4 +1,4 @@
-// Copyright (c) 2017-2018, The Monero Project
+// Copyright (c) 2017-2019, The Monero Project
 //
 // All rights reserved.
 //
@@ -31,6 +31,7 @@
 #include <algorithm>
 #include <cstdint>
 #include <memory>
+#include <string>
 #include <type_traits>
 
 namespace epee
@@ -163,4 +164,12 @@ namespace epee
     static_assert(!has_padding<T>(), "source type may have padding");
     return {reinterpret_cast<std::uint8_t*>(std::addressof(src)), sizeof(T)};
   }
+
+  //! make a span from a std::string
+  template<typename T>
+  span<const T> strspan(const std::string &s) noexcept
+  {
+    static_assert(std::is_same<T, char>() || std::is_same<T, unsigned char>() || std::is_same<T, int8_t>() || std::is_same<T, uint8_t>(), "Unexpected type");
+    return {reinterpret_cast<const T*>(s.data()), s.size()};
+  }
 }

contrib/epee/include/stats.h

@@ -0,0 +1,58 @@
+#pragma once
+
+#include <vector>
+
+template<typename T, typename Tpod = T>
+class Stats
+{
+public:
+  Stats(const std::vector<T> &v): values(v), cached(0) {}
+  ~Stats() {}
+
+  size_t get_size() const;
+  Tpod get_min() const;
+  Tpod get_max() const;
+  Tpod get_median() const;
+  double get_mean() const;
+  double get_confidence_interval_95() const;
+  double get_confidence_interval_99() const;
+  double get_standard_deviation() const;
+  double get_standard_error() const;
+  double get_variance() const;
+  double get_kurtosis() const;
+  double get_non_parametric_skew() const;
+  double get_t_test(T t) const;
+  double get_t_test(size_t npoints, double mean, double stddev) const;
+  double get_t_test(const Stats<T> &other) const;
+  double get_z_test(const Stats<T> &other) const;
+  double get_test(const Stats<T> &other) const;
+  std::vector<Tpod> get_quantiles(unsigned int quantiles) const;
+  std::vector<size_t> get_bins(unsigned int bins) const;
+  bool is_same_distribution_95(size_t npoints, double mean, double stddev) const;
+  bool is_same_distribution_95(const Stats<T> &other) const;
+  bool is_same_distribution_99(size_t npoints, double mean, double stddev) const;
+  bool is_same_distribution_99(const Stats<T> &other) const;
+
+  double get_cdf95(size_t df) const;
+  double get_cdf95(const Stats<T> &other) const;
+  double get_cdf99(size_t df) const;
+  double get_cdf99(const Stats<T> &other) const;
+
+private:
+  inline bool is_cached(int bit) const;
+  inline void set_cached(int bit) const;
+
+  const std::vector<T> &values;
+
+  mutable uint64_t cached;
+  mutable Tpod min;
+  mutable Tpod max;
+  mutable Tpod median;
+  mutable double mean;
+  mutable double standard_deviation;
+  mutable double standard_error;
+  mutable double variance;
+  mutable double kurtosis;
+};
+
+#include "stats.inl"

contrib/epee/include/stats.inl

@@ -0,0 +1,359 @@
+#include <math.h>
+#include <limits>
+#include <algorithm>
+#include "stats.h"
+
+enum
+{
+  bit_min = 0,
+  bit_max,
+  bit_median,
+  bit_mean,
+  bit_standard_deviation,
+  bit_standard_error,
+  bit_variance,
+  bit_kurtosis,
+};
+
+static inline double square(double x)
+{
+  return x * x;
+}
+
+template<typename T>
+static inline double interpolate(T v, T v0, double i0, T v1, double i1)
+{
+  return i0 + (i1 - i0) * (v - v0) / (v1 - v0);
+}
+
+template<typename T, typename Tpod>
+inline bool Stats<T, Tpod>::is_cached(int bit) const
+{
+  return cached & (1<<bit);
+}
+
+template<typename T, typename Tpod>
+inline void Stats<T, Tpod>::set_cached(int bit) const
+{
+  cached |= 1<<bit;
+}
+
+template<typename T, typename Tpod>
+size_t Stats<T, Tpod>::get_size() const
+{
+  return values.size();
+}
+
+template<typename T, typename Tpod>
+Tpod Stats<T, Tpod>::get_min() const
+{
+  if (!is_cached(bit_min))
+  {
+    min = std::numeric_limits<Tpod>::max();
+    for (const T &v: values)
+      min = std::min<Tpod>(min, v);
+    set_cached(bit_min);
+  }
+  return min;
+}
+
+template<typename T, typename Tpod>
+Tpod Stats<T, Tpod>::get_max() const
+{
+  if (!is_cached(bit_max))
+  {
+    max = std::numeric_limits<Tpod>::min();
+    for (const T &v: values)
+      max = std::max<Tpod>(max, v);
+    set_cached(bit_max);
+  }
+  return max;
+}
+
+template<typename T, typename Tpod>
+Tpod Stats<T, Tpod>::get_median() const
+{
+  if (!is_cached(bit_median))
+  {
+    std::vector<Tpod> sorted;
+    sorted.reserve(values.size());
+    for (const T &v: values)
+      sorted.push_back(v);
+    std::sort(sorted.begin(), sorted.end());
+    if (sorted.size() & 1)
+    {
+      median = sorted[sorted.size() / 2];
+    }
+    else
+    {
+      median = (sorted[(sorted.size() - 1) / 2] + sorted[sorted.size() / 2]) / 2;
+    }
+    set_cached(bit_median);
+  }
+  return median;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_mean() const
+{
+  if (values.empty())
+    return 0.0;
+  if (!is_cached(bit_mean))
+  {
+    mean = 0.0;
+    for (const T &v: values)
+      mean += v;
+    mean /= values.size();
+    set_cached(bit_mean);
+  }
+  return mean;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_cdf95(size_t df) const
+{
+  static const double p[101] = {
+    -1, 12.706, 4.3027, 3.1824, 2.7765, 2.5706, 2.4469, 2.3646, 2.3060, 2.2622, 2.2281, 2.2010, 2.1788, 2.1604, 2.1448, 2.1315,
+    2.1199, 2.1098, 2.1009, 2.0930, 2.0860, 2.0796, 2.0739, 2.0687, 2.0639, 2.0595, 2.0555, 2.0518, 2.0484, 2.0452, 2.0423, 2.0395,
+    2.0369, 2.0345, 2.0322, 2.0301, 2.0281, 2.0262, 2.0244, 2.0227, 2.0211, 2.0195, 2.0181, 2.0167, 2.0154, 2.0141, 2.0129, 2.0117,
+    2.0106, 2.0096, 2.0086, 2.0076, 2.0066, 2.0057, 2.0049, 2.0040, 2.0032, 2.0025, 2.0017, 2.0010, 2.0003, 1.9996, 1.9990, 1.9983,
+    1.9977, 1.9971, 1.9966, 1.9960, 1.9955, 1.9949, 1.9944, 1.9939, 1.9935, 1.9930, 1.9925, 1.9921, 1.9917, 1.9913, 1.9908, 1.9905,
+    1.9901, 1.9897, 1.9893, 1.9890, 1.9886, 1.9883, 1.9879, 1.9876, 1.9873, 1.9870, 1.9867, 1.9864, 1.9861, 1.9858, 1.9855, 1.9852,
+    1.9850, 1.9847, 1.9845, 1.9842, 1.9840,
+  };
+  if (df <= 100)
+    return p[df];
+  if (df <= 120)
+    return interpolate<size_t>(df, 100, 1.9840, 120, 1.98);
+  return 1.96;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_cdf95(const Stats<T> &other) const
+{
+  return get_cdf95(get_size() + other.get_size() - 2);
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_cdf99(size_t df) const
+{
+  static const double p[101] = {
+    -1, 9.9250, 5.8408, 4.6041, 4.0321, 3.7074, 3.4995, 3.3554, 3.2498, 3.1693, 3.1058, 3.0545, 3.0123, 2.9768, 2.9467, 2.9208, 2.8982,
+     2.8784, 2.8609, 2.8453, 2.8314, 2.8188, 2.8073, 2.7970, 2.7874, 2.7787, 2.7707, 2.7633, 2.7564, 2.7500, 2.7440, 2.7385, 2.7333,
+     2.7284, 2.7238, 2.7195, 2.7154, 2.7116, 2.7079, 2.7045, 2.7012, 2.6981, 2.6951, 2.6923, 2.6896, 2.6870, 2.6846, 2.6822, 2.6800,
+     2.6778, 2.6757, 2.6737, 2.6718, 2.6700, 2.6682, 2.6665, 2.6649, 2.6633, 2.6618, 2.6603, 2.6589, 2.6575, 2.6561, 2.6549, 2.6536,
+     2.6524, 2.6512, 2.6501, 2.6490, 2.6479, 2.6469, 2.6458, 2.6449, 2.6439, 2.6430, 2.6421, 2.6412, 2.6403, 2.6395, 2.6387, 2.6379,
+     2.6371, 2.6364, 2.6356, 2.6349, 2.6342, 2.6335, 2.6329, 2.6322, 2.6316, 2.6309, 2.6303, 2.6297, 2.6291, 2.6286, 2.6280, 2.6275,
+     2.6269, 2.6264, 2.6259,
+  };
+  if (df <= 100)
+    return p[df];
+  if (df <= 120)
+    return interpolate<size_t>(df, 100, 2.6529, 120, 2.617);
+  return 2.576;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_cdf99(const Stats<T> &other) const
+{
+  return get_cdf99(get_size() + other.get_size() - 2);
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_confidence_interval_95() const
+{
+  const size_t df = get_size() - 1;
+  return get_standard_error() * get_cdf95(df);
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_confidence_interval_99() const
+{
+  const size_t df = get_size() - 1;
+  return get_standard_error() * get_cdf99(df);
+}
+
+template<typename T, typename Tpod>
+bool Stats<T, Tpod>::is_same_distribution_95(size_t npoints, double mean, double stddev) const
+{
+  return fabs(get_t_test(npoints, mean, stddev)) < get_cdf95(get_size() + npoints - 2);
+}
+
+template<typename T, typename Tpod>
+bool Stats<T, Tpod>::is_same_distribution_95(const Stats<T> &other) const
+{
+  return fabs(get_t_test(other)) < get_cdf95(other);
+}
+
+template<typename T, typename Tpod>
+bool Stats<T, Tpod>::is_same_distribution_99(size_t npoints, double mean, double stddev) const
+{
+  return fabs(get_t_test(npoints, mean, stddev)) < get_cdf99(get_size() + npoints - 2);
+}
+
+template<typename T, typename Tpod>
+bool Stats<T, Tpod>::is_same_distribution_99(const Stats<T> &other) const
+{
+  return fabs(get_t_test(other)) < get_cdf99(other);
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_standard_deviation() const
+{
+  if (values.size() <= 1)
+    return 0.0;
+  if (!is_cached(bit_standard_deviation))
+  {
+    Tpod m = get_mean(), t = 0;
+    for (const T &v: values)
+      t += ((T)v - m) * ((T)v - m);
+    standard_deviation = sqrt(t / ((double)values.size() - 1));
+    set_cached(bit_standard_deviation);
+  }
+  return standard_deviation;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_standard_error() const
+{
+  if (!is_cached(bit_standard_error))
+  {
+    standard_error = get_standard_deviation() / sqrt(get_size());
+    set_cached(bit_standard_error);
+  }
+  return standard_error;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_variance() const
+{
+  if (!is_cached(bit_variance))
+  {
+    double stddev = get_standard_deviation();
+    variance = stddev * stddev;
+    set_cached(bit_variance);
+  }
+  return variance;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_kurtosis() const
+{
+  if (values.empty())
+    return 0.0;
+  if (!is_cached(bit_kurtosis))
+  {
+    double m = get_mean();
+    double n = 0, d = 0;
+    for (const T &v: values)
+    {
+      T p2 = (v - m) * (v - m);
+      T p4 = p2 * p2;
+      n += p4;
+      d += p2;
+    }
+    n /= values.size();
+    d /= values.size();
+    d *= d;
+    kurtosis = n / d;
+    set_cached(bit_kurtosis);
+  }
+  return kurtosis;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_non_parametric_skew() const
+{
+  return (get_mean() - get_median()) / get_standard_deviation();
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_t_test(T t) const
+{
+  const double n = get_mean() - t;
+  const double d = get_standard_deviation() / sqrt(get_size());
+  return n / d;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_t_test(size_t npoints, double mean, double stddev) const
+{
+  const double n = get_mean() - mean;
+  const double d = sqrt(get_variance() / get_size() + square(stddev) / npoints);
+  return n / d;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_t_test(const Stats<T> &other) const
+{
+  const double n = get_mean() - other.get_mean();
+  const double d = sqrt(get_variance() / get_size() + other.get_variance() / other.get_size());
+  return n / d;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_z_test(const Stats<T> &other) const
+{
+  const double m0 = get_mean();
+  const double m1 = other.get_mean();
+  const double sd0 = get_standard_deviation();
+  const double sd1 = other.get_standard_deviation();
+  const size_t s0 = get_size();
+  const size_t s1 = other.get_size();
+
+  const double n = m0 - m1;
+  const double d = sqrt(square(sd0 / sqrt(s0)) + square(sd1 / sqrt(s1)));
+
+  return n / d;
+}
+
+template<typename T, typename Tpod>
+double Stats<T, Tpod>::get_test(const Stats<T> &other) const
+{
+  if (get_size() >= 30 && other.get_size() >= 30)
+    return get_z_test(other);
+  else
+    return get_t_test(other);
+}
+
+template<typename T, typename Tpod>
+std::vector<Tpod> Stats<T, Tpod>::get_quantiles(unsigned int quantiles) const
+{
+  std::vector<Tpod> sorted;
+  sorted.reserve(values.size());
+  for (const T &v: values)
+    sorted.push_back(v);
+  std::sort(sorted.begin(), sorted.end());
+  std::vector<Tpod> q(quantiles + 1, 0);
+  for (unsigned int i = 1; i <= quantiles; ++i)
+  {
+    unsigned idx = (unsigned)ceil(values.size() * i / (double)quantiles);
+    q[i] = sorted[idx - 1];
+  }
+  if (!is_cached(bit_min))
+  {
+    min = sorted.front();
+    set_cached(bit_min);
+  }
+  q[0] = min;
+  if (!is_cached(bit_max))
+  {
+    max = sorted.back();
+    set_cached(bit_max);
+  }
+  return q;
+}
+
+template<typename T, typename Tpod>
+std::vector<size_t> Stats<T, Tpod>::get_bins(unsigned int bins) const
+{
+  std::vector<size_t> b(bins, 0);
+  const double scale = 1.0 / (get_max() - get_min());
+  const T base = get_min();
+  for (const T &v: values)
+  {
+    unsigned int idx = (v - base) * scale;
+    ++b[idx];
+  }
+  return b;
+}

contrib/epee/include/storages/http_abstract_invoke.h

@@ -97,7 +97,7 @@ namespace epee
         return false;
       }
 
-      return serialization::load_t_from_binary(result_struct, pri->m_body);
+      return serialization::load_t_from_binary(result_struct, epee::strspan<uint8_t>(pri->m_body));
     }
 
     template<class t_request, class t_response, class t_transport>

contrib/epee/include/storages/levin_abstract_invoke2.h

@@ -28,6 +28,7 @@
 
 #include "portable_storage_template_helper.h"
 #include <boost/utility/value_init.hpp>
+#include "span.h"
 #include "net/levin_base.h"
 
 #undef MONERO_DEFAULT_LOG_CATEGORY
@@ -114,7 +115,7 @@ namespace epee
       const_cast<t_arg&>(out_struct).store(stg);//TODO: add true const support to searilzation
       std::string buff_to_send;
       stg.store_to_binary(buff_to_send);
-      int res = transport.invoke_async(command, buff_to_send, conn_id, [cb, command](int code, const std::string& buff, typename t_transport::connection_context& context)->bool 
+      int res = transport.invoke_async(command, epee::strspan<uint8_t>(buff_to_send), conn_id, [cb, command](int code, const epee::span<const uint8_t> buff, typename t_transport::connection_context& context)->bool 
       {
         t_result result_struct = AUTO_VAL_INIT(result_struct);
         if( code <=0 )
@@ -156,7 +157,7 @@ namespace epee
       std::string buff_to_send;
       stg.store_to_binary(buff_to_send);
 
-      int res = transport.notify(command, buff_to_send, conn_id);
+      int res = transport.notify(command, epee::strspan<uint8_t>(buff_to_send), conn_id);
       if(res <=0 )
       {
         MERROR("Failed to notify command " << command << " return code " << res);
@@ -167,7 +168,7 @@ namespace epee
     //----------------------------------------------------------------------------------------------------
     //----------------------------------------------------------------------------------------------------
     template<class t_owner, class t_in_type, class t_out_type, class t_context, class callback_t>
-    int buff_to_t_adapter(int command, const std::string& in_buff, std::string& buff_out, callback_t cb, t_context& context )
+    int buff_to_t_adapter(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out, callback_t cb, t_context& context )
     {
       serialization::portable_storage strg;
       if(!strg.load_from_binary(in_buff))
@@ -197,7 +198,7 @@ namespace epee
     }
 
     template<class t_owner, class t_in_type, class t_context, class callback_t>
-    int buff_to_t_adapter(t_owner* powner, int command, const std::string& in_buff, callback_t cb, t_context& context)
+    int buff_to_t_adapter(t_owner* powner, int command, const epee::span<const uint8_t> in_buff, callback_t cb, t_context& context)
     {
       serialization::portable_storage strg;
       if(!strg.load_from_binary(in_buff))
@@ -215,14 +216,14 @@ namespace epee
     }
 
 #define CHAIN_LEVIN_INVOKE_MAP2(context_type) \
-  int invoke(int command, const std::string& in_buff, std::string& buff_out, context_type& context) \
+  int invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out, context_type& context) \
   { \
   bool handled = false; \
   return handle_invoke_map(false, command, in_buff, buff_out, context, handled); \
   } 
 
 #define CHAIN_LEVIN_NOTIFY_MAP2(context_type) \
-  int notify(int command, const std::string& in_buff, context_type& context) \
+  int notify(int command, const epee::span<const uint8_t> in_buff, context_type& context) \
   { \
   bool handled = false; std::string fake_str;\
   return handle_invoke_map(true, command, in_buff, fake_str, context, handled); \
@@ -230,27 +231,27 @@ namespace epee
 
 
 #define CHAIN_LEVIN_INVOKE_MAP() \
-  int invoke(int command, const std::string& in_buff, std::string& buff_out, epee::net_utils::connection_context_base& context) \
+  int invoke(int command, const epee::span<const uint8_t> in_buff, std::string& buff_out, epee::net_utils::connection_context_base& context) \
   { \
   bool handled = false; \
   return handle_invoke_map(false, command, in_buff, buff_out, context, handled); \
   } 
 
 #define CHAIN_LEVIN_NOTIFY_MAP() \
-  int notify(int command, const std::string& in_buff, epee::net_utils::connection_context_base& context) \
+  int notify(int command, const epee::span<const uint8_t> in_buff, epee::net_utils::connection_context_base& context) \
   { \
   bool handled = false; std::string fake_str;\
   return handle_invoke_map(true, command, in_buff, fake_str, context, handled); \
   } 
 
 #define CHAIN_LEVIN_NOTIFY_STUB() \
-  int notify(int command, const std::string& in_buff, epee::net_utils::connection_context_base& context) \
+  int notify(int command, const epee::span<const uint8_t> in_buff, epee::net_utils::connection_context_base& context) \
   { \
   return -1; \
   } 
 
 #define BEGIN_INVOKE_MAP2(owner_type) \
-  template <class t_context> int handle_invoke_map(bool is_notify, int command, const std::string& in_buff, std::string& buff_out, t_context& context, bool& handled) \
+  template <class t_context> int handle_invoke_map(bool is_notify, int command, const epee::span<const uint8_t> in_buff, std::string& buff_out, t_context& context, bool& handled) \
   { \
   typedef owner_type internal_owner_type_name;
 

contrib/epee/include/storages/parserse_base_utils.h

@@ -29,6 +29,7 @@
 #pragma once 
 
 #include <algorithm>
+#include <boost/utility/string_ref.hpp>
 
 namespace epee 
 {
@@ -36,6 +37,41 @@ namespace misc_utils
 {
   namespace parse
   {
+    // 1: digit
+    // 2: .eE (floating point)
+    // 4: alpha
+    // 8: whitespace
+    // 16: allowed in float but doesn't necessarily mean it's a float
+    // 32: \ and " (end of verbatim string)
+    static const constexpr uint8_t lut[256]={
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 8, 8, 8, 8, 8, 0, 0, // 16
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 32
+      8, 0, 32, 0, 0, 0, 0, 0, 0, 0, 0, 16, 0, 16, 18, 0, // 48
+      17, 17, 17, 17, 17, 17, 17, 17, 17, 17, 0, 0, 0, 0, 0, 0, // 64
+      0, 4, 4, 4, 4, 22, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, // 80
+      4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 0, 32, 0, 0, 0, // 96
+      0, 4, 4, 4, 4, 22, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, // 112
+      4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 0, 0, 0, 0, 0, // 128
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    };
+
+    inline bool isspace(char c)
+    {
+      return lut[(uint8_t)c] & 8;
+    }
+
+    inline bool isdigit(char c)
+    {
+      return lut[(uint8_t)c] & 1;
+    }
+
     inline std::string transform_to_escape_sequence(const std::string& src)
     {
       static const char escaped[] = "\b\f\n\r\t\v\"\\/";
@@ -91,11 +127,15 @@ namespace misc_utils
       */
       inline void match_string2(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, std::string& val)
       {
-        val.clear();
-        val.reserve(std::distance(star_end_string, buf_end));
         bool escape_mode = false;
         std::string::const_iterator it = star_end_string;
         ++it;
+        std::string::const_iterator fi = it;
+        while (fi != buf_end && ((lut[(uint8_t)*fi] & 32)) == 0)
+          ++fi;
+        val.assign(it, fi);
+        val.reserve(std::distance(star_end_string, buf_end));
+        it = fi;
         for(;it != buf_end;it++)
         {
           if(escape_mode/*prev_ch == '\\'*/)
@@ -155,25 +195,34 @@ namespace misc_utils
           return false;
         }
       }
-      inline void match_number2(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, std::string& val, bool& is_float_val, bool& is_signed_val)
+      inline void match_number2(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, boost::string_ref& val, bool& is_float_val, bool& is_signed_val)
       {
         val.clear();
-        is_float_val = false;
-        for(std::string::const_iterator it = star_end_string;it != buf_end;it++)
+        uint8_t float_flag = 0;
+        is_signed_val = false;
+        size_t chars = 0;
+        std::string::const_iterator it = star_end_string;
+        if (it != buf_end && *it == '-')
         {
-          if(isdigit(*it) || (it == star_end_string && *it == '-') || (val.size() && *it == '.' ) || (is_float_val && (*it == 'e' || *it == 'E' || *it == '-' || *it == '+' )) )
+          is_signed_val = true;
+          ++chars;
+          ++it;
+        }
+        for(;it != buf_end;it++)
+        {
+          const uint8_t flags = lut[(uint8_t)*it];
+          if (flags & 16)
           {
-            if(!val.size() &&  *it == '-')
-              is_signed_val = true;
-            if(*it == '.' ) 
-              is_float_val = true;
-            val.push_back(*it);
+            float_flag |= flags;
+            ++chars;
           }
           else
           {
+            val = boost::string_ref(&*star_end_string, chars);
             if(val.size())
             {
               star_end_string = --it;
+              is_float_val = !!(float_flag & 2);
               return;
             }
             else 
@@ -182,7 +231,7 @@ namespace misc_utils
         }
         ASSERT_MES_AND_THROW("wrong number in json entry: " << std::string(star_end_string, buf_end));
       }
-      inline bool match_number(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, std::string& val)
+      inline bool match_number(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, boost::string_ref& val)
       {
         try
         {
@@ -195,15 +244,15 @@ namespace misc_utils
           return false;
         }
       }
-      inline void match_word2(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, std::string& val)
+      inline void match_word2(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, boost::string_ref& val)
       {
         val.clear();
 
         for(std::string::const_iterator it = star_end_string;it != buf_end;it++)
         {
-          if(!isalpha(*it))
+          if (!(lut[(uint8_t)*it] & 4))
           {
-            val.assign(star_end_string, it);
+            val = boost::string_ref(&*star_end_string, std::distance(star_end_string, it));
             if(val.size())
             {
               star_end_string = --it;
@@ -214,7 +263,7 @@ namespace misc_utils
         }
         ASSERT_MES_AND_THROW("failed to match word number in json entry: " << std::string(star_end_string, buf_end));
       }
-      inline bool match_word(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, std::string& val)
+      inline bool match_word(std::string::const_iterator& star_end_string, std::string::const_iterator buf_end, boost::string_ref& val)
       {
         try
         {

contrib/epee/include/storages/portable_storage.h

@@ -35,6 +35,7 @@
 #include "portable_storage_to_json.h"
 #include "portable_storage_from_json.h"
 #include "portable_storage_val_converters.h"
+#include "span.h"
 #include "int-util.h"
 
 namespace epee
@@ -81,7 +82,8 @@ namespace epee
 
       //-------------------------------------------------------------------------------
       bool		store_to_binary(binarybuffer& target);
-      bool		load_from_binary(const binarybuffer& target);
+      bool		load_from_binary(const epee::span<const uint8_t> target);
+      bool		load_from_binary(const std::string& target) { return load_from_binary(epee::strspan<uint8_t>(target)); }
       template<class trace_policy>
       bool		  dump_as_xml(std::string& targetObj, const std::string& root_name = "");
       bool		  dump_as_json(std::string& targetObj, size_t indent = 0, bool insert_newlines = true);
@@ -146,7 +148,7 @@ namespace epee
       CATCH_ENTRY("portable_storage::store_to_binary", false)
     }
     inline
-    bool portable_storage::load_from_binary(const binarybuffer& source)
+    bool portable_storage::load_from_binary(const epee::span<const uint8_t> source)
     {
       m_root.m_entries.clear();
       if(source.size() < sizeof(storage_block_header))

contrib/epee/include/storages/portable_storage_base.h

@@ -31,7 +31,8 @@
 #include <boost/variant.hpp>
 #include <boost/any.hpp>
 #include <string>
-#include <list>
+#include <vector>
+#include <deque>
 
 #define PORTABLE_STORAGE_SIGNATUREA 0x01011101
 #define PORTABLE_STORAGE_SIGNATUREB 0x01020101 // bender's nightmare 
@@ -71,6 +72,9 @@ namespace epee
   {
     struct section;
 
+    template<typename T> struct entry_container { typedef std::vector<T> type; static void reserve(type &t, size_t n) { t.reserve(n); } };
+    template<> struct entry_container<bool> { typedef std::deque<bool> type; static void reserve(type &t, size_t n) {} };
+
     /************************************************************************/
     /*                                                                      */
     /************************************************************************/
@@ -78,6 +82,7 @@ namespace epee
     struct array_entry_t
     {
       array_entry_t():m_it(m_array.end()){}        
+      array_entry_t(const array_entry_t& other):m_array(other.m_array), m_it(m_array.end()){}
 
       const t_entry_type* get_first_val() const 
       {
@@ -119,8 +124,13 @@ namespace epee
         return m_array.back();
       }
 
-      std::list<t_entry_type> m_array;
-      mutable typename std::list<t_entry_type>::const_iterator m_it;
+      void reserve(size_t n)
+      {
+        entry_container<t_entry_type>::reserve(m_array, n);
+      }
+
+      typename entry_container<t_entry_type>::type m_array;
+      mutable typename entry_container<t_entry_type>::type::const_iterator m_it;
     };
 
 

contrib/epee/include/storages/portable_storage_from_bin.h

@@ -136,6 +136,7 @@ namespace epee
       //for pod types
       array_entry_t<type_name> sa;
       size_t size = read_varint();
+      sa.reserve(size);
       //TODO: add some optimization here later
       while(size--)
         sa.m_array.push_back(read<type_name>());        

contrib/epee/include/storages/portable_storage_from_json.h

@@ -39,7 +39,7 @@ namespace epee
   {
     namespace json
     {
-#define CHECK_ISSPACE()  if(!isspace(*it)){ ASSERT_MES_AND_THROW("Wrong JSON character at: " << std::string(it, buf_end));}
+#define CHECK_ISSPACE()  if(!epee::misc_utils::parse::isspace(*it)){ ASSERT_MES_AND_THROW("Wrong JSON character at: " << std::string(it, buf_end));}
 
       /*inline void parse_error()
       {
@@ -114,11 +114,11 @@ namespace epee
               std::string val;
               match_string2(it, buf_end, val);
               //insert text value 
-              stg.set_value(name, val, current_section);              
+              stg.set_value(name, std::move(val), current_section);
               state = match_state_wonder_after_value;
-            }else if (isdigit(*it) || *it == '-')
+            }else if (epee::misc_utils::parse::isdigit(*it) || *it == '-')
             {//just a named number value started
-              std::string val;
+              boost::string_ref val;
               bool is_v_float = false;bool is_signed = false;
               match_number2(it, buf_end, val, is_v_float, is_signed);
               if(!is_v_float)
@@ -126,27 +126,27 @@ namespace epee
                 if(is_signed)
                 {
                   errno = 0;
-                  int64_t nval = strtoll(val.c_str(), NULL, 10);
-                  if (errno) throw std::runtime_error("Invalid number: " + val);
+                  int64_t nval = strtoll(val.data(), NULL, 10);
+                  if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                   stg.set_value(name, nval, current_section);              
                 }else
                 {
                   errno = 0;
-                  uint64_t nval = strtoull(val.c_str(), NULL, 10);
-                  if (errno) throw std::runtime_error("Invalid number: " + val);
+                  uint64_t nval = strtoull(val.data(), NULL, 10);
+                  if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                   stg.set_value(name, nval, current_section);              
                 }
               }else
               {
                 errno = 0;
-                double nval = strtod(val.c_str(), NULL);
-                if (errno) throw std::runtime_error("Invalid number: " + val);
+                double nval = strtod(val.data(), NULL);
+                if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                 stg.set_value(name, nval, current_section);              
               }
               state = match_state_wonder_after_value;
             }else if(isalpha(*it) )
             {// could be null, true or false
-              std::string word;
+              boost::string_ref word;
               match_word2(it, buf_end, word);
               if(boost::iequals(word, "null"))
               {
@@ -203,13 +203,13 @@ namespace epee
               //mean array of strings
               std::string val;
               match_string2(it, buf_end, val);
-              h_array = stg.insert_first_value(name, val, current_section);
+              h_array = stg.insert_first_value(name, std::move(val), current_section);
               CHECK_AND_ASSERT_THROW_MES(h_array, " failed to insert values entry");
               state = match_state_array_after_value;
               array_md = array_mode_string;
-            }else if (isdigit(*it) || *it == '-')
+            }else if (epee::misc_utils::parse::isdigit(*it) || *it == '-')
             {//array of numbers value started
-              std::string val;
+              boost::string_ref val;
               bool is_v_float = false;bool is_signed_val = false;
               match_number2(it, buf_end, val, is_v_float, is_signed_val);
               if(!is_v_float)
@@ -217,22 +217,22 @@ namespace epee
                 if (is_signed_val)
                 {
                   errno = 0;
-                  int64_t nval = strtoll(val.c_str(), NULL, 10);
-                  if (errno) throw std::runtime_error("Invalid number: " + val);
+                  int64_t nval = strtoll(val.data(), NULL, 10);
+                  if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                   h_array = stg.insert_first_value(name, nval, current_section);
                 }else
                 {
                   errno = 0;
-                  uint64_t nval = strtoull(val.c_str(), NULL, 10);
-                  if (errno) throw std::runtime_error("Invalid number: " + val);
+                  uint64_t nval = strtoull(val.data(), NULL, 10);
+                  if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                   h_array = stg.insert_first_value(name, nval, current_section);
                 }
                 CHECK_AND_ASSERT_THROW_MES(h_array, " failed to insert values section entry");
               }else
               {
                 errno = 0;
-                double nval = strtod(val.c_str(), NULL);
-                if (errno) throw std::runtime_error("Invalid number: " + val);
+                double nval = strtod(val.data(), NULL);
+                if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                 h_array = stg.insert_first_value(name, nval, current_section);
                 CHECK_AND_ASSERT_THROW_MES(h_array, " failed to insert values section entry");
               }
@@ -245,7 +245,7 @@ namespace epee
               state = match_state_wonder_after_value;
             }else if(isalpha(*it) )
             {// array of booleans
-              std::string word;
+              boost::string_ref word;
               match_word2(it, buf_end, word);
               if(boost::iequals(word, "true"))
               {
@@ -291,15 +291,15 @@ namespace epee
               {
                 std::string val;
                 match_string2(it, buf_end, val);
-                bool res = stg.insert_next_value(h_array, val);
+                bool res = stg.insert_next_value(h_array, std::move(val));
                 CHECK_AND_ASSERT_THROW_MES(res, "failed to insert values");
                 state = match_state_array_after_value;
               }else CHECK_ISSPACE();
               break;
             case array_mode_numbers:
-              if (isdigit(*it) || *it == '-')
+              if (epee::misc_utils::parse::isdigit(*it) || *it == '-')
               {//array of numbers value started
-                std::string val;
+                boost::string_ref val;
                 bool is_v_float = false;bool is_signed_val = false;
                 match_number2(it, buf_end, val, is_v_float, is_signed_val);
                 bool insert_res = false;
@@ -308,21 +308,21 @@ namespace epee
                   if (is_signed_val)
                   {
                     errno = 0;
-                    int64_t nval = strtoll(val.c_str(), NULL, 10);
-                    if (errno) throw std::runtime_error("Invalid number: " + val);
+                    int64_t nval = strtoll(val.data(), NULL, 10);
+                    if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                     insert_res = stg.insert_next_value(h_array, nval);
                   }else
                   {
                     errno = 0;
-                    uint64_t nval = strtoull(val.c_str(), NULL, 10);
-                    if (errno) throw std::runtime_error("Invalid number: " + val);
+                    uint64_t nval = strtoull(val.data(), NULL, 10);
+                    if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                     insert_res = stg.insert_next_value(h_array, nval);
                   }
                 }else
                 {
                   errno = 0;
-                  double nval = strtod(val.c_str(), NULL);
-                  if (errno) throw std::runtime_error("Invalid number: " + val);
+                  double nval = strtod(val.data(), NULL);
+                  if (errno) throw std::runtime_error("Invalid number: " + std::string(val));
                   insert_res = stg.insert_next_value(h_array, nval);              
                 }
                 CHECK_AND_ASSERT_THROW_MES(insert_res, "Failed to insert next value");
@@ -333,7 +333,7 @@ namespace epee
             case array_mode_booleans:
               if(isalpha(*it) )
               {// array of booleans
-                std::string word;
+                boost::string_ref word;
                 match_word2(it, buf_end, word);
                 if(boost::iequals(word, "true"))
                 {

contrib/epee/include/storages/portable_storage_template_helper.h

@@ -84,7 +84,7 @@ namespace epee
     }
     //-----------------------------------------------------------------------------------------------------------
     template<class t_struct>
-    bool load_t_from_binary(t_struct& out, const std::string& binary_buff)
+    bool load_t_from_binary(t_struct& out, const epee::span<const uint8_t> binary_buff)
     {
       portable_storage ps;
       bool rs = ps.load_from_binary(binary_buff);
@@ -95,6 +95,12 @@ namespace epee
     }
     //-----------------------------------------------------------------------------------------------------------
     template<class t_struct>
+    bool load_t_from_binary(t_struct& out, const std::string& binary_buff)
+    {
+      return load_t_from_binary(out, epee::strspan<uint8_t>(binary_buff));
+    }
+    //-----------------------------------------------------------------------------------------------------------
+    template<class t_struct>
     bool load_t_from_binary_file(t_struct& out, const std::string& binary_file)
     {
       std::string f_buff;

contrib/epee/include/storages/portable_storage_val_converters.h

@@ -144,7 +144,7 @@ POP_WARNINGS
       {
         MTRACE("Converting std::string to uint64_t. Source: " << from);
         // String only contains digits
-        if(std::all_of(from.begin(), from.end(), ::isdigit))
+        if(std::all_of(from.begin(), from.end(), epee::misc_utils::parse::isdigit))
           to = boost::lexical_cast<uint64_t>(from);
         // MyMonero ISO 8061 timestamp (2017-05-06T16:27:06Z)
         else if (boost::regex_match (from, boost::regex("\\d{4}-[01]\\d-[0-3]\\dT[0-2]\\d:[0-5]\\d:[0-5]\\dZ")))