d4746d5 Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log. (Mark Friedenbach)
This allows for a reversal of the current behavior.
This:
CScript foo;
CScriptID bar(foo.GetID());
Becomes:
CScript foo;
CScriptID bar(foo);
This way, CScript is no longer dependent on CScriptID or Hash();
There's only one case where a vector containing a fundamental type is
serialized all-at-once, unsigned char. Anything else would lead to
strange results.
Use a dummy argument to overload in that case.
Previous refactorings broke the ability to rebuild the chainstate by deleting the chainstate
directory, resulting in an incorrect "Incorrect or no genesis block found" error message. Fix
that.
Also, improve the performance of ActivateBestBlockStep by using the skiplist to only discover
a few potential blocks to connect at a time, instead of all blocks forever - as we likely bail
out after connecting a single one anyway.
Instead of skipping to the last reindexed block in each file (which could
jump over processed out-of-order blocks), just skip each already processed
block individually.
Remember out-of-order block headers along with disk positions. This is
likely the simplest and least-impact way to make -reindex work with
headers first.
Based on top of #4468.
Many changes:
* Do not use 'getblocks', but 'getheaders', and use it to build a headers tree.
* Blocks are fetched in parallel from all available outbound peers, using a
limited moving window. When one peer stalls the movement of the window, it is
disconnected.
* No more orphan blocks. At all. We only ever request a block for which we have
verified the headers, and store it to disk immediately. This means that a
disk-fill attack would require PoW.
* Require protocol version 31800 for every peer (released in december 2010).
* No more syncnode (we sync from everyone we can, though limited to 1 during
initial *headers* sync).
* Introduce some extra named constants, comments and asserts.
Similar to the INCLUDES changes in 6b099402b4, split out LIBS into individual
entries for more fine-grained control.
Also add MINIUPNPC_LIBS which was missing before, and hook it up to
executables.
6fd546d Remove CChainParams::NetworkID() (jtimon)
cc97210 Add fTestnetToBeDeprecatedFieldRPC to CChainParams (jtimon)
e11712d Move checkpoint data selection to chainparams (jtimon)
6de50c3 qt: add network-specific style object (Wladimir J. van der Laan)
Mainly cleanups: Gets rid of isTestNet everywhere, by keeping track
of network-specific theming in a central place.
Also makes GUI no longer dependent on the network ID enumeration, which
alleviates concerns about #4802.
This adds a -regetest-only undocumented (for regression testing only)
command-line option -blockversion=N to set block.nVersion.
Adds to the "has the rest of the network upgraded to a
block.nVersion we don't understand" code so it calls
-alertnotify when 51 of the last 100 blocks are up-version.
But it only alerts once, not with every subsequent new, upversion
block.
And adds a forknotify.py regression test to make sure it works.
Tested using forknotify.py:
Before adding CAlert::Notify, get:
Assertion failed: -alertnotify did not warn of up-version blocks
Before adding code to only alert once:
Assertion failed: -alertnotify excessive warning of up-version blocks
After final code in this pull:
Tests successful
d0c4197 change exit(1) to an assert in CWallet::EncryptWallet (Philip Kaufmann)
870da77 fix possible memory leaks in CWallet::EncryptWallet (Philip Kaufmann)
f606bb9 fix a possible memory leak in CWalletDB::Recover (Philip Kaufmann)
* Delete canonical_tests.cpp, and move the tests to script_tests.cpp.
* Split off SCRIPT_VERIFY_DERSIG from SCRIPT_VERIFY_STRICTENC (the BIP62 part of it).
* Change signature STRICTENC/DERSIG semantics to fail the script entirely rather than the CHECKSIG result (softfork safety, and BIP62 requirement).
* Add many autogenerated tests for several odd cases.
* Mention specific BIP62 rules in the script verification flags.
7c70438 Get rid of the dummy CCoinsViewCache constructor arg (Pieter Wuille)
ed27e53 Add coins_tests with a large randomized CCoinViewCache test. (Pieter Wuille)
058b08c Do not keep fully spent but unwritten CCoins entries cached. (Pieter Wuille)
c9d1a81 Get rid of CCoinsView's SetCoins and SetBestBlock. (Pieter Wuille)
f28aec0 Use ModifyCoins instead of mutable GetCoins. (Pieter Wuille)
e790c37 Replace SCRIPT_VERIFY_NOCACHE by flag directly to checker (Pieter Wuille)
5c1e798 Make signature cache optional (Pieter Wuille)
c7829ea Abstract out SignatureChecker (Pieter Wuille)
938bcce CAutoFile: make file private (Philip Kaufmann)
0c35486 CBufferedFile: add explicit close function (Philip Kaufmann)
c9fb27d CBufferedFile: convert into a non-refcounted RAII wrapper (Philip Kaufmann)
There is only one message passed to AbortNode() that makes sense to
translate to the user specifically: Disk space is low. For the others
show a generic message and refer to debug.log for details.
Reduces the number of confusing jargon translation messages.
fbd36d8 Avoid introducing a virtual into CChainParams (Wladimir J. van der Laan)
f0fd00c Switch testing framework from MAIN to new UNITTEST network (SergioDemianLerner)
- it now takes over the passed file descriptor and closes it in the
destructor
- this fixes a leak in LoadExternalBlockFile(), where an exception could
cause the file to not getting closed
- disallow copies (like recently added for CAutoFile)
- make nType and nVersion private
4705902 Avoid introducing a virtual into CChainParams (Wladimir J. van der Laan)
5e2e7fc Suggested corrections on comments, variable names. Also new test case testing the PoW skip in UNITTEST. (SergioDemianLerner)
a25fd6b Switch testing framework from MAIN to new UNITTEST network (SergioDemianLerner)
f74fc9b Print input index when signature validation fails, to aid debugging. (Mark Friedenbach)
217a5c9 When transaction outputs exceed inputs, show the offending amounts so as to aid debugging. (Mark Friedenbach)
- add missing deletes for pwalletdbEncryption
- add an assert before trying to reserve memory for pwalletdbEncryption
- add a destructor to CWallet, which ensures deletion of
pwalletdbEncryption on object destruction
Windows needed a few fixups to get the tests running:
1. bitcoin-tx needs a file extension in Windows. Take this opportunity to
add an env file, which pulls variables out of our build config. This can
be extended as needed, for now it's very simple.
2. After #1, split the args out of the exec key in the test data.
3. Correct the line-endings from windows stdout
93e24dd travis: use debug for one build (Cory Fields)
be6d87a script: don't read past the end (Cory Fields)
a94496f tests: don't split an empty string (Cory Fields)
00522cd depends: disable reduced exports for debug builds (Cory Fields)
1f7fff2 depends: add docs for debug (Cory Fields)
dc66ff5 depends: make LDFLAGS act like the other flags (Cory Fields)
b1efba8 depends: give miniupnpc cppflags (Cory Fields)
1d154db depends: teach qt to honor debug/release (Cory Fields)
3b63df5 depends: boost: build for debug or release as requested (Cory Fields)
7e99df7 depends: make sure openssl sees cppflags (Cory Fields)
f397304 depends: add debug/release flags for linux/osx/win (Cory Fields)
2027ad3 depends: add the debug/release concept to depends (Cory Fields)
One might assume that CAutoFile would be ref-counted so that a copied object
would delay closing the underlying file until all copies have gone out of
scope. Since that's not the case with CAutoFile, explicitly disable copying.
- explicit init of pcoinsdbview and pwalletMain (even if not needed, as
globals are init to NULL, it seems cleaner)
- remove check if (pwalletMain) in Shutdown() as delete is valid even if
pwalletMain is NULL
Move the txid duplicates check into BuildMerkleTree, where it can be done
much more efficiently (without needing to build a full txid set to detect
duplicates).
The previous version (using the std::set<uint256> to detect duplicates) was
also slightly too weak. A block mined with actual duplicate transactions
(which is invalid, due to the inputs of the duplicated transactions being
seen as double spends) would trigger the duplicates logic, resulting in the
block not being stored on disk, and rerequested. This change fixes that by
only triggering in the case of duplicated transactions that can actually
result in an identical merkle root.
Instead of storing CCoins entries directly in CCoinsMap, store a CCoinsCacheEntry
which additionally keeps track of whether a particular entry is:
* dirty: potentially different from its parent view.
* fresh: the parent view is known to not have a non-pruned version.
This allows us to skip non-dirty cache entries when pushing batches of changes up,
and to remove CCoins entries about transactions that are fully spent before the
parent cache learns about them.
All direct modifications are now done through ModifyCoins, and BatchWrite is
used for pushing batches of queued modifications up, so we don't need the
low-level SetCoins and SetBestBlock anymore in the top-level CCoinsView class.
Replace the mutable non-copying GetCoins method with a ModifyCoins, which
returns an encapsulated iterator, so we can keep track of concurrent
modifications (as iterators can be invalidated by those) and run cleanup
code after a modification is finished.
This also removes the overloading of the 'GetCoins' name.
It's strange to be able to close these windows while there is work
in progress.
Also set Qt::WA_DeleteOnClose on both windows to make sure that they
are deleted eventually, no matter what happens.
Lots of people read the Bitcoin Core codebase to learn more about
crypto; better to warn about flaws explicitly so they don't blindly copy
the code for other uses and create broken systems.
Always make a pid file, not only when `-daemon` specified.
This is useful for troubleshooting, for attaching debuggers and loggers
and such.
- Write the pid file only after the datadir lock was acquired
- Don't create or remove a pid file on WIN32, and also don't show the option
bbad683 [Qt] simplify return code and return values in txtablemodel (Philip Kaufmann)
21f1516 [Qt] add all used colors in txtablemodel to guiconstants (Philip Kaufmann)
- Remove spurious `pchCommand[1] = 1` in CMessageHeader()
- Make sure that pchCommand is zero-padded if length is shorter than
COMMAND_SIZE
- Use strnlen to determine length of pcmCommand in GetCommand
There is no reason to store thousands of orphan transactions;
normally an orphan's parents will either be broadcast or
mined reasonably quickly.
This pull drops the maximum number of orphans from 10,000 down
to 100, and adds a command-line option (-maxorphantx) that is
just like -maxorphanblocks to override the default.
Prevent denial-of-service attacks by banning
peers that send us invalid orphan transactions
and only storing orphan transactions given to
us by a peer while the peer is connected.
Flushing after every line when printing to console is desirable when
running with systemd but setvbuf() has slightly different semantics
on Windows that causes warnings. Just do an explicit fflush() after
each line print to console instead.
Avoids that SOCKS5 negotiation will hold up the shutdown process.
- Sockets can stay in non-blocking mode, no need to switch it on/off
anymore
- Adds a timeout (20 seconds) on SOCK5 negotiation. This should be
enough for even Tor to get a connection to a hidden service, and
avoids blocking the opencon thread indefinitely on a hanging proxy.
Fixes#2954.
2c2cc5d Remove some unnecessary c_strs() in logging and the GUI (Philip Kaufmann)
f7d0a86 netbase: Use .data() instead of .c_str() on binary string (Wladimir J. van der Laan)
It runs sipas crawler, but rather than using its custom nameserver implementation it serves a generated zonefile via bind9. The zone always contains 25 IPv4 and 25 IPv6 peers. FWIW, the zone is secured using DNSSEC.
- also fixes indentation in one file (auto fixed by Qt Designer)
- removes several default parameters, which are not needed in the files
- related to #4840 (but not intended as fix for a no-bug)
1e4f87f Use memcmp for uint256 equality/inequality (Pieter Wuille)
8a41e1e Use boost::unordered_map for mapBlockIndex (Pieter Wuille)
145d5be Introduce BlockMap type for mapBlockIndex (Pieter Wuille)
a0dbe43 checkpoints.cpp depends on main, it can use mapBlockIndex directly (Pieter Wuille)
The efficient version of CCoinsViewCache::GetCoins only works for known-to-exist
cache entries, requiring a separate HaveCoins call beforehand. This is
inefficient as both perform a hashtable lookup.
Replace the non-mutable GetCoins with AccessCoins, which returns a potentially-NULL
pointer. This also decreases the overloading of GetCoins.
Also replace some copying (inefficient) GetCoins calls with equivalent AccessCoins,
decreasing the copying.
b144a74 depends: bump miniupnpc to 1.9.20140701. (Cory Fields)
f628127 depends: bump openssl to 1.0.1i (Cory Fields)
9f7f504 build: add -DMINIUPNP_STATICLIB for new version (Cory Fields)
Thanks to Pieter Wuille for most of the work on this commit.
I did not fixup the overhaul commit, because a rebase conflicted
with "remove fields of ser_streamplaceholder".
I prefer not to risk making a mistake while resolving it.
The nType and nVersion fields of stream objects are never accessed
from outside the class (or perhaps from the inside too, I haven't checked).
Thus no need to have them in a placeholder, whose only purpose is to
fill the "Stream" template parameter in serialization implementation.
The implementation of each class' serialization/deserialization is no longer
passed within a macro. The implementation now lies within a template of form:
template <typename T, typename Stream, typename Operation>
inline static size_t SerializationOp(T thisPtr, Stream& s, Operation ser_action, int nType, int nVersion) {
size_t nSerSize = 0;
/* CODE */
return nSerSize;
}
In cases when codepath should depend on whether or not we are just deserializing
(old fGetSize, fWrite, fRead flags) an additional clause can be used:
bool fRead = boost::is_same<Operation, CSerActionUnserialize>();
The IMPLEMENT_SERIALIZE macro will now be a freestanding clause added within
class' body (similiar to Qt's Q_OBJECT) to implement GetSerializeSize,
Serialize and Unserialize. These are now wrappers around
the "SerializationOp" template.
The case SetMerkleBranch(NULL) was never actually used, and thus the
involved code (loading the block from disk) can be removed and the
implementation simplified.
- ensures a consistent usage in header files
- also add a blank line after the copyright header where missing
- also remove orphan new-lines at the end of some files
Needed to build breakage reported by Arnavion on IRC:
qt/splashscreen.cpp: In constructor 'SplashScreen::SplashScreen(const QPixmap&, Qt::WindowFlags, bool)':
qt/splashscreen.cpp:33:98: error: 'FormatFullVersion' was not declared in this scope
Bypassing the main coins cache allows more thorough checking with the same
memory budget.
This has no effect on performance because everything ends up in the child
cache created by VerifyDB itself.
It has bugged me ever since #4675, which effectively reduced the
number of checked blocks to reduce peak memory usage.
- Pass the coinsview to use as argument to VerifyDB
- This also avoids that the first `pcoinsTip->Flush()` after VerifyDB
writes a large slew of unchanged coin records back to the database.
libminiupnpc changed their required static define to the much more sane
"MINIUPNP_STATICLIB". Sadly, they don't respect the old "STATICLIB" for
back-compat. Define them both since the old one didn't seem to be conflicting
anywhere.
Also go ahead and split out the cppflags so that they can be applied only where
they're needed. This will help us to build dll's from our libs without having
their import/export declspecs poisoned.
b197bf3 [Qt] disable tray interactions when client model set to 0 (Philip Kaufmann)
314fbd9 [Qt] use BitcoinGUI::DEFAULT_WALLET constant in bitcoin.cpp (Philip Kaufmann)
8ca6a16 [Qt] ensure all class attributes are init to 0 (Philip Kaufmann)
ad49c25 Split up util.cpp/h (Wladimir J. van der Laan)
f841aa2 Move `COIN` and `CENT` to core.h (Wladimir J. van der Laan)
6e5fd00 Move `*Version()` functions to version.h/cpp (Wladimir J. van der Laan)
b4aa769 Move `S_I*` constants and `MSG_NOSIGNAL` to compat.h (Wladimir J. van der Laan)
af8297c Move functions in wallet.h to implementation file (Wladimir J. van der Laan)
651480c move functions in main and net to implementation files (Wladimir J. van der Laan)
610a8c0 Move SetThreadPriority implementation to util.cpp instead of the header (Wladimir J. van der Laan)
f780e65 Remove unused function `ByteReverse` from util.h (Wladimir J. van der Laan)
121d6ad Remove unused `alignup` function from util.h (Wladimir J. van der Laan)
d1e26d4 Move CMedianFilter to timedata.cpp (Wladimir J. van der Laan)
Split up util.cpp/h into:
- string utilities (hex, base32, base64): no internal dependencies, no dependency on boost (apart from foreach)
- money utilities (parsesmoney, formatmoney)
- time utilities (gettime*, sleep, format date):
- and the rest (logging, argument parsing, config file parsing)
The latter is basically the environment and OS handling,
and is stripped of all utility functions, so we may want to
rename it to something else than util.cpp/h for clarity (Matt suggested
osinterface).
Breaks dependency of sha256.cpp on all the things pulled in by util.
3802224 Remove all other print() methods (Wladimir J. van der Laan)
9b6d4c5 Move strprintf define to tinyformat.h (Wladimir J. van der Laan)
8121258 Remove print() from core functions (Wladimir J. van der Laan)
This was committed previously as 4975ae172 and reverted, because the flags were
applied even if the checks didn't pass. This is the same commit, fixed up to
actually disable the functionality when necessary.
Enabled automatically if boost >= 1.49.
See: https://svn.boost.org/trac/boost/ticket/2309
Also, check for a default visibility attribute, so that we can mark future
api functions correctly.
Thus the read(...) and write(...) methods of all stream classes now have identical parameter lists.
This will bring these classes one step closer to a common interface.
No need to waste startup time building something that can be done
at compile time.
This also resolves a clang++ warning originally reported in #4714,
univalue/univalue_write.cpp:33:12: warning: array subscript is of type 'char
escapes['"'] = "\\"";
^~~~
etc.
aa82795 Add detailed network info to getnetworkinfo RPC (Wladimir J. van der Laan)
075cf49 Add GetNetworkName function (Wladimir J. van der Laan)
c91a947 Add IsReachable(net) function (Wladimir J. van der Laan)
60dc8e4 Allow -onlynet=onion to be used (Wladimir J. van der Laan)
This commit adds per-network information to the
getnetworkinfo RPC call:
- Is the network limited?
- Is the network reachable
- Which proxy is used for this network, if any
Inspired by #2575.
This number was still tracked even though it's shown nowhere in the UI
anymore. It was originally removed because it didn't match the actual number of
records in the view (which contains outputs, not transactions) thus was
confusing people.
This corrects a bug where an exception thrown reading from the database causes the cursor to
be left open, which causes an assertion error to occur when the database is deleted (around
line 938 of init.cpp).
Enabled automatically if boost >= 1.49.
See: https://svn.boost.org/trac/boost/ticket/2309
Also, check for a default visibility attribute, so that we can mark future
api functions correctly.
When the libpath doesn't line up with the value from config.sub, we don't find
the correct path to boost's libs. This adds a hack to try another path before
giving up.
Should close#3219.
While we're at it, reduce the use of LIBS as well. This makes dependencies
explicit.
Fixes building with (the not-yet-merged) libsecp256k1 as well.
Github-Pull: #4689
Rebased-By: Wladimir J. van der laan <laanwj@gmail.com>
Rebased-From: 909b347 c0e5dda
Due to growing coinsviewcaches, the memory usage with checklevel=3
(and standard settings for dbcache) could be up to 500MiB on a
64-bit system. This is about twice the peak during reindexing,
unnecessarily extending bitcoind's memory envelope.
This commit reduces the maximum total size of the caches used during
verification to just nCoinCacheSize, which should be the limit.
CCryptoKeyStore::Unlock has a loop to attempt decrypting each key which
only executes once, likely due to a simple mistake when the code was
originally written.
This patch fixes the behavior by making it check all keys. It also adds
a fatal assertion in the case some decrypt but some do not, since that
indicates that the wallet is in some kind of really bad state.
This may make unlocking noticeably slower on wallets with many keys.
Remove the 'state' and 'exceptmask' from serialize.h's stream implementations,
as well as related methods.
As exceptmask always included 'failbit', and setstate was always called with
bits = failbit, all it did was immediately raise an exception. Get rid of
those variables, and replace the setstate with direct exception throwing
(which also removes some dead code).
As a result, good() is never reached after a failure (there are only 2
calls, one of which is in tests), and can just be replaced by !eof().
fail(), clear(n) and exceptions() are just never called. Delete them.
- this prevents the ability to fiddle around with the system tray when
already shutting down (e.g. on slow shutdowns because of a proxy delay)
- extends solution for #4360
- ensure normal and watch-only stuff looks consistent
- simplify UI by removing unneeded UI layout elements
- change some comments to watch-only from watchonly
6b271a3 build: fix race in 'make deploy' for windows (Cory Fields)
d343460 build: Fix 'make deploy' when binaries haven't been built yet (Cory Fields)
206a7f9 build: hook up qt translations for static osx packaging (Cory Fields)
d597219 build: add --with-qt-translationdir to configure for use with static qt (Cory Fields)
71941ce build: teach macdeploy the -translations-dir argument, for use with static qt (Cory Fields)
f8120f7 build: Find the proper xcb/pcre dependencies (Cory Fields)
eccd585 build: silence mingw fpic warning spew (Cory Fields)
a98356f build: don't let libtool insert rpath into binaries (Cory Fields)
It currently returns uint64_t, which on older boost (at least 1.46) causes
test failures on 32-bit systems.
This problem was introduced in bc42503.
Fixes#4634.
The size limit makes a lot of sense for the server, as it never has to
accept very large data.
The client, however, can request arbitrary amounts of data with
`listtransactions` on a large wallet.
Fixes#4604.
Split up HTTPReply into HTTPReply and HTTPReplyHeader, so that
the message data can be streamed directly.
Also removes a c_str(), which would have prevented binary
output with NUL characters in it.
The only other method of logging remote addresses is via
-logips=1 -debug=net
which increases the logged activity by 100x or more.
Github-Pull: #4608
Amended-By: Wladimir J. van der Laan <laanwj@gmail.com>
e59441f Process fee estimate file into temporary vector first to let sanity checking complete. (Alex Morcos)
961ae93 Fix minor bug which only affected log messages. (Alex Morcos)
17f1567 Fixed a bug with index bounds checking (Alex Morcos)
- remove starting height as table header and replace with ping time
- remove columnResizingFixer
- add local address (if available) in detailed node view (on top of the
right view below the remote address)
- remove some .c_str() by using QString::fromStdString()
- rename Address to Address/Hostname
- rename secs to just s for ping time
- use MODEL_UPDATE_DELAY from guiconstants.h for the peer refresh time
- make PeerTableModel::columnCount() return no hard-coded value
- remove and cleanup dup private: section in RPCConsole header
- add new defaults for column sizes
- remove behaviour which keeps disconnected peers selected and also remove
code which keeps track of last selected peer stats
- add sync height to detail view
- add some additional NULL pointer checks for clientModel in
rpcconsole.cpp
Port over https://github.com/chronokings/huntercoin/pull/19 from
Huntercoin: This implements a new RPC command "getchaintips" that can be
used to find all currently active chain heads. This is similar to the
-printblocktree startup option, but it can be used without restarting
just via the RPC interface on a running daemon.
This makes it possible for a node with `-onlynet=tor` to bootstrap
itself.
It also adds the base infrastructure for adding IPv6 seed nodes.
Also represent IPv4 fixed seed addresses in 16-byte format.
- error: 'vector' in namespace 'std' does not name a type
- add <vector> include in core_io.h
- remove <vector> includes from core_read.cpp and core_write.cpp
d2d9dc0 script tests: add tests for CHECKMULTISIG limits (Otto Allmendinger)
89101c6 script test: test case for 5-byte bools (Otto Allmendinger)
4cac5db script tests: value with trailing 0x00 is true (Otto Allmendinger)
833ff16 script tests: values that overflow to 0 are true (Otto Allmendinger)
0072d98 script tests: BOOLAND, BOOLOR decode to integer (Otto Allmendinger)
ed02282 additional test for OP_SIZE in script_valid.json (Otto Allmendinger)
This is a simple utility that provides command line manipulation of
a hex-encoded TX. The utility takes a hex string on the command line
as input, performs zero or more mutations, and outputs a hex string
to standard output.
This utility is also an intentional exercise of the "bitcoin library"
concept. It is designed to require minimal libraries, and works
entirely without need for any RPC or P2P communication.
See "bitcoin-tx --help" for command and options summary.
* Replace -benchmark (and the related fBenchmark) with a regular debug option, -debug=bench.
* Increase coverage and granularity of individual block processing steps.
* Add cummulative times.
Fixes various issues and cleans up code
- Fixes issue #4500: Amount widget +/- has floating point rounding artifacts
- Amount box can now be emptied again, without clearing to 0
Also aligns the amount to the right, as in other places.
First and foremost, this defaults to OFF.
This option lets a node consider such transactions non-standard,
meaning they will not be relayed or mined by default, but other miners
are free to mine these as usual.
7149499 Add comments re BitcoinUnits::formatWithUnit/formatHtmlWithUnit (Roy Badami)
f7d70c6 Remove unused fAlign argument from BitcoinUnits::format and friends (Roy Badami)
2e4fee2 Show bitcoin quantities with full precision, even in the presence of trailing zeros (Roy Badami)
7007402 Implement SI-style (thin space) thoudands separator (Roy Badami)
This is the first part of a huge effort to rework the handling of dependencies.
To start, this change allows all supported platforms to build against a static
Qt. 5.2.1 and 5.3 have been successfully tested against osx64, win32, win64,
linux32, and linux64.
It also makes a small change to the windows config, to allow linking against
qt builds with or without built-in libjpeg/libpng/libpcre/libz.
The actual build processes to take advantage of these changes (for gitian and
pull-tester) are coming soon. Until then, this should be a no-op.
- the call to CloseSocket() is placed after the WSAGetLastError(), because
a CloseSocket() can trigger an error also, which we don't want for the
logging in this two cases
Simpler alternative to #4348.
The current setup with closesocket() is strange. It poses
as a compatibility wrapper but adds functionality.
Rename it and make it a documented utility function in netbase.
Code movement only, zero effect on the functionality.
33357b2 qt: Start core thread only when needed (Wladimir J. van der Laan)
c715ff5 ui: Replace some LogPrintfs with qDebug() (Wladimir J. van der Laan)
96ff9d6 Can't log to debug log before chain params initialized (Wladimir J. van der Laan)
Block 295,000 seems to meet the criteria of a reasonable timestamp and
no strange transactions. 295,000 is the current block height in the
bootstrap.dat torrent provided by jgarzik.
Start the core thread only when needed for initialization
or shutdown.
Avoids a bit of overhead, and also avoids spamming two
log messages before logging is properly initialized.
Add a function `AreBaseParamsConfigured` and use this to check
before writing to the debug log. This avoids assertions when the
application happens to log too early, which happens in the GUI.
Messages logged before the base parameters are configured can be
shown using `-printtoconsole`.
The option is only effective for either wallet-less builds or if
-disablewallet is specified as well.
Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
Rebased-From: 34d5fc0 4e1a196 bd4307b d53a33b 7e09b36
Github-Pull: #4286
4eedf4f make RandAddSeed() use OPENSSL_cleanse() (Philip Kaufmann)
6354935 move rand functions from util to new random.h/.cpp (Philip Kaufmann)
001a53d add GetRandBytes() as wrapper for RAND_bytes() (Philip Kaufmann)
An user on IRC reported an issue where `getrawchangeaddress`
keeps returning a single address when the keypool is exhausted.
In my opinion this is strange behaviour.
- Change CReserveKey to fail when running out of keys in the keypool.
- Make `getrawchangeaddress` return RPC_WALLET_KEYPOOL_RAN_OUT when
unable to create an address.
- Add a Python RPC test for checking the keypool behaviour in combination
with encrypted wallets.
This removes some inconsistencies in what worked and didn't work in
safemode. Now only RPCs involved in getting balances or sending
funds are disabled.
Previously you could mine but not submit blocks— but we may need more
blocks to resolve a fork that triggered safe mode in the first place,
and the non-submission was not reliable since some miners submit
blocks via multiple means. There were also a number of random commands
disabled that had nothing to do with the blockchain like verifymessage.
Thanks to earlz for pointing out that there were some moderately cheap
ways to maliciously trigger safe mode, which brought attention to
the fact that safemode wasn't used in a very intelligent way.
This adds a -whitelist option to specify subnet ranges from which peers
that connect are whitelisted. In addition, there is a -whitebind option
which works like -bind, except peers connecting to it are also
whitelisted (allowing a separate listen port for trusted connections).
Being whitelisted has two effects (for now):
* They are immune to DoS disconnection/banning.
* Transactions they broadcast (which are valid) are always relayed,
even if they were already in the mempool. This means that a node
can function as a gateway for a local network, and that rebroadcasts
from the local network will work as expected.
Whitelisting replaces the magic exemption localhost had for DoS
disconnection (local addresses are still never banned, though), which
implied hidden service connects (from a localhost Tor node) were
incorrectly immune to DoS disconnection as well. This old
behaviour is removed for that reason, but can be restored using
-whitelist=127.0.0.1 or -whitelist=::1 can be specified. -whitebind
is safer to use in case non-trusted localhost connections are expected
(like hidden services).
- add a small wrapper in util around RAND_bytes() and replace with
GetRandBytes() in the code to log errors from calling RAND_bytes()
- remove OpenSSL header rand.h where no longer needed
- small changes to Shutdown(), buffer __func__, which is now used in
all LogPrintf() calls and format for better readability
- order using namespace alpabetically
a3e192a replaced MINE_ with ISMINE_ (JaSK)
53a2148 fixed bug where validateaddress doesn't display information (JaSK)
f28707a fixed bug in ListReceived() (JaSK)
519dd1c Added MINE_ALL = (spendable|watchonly) (JaSK)
23b0506 Fixed some stuff in TransactionDesc (JaSK)
80dda36 removed default argument values for ismine filter (JaSK)
d5087d1 Use script matching rather than destination matching for watch-only. (Pieter Wuille)
0fa2f88 added includedWatchonly argument to listreceivedbyaddress/...account (JaSK)
f87ba3d added includeWatchonly argument to 'gettransaction' because it affects balance calculation (JaSK)
a5c6c5d fixed tiny glitch and improved readability like laanwj suggested (JaSK)
d7d5d23 Added argument to listtransactions and listsinceblock to include watchonly addresses (JaSK)
952877e Showing 'involvesWatchonly' property for transactions returned by 'listtransactions' and 'listsinceblock'. It is only appended when the transaction involves a watchonly address. (JaSK)
83f3543 Added argument to listaccounts to include watchonly addresses (JaSK)
d4640d7 Added argument to getbalance to include watchonly addresses and fixed errors in balance calculation. (JaSK)
d2692f6 Watchonly transactions are marked in transaction history (JaSK)
ffd40da Watchonly balances are shown separately in gui. (JaSK)
2935b21 qt: Hide unspendable outputs in coin control (Wladimir J. van der Laan)
c898846 Add support for watch-only addresses (Pieter Wuille)
Get rid of SendMoney and replace it by the functionality of
SendMoneyToDestination. This cleans up the code, since only
SendMoneyToDestination was actually used (SendMoney internally from this
routine).
75f51f2a introduced asynchronous processing for blocks, where reject messages
and DoS scoring could be applied outside of ProcessBlock, because block
validation may happen later.
However, some types of errors are still detected immediately (in particular,
CheckBlock violations), which need acting after ProcessBlock returns.
The wallet now uses the mempool fee estimator with a new
command-line option: -txconfirmtarget (default: 1) instead
of using hard-coded fees or priorities.
A new bitcoind that hasn't seen enough transactions to estimate
will fall back to the old hard-coded minimum priority or
transaction fee.
-paytxfee option overrides -txconfirmtarget.
Relaying and mining code isn't changed.
For Qt, the coin control dialog now uses priority estimates to
label transaction priority (instead of hard-coded constants);
unspent outputs were consistently labeled with a much higher
priority than is justified by the free transactions actually
being accepted into blocks.
I did not implement any GUI for setting -txconfirmtarget; I would
suggest getting rid of the "Pay transaction fee" GUI and replace
it with either "target number of confirmations" or maybe
a "faster confirmation <--> lower fee" slider or select box.
This changes the keystore data format, wallet format and IsMine logic
to detect watch-only outputs based on direct script matching rather
than first trying to convert outputs to destinations (addresses).
The reason is that we don't know how the software that has the spending
keys works. It may support the same types of scripts as us, but that is
not guaranteed. Furthermore, it removes the ambiguity between addresses
used as identifiers for output scripts or identifiers for public keys.
One practical implication is that adding a normal pay-to-pubkey-hash
address via importaddress will not cause payments to the corresponding
full public key to be detected as IsMine. If that is wanted, add those
scripts directly (importaddress now also accepts any hex-encoded script).
Conflicts:
src/wallet.cpp
Changes:
* Add Add/Have WatchOnly methods to CKeyStore, and implementations
in CBasicKeyStore.
* Add similar methods to CWallet, and support entries for it in
CWalletDB.
* Make IsMine in script/wallet return a new enum 'isminetype',
rather than a boolean. This allows distinguishing between
spendable and unspendable coins.
* Add a field fSpendable to COutput (GetAvailableCoins' return type).
* Mark watchonly coins in listunspent as 'watchonly': true.
* Add 'watchonly' to validateaddress, suppressing script/pubkey/...
in this case.
Based on a patch by Eric Lombrozo.
Conflicts:
src/qt/walletmodel.cpp
src/rpcserver.cpp
src/wallet.cpp
Note: This is added to our existing automake targets rather than as a
libtool-style lib. The switch to libtool-style targets can come later if it
proves to not add any complications.
5d59921 add missing BOOST_FOREACH indentation in ThreadSocketHandler() (Philip Kaufmann)
9e9ca2b small cleanup of #ifdefs in BindListenPort() (Philip Kaufmann)
After pull #4288, RPC messages indicating errors have a Content-Length unrelated
to their actual contents, rendering bitcoin-cli and curl unable to decode the
reply.
This patch sets the Content-Length field based on the actual content returned.
Additionally, pull #4288 clobbered the error descriptions provided in
ErrorReply, which bitcoin-cli relies upon; this patch moves #4288 http-error
descriptions to an HTTPError method, allowing HTTPReply to pass content on
unchanged.
The original comment forgets to account for the script push which will
need an OP_PUSHDATA2 + 2-bytes for the 513 script bytes.
props davecgh
fixes#4224
-respendnotify=<cmd> Execute command when a network tx respends wallet
tx input (%s=respend TxID, %t=wallet TxID)
Add respendsobserved array to gettransaction, listtransactions, and
listsinceblock RPCs. This omits the malleated clones that are included
in the walletconflicts array.
Add RPC help for respendsobserved and walletconflicts (help was missing
for the latter).
Respend transactions that conflict with transactions already in the
wallet are added to it. They are not displayed unless they also involve
the wallet, or get into a block. If they do not involve the wallet,
they continue not to affect balance.
Transactions that involve the wallet, and have conflicting non-equivalent
transactions, are highlighted in red. When the conflict first occurs, a
modal dialog is thrown.
CWallet::SyncMetaData is changed to sync only to equivalent transactions.
When a conflict is added to the wallet, counter nConflictsReceived is
incremented. This acts like a change in active block height for the
purpose of triggering UI updates.
Allows network wallets and other clients to see transactions that respend
a prevout already spent in an unconfirmed transaction in this node's mempool.
Knowledge of an attempted double-spend is of interest to recipients of the
first spend. In some cases, it will allow these recipients to withhold
goods or services upon being alerted of a double-spend that deprives them
of payment.
As before, respends are not added to the mempool.
Anti-Denial-of-Service-Attack provisions:
- Use a bloom filter to relay only one respend per mempool prevout
- Rate-limit respend relays to a default of 100 thousand bytes/minute
- Define tx2.IsEquivalentTo(tx1): equality when scriptSigs are not considered
- Do not relay these equivalent transactions
Remove an unused variable declaration in txmempool.cpp.
ed5769f Move AcceptedConnection class to rpcserver.h. (Jeff Garzik)
854d013 RPC code movement: separate out JSON-RPC execution logic from HTTP server logic (Jeff Garzik)
c912e22 RPC cleanup: Improve HTTP server replies (Jeff Garzik)
1) support varying content types
2) support only sending the header
3) properly deliver error message as content, if HTTP error
4) move AcceptedConnection class to header, for wider use
By default, all command line parameters are converted into JSON string
values. There is no need to manually specify the incoming type.
A binary decision "parse as string or JSON?" is all that's necessary.
Convert to a simple class, initialized at runtime startup, which offers
a quick lookup to answer "parse as JSON?" conversion question.
Future parameter conversions need only to indicate the method name
and zero-based index of the parameter needing JSON parsing.
In the LookupIntern(), things changed are:
1. Call getaddrinfo_a() instead of getaddrinfo() if available, the former is a sync version of the latter;
2. Try using inet_pton()/inet_addr() to convert the input text to a network addr structure at first, if success the extra name resolving thread inside getaddrinfo_a() could be avoided;
3. An interruption point added in the waiting loop for return from getaddrinfo_a(), which completes the improve for thread responsiveness.
A easy way to see the effect is to kick off a 'bitcoind stop' immediately after 'bitcoind -daemon', before the change it would take several, or even tens of, minutes on a bad network situation to wait for the running bitcoind to exit, now it costs only seconds.
Signed-off-by: Huang Le <4tarhl@gmail.com>
8ae973c Allocate more space if necessary in RandSeedAddPerfMon (Wladimir J. van der Laan)
be873f6 Issue warning if collecting RandSeed data failed (Wladimir J. van der Laan)
fcb0a1b change "char pch[200000]" to "new char[200000]" (daniel)
Currently we use a fixed buffer of 250000 bytes to request
HKEY_PERFORMANCE_DATA. In many cases this is not enough, causing the
entropy collection to be skipped.
Use a loop that grows the buffer as specified in the RegQueryValueEx
documentation:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms724911%28v=vs.85%29.aspx
(as the size of the performance data can differ for every call, the
normal solution of requesting the size then allocating that can't work)
- SO_NOSIGPIPE isn't available on WIN32 so merge the 2 non-WIN32 blocks
- use predefined names from header for IPV6_PROTECTION_LEVEL and
PROTECTION_LEVEL_UNRESTRICTED
Two changes:
First removes a unit test that fails in my development environment
(OSX, compiled -g3 with clang).
sipa says that's not terribly surprising; the CMutableTransaction change
makes signing a little more expensive but verification quicker. The unit
test timed sign+verify-uncached versus verify-cached-five-times.
He also says the test will be invalid when libsec256kp1 is integrated
(because validation is super-optimized over signing).
core.h change fixes a compiler warning (clang -Wall : CMutableTransaction defined
as struct, declared as class in script.h).
- New status bar control shows the current Unit of Display.
When clicked (left,or right button) it shows a context menu
that allows the user to switch the current Unit of Display (BTC, mBTC, uBTC)
- Recent Requests and Transaction Table headers are now updated when
unit of display is changed, because their "Amount" column now displays the
current unit of display.
- Takes care of issue #3970 Units in transaction export csv file.
- Small refactors for reusability.
- Demo Video https://www.youtube.com/watch?v=wwcr0Yh68go&list=UUG3jF2hgofmLWP0tRPisQAQ
- changes after Diapolo's feedback. Have not been able to build after last pool, issues with boost on MacOSX, will test on Ubuntu these changes.
- removed return statement on switch
- renamed onDisplayUnitsChanged(int) to updateDisplayUnit(int)
- now getAmountColumnTitle(int unit) takes a simple unit parameter. moved to BitcoinUnits.
This commit removes all the unnecessary dependencies (key, core,
netbase, sync, ...) from bitcoin-cli.
To do this it shards the chain parameters into BaseParams, which
contains just the RPC port and data directory (as used by utils and
bitcoin-cli) and Params, with the rest.
Relax the AreInputsStandard() tests for P2SH transactions --
allow any Script in a P2SH transaction to be relayed/mined,
as long as it has 15 or fewer signature operations.
Rationale: https://gist.github.com/gavinandresen/88be40c141bc67acb247
I don't have an easy way to test this, but the code changes are
straightforward and I've updated the AreInputsStandard unit tests.
bitcoin-config.h moved, but the old file is likely to still exist when
reconfiguring or switching branches. This would've caused files to not rebuild
correctly, and other strange problems.
Make the path explicit so that the old one cannot be found.
Core libs use config/bitcoin-config.h.
Libs (like crypto) which don't want access to bitcoin's headers continue
to use -Iconfig and #include bitcoin-config.h.
`&vch[vch.size()]` and even `&vch[0]` on vectors can cause assertion
errors with VC in debug mode. This is the problem mentioned in #4239.
The deeper problem with this is that we rely on undefined behavior.
- Add `begin_ptr` and `end_ptr` functions that get the beginning and end
pointer of vector in a reliable way that copes with empty vectors and
doesn't reference outside the vector
(see https://stackoverflow.com/questions/1339470/how-to-get-the-address-of-the-stdvector-buffer-start-most-elegantly/1339767#1339767).
- Add a convenience constructor to CFlatData that wraps a vector.
I added `begin_ptr` and `end_ptr` as separate functions as I imagine
they will be useful in more places.
a0495bb Add <Hasher>::OUTPUT_SIZE (Pieter Wuille)
4791b99 crypto: create a separate lib for crypto functions (Cory Fields)
f2647cc crypto: explicitly check for byte read/write functions (Cory Fields)
5437248 build: move bitcoin-config.h to its own directory (Cory Fields)
3820e01 Extend and move all crypto tests to crypto_tests.cpp (Pieter Wuille)
7ecd973 Move {Read,Write}{LE,BE}{32,64} to common.h and use builtins if possible (Pieter Wuille)
a5bc9c0 Add built-in RIPEMD-160 implementation (Pieter Wuille)
13b5dfe Move crypto implementations to src/crypto/ (Pieter Wuille)
1cc344c Add built-in SHA-1 implementation. (Pieter Wuille)
85aab2a Switch miner.cpp to use sha2 instead of OpenSSL. (Pieter Wuille)
cf0c47b Remove getwork() RPC call (Pieter Wuille)
7b4737c Switch script.cpp and hash.cpp to use sha2.cpp instead of OpenSSL. (Pieter Wuille)
977cdad Add a built-in SHA256/SHA512 implementation. (Pieter Wuille)
Cancelling the RPC acceptors can sometimes result in an error about
a bad file descriptor.
As this is the shutdown sequence we need to continue nevertheless,
ignore these errors, log a warning and proceed.
Fixes#4352.
As it says on the tin. It was deprecated in version 0.9, and
at some point it should be removed.
Removes the dependency of bitcoind on libbitcoin-cli.a. Move
some functions that used to be shared but are now only used in
bitcoin-cli.cpp to that file.
After this change, an error is printed (and exit code 1 is returned)
when the user tries to send RPC commands using bitcoind.
5c97aae qt: Unify AboutDialog and HelpMessageDialog (Wladimir J. van der Laan)
45615af Add 'about' information to `-version` output (Wladimir J. van der Laan)
97789d3 util: Add function FormatParagraph to format paragraph to fixed-width (Wladimir J. van der Laan)
96b733e Add `-version` option to get just the version (Wladimir J. van der Laan)
Adds a copyright and attribution message to the `-version` output
(the same as shown in the About dialog in the GUI).
Move the message to a function LicenseInfo in init.cpp.
Adds a `-version` or `--version` option to print just the version
of the program for bitcoind, bitcoin-cli and bitcoin-qt.
Also make it that `-help` can be used to display the help (as well as
existing `--help`). Up to now, `-help` was the only option that didn't
work with either one or two dashes.
- remove an unneded else in ConnectNode()
- make 0 a double and change to 0.0 in ConnectNode()
- rename strDest to pszDest in OpenNetworkConnection()
- remove an unneded call to our REF() macro in BindListenPort()
- small style cleanups and removal of unneeded new-lines
- add DEFAULT_LISTEN in net.h and use in the code (shared
setting between core and GUI)
Important: This makes it obvious, that we need to re-think the
settings/options handling, as GUI settings are processed before
any parameter-interaction (which is mostly important for network
stuff) in AppInit2()!
The rcc tool is quirky and only honors files in the same directory as the qrc.
When doing an out-of-tree build (as 'make distcheck' does), the generated
translation files end up in a different path, so rcc can't find them.
Split them up so that rcc is run twice: once for static source files and once
for generated files.
... instead of after 30 minutes of no sending, for latency measurement
and keep-alive. Also, disconnect if no reply arrives within 20 minutes,
instead of 90 of inactivity (for peers supporting the 'pong' message).
f0a83fc Use Params().NetworkID() instead of TestNet() from the payment protocol (jtimon)
2871889 net.h was using std namespace through chainparams.h included in protocol.h (jtimon)
c8c52de Replace virtual methods with static attributes, chainparams.h depends on protocol.h instead of the other way around (jtimon)
a3d946e Get rid of TestNet() (jtimon)
6fc0fa6 Add RPCisTestNet chain parameter (jtimon)
cfeb823 Add RequireStandard chain parameter (jtimon)
21913a9 Add AllowMinDifficultyBlocks chain parameter (jtimon)
d754f34 Move majority constants to chainparams (jtimon)
8d26721 Get rid of RegTest() (jtimon)
cb9bd83 Add DefaultCheckMemPool chain parameter (jtimon)
2595b9a Add DefaultMinerThreads chain parameter (jtimon)
bfa9a1a Add MineBlocksOnDemand chain parameter (jtimon)
1712adb Add MiningRequiresPeers chain parameter (jtimon)
New RPC methods: return an estimate of the fee (or priority) a
transaction needs to be likely to confirm in a given number of
blocks.
Mike Hearn created the first version of this method for estimating fees.
It works as follows:
For transactions that took 1 to N (I picked N=25) blocks to confirm,
keep N buckets with at most 100 entries in each recording the
fees-per-kilobyte paid by those transactions.
(separate buckets are kept for transactions that confirmed because
they are high-priority)
The buckets are filled as blocks are found, and are saved/restored
in a new fee_estiamtes.dat file in the data directory.
A few variations on Mike's initial scheme:
To estimate the fee needed for a transaction to confirm in X buckets,
all of the samples in all of the buckets are used and a median of
all of the data is used to make the estimate. For example, imagine
25 buckets each containing the full 100 entries. Those 2,500 samples
are sorted, and the estimate of the fee needed to confirm in the very
next block is the 50'th-highest-fee-entry in that sorted list; the
estimate of the fee needed to confirm in the next two blocks is the
150'th-highest-fee-entry, etc.
That algorithm has the nice property that estimates of how much fee
you need to pay to get confirmed in block N will always be greater
than or equal to the estimate for block N+1. It would clearly be wrong
to say "pay 11 uBTC and you'll get confirmed in 3 blocks, but pay
12 uBTC and it will take LONGER".
A single block will not contribute more than 10 entries to any one
bucket, so a single miner and a large block cannot overwhelm
the estimates.
Use CFeeRate instead of an int64_t for quantities that are
fee-per-size.
Helps prevent unit-conversion mismatches between the wallet,
relaying, and mining code.
Now that the build is non-recursive, adding to AM_CPPFLAGS means adding to
_all_ cppflags.
Logical groups of includes have been added instead, and are used individually
by various targets.
- Some file generation was still noisy, silence it.
- AM_V_GEN is used rather than @ so that 'make V=1' works as intended
- Cut down on file copies and moves when using sed, use pipes instead
- Avoid the use of top_ and abs_ dirs where possible
Build logic moves from individual Makefile.am's to include files, which
the main src/Makefile.am includes. This avoids having to manage a gigantic
single Makefile.
TODO: Move the rules from the old Makefile.include to where they actually
belong and nuke the old file.