From 5a4c6cc3a89cf613e6770857b4180359d79cc8b2 Mon Sep 17 00:00:00 2001
From: moneromooo-monero <moneromooo-monero@users.noreply.github.com>
Date: Tue, 20 Aug 2019 12:48:55 +0000
Subject: [PATCH 1/5] daemon: fix merge error removing the "never seen before"
 timestamp check

---
 src/daemon/rpc_command_executor.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/daemon/rpc_command_executor.cpp b/src/daemon/rpc_command_executor.cpp
index 4d3debed6..670affd76 100644
--- a/src/daemon/rpc_command_executor.cpp
+++ b/src/daemon/rpc_command_executor.cpp
@@ -66,7 +66,7 @@ namespace {
     time(&now);
     time_t last_seen = static_cast<time_t>(peer.last_seen);
 
-    std::string elapsed = epee::misc_utils::get_time_interval_string(now - last_seen);
+    std::string elapsed = peer.last_seen == 0 ? "never" : epee::misc_utils::get_time_interval_string(now - last_seen);
     std::string id_str = epee::string_tools::pad_string(epee::string_tools::to_string_hex(peer.id), 16, '0', true);
     std::string port_str;
     epee::string_tools::xtype_to_string(peer.port, port_str);

From 289d21500c62d808e33e82925c9e46c156e92bc1 Mon Sep 17 00:00:00 2001
From: xiphon <xiphon@protonmail.com>
Date: Tue, 20 Aug 2019 15:05:54 +0000
Subject: [PATCH 2/5] rpc: fix unitialized
 'core_rpc_server::m_was_bootstrap_ever_used'

---
 src/rpc/core_rpc_server.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp
index d80219f1c..27d90c768 100644
--- a/src/rpc/core_rpc_server.cpp
+++ b/src/rpc/core_rpc_server.cpp
@@ -103,6 +103,7 @@ namespace cryptonote
     )
     : m_core(cr)
     , m_p2p(p2p)
+    , m_was_bootstrap_ever_used(false)
   {}
   //------------------------------------------------------------------------------------------------------------------------------
   bool core_rpc_server::set_bootstrap_daemon(const std::string &address, const std::string &username_password)

From 26f7a26ee3f53008b2b49a760464199d2631e2a8 Mon Sep 17 00:00:00 2001
From: xiphon <xiphon@protonmail.com>
Date: Tue, 20 Aug 2019 11:29:25 +0000
Subject: [PATCH 3/5] device: fix ledger requesting secret keys export twice

---
 src/device/device_ledger.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/device/device_ledger.cpp b/src/device/device_ledger.cpp
index eba633da8..c8d01fd82 100644
--- a/src/device/device_ledger.cpp
+++ b/src/device/device_ledger.cpp
@@ -416,10 +416,10 @@ namespace hw {
       #ifdef DEBUG_HWDEVICE
       cryptonote::account_public_address pubkey;
       this->get_public_address(pubkey);
-      #endif
       crypto::secret_key vkey;
       crypto::secret_key skey;
       this->get_secret_keys(vkey,skey);
+      #endif
 
       return true;
     }

From 2e2653602fe8d26713a3b545edc7de5990427135 Mon Sep 17 00:00:00 2001
From: moneromooo-monero <moneromooo-monero@users.noreply.github.com>
Date: Wed, 21 Aug 2019 14:00:43 +0000
Subject: [PATCH 4/5] p2p: move log away from global

It was here while debugging, and I forgot to move it away
---
 src/p2p/net_node.inl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl
index 8c0cff7e2..36e469520 100644
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
@@ -1420,7 +1420,7 @@ namespace nodetool
         if (skipped == 0 || !filtered.empty())
           break;
         if (skipped)
-          MGINFO("Skipping " << skipped << " possible peers as they share a class B with existing peers");
+          MINFO("Skipping " << skipped << " possible peers as they share a class B with existing peers");
       }
       if (filtered.empty())
       {

From e353e3d7571f14c147d160f9e0e1bc3ab8833ffc Mon Sep 17 00:00:00 2001
From: moneromooo-monero <moneromooo-monero@users.noreply.github.com>
Date: Tue, 18 Jun 2019 22:11:18 +0000
Subject: [PATCH 5/5] p2p: sanitize peer lists

Also remove the delta time fixup, since we now ignore those
as they're attacker controlled
---
 src/p2p/net_node.h   |  3 +--
 src/p2p/net_node.inl | 40 +++++++++++++++++++++++++---------------
 2 files changed, 26 insertions(+), 17 deletions(-)

diff --git a/src/p2p/net_node.h b/src/p2p/net_node.h
index 6d2ae878f..340ed8f90 100644
--- a/src/p2p/net_node.h
+++ b/src/p2p/net_node.h
@@ -349,8 +349,7 @@ namespace nodetool
     bool get_local_node_data(basic_node_data& node_data, const network_zone& zone);
     //bool get_local_handshake_data(handshake_data& hshd);
 
-    bool merge_peerlist_with_local(const std::vector<peerlist_entry>& bs);
-    bool fix_time_delta(std::vector<peerlist_entry>& local_peerlist, time_t local_time, int64_t& delta);
+    bool sanitize_peerlist(std::vector<peerlist_entry>& local_peerlist);
 
     bool connections_maker();
     bool peer_sync_idle_maker();
diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl
index 8c0cff7e2..bf9f0ab6a 100644
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
@@ -1815,21 +1815,32 @@ namespace nodetool
   }
   //-----------------------------------------------------------------------------------
   template<class t_payload_net_handler>
-  bool node_server<t_payload_net_handler>::fix_time_delta(std::vector<peerlist_entry>& local_peerlist, time_t local_time, int64_t& delta)
+  bool node_server<t_payload_net_handler>::sanitize_peerlist(std::vector<peerlist_entry>& local_peerlist)
   {
-    //fix time delta
-    time_t now = 0;
-    time(&now);
-    delta = now - local_time;
-
-    for(peerlist_entry& be: local_peerlist)
+    for (size_t i = 0; i < local_peerlist.size(); ++i)
     {
-      if(be.last_seen > local_time)
+      bool ignore = false;
+      peerlist_entry &be = local_peerlist[i];
+      epee::net_utils::network_address &na = be.adr;
+      if (na.is_loopback() || na.is_local())
       {
-        MWARNING("FOUND FUTURE peerlist for entry " << be.adr.str() << " last_seen: " << be.last_seen << ", local_time(on remote node):" << local_time);
-        return false;
+        ignore = true;
       }
-      be.last_seen += delta;
+      else if (be.adr.get_type_id() == epee::net_utils::ipv4_network_address::get_type_id())
+      {
+        const epee::net_utils::ipv4_network_address &ipv4 = na.as<const epee::net_utils::ipv4_network_address>();
+        if (ipv4.ip() == 0)
+          ignore = true;
+      }
+      if (ignore)
+      {
+        MDEBUG("Ignoring " << be.adr.str());
+        std::swap(local_peerlist[i], local_peerlist[local_peerlist.size() - 1]);
+        local_peerlist.resize(local_peerlist.size() - 1);
+        --i;
+        continue;
+      }
+
 #ifdef CRYPTONOTE_PRUNING_DEBUG_SPOOF_SEED
       be.pruning_seed = tools::make_pruning_seed(1 + (be.adr.as<epee::net_utils::ipv4_network_address>().ip()) % (1ul << CRYPTONOTE_PRUNING_LOG_STRIPES), CRYPTONOTE_PRUNING_LOG_STRIPES);
 #endif
@@ -1840,9 +1851,8 @@ namespace nodetool
   template<class t_payload_net_handler>
   bool node_server<t_payload_net_handler>::handle_remote_peerlist(const std::vector<peerlist_entry>& peerlist, time_t local_time, const epee::net_utils::connection_context_base& context)
   {
-    int64_t delta = 0;
     std::vector<peerlist_entry> peerlist_ = peerlist;
-    if(!fix_time_delta(peerlist_, local_time, delta))
+    if(!sanitize_peerlist(peerlist_))
       return false;
 
     const epee::net_utils::zone zone = context.m_remote_address.get_zone();
@@ -1855,8 +1865,8 @@ namespace nodetool
       }
     }
 
-    LOG_DEBUG_CC(context, "REMOTE PEERLIST: TIME_DELTA: " << delta << ", remote peerlist size=" << peerlist_.size());
-    LOG_DEBUG_CC(context, "REMOTE PEERLIST: " <<  print_peerlist_to_string(peerlist_));
+    LOG_DEBUG_CC(context, "REMOTE PEERLIST: remote peerlist size=" << peerlist_.size());
+    LOG_DEBUG_CC(context, "REMOTE PEERLIST: " << ENDL << print_peerlist_to_string(peerlist_));
     return m_network_zones.at(context.m_remote_address.get_zone()).m_peerlist.merge_peerlist(peerlist_);
   }
   //-----------------------------------------------------------------------------------