This was committed previously as 4975ae172 and reverted, because the flags were
applied even if the checks didn't pass. This is the same commit, fixed up to
actually disable the functionality when necessary.
Enabled automatically if boost >= 1.49.
See: https://svn.boost.org/trac/boost/ticket/2309
Also, check for a default visibility attribute, so that we can mark future
api functions correctly.
Thus the read(...) and write(...) methods of all stream classes now have identical parameter lists.
This will bring these classes one step closer to a common interface.
No need to waste startup time building something that can be done
at compile time.
This also resolves a clang++ warning originally reported in #4714,
univalue/univalue_write.cpp:33:12: warning: array subscript is of type 'char
escapes['"'] = "\\"";
^~~~
etc.
aa82795 Add detailed network info to getnetworkinfo RPC (Wladimir J. van der Laan)
075cf49 Add GetNetworkName function (Wladimir J. van der Laan)
c91a947 Add IsReachable(net) function (Wladimir J. van der Laan)
60dc8e4 Allow -onlynet=onion to be used (Wladimir J. van der Laan)
This commit adds per-network information to the
getnetworkinfo RPC call:
- Is the network limited?
- Is the network reachable
- Which proxy is used for this network, if any
Inspired by #2575.
This number was still tracked even though it's shown nowhere in the UI
anymore. It was originally removed because it didn't match the actual number of
records in the view (which contains outputs, not transactions) thus was
confusing people.
This corrects a bug where an exception thrown reading from the database causes the cursor to
be left open, which causes an assertion error to occur when the database is deleted (around
line 938 of init.cpp).
Enabled automatically if boost >= 1.49.
See: https://svn.boost.org/trac/boost/ticket/2309
Also, check for a default visibility attribute, so that we can mark future
api functions correctly.
When the libpath doesn't line up with the value from config.sub, we don't find
the correct path to boost's libs. This adds a hack to try another path before
giving up.
Should close#3219.
While we're at it, reduce the use of LIBS as well. This makes dependencies
explicit.
Fixes building with (the not-yet-merged) libsecp256k1 as well.
Github-Pull: #4689
Rebased-By: Wladimir J. van der laan <laanwj@gmail.com>
Rebased-From: 909b347 c0e5dda
Due to growing coinsviewcaches, the memory usage with checklevel=3
(and standard settings for dbcache) could be up to 500MiB on a
64-bit system. This is about twice the peak during reindexing,
unnecessarily extending bitcoind's memory envelope.
This commit reduces the maximum total size of the caches used during
verification to just nCoinCacheSize, which should be the limit.
CCryptoKeyStore::Unlock has a loop to attempt decrypting each key which
only executes once, likely due to a simple mistake when the code was
originally written.
This patch fixes the behavior by making it check all keys. It also adds
a fatal assertion in the case some decrypt but some do not, since that
indicates that the wallet is in some kind of really bad state.
This may make unlocking noticeably slower on wallets with many keys.
Remove the 'state' and 'exceptmask' from serialize.h's stream implementations,
as well as related methods.
As exceptmask always included 'failbit', and setstate was always called with
bits = failbit, all it did was immediately raise an exception. Get rid of
those variables, and replace the setstate with direct exception throwing
(which also removes some dead code).
As a result, good() is never reached after a failure (there are only 2
calls, one of which is in tests), and can just be replaced by !eof().
fail(), clear(n) and exceptions() are just never called. Delete them.
- this prevents the ability to fiddle around with the system tray when
already shutting down (e.g. on slow shutdowns because of a proxy delay)
- extends solution for #4360
- ensure normal and watch-only stuff looks consistent
- simplify UI by removing unneeded UI layout elements
- change some comments to watch-only from watchonly
6b271a3 build: fix race in 'make deploy' for windows (Cory Fields)
d343460 build: Fix 'make deploy' when binaries haven't been built yet (Cory Fields)
206a7f9 build: hook up qt translations for static osx packaging (Cory Fields)
d597219 build: add --with-qt-translationdir to configure for use with static qt (Cory Fields)
71941ce build: teach macdeploy the -translations-dir argument, for use with static qt (Cory Fields)
f8120f7 build: Find the proper xcb/pcre dependencies (Cory Fields)
eccd585 build: silence mingw fpic warning spew (Cory Fields)
a98356f build: don't let libtool insert rpath into binaries (Cory Fields)
It currently returns uint64_t, which on older boost (at least 1.46) causes
test failures on 32-bit systems.
This problem was introduced in bc42503.
Fixes#4634.
The size limit makes a lot of sense for the server, as it never has to
accept very large data.
The client, however, can request arbitrary amounts of data with
`listtransactions` on a large wallet.
Fixes#4604.
Split up HTTPReply into HTTPReply and HTTPReplyHeader, so that
the message data can be streamed directly.
Also removes a c_str(), which would have prevented binary
output with NUL characters in it.
The only other method of logging remote addresses is via
-logips=1 -debug=net
which increases the logged activity by 100x or more.
Github-Pull: #4608
Amended-By: Wladimir J. van der Laan <laanwj@gmail.com>
e59441f Process fee estimate file into temporary vector first to let sanity checking complete. (Alex Morcos)
961ae93 Fix minor bug which only affected log messages. (Alex Morcos)
17f1567 Fixed a bug with index bounds checking (Alex Morcos)
- remove starting height as table header and replace with ping time
- remove columnResizingFixer
- add local address (if available) in detailed node view (on top of the
right view below the remote address)
- remove some .c_str() by using QString::fromStdString()
- rename Address to Address/Hostname
- rename secs to just s for ping time
- use MODEL_UPDATE_DELAY from guiconstants.h for the peer refresh time
- make PeerTableModel::columnCount() return no hard-coded value
- remove and cleanup dup private: section in RPCConsole header
- add new defaults for column sizes
- remove behaviour which keeps disconnected peers selected and also remove
code which keeps track of last selected peer stats
- add sync height to detail view
- add some additional NULL pointer checks for clientModel in
rpcconsole.cpp
Port over https://github.com/chronokings/huntercoin/pull/19 from
Huntercoin: This implements a new RPC command "getchaintips" that can be
used to find all currently active chain heads. This is similar to the
-printblocktree startup option, but it can be used without restarting
just via the RPC interface on a running daemon.
This makes it possible for a node with `-onlynet=tor` to bootstrap
itself.
It also adds the base infrastructure for adding IPv6 seed nodes.
Also represent IPv4 fixed seed addresses in 16-byte format.
- error: 'vector' in namespace 'std' does not name a type
- add <vector> include in core_io.h
- remove <vector> includes from core_read.cpp and core_write.cpp
d2d9dc0 script tests: add tests for CHECKMULTISIG limits (Otto Allmendinger)
89101c6 script test: test case for 5-byte bools (Otto Allmendinger)
4cac5db script tests: value with trailing 0x00 is true (Otto Allmendinger)
833ff16 script tests: values that overflow to 0 are true (Otto Allmendinger)
0072d98 script tests: BOOLAND, BOOLOR decode to integer (Otto Allmendinger)
ed02282 additional test for OP_SIZE in script_valid.json (Otto Allmendinger)
This is a simple utility that provides command line manipulation of
a hex-encoded TX. The utility takes a hex string on the command line
as input, performs zero or more mutations, and outputs a hex string
to standard output.
This utility is also an intentional exercise of the "bitcoin library"
concept. It is designed to require minimal libraries, and works
entirely without need for any RPC or P2P communication.
See "bitcoin-tx --help" for command and options summary.
* Replace -benchmark (and the related fBenchmark) with a regular debug option, -debug=bench.
* Increase coverage and granularity of individual block processing steps.
* Add cummulative times.
Fixes various issues and cleans up code
- Fixes issue #4500: Amount widget +/- has floating point rounding artifacts
- Amount box can now be emptied again, without clearing to 0
Also aligns the amount to the right, as in other places.
First and foremost, this defaults to OFF.
This option lets a node consider such transactions non-standard,
meaning they will not be relayed or mined by default, but other miners
are free to mine these as usual.
7149499 Add comments re BitcoinUnits::formatWithUnit/formatHtmlWithUnit (Roy Badami)
f7d70c6 Remove unused fAlign argument from BitcoinUnits::format and friends (Roy Badami)
2e4fee2 Show bitcoin quantities with full precision, even in the presence of trailing zeros (Roy Badami)
7007402 Implement SI-style (thin space) thoudands separator (Roy Badami)
This is the first part of a huge effort to rework the handling of dependencies.
To start, this change allows all supported platforms to build against a static
Qt. 5.2.1 and 5.3 have been successfully tested against osx64, win32, win64,
linux32, and linux64.
It also makes a small change to the windows config, to allow linking against
qt builds with or without built-in libjpeg/libpng/libpcre/libz.
The actual build processes to take advantage of these changes (for gitian and
pull-tester) are coming soon. Until then, this should be a no-op.
- the call to CloseSocket() is placed after the WSAGetLastError(), because
a CloseSocket() can trigger an error also, which we don't want for the
logging in this two cases
Simpler alternative to #4348.
The current setup with closesocket() is strange. It poses
as a compatibility wrapper but adds functionality.
Rename it and make it a documented utility function in netbase.
Code movement only, zero effect on the functionality.
33357b2 qt: Start core thread only when needed (Wladimir J. van der Laan)
c715ff5 ui: Replace some LogPrintfs with qDebug() (Wladimir J. van der Laan)
96ff9d6 Can't log to debug log before chain params initialized (Wladimir J. van der Laan)
Block 295,000 seems to meet the criteria of a reasonable timestamp and
no strange transactions. 295,000 is the current block height in the
bootstrap.dat torrent provided by jgarzik.
Start the core thread only when needed for initialization
or shutdown.
Avoids a bit of overhead, and also avoids spamming two
log messages before logging is properly initialized.
Add a function `AreBaseParamsConfigured` and use this to check
before writing to the debug log. This avoids assertions when the
application happens to log too early, which happens in the GUI.
Messages logged before the base parameters are configured can be
shown using `-printtoconsole`.
The option is only effective for either wallet-less builds or if
-disablewallet is specified as well.
Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
Rebased-From: 34d5fc0 4e1a196 bd4307b d53a33b 7e09b36
Github-Pull: #4286
4eedf4f make RandAddSeed() use OPENSSL_cleanse() (Philip Kaufmann)
6354935 move rand functions from util to new random.h/.cpp (Philip Kaufmann)
001a53d add GetRandBytes() as wrapper for RAND_bytes() (Philip Kaufmann)
An user on IRC reported an issue where `getrawchangeaddress`
keeps returning a single address when the keypool is exhausted.
In my opinion this is strange behaviour.
- Change CReserveKey to fail when running out of keys in the keypool.
- Make `getrawchangeaddress` return RPC_WALLET_KEYPOOL_RAN_OUT when
unable to create an address.
- Add a Python RPC test for checking the keypool behaviour in combination
with encrypted wallets.
This removes some inconsistencies in what worked and didn't work in
safemode. Now only RPCs involved in getting balances or sending
funds are disabled.
Previously you could mine but not submit blocks— but we may need more
blocks to resolve a fork that triggered safe mode in the first place,
and the non-submission was not reliable since some miners submit
blocks via multiple means. There were also a number of random commands
disabled that had nothing to do with the blockchain like verifymessage.
Thanks to earlz for pointing out that there were some moderately cheap
ways to maliciously trigger safe mode, which brought attention to
the fact that safemode wasn't used in a very intelligent way.
This adds a -whitelist option to specify subnet ranges from which peers
that connect are whitelisted. In addition, there is a -whitebind option
which works like -bind, except peers connecting to it are also
whitelisted (allowing a separate listen port for trusted connections).
Being whitelisted has two effects (for now):
* They are immune to DoS disconnection/banning.
* Transactions they broadcast (which are valid) are always relayed,
even if they were already in the mempool. This means that a node
can function as a gateway for a local network, and that rebroadcasts
from the local network will work as expected.
Whitelisting replaces the magic exemption localhost had for DoS
disconnection (local addresses are still never banned, though), which
implied hidden service connects (from a localhost Tor node) were
incorrectly immune to DoS disconnection as well. This old
behaviour is removed for that reason, but can be restored using
-whitelist=127.0.0.1 or -whitelist=::1 can be specified. -whitebind
is safer to use in case non-trusted localhost connections are expected
(like hidden services).
- add a small wrapper in util around RAND_bytes() and replace with
GetRandBytes() in the code to log errors from calling RAND_bytes()
- remove OpenSSL header rand.h where no longer needed
- small changes to Shutdown(), buffer __func__, which is now used in
all LogPrintf() calls and format for better readability
- order using namespace alpabetically
a3e192a replaced MINE_ with ISMINE_ (JaSK)
53a2148 fixed bug where validateaddress doesn't display information (JaSK)
f28707a fixed bug in ListReceived() (JaSK)
519dd1c Added MINE_ALL = (spendable|watchonly) (JaSK)
23b0506 Fixed some stuff in TransactionDesc (JaSK)
80dda36 removed default argument values for ismine filter (JaSK)
d5087d1 Use script matching rather than destination matching for watch-only. (Pieter Wuille)
0fa2f88 added includedWatchonly argument to listreceivedbyaddress/...account (JaSK)
f87ba3d added includeWatchonly argument to 'gettransaction' because it affects balance calculation (JaSK)
a5c6c5d fixed tiny glitch and improved readability like laanwj suggested (JaSK)
d7d5d23 Added argument to listtransactions and listsinceblock to include watchonly addresses (JaSK)
952877e Showing 'involvesWatchonly' property for transactions returned by 'listtransactions' and 'listsinceblock'. It is only appended when the transaction involves a watchonly address. (JaSK)
83f3543 Added argument to listaccounts to include watchonly addresses (JaSK)
d4640d7 Added argument to getbalance to include watchonly addresses and fixed errors in balance calculation. (JaSK)
d2692f6 Watchonly transactions are marked in transaction history (JaSK)
ffd40da Watchonly balances are shown separately in gui. (JaSK)
2935b21 qt: Hide unspendable outputs in coin control (Wladimir J. van der Laan)
c898846 Add support for watch-only addresses (Pieter Wuille)
Get rid of SendMoney and replace it by the functionality of
SendMoneyToDestination. This cleans up the code, since only
SendMoneyToDestination was actually used (SendMoney internally from this
routine).
75f51f2a introduced asynchronous processing for blocks, where reject messages
and DoS scoring could be applied outside of ProcessBlock, because block
validation may happen later.
However, some types of errors are still detected immediately (in particular,
CheckBlock violations), which need acting after ProcessBlock returns.
The wallet now uses the mempool fee estimator with a new
command-line option: -txconfirmtarget (default: 1) instead
of using hard-coded fees or priorities.
A new bitcoind that hasn't seen enough transactions to estimate
will fall back to the old hard-coded minimum priority or
transaction fee.
-paytxfee option overrides -txconfirmtarget.
Relaying and mining code isn't changed.
For Qt, the coin control dialog now uses priority estimates to
label transaction priority (instead of hard-coded constants);
unspent outputs were consistently labeled with a much higher
priority than is justified by the free transactions actually
being accepted into blocks.
I did not implement any GUI for setting -txconfirmtarget; I would
suggest getting rid of the "Pay transaction fee" GUI and replace
it with either "target number of confirmations" or maybe
a "faster confirmation <--> lower fee" slider or select box.
This changes the keystore data format, wallet format and IsMine logic
to detect watch-only outputs based on direct script matching rather
than first trying to convert outputs to destinations (addresses).
The reason is that we don't know how the software that has the spending
keys works. It may support the same types of scripts as us, but that is
not guaranteed. Furthermore, it removes the ambiguity between addresses
used as identifiers for output scripts or identifiers for public keys.
One practical implication is that adding a normal pay-to-pubkey-hash
address via importaddress will not cause payments to the corresponding
full public key to be detected as IsMine. If that is wanted, add those
scripts directly (importaddress now also accepts any hex-encoded script).
Conflicts:
src/wallet.cpp
Changes:
* Add Add/Have WatchOnly methods to CKeyStore, and implementations
in CBasicKeyStore.
* Add similar methods to CWallet, and support entries for it in
CWalletDB.
* Make IsMine in script/wallet return a new enum 'isminetype',
rather than a boolean. This allows distinguishing between
spendable and unspendable coins.
* Add a field fSpendable to COutput (GetAvailableCoins' return type).
* Mark watchonly coins in listunspent as 'watchonly': true.
* Add 'watchonly' to validateaddress, suppressing script/pubkey/...
in this case.
Based on a patch by Eric Lombrozo.
Conflicts:
src/qt/walletmodel.cpp
src/rpcserver.cpp
src/wallet.cpp
Note: This is added to our existing automake targets rather than as a
libtool-style lib. The switch to libtool-style targets can come later if it
proves to not add any complications.
5d59921 add missing BOOST_FOREACH indentation in ThreadSocketHandler() (Philip Kaufmann)
9e9ca2b small cleanup of #ifdefs in BindListenPort() (Philip Kaufmann)
After pull #4288, RPC messages indicating errors have a Content-Length unrelated
to their actual contents, rendering bitcoin-cli and curl unable to decode the
reply.
This patch sets the Content-Length field based on the actual content returned.
Additionally, pull #4288 clobbered the error descriptions provided in
ErrorReply, which bitcoin-cli relies upon; this patch moves #4288 http-error
descriptions to an HTTPError method, allowing HTTPReply to pass content on
unchanged.
The original comment forgets to account for the script push which will
need an OP_PUSHDATA2 + 2-bytes for the 513 script bytes.
props davecgh
fixes#4224
-respendnotify=<cmd> Execute command when a network tx respends wallet
tx input (%s=respend TxID, %t=wallet TxID)
Add respendsobserved array to gettransaction, listtransactions, and
listsinceblock RPCs. This omits the malleated clones that are included
in the walletconflicts array.
Add RPC help for respendsobserved and walletconflicts (help was missing
for the latter).
Respend transactions that conflict with transactions already in the
wallet are added to it. They are not displayed unless they also involve
the wallet, or get into a block. If they do not involve the wallet,
they continue not to affect balance.
Transactions that involve the wallet, and have conflicting non-equivalent
transactions, are highlighted in red. When the conflict first occurs, a
modal dialog is thrown.
CWallet::SyncMetaData is changed to sync only to equivalent transactions.
When a conflict is added to the wallet, counter nConflictsReceived is
incremented. This acts like a change in active block height for the
purpose of triggering UI updates.
Allows network wallets and other clients to see transactions that respend
a prevout already spent in an unconfirmed transaction in this node's mempool.
Knowledge of an attempted double-spend is of interest to recipients of the
first spend. In some cases, it will allow these recipients to withhold
goods or services upon being alerted of a double-spend that deprives them
of payment.
As before, respends are not added to the mempool.
Anti-Denial-of-Service-Attack provisions:
- Use a bloom filter to relay only one respend per mempool prevout
- Rate-limit respend relays to a default of 100 thousand bytes/minute
- Define tx2.IsEquivalentTo(tx1): equality when scriptSigs are not considered
- Do not relay these equivalent transactions
Remove an unused variable declaration in txmempool.cpp.
ed5769f Move AcceptedConnection class to rpcserver.h. (Jeff Garzik)
854d013 RPC code movement: separate out JSON-RPC execution logic from HTTP server logic (Jeff Garzik)
c912e22 RPC cleanup: Improve HTTP server replies (Jeff Garzik)
1) support varying content types
2) support only sending the header
3) properly deliver error message as content, if HTTP error
4) move AcceptedConnection class to header, for wider use
By default, all command line parameters are converted into JSON string
values. There is no need to manually specify the incoming type.
A binary decision "parse as string or JSON?" is all that's necessary.
Convert to a simple class, initialized at runtime startup, which offers
a quick lookup to answer "parse as JSON?" conversion question.
Future parameter conversions need only to indicate the method name
and zero-based index of the parameter needing JSON parsing.
In the LookupIntern(), things changed are:
1. Call getaddrinfo_a() instead of getaddrinfo() if available, the former is a sync version of the latter;
2. Try using inet_pton()/inet_addr() to convert the input text to a network addr structure at first, if success the extra name resolving thread inside getaddrinfo_a() could be avoided;
3. An interruption point added in the waiting loop for return from getaddrinfo_a(), which completes the improve for thread responsiveness.
A easy way to see the effect is to kick off a 'bitcoind stop' immediately after 'bitcoind -daemon', before the change it would take several, or even tens of, minutes on a bad network situation to wait for the running bitcoind to exit, now it costs only seconds.
Signed-off-by: Huang Le <4tarhl@gmail.com>
8ae973c Allocate more space if necessary in RandSeedAddPerfMon (Wladimir J. van der Laan)
be873f6 Issue warning if collecting RandSeed data failed (Wladimir J. van der Laan)
fcb0a1b change "char pch[200000]" to "new char[200000]" (daniel)
Currently we use a fixed buffer of 250000 bytes to request
HKEY_PERFORMANCE_DATA. In many cases this is not enough, causing the
entropy collection to be skipped.
Use a loop that grows the buffer as specified in the RegQueryValueEx
documentation:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms724911%28v=vs.85%29.aspx
(as the size of the performance data can differ for every call, the
normal solution of requesting the size then allocating that can't work)
- SO_NOSIGPIPE isn't available on WIN32 so merge the 2 non-WIN32 blocks
- use predefined names from header for IPV6_PROTECTION_LEVEL and
PROTECTION_LEVEL_UNRESTRICTED
Two changes:
First removes a unit test that fails in my development environment
(OSX, compiled -g3 with clang).
sipa says that's not terribly surprising; the CMutableTransaction change
makes signing a little more expensive but verification quicker. The unit
test timed sign+verify-uncached versus verify-cached-five-times.
He also says the test will be invalid when libsec256kp1 is integrated
(because validation is super-optimized over signing).
core.h change fixes a compiler warning (clang -Wall : CMutableTransaction defined
as struct, declared as class in script.h).
- New status bar control shows the current Unit of Display.
When clicked (left,or right button) it shows a context menu
that allows the user to switch the current Unit of Display (BTC, mBTC, uBTC)
- Recent Requests and Transaction Table headers are now updated when
unit of display is changed, because their "Amount" column now displays the
current unit of display.
- Takes care of issue #3970 Units in transaction export csv file.
- Small refactors for reusability.
- Demo Video https://www.youtube.com/watch?v=wwcr0Yh68go&list=UUG3jF2hgofmLWP0tRPisQAQ
- changes after Diapolo's feedback. Have not been able to build after last pool, issues with boost on MacOSX, will test on Ubuntu these changes.
- removed return statement on switch
- renamed onDisplayUnitsChanged(int) to updateDisplayUnit(int)
- now getAmountColumnTitle(int unit) takes a simple unit parameter. moved to BitcoinUnits.
This commit removes all the unnecessary dependencies (key, core,
netbase, sync, ...) from bitcoin-cli.
To do this it shards the chain parameters into BaseParams, which
contains just the RPC port and data directory (as used by utils and
bitcoin-cli) and Params, with the rest.
Relax the AreInputsStandard() tests for P2SH transactions --
allow any Script in a P2SH transaction to be relayed/mined,
as long as it has 15 or fewer signature operations.
Rationale: https://gist.github.com/gavinandresen/88be40c141bc67acb247
I don't have an easy way to test this, but the code changes are
straightforward and I've updated the AreInputsStandard unit tests.
bitcoin-config.h moved, but the old file is likely to still exist when
reconfiguring or switching branches. This would've caused files to not rebuild
correctly, and other strange problems.
Make the path explicit so that the old one cannot be found.
Core libs use config/bitcoin-config.h.
Libs (like crypto) which don't want access to bitcoin's headers continue
to use -Iconfig and #include bitcoin-config.h.
`&vch[vch.size()]` and even `&vch[0]` on vectors can cause assertion
errors with VC in debug mode. This is the problem mentioned in #4239.
The deeper problem with this is that we rely on undefined behavior.
- Add `begin_ptr` and `end_ptr` functions that get the beginning and end
pointer of vector in a reliable way that copes with empty vectors and
doesn't reference outside the vector
(see https://stackoverflow.com/questions/1339470/how-to-get-the-address-of-the-stdvector-buffer-start-most-elegantly/1339767#1339767).
- Add a convenience constructor to CFlatData that wraps a vector.
I added `begin_ptr` and `end_ptr` as separate functions as I imagine
they will be useful in more places.
a0495bb Add <Hasher>::OUTPUT_SIZE (Pieter Wuille)
4791b99 crypto: create a separate lib for crypto functions (Cory Fields)
f2647cc crypto: explicitly check for byte read/write functions (Cory Fields)
5437248 build: move bitcoin-config.h to its own directory (Cory Fields)
3820e01 Extend and move all crypto tests to crypto_tests.cpp (Pieter Wuille)
7ecd973 Move {Read,Write}{LE,BE}{32,64} to common.h and use builtins if possible (Pieter Wuille)
a5bc9c0 Add built-in RIPEMD-160 implementation (Pieter Wuille)
13b5dfe Move crypto implementations to src/crypto/ (Pieter Wuille)
1cc344c Add built-in SHA-1 implementation. (Pieter Wuille)
85aab2a Switch miner.cpp to use sha2 instead of OpenSSL. (Pieter Wuille)
cf0c47b Remove getwork() RPC call (Pieter Wuille)
7b4737c Switch script.cpp and hash.cpp to use sha2.cpp instead of OpenSSL. (Pieter Wuille)
977cdad Add a built-in SHA256/SHA512 implementation. (Pieter Wuille)
Cancelling the RPC acceptors can sometimes result in an error about
a bad file descriptor.
As this is the shutdown sequence we need to continue nevertheless,
ignore these errors, log a warning and proceed.
Fixes#4352.
As it says on the tin. It was deprecated in version 0.9, and
at some point it should be removed.
Removes the dependency of bitcoind on libbitcoin-cli.a. Move
some functions that used to be shared but are now only used in
bitcoin-cli.cpp to that file.
After this change, an error is printed (and exit code 1 is returned)
when the user tries to send RPC commands using bitcoind.
5c97aae qt: Unify AboutDialog and HelpMessageDialog (Wladimir J. van der Laan)
45615af Add 'about' information to `-version` output (Wladimir J. van der Laan)
97789d3 util: Add function FormatParagraph to format paragraph to fixed-width (Wladimir J. van der Laan)
96b733e Add `-version` option to get just the version (Wladimir J. van der Laan)
Adds a copyright and attribution message to the `-version` output
(the same as shown in the About dialog in the GUI).
Move the message to a function LicenseInfo in init.cpp.
Adds a `-version` or `--version` option to print just the version
of the program for bitcoind, bitcoin-cli and bitcoin-qt.
Also make it that `-help` can be used to display the help (as well as
existing `--help`). Up to now, `-help` was the only option that didn't
work with either one or two dashes.
- remove an unneded else in ConnectNode()
- make 0 a double and change to 0.0 in ConnectNode()
- rename strDest to pszDest in OpenNetworkConnection()
- remove an unneded call to our REF() macro in BindListenPort()
- small style cleanups and removal of unneeded new-lines
- add DEFAULT_LISTEN in net.h and use in the code (shared
setting between core and GUI)
Important: This makes it obvious, that we need to re-think the
settings/options handling, as GUI settings are processed before
any parameter-interaction (which is mostly important for network
stuff) in AppInit2()!
The rcc tool is quirky and only honors files in the same directory as the qrc.
When doing an out-of-tree build (as 'make distcheck' does), the generated
translation files end up in a different path, so rcc can't find them.
Split them up so that rcc is run twice: once for static source files and once
for generated files.
... instead of after 30 minutes of no sending, for latency measurement
and keep-alive. Also, disconnect if no reply arrives within 20 minutes,
instead of 90 of inactivity (for peers supporting the 'pong' message).
f0a83fc Use Params().NetworkID() instead of TestNet() from the payment protocol (jtimon)
2871889 net.h was using std namespace through chainparams.h included in protocol.h (jtimon)
c8c52de Replace virtual methods with static attributes, chainparams.h depends on protocol.h instead of the other way around (jtimon)
a3d946e Get rid of TestNet() (jtimon)
6fc0fa6 Add RPCisTestNet chain parameter (jtimon)
cfeb823 Add RequireStandard chain parameter (jtimon)
21913a9 Add AllowMinDifficultyBlocks chain parameter (jtimon)
d754f34 Move majority constants to chainparams (jtimon)
8d26721 Get rid of RegTest() (jtimon)
cb9bd83 Add DefaultCheckMemPool chain parameter (jtimon)
2595b9a Add DefaultMinerThreads chain parameter (jtimon)
bfa9a1a Add MineBlocksOnDemand chain parameter (jtimon)
1712adb Add MiningRequiresPeers chain parameter (jtimon)
New RPC methods: return an estimate of the fee (or priority) a
transaction needs to be likely to confirm in a given number of
blocks.
Mike Hearn created the first version of this method for estimating fees.
It works as follows:
For transactions that took 1 to N (I picked N=25) blocks to confirm,
keep N buckets with at most 100 entries in each recording the
fees-per-kilobyte paid by those transactions.
(separate buckets are kept for transactions that confirmed because
they are high-priority)
The buckets are filled as blocks are found, and are saved/restored
in a new fee_estiamtes.dat file in the data directory.
A few variations on Mike's initial scheme:
To estimate the fee needed for a transaction to confirm in X buckets,
all of the samples in all of the buckets are used and a median of
all of the data is used to make the estimate. For example, imagine
25 buckets each containing the full 100 entries. Those 2,500 samples
are sorted, and the estimate of the fee needed to confirm in the very
next block is the 50'th-highest-fee-entry in that sorted list; the
estimate of the fee needed to confirm in the next two blocks is the
150'th-highest-fee-entry, etc.
That algorithm has the nice property that estimates of how much fee
you need to pay to get confirmed in block N will always be greater
than or equal to the estimate for block N+1. It would clearly be wrong
to say "pay 11 uBTC and you'll get confirmed in 3 blocks, but pay
12 uBTC and it will take LONGER".
A single block will not contribute more than 10 entries to any one
bucket, so a single miner and a large block cannot overwhelm
the estimates.
Use CFeeRate instead of an int64_t for quantities that are
fee-per-size.
Helps prevent unit-conversion mismatches between the wallet,
relaying, and mining code.
Now that the build is non-recursive, adding to AM_CPPFLAGS means adding to
_all_ cppflags.
Logical groups of includes have been added instead, and are used individually
by various targets.
- Some file generation was still noisy, silence it.
- AM_V_GEN is used rather than @ so that 'make V=1' works as intended
- Cut down on file copies and moves when using sed, use pipes instead
- Avoid the use of top_ and abs_ dirs where possible
Build logic moves from individual Makefile.am's to include files, which
the main src/Makefile.am includes. This avoids having to manage a gigantic
single Makefile.
TODO: Move the rules from the old Makefile.include to where they actually
belong and nuke the old file.
Should be merged after pull request #4281
("Add `-version` option to get just the version #4281"),
because is changed "--help" to "-help".
Checked that grep of 'mapArgs.count("--' returned only
three places that are fixed by pull request #4281.
Previously if bitcoind is linked with an OpenSSL which is compiled
without EC support, this is seen as an assertion failure "pKey !=
NULL" at key.cpp:134, which occurs after several seconds. It is an
esoteric piece of knowledge to interpret this as "oops, I linked
with the wrong OpenSSL", and because of the delay it may not even
be noticed.
The new output is
: OpenSSL appears to lack support for elliptic curve cryptography. For
more information, visit
https://en.bitcoin.it/wiki/OpenSSL_and_EC_Libraries
: Initialization sanity check failed. Bitcoin Core is shutting down.
which occurs immediately after attempted startup.
This also blocks in an InitSanityCheck() function which currently only
checks for EC support but should eventually do more. See #4081.
Made the following links clickable:
http://www.opensource.org/licenses/mit-license.phphttp://www.openssl.org/eay@cryptsoft.com
(Squashed commits into one commit as suggested by @laanwj)
Replaced label with text browser on About Bitcoin Core Screen
So that the links on the About screen can be clickable
Replaced html property with text property
I have now removed unnecessary html so this should make life easier for
translators and you @Diapolo :). What do you think?
The size of the window needs to change
The size of the window needs to change when you make links clickable.
Thanks for pointing that out @laanwj
Using the https://www.openssl.org over the http link
Using the https://www.openssl.org over the http link as suggested by
@Diapolo
Since they are not real opcodes, being reported as OP_UNKNOWN is less confusing for human-readable decoding.
Signed-off-by: Huang Le <4tarhl@gmail.com>
NodeSyncScore() should find the node which we recv data most recently, so put a negative sign to pnode->nLastRecv is indeed wrong.
Also change the return value type to int64_t.
Signed-off-by: Huang Le <4tarhl@gmail.com>
Qt5 Removed the qt_mac_set_dock_menu function and left no replacement. It was
later re-added and deprecated for backwards-compatibility.
Qt5.2 adds the non-deprecated QMenu::setAsDockMenu(). Use that when possible.
f40dbee remove CPubKey::VerifyCompact( ) which is never used (Kamil Domanski)
28b6c1d remove GetMedianTime( ) which is never used (Kamil Domanski)
5bd4adc remove LookupHostNumeric( ) which is never used (Kamil Domanski)
595f691 remove LogException( ) which is never used (Kamil Domanski)
f4057cb remove CTransaction::IsNewerThan which is never used (Kamil Domanski)
0e31e56 remove CWallet::AddReserveKey which is never used (Kamil Domanski)
Log the name of the error as well as the error code if a network problem
happens. This makes network troubleshooting more convenient.
Use thread-safe strerror_r and the WIN32 equivalent FormatMessage.
8c93bf4 LoadBlockIndexDB(): Require block db reindex if any blk*.dat files are missing. (Ashley Holman)
7a0e84d ProcessGetData(): abort if a block file is missing from disk (Ashley Holman)
First query in the current way (intelligently determining which network
has a non-localhost interface). If this does not succeed, try plain
lookup.
Needed for testing.
Fixes#1827 by always allowing IPv6 to be used.
Add -rpcbind command option to specify binding RPC service on one
or multiple specific interfaces.
Functionality if -rpcbind is not specified remains the same as before:
- If no -rpcallowip specified, bind on localhost
- If no -rpcbind specified, bind on any interface
Implements part of #3111.
Pull updated translations from Transifex.
Add mn (Mongolian) language.
Do not update English translation for now as we want to keep
compatibility with 0.9.
cef4494 rpc: keep track of acceptors, and cancel them in StopRPCThreads (Wladimir J. van der Laan)
381b25d doc: remove mention of `-rpctimeout` from man page (Wladimir J. van der Laan)
1a44522 rpc: Make sure conn object is always cleaned up (Wladimir J. van der Laan)
0a0cd34 rpc: pass errors from async_accept (Wladimir J. van der Laan)
Fixes#4156.
The problem is that the boost::asio::io_service destructor
waits for the acceptors to finish (on windows, and boost 1.55).
Fix this by keeping track of the acceptors and cancelling them before
stopping the event loops.
Make sure conn object always gets cleaned up by using a
`boost::shared_ptr`.
This makes valgrind happy - before this commit, one connection object
always leaked at shutdown, as well as can avoid other leaks, when
for example an exception happens.
Also add an explicit Close() to the !ClientAllowed path to make it similar
to the normal path (I'm not sure whether it is needed, but it
can't hurt).
According to the [boost::asio documentation](http://www.boost.org/doc/libs/1_55_0/doc/html/boost_asio/reference/basic_socket_acceptor/async_accept/overload2.html),
the function signature of the handler must be:
void handler(
const boost::system::error_code& error // Result of operation.
);
We were binding *all* the arguments, instead of all but the error,
resulting in nullary function that never got the error. Fix this
by adding an input argument substitution.
21bf3d2 Add tests for BoostAsioToCNetAddr (Wladimir J. van der Laan)
fdbd707 Remove unused function WildcardMatch (Wladimir J. van der Laan)
ee21912 rpc: Use netmasks instead of wildcards for IP address matching (Wladimir J. van der Laan)
e16be73 net: Add CSubNet class for subnet matching (Wladimir J. van der Laan)
d864275 Use new function parseint32 in SplitHostPort (Wladimir J. van der Laan)
0d4ea1c util: add parseint32 function with strict error reporting (Wladimir J. van der Laan)
397668e Deduplicate uint* comparison operator logic (Pieter Wuille)
df9eb5e Move {Get,Set}Compact from bignum to uint256 (Pieter Wuille)
a703150 Add multiplication and division to uint160/uint256 (Pieter Wuille)
4d480c8 Exception instead of assigning 0 in case of wrong vector length (Pieter Wuille)
eb2cbd7 Deduplicate shared code between uint160 and uint256 (Pieter Wuille)
`-rpcallowip` currently has a wacky wildcard-based format. After this
commit it will accept the more standard format, for example:
- Ranges with netmask 127.0.0.0/255.255.255.0, ::/0
- Ranges with cidr 12.3.4.5/24, 12:34:56:78:9a:bc:de:00/112
- Loose IPs ::1, 127.0.0.1
Trying to use the old *?-based format will result in an error message at
launch.
None of the current integer parsing functions in util
check whether the result is valid and fits in the range
of the type. This is required for less sloppy error reporting.
787ee0c Check redeemScript size does not exceed 520 byte limit (Peter Todd)
4d79098 Increase IsStandard() scriptSig length (Peter Todd)
f80cffa Do not trigger a DoS ban if SCRIPT_VERIFY_NULLDUMMY fails (Peter Todd)
6380180 Add rejection of non-null CHECKMULTISIG dummy values (Peter Todd)
29c1749 Let tx (in)valid tests use any SCRIPT_VERIFY flag (Peter Todd)
68f7d1d Create (MANDATORY|STANDARD)_SCRIPT_VERIFY_FLAGS constants (Peter Todd)
Help text appears to have been copy/pasted from getrawtransaction,
so it erroneously asked for a txid where rawtransaction hex should appear.
Remove lines which were copy/pasted from getrawtransaction but which
aren't displayed by decoderawtransaction.
Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
Rebased-From: 5cc0133 80c521e
Github-Pull: #4106
redeemScripts >520bytes can't be spent due to the
MAX_SCRIPT_ELEMENT_SIZE limit; previously the addmultisigaddress and
createmultisig RPC calls would let you violate that limit unknowingly.
Also made the wallet code itself check the redeemScript prior to adding
it to the wallet, which in the (rare) instance that a user has added an
invalid oversized redeemScript to their wallet causes an error on
startup. The affected key isn't added to the wallet; other keys are
unaffected.
Removes the limits on number of pubkeys for P2SH CHECKMULTISIG outputs.
Previously with the 500 byte scriptSig limit there were odd restrictions
where even a 1-of-12 P2SH could be spent in a standard transaction(1),
yet multisig scriptPubKey's requiring more signatures quickly ran out of
scriptSig space.
From a "stuff-data-in-the-blockchain" point of view not much has changed
as with the prior commit now only allowing the dummy value to be null
the newly allowed scriptSig space can only be used for signatures. In
any case, just using more outputs is trivial and doesn't cost much.
1) See 779b519480d8c5346de6e635119c7ee772e97ec872240c45e558f582a37b4b73
Mined by BTC Guild.
This is a source of transaction mutability as the dummy value was
previously not checked and could be modified to something other than the
usual OP_0 value.
- replaces checks in SendCoinsDialog::handlePaymentRequest() that belong
to PaymentServer (normal URIs are special cased, as only an isValid
check is done on BTC addresses)
- prevents the client to handle payment requests that do not match the
clients network and shows an error instead (mainly a problem with
drag&drop payment requests onto the client window)
- includes some small comment changes also
Size specifiers are no longer needed now that we use typesafe tinyformat
for string formatting, instead of the system's sprintf.
No functional changes.
This continues the work in #3735.
- fixes error from debug.log:
QMetaObject::connectSlotsByName: No matching signal for
on_recentRequestsView_selectionChanged(QItemSelection,QItemSelection)
- small style fixes (e.g. alphabetical ordering if includes etc.)
- fixes#3992
Generally useless information. Only updates on connect time, not after
that. Peers can easily lie and the median filter is not effective in
preventing that.
In the past it was used for progress display in the GUI but
`CheckPoints::guessVerificationProgress` provides a better way that is now used.
It was too easy to mislead it. Peers do lie about it in practice, see issue #4065.
From the RPC, `getpeerinfo` gives the peer raw values, which are more
useful.
Adds two new info query commands that take over information from
hodge-podge `getinfo`.
Also some new information is added:
- `getblockchaininfo`
- `chain`: (string) current chain (main, testnet3, regtest)
- `verificationprogress: (numeric) estimated verification progress
- `chainwork`
- `getnetworkinfo`
- `localaddresses`: (array) local addresses, from mapLocalHost (fixes#1734)
3a54ad9 Full translation update (Wladimir J. van der Laan)
9dd5d79 devtools: add a script to fetch and postprocess translations (Wladimir J. van der Laan)
58c01a3 qt: add transifex configuration file (Wladimir J. van der Laan)
The year is 2014. All supported operating systems have IPv6 support,
most certainly at build time (this doesn't mean that IPv6 is configured,
of course).
If noone is exercising the functionality to disable it, that means it
doesn't get tested, and IMO it's better to get rid of it.
(it's also not used consistently in RPC/boost and Net code...)
Last update (48be9ce) missed quite a lot, for some reason.
This is also the first update done with the new script
`contrib/devtools/update-translations.py`
Prints the actual version of BerkeleyDB that is linked against, if
wallet support is enabled.
Useful for troubleshooting.
For example:
2014-05-01 07:44:02 Using BerkeleyDB version Berkeley DB 4.8.30: (April 9, 2010)
2014-05-01 07:54:25 Using BerkeleyDB version Berkeley DB 5.1.29: (October 25, 20 11)
b39a07d Add missing AssertLockHeld in ConnectBlock (Wladimir J. van der Laan)
41106a5 qt: get required locks upfront in polling functions (Wladimir J. van der Laan)
ed67100 Add required locks in tests (Wladimir J. van der Laan)
55a1db4 Solve chainActive-related locking issues (Wladimir J. van der Laan)
e07c943 Add AssertLockHeld for cs_main to ChainActive-using functions (Wladimir J. van der Laan)
Because this class replaces some usages of CBigNum, tests have been added to
verify that they function the same way. The only difference in their usage is
the handling of out-of-range numbers.
While operands are constrained to [-0x7FFFFFFF,0x7FFFFFFF], the results may
overflow. The overflowing result is technically unbounded, but in practice
it can be no bigger than the result of an operation on two operands. This
implementation limits them to the size of an int64.
CBigNum was unaware of this constraint, so it allowed for unbounded results,
which were then checked before use. CScriptNum asserts if an arithmetic
operation will overflow an int64_t, since scripts are not able to reach those
numbers anyway. Additionally, CScriptNum will throw an exception when
constructed from a vector containing more than 4 bytes This mimics the previous
CastToBigNum behavior.
- In wallet and GUI code LOCK cs_main as well as cs_wallet when
necessary
- In main.cpp SendMessages move the TRY_LOCK(cs_main) up, to encompass the call
to IsInitialBlockDownload.
- Make ActivateBestChain, AddToBlockIndex, IsInitialBlockDownload,
InitBlockIndex acquire the cs_main lock
Fixes#3997
All functions that use ChainActive but do not aquire the cs_main
lock themselves, need to be called with the cs_main lock held.
This commit adds assertions to all externally callable functions
that use chainActive or chainMostWork.
This will flag usages when built with -DDEBUG_LOCKORDER.
Drawback: The version string is no longer a valid git identifier.
For this reason the 'g' short hash prefix has been removed.
Exception: When building directly from a tag this behaves exactly like the previous behavior.
This allows formatting release versions with precision i.e. v0.9.2
This also allows arbitrary topicbranch names i.e. v0.9.1-glibc-compat
- prevents unsafe shutdowns on Windows, which is known to be
able to cause problems with wallet.dat
- if a users ends a Windows session, this will initiate a client shutdown
and show a Windows dialog, that tells the user what is going on (for
Windows Vista and higher it will even show a reason for blocking the
Windows session end)
glibc/libstdc++ have added new symbols in later releases. When running a new
binary against an older glibc, the run-time linker is unable to resolve the
new symbols and the binary refuses to run.
This can be fixed by adding our own versions of those functions, so that the
build-time linker does not emit undefined symbols for them.
This enables our binary releases to work on older Linux distros, while not
incurring the downsides of a fully static binary.
When we are over our outbound limit ThreadSocketHandler would try to
keep the connection if the peer was addnoded.
This didn't actually work for two reasons: It didn't actually run
the accept code due to mistaken code flow, and because we have a
limited number of outbound semaphores it couldn't actually use the
connection.
Instead it leaked the socket, which might have caused issue #4034.
This patch just takes out the non-functioning white-listing for now.
deleted the empty no throw test in rpc_wallet_tests line 65
fixed some comments
starting verify tests
finished verify message tests
changed some comments
65adc3a qt: Don't require db_cxx.h when wallet disabled (Wladimir J. van der Laan)
4babd08 doc: Add note about memory reqs for compilation (Wladimir J. van der Laan)
25333a2 build: improve missing boost error reporting (Wladimir J. van der Laan)
Use sensible categories (overall control, P2P, blockchain/UTXO and
mining, wallet, wallet-enabled mining) and sort within each.
Also remove unnecessary #ifdef ENABLE_WALLET from `rpcnet.cpp`.
Functionality-neutral change.
PrintBlockTree output was broken starting from e010af70.
Everything appears on one line.
PrintWallet() added the newline after a block, but this functionality
was removed and no newline was added.
Seemingly, no one noticed. Add a newline after the block information
to fix this.
- introduce DEFAULT_SCRIPTCHECK_THREADS in main.h
- only show values from -"MAX_HW_THREADS" up to 16 for -par, as it
makes no sense to try to leave more "cores free" than the system
supports anyway
- use the new constant in optionsdialog and remove defaults from
.ui file
Building the tests was giving some vague error message about a doubly-defined
symbol.
The solution is to define ShutdownRequested in test_bitcoin.cpp as well
so that init.cpp does not get pulled in.
Taught bitcoind to close the HTTP connection after it gets a 'stop' command,
to make it easier for the regression tests to cleanly stop.
Move bitcoinrpc files to correct location.
Tidied up the python-based regression tests.
This commit removes completely the src/.gitignore file, given that the
precedent for ignoring artifacts within the `src` directory is to
add entries for them to the root .gitignore file.
Note also that the lone entry in src/.gitignore is stale anyway. As of
the switch to Autotools in 35b8af9, the build no longer build creates
artifacts in `src/test_bitcoin`. They are now written to
`src/test/test_bitcoin`, and this latter path is already ignored in the
root .gitignore file.
Re-submitting this pull request with a single commit.
This patch introduces a GUIUtil class that is used when setting up the 2 tables we have so far on the Qt-GUI.
In the past you could only resize the last column, which has BTC amounts from the right border of the column header, something that was rather unnatural.
If a new table were ever to be added to the interface, fixing the last columns resizing behavior is rather simple. Just look at how we initialize here a TableViewLastColumnResizingFixer object when setting up the table header's behavior, and then how we override the resize event of the component (can be the table, or the dialog) and we invoke columnResizingFixer->stretchColumnWidth(columnIndex);
Autotools defaults to a depth-first recursion which causes the qt tests
to be built before the executables and libraries.
This is inconvenient as make needs to be called twice to make sure the
tests are up to date after changing a source file.
Update the Makefile.am to change this order.
- Add license headers to source files (years based on commit dates)
in `src/test` as well as `qa`
- Add `README.md` to `src/test/data` specifying MIT license
Fixes#3848
Currently only the name of the option is shown for GUI options
overridden by command line (or configuration file). This commit
adds the value of the options as well, which is useful for
troubleshooting.
This shows the minimum relay fee for non-free transactions in btc/kb.
The armory developers requested this so that they can prevent users from
creating transactions that not even their local bitcoind will relay.
This also slightly reorders the getinfo output so that the fee related
lines are grouped and changes the help text to reflect that the units
are btc/kb.
Changes for the datadir chooser have made it impossible to specify
the network (testnet/regtest) in the configuration file for the GUI.
Reorganize the initialization sequence to make this possible again.
- Moves the "datadir" QSetting so that is no longer dependent on the
network-specific application name (doing otherwise would create a
chicken-and-egg problem).
- Re-initialize translations after choosing network. There may be a
different language configured in network-specific settings
(slim chance, but handle it for sanity).
Fixes point 1 of #3840.
a81cd968 introduced a malleability breaker for signatures
(using an even value for S). In e0e14e43 this was changed to
the lower of two potential values, rather than the even one.
Only the signing code was changed though, the (for now unused)
verification code wasn't adapted.
This resolves a case in which a mismatch could be used to bloat up the
mempool by sending transactions that pay enough fee to relay, but not
to be mined, with the default policies.
Last Transifex pull (064a690) introduced a few control characters
into the Korean translation, which sometimes causes the build to fail.
Manually remove these characters for now to get the build working --
they should still be removed at Transifex too.
Now that AddToWallet is called when loading transactions from the
wallet database, BindWallet can be integrated into that and does not
need to be an extra step.
Leaves behaviour unchanged, but makes the
fFromLoadWallet/!fFromLoadWallet paths in AddToWallet a bit more
symmetric.
After the Qt5 switch, status icons were being cut off by 1-2px.
Also fixes some other cases where the UI is slightly off mentioned in #3800.
Fixes#3800.
When bitcoind can't bind, bitcoin server (or Bitcoin Core Daemon) is probably already running. Add the missing word "server". Bitcoin itself is definitely running ;-)
Add _(...) so the string can be localized.
I apologize for such trivial changes, learning github interface.
These days we regard transactions with one confirmation to be
'Confirmed'.
Waiting for 6 confirmations is a recommendation but should not
keep the transaction shown as unconfirmed.
Misc code sanity:
- Merge maturity/status enums, they had become completely disjunct
- 'confirmed' flag is now called 'countsForBalance' for clarity
By default tinyformat errors such as 'wrong number of conversion
specifiers in format string' cause an assertion failure.
Raise an exception instead so that error handling can recover or can
show an appropriate error.
Just a pet peeve.
(PrintException has exactly the same body as PrintExceptionContinue but
does a re-throw at the end. Move these re-throws to the call
site, this aids understanding what is going on as well as eliminates a
bit of code duplication in util.cpp)
This was a bad idea. This can't be solved with macros as any
other library that includes inttypes.h will get in the way.
The parent commit has removed all usages from the source, this commit
removes the definition.
Amend to d5f1e72. It turns out that BerkelyDB was including inttypes.h
indirectly, so we cannot fix this with just macros.
Trivial commit: apply the following script to all .cpp and .h files:
# Middle
sed -i 's/"PRIx64"/x/g' "$1"
sed -i 's/"PRIu64"/u/g' "$1"
sed -i 's/"PRId64"/d/g' "$1"
# Initial
sed -i 's/PRIx64"/"x/g' "$1"
sed -i 's/PRIu64"/"u/g' "$1"
sed -i 's/PRId64"/"d/g' "$1"
# Trailing
sed -i 's/"PRIx64/x"/g' "$1"
sed -i 's/"PRIu64/u"/g' "$1"
sed -i 's/"PRId64/d"/g' "$1"
After this commit, `git grep` for PRI.64 should turn up nothing except
the defines in util.h.
As the tinyformat-based formatting system (introduced in b77dfdc) is
type-safe, no special format characters are needed to specify sizes.
Tinyformat can support (ignore) the C99 prefixes such as "ll" but
chokes on MSVC's inttypes.h defines prefixes such as "I64X". So don't
include inttypes.h and define our own for compatibility.
(an alternative would be to sweep the entire codebase using sed -i to
get rid of the size specifiers but this has less diff impact)
We were losing information about sent/received by overriding the
category in case of a conflicted transaction.
Hence, remove the "conflicted" category.
Conflicted status of a transaction can still be determined by looking
for confirmations<0.
Compiling with -DDEBUG_LOCKORDER and running the qa/rpc-test/ regression
tests uncovered a couple of wallet methods that should (but didn't)
acquire the cs_wallet mutext.
I also changed the AssertLockHeld() routine print to stderr and
abort, instead of printing to debug.log and then assert()'ing.
It is annoying to look in debug.log to find out which
AssertLockHeld is failing.
- DecodeDumpTime was passing a statically allocated facet object to
std::locale. However, "The constructed locale object takes over
responsibility for deleting this facet object." causing a free()
crash on scope exit. Fixes#3670.
- EncodeDumpTime was using the wrong format character for dates
(appears accidentally introduced in 51ed9ec9)
5770254 Copyright header updates s/2013/2014 on files whose last git commit was done in 2014. contrib/devtools/fix-copyright-headers.py script to be able to perform this maintenance task with ease during the rest of the year, every year. Modifications to contrib/devtools/README.md to document what fix-copyright-headers.py does. (gubatron)
Adds a "walletconflicts" array to transaction info; if
a wallet transaction is mutated, the alternate transaction id
or ids are reported there (usually the array will be empty).
Metadata from the original transaction is copied to the mutant,
so the transaction time and "from" account of the mutant are
reported correctly.
- Exclamation mark icon for conflicted transactions
- Show mouseover status for conflicted transactions as "conflicted"
- Don't show inactive transactions on overview page overview
Extend CMerkleTx::GetDepthInMainChain with the concept of
a "conflicted" transaction-- a transaction generated by the wallet
that is not in the main chain or in the mempool, and, therefore,
will likely never be confirmed.
GetDepthInMainChain() now returns -1 for conflicted transactions
(0 for unconfirmed-but-in-the-mempool, and >1 for confirmed).
This makes getbalance, getbalance '*', and listunspent all agree when there are
mutated transactions in the wallet.
Before:
listunspent: one 49BTC output
getbalance: 96 BTC (change counted twice)
getbalance '*': 46 BTC (spends counted twice)
After: all agree, 49 BTC available to spend.
This allows getting raw transaction data from the wallet even if the
transaction is no longer in the blockchain / mempool (for example if it
got orphaned due to malleability abuse).
This commit strengthens 1bbca249b2 by updating the CWalletTx::IsConfirmed() function.
If (bSpendZeroConfChange==false), then IsConfirmed() should actually treat unconfirmed change as being unconfirmed.
contrib/devtools/fix-copyright-headers.py script to be able to perform this maintenance task with ease during the rest of the year, every year. Modifications to contrib/devtools/README.md to document what fix-copyright-headers.py does.
- Log a warning when bootstrap files are specified using `-loadblock`
but cannot be opened.
- Log a warning when bootstrap.dat exists in the home directory
but cannot be opened.
Keep track of which block is being requested (and to be requested) from
each peer, and limit the number of blocks in-flight per peer. In addition,
detect stalled downloads, and disconnect if they persist for too long.
This means blocks are never requested twice, and should eliminate duplicate
downloads during synchronization.
In case the total number of orphan blocks in memory exceeds a limit
(currently set to 750), a random orphan block (which is not
depended on by another orphan block) is dropped. This means it will
need to be downloaded again, but it won't consume memory until then.
c117d9e Support for error messages and a few more rejection reasons (Luke Dashjr)
14e7ffc Use standard BIP 22 rejection reasons where applicable (Luke Dashjr)
Just for completeness. Only a few messages changed or moved since last time.
Don't change any translatable messages until 0.9 final unless really necessary.
The getaddednodeinfo RPC call, when invoked with the dns flag set to
false, returns a malformed JSON object with duplicate keys.
Change this to return an array of objects with one key as
shown in the help message.
Fixes#3581.
- remove btc address length from address validator
- add an optional btc address check in validated line edit that defaults
to off and is used in GUIUtil::setupAddressWidget()
- an isAcceptable() check is added to validated line edit on focus out
which only kicks in, when a validator is used with that widget
- remove an isAcceptable() check from sendcoinsentry.cpp
- remove obsolete attributes from ui files, which are set by calling
GUIUtil::setupAddressWidget()
- move some more things to GUIUtil::setupAddressWidget() and remove them
from normal code e.g. placeholder text
This changes the block processing logic from "try to atomically switch
to a new block" to a continuous "(dis)connect a block, aiming for the
assumed best chain".
This means the smallest atomic operations on the chainstate become
individual block connections or disconnections, instead of entire
reorganizations. It may mean that we try to reorganize to one block,
fail, and rereorganize again to the old block. This is slower, but
doesn't require unbounded RAM.
It also means that a ConnectBlock which fails may be no longer called
from the ProcessBlock which knows which node sent it. To deal with that,
a mapBlockSource is kept, and invalid blocks cause asynchronous "reject"
messages and banning (if necessary).
Previously CreateNewBlock() didn't take into account the fact that
IsFinalTx() without any arguments tests if the transaction is considered
final in the *current* block, when both those functions really needed to
know if the transaction would be final in the *next* block.
Additionally the UI had a similar misunderstanding.
Also adds some basic tests to check that CreateNewBlock() is in fact
mining nLockTime-using transactions correctly.
Thanks to Wladimir J. van der Laan for rebase.
Unit tests would fail if compiled with -DDEBUG_LOCKORDER (AssertLockHeld()
would fail; AssertLockHeld() relies on the DEBUG_LOCKORDER code to keep
track of locks held).
Fixed by LOCK'ing the wallet mutex in the unit tests that manipulate the
wallet.
After the tinyformat switch sprintf() family functions support passing
actual std::string objects.
Remove unnecessary c_str calls (236 of them) in logging and formatting.
fe14e8d build: Change package name to Bitcoin Core (Wladimir J. van der Laan)
6c980c7 build: Package docs/ and don't package source. (Wladimir J. van der Laan)
39db27c build: Add bitcoin-cli.exe to installer (Wladimir J. van der Laan)
2f87b38 Adapt Windows installer for 64 bit (Wladimir J. van der Laan)
f622232 gitian: Windows 64 bit support (Wladimir J. van der Laan)
- rebuilt some ui file layout to remove unreal values from the files
- remove an unneeded attribute from an ui file
- add / remove some spaces in files
4d90102 [Qt] Add sorting feature to the requested payments table (Cozz Lovan)
8476d5d [Qt] Permanently store requested payments in wallet (Cozz Lovan)
b10e147 wallet: add interface for storing generic data on destinations (Wladimir J. van der Laan)
2041365 Bugfix: Use BOOST_CPPFLAGS when testing for boost sleep vs sleep_for (Luke Dashjr)
e18e100 configure: Minor grammatical changes to be more clear (Luke Dashjr)
a9dbcf0 configure: Change --with[out]-qt to --with[out]-gui and add --with[out]-cli and --with[out]-daemon to support more build configurations (Luke Dashjr)
f472990 Bugfix: Correct captitalisation of Qt (Luke Dashjr)
f930341 configure: Internal changes to make building bitcoind and bitcoin-cli optional (Luke Dashjr)
4a290b5 Cleanup LevelDB library dependencies (Luke Dashjr)
9b4e03b Bugfix: Undefine _FORTIFY_SOURCE before redefining it, to avoid warnings on compilers that define it by default (Luke Dashjr)
123e4f8 Bugfix: configure: Allow user-provided CXXFLAGS to override default optimisation, debug, and warning flags (Luke Dashjr)
From a cursory glance, it looks like block 279,000 meets the criteria for
a checkpoint block, and it's also what the bootstrap.dat torrent is at. This closes#3530.
- adds a nice and well formated dialog, which displays our -? help message
(all options/paramaters)
- moves aboutdialog.cpp/h to the new utilitydialog
- move GUI shutdown window to utilitydialog
Currently it is only possible to use `walletpassphrase` to unlock the
wallet when bitcoin is started in server mode.
Almost everything that manipulates the wallet in the RPC console
needs the wallet to be unlocked and is thus unusable without -server.
This is pretty unintuitive to me, and I'm sure it's even more confusing
to users.
Solve this with a very minimal change: by making the GUI start a
dummy RPC thread just to handle timeouts.
- as a proxy set via GUI can be overridden via -proxy, directly query the
core to get active proxy
- give a warning, if active proxy is not SOCKS5 (needs to be SOCKS5 for
the Qt networking code to work)
- also remove an obsolete connect() call from optionsdialog.cpp and a
reference to Bitcoin-Qt (now just GUI)
Use a series of .png frames for the spinner instead of a .mng.
`mng` is an obscure image format and is not built by default into Qt5.
This appears to improve the crispness of the spinner as well.
Does not noticably increase the size (still ~27k) and the code
is not more complicated either.
Fix regression introduced in ec41342.
Also use a less ugly solution, by defining the value of
`MOC_DEFS` in the configure script instead of `Makefile.include`.
There is not much in the GUI to be done without wallet,
though it's possible to change options, watch the sync process,
and use the debug console.
So embed the debug console in the main window.
Stop the shutdown timer from exiting the main loop
when shutdown is already in progress.
Fixes seeming hanging window after typing 'stop' in debug console.
Also hide the debug console during shutdown as it is useless without
a core to connect to.
Remove the need for global references `guiref` and
`splashref` by making the BitcoinGUI and SplashScreen
classes register for the UI interface signals themselves.
Move AppInit2 and Shutdown to a thread.
This allows a more responsive splash screen, prevents 'process does not respond'
messages from the window system and will allow for showing a user friendly
window while shutting down.
Since we're now properly linking against static plugins for qt binaries,
we need to ensure that they're Imported properly.
Without these Imports, the linker drops some of the unused linked libs, causing
undefined symbols in QtCore.
At least Debian/Ubuntu use 'qtchooser' for switching between qt4/qt5 binaries.
It is a wrapper for all qt tools, and calls the named tool of the default
version unless overridden by the -qt= option or QT_SELECT environment variable.
QT_SELECT is set by configure once the qt version has been chosen.
Take for example, moc.
$ which moc
/usr/bin/moc
$ ls -go /usr/bin/moc
lrwxrwxrwx 1 9 Jul 3 21:33 /usr/bin/moc -> qtchooser
$ qtchooser -print-env
QT_SELECT="default"
QTTOOLDIR="/usr/lib/x86_64-linux-gnu/qt4/bin"
QTLIBDIR="/usr/lib/x86_64-linux-gnu"
$ QT_SELECT=qt5 qtchooser -print-env
QT_SELECT="qt5"
QTTOOLDIR="/usr/lib/x86_64-linux-gnu/qt5/bin"
QTLIBDIR="/usr/lib/x86_64-linux-gnu"
$ moc -v
Qt Meta Object Compiler version 63 (Qt 4.8.4)
$ QT_SELECT=qt5 moc -v
Qt Meta Object Compiler version 67 (Qt 5.0.1)
This should be harmless elsewhere.
- remove unused and unmentioned file notsynced.png (we use an animation
for this)
- add missing coincontroldialog.ui to bitcoin-qt.pro
- also unify formating in assets-attribution.md
Update current translations, and add new languages:
- es_MX: Spanish (Mexico)
- pam: Kapampangan
Also update translation process for autoconf-based build system.
- add new options for database cache and script verification threads
- add label which displays options that are overridden by command-line
parameters
- proxy settings are not applied on-the-fly anymore and require a client
restart (ApplyProxySettings() was removed and was not working very well
anyway)
- re-work options reset and require a client shutdown (as it is much
easier to do it this way without having to mess with what can be changed
on-the-fly and what needs a restart anyway)
- options reset now writes default values for every single option
- when changing an option which requires a client restart display a 10
second warning message in statusLabel (via a QTimer)
- when applying the changes via ok change that to a persistent message,
which is displayed even after closing optionsdialog and re-open it, when
no client restart was made
- remove dialog boxes used when changing language or proxy settings
- add setRestartRequired() and isRestartRequired() to OptionsModel and
use the set function when updating options to signal OptionsDialog
when a restart is needed
- resize optionsdialog a little and add some min sizes for certain GUI
elements
- remove apply button from optionsdialog
- save and restore optionsdialog window position
- update nTransactionFee in QSettings with a set -paytxfee value when
opening optionsdialog (I'm not sure about this yet, perhaps revert to
not updating QSettings and just display current -paytxfee value in
optionsdialog.)
012ca1c LoadWallet: acquire cs_wallet mutex before clearing setKeyPool (Wladimir J. van der Laan)
9569168 Document cs_wallet lock and add AssertLockHeld (Wladimir J. van der Laan)
19a5676 Use mutex pointer instead of name for AssertLockHeld (Wladimir J. van der Laan)
Fixes at least #3478.
Splits and documents the phases:
1. Parse command-line options. These take precedence over anything else.
2. Basic Qt initialization (not dependent on parameters or configuration)
3. Application identification
4. Initialization of translations
5. Now that settings and translations are available, ask user for data directory
6. Determine availability of data directory and parse bitcoin.conf
7. URI IPC sending
8. Main GUI initialization
Splits command line parsing logic from ipcSendCommandLine into
ipcParseCommandLine, as isTestNet() can only be overridden in the early
stages before choosing a data directory. Sending however needs to happen
after choosing a data directory.
Pressing <tab> after entering a label now brings the focus to the
address entry, instead of the row of buttons. In my experience this
is more useful, as I usually want to paste an address after
entering the label.
The buttons are mostly useless anyway:
- Choosing a previously used address should be discouraged
- When I'm already using the keyboard the 'paste address' button is
useless - just use the Ctrl-V. Maybe it would be an idea to remove it
completely
- I usually don't want to remove the entry I'm typing now! So makes
sense to have it at the end of the tab chain.
Unit tests for uint256.h. The file uint160_tests.cpp is no longer
needed. The ad-hoc tests which were in uint256.h are also no longer
needed. The new tests achieve 100% coverage.
The function Get64(.) has a bug in case the width is not divisible by 64.
Since it is only ever used as Get64(0) this simply changes it to this
special case. Additionally, an assert is added, and a cast to prevent
a compiler error.
Allow running bitcoind without server.
- Default to -server mode (of course) for bitcoind with SoftSetBoolArg
- Remove fForceServer argument from AppInit2
- Move fDaemon to a static variable in bitcoind
- re-work change address handling so that default is CNoDestination(),
until a verified and known change address was entered (easier code flow)
- add a missing NULL pointer check for adresstablemodel
- add a missing text when opening coin control address selection for
priority and ensure the label is black
- add a missing . at the end of a sentence
c3a7f51 Move `verifymessage` from rpcwallet to rpcmisc (Wladimir J. van der Laan)
723a03d Move `createmultisig` from rpcwallet to rpcmisc (Wladimir J. van der Laan)
452955f Move `validateaddress` from rpcwallet to rpcmisc (Wladimir J. van der Laan)
cd7fa8b Move `nTransactionFee` from main.cpp to wallet.cpp (Wladimir J. van der Laan)
a943bde Move `settxfee` from rpcblockchain to rpcwallet (Wladimir J. van der Laan)
16bc9aa Move `getinfo` from rpcnet to rpcmisc (Wladimir J. van der Laan)
652e156 add new RPC implementation file `rpcmisc.cpp` (Wladimir J. van der Laan)
4a61c39 qt: status WalletModel::Aborted is no longer used (Wladimir J. van der Laan)
ca2c83d Remove unused ThreadSafeAskFee from ui_interface (Wladimir J. van der Laan)
37e67d3 Remove unused ThreadSafeHandleURI from ui_interface (Wladimir J. van der Laan)
When a InitError or InitWarning happens, the
GUI pops up but is unusable (until Init finishes).
This is caused by showNormalIfMinimized. Add a message
flag to skip this call for Init errors or warnings.
The current transaction loading code is not exception safe.
An exception during deserialization causes an empty transaction
to be left behind in the wallet.
Fix this by building the transaction separately and adding
it only to the wallet at the end.
Fixes#3333.
Seperate out the wallet options in HelpMessage, and
don't show them if compiled with --disable-wallet.
Also add documentation for `-disablewallet` option.
0205abd Improve unit test code not to compare with explanatory messages for each platform. Instead, use have an exception object to check if the string returned by what() on the raised exception matches the string returned by what() on the expected exception instance. This way, we do not need to list all different possible explanatory strings for different platforms in the test code, and make it simple. (The idea is by Cory Fields.) (Kangmo)
Instead, use have an exception object to check if the string returned by what() on the raised exception matches the string returned by what() on the expected exception instance.
This way, we do not need to list all different possible explanatory strings for different platforms in the test code, and make it simple. (The idea is by Cory Fields.)
Before the fix, there were 6 errors such as :
serialize_tests.cpp:77: error in "noncanonical": incorrect exception std::ios_base::failure is caught
It turns out that ex.what() returns following string instead of "non-canonical ReadCompactSize()"
"non-canonical ReadCompactSize(): unspecified iostream_category error"
After the fix, unit test passed.
The test ran using Apple LLVM v5.0 on OSX 10.9 and the unit test error happened because of different error messages by different compilers.
g++ --version on my development environment.
```
Configured with: --prefix=/Applications/Xcode.app/Contents/Developer/usr --with-gxx-include-dir=/usr/include/c++/4.2.1
Apple LLVM version 5.0 (clang-500.2.79) (based on LLVM 3.3svn)
Target: x86_64-apple-darwin13.0.0
Thread model: posix
```
`-logtodebugger` is a strange, obscure, WIN32-only (mostly MSVC) thing.
Let's clean up the options a bit get rid of it.
test_bitcoin was using fLogToDebugger as a way to prevent logging to
debug.log. For this, add a boolean (not exposed as option) fLogToDebugLog that
defaults to true and is disabled in the tests.
ThreadSafeAskFee is effectively unused. It is only called
when the fAskFee parameter on SendMoney or SendMoneyToDestination
is true, which never happens. Remove it.
`getinfo` is a general info method which shows information
from multiple sources, it doesn't belong in rpcnet.cpp or
any of the other current RPC implementation files.
Only messages for now, executable names and other file names
can be changed later if necessary and safe.
Do not do an all-sweeping change. Some occurences of Bitcoin-Qt need to
be kept:
- Applicationname: this is used to determine the registry entry names,
we don't want to lose settings over a silly name change.
- Where it refers to the executable name instead of the product name.
Running -printtodebugger -debug (or -debug=lock),
compiled with -DDEBUG_LOCKORDER would infinite loop
on Windows because every critical section lock/unlock
triggers a LogPrint.
Solution is to use the raw boost mutex instead of a CCriticalSection.
- replaces a pwalletMain->IsLocked() check
- in keypoolrefill init kpSize to 0 as we have the logic to determine max
kpSize in pwalletMain->TopUpKeyPool() anyway
- cleanup Info.plist.in and specify high DPI mode enable command as per
http://blog.qt.digia.com/blog/2013/04/25/retina-display-support-for-mac-os-ios-and-x11/
- move setting of QApplication::setAttribute() to bitcoin.cpp and add
attribute for enabling use of high DPI pixmaps for Qt >= 5.1
- add missing setWindowTitle() on Mac
- cleanup Mac / non-Mac setup in bitcoingui.cpp
Use a fixed script instead of a CReserveKey from the wallet.
This does not affect the functionality or result of the tests as they never
check the state of the wallet in the first place.
The following mining-related RPC calls don't use the wallet:
- getnetworkhashps
- getmininginfo
- getblocktemplate
- submitblock
Enable them when compiling with --disable-wallet.
26d1b65 src/Makefile.am: Simplify clean of leveldb (Josh Triplett)
a26a367 configure.ac: Check for miniupnpc headers, not just -lminiupnpc (Josh Triplett)
82ccb05 autogen.sh: Stop passing --verbose to autoreconf (Josh Triplett)
e12dafd autogen.sh: Use long options to autoreconf, for self-documentation (Josh Triplett)
19b9add autogen.sh: Support running from outside the source directory (Josh Triplett)
97d285a autogen.sh: Use set -e to fail if any command fails (Josh Triplett)
f80b723 autogen.sh: Add a /bin/sh shebang. (Josh Triplett)
5094f8d Split off rpc_wallet_tests (Wladimir J. van der Laan)
829c920 Move CCryptoKeyStore to crypter.cpp (Wladimir J. van der Laan)
ae6ea5a Update build-unix.md to mention --disable-wallet (Wladimir J. van der Laan)
4f9e993 Add --disable-wallet option to build system (Wladimir J. van der Laan)
d004d72 Move CAddrDB frrom db to net (Wladimir J. van der Laan)
48ba56c Delimit code with #ifdef ENABLE_WALLET (Wladimir J. van der Laan)
991685d Move getinfo to rpcnet.cpp (Wladimir J. van der Laan)
bbb0936 Move HelpExample* from rpcwallet to rpcserver (Wladimir J. van der Laan)
Commit be066fad accidentally removed the hex field.
This gets in the way of doing offline signing.
(credit belongs to sipa for actually looking for the
cause instead of being lazy like me and just shrugging
and writing the scriptpubkey from the asm.)
- make eventFilter() private and pass events on to QObject::eventFilter()
instead of just returning false
- re-work paymentservertest.cpp to correctly handle the event test
after the above change (rewrite test_main to allow usage of
QCoreApplication:: in the tests)
- delete socket when we were unable to connect in ipcSendCommandLine()
- show a message to the user if we fail to start-up (instead of just a
debug.log entry)
- misc small comment changes
Versions of bitcoin before 0.8.6 have a bug that inserted
empty transactions into the vtxPrev in the wallet, which will cause the node to be
banned when retransmitted, hence add a check for !tx.vin.empty()
before RelayTransaction.
CWalletTx::AddSupportingTransactions() was adding empty transaction
to vtxPrev in some cases. Skip over these.
Part one of the solution to #3190. This prevents invalid vtxPrev from
entering the wallet, but not current ones being transmitted.
This was a leftover from the times in which
peers.dat depended in BDB.
Other functions in db.cpp still depend on BerkelyDB,
to be able to compile without BDB this (small)
functionality needs to be moved to another file.
Where to place `getinfo` is a difficult issue
as it shows information from the wallet, net and
block chain. However, I moved it out of rpcwallet
as the command needs also to be available without
wallet.
Use deleteLater() instead of delete, as it is not allowed
to delete widgets directly in an event handler.
Should solve the MacOSX random crashes on send with coincontrol.
Remove unnecessary dependencies for bitcoin-cli
(leveldb, berkelydb, wallet, RPC server)
Build system changes:
- split libbitcoin.a into libbitcoin_common.a, libbitcoin_server.a and
libbitcoin_cli.a
Code changes (movement only):
- split up HelpMessage into HelpMessage in init.cpp and HelpMessageCli
in rpcclient.cpp
- move uiInterface from init.cpp to util.cpp
There were quite a few places where assert() was used with side effects,
making operation with NDEBUG non-functional. This commit fixes all the
cases I know about, but also adds an #error on NDEBUG because the code
is untested without assertions and may still have vulnerabilities if
used without assert.
- remove style sheets from ui files and use Qt attributes instead
- make some more strings untranslatable, to make life for translators
easier
- split up long tooltips an rework the texts a little
- remove monospace labels from sendcoinsdialog also
- use a validated line edit for the change address
- add a tooltip to change address switch
- ensure we have a valid change address in
CoinControlDialog::coinControl->destChange or just CNoDestination()
- some small ui file changes
bae6c7e Fix a rare crash on Mac OS X, by removing a setFocus on the payTo field that was not necessary, as the field still receives focus without it. (Ryan Niebur)
This dead code can be resurrected from git history if
transaction replacement is ever implemented. Keeping
dead code in the source is a bad idea, because it implies
it was tested and worked at some point, which is not true.
The SelectParamsFromCommandLine call was missing in bitcoin-cli,
which caused `-testnet` and `-regtest` to be ignored. Add this
call just like in bitcoind.cpp.
Split bitcoinrpc up into
- rpcserver: bitcoind RPC server
- rpcclient: bitcoin-cli RPC client
- rpcprotocol: shared common HTTP/JSON-RPC protocol code
One step towards making bitcoin-cli independent from the rest
of the code, and thus a smaller executable that doesn't have to
be linked against leveldb.
This commit only does code movement, there are no functional changes.
The last fee drop was by 5x (from 50k satoshis to 10k satoshis)
in the 0.8.2 release which was about 6 months ago.
The current fee is (assuming a $500 exchange rate) about 5 dollar
cents. The new fee after this patch is 0.5 cents.
Miners who prefer the higher fees are obviously still able to
use the command line flags to override this setting. Miners who
choose to create smaller blocks will select the highest-fee paying
transactions anyway.
This would hopefully be the last manual adjustment ever required
before floating fees become normal.
After discussing with BlueMatt, this appears to be harmless in its
current state since it's always set before it's used. Initialize it
anyway for readability and future safety.
- this adds a delete button for insecure and secure payment requests in
the sendcoins dialog
- it also enables the delete button even for single and empty entries, as
this is much easier to handle and doesn't need to special case single
entries
- big parts of the ui file were changed, because I copied the delete
button and had to delete the layout too and created it from scratch
(which seems to cleanup the rows and colums in the layout also, which is
nice IMHO)
I'm writing some wallet regression tests using -regtest mode, and
need to generate an initial multi-hundred-block chain. Repeatedly
calling setgenerate to generate one block is slow and doesn't
work properly, because block creation happens asynchronously.
This adds two features to setgenerate in -regtest mode:
1) Instead of being interpreted as number of threads to start, the
third argument is the number of blocks to generate.
2) setgenerate will not return until the block creation threads
have created the requested number of blocks.
Keep a list of requested payments in the Receive tab so that a user can
recall previously created requests after closing their windows.
Currently this list is not stored between bitcoin-qt sessions. This can
be implemented later, but it is not clear where it should be stored as
I don't think it belongs in the wallet (maybe in QSettings?)
- Fixed cut-and-paste error.
- See http://savannah.gnu.org/patch/?7576 for further details.
- Use 'ls -r' rather than non-portable tool 'tac'.
- Simplify filepattern in ls expression so dylib (on OSX) are also detected.
- add missing license headers
- make compatible with Qt5
- enforce header cleanup style
- small code style cleanups
- rename Coin Control dialog into Coin Control Address Selection
- use default font for the windows labels (no monospace)
Make users accustomed to the other subdivision units (mBTC, muBTC)
by showing the total amount in all units in the confirmation dialog.
This was recently raised on the mailing list and could be a preparation
for switching over the default unit eventually.
I was merging change this every time before generation of
the doxygen developer docs (https://dev.visucore.com/bitcoin/doxygen/)
but there's no reason why it can't just be merged upstream.
- remove default value for parent variable in dialogs, which should appear
centered over main GUI and pass appropriate value
- add some addition NULL pointer checks
Adds three new languages:
- de_AT: German (Austria)
- gl: Galician
- sl_SI: Slovenian (Slovenia)
Updates many others.
Thanks to the translators contributing on Transifex!
Based on the proposal, update the help message of rpc methods
- strings arguments are in double quotes rather than square brackets
- numeric arguments have no quotes (and no default value)
- optional parameters are surrounded by round brackets
- json arguments are strings but don't use double quotes
Added 3 sections for the details
- Arguments: lists each argument, it's type, required or not, a default, and a description
- Result: The method result, with json format if applicable, type, and a description
- Examples: examples calls using bitcoin-cli and curl for json rpc call
Problems
- maybe this is too verbose
- lines might be too long
- description are not good or complete
- examples may be too much
- remove explicit init of netManager as this is done in the constructor
anyway
- move initNetManager() call to uiReady(), which removes an assert() and
allows us to use message() in initNetManager() (currently unused but
could be necessary because of proxy related messages)
- make initNetManager() private
- update paymentservertests.cpp
I regenerated the alert test data; now alerts are tested
against a protocol version way above the current protocol
version.
So we won't have to regenerate them every time we bump
PROTOCOL_VERSION in the future.
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
- rework window title to not include Bitcoin - in front, as no other
dialog does this
- favor a connect() call over an own function for clearing the traffic
graph
- write monospace lowercase (seems to be correct after some web search)
and add a comment that we should avoid / remove fixed font sizes
395d0d5 rework an ugly hack in processPaymentRequest() (Philip Kaufmann)
952d2cd make processPaymentRequest() use a single SendCoinsRecipient (Philip Kaufmann)
983cef4 payment-request UI: use SendCoinsRecipient.message for memo (Philip Kaufmann)
c6c97e0 [Qt] Rework of payment request UI (mainly for insecure pr) (Philip Kaufmann)
caca6aa Make some globals in main non-public. (Pieter Wuille)
85eb2ce Do not use the redundant BestInvalidWork record in the block database. (Pieter Wuille)
0056095 Show short scriptPubKeys correctly (Peter Todd)
22de68d Relay OP_RETURN TxOut as standard transaction type (Peter Todd)
Signed-off-by: Gavin Andresen <gavinandresen@gmail.com>
As block index entries have a flag for marking invalid blocks, the
'best invalid work' information can be derived from there. In addition,
remove the global from main.h
- this shows insecure (unsecured) payment requests in a new yellowish
colored UI (based on the secure payment request UI) instead of our
normal payment UI
- allows us to receive paymentACK messages for insecure payment requests
- allows us to handle expirations for insecure payment request
- changed walletmodel, so that all types of payment requests don't touch
the addressbook
- add new processSendCoinsReturn() function, which parses the
status of WalletModel::SendCoinsReturn and generates a pair consisting
of a message and message flags
- result is we only need one emit message() call
- this change ensures that the GUI is shown for warnings/errors in
sendcoinsdialog, because of message() taking care of that for modal
messages
- changes 2 warning message into error messages and removed "Error:"
in front of the actual error message string
- re-work -debug help message text
- make -debug log every debugging information again (even all categories)
- remove unneeded fDebug checks in front of LogPrint()/qDebug(), as that
check is done in LogPrintf() when category is != NULL (true for all
LogPrint() calls
- remove fDebug ONLY in code which is NOT performance-critical
- harmonize addrman category name
- deprecate -debugnet usage, should be used via -debug=net and remove the
corresponding global
Changed CDataStream::GetAndClear() to use the most obvious
get get and clear instead of a tricky swap().
Added a unit test for CDataStream insert/erase/GetAndClear.
Note: GetAndClear() is not performance critical, it is used only
by the send-a-message-to-the-network code. Bug was not noticed
before now because the send-a-message code never erased from the
stream.
Instead of explicitly testing for the presence of any output, and
dealing with this case specially, just interpret it as an empty
CCoins.
The case previously caught using the HaveCoins check, is now handled
by the generic outs != outsBlock test.
class template base_uint had its own private lookup table.
This is saving 256 bytes per instantiation.
The result is not spectacular as bitcoin-qt has only shrinked of
about 1Kb but it is still valid improvement.
Also, I have replaced a for loop with a memset() call.
Made CBigNum::SetHex() use the new HexDigit() function.
Signed-off-by: Olivier Langlois <olivier@olivierlanglois.net>
Use proper signals everywhere.
Removes the need to store a pointer to the BitcoinGUI object in
the walletview.
Also removes the interdependence between setWalletModel / setBitcoinGUI.
- remove 2 unneeded windowTitle attributes, which bloat our translations
- cleanup some unneeded .cpp/.h includes and class usages
- use a more generic string for clearing sendcoinsdialog and
requestpaymentdialog
- edit 2 strings in BitcoinGUI and replace "edit" with "show" as this
seems more clear in the context where it is used
This seems to cause problems on recent clang, and looks totally
redundant and unused.
The const_iterator version is identical to the vector::const_iterator
one (which is a typedef thereof). Marking it private (instead of
removing) compiles fine, so this version is effectively unused even.
This required some code movement (what was CWalletTx::AcceptToMemoryPool
doing in main?), and adding a few explicit includes that used to be
implicit through init.h.
INIT_PROTO_VERSION is the initial version, after a succesful version/verack it is increased to a negotiated version.
MIN_PEER_PROTO_VERSION could be a different value to disconnect from peers older than a specified version.
Changes the response to the 'mempool' command so that if
the memory pool has more than MAX_INV_SZ transactions (50,000)
it will respond with multiple 'inv' messages.
They're supposed to be children of the walletview, and are added with
addWidget later on.
Inconsequential change because the object passed was already 0.
- changes some strings that were forgotton or made no sense in the conext
they are used
- remove an orphan file from the qt project file
- revert a small change in signverifymessagedialog.ui
- guard #include "bitcoin-config.h" with #if defined(HAVE_CONFIG_H)
- remove windowTitle from addressbookpage.ui
- this allows us to use emit message() over MessageBox:: or gui->message()
calls in sendcoinsdialog and walletview
- move main handlePaymentRequest() functionality back to BitcoinGUI
- move a showNormalIfMinimized() before gotoSendCoinsPage()
- We no longer have an address book, but "address lists", update message
accordingly
- Add tooltips here and there
- Clarify text on buttons
- add Copy Address button to receive request dialog
- add new slot handlePaymentACK() to paymentserver, which handles
paymentACK messages (currently we just display them)
- make paymentACK message a modal information dialog
- change some QObject::tr() to just tr()
- clarify the processPaymentRequest() error, when IsDust()
- small string change to prevent a tripple + usage with QString
Previously bitcoin-qt's -debug transaction info was showing CTxOut([error])
It is valid for a scriptPubKey to be any size, for example simply
OP_RETURN is valid and can be used to destroy a TXOUT to mining fees.
- fix crash with walletpassphrase by checking if RPC server is running and
give a friendly error message how to fix this (fixes#3100)
- add 3 new RPCErrorCodes RPC_SERVER_NOT_STARTED, RPC_NODE_ALREADY_ADDED
and RCP_NODE_NOT_ADDED (I checked the source to not use a number already
in use for RPC_SERVER_NOT_STARTED)
- use the new codes where needed / missing
- add missing use of RPC_INVALID_PARAMETER
Just-in-case sanity test for JSON spirit and AmountFromValue.
Also update rpc_format_monetary_values test to use ValueFromAmount,
so that ValueFromAmount is also tested.
Simplifies the dialog (makes it look less crowded) as well
as the code and makes it possible to copy multiple fields at once.
Also format bitcoin URI as URI, add copy button for URI.
Also update URI parsing to fill in this field.
Note that the message is not currently used in any way with the client.
It should be stored with the transaction.
These no longer make sense in the new workflow. It's less
clicks to reach sign/verify message from the menu. And sending
from the address book is one kind of automatic address reuse
we're trying to avoid.
The existing CNode::addrLocal member is revealed to the user,
as an address string, similar to the existing "addr" field.
Instead of showing garbage or empty string,
it simply will not appear in the output if local address not known yet.
This adds an executable `bitcoin-rpc` that only serves as a Bitcoin RPC
client.
The commit does not remove RPC functionality from the `bitcoind` yet,
this functionality should be deprecated but is left for a later version
to give users some time to switch.
This ensures the allocator is ready no matter when it's needed (as
some STL implementations allocate in constructors -- i.e., MSVC's STL
in debug builds).
Using boost::call_once to guarantee thread-safe static initialization.
Adding some comments describing why the change was made.
Addressing deinitialization of the LockedPageManager object
by initializing it in a local static initializer and adding
an assert in the base's destructor.
Selecting the button for a pages was going through bitcoingui->walletframe->walletview->bitcoingui.
Because of this, the actions for the pages had to be exposed on the BitcoinGUI object.
- rename reportError() into message() to be in line with our default
message() signal/slot naming (and can be used for all types of messages)
- rename some QStrings to not collide with message() function
- add a missing message for malformed URIs that IS also used in BitcoinGUI
- fix / extend some comments and misc style fixes
There were too many levels of indirection here, and the functionality of
walletframe and walletstack can easily be merged. This commit
merges the two which cuts a lot of lines of boilerplate code.
- this extends the accepted ciphersuites with TLSv1.2 ones
- also removes !AH, as I could not find documentation on it and the change
did not result in a changed ciphersuite list (checked via openssl
ciphers -v)
- closes#3096 (which also contains more details)
SendMessages() tries to acquire a cs_main lock now, but this isn't nessecary
for much of its functionality. Move those parts out of the locked section,
so they can always be performed, and we hold cs_main for a shorter time.
This removes a few unused CBlockLocator methods, and moves the
construction and fork-finding logic to CChain (which can do these
more efficiently, as it has a height-indexable chain available).
It also makes CBlockLocator independent from the validation code.
971bb3e Added ping time measurement. New RPC "ping" command to request ping. Implemented "pong" message handler. New "pingtime" field in getpeerinfo, to provide results to user. New "pingwait" field, to show pings still in flight, to better see newly lagging peers. (Josh Lehan)
- I observed a massive amount of redefinition warnings after #3071, which
are silenced by this patch
- uses the same style as we do in other places, where we define _WIN32_WINNT
- make processPaymentRequest() use our own HTML-escaping function from
GUIUtil
- make string "application/bitcoin-payment" a constant (below similar
constant strings in the .cpp file)
- clear(): clear all UI elements (for secure and insecure payments)
- setValue(): only modify UI elements, which need to be set (for secure
or insecure payments)
Create an allocators.cpp, and move all of the #ifdef WIN32
code and the #include of windows.h into it.
Two motives for this cleanup:
1. I'm getting a weird error in windows.h in my smartfee branch.
2. allocators.h is included (indirectly) just about everywhere, so
this should speed up Windows compiles quite a lot.
- fixes#3037 by adding missing join_all() call and brings bitcoind
shutdown code in line with Bitcoin-Qt shutdown code
- added a comment for the if (!fRet) case
- when closing the client with an open debug window, that window could
become stuck/unsuable (it was still shown wherea the main window was
hidden already)
- fix this by hiding the debug window, when quitting the the client
Changes the maximum size of a free transaction that will be created
from 10,000 bytes to 1,000 bytes.
The idea behind this change is to make the free transaction area
available to a greater number of people; with the default 27K-per-block,
just three very-large very-high-priority transactions could fill the space.
Remove the (relay/mempool) rule that all outputs of free transactions
must be greater than 0.01 XBT. Dust spam is now taken care of by making
dusty outputs non-standard.
New RPC "ping" command to request ping.
Implemented "pong" message handler.
New "pingtime" field in getpeerinfo, to provide results to user.
New "pingwait" field, to show pings still in flight, to better see newly lagging peers.
- remove some unneeded translatable strings from sendcoinsentry.ui file and
rename some elements for better readability
- optimize string prorcessing in SendCoinsDialog::on_sendButton_clicked()
- make all UI labels for secure payments plain text and move the settings
to sendcoinsentry.ui file
- remove unneeded button and default button definiton from warning message
boxes
- remove fixed font-size when sending coins to an address with label and
use monospace font for addresses
- make BitcoinGUI::showPaymentACK() use a reference for msg and use our
own GUIUtil::HtmlEscape() function
- ensure QTimer usage in clientmodel is the same as in walletmodel
- remove an unneeded debug message in walletframe
- flag some parameters as unused in DebugMessageHandler()
- small code formatting changes
Instead of building a full copy of a CTransaction being signed, and
then modifying bits and pieces until its fits the form necessary
for computing the signature hash, use a wrapper serializer that
only serializes the necessary bits on-the-fly.
This makes it easier to see which data is actually being hash,
reduces load on the heap, and also marginally improves performances
(around 3-4us/sigcheck here). The performance improvements are much
larger for large transactions, though.
The old implementation of SignatureHash is moved to a unit tests,
to test whether the old and new algorithm result in the same value
for randomly-constructed transactions.
If BDB_CPPFLAGS returns only "-I", the next argument sent to the preprocessor
is treated as a path. There are 2 fixes here:
1. Check in CPPFLAGS, as a user might have manually passed a path to check.
2. Ensure the value is not empty before setting BDB_CPPFLAGS to "-I value"
This changes the priority calculation to not include the size of per-txin
data including up to 110 bytes of scriptsig so that transactions which
sweep up extra UTXO don't lose priority relative to ones that don't.
I'd toyed with some other variations, but it seems like any formulation
which results in an incentive stronger than making them not count will
sometimes create incentives to add extra outputs so that you have
extra inputs to consume later. The maximum credit is limited so that
users don't lose the disincentive to stuff random data in their
transactions, the limit of 110 is based on the size of a P2SH
redemption with a compressed public key.
This shouldn't need a staged deployment because the priority is not
used as a relay criteria, only a mining criteria.
This change moves test data into the binaries rather than reading them from
the disk at runtime.
Advantages:
- Tests become distributable
- Cross-compile friendly. Build on one machine and execute in an arbitrary
location on another.
- Easier testing for backports. Users can verify that tests pass without having
to track down corresponding test data.
- More trustworthy test results and easier quality assurance as tests make
fewer assumptions about their environment.
- Tests could theoretically run at client/daemon startup and exit on failure.
Disadvantages:
- Required 'hexdump' build-dependency. This is a standard bsd tool that should
be usable everywhere. It is likely already installed on all build-machines.
- Tests can no longer be fudged after build by altering test-data.
libleveldb.a and libmemenv.a should be able to build in parallel, but in
practice calling the leveldb makefile ends up rewriting build_config.mk. If
one target tries to build while the other is halfway through writing the
.mk, the make ends up in an undefined state.
Fix that by making one depend on the other. This also reorders the variables
to be passed by param rather than via the environment, and combines the targets
into a single rule to avoid needless duplication.
As we'd previously learned, OSX's fsync is a data eating lie.
Since 0.8.4 we're still getting some reports of disk corruption on
OSX but now all of it looks like the block files have gotten out of
sync with the database. It turns out that we were still using fsync()
on the block files, so this isn't surprising.
- ensure message boxes are shown in center of our main window, not
centered on the users desktop
- always prefer user supplied titles for message boxes over the functions
defaults (fixes a bug, where transaction info messages did not contain
information, if it was incoming or outgoing)
- rename URL into URI in paymentserver where correct
- add some missing Qt-coding-stuff in paymentserver
- change QSpinBox to QLineEdit as base for BitcoinAmountField in .ui files
(as this is the result when converting the BAF back into base)
- remove some c_str() and replace with QString::fromStdString()
- remove several new-lines
- remove unneeded spaces
- indentation fixes
This also makes negative transaction versions non-standard.
This avoids an issue triggered in block 256818 where transactions with
negative version numbers were incorrectly serialized into the UTXO set.
On restart nodes detect the inconsistency and refuse to start so long as
a block with these transactions is inside the self-consistency check
window, logging "coin database inconsistencies found". The software
recommends reindexing, but reindexing does not correct the problem.
This should be fixed by changing the chainstate serialization, but
working around it seems harmless for now because the version is not
used by any network rule currently.
A patch free workaround is to start with -checklevel=2 which skips
the consistency checks, but the IsStandard change is important for
miners in order to protect unpatched nodes.
I've seen users confused multiple times thinking they
should be using -tor to set their tor proxy and then
finding in horror that they were still connecting to
the IPv4 internet.
Even Jeff guesses wrong about what the knob does, so
I think we should rename it. This leaves the old
knob working, we can pull it out completely in a
later release.
- prepend "Bitcoin-Qt" in front of debug.log entries, which come from Qt
- move DebugMessageHandler installation upwards to the event handler
installation, which fits much better
Correctly use the purpose of addresses that are added after the start
of the client. Addresses with purpose "refund" and "change" should not
be visible in the GUI. This is now handled correctly.
- extend PaymentServer with setOptionsModel() and rework initNetManager()
to make use of that
- fix all other places in the code to use display unit from options and no
hard-coded unit
There have been several incidents where mainnet experimentation with
raw transactions resulted in insane fees. This is hard to prevent
in the raw transaction api because the inputs may not be known.
Since sending doesn't work if the inputs aren't known, we can catch
it there.
This rejects fees > than 10000 * nMinRelayTxFee or 1 BTC with the
defaults and can be overridden with a bool at the rpc.
We're not seeing large reorgs that would justify waiting a large
amount past the rule required maturity, and the extra three
hours is just a nuisance. Take one more block to at least give
the 100th block time to propagate.
Seems it was forgotten about when IsPushOnly() and the unittests were
written. A particular oddity is that OP_RESERVED doesn't count towards
the >201 opcode limit unlike every other named opcode.
getblocktemplate only uses certain portions of the coinbase transaction,
notably ignoring the coinbase TX output entirely.
Use CreateNewBlock() rather than CreateNewBlockWithKey(), eliminating
the needless key passing.
Should be zero behavior changes.
With an encrypted wallet the GUI was prompting for a passphrase every time
the user requested a new address. This is unnecessary, increases the
exposure to keyboard sniffers, and discourages using fresh addresses for
every transaction.
Instead only prompt for a passphrase when the keypool runs out, also call
the new address function with the flag that prevents reuse.
Thanks to AlexNagy on IRC for pointing this out and who wouldn't take any
lip from a curmudgeonly developer and insisted on what he knew to be true.
WalletView:
- add new signal showNormalIfMinimized()
- emit the new signal in handleURI() to fix a bug, preventing the main
window to show up when using bitcoin: URIs
WalletStack:
- connect the showNormalIfMinimized() signal from WalletView with the
showNormalIfMinimized() slot in BitcoinGUI
- rework setCurrentWallet() to return a bool
- add check for valid walletModel in addWallet()
- add missing gui attribute initialisation in constructor
WalletFrame:
- remove unused or unneded class attributes gui and clientModel
- add a check for valid clientModel in setClientModel()
General:
- small code formatting changes
Add support for a Payment Protocol to Bitcoin-Qt.
Payment messages are protocol-buffer encoded and communicated over
http(s), so this adds a dependency on the Google protocol buffer
library, and requires Qt with OpenSSL support.
- move SelectParamsFromCommandLine() from init.cpp to bitcoin.cpp to allow
to use TestNet() for Bitcoin-Qt instead of GetBoolArg("-testnet", false)
- change order in bitcoind.cpp to match bitcoin.cpp functionality
- hamonize error message strings for missing datadir and failing
SelectParamsFromCommandLine() in bitcoin.cpp and bitcoind.cpp
- use TestNet() call in splashscreen.cpp
Straight refactor, so mapAddressBook stores a CAddressBookData
(which just contains a std::string) instead of a std::string.
Preparation for payment protocol work, which will add the notion
of refund addresses to the address book.
Replaces the validation check for "amount == 0" with an isDust check,
so very small output amounts are caught before the wallet
is unlocked, a transaction is created, etc.
- update translation master files
- include current translations from Transifex
- add several new languages
- fix a bug in bitcoin.qrc, which prevents some languages from beeing used
(wrong file extension .ts instead of .qm was used)
This reduces a peer's ability to attack network resources by
using a full bloom filter, but without reducing the usability
of bloom filters. It sets a default match everything filter
for peers and it generalizes a prior optimization to
cover more cases.
To fix a minor malleability found by Sergio Lerner (reported here:
https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898)
The problem is that if (R,S) is a valid ECDSA signature for a given
message and public key, (R,-S) is also valid. Modulo N (the order
of the secp256k1 curve), this means that both (R,S) and (R,N-S) are
valid. Given that N is odd, S and N-S have a different lowest bit.
We solve the problem by forcing signatures to have an even S value,
excluding one of the alternatives.
This commit just changes the signing code to always produce even S
values, and adds a verification mode to check it. This code is not
enabled anywhere yet. Existing tests in key_tests.cpp verify that
the produced signatures are still valid.
The length of vectors, maps, sets, etc are serialized using
Write/ReadCompactSize -- which, unfortunately, do not use a
unique encoding.
So deserializing and then re-serializing a transaction (for example)
can give you different bits than you started with. That doesn't
cause any problems that we are aware of, but it is exactly the type
of subtle mismatch that can lead to exploits.
With this pull, reading a non-canonical CompactSize throws an
exception, which means nodes will ignore 'tx' or 'block' or
other messages that are not properly encoded.
Please check my logic... but this change is safe with respect to
causing a network split. Old clients that receive
non-canonically-encoded transactions or blocks deserialize
them into CTransaction/CBlock structures in memory, and then
re-serialize them before relaying them to peers.
And please check my logic with respect to causing a blockchain
split: there are no CompactSize fields in the block header, so
the block hash is always canonical. The merkle root in the block
header is computed on a vector<CTransaction>, so
any non-canonical encoding of the transactions in 'tx' or 'block'
messages is erased as they are read into memory by old clients,
and does not affect the block hash. And, as noted above, old
clients re-serialize (with canonical encoding) 'tx' and 'block'
messages before relaying to peers.
Fixes issue#2838; this is a tweaked version of pull#2845 that
should not leak the length of the password and is more generic,
in case we run into other situations where we need
timing-attack-resistant comparisons.
Orphan transactions were stored as a CDataStream pointer;
this changes the mapOrphanTransactions data structures to
store orphans as a CTransaction.
This also fixes CVE-2013-4627 by always re-serializing
transactions before relaying them.
- move the code for saving and restoring window positions from BitcoinGUI
to GUIUtil, make it more generic and also use it for saving/restoring
debug window positions
- it was possible to trigger an infinite loop in FreespaceChecker::check() by
simply removing the drive letter on Windows (which leads to an infinite
loop in the FreespaceChecker thread)
- this was caused by not checking if we make progress with
parentDir.parent_path()
- remove an unneded include for mswsock.h as we use winsock2.h anyway
- move typedef u_int SOCKET; into the #ifndef WIN32 part
- remove typedef int socklen_t; as this is defined in ws2tcpip.h
- fixes src\net.cpp:1601: Error:invalid conversion from 'void*' to
'const char*' [-fpermissive] in a setsockopt() call on Win32 that was
found by using MinGW 4.8.1 compiler suite
The key refactor changed the way unencrypted private keys with compressed
public key are stored in the wallet. Apparently older versions relied on
this to verify the correctness of stored keys.
Note that earlier pre-release versions do risk creating wallets that can
not be opened by 0.8.3 and earlier.
use std::string instead of psz for WalletFile
only allow wallets within $DATADIR
Use strWalletFile in salvage/recover
fix: remove unused variable pszWalletFile
move strWalletFile to init.h/init.cpp
avoid conversion of strWalletfile to c-string
dumpwallet: produce a dump of all keys in a wallet, in a format
compatible with Bitcoin Wallet for Android and Multibit.
importwallet: import such a dump
Compute safe lower bounds on the birth times of all wallet keys. For
pool keys or keys with metadata, the actually stored birth time is
used. For all others, the birth times are inferred from the wallet
transactions.
This function finds all keys affected by a particular output script,
supporting everything ExtractDestinations supports (pay-to-pubkey,
pay-to-pubkeyhash, multisig) and recurses into subscripts (P2SH).
In case no database exists yet, and -txindex(=1) is passed, we currently first
check whether fTxIndex differs from -txindex (and ask the user to reindex in
that case), and only afterwards initialize the database. By swapping these
around (the initialization is a no-op in case the database already exists),
we allow it to be born in txindex mode, without warning.
That also means we don't need to check -reindex anymore, as the wiping/reinit
of the databases happens before checking.
Refactor keytime:
* Key metadata is kept in a CWallet::mapKeyMetadata (std::map<CKeyId,CKeyMetadata>).
* When generating a new key, time is put in that map, and new key is written.
* AddKeyPubKey and AddCryptedKey do not take a creation time argument, but instead
pull it from that map, if it exists there.
Bugfix:
* AddKeyPubKey and AddCryptedKey in CWallet didn't override the CKeyStore
definition anymore. This is fixed, as they no longed need the nCreationTime
argument now.
Also a few related other changes:
* Metadata can be overwritten.
* Only GenerateNewKey calls GetTime(), as it's the only place where we know for
sure a key was not constructed earlier.
* When the nTimeFirstKey is known to be inaccurate, it is set to the value 1
(instead of 0, which would mean unknown).
* Use CPubKey instead of std::vector<unsigned char> where possible.
The new class is accessed via the Params() method and holds
most things that vary between main, test and regtest networks.
The regtest mode has two purposes, one is to run the
bitcoind/bitcoinj comparison tool which compares two separate
implementations of the Bitcoin protocol looking for divergence.
The other is that when run, you get a local node which can mine
a single block instantly, which is highly convenient for testing
apps during development as there's no need to wait 10 minutes for
a block on the testnet.
This adds an introduction screen that is shown when the client is first
started in which the user can choose a data directory.
It is also possible to force the intro screen to appear using command
line argument `-choosedatadir`.
The user is warned that the client will download and store 10Gb of data.
The intro screen shows how much space is available on the device that
contains the chosen directory and warns if this is less than the 10Gb.
To make it possible to translate the introduction dialog, the initialization
sequence is changed so that translations are
loaded before the data directory. This has the by-effect that it is
no longer possible to specify a language in bitcoin.conf inside the data
directory.
This (nearly) doesn't change fee rules at all:
* To make it into the fee transaction area, the dPriority comparison
changed from < to <=
* We now just ignore transactions > MAX_BLOCK_SIZE/4 instead of
doing some calculations to require increasingly large fees as
size increases.
Without this include, sometimes BOOST_VERSION was defined and sometimes
it was not, depending on which includes came before it. The result was a
random mix of sleep or sleep_for for boost versions >= 1.50.
- removes our NewThread() function an replaces remaining calls with
boost::thread with our TraceThread template
- remove ExitThread() function
- fix THREAD_PRIORITY_ABOVE_NORMAL for non Windows OSes
- adds a reindex dialog for Bitcoin-Qt to change -txindex without the need
to supply -reindex
- now also does a -reindex, when removing the -txindex switch
Removed AreInputsStandard from CTransaction, made it a regular function in main.
Moved CTransaction::GetOutputFor to CCoinsViewCache.
Moved GetLegacySigOpCount and GetP2SHSigOpCount out of CTransaction into regular functions in main.
Moved GetValueIn and HaveInputs from CTransaction into CCoinsViewCache.
Moved AllowFree, ClientCheckInputs, CheckInputs, UpdateCoins, and CheckTransaction out of CTransaction and into main.
Moved IsStandard and IsFinal out of CTransaction and put them in main as IsStandardTx and IsFinalTx. Moved GetValueOut out of CTransaction into main. Moved CTxIn, CTxOut, and CTransaction into core.
Added minimum fee parameter to CTxOut::IsDust() temporarily until CTransaction is moved to core.h so that CTxOut needn't know about CTransaction.
Added explicit include of main.h in init.cpp, changed include of init.h to include of main.h in net.cpp.
Added function registration for net.cpp in init.cpp's network initialization.
Removed protocol.cpp's dependency on main.h.
TODO: Remove main.h include in net.cpp.
This will allow each to have its own main(), meaning that we can build a common
base client and simply link in the correct startup object to create the
appropriate binary.
- harmonize BitcoinGUI::setClientModel() and RPCConsole::setClientModel()
- now RPCConsole::setClientModel() also includes a direct call to
setNumBlocks()
- this directly sets up all GUI elements that have testnet special-casing
without first setting up main net stuff and changing afterwards (titles,
icons etc.)
- also fixes 2 wrong icons shown during testnet usage on our toolbar
- explicitly set the default of all GetBoolArg() calls
- rework getarg_test.cpp and util_tests.cpp to cover this change
- some indentation fixes
- move macdockiconhandler.h include in bitcoin.cpp to the "our headers"
section
This commit squashes all the changes in the Qt5 branch
relative to master.
Backward compatibility with Qt4 is retained.
Original authors:
- Philip Kaufmann <phil.kaufmann@t-online.de>
- Jonas Schnelli <jonas.schnelli@include7.ch>
This commit decouples the pMiningKey initialization and shutdown from the RPC
threads.
`getwork` and `getblocktemplate` rely on pMiningKey, and can also be ran
from the debug window in the UI even when the RPC server is not running.
Solves issue #2706.
Write bestblock records in wallets:
* Every 20160 blocks synced, no matter what (before: none during IBD)
* Every 144 blocks after IBD (before: for every block, slow)
* When creating a new wallet
* At shutdown
This should result in far fewer spurious rescans.
Remove the pnext pointer in CBlockIndex, and replace it with a
vBlockIndexByHeight vector (no effect on memory usage). pnext can
now be replaced by vBlockIndexByHeight[nHeight+1], but
FindBlockByHeight becomes constant-time.
This also means the entire mapBlockIndex structure and the block
index entries in it become purely blocktree-related data, and
independent from the currently active chain, potentially allowing
them to be protected by separate mutexes in the future.
At startup, check that the expected genesis is loaded. This should prevent
cases where accidentally a datadir from the wrong network is loaded
(testnet vs mainnet, e.g.).
Compiling on my OSX 10.6 build machine, I get:
Undefined symbols:
"boost::chrono::steady_clock::now()", referenced from:
boost::cv_status boost::condition_variable::wait_for<long long, boost::ratio<1ll, 1000000000ll> >(boost::unique_lock<boost::mutex>&, boost::chrono::duration<long long, boost::ratio<1ll, 1000000000ll> > const&)in bitcoinrpc.o
Linking against the boost_chrono fixes the issue.
Windows builds already link against boost_chrono; Linux doesn't, but compiles (on pull-tester / gitian, at least).
A base_uint used to be made of an array of unsigned ints. This works
fine on most platforms, but might not work on certain present or future
platforms. The code breaks if an unsigned int is 16 or 64 bits, so it's
important to be specific. Also changed "u" to "you".
New method in bitcoinrpc: RunLater, that uses a map of deadline
timers to run a function later.
Behavior of walletpassphrase is changed; before, calling
walletpassphrase again before the lock timeout passed
would result in: Error: Wallet is already unlocked.
You would have to call lockwallet before walletpassphrase.
Now: the last walletpassphrase with correct password
wins, and overrides any previous timeout.
Fixes issue# 1961 which was caused by spawning too many threads.
Test plan:
Start with encrypted wallet, password 'foo'
NOTE:
python -c 'import time; print("%d"%time.time())'
... will tell you current unix timestamp.
Try:
walletpassphrase foo 600
getinfo
EXPECT: unlocked_until is about 10 minutes in the future
walletpassphrase foo 1
sleep 2
sendtoaddress mun74Bvba3B1PF2YkrF4NsgcJwHXXh12LF 11
EXPECT: Error: Please enter the wallet passphrase with walletpassphrase first.
walletpassphrase foo 600
walletpassphrase foo 0
getinfo
EXPECT: wallet is locked (unlocked_until is 0)
walletpassphrase foo 10
walletpassphrase foo 600
getinfo
EXPECT: wallet is unlocked until 10 minutes in future
walletpassphrase foo 60
walletpassphrase bar 600
EXPECT: Error, incorrect passphrase
getinfo
EXPECT: wallet still scheduled to lock 60 seconds from first (successful) walletpassphrase
A green testnet splashscreen with a normal, orange dock icon looks strange and can confuse users.
Signed-off-by: Jonas Schnelli <jonas.schnelli@include7.ch>
So we stop getting pull requests (like #2604) fixing problems with disabled Script opcodes.
A hard fork would be required to re-enable these, and if we ever did that we'd require extensive review and testing.
When debugging another issue, I found a hang-during-startup race condition due to
LoadWallet calling SetMinVersion (via LoadCryptedKey).
Writing to the file that you're in the process of reading is a bad idea.
Bitcoin-Qt could core dump if application initialization failed in certain ways.
I double-fixed this:
1) qt/bitcoin.cpp now shuts down core threads cleanly if AppInit2 returns false
2) init.cpp now exits before StartNode() if strErrors is set (no reason to StartNode if we're just going to exit immediately anyway).
Tested by triggering all of the various ways AppInit2 can fail, either by passing bogus command-line arguments or just recompiling tweaked code to simulate failure.
This is a partial fix for #2480
Instead of killing a connection when the receive buffer overflows,
just temporarily halt receiving before that happens. Also, no
matter what, always allow at least one full message in the receive
buffer (otherwise blocks larger than the configured buffer size
would pause indefinitely).
It is possible to have a wallet.dat file without any bestblock
record at all (if created offline, for example), which - when
loaded into a client with a up-to-date chain - does no rescan and
shows no transactions.
Also make sure to write the current best block after a rescan, so
it isn't necessary twice.
* Bugfix: output the correct best block hash (during IBD, it can
differ from the actual current best block)
* Add height to output
* Add hash_serialized, which is a hash of the entire UTXO state.
Can be useful to compare two nodes.
* Add total_amount, the sum of all UTXOs' values.
Previously, JSON-RPC clients accessed URI "/", and the JSON-RPC server
did not care about the URI at all, and would accept any URI as valid.
Change the JSON-RPC server to require URI "/" for all current accesses.
This changes enables the addition of future interfaces at different
URIs, such as pull request #1982 which demonstrates HTTP REST wallet
download.
Or, a future, breaking change in JSON-RPC interface could be introduced
by serving JSON-RPC calls from new URI "/v2/".
This value gets stale really quickly, do not hardcode it into a message.
Completely remove it for now.
Later on, a mechanism will be added to determine fees based on the mempool.
Closes#2576
On black toolbars, the new icon doesn't look very well.
Now the toolbar icon has again a transparent "B" for better style on toolbars.
Does not affect the mac client.
Signed-off-by: Jonas Schnelli <jonas.schnelli@include7.ch>
why:
- the current splash-screen has no referring to official images on - https://en.bitcoin.it/wiki/Promotional_graphics
- the current splash screen only exists in a low res jpg
- current splash screen looks dark and "hackish"
- new splash screen should generate positive, "trust-emotions".
- new splash screen gives the user infos about the running client.
- new splash screen can handle long messages (in a lot of - languages the text is cropped in current release)
- new size (x2) 400x312
- contains textual information about the client
- textinfos are dynamicly written to the pixmap
when -testnet is switch on, the splashscreen will show the bitcoin logo in testnet-color (as well as a text [testnet])
example: https://dl.dropbox.com/u/7383846/new_bitcoin_splash.png
- this solution works stable on mac and ensures that the window get's reopened when the user clicks the dock icon .
- tested on 10.8 with Qt4.8.4 and Qt5.0.1
Signed-off-by: Jonas Schnelli <jonas.schnelli@include7.ch>
Having the export button at the top was confusing people into thinking
the entire wallet was exported.
This commit moves the export button to the address book, receiving
addresses and transaction tabs separately.
Every block index entry currently requires a separately-allocated
CBigNum. By replacing them with uint256, it's just 32 bytes extra
in CBlockIndex itself.
This should save us a few megabytes in RAM, and less allocation
overhead.
- updates ClientModel::getBlockSource() to return all available states and
sorts enum BlockSource in order of usage cases (none default, then reindex,
import and network)
- updates BitcoinGUI::setNumBlocks() to better use getBlockSource() and
also adds a message, when we have NO block source available
- continue the mac behavior of clearing button icons (because it's unusual on mac apps)
- fix: new button variable names, new buttons (verifyMessage, signMessage)
Signed-off-by: Jonas Schnelli <jonas.schnelli@include7.ch>
- redefined the green color
- created new toolbar icons
- updated the assets-attribution.txt
Signed-off-by: Jonas Schnelli <jonas.schnelli@include7.ch>
This introduces the concept of the 'sync node', which is the one we
asked for missing blocks. In case the sync node goes away, a new one
will be selected.
For now, the heuristic is very simple, but it can easily be extended
later to add better policies.
- added languages in bitcoin.qrc: bs, ca, cy, eo, gu_IN, hi_IN, ja, la,
lv_LV and th_TH (some translations files were already in src/qt/locale
but not added in the .qrc file
- new windows .ico contains multiple resolutions up to 256px
- new testnet (green) icon
- new png icon for llinux, etc.
- new doxygen icon
- changed the assets-attribution.txt
Signed-off-by: Jonas Schnelli <jonas.schnelli@include7.ch>
- this allows us to use the progressbar and the label independently (if
needed) and still prevents setStatusTip() to use them, if one of the 2
is active
It seems there were two mechanisms for assessing whether a CNode
was still in use: a refcount and a release timestamp. The latter
seems to have been there for a long time, as a safety mechanism.
However, this timer also keeps CNode objects alive for far longer
than necessary after disconnects, potentially opening up a DoS
window.
This commit removes the timestamp-based mechanism, and replaces
it with an assert(nRefCount >= 0), to verify that the refcounting
is indeed correctly working.
As these were not updated when 'backporting' the 225430 checkpoint
into head.
Additionally, also report verification progress in debug.log, and
tweak the sigcheck-verification-speed-factor a bit.
- use labelExplanation for sending and receiving tab and move the string
from the ui-file to the source
- ensure that the table holding the label and address is resized so that
the address column fits the address and the label column is stretched to
fit the window size
- rename some stuff for much easier readbility in the code (I find it hard
to get the meaning of stuff like labels or buttons)
Two reasons for this change:
1. Need to always use boost::thread's sleep, even on Windows, so the
sleeps can be interrupted (prior code used Windows' built-in Sleep).
2. I always forgot what units the old Sleep took.
Create a boost::thread_group object at the qt/bitcoind main-loop level
that will hold pointers to all the main-loop threads.
This will replace the vnThreadsRunning[] array.
For testing, ported the BitcoinMiner threads to use its
own boost::thread_group.
- adds 6 methods in BitcoinGUI to access some actions needed by the new
WalletView class
- updates WalletView class to use these instead of trying to duplicate
these
- cleanup walletview.{cpp/h} and remove all unneeded stuff
- this fixes problems with tabs toolbar (#2451) and export broken (#2436)
- more details in #2447
- added new created and documented svg version of shaded icon
- changed "B" background to white (no longer transparent)
- removed PSD (Adobe Photoshop) document
- license is now MIT
Signed-off-by: Jonas Schnelli <jonas.schnelli@include7.ch>
- as QClipboard::Selection isn't available on Windows ensure that the
correct mode is called, but sill allow selection for e.g. X11
- start conversion from QCoreApplication::instance() to qApp in
guiutil.cpp (I intend to harmonize this all over the source with my Qt5
compatibility pull)
This will result in re-requesting invs if we are under heavy inv
load, however as long as we get no more than 16,000 invs in two
minutes, this should have no effect on runtime behavior.
- the send coins context menu entry was not working anymore, because
a non current version of #2220 was merged onto current master
- also removes some unneeded spaces and adds a comment to
WalletModel::getNumTransactions()
Tabs don't fits in line in Spanish/German/Russian when they has two words.
Wallet has limited functionality. It can send & receive coins. So we can
safely rename "Send coins" to "Send" and "Receive coins" to "Receive".
Address book is just stored addresses.
There exists a per-message-processed send buffer overflow protection,
where processing is halted when the send buffer is larger than the
allowed maximum.
This protection does not apply to individual items, however, and
getdata has the potential for causing large amounts of data to be
sent. In case several hundreds of blocks are requested in one getdata,
the send buffer can easily grow 50 megabytes above the send buffer
limit.
This commit breaks up the processing of getdata requests, remembering
them inside a CNode when too many are requested at once.
- this should prevent GUI issues on Mac that were observed before (disappearing
GUI - see #1522)
- the patch ensures, that createTrayIconMenu() is always called on Mac to
process and use our MacDockIconHandler
* Change CNode::vRecvMsg to be a deque instead of a vector (less copying)
* Make sure to acquire cs_vRecvMsg in CNode::CloseSocketDisconnect (as it
may be called without that lock).
1) "optimistic write": Push each message to kernel socket buffer immediately.
2) If there is write data at select time, that implies send() blocked
during optimistic write. Drain write queue, before receiving
any more messages.
This avoids needlessly queueing received data, if the remote peer
is not themselves receiving data.
Result: write buffer (and thus memory usage) is kept small, DoS
potential is slightly lower, and TCP flow control signalling is
properly utilized.
The kernel will queue data into the socket buffer, then signal the
remote peer to stop sending data, until we resume reading again.
Replaces CNode::vRecv buffer with a vector of CNetMessage's. This simplifies
ProcessMessages() and eliminates several redundant data copies.
Overview:
* socket thread now parses incoming message datastream into
header/data components, as encapsulated by CNetMessage
* socket thread adds each CNetMessage to a vector inside CNode
* message thread (ProcessMessages) iterates through CNode's CNetMessage vector
Message parsing is made more strict:
* Socket is disconnected, if message larger than MAX_SIZE
or if CMessageHeader deserialization fails (latter is impossible?).
Previously, code would simply eat garbage data all day long.
* Socket is disconnected, if we fail to find pchMessageStart.
We do not search through garbage, to find pchMessageStart. Each
message must begin precisely after the last message ends.
ProcessMessages() always processes a complete message, and is more efficient:
* buffer is always precisely sized, using CDataStream::resize(),
rather than progressively sized in 64k chunks. More efficient
for large messages like "block".
* whole-buffer memory copy eliminated (vRecv -> vMsg)
* other buffer-shifting memory copies eliminated (vRecv.insert, vRecv.erase)
-dbcache was originally used to set the maximum buffer size in the
BDB environment, and was later changed to set the chainstate cache
and leveldb caches. No need to use it for BDB now that only the
wallet remains there.
This should reduce memory allocation (but not necessarily memory
usage) a bit.
Step for buttons 'up' and 'down' - 0.001. With BTC and mBTC all ok, but
0.001 uBTC is lower than minimal value (satoshi)
User should press 10 times on 'up' button to get 0.01 uBTC
- allows to directly select an address from the addressbook, chose "send
coins" from the context menu, which sends you to sendcoins tab and fills
in the selected address
- try to enforce the same style to all Qt related files
- remove unneeded includes from the files
- add missing Q_OBJECT, QT_BEGIN_NAMESPACE / QT_END_NAMESPACE
- prepares for a pull-req to include Qt5 compatibility
- remove an unneeded MODAL flag, as MSG_ERROR sets MODAL
- re-order an if-clause in main to have bool checks before a function call
- fix some log messages that used wrong function names
- make a log message use a correct ellipsis
- remove some unneded spaces, brackets and line-breaks
- fix style for adding files in the Qt project
This fixes test_bitcoin failures on openbsd reported by dhill on IRC.
On some systems rand() is a simple LCG over 2^31 and so it produces
an even-odd sequence. ApproximateBestSubset was only using the least
significant bit and so every run of the iterative solver would be the
same for some inputs, resulting in some pretty dumb decisions.
Using something other than the least significant bit would paper over
the issue but who knows what other way a system's rand() might get us
here. Instead we use an internal RNG with a period of something like
2^60 which is well behaved. This also makes it possible to make the
selection deterministic for the tests, if we wanted to implement that.
Switch to using Qt's QLocalServer/QLocalSocket to handle bitcoin
payment links (bitcoin:... URIs)
Reason for switch: the boost::interprocess mechanism seemed flaky,
and doesn't mesh as well with "The Qt Way"
qtipcserver.cpp/h is replaced by paymentserver.cpp/h
Click-to-pay now also works on OSX, with a custom Info.plist
that registers Bitcoin-Qt as a handler for bitcoin: URLs and
an event listener on the main QApplication that handles
QFileOpenEvents (Qt translates 'url clicked' AppleEvents into
QFileOpenEvents automagically).
Extremely large transactions with lots of inputs can cost the network
almost as much to process as they cost the sender in fees.
We would never create transactions larger than 100K big; this change
makes transactions larger than 100K non-standard, so they are not
relayed/mined by default. This is most important for miners that might
create blocks larger than 250K big, who could be vulnerable to a
make-your-blocks-so-expensive-to-verify-they-get-orphaned attack.
Two changes:
Use IsConfirmed() instead of IsFinal(), so 'getbalance "*" 0' uses the same
'is this output spendable' criteria as 'getbalance'. Fixes issue #172.
And a tiny refactor to CWallet::GetBalance() (redundant call to IsFinal -- IsConfirmed
calls IsFinal).
getbalance with no arguments and 'getbalance "*" 0' could return different different results,
- this change allows us to keep the translation without the need to
re-translate any string, when we update the copyright year
- copyright symbol is changed to HTML to ensure we get no encoding
issues and it's removed from the translation string so translators don't
break it by mistake
Version numbers changed from 0.7.99 to 0.8.0
Set CLIENT_VERSION_IS_RELEASE to remove pre-release warning
Updated copyright in COPYING and doc/READMEs to 2013
Updated doc/release-notes.txt
At least one service that accepted zero-confirmation transactions
was vulnerable because an attacker could send a transaction
with a lock time far in the future, and then have plenty of time in
which to get a double-spend mined (perhaps from a miner who wasn't
on the network when the first transaction was broadcast).
That is a variation on the "Finney attack". We still don't
recommend anybody accept 0-confirmation transactions as final
payment for anything. This change keeps non-final transactions
from appearing in the wallet, and, assuming most of the network
accepts this change, will prevent them from being relayed until
they are final.
* Pass txid's to CCoinsView functions by reference instead of by value
* Add a method to swap CCoins, and use it in some places to avoid a
allocating copy + destruct.
* Optimize CCoinsViewCache::FetchCoins to do only a single search
through the backing map.
- don't show QR Code context menu, when USE_QRCODE=1 was not specified
when compiling the client
- re-work on_showQRCode_clicked() for better readability and remove an
unneeded duplicate check
- re-work on_signMessage_clicked() and on_verifyMessage_clicked() to match
foreach in on_showQRCode_clicked(), which seems more robust / cleaner
- re-order context menu stuff to match real context menu layout
- add comments for all private slots in the class
Several changes to make the native windows leveldb code compile
with mingw32 and run on 32-bit Windows:
* Remove -std=c++0x dependency (modified code to use NULL instead of
nullptr)
* Link with -lshlwapi
* Only #define snprintf/etc if compiling with Visual Studio
* Do not link against DbgHelp.lib (wrote a CreateDir instead of using
DbgHelp's MakeSureDirectoryPathExists
* Define WINVER=0x0500 so MinGW32 can use the 64-bit-filesystem Windows
api calls
* Define __USE_MINGW_ANSI_STDIO=1 to use MinGW's printf (which supports
%ll)
I also cleaned up makefile.mingw, assuming that dependencies would be in
the standard /usr/local/{include,lib} by default but allowing overriding
with make DEPSDIR=... etc
This actually simplifies some SPV code, as they can keep track of
a filtered block and its txn before accepting both in one step.
The previous argument was that SPV nodes should handle the txn the
same as any other free txn and then mark them as connected to a
block when they get the filtered block itself. However, it now
appears that SPV nodes will need to put in more effort to verify
loose txn than they would to verify txn in blocks, thus making it
more approriate to send the txn after the filtered block.
By specifying -txindex when initializing the database, a txid-to-diskpos
index is maintained in the blktree database. This database is used to
help answering getrawtransaction() RPC queries, when enabled.
Changing the -txindex value requires a -reindex; the client will abort
at startup if the database and the specified -txindex mismatch.
- this flag allows bitcoin-qt.exe / bitcoind.exe (32-bit application) to
handle addresses larger than 2GB (up to 3GB on x86 Windows and up to
4GB on x64 Windows)
Note that the default value for fRelayTxes is false, meaning we
now no longer relay tx inv messages before receiving the remote
peer's version message.
Fixes issue #2178 : attacker could penny-flood with invalid-signature
transactions to deduce which addresses belonged to your node.
I'm committing this early for code review; I still need to write up
a test plan.
Executive summary of fix: check all transactions received from the network
for penny-flood rate-limiting before adding to the memory pool. But do NOT
ratelimit transactions added to the memory pool:
- because of blockchain reorgs
- stored in the wallet and added at startup
- sent from the GUI or one of the send* RPC commands (CWallet::CommitTransaction)
The limit-free-transactions code really should be a method on CNode, with
counters per-peer. But that is a bigger change for another day.
- it was bad, that quite some messages were just talking about a database,
I think a user should know, if we are talking about wallet db or
block/coin db
- also adds a new init message for "Verifying block database integrity..."
- this pull adds an InitMessage() function to noui.cpp, which outputs init
messages to debug.log (this allows to remove some printf() calls from
init.cpp)
- change InitMessage() in bitcoin.cpp to also write init messages to
debug.log to ensure nothting is missing in the log because of the
removal of printf() calls in init.cpp
Client (SPV) mode never got implemented entirely, and whatever part was already
working, is likely not been tested (or even executed at all) for the past two
years. This removes it entirely.
If we want an SPV implementation, I think we should first get the block chain
data structures to be encapsulated in a class implementing a standard interface,
and then writing an alternate implementation with SPV semantics.
- add qSort() for cachedAddressTable, as qLowerBound() and qUpperBound()
require the list to be in ascending order (see
http://harmattan-dev.nokia.com/docs/library/html/qt4/qtalgorithms.html#qLowerBound)
- add a new check in AddressTableModel::setData() to just return, when no
changes were made to a label or an address (prevents entry duplication
issue)
- remove "rec->label = value.toString();" from
AddressTableModel::setData() as the label gets updated by
AddressTablePriv::updateEntry() anyway (seems @sipa added this line via
1025440184 (L6R225))
- add another new check in AddressTableModel::setData() to just return, if
a duplicate address was found (prevents address overwrite)
- add a new check to EditAddressDialog::setModel() to prevent setting an
invalid model
- re-work the switch-case statement in AddressTableModel::accept() to
always break (as return get's called anyway) and order the list to match
the enum definition
- make accept() in editaddressdialog.h a public slot, which it should be
- misc small coding style changes
Previously when a transaction was set to lock at a specific block the
calculation was reversed, returning a negative number. This broke the UI
and caused it to display %n in place of the actual number.
In addition the previous calculation would display "Open for 0 blocks"
when the block height was such that the next block created would
finalize the transaction. Inserted the word "more" and changed the
calculation so that the last message would be "Open for 1 more block" to
better match user expectations.
Since block validation happens in parallel, multiple threads may be
accessing the signature cache simultaneously. To prevent contention:
* Turn the signature cache lock into a shared mutex
* Make reading from the cache only acquire a shared lock
* Let block validations not store their results in the cache
* During block verification (when parallelism is requested), script
check actions are stored instead of being executed immediately.
* After every processed transactions, its signature actions are
pushed to a CScriptCheckQueue, which maintains a queue and some
synchronization mechanism.
* Two or more threads (if enabled) start processing elements from
this queue,
* When the block connection code is finished processing transactions,
it joins the worker pool until the queue is empty.
As cs_main is held the entire time, and all verification must be
finished before the block continues processing, this does not reach
the best possible performance. It is a less drastic change than
some more advanced mechanisms (like doing verification out-of-band
entirely, and rolling back blocks when a failure is detected).
The -par=N flag controls the number of threads (1-16). 0 means auto,
and is the default.
- ensure we use strCaption for printf and fprintf, as before it could
happen to have an error message in the debug.log, which had no "Error"
(or whatever) in front
- this prevents an interference with the IPC message queue (which is used
for URI processing) when running a testnet and mainnet instance in
parallel
- to check for testnet, I had to raise the ParseParameters() call in
main() to the topmost position
- a click on "Reset Options" sets all options to the default values by
removing all stored settings (QSettings), loading the defaults and
saving them as the new settings
- before the reset is executed the user is presented a confirmation dialog
- special casing was needed for StartAtStartup
- some users reported it as weird, that the estimated block count could be
lower than our own nodes block number (which is indeed true and not good)
- this pull adds a new default behaviour, which displays our own block
number as estimated block number, if own >= est. block count
- the pull raises space for nodes block counts in cPeerBlockCounts to 8 to
be more accurate
- also removes a reduntant setNumBlocks() call in RPCConsole and moves
initialisation of numBlocksAtStartup in ClientModel, where it belongs
-checklevel gets a new meaning:
0: verify blocks can be read from disk (like before)
1: verify (contextless) block validity (like before)
2: verify undo files can be read and have good checksums
3: verify coin database is consistent with the last few blocks
(close to level 6 before)
4: verify all validity rules of the last few blocks
Level 3 is the new default, as it's reasonably fast. As level 3 and
4 are implemented using an in-memory rollback of the database, they
are limited to as many blocks as possible without exceeding the
limits set by -dbcache. The default of -dbcache=25 allows for some
150-200 blocks to be rolled back.
In case an error is found, the application quits with a message
instructing the user to restart with -reindex. Better instructions,
and automatic recovery (when possible) or automatic reindexing are
left as future work.
Initialize the OutputDebugStringF mutex and file pointer using
boost::call_once, to be thread-safe.
Make the return value of OutputDebugStringF really be the number of
characters written (*printf() semantics).
Declare the fReopenDebugLog flag volatile, since it is changed from
a signal handler.
And don't declare OutputDebugStringF() as inline.
If the user was really after the fastest possible confirmation times
they would be manually setting a fee. In cases where the wallet builds
a transaction with a priority that is too low to qualify as free until
the next block, go ahead without a fee. Confirmation frequently takes
multiple blocks even when a minimum fee is provided.
This avoids a potential crash when trying to read the scrippubkeys on
transactions where the first input IsMine but some of the rest are not
when running listaddressgroupings.
When the coin database is out of date with the block database, the
best block in it is automatically switched to. This reconnection
process can take time, so allow it to be interrupted.
This also stops block connection as soon as shutdown is requested,
leading to a faster shutdown.
This problem is like earth (mostly harmless). After/during a
-reindex, it means the statistics about the last block file
reported in debug.log are always of blk00000.dat instead of the
last file. Apart from that, it means a few more database entries
need to be read when finding a file to append to the first time.
- even if we are allowed to fail pre-allocating, it's better to check
for sufficient space before calling AllocateFileRange() and if we
are out of disk space return with error()
- the above change allows us to remove the CheckDiskSpace() check
in CBlock::AcceptBlock()
- use it for displaying URI parsing warnings
- use it for displaying error and information in backup wallet function
(the information display is new and the error was a warning before)
- cleanup BitcoinGUI::incomingTransaction()
-- use message() + the information icon from message
-- comment out an unused parameter in the function definition and
declaration
-- move all pre-checks at the beginning of the function
In case a reorganisation fails, the internal state could become
inconsistent (memory only). Previously, a cache per block connect
or disconnect action was used, so blocks could not be applied in
a partial way. Extend this to a cache for the entire reorganisation,
making it atomic entirely. This also simplifies the code a bit.
- this allows to setup the trayicon before we have and want a trayicon menu
- should be of great use, when we remove that splash screen
- fixes a small bug with the toggleHideAction icon, which is not only used with
trayicon but also with the Mac dock
- fix ThreadSafeMessageBox always displays error icon
- allow to specify MSG_ERROR / MSG_WARNING or MSG_INFORMATION without a
custom caption / title
- allow to specify CClientUIInterface::ICON_ERROR / ICON_WARNING and
ICON_INFORMATION (which is default) as message box icon
- remove CClientUIInterface::OK from ThreadSafeMessageBox-calls, as
the OK button will be set as default, if none is specified
- prepend "Bitcoin - " to used captions
- rename BitcoinGUI::error() -> BitcoinGUI::message() and add function
documentation
- change all style parameters and enum flags to unsigned
- update code to use that new API
- update Client- and WalletModel to use new BitcoinGUI::message() and
rename the classes error() method into message()
- include the possibility to supply the wanted icon for messages from
Client- and WalletModel via "style" parameter
When a transaction A is in the memory pool, while a transaction B
(which shares an input with A) gets accepted into a block, A was
kept forever in the memory pool.
This commit adds a CTxMemPool::removeConflicts method, which
removes transactions that conflict with a given transaction, and
all their children.
This results in less transactions in the memory pool, and faster
construction of new blocks.
- can be triggerd by just adding -proxy=crashme with 0.7.1
- crash occured, when AppInit2() was left with return false; after the
first call to bitdb.open() (Step 6 in init)
- this is caused by GetDataDir() or .string() in CDBEnv::EnvShutdown()
called via the bitdb global destructor
- init fDbEnvInit and fMockDb to false in CDBEnv::CDBEnv()
These flags select features to be enabled/disabled during script
evaluation/checking, instead of several booleans passed along.
Currently these flags are defined:
* SCRIPT_VERIFY_P2SH: enable BIP16-style subscript evaluation
* SCRIPT_VERIFY_STRICTENC: enforce strict adherence to pubkey/sig encoding standards.
o Remove unused Leave and GetLock functions
o Make Enter and TryEnter private.
o Simplify Enter and TryEnter.
boost::unique_lock doesn't really know whether the
mutex it wraps is locked or not when the defer_lock
option is used.
The boost::recursive_mutex does not expose this
information, so unique_lock only infers this
knowledge. When taking the lock is defered, it
(randomly) assumes that the lock is not taken.
boost::unique_lock has the following definition:
unique_lock(Mutex& m_,defer_lock_t):
m(&m_),is_locked(false)
{}
bool owns_lock() const
{
return is_locked;
}
Thus it is a mistake to check owns_lock() in Enter
and TryEnter - they will always return false.
- remove an unwanted ";" at the end of the ~CCoinsView() destructor
- in FindBlockPos() and FindUndoPos() only call fclose(), is file is open
- fix an error string in the CBlockUndo class
feature in clang. These macros should primarily be used to
document which locks protect a given piece of data. Secondary it
can be used to document the set of held and excluded locks when
entering a function.
- remove pathEnv from CDBEnv, as this attribute is not needed
- change path parameter in ::Open() to a reference
- make nDbCache variable an unsigned integer
- remove a missplaced ";" behin ::IsMock()
- this allows the client to listen on via -bind specified addresses
(e.g. 127.0.0.1), even when a network (IPv4 in that case) was blocked
via e.g -onlynet="Tor"
- introduce enum BindFlags to avoid passing multiple bools to Bind()
- make -bind help text clear we ALWAYS listen on the specified address
- remove an unused variable
- remove 2 unneeded IsLimited() checks before calling Bind(), which does
these checks anyway
- usage case: specify -bind=127.0.0.1 -onlynet="Tor" to allow incoming
connections to a Tor hidden service, but still don't allow other IPv4
nodes to connect / get connected
As memset() can be optimized out by a compiler it should not be used in
privacy/security relevant code parts. OpenSSL provides the safe
OPENSSL_cleanse() function in crypto.h, which perfectly does the job of
clean and overwrite data.
For details see: http://www.viva64.com/en/b/0178/
- change memset() to OPENSSL_cleanse() where appropriate
- change a hard-coded number from netbase.cpp into a sizeof()
Flushes the blktree/ and coins/ databases, and reindexes the
block chain files, as if their contents was loaded via -loadblock.
Based on earlier work by Jeff Garzik.
- ensure header inclusion guard is named after the header file
- add missing comments at the end of some inclusion guards
- add a small Qt5 compatibility fix in macdockiconhandler.h
rather than reusing ReadHTTPStatus() from the client mode.
The following additional HTTP request validations are added, both in line with
existing HTTP client practice:
1) HTTP method must be GET or POST. Most clients use POST, some
use GET. Either way, this continues to work.
2) HTTP URI must start with "/" character.
Normal URI is "/" (a 1-char string), so this is fine.
ReadHTTPStatus() is currently overloaded: In client mode, it properly parses
and receives an HTTP status line. In server mode, it incorrectly parses the
HTTP request line as an HTTP status line.
This server mode bug has never mattered, because the RPC server never
cared about the URI (path) provided in the HTTP request. That will change in
the future, so go ahead and begin fixing the problem.
This patch is cosmetic, and should result in NO behavior changes.
Further renames:
ReadHTTPHeader -> ReadHTTPHeaders
ReadHTTP -> ReadHTTPMessage
The original test (checking whether the transaction occurs in the
txindex) is not usable anymore, as it will miss anything already
fully spent. However, as merkle transactions (and by extension,
wallet transactions) track which block they were last seen being
included in, we can use that to determine the need for
rebroadcasting.
- add setStatusTip() in addition to setTooltip() where it makes sense
- add only setStatusTip() if GUI element is only used in main- or tray menu
- add an event filter on our BitcoinGUI object to prevent garbelled text
on the status bar, which happens when we use it for e.g. displaying
block-sync state and then a QEvent::StatusTip wants to write own text to it
- remove a double translation of "Bitcoin client"
This is to support the signrawtransaction API call; given the public
keys involved in a multisig transaction, this gives back the redeemScript
needed to sign it.
signrawtransaction was unable to sign pay-to-script-hash inputs
when given the list of private keys to use. With this commit
you can provide the p2sh redemption script in the list of
inputs.
As the coinset data refers to the best block, stored in the block
tree. Flushing the coin set first can cause inconsistencies if
the process gets killed in between.
- "ThreadIRCSeed started" was not displayed, even if the thread ran
(although only for a short time as the "do we want this thread?"-checks
happen IN ThreadIRCSeed2())
- the patch ensures we always get that message
- add a "ThreadIRCSeed trying to connect..." message
- add missing "ThreadDumpAddress started" message
- instead of "return false;" use "return QDialog::eventFilter(object,
event);" to harmonize this event filter with our default behaviour
- remove orphan spaces found while editting the files
Implements #1948
- Add macro `CLIENT_VERSION_IS_RELEASE` to clientversion.h
- When running a prerelease (the above macro is `false`):
- In UI, show an orange warning bar at the top. This will be used for other
warnings (and alerts) as well, instead of the status bar.
- For `bitcoind`, show the warning in the "errors" field in `getinfo`
response.
CreateNewBlock was reading pindexBest at the start before taking the lock
so it was possible to have the the block content not match the prevheader
and this can also trigger a newly added assert in ConnectBlock.
I noticed this during a code review after twobitcoins reported that ab91bf39
(BIP30 for all blocks) could cause a null dereference on a modified node
that mined during the IBD, or on testnet when it reached heights 91842 and
91880 due to CreateNewBlock calling ConnectBlock with pindex->phashBlock NULL.
- remove uiInterface.InitMessage() calls from ThreadImport(), as Qt
doesn't like them getting called out of it's main thread and because the
thread will continue to run after the GUI was loaded
With a change of libs, and specifying NATIVE_WINDOWS as TARGET_OS it should compile libleveldb.a and libmemenv.a just fine, it did for me and Diapolo when testing.
Split off CBlockTreeDB and CCoinsViewDB into txdb-*.{cpp,h} files,
implemented by either LevelDB or BDB.
Based on code from earlier commits by Mike Hearn in his leveldb
branch.
Given that the block tree database (chain.dat) and the active chain
database (coins.dat) are entirely separate now, it becomes legal to
swap one with another instance without affecting the other.
This commit introduces a check in the startup code that detects the
presence of a better chain in chain.dat that has not been activated
yet, and does so efficiently (in batch, while reusing the blk???.dat
files).
To prevent excessive copying of CCoins in and out of the CCoinsView
implementations, introduce a GetCoins() function in CCoinsViewCache
with returns a direct reference. The block validation and connection
logic is updated to require caching CCoinsViews, and exploits the
GetCoins() function heavily.
Use CBlock's vMerkleTree to cache transaction hashes, and pass them
along as argument in more function calls. During initial block download,
this results in every transaction's hash to be only computed once.
During the initial block download (or -loadblock), delay connection
of new blocks a bit, and perform them in a single action. This reduces
the load on the database engine, as subsequent blocks often update an
earlier block's transaction already.
This switches bitcoin's transaction/block verification logic to use a
"coin database", which contains all unredeemed transaction output scripts,
amounts and heights.
The name ultraprune comes from the fact that instead of a full transaction
index, we only (need to) keep an index with unspent outputs. For now, the
blocks themselves are kept as usual, although they are only necessary for
serving, rescanning and reorganizing.
The basic datastructures are CCoins (representing the coins of a single
transaction), and CCoinsView (representing a state of the coins database).
There are several implementations for CCoinsView. A dummy, one backed by
the coins database (coins.dat), one backed by the memory pool, and one
that adds a cache on top of it. FetchInputs, ConnectInputs, ConnectBlock,
DisconnectBlock, ... now operate on a generic CCoinsView.
The block switching logic now builds a single cached CCoinsView with
changes to be committed to the database before any changes are made.
This means no uncommitted changes are ever read from the database, and
should ease the transition to another database layer which does not
support transactions (but does support atomic writes), like LevelDB.
For the getrawtransaction() RPC call, access to a txid-to-disk index
would be preferable. As this index is not necessary or even useful
for any other part of the implementation, it is not provided. Instead,
getrawtransaction() uses the coin database to find the block height,
and then scans that block to find the requested transaction. This is
slow, but should suffice for debug purposes.
Introduce a AllocateFileRange() function in util, which wipes or
at least allocates a given range of a file. It can be overriden
by more efficient OS-dependent versions if necessary.
Block and undo files are now allocated in chunks of 16 and 1 MiB,
respectively.
Change the block storage layer again, this time with multiple files
per block, but tracked by txindex.dat database entries. The file
format is exactly the same as the earlier blk00001.dat, but with
smaller files (128 MiB for now).
The database entries track how many bytes each block file already
uses, how many blocks are in it, which range of heights is present
and which range of dates.
The CTxUndo class encapsulates data necessary to undo the effects of
a transaction on the txout set, namely the previous outputs consumed
by it (script + amount), and potentially transaction meta-data when
it is spent entirely.
The CCoins class represents a pruned set of transaction outputs from
a given transaction. It only retains information about its height in
the block chain, whether it was a coinbase transaction, and its
unspent outputs (script + amount).
It has a custom serializer that has very low redundancy.
Special serializer/deserializer for amount values. It is optimized for
values which have few non-zero digits in decimal representation. Most
amounts currently in the txout set take only 1 or 2 bytes to
represent.
Special serializers for script which detect common cases and encode
them much more efficiently. 3 special cases are defined:
* Pay to pubkey hash (encoded as 21 bytes)
* Pay to script hash (encoded as 21 bytes)
* Pay to pubkey starting with 0x02, 0x03 or 0x04 (encoded as 33 bytes)
Other scripts up to 121 bytes require 1 byte + script length. Above
that, scripts up to 16505 bytes require 2 bytes + script length.
Variable-length integers: bytes are a MSB base-128 encoding of the number.
The high bit in each byte signifies whether another digit follows. To make
the encoding is one-to-one, one is subtracted from all but the last digit.
Thus, the byte sequence a[] with length len, where all but the last byte
has bit 128 set, encodes the number:
(a[len-1] & 0x7F) + sum(i=1..len-1, 128^i*((a[len-i-1] & 0x7F)+1))
Properties:
* Very small (0-127: 1 byte, 128-16511: 2 bytes, 16512-2113663: 3 bytes)
* Every integer has exactly one encoding
* Encoding does not depend on size of original integer type
This reverts commit 199d88cf90, reversing
changes made to 65bc1573e7.
License is worse instead of better. Will only accept public domain and
MIT-licensed icons from now on.
Corrupt wallets used to cause a DB_RUNRECOVERY uncaught exception and a
crash. This commit does three things:
1) Runs a BDB verify early in the startup process, and if there is a
low-level problem with the database:
+ Moves the bad wallet.dat to wallet.timestamp.bak
+ Runs a 'salvage' operation to get key/value pairs, and
writes them to a new wallet.dat
+ Continues with startup.
2) Much more tolerant of serialization errors. All errors in deserialization
are reported by tolerated EXCEPT for errors related to reading keypairs
or master key records-- those are reported and then shut down, so the user
can get help (or recover from a backup).
3) Adds a new -salvagewallet option, which:
+ Moves the wallet.dat to wallet.timestamp.bak
+ extracts ONLY keypairs and master keys into a new wallet.dat
+ soft-sets -rescan, to recreate transaction history
This was tested by randomly corrupting testnet wallets using a little
python script I wrote (https://gist.github.com/3812689)
Before, opening a -datadir that was created with a new
version of Berkeley DB would result in an un-caught DB_RUNRECOVERY
exception.
After these changes, the error is caught and the user is told
that there is a problem and is told how to try to recover from
it.
Before, opening a -datadir that was created with a new
version of Berkeley DB would result in an un-caught DB_RUNRECOVERY
exception.
After these changes, the error is caught and the user is told
that there is a problem and is told how to try to recover from
it.
- don't rely on the QSettings for cases ProxyUse and ProxySocksVersion and
query the real values via the GetProxy() call
- add a missing "succesful =" for case ProxyUse in ::setData()
I2P apparently needs 256 bits to store a fully routable address. Garlicat
requires a centralized lookup service to map the 80-bit addresses to fully
routable ones (as far as I understood), so that's not really usable in our
situation.
To support I2P routing and peer exchange for it, another solution is needed.
This will most likely imply a network protocol change, and extension of the
'addr' message.
- fix#1560 by properly locking proxy related data-structures
- update GetProxy() and introduce GetNameProxy() to be able to use a
thread-safe local copy from proxyInfo and nameproxyInfo
- update usage of GetProxy() all over the source to match the new
behaviour, as it now fills a full proxyType object
- rename GetNameProxy() into HaveNameProxy() to be more clear
This allows fun stuff such as `bitcoin --help | less`, and more
easy piping to files.
Looking at other tools such as bash, gcc, they all send their help
text to stdout.
These command are a leftover from send-to-IP transactions, which have been
removed a long time ago.
Also removes CNode::mapRequests and CNode::PushRequests, as these were
only used for the mentioned commands.
As the code was before, toHTML added empty elements to mapValue to check for their existance. Now first it check for their existance and then for their non-emptiness.
Removed a duplicated identical if
There are two equal ifs, one inside another. If the first one is true, then the second one is true.
Due to a bug in the implementation of MakeSameSize(), using OP_AND, OP_OR, or OP_XOR with signed values of unequal size will result in the sign-value becoming part of the smaller integer, with nonsensical results. This patch documents the unexpected behavior and provides the basis of a solution should decision be made to fix the bug in the future.
-detachdb option. Useful for upgrading, for example. Lets you use fast stops usually, but force a detach when needed. Also, allows
you to do a fast stop in a system normally configured for fast stops.
- I checked every occurance of strprintf() in the code and used %u, where
unsigned vars are used
- the change to GetByte() was made, as ip is an unsigned char
Matt pointed out some time ago that there existed a minor DOS
attack where a node in its initial block download could be wedged
by an overwrite attack in a fork created between checkpoints before
a time where BIP30 was enforced. Now that the BIP30 timestamp
is irreversibly past the check can be more aggressive and apply to
all blocks except the two historic violations.
- Paging using PageUp / PageDown now works when entry widget has focus
- Typing or pasting while the messages widget has focus auto-selects entry widget
We're in a wholly different world now, C++-compiler-wise.
Current std::stringstream implementations don't have the stated problem anymore,
and are just as fast as CDataStream.
The #ifdef'd block does not even compile anymore; CDataStream constructor changed,
and missing some std::. Also timing in whole seconds is also way too granular
to say anything sensible in such microbenchmarks. Just remove it,
it can always be found again in git history.
Bugfix: Correct doubled-up &amp; in translations
Bugfix: Remove extra spaces after ampersand in translations (this fixes hotkeys)
Restore copyright translations, now split up
Restore old translations lost due to changes to English structure
Skipped: ca_ES et eu_ES fr_CA (under 10% coverage)
- add version information to bitcoin-qt.rc, which is displayed on Windows, when looking in the executable properties and selecting "Details"
- introduce a new clientversion.h (used in bitcoin-qt.rc to generate
version information), which takes only the version defines from
version.h and is included in it (to allow usage with the windres rc-file
compiler)
- move #define STRINGIFY(s) #s into clientversion.h as that is used in
bitcoin-qt.rc and rename to DO_STRINGIZE(X)
- add #define STRINGIZE(X) DO_STRINGIZE(X), which is needed to convert the
version defines into a version string in the rc-file
- this ensures we only need to update 1 file and have bitcoin-qt.exe
version information
- for RC-file documentation see:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa381058%28v=vs.85%29.aspx
OrderedTxItems returns a multimap of pointers, but needs a place to store the actual CAccountingEntries it points to.
It had been using a stack item, which was clobbered as soon as it returned, resulting in undefined behaviour.
This fixes at least bug #1768.
Try to display a nicer message instead of dumping raw JSON object when possible. If the error
somehow doesn't have the required 'code' and 'message' fields, fall back to printing raw JSON object.
- re-order Qt Actions and connect() calls to match the real GUI layout,
which makes things easier to read and understand
- remove signMessageAction and verifyMessageAction from tabGroup as we
didn't use them anyway (as tooltips are not displayed in the menu remove
these too)
- update 2 comments
- be clear we don't "Show/Hide Bitcoins", but just the client window
- remove the tooltip for toggleHideAction as this is not shown anyway
- update a comment to be more general
If our IRC nick is in use (because some other node thinks it has
the same address we think we have) don't fruitlessly try to reconnect
using that name forever. After three tries, give up and use a random
nick. Either we'll learn a new local address from IRC and switch
to that, or it was right and the other guy is advertising for us.
This avoids a pessimal case where a second testnet node behind
a nat is unable to get any peers because he can't get on IRC.
Previously Bitcoin would refuse to use IRC if it was either not
accepting inbound connections or not making outbound. Instead this
changes it to not use IRC only if it's not doing either or if
IPv4 is off completely. If Bitcoin is not listening this will use
the default random nicks rather than the IP based ones.
Hard-code a special nId=max int alert, to be broadcast if the
alert key is ever compromised. It applies to all versions, never
expires, cancels all previous alerts, and has a fixed message:
URGENT: Alert key compromised, upgrade required
Variations are not allowed (ignored), so an attacker with
the private key cannot broadcast empty-message nId=max alerts.
This fixes two alert system vulnerabilities found by
Sergio Lerner; you could send peers unlimited numbers
of invalid alert message to try to either fill up their
debug.log with messages and/or keep their CPU busy
checking signatures.
Fixed by disconnecting/banning peers if they send 10 or more
bad (invalid/expired/cancelled) alerts.
Windows & WindowsXP style have a problem with displaying the block progress.
Add a custom stylesheet as workaround, but only when one of those renderers is active,
otherwise leave the theme alone (issue #1071).
- add a new label, which can be updated independently from the whole
license information stuff
- the benefit is, we don't need to re-translate that whole wall of text
every year the copyright info changes
- update to the same copyright string we use in the source and in the
bitcoin-qt.exe meta-data information
- removes an obsolete entry from the ui-file
- Show address receiving the generation, and include it in the correct "account"
- Multiple entries in listtransactions output if the coinbase has multiple outputs to us
This applies on top of the coincontrol listaddressgroupings patch
and makes finding eligible outputs from the groups returned
by listaddressgroupings possible.
Logic:
- If sending a transaction, assign its timestamp to the current time.
- If receiving a transaction outside a block, assign its timestamp to the current time.
- If receiving a block with a future timestamp, assign all its (not already known) transactions' timestamps to the current time.
- If receiving a block with a past timestamp, before the most recent known transaction (that we care about), assign all its (not already known) transactions' timestamps to the same timestamp as that most-recent-known transaction.
- If receiving a block with a past timestamp, but after the most recent known transaction, assign all its (not already known) transactions' timestamps to the block time.
For backward compatibility, new accounting data is stored after a \0 in the comment string.
This way, old versions and third-party software should load and store them, but all actual use (listtransactions, for example) ignores it.
Replace direct calls to mlock.
Also, change the class to lock the memory areas in the constructor and unlock them again in the destructor. This makes sure that locked pages won't leak.
Memory locks do not stack, that is, pages which have been locked several times by calls to mlock()
will be unlocked by a single call to munlock(). This can result in keying material ending up in swap when
those functions are used naively. In this commit a class "LockedPageManager" is added
that simulates stacking memory locks by keeping a counter per page.
Allows the user to pass null as the second or third parameter
to signrawtransaction, in case you need to (for example) fetch
private keys from the wallet but want to specify the hash type.
This does two things:
1) Now does not output to debug.log if -printtodebugger flag is passed
2) Unit tests set -printtodebugger so only test results are output to stdout
Note that -printtodebugger only actually prints to the debugger on Windows.
If 950 of the last 1,000 blocks are nVersion=2, reject nVersion=1
(or zero, but no bitcoin release has created block.nVersion=0) blocks
-- 75 of last 100 on testnet3.
This rule is being put in place now so that we don't have to go
through another "express support" process to get what we really
want, which is for every single new block to include the block height
in the coinbase.
"Version 2" blocks are blocks that have nVersion=2 and
have the block height as the first item in their coinbase.
Block-height-in-the-coinbase is strictly enforced when
version=2 blocks are a supermajority in the block chain
(750 of the last 1,000 blocks on main net, 51 of 100 for
testnet). This does not affect old clients/miners at all,
which will continue producing nVersion=1 blocks, and
which will continue to be valid.
- extend bitcoin-qt.rc to include meta information, which is displayed on
Windows, when looking in the executable properties and selecting
"Details"
- does currently NOT include version information, this is scheduled
for later releases
- for RC-file documentation see:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa381058%28v=vs.85%29.aspx
This is the last time for 0.7.0. We should avoid message changes
until the release. Translators can use the remaining time to update their languages on
Transifex.
The other languages need to be merged from Transifex just before release.
Signrawtransaction rpc was crashing when some inputs were unknown,
and even with that fixed was failing to handle all the known inputs
if there were unknown inputs in front of them. This commit instead
attempts to fetch inputs one at a time.
- this enables DEP on all Windows version which support the
SetProcessDEPPolicy() call in Kernel32.dll
- use a dynamic approach via GetProcAddress() to not rely on headers or
compiler libs
- this is the same way the Tor-project does it
- add enableApplyButton() and disableApplyButton() to optionsdialog.{h/cpp}
- they are used to ensure the Ok button does not get disabled, when Apply needs to be disabled (standard UX should allow Ok always to dismiss the dialog and only disable it, when we have a faulty proxy IP)
- disable Apply after initially loading the settings, as nothing new needs to be saved
- remove orphan settings from optionsdialog.ui that are default anyway
- If the height is in the first half, start at the genesis block and go up, rather than at the top
- Cache the last lookup and use it as a reference point if it's close to the next request, to make linear lookups always fast
- ensure warnings always start with "Warning:" and that the first
character after ":" is written uppercase
- ensure the first sentence in warnings ends with an "!"
- remove unneeded spaces from Warning-strings
- add missing Warning-string translation
- remove a "\n" and replace with untranslatable "<br><br>"
- place "-?" option at first
- re-work description and "\n" usage for Gavins new block creation options
to better match current description syntax
- ensure no "\n" is in translated strings, which is better for Transifex
The new bytes are based on "11" to appeal to Gavin's 11 fetish.
This breaks existing testnet3 nodes as the blockchain files
are also versioned. To upgrade a node delete everything
except wallet.dat from your .bitcoin/testnet3 folder.
Modify CreateNewBlock so that instead of processing all transactions
in priority order, process the first 27K of transactions in
priority order and then process the rest in fee-per-kilobyte
order.
This is the first, minimal step towards better a better fee-handling
system for both miners and end-users; this patch should be easy
to backport to the old versions of Bitcoin, and accomplishes the
most important goal-- allow users to "buy their way in" to blocks
using transaction fees.
- remove duplicate includes, that are already present in ui_optionsdialog.h
- change QIntValidator to not allow 0 as port-number
- re-order some function calls to match the Ui element order, for better readbility and to prepare for the addition of further IPv6 and Tor proxy options
- restat warning for the language selection is only shown, when the language was changed (not on simply activating the Ui element)
- split check for object == ui->proxyIp into seperate if-clause
- micro-optimize the code in the above mentioned if-clause
- unify used format for comments in the code
- introduce handleProxyIpValid() function, which handles UI elements and the
save button states for valid/invalid proxy IPs
- add IMPLEMENT_RANDOMIZE_STACK for ipcThread()
- log / print boost interprocess exceptions
- use MAX_URI_LENGTH in guiconstants.h (also used in qrcodedialog.cpp)
- remove unneeded includes and ipcShutdown() from qtipcserver.cpp
- fix a small mem-leak by deleting mq before re-using it
- make ipcThread() and ipcThread2() static functions
- add some more comments
NOTE: This is currently disabled, until a developer with FreeBSD/OpenBSD
can confirm that this works (without causing undefined behaviour
preferrably).
Signed-off-by: Giel van Schijndel <me@mortis.eu>
* Fix wrong thread name for wallet *relocking* thread
- Was named the unlocking thread
* Use consistent naming
Signed-off-by: Giel van Schijndel <me@mortis.eu>
NOTE: These thread names are visible in gdb when using 'info threads'.
Additionally both 'top' and 'ps' show these names *unless* told to
display the command-line instead of task name.
Signed-off-by: Giel van Schijndel <me@mortis.eu>
- this helps user to not think our Client is called "Bitcoin Wallet"
- change "About Bitcoin-Qt" to "About Bitcoin"
- change "Bitcoin debug window" to "Bitcoin - Debug window"
- change "Client" in debug Window to "Bitcoin Core"
- cleanup optionsmodel before adding new proxy options
- place SOCKS version stuff below proxy port (IP, Port, SOCKS version)
- simplyfy some parts of the code (e.g. don't check IP and port, as this
is done in optionsdialog anyway, remove unneeded {} in switch/case)
- small cosmetic changes in the header for better readability
Because new nodes pull from the first connected node the load
balancing of the first connection is more important than it should
be. This change puts Pieter's seed first, because its probably
the best maintained right now.
Fixes#1452. Until we can make the logic water-tight *and* are notified in every
case the balance might have changed, remove the premature optimization and
simply recompute the balance every half a second when the number of blocks changed.
Compiling boost::interprocess::message_queue against
boost 1.50 macports with -arch i386 (how releases are built,
for minimum download size and maximum compatibility) is failing:
src/qt/qtipcserver.cpp:37: error: no matching function for call to ‘boost::interprocess::message_queue_t<boost::interprocess::offset_ptr<void, int, long unsigned int, 0u> >::timed_receive(char (*)[257], long unsigned int, size_t&, unsigned int&, boost::posix_time::ptime&)’
This is probably a boost or macports bug, but since interprocess::message_queue
is only used for URI support, which isn't implemented on OSX anyway, I fixed
the build by #ifdef'ing out that code.
- add signals signMessage() and verifyMessage() in addressbookpage.cpp
- connect to them in bitcoingui.cpp to switch to the corresponding tab in the Sign/Verify Message dialog
- make gotoSignMessageTab() and gotoVerifyMessageTab() private slots
- remove unused #include <QDebug> and lblBTC label
- update Bitcoin input field to a BitcoinAmountField to allow Bitcoin unit selection
- use BitcoinUnits::format for the resulting amount parameter in the generated URI (always use BTC as per BIP21)
- move MAX_URI_LENGTH and EXPORT_IMAGE_SIZE to guiconstants.h
- add OptionsModel in AddressBookPage and use it in on_showQRCode_clicked() to pass it to QRCodeDialog
- add OptionsModel in QRCodeDialog to enable display unit updates
- add updateDisplayUnit() slot to be able to imediately update currently set bitcoin unit
- make all labels in the UI-file plain text
- resize dialog to match for an updated layout (fields are now stacked and new field)
- remove unused parameters from private slots
- only enable save button, when QR Code was generated
- show message when entered amound is invalid
- add read-only QPlainTextEdit field to output generated URI
Adds CBlock::CURRENT_VERSION and CTransaction::CURRENT_VERSION
constants, and makes non-CURRENT_VERSION transactions nonstandard.
This will help make future upgrades smoother.
- add UI-feedback via QValidatedLineEdit
- copy button for generated signature was moved to the signature output field
- add an addressbook button to verify message tab
- input fields are now evenly ordered for sign and verify tabs
- update FIRST_CLASS_MESSAGING support to ensure a good UX
- add a button and context menu entry in addressbook for verify message (to be consistent with sign message)
- focus is now only set/changed, when clearing input fields or adding an address via addressbook
- re-work / update some strings
- ensure model gets initialized in the SignVerifyMessageDialog constructor
- add checks for a valid model to both addressbook buttons
- remove unneeded includes for Qt GUI elements that are listed in ui_signverifymessagedialog.h anyway
Implement listunspent / getrawtransaction / createrawtransaction /
signrawtransaction, to support creation and
signing-on-multiple-device multisignature transactions.
This PULL reworks new (post-0.6.*) features of the
gettransaction/getblock RPC calls as follows:
It removes the 'decompositions' object argument from getblock,
replacing it just a list of transaction hashes; equivalent
(I believe) of passing the {"tx":"hash"} decomposition.
It replaces the 'decompositions' object argument of
gettransaction with a boolean flag; if true, returns
the same stuff that the {"script":"obj"} decomposition
would return (txins/txouts as hex, disassembled, and bitcoin
addresses).
It adds a "rawtx" field to the output of gettransaction,
that is the entire transaction serialized and hex-encoded.
It removes the "size" field from gettransaction, since the size
is trivial to compute from the "rawtx" field (either take the
length after hex-decoding, or just compute it as hex-length/2).
If the top-level object is an array, it is assumed to be an array of
JSON-RPC requests. An array is returned, containing one response (error or
not) per request, in the order submitted.
In a slight change in semantics, batched requests -always- return
an HTTP 200 OK status, even ones full of invalid or incorrect requests.
- remove "#include <QString>" as this is included in the header
- add some missing plural forms that can be translated
- change "yours" into "own address", which is easier to understand and translate in that context
- cleanup translatable strings to not include HTML or unneeded chars (e.g. ":")
- resize TransactionDescDialog a little (remove unwanted line-breaks with non english translations)
Bitcoin will not make an outbound connection to a network group
(/16 for IPv4) that it is already connected to. This means that
if an attacker wants good odds of capturing all a nodes outbound
connections he must have hosts on a a large number of distinct
groups.
Previously both inbound and outbound connections were used to
feed this exclusion. The use of inbound connections, which can be
controlled by the attacker, actually has the potential of making
sibyl attacks _easier_: An attacker can start up hosts in groups
which house many honest nodes and make outbound connections to
the victim to exclude big swaths of honest nodes. Because the
attacker chooses to make the outbound connection he can always
beat out honest nodes for the consumption of inbound slots.
At _best_ the old behavior increases attacker costs by a single
group (e.g. one distinct group to use to fill up all your inbound
slots), but at worst it allows the attacker to select whole
networks you won't connect to.
This commit makes the nodes use only outbound links to exclude
network groups for outbound connections. Fancier things could
be done, like weaker exclusion for inbound groups... but
simplicity is good and I don't believe more complexity is
currently needed.
Useful for developers who need to refer to futher back in debug.log history, but who don't want to
enable the -debug option and all the verbosity that comes with that.
- display as "language - country (locale name)", when locale name consists of 2 parts
- display as "language (locale name)", when locale name consists of 1 part
Use Boost's signal2 slot tracking mechanism to cancel any (still open)
listening sockets when receiving a shutdown signal.
Signed-off-by: Giel van Schijndel <me@mortis.eu>
This commit adds support for .onion addresses (mapped into the IPv6
by using OnionCat's range and encoding), and the ability to connect
to them via a SOCKS5 proxy.
Prior to this change, each TX typically generated 3+ debug messages,
askfor tx 8644cc97480ba1537214 0
sending getdata: tx 8644cc97480ba1537214
askfor tx 8644cc97480ba1537214 1339640761000000
askfor tx 8644cc97480ba1537214 1339640881000000
CTxMemPool::accept() : accepted 8644cc9748 (poolsz 6857)
After this change, there is only one message for each valid TX received
CTxMemPool::accept() : accepted 22a73c5d8c (poolsz 42)
and two messages for each orphan tx received
ERROR: FetchInputs() : 673dc195aa mempool Tx prev not found 1e439346fc
stored orphan tx 673dc195aa (mapsz 19)
The -debugnet option, or its superset -debug, will restore the full debug
output.
Since the minimum signed integer cannot be represented as positive so long as its type is signed, and it's not well-defined what happens if you make it unsigned before negating it, we instead increment the negative integer by 1, convert it, then increment the (now positive) unsigned integer by 1 to compensate