Tests if addresses are online or offline by briefly connecting to them. These short lived connections are referred to as feeler connections. Feeler connections are designed to increase the number of fresh online addresses in tried by selecting and connecting to addresses in new. One feeler connection is attempted on average once every two minutes.
This change was suggested as Countermeasure 4 in
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network, Ethan Heilman,
Alison Kendler, Aviv Zohar, Sharon Goldberg. ePrint Archive Report
2015/263. March 2015.
Commands can be executed with bracket syntax, example: `getwalletinfo()`.
Commands can be nested, example: `sendtoaddress(getnewaddress(), 10)`.
Simple queries are possible: `listunspent()[0][txid]`
Object values are accessed with a non-quoted string, example: [txid].
Fully backward compatible.
`generate 101` is identical to `generate(101)`
Result value queries indicated with `[]` require the new brackets syntax.
Comma as argument separator is now also possible: `sendtoaddress,<address>,<amount>`
Space as argument separator works also with the bracket syntax, example: `sendtoaddress(getnewaddress() 10)
No dept limitation, complex commands are possible:
`decoderawtransaction(getrawtransaction(getblock(getbestblockhash())[tx][0]))[vout][0][value]`
Remove the unused variable "blockTmp" in CMerkleTx::SetMerkleBranch. It
was previously used to read the block from disk if not provided as
argument, but is no longer needed.
The `pickDataDirectory()` function was calling `exit(0)` to quit
the application when the user closes the dialog without choosing
a data directory.
This is a bad idea because a background thread is created (to
check free space on the drive of the currently selected datadir).
The thread is not stopped and unwound properly, resulting in a potential
race condition somewhere deep in Qt.
So replace the `exit()` by a boolean return value, and let the
stack unwind normally.
7a49cac Merge #410: Add string.h include to ecmult_impl
0bbd5d4 Add string.h include to ecmult_impl
c5b32e1 Merge #405: Make secp256k1_fe_sqrt constant time
926836a Make secp256k1_fe_sqrt constant time
e2a8e92 Merge #404: Replace 3M + 4S doubling formula with 2M + 5S one
8ec49d8 Add note about 2M + 5S doubling formula
5a91bd7 Merge #400: A couple minor cleanups
ac01378 build: add -DSECP256K1_BUILD to benchmark_internal build flags
a6c6f99 Remove a bunch of unused stdlib #includes
65285a6 Merge #403: configure: add flag to disable OpenSSL tests
a9b2a5d configure: add flag to disable OpenSSL tests
b340123 Merge #402: Add support for testing quadratic residues
e6e9805 Add function for testing quadratic residue field/group elements.
efd953a Add Jacobi symbol test via GMP
fa36a0d Merge #401: ecmult_const: unify endomorphism and non-endomorphism skew cases
c6191fd ecmult_const: unify endomorphism and non-endomorphism skew cases
0b3e618 Merge #378: .gitignore build-aux cleanup
6042217 Merge #384: JNI: align shared files copyright/comments to bitcoinj's
24ad20f Merge #399: build: verify that the native compiler works for static precomp
b3be852 Merge #398: Test whether ECDH and Schnorr are enabled for JNI
aa0b1fd build: verify that the native compiler works for static precomp
eee808d Test whether ECDH and Schnorr are enabled for JNI
7b0fb18 Merge #366: ARM assembly implementation of field_10x26 inner (rebase of #173)
001f176 ARM assembly implementation of field_10x26 inner
0172be9 Merge #397: Small fixes for sha256
3f8b78e Fix undefs in hash_impl.h
2ab4695 Fix state size in sha256 struct
6875b01 Merge #386: Add some missing `VERIFY_CHECK(ctx != NULL)`
2c52b5d Merge #389: Cast pointers through uintptr_t under JNI
43097a4 Merge #390: Update bitcoin-core GitHub links
31c9c12 Merge #391: JNI: Only call ecdsa_verify if its inputs parsed correctly
1cb2302 Merge #392: Add testcase which hits additional branch in secp256k1_scalar_sqr
d2ee340 Merge #388: bench_ecdh: fix call to secp256k1_context_create
093a497 Add testcase which hits additional branch in secp256k1_scalar_sqr
a40c701 JNI: Only call ecdsa_verify if its inputs parsed correctly
faa2a11 Update bitcoin-core GitHub links
47b9e78 Cast pointers through uintptr_t under JNI
f36f9c6 bench_ecdh: fix call to secp256k1_context_create
bcc4881 Add some missing `VERIFY_CHECK(ctx != NULL)` for functions that use `ARG_CHECK`
6ceea2c align shared files copyright/comments to bitcoinj's
70141a8 Update .gitignore
7b549b1 Merge #373: build: fix x86_64 asm detection for some compilers
bc7c93c Merge #374: Add note about y=0 being possible on one of the sextic twists
e457018 Merge #364: JNI rebased
86e2d07 JNI library: cleanup, removed unimplemented code
3093576a JNI library
bd2895f Merge pull request #371
e72e93a Add note about y=0 being possible on one of the sextic twists
3f8fdfb build: fix x86_64 asm detection for some compilers
e5a9047 [Trivial] Remove double semicolons
c18b869 Merge pull request #360
3026daa Merge pull request #302
03d4611 Add sage verification script for the group laws
a965937 Merge pull request #361
83221ec Add experimental features to configure
5d4c5a3 Prevent damage_array in the signature test from going out of bounds.
419bf7f Merge pull request #356
03d84a4 Benchmark against OpenSSL verification
git-subtree-dir: src/secp256k1
git-subtree-split: 7a49cacd3937311fcb1cb36b6ba3336fca811991
9e9d644 net: fixup nits (Cory Fields)
8945384 net: Have LookupNumeric return a CService directly (Cory Fields)
21ba407 net: narrow include scope after moving to netaddress (Cory Fields)
21e5b96 net: move CNetAddr/CService/CSubNet out of netbase (Cory Fields)
1017b8a net: Add direct tests for new CSubNet constructors (Cory Fields)
b6c3ff3 net: Split resolving out of CSubNet (Cory Fields)
f96c7c4 net: Split resolving out of CService (Cory Fields)
31d6b1d net: Split resolving out of CNetAddr (Cory Fields)
c784086 use std::map::emplace() instead of std::map::insert() (whythat)
5e187e7 use c++11 std::unique_ptr instead of boost::shared_ptr (whythat)
947913f use std::map::erase(const_iterator, const_iterator) to get non-constant iterator (whythat)
239cbd2 qa/rpc-tests/segwit: Test GBT sigops before and after activation (Luke Dashjr)
160f895 Bugfix: Use pre-BIP141 sigops until segwit activates (Luke Dashjr)
refs #8225
To ensure the GUI closes when the "Minimize on close" window option is disabled, and the "Minimize to the tray instead of the taskbar" window option is enbaled, remove a check made against the "Minimize to the tray instead of the taskbar" value, made during GUI closure.
To ensure the GUI minimizes to the taskbar when the "Minimize on close" window option is enabled, and the "Minimize to the tray instead of the taskbar" window option is disabled, minimize the GUI and ignore the closure event.
9d4eb9a Do diskspace check before import thread is started (Pieter Wuille)
aa59f2e Add extra message to avoid a long 'Loading banlist' (Pieter Wuille)
0fd2a33 Use a signal to continue init after genesis activation (Pieter Wuille)
Updating documentation for adding new unit test files
Removing unneeded sentence from README
Removing uint160_tests.cpp as it DNE
Formatting command line instructions to use ``
fixing 80 char formatting issue in README
fixing more nits
a5072a7 util: Remove zero-argument versions of LogPrint and error (Wladimir J. van der Laan)
695041e util: Update tinyformat (Wladimir J. van der Laan)
7e87033 httpserver: replace boost threads with std (Cory Fields)
d3773ca httpserver: explicitly detach worker threads (Cory Fields)
755aa05 httpserver: use a future rather than relying on boost's try_join_for (Cory Fields)
along with mutex/condvar/bind/etc.
httpserver handles its own interruption, so there's no reason not to use std
threading.
While we're at it, may as well kill the BOOST_FOREACH's as well.
Forward-ports two commits from 0.13:
- [0.13] Create a new HD seed after encrypting the wallet
- [Wallet] Add CKeyMetadata record for HDMasterKey(s), factor out HD key generation
Github-Pull: #8389
Rebased-From: f142c11ac634df487cc4bc65a5f1c9a3e3563dd9 de45c065f0648c4c41b57cb492420ceeed29dd11
c59c434 qa: Add test for standardness of segwit v0 outputs (Suhas Daftuar)
1ffaff2 Make witness v0 outputs non-standard before segwit activation (Johnson Lau)
7945088 [Wallet] comsetic non-code changes for the HD feature (Jonas Schnelli)
68d7682 [Wallet] ensure CKeyMetadata.hdMasterKeyID will be cleared during SetNull() (Jonas Schnelli)
f708085 [QA] extend wallet-hd test to cover HD metadata (Jonas Schnelli)
986c223 [Wallet] print hd masterkeyid in getwalletinfo (Jonas Schnelli)
b1c7b24 [Wallet] report optional HDKeypath/HDMasterKeyId in validateaddress (Jonas Schnelli)
5b95dd2 [Wallet] extend CKeyMetadata with HD keypath (Jonas Schnelli)
46c9620 Test that unnecessary witnesses can't be used for mempool DoS (Suhas Daftuar)
bb66a11 Fix DoS vulnerability in mempool acceptance (Suhas Daftuar)
When processing a headers message that looks like a block announcement,
send peer a getheaders if the headers message won't connect.
Apply DoS points after too many consecutive unconnecting headers messages.
Moves the IsStandard check to happen after the premature-witness check,
so that adding a witness to a transaction can't prevent mempool acceptance.
Note that this doesn't address the broader category of potential mempool DoS
issues that affect transactions after segwit activation.
Also cap the allocation for the leveldb-specific cache for the UTXO set
to 8MiB.
This avoids that the extra cache memory goes to the much less effective
leveldb cache instead of our application-level cache.
This reverts PR #4906, "Coinselection prunes extraneous inputs from
ApproximateBestSubset".
Apparently the previous behavior of slightly over-estimating the set of
inputs was useful in cleaning up UTXOs.
See also #7664, #7657, as well as 2016-07-01 discussion on #bitcoin-core-dev IRC.
Generate an (invalid) example address for in the bitcoin address
widgets, based on the network prefix, instead of hardcoding a mainnet
address.
- `1NS17iag9jJgTHD1VXjvLCEnZuQ3rJDE9L` for mainnet (same as now)
- `n2wxQmfexkjwEPgdD6iJA7T7RtzkmHxhFc` for testnet
Changes in tinyformat, recently imported from upstream have made the
zero-argument versions of formatting functions unnecessary. Remove them.
This is a slight semantic change: `%` characters in the zero-argument
call are now regarded and need to be escaped. As for as I know, the only
use of this is in `main.cpp`.
Updates `tinyformat.h` to commit
3a33bbf654 upstream.
Makes sure that our local changes are kept:
- #37671b8fd35aad Make tinyformat errors raise an exception instead of assert()ing
- #47359b6d4c5cdc Move strprintf define to tinyformat.h
- #47486e5fd003e0 include stdexcept (for std::exception)
- #80009eaa0afa6e force USE_VARIADIC_TEMPLATES
- Add `std::string format(const std::string &fmt...` added this
at the time, as we want to be able to do `strprintf(_(...), ...)`
Inspired by #8264.
mininode now supports witness transactions/blocks, blocktools
has a helper for adding witness commitments to blocks, and script
has a function to calculate hashes for signature under sigversion
1, used by segwit.
Py3 conversion by Marco Falke
Test to make sure upgraded nodes don't ask for non-wit blocks by
Gregory Sanders.
script_tests: always test bitcoinconsensus_verify_script_with_amount if VERIFY_WITNESS isn't set
Rename internal method + make it static
trim bitcoinconsensus_ prefix
Add SERIALIZE_TRANSACTION_WITNESS flag
48efec8 Fix some minor compact block issues that came up in review (Matt Corallo)
ccd06b9 Elaborate bucket size math (Pieter Wuille)
0d4cb48 Use vTxHashes to optimize InitData significantly (Matt Corallo)
8119026 Provide a flat list of txid/terators to txn in CTxMemPool (Matt Corallo)
678ee97 Add BIP 152 to implemented BIPs list (Matt Corallo)
56ba516 Add reconstruction debug logging (Matt Corallo)
2f34a2e Get our "best three" peers to announce blocks using cmpctblocks (Matt Corallo)
927f8ee Add ability to fetch CNode by NodeId (Matt Corallo)
d25cd3e Add receiver-side protocol implementation for CMPCTBLOCK stuff (Matt Corallo)
9c837d5 Add sender-side protocol implementation for CMPCTBLOCK stuff (Matt Corallo)
00c4078 Add protocol messages for short-ids blocks (Matt Corallo)
e3b2222 Add some blockencodings tests (Matt Corallo)
f4f8f14 Add TestMemPoolEntryHelper::FromTx version for CTransaction (Matt Corallo)
85ad31e Add partial-block block encodings API (Matt Corallo)
5249dac Add COMPACTSIZE wrapper similar to VARINT for serialization (Matt Corallo)
cbda71c Move context-required checks from CheckBlockHeader to Contextual... (Matt Corallo)
7c29ec9 If AcceptBlockHeader returns true, pindex will be set. (Matt Corallo)
96806c3 Stop trimming when mapTx is empty (Pieter Wuille)
Pulls in the following new languages:
- `af` Afrikaans
- `es_419` Spanish (Latin America)
- `es_AR` Spanish (Argentina)
- `es_CO` Spanish (Colombia)
- `fil` Filipino
- `it_IT` Italian (Italy)
- `ro` Romanian
- `sr@latin` Serbian (Latin)
- `ta` Tamil
- `uz@Latn` Uzbek (Latin)
- `zh_HK` Chinese (Hong Kong)
54326a6 Increase maximum orphan size to 100,000 bytes. (Gregory Maxwell)
8c99d1b Treat orphans as implicit inv for parents, discard when parents rejected. (Gregory Maxwell)
11cc143 Adds an expiration time for orphan tx. (Gregory Maxwell)
db0ffe8 This eliminates the primary leak that causes the orphan map to always grow to its maximum size. (Gregory Maxwell)
1b0bcc5 Track orphan by prev COutPoint rather than prev hash (Pieter Wuille)
CreateNewBlock returns a pointer for which the caller takes ownership.
Use std::unique_ptr to make this explicit and simplify handling of these
objects in getblocktemplate.
7982fce doc: Mention full UTF-8 support in release notes (Wladimir J. van der Laan)
6bbb4ef test: test utf-8 for labels in wallet (Wladimir J. van der Laan)
a406fcb test: add ensure_ascii setting to AuthServiceProxy (Wladimir J. van der Laan)
60ab9b2 Squashed 'src/univalue/' changes from 2740c4f..f32df99 (Wladimir J. van der Laan)
1a5a4e6 Randomize name lookup result in ConnectSocketByName (Pieter Wuille)
f9f5cfc Prevent duplicate connections where one is by name and another by ip (Pieter Wuille)
1111b80 Rework addnode behaviour (Pieter Wuille)
6ee7f05 Allow disconnecting a netgroup with only one member in eviction. (Gregory Maxwell)
5d0ca81 Add recently accepted blocks and txn to AttemptToEvictConnection. (Gregory Maxwell)
An orphan whos parents were rejected is never going to connect, so there
is little utility in keeping it.
Orphans also helpfully tell us what we're missing, so go ahead and treat
it as INVed.
This prevents higher order orphans and other junk from
holding positions in the orphan map. Parents delayed
twenty minutes are more are unlikely to ever arrive.
The freed space will improve the orphan matching success rate for
other transactions.
As per meeting 2016-03-31
https://bitcoincore.org/en/meetings/2016/03/31/#bad-chain-alerts
The partition checker was producing huge number of false-positives
and was disabled in 0.12.1 on the understanding it would either be
fixed in 0.13 or removed entirely from master if not.
* Use CNode::addeName to track whether a connection to a name is already open
* A new connection to a previously-connected by-name addednode is only opened when
the previous one closes (even if the name starts resolving to something else)
* At most one connection is opened per addednode (even if the name resolves to multiple)
* Unify the code between ThreadOpenAddedNodeConnections and getaddednodeinfo
* Information about open connections is always returned, and the dns argument becomes a dummy
* An IP address and inbound/outbound is only reported for the (at most 1) open connection
In the Receive 'Tab' of the QT wallet, when 'Show'ing a previously requested payment, add a label underneath the QR Code showing the bitcoin address where the funds will go to.
This way the user can be sure that the QR code scanner app the user using is reading the correct bitcoin address, preventing funds to be stolen.
Includes fix for HiDPI screens by @jonasschnelli.
ff2dcf2 Tests: Edit bloated varint test and add option for 'barely expensive' tests (mrbandrews)
12c5a16 Catch exceptions from non-canonical encoding and print only to log (mrbandrews)
291f8aa Continuing port of java comptool (mrbandrews)
8c9e681 Tests: Rework blockstore to avoid re-serialization. (mrbandrews)
c2dd5a3 FIX: correctly measure size of priority block (Alex Morcos)
a278764 FIX: Account for txs already added to block in addPriorityTxs (Alex Morcos)
4dc94d1 Refactor CreateNewBlock to be a method of the BlockAssembler class (Alex Morcos)
always grow to its maximum size.
This does not go so far as to attempt to connect orphans made
connectable by a new block.
Keeping the orphan map less full helps improve the reliability
of relaying chains of transactions.
Putting the build date in the executable is a practice that has no place
in these days, now that deterministic building is increasingly common.
Continues #7732 which did this for the GUI.
eebc232 test: Add more test vectors for siphash (Wladimir J. van der Laan)
8884830 Use C++11 thread-safe static initializers (Pieter Wuille)
c31b24f Use 64-bit SipHash of netgroups in eviction (Pieter Wuille)
9bf156b Support SipHash with arbitrary byte writes (Pieter Wuille)
053930f Avoid recalculating vchKeyedNetGroup in eviction logic. (Patrick Strateman)
288d85d Get rid of CTxMempool::lookup() entirely (Pieter Wuille)
c2a4724 Optimization: use usec in expiration and reuse nNow (Pieter Wuille)
e9b4780 Optimization: don't check the mempool at all if no mempool req ever (Pieter Wuille)
dbfb426 Optimize the relay map to use shared_ptr's (Pieter Wuille)
8d39d7a Switch CTransaction storage in mempool to std::shared_ptr (Pieter Wuille)
1b9e6d3 Add support for unique_ptr and shared_ptr to memusage (Pieter Wuille)
6182d10 Do not increment nAttempts by more than one for every Good connection. (Gregory Maxwell)
c769c4a Avoid counting failed connect attempts when probably offline. (Gregory Maxwell)
3d3602f Add RPC test for the p2p mempool command in conjunction with disabled bloomfilters (Jonas Schnelli)
beceac9 Disable the mempool P2P command when bloom filters disabled (Peter Todd)
Add error and range-checking parsers for unsigned 32 and 64 bit numbers.
The 32-bit variant is required for parsing sequence numbers from the
command line in `bitcoin-tx` (see #8164 for discussion). I've thrown in
the 64-bit variant as a bonus, as I'm sure it will be needed at some
point.
Also adds tests, and updates `developer-notes.md`.
ae357d5 [Bitcoin-Tx] Add tests for sequence number support (Jonas Schnelli)
e59336f [bitcoin-tx] allow to set nSequence number over the in= command (Jonas Schnelli)
a946bb6 [RPC] createrawtransaction: add option to set the sequence number per input (Jonas Schnelli)
Also introduce UniValueType
UniValueType is a wrapper for UniValue::VType which allows setting
a typeAny flag. This flag indicates the type does not matter.
(Used by RPCTypeCheckObj)
We send a newly-accepted peer a 1000-entry addr message, and then only use
vAddrToSend for small messages. Deallocate vAddrToSend after it's been used for
the big message to save about 40 kB per connected inbound peer.
- BIP9DeploymentInfo struct for static deployment info
- VersionBitsDeploymentInfo: Avoid C++11ism by commenting parameter names
- getblocktemplate: Make sure to set deployments in the version if it is LOCKED_IN
- In this commit, all rules are considered required for clients to support
Change authentication order to make it more clear (see #7700).
- If the `-torpassword` option is provided, force use of
`HASHEDPASSWORD` auth.
- Give error message if `-torpassword` provided, but
`HASHEDPASSWORD` auth is not available.
- Give error message if only `HASHEDPASSWORD` available, but
`-torpassword` not given.
* Switch mapRelay to use shared_ptr<CTransaction>
* Switch the relay code to copy mempool shared_ptr's, rather than copying
the transaction itself.
* Change vRelayExpiration to store mapRelay iterators rather than hashes
(smaller and faster).
Optimistically test the latch bool before taking the lock.
For all IsInitialBlockDownload calls after the first to return false,
this avoids the need to lock cs_main.
This was caused by an pyc files hanging around from previous
python2 invocations, when the matching .py missing from that path.
This should not be a problem with python3's tagged caches.
Saves about 10% of application memory usage once the mempool warms up. Since the
mempool is DynamicUsage-regulated, this will translate to a larger mempool in
the same amount of space.
Map value type: eliminate the vin index; no users of the map need to know which
input of the transaction is spending the prevout.
Map key type: replace the COutPoint with a pointer to a COutPoint. A COutPoint
is 36 bytes, but each COutPoint is accessible from the same map entry's value.
A trivial DereferencingComparator functor allows indirect map keys, but the
resulting syntax is misleading: `map.find(&outpoint)`. Implement an indirectmap
that acts as a wrapper to a map that uses a DereferencingComparator, supporting
a syntax that accurately reflect the container's semantics: inserts and
iterators use pointers since they store pointers and need them to remain
constant and dereferenceable, but lookup functions take const references.
269a440 Add test for dbwrapper iterators with same-prefix keys. (Matt Corallo)
6030625 test: Add more thorough test for dbwrapper iterators (Wladimir J. van der Laan)
84c13e7 chain: Add assertion in case of missing records in index db (Wladimir J. van der Laan)
Before this, if someone imported a scriptPubKey directly (in hex form) using
importaddress, outputs sending to it would be treated as change, as the
corresponding CTxDestination was not added to the address book.
Fix this by trying to detect scriptPubKeys that are in fact convertible to a
CTxDestination and add them anyway. Add a warning to the RPC help to warn
against importing raw non-standard scripts.
- clear the __pycache__ during 'make clean'
- Copy the qrc locale file to a temp location and remove it when finished
(rcc expects everything to be in the same path)
This reduces the rate of not founds by better matching the far
end expectations, it also improves privacy by removing the
ability to use getdata to probe for a node having a txn before
it has been relayed.
Previously the benchmark code used an integer division (%) with
a non-constant in the inner-loop. This is quite slow on many
processors, especially ones like ARM that lack a hardware divide.
Even on fairly recent x86_64 like haswell an integer division can
take something like 100 cycles-- making it comparable to the
runtime of siphash.
This change avoids the division by using bitmasking instead. This
was especially easy since the count was only increased by doubling.
This change also restarts the timing when the execution time was
very low this avoids mintimes of zero in cases where one execution
ends up below the timer resolution. It also reduces the impact of
the overhead on the final result.
The formatting of the prints is changed to not use scientific
notation make it more machine readable (in particular, gnuplot
croaks on the non-fixedpoint, and it doesn't sort correctly).
This also hoists out all the floating point divisions out of the
semi-hot path because it was easy to do so.
It might be prudent to break out the critical test into a macro
just to guarantee that it gets inlined. It might also make sense
to just save out the intermediate counts and times and get the
floating point completely out of the timing loop (because e.g.
on hardware without a fast hardware FPU like some ARM it will
still be slow enough to distort the results). I haven't done
either of these in this commit.
Fixing formatting
Adding test case into automatically generated test case set
Clean up commits
removing extra whitespace from eol
Removing extra whitespace on macro line
If a node is offline failed outbound connection attempts will crank up
the addrman counter and effectively blow away our state.
This change reduces the problem by only counting attempts made while
the node believes it has outbound connections to at least two
netgroups.
Connect and addnode connections are also not counted, as there is no
reason to unequally penalize them for their more frequent
connections -- though there should be no real effect from this
unless their addnode configureation is later removed.
Wasteful repeated connection attempts while only a few connections are
up are avoided via nLastTry.
This is still somewhat incomplete protection because our outbound
peers could be down but not timed out or might all be on 'local'
networks (although the requirement for multiple netgroups helps).
The ability to GETDATA a transaction which has not (yet) been relayed
is a privacy loss vector.
The use of the mempool for this was added as part of the mempool p2p
message and is only needed to fetch transactions returned by it.
2a8b358 Fix typo adddrman to addrman as requested in #8070 (Ethan Heilman)
f4119c6 Remove non-determinism which is breaking net_tests #8069 (EthanHeilman)
bf9266e Use Socks5ErrorString() to decode error responses from socks proxy. (Warren Togami)
94fd1d8 Make Socks5() InterruptibleRecv() timeout/failures informative. (Warren Togami)
0d9af79 SOCKS5 connecting and connected messages with -debug=net. (Warren Togami)
00678bd Make failures to connect via Socks5() more informative and less unnecessarily scary. (Warren Togami)
b4d24e1 Report reindexing progress in GUI (Pieter Wuille)
d3d7547 Add -reindex-chainstate that does not rebuild block index (Pieter Wuille)
fb8fad1 Optimize ActivateBestChain for long chains (Pieter Wuille)
316623f Switch reindexing to AcceptBlock in-loop and ActivateBestChain afterwards (Pieter Wuille)
d253ec4 Make ProcessNewBlock dbp const and update comment (Pieter Wuille)
5d5e7a0 net: No need to export ConnectNode (Cory Fields)
e9ed620 net: No need to export DumpBanlist (Cory Fields)
8b8f877 net: make Ban/Unban/ClearBan functionality consistent (Cory Fields)
cca221f net: Drop CNodeRef for AttemptToEvictConnection (Cory Fields)
563f375 net: use the exposed GetNodeSignals() rather than g_signals directly (Cory Fields)
9faa490 net: remove unused set (Cory Fields)
52cbce2 net: don't import std namespace (Cory Fields)
a68ec21 Use SipHash-2-4 for address relay selection (Pieter Wuille)
8cc9cfe Switch CTxMempool::mapTx to use a hash index for txids (Pieter Wuille)
382c871 Use SipHash-2-4 for CCoinsCache index (Pieter Wuille)
0b1295b Add SipHash-2-4 primitives to hash (Pieter Wuille)
1475ecf Fix de-serialization bug where AddrMan is corrupted after exception * CAddrDB modified so that when de-serialization code throws an exception Addrman is reset to a clean state * CAddrDB modified to make unit tests possible * Regression test created to ensure bug is fixed * StartNode modifed to clear adrman if CAddrDB::Read returns an error code. (EthanHeilman)
fa83a5d [qa] wallet: Temporarily disable salvagewallet test (MarcoFalke)
fadd048 [doc] Link to clang-format in the developer notes (MarcoFalke)
fa72f7d [doc] Remove outdated line from listunspent RPC help, fix typo (MarcoFalke)
ac40ed7 Increase timeout waiting for pruned blk00000.dat (error10)
The current logic for syncing headers may lead to lots of duplicate
getheaders requests being sent: If a new block arrives while the node
is in headers sync, it will send getheaders in response to the block
announcement. When the headers arrive, the message will be of maximum
size and so a follow-up request will be sent---all of that in addition
to the existing headers syncing. This will create a second "chain" of
getheaders requests. If more blocks arrive, this may even lead to
arbitrarily many parallel chains of redundant requests.
This patch changes the behaviour to only request more headers after a
maximum-sized message when it contained at least one unknown header.
This avoids sustaining parallel chains of redundant requests.
Note that this patch avoids the issues raised in the discussion of
https://github.com/bitcoin/bitcoin/pull/6821: There is no risk of the
node being permanently blocked. At the latest when a new block arrives
this will trigger a new getheaders request and restart syncing.
Verify that results correct (match known values), consistent (encrypt->decrypt
matches the original), and compatible with the previous openssl implementation.
Also check that failed encrypts/decrypts fail the exact same way as openssl.
Wallet must come before crypto, otherwise linking fails on some platforms.
Includes a tangentially-related general cleanup rather than making the Makefile
sloppier.
The output should always match openssl's, even for failed operations. Even for
a decrypt with broken padding, the output is always deterministic (and attemtps
to be constant-time).
My changes leave all tray icon and menu creation/initialization logic
untouched. It only shows or hides the icon according to the setting.
A new checkbox was added to the OptionsDialog under the Window tab. A
bool option named "hideTrayIcon" was added to OptionsModel. This
checkbox was mapped like other all options to the OptionsModel.
A signal was added to the OptionsModel for broadcasting changes the the
hideTrayIcon option. This signal was connected to a new slot added to
BitcoinGUI named setTrayIconVisible(bool). The slot simply hides or
shows the trayIcon in BitcoinGUI according to the parameter recieved.
Changing NOP3 op name to OP_CHECKSEQUENCEVERIFY, renaming instances of OP_NOP3 in script_tests.json to CHECKSEQUENCEVERIFY
Cleaning up NOP3 comment
Re-adding test cases that were accidentally deleted, removing dupicated test case, fixing formatting
Removing re-labeling of OP_NOP3 to OP_CSV
Fixing whitespace issues
- Ban/Unban/ClearBan call uiInterface.BannedListChanged() as necessary
- Ban/Unban/ClearBan sync to disk if the operation is user-invoked
- Mark node for disconnection automatically when banning
- Lock cs_vNodes while setting disconnected
- Don't spin in a tight loop while setting disconnected
Move the version reporting to Wallet::Verify, before starting
verification of the wallet.
This removes the dependency of init on a specific wallet database
library.
A further, trivial step towards resolving #7965.
166e4b0 Notify other serviceQueue thread we are finished to prevent deadlocks. (Pavel Janík)
db18ab2 Reenable multithread scheduler test. (Pavel Janík)
I made a subclass of QMessageBox that disables the send button in
exec() and starts a timer that calls a slot to re-enable it after a
configurable delay.
It also has a countdown in the send/yes button while it is disabled
to hint to the user why the send button is disabled (and that it is
actually supposed to be disabled).
* The "ERROR" was printed far too often during normal operation for what was not an error.
* Makes the Socks5() connect failure similar to the IP connect failure in debug.log.
Before:
`2016-05-09 00:15:00 ERROR: Proxy error: host unreachable`
After:
`2016-05-09 00:15:00 Socks5() connect to t6xj6wilh4ytvcs7.onion:18333 failed: host unreachable"`
Locking for each operation here is unnecessary, and solves the wrong problem.
Additionally, it introduces a problem when cs_vNodes is held in an owning
class, to which invididual CNodeRefs won't have access.
These should be weak pointers anyway, once vNodes contain shared pointers.
Rather than using a refcounting class, use a 3-step process instead.
1. Lock vNodes long enough to snapshot the fields necessary for comparing
2. Unlock and do the comparison
3. Re-lock and mark the resulting node for disconnection if it still exists
d1d7775 Improve worst-case behavior of CScript::FindAndDelete (Patrick Strateman)
e2a30bc Unit test for CScript::FindAndDelete (Gavin Andresen)
c0f660c Replace c-style cast with c++ style static_cast. (Patrick Strateman)
ec9ad5f Replace memcmp with std::equal in CScript::FindAndDelete (Patrick Strateman)
b559914 Move bloom and feerate filtering to just prior to tx sending. (Gregory Maxwell)
4578215 Return mempool queries in dependency order (Pieter Wuille)
ed70683 Handle mempool requests in send loop, subject to trickle (Pieter Wuille)
dc13dcd Split up and optimize transaction and block inv queues (Pieter Wuille)
f2d3ba7 Eliminate TX trickle bypass, sort TX invs for privacy and priority. (Gregory Maxwell)
f0188f9 http: use std::move to move HTTPRequest into HTTPWorkItem (Wladimir J. van der Laan)
37b2137 http: Change boost::scoped_ptr to std::unique_ptr in HTTPRequest (Wladimir J. van der Laan)
f97b410 http: Add log message when work queue is full (Wladimir J. van der Laan)
091d6e0 http: Do a pending c++11 simplification (Wladimir J. van der Laan)
Use std::unique_ptr for handling work items.
This makes the code more RAII and, as mentioned in the comment, is what
I planned when I wrote the code in the first place.
08d7b56 util: switch LogPrint and error to variadic templates (Wladimir J. van der Laan)
9eaa0af tinyformat: force USE_VARIADIC_TEMPLATES (Wladimir J. van der Laan)
* CAddrDB modified so that when de-serialization code throws an exception Addrman is reset to a clean state
* CAddrDB modified to make unit tests possible
* Regression test created to ensure bug is fixed
* StartNode modifed to clear adrman if CAddrDB::Read returns an error code.
Some developers clearly don't get this and have been posting
"improvements" that create clear vulnerabilities. It should
have been better explained in the code, since the design
is somewhat subtle and getting it right is important.
This patch changes the implementation from one that stores 16 2-bit integers
in one uint32_t's, to one that stores the first bit of 64 2-bit integers in
one uint64_t and the second bit in another. This allows for 450x faster
refreshing and 2.2x faster average speed.
Change the few occurrences of the deprecated `auto_ptr` to c++11 `unique_ptr`.
Silences the deprecation warnings.
Also add a missing `std::` for consistency.
Bitwise logic combined with `<` with undefined signedness will
potentially results in undefined behavior. Fix this by defining the type
as a c++11 typed enum.
Fixes#6017.
f135e3c qt: Add transaction hash to details window title (Wladimir J. van der Laan)
17a6a21 qt: Make it possible to show details for multiple transactions (Wladimir J. van der Laan)
DumpBanList currently does this:
- with lock: take a copy of the banmap
- perform I/O (write out the banmap)
- with lock: mark the banmap non-dirty
If a new ban is added during the I/O operation, it may never be persisted to
disk.
Reorder operations so that the data to be persisted cannot be older than the
time at which the banmap was marked non-dirty.
I made a silly mistake in a database wrapper where keys
were sorted by char instead of uint8_t. As x86 char is signed
the sorting for the block index database was messed up, resulting
in a segfault due to missing records.
Add a test to catch:
- Wrong sorting
- Seeking errors
- Iteration result not complete
ActivateBestChain uses chainActive after releasing the lock; reorder operations
to move all access to synchronized object into existing LOCK(cs_main) block.
A small GUI annoyance for me has always been that it's impossible to
have multiple transaction detail windows open, for example to compare
transactions.
This patch makes the window non-modal so that it is possible to open
transaction details at will.
869cf12 dbwrapper: Move `HandleError` to `dbwrapper_private` (Wladimir J. van der Laan)
b69836d dbwrapper: Pass parent CDBWrapper into CDBBatch and CDBIterator (Wladimir J. van der Laan)
878bf48 dbwrapper: Remove CDBWrapper::GetObfuscateKeyHex (Wladimir J. van der Laan)
74f7b12 dbwrapper: Remove throw keywords in function signatures (Wladimir J. van der Laan)
Pass parent wrapper directly instead of obfuscation key. This
makes it possible for other databases which re-use this code
to use other properties from the database.
Add a namespace dbwrapper_private for private functions to be used
only in dbwrapper.h/cpp and dbwrapper_tests.
Using throw() specifications in function signatures is not only
not required in C++, it is considered deprecated for
[various reasons](https://stackoverflow.com/questions/1055387/throw-keyword-in-functions-signature).
It is not implemented by any of the common C++ compilers. The usage is
also inconsistent with the rest of the source code.
Without this patch:
- When I compile the GUI from the bitcoin directory itself, it works as
expected.
- When I build the GUI in an out-of-tree build, I cannot get it to
select tabs. When I click, say the "Receive" tab nothing happens,
the button selects but it doesn't switch the page. The rest - even
the debug window - seems to work.
See full discussion here:
https://github.com/bitcoin/bitcoin/pull/7911#issuecomment-212413442
This turned out to be caused by a mismatch in the arguments to moc,
preventing it from finding `bitcoin-config.h`. Fix this by passing
`$(DEFAULT_INCLUDES)` to it, which gets set to the appropriate
path by autoconf itself.
SetString seems to be passing the length of the wrong variable to
memory_cleanse, resulting in the last byte of the temporary buffer not being
securely erased.
This will avoid sending more pointless INVs around updates, and
prevents using filter updates to timetag transactions.
Also adds locking for fRelayTxes.
By eliminating queued entries from the mempool response and responding only at
trickle time, this makes the mempool no longer leak transaction arrival order
information (as the mempool itself is also sorted)-- at least no more than
relay itself leaks it.
Previously we would assert that if every block in vBlockHashesToAnnounce is in
chainActive, then the blocks to be announced must connect. However, there are
edge cases where this assumption could be violated (eg using invalidateblock /
reconsiderblock), so just check for this case and revert to inv-announcement
instead.
Rather than allowing CNetAddr/CService/CSubNet to launch DNS queries, require
that addresses are already resolved.
This greatly simplifies async resolve logic, and makes it harder to
accidentally leak DNS queries.
Note: Some seeds aren't actually returning an IP for their name entries, so
they're being added to addrman with a source of [::].
This commit shouldn't change that behavior, for better or worse.
Previously Bitcoin would send 1/4 of transactions out to all peers
instantly. This causes high overhead because it makes >80% of
INVs size 1. Doing so harms privacy, because it limits the
amount of source obscurity a transaction can receive.
These randomized broadcasts also disobeyed transaction dependencies
and required use of the orphan pool. Because the orphan pool is
so small this leads to poor propagation for dependent transactions.
When the bypass wasn't in effect, transactions were sent in the
order they were received. This avoided creating orphans but
undermines privacy fairly significantly.
This commit:
Eliminates the bypass. The bypass is replaced by halving the
average delay for outbound peers.
Sorts candidate transactions for INV by their topological
depth then by their feerate (then hash); removing the
information leakage and providing priority service to
higher fee transactions.
Limits the amount of transactions sent in a single INV to
7tx/sec (and twice that for outbound); this limits the
harm of low fee transaction floods, gives faster relay
service to higher fee transactions. The 7 sounds lower
than it really is because received advertisements need
not be sent, and because the aggregate rate is multipled
by the number of peers.
leveldb's buildsystem causes us a few problems:
- breaks out-of-tree builds
- forces flags used for some tools
- limits cross builds
Rather than continuing to add wrappers around it, simply integrate it into our
build.
b30fb42 test: Rename wallet.dat to wallet_test.dat (Wladimir J. van der Laan)
a25a4f5 wallet_ismine.h → script/ismine.h (Wladimir J. van der Laan)
f4eae2d test: Create test fixture for wallet (Wladimir J. van der Laan)
de39c95 test: move accounting_tests and rpc_wallet_tests to wallet/test (Wladimir J. van der Laan)
28b400f doc: update release-notes for `gettxoutsetinfo` change (Wladimir J. van der Laan)
76212bb rpc: make sure `gettxoutsetinfo` hash has txids (Wladimir J. van der Laan)
9ad1a51 crypto: bytes counts are 64 bit (Wladimir J. van der Laan)
Remove the mistaken assumption that GetKey returning false signifies
an internal database issue. It will return false when the key cannot
be deserialized into the (char,uint256) stanza, which indicates
that the cursor has reached a different kind of key.
Fixes bug #7890 introduced in #7756.
Without the newline I see "bein" where the two lines are concatenated:
Note that all inputs selected must be of standard form and P2SH scripts must *bein* the wallet using importaddress or addmultisigaddress (to calculate fees).
swap was using an incorrect condition to determine when to apply an optimization
(not swapping the full direct[] when swapping two indirect prevectors).
Rather than correct the optimization I'm removing it for simplicity. Removing
this optimization minutely improves performance in the typical (currently only)
usage of member swap(), which is swapping with a freshly value-initialized
object.
Fixes a bug in which pop_back did not call the deleted item's destructor.
Using the most general erase() implementation to implement all the others
prevents similar bugs because the coupling between deallocation and destructor
invocation only needs to be maintained in one place.
Also reduces duplication of complex memmove logic.
The key (transaction id for the following outputs) should be serialized
to the HashWriter.
This is a problem as it means different transactions in the same
position with the same outputs will potentially result in the same hash.
Fixes primary concern of #7758.
Break the circular dependency between main and txdb by:
- Moving `CBlockFileInfo` from `main.h` to `chain.h`. I think this makes
sense, as the other block-file stuff is there too.
- Moving `CDiskTxPos` from `main.h` to `txdb.h`. This type seems
specific to txdb.
- Pass a functor `insertBlockIndex` to `LoadBlockIndexGuts`. This leaves
it up to the caller how to insert block indices.
Byte counts for SHA256, SHA512, SHA1 and RIPEMD160 must be 64 bits.
`size_t` has a different size per platform, causing divergent results
when hashing more than 4GB of data.
Add a method Cursor() to CCoinsView that returns a cursor which can be
used to iterate over the whole UTXO set.
- rpc: Change gettxoutsetinfo to use new Cursor method
- txdb: Remove GetStats method - Now that GetStats is implemented in
terms of Cursor, remove it.
dde46d3 Merge script_valid and script_invalid tests (Pieter Wuille)
009b503 Get rid of expect in script_tests as it's implied by scripterror (Pieter Wuille)
76da761 Make script_error a mandatory 4th field for script_tests (Pieter Wuille)
269281b Fix some misconstructed tests (Pieter Wuille)
d03e466 Fix formatting of NOPs for generated script tests (Pieter Wuille)
c7c6641 Fix JSON pretty printing in script_tests (Pieter Wuille)
d12760b rpc-tests: handle KeyError nicely in test_framework.py (Rusty Russell)
85c807c getblockchaininfo: make bip9_softforks an object, not an array. (Rusty Russell)
We can't change "softforks", but it seems far more logical to use tags
in an object rather than using an "id" field in an array.
For example, to get the csv status before, you need to iterate the
array to find the entry with 'id' field equal to "csv":
jq '.bip9_softforks | map(select(.id == "csv"))[] | .status'
Now:
jq '.bip9_softforks.csv.status'
There is no issue with fork names being incompatible with JSON tags,
since we're selecting them ourselves.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Previously we used the CInv that would be sent to the peer announcing the
transaction as the key, but using the txid instead allows us to decouple the
p2p layer from the application logic (which relies on this map to avoid
duplicate tx requests).
The lockorder potential deadlock detection works by remembering for each
lock A that is acquired while holding another B the pair (A,B), and
triggering a warning when (B,A) already exists in the table.
A and B in the above text are represented by pointers to the CCriticalSection
object that is acquired. This does mean however that we need to clean up the
table entries that refer to any critical section which is destroyed, as it
memory address can potentially be used for another unrelated lock in the future.
Implement this clean up by remembering not only the pairs in forward direction,
but also backward direction. This allows for fast iteration over all pairs that
use a deleted CCriticalSection in either the first or the second position.
The current tests for varint only check that
serialization-deserialization is a roundtrip. That is a useful test, but
it is also good to check for some exact bit patterns, to prevent a code
change that changes the serialization format from going undetected.
As the varint functions are templated, also check with different types.
da5fdbb Test relay of version 2 transactions (Suhas Daftuar)
5cb1d8a Tests: move get_bip9_status to util.py (Suhas Daftuar)
e4ba9f6 Version 2 transactions remain non-standard until CSV activates (Suhas Daftuar)
Currently, we're keeping a timeout for each requested block, starting
from when it is requested, with a correction factor for the number of
blocks in the queue.
That's unnecessarily complicated and inaccurate.
As peers process block requests in order, we can make the timeout for each
block start counting only when all previous ones have been received, and
have a correction based on the number of peers, rather than the total number
of blocks.
Two-line patch to make it possible to shut down bitcoind cleanly during
the initial ActivateBestChain.
Fixes#6459 (among other complaints).
To reproduce:
- shutdown bitcoind
- copy chainstate
- start bitcoind
- let the chain sync a bit
- shutdown bitcoind
- copy back old chainstate
- start bitcoind
- bitcoind will catch up with all blocks during Init()
(the `boost::this_thread::interruption_point` / `ShutdownRequested()`
dance is ugly, this should be refactored all over bitcoind at some point
when moving from boost::threads to c++11 threads, but it works...)
They claimed to be testing P2SH scripts with non-push scriptSigs, but
1) they were not enabling P2SH
2) they have push-only scriptSigs
Fix this, and add a few more related cases.
Split out methods to every module, apart from 'help' and 'stop' which
are implemented in rpcserver.cpp itself.
- This makes it easier to add or remove RPC commands - no longer everything that includes
rpcserver.h has to be rebuilt when there's a change there.
- Cleans up `rpc/server.h` by getting rid of the huge cluttered list of function definitions.
- Removes most of the bitcoin-specific code from rpcserver.cpp and .h.
Continues #7307 for the non-wallet.
Ubuntu 16.04 "xenial xerus" does not come with Python 2.x by default.
It is possible to install a python-2.7 package, but this has its own
problem: no `python` or `python2` symlink (see #7717).
This fixes the following scripts to work with python 3:
- `make check` (bctest,py, bitcoin-util-test.py)
- `make translate` (extract_strings_qt.py)
- `make symbols-check` (symbol-check.py)
- `make security-check` (security-check.py)
Explicitly call the python commands using $(PYTHON) instead
of relying on the interpreter line at the top of the scripts.
The build date does only makes sense for custom/self-compiled bitcoin-core versions because we are using static build-dates for our deterministic release builds.
Having a quick option to get the current datadir is much more valuable for debug purposes.
The "feefilter" p2p message is used to inform other nodes of your mempool min fee which is the feerate that any new transaction must meet to be accepted to your mempool. This will allow them to filter invs to you according to this feerate.
Creates the generatetoaddress rpc which is virtually identical to the generate rpc except that it takes an argument for the address to mine to. It does not rely on wallet functionality.
The mining code shared by generate and generatetoaddress has been moved to another method to reduce duplication.
fad8cfb [qa] mininode: Add and use CONSTs (MarcoFalke)
fa8cd46 [qa] Move create_tx() to util.py (MarcoFalke)
fad7dc8 [qa] wallet: speed up tests (MarcoFalke)
fa3a81a [tests] Extend util_ParseMoney test case (MarcoFalke)
This implements caching of ancestor state to each mempool entry, similar to
descendant tracking, but also including caching sigops-with-ancestors (as that
metric will be helpful to future code that implements better transaction
selection in CreatenewBlock).
The work limit served to prevent the descendant walking algorithm from doing
too much work by marking the parent transaction as dirty. However to implement
ancestor tracking, it's not possible to similarly mark those descendant
transactions as dirty without having to calculate them to begin with.
This commit removes the work limit altogether. With appropriate
chain limits (-limitdescendantcount) the concern about doing too much
work inside this function should be mitigated.
While trying to find a black/white version of the Bitcoin
logo for the organization I noticed the about.png is not
entirely black - it has some reflection. Remove this to make
it the same as other icons.
Also ran the icons through `contrib/devtools/optimize-pngs.py`,
so `chevron.png` was optimized too.
0ecb340 test: Script_error checking in script_invalid tests (Wladimir J. van der Laan)
2317ad7 test: Re-introduce JSON pretty printing in test builder (Wladimir J. van der Laan)
b0ff857 test: Move non-generated script_invalid test to the correct place (Wladimir J. van der Laan)
It looks like, TorController::disconnected_cb(TorControlConnection&
conn) gets called multiple times which results in multiple event_new().
Avoid this by creating the event only once in the constructore, and
deleting it only once in the destructor (thanks to Cory Fields for the
idea).
Replaces the fix by Jonas Schnelli in #7610, see discussion there.
Continues "Make logging for validation optional" from #6519.
The idea there was to remove all ERROR logging of rejected transaction,
and move it to one message in the class 'mempoolrej' which logs the
state message (and debug info). The superfluous ERRORs in the log
"terrify" users, see for example issue #5794.
Unfortunately a lot of new logging was introduced in #6871 (RBF) and
#7287 (misc refactoring). This pull updates that new code.
f22f14c doc: mention bitcoin-cli -stdin in release notes (Wladimir J. van der Laan)
92bcca3 rpc: Input-from-stdin mode for bitcoin-cli (Wladimir J. van der Laan)
Implements #7442 by adding an option `-stdin` which reads
additional arguments from stdin, one per line.
For example
```bash
echo -e "mysecretcode\n120" | src/bitcoin-cli -stdin walletpassphrase
echo -e "walletpassphrase\nmysecretcode\n120" | src/bitcoin-cli -stdin
```
BerkeleyDB dump files have key and value lines indented.
The salvage code passes these to ParseHex as-is.
Check this in the tests (should just pass with current code).
Check for EOF before every getline, and warn when reading gets to EOF
before the end of the data.
Stricter error checking could shed more light on issues such as #7463
and #7379.
- Replace NOP3 with CHECKSEQUENCEVERIFY (BIP112)
<nSequence> CHECKSEQUENCEVERIFY -> <nSequence>
- Fails if txin.nSequence < nSequence, allowing funds of a txout to be locked for a number of blocks or a duration of time after its inclusion in a block.
- Pull most of CheckLockTime() out into VerifyLockTime(), a local function that will be reused for CheckSequence()
- Add bitwise AND operator to CScriptNum
- Enable CHECKSEQUENCEVERIFY as a standard script verify flag
- Transactions that fail CSV verification will be rejected from the mempool, making it easy to test the feature. However blocks containing "invalid" CSV-using transactions will still be accepted; this is *not* the soft-fork required to actually enable CSV for production use.
Check the returned script_error. Add expected script_error
for generated as well as custom tests.
The specific error is not part of consensus, however
it could avoid unclear reporting issues such as #6862 in the future.
Fixes#7513.
SequenceLocks functions are used to evaluate sequence lock times or heights per BIP 68.
The majority of this code is copied from maaku in #6312
Further credit: btcdrak, sipa, NicolasDorier
If number of conflict confirms cannot be determined, this means
that the block is still unknown or not yet part of the main chain,
for example during a reindex. Do nothing in that case,
instead of crash with an assertion.
Fixes#7234.
This test is no longer relevant.
It was introduced in 8c222dca4f to check
the switch to 1MB blocks after the BDB too-many-locks issue back in
2013. The switching code has been long since removed.
It also needs a specific data file that is hard to find. I've verified
in #6320 that it still passes, however I think there is zero reason to
keep it.
Closes#6320.
A WWW-Authenticate header must be present in the 401
response to make clients know that they can authenticate,
and how.
WWW-Authenticate: Basic realm="jsonrpc"
Fixes#7462.
fad6244 ATMP: make nAbsurdFee const (MarcoFalke)
fa762d0 [wallet.h] Remove main.h include (MarcoFalke)
fa79db2 Move maxTxFee out of mempool (MarcoFalke)
027fdb8 When/if the copyright line does not mention Bitcoin Core developers, add a second line to copyrights in -version, About dialog, and splash screen (Luke Dashjr)
cc2095e Rewrite FormatParagraph to handle newlines within input strings correctly (Luke Dashjr)
cddffaf Bugfix: Include COPYRIGHT_HOLDERS_SUBSTITUTION in Makefile substitutions so it gets passed to extract-strings correctly (Luke Dashjr)
29598e4 Move PACKAGE_URL to configure.ac (Luke Dashjr)
78ec83d splashscreen: Resize text to fit exactly (Luke Dashjr)
3cae140 Bugfix: Actually use _COPYRIGHT_HOLDERS_SUBSTITUTION everywhere (Luke Dashjr)
4d5a3df Bugfix: gitian-descriptors: Add missing python-setuptools requirement for OS X (biplist module) (Luke Dashjr)
e4ab5e5 Bugfix: Correct copyright year in Mac DMG background image (Luke Dashjr)
917b1d0 Set copyright holders displayed in notices separately from the package name (Luke Dashjr)
c39a6ff Travis & gitian-osx: Use depends for ds_store and mac_alias modules (Luke Dashjr)
902ccde depends: Add mac_alias to depends (Luke Dashjr)
82a2d98 depends: Add ds_store to depends (Cory Fields)
de619a3 depends: Pass PYTHONPATH along to configure (Cory Fields)
e611b6e macdeploy: Use rsvg-convert rather than cairosvg (Luke Dashjr)
63bcdc5 More complicated package name substitution for Mac deployment (Luke Dashjr)
1a6c67c Parameterise 2009 in translatable copyright strings (Luke Dashjr)
d5f4683 Unify package name to as few places as possible without major changes (Luke Dashjr)
cf82d05 Build: Consensus: Make libbitcoinconsensus_la_SOURCES fully dynamic and dependend on both crypto and consensus packages (Jorge Timón)
4feadec Build: Libconsensus: Move libconsensus-ready files to the consensus package (Jorge Timón)
a3d5eec Build: Consensus: Move consensus files from common to its own module/package (Jorge Timón)
ProcessNewBlock would return failure early if CheckBlock failed, before
calling AcceptBlock. AcceptBlock also calls CheckBlock, and upon failure
would update mapBlockIndex to indicate that a block was failed. By returning
early in ProcessNewBlock, we were not marking blocks that fail a check in
CheckBlock as permanently failed, and thus would continue to re-request and
reprocess them.
This corrects a bug the case of tying group size where the code may
fail to select the group with the newest member. Since newest time
is the final selection criteria, failing to break ties on it
on the step before can undermine the final selection.
Tied netgroups are very common.
(cherry picked from commit 8e09f914f8ec66301257358b250e9a61befadd95)
With automatic tor HS support in place we should probably not be providing
absolute protection for local peers, since HS inbound could be used to
attack pretty easily. Instead, this counts on the latency metric inside
AttemptToEvictConnection to privilege actually local peers.
(cherry picked from commit 46dbcd4833115401fecbb052365b4c7725874414)
Previously didn't make clear that the ContextualCheckBlock* functions
meant the block headers as context - not the UTXO set itself - and that
ConnectBlock() also did UTXO-related validity checks (in the future we
may split that functionality into a separate UTXO-specific contextual
check block function).
Also, reordered to put validity checks first for better readability.
Also renames whitelistalwaysrelay.
Nodes relay all transactions from whitelisted peers, this
gets in the way of some useful reasons for whitelisting
peers-- for example, bypassing bandwidth limitations.
The purpose of this forced relaying is for specialized gateway
applications where a node is being used as a P2P connection
filter and multiplexer, but where you don't want it getting
in the way of (re-)broadcast.
This change makes it configurable with whitelistforcerelay.
43abb02 [Qt] Add a new chevron/arrow icon for the console prompt line (Jonas Schnelli)
56c9e66 [Qt] keep scroll position in GUI console after changing font size (Jonas Schnelli)
3a3a927 [Qt] Add option to increase/decrease font size in the console window (Jonas Schnelli)
"permit" is currently used to configure transaction filtering, whereas replacement is more to do with the memory pool state than the transaction itself.
Adds several unittests for CAddrMan and CAddrInfo.
Increases the accuracy of addrman tests.
Removes non-determinism in tests by overriding the random number generator.
Extracts testing code from addrman class to test class.
Add a configuration option `-permitrbf` to set transaction replacement policy
for the mempool.
Enabling it will enable (opt-in) RBF, disabling it will refuse all
conflicting transactions.
e8600c9 banlist (bugfix): allow CNode::SweepBanned() to run on interval (Philip Kaufmann)
2977c24 banlist: add more banlist infos to log / add GUI signal (Philip Kaufmann)
ce479aa banlist: better handling of banlist in StartNode() (Philip Kaufmann)
57c77fe banlist: update set dirty to be more fine grained (Philip Kaufmann)
Add "bip125-replaceable" output field to listtransactions and gettransaction
which indicates if an unconfirmed transaction, or any unconfirmed parent, is
signaling opt-in RBF according to BIP 125.
d11fc16 [Wallet] Call notification signal when a transaction is abandoned (Jonas Schnelli)
df0e222 Add RPC test for abandoned and conflicted transactions. (Alex Morcos)
01e06d1 Add new rpc call: abandontransaction (Alex Morcos)
9e69717 Make wallet descendant searching more efficient (Alex Morcos)
Unconfirmed transactions that are not in your mempool either due to eviction or other means may be unlikely to be mined. abandontransaction gives the wallet a way to no longer consider as spent the coins that are inputs to such a transaction. All dependent transactions in the wallet will also be marked as abandoned.
Due to include ordering, defining in one place was not enough to ensure correct
usage. Use global defines so that we don't have to worry abou this ordering.
Also add a comment in configure about the test.
fa33d97 [walletdb] Add missing LOCK() in Recover() for dummyWallet (MarcoFalke)
fa14d99 [qa] check if wallet or blochchain maintenance changes the balance (MarcoFalke)
fa0765d [qa] Cleanup wallet.py test (MarcoFalke)
If a new transaction will cause limitfreerelay
to be exceeded it should not be accepted
into the memory pool and the byte counter
should be updated only after the fact.
noexcept is default for destructors as of c++11. By throwing in reverselock's
destructor if it's lock has been tampered with, the likely result is
std::terminate being called. Indeed that happened before this change.
Once reverselock has taken another lock (its ctor didn't throw), it makes no
sense to try to grab or lock the parent lock. That is be broken/undefined
behavior depending on the parent lock's implementation, but it shouldn't cause
the reverselock to fail to re-lock when destroyed.
To avoid those problems, simply swap the parent lock's contents with a dummy
for the duration of the lock. That will ensure that any undefined behavior is
caught at the call-site rather than the reverse lock's destruction.
Barring a failed mutex unlock which would be indicative of a larger problem,
the destructor should now never throw.
This is ugly, but temporary. boost::filesystem will likely be dropped soon
after c++11 is enabled. Otherwise, we could simply roll our own copy_file. I've
fixed this at the buildsystem level for now in order to avoid mixing in
functional changes.
Explanation:
If boost (prior to 1.57) was built without c++11, it emulated scoped enums
using c++98 constructs. Unfortunately, this implementation detail leaked into
the abi. This was fixed in 1.57.
When building against that installed version using c++11, the headers pick up
on the native c++11 scoped enum support and enable it, however it will fail to
link. This can be worked around by disabling c++11 scoped enums if linking will
fail.
Add an autoconf test to determine incompatibility. At build-time, if native
enums are being used (a c++11 build), and force-disabling them causes a
successful link, we can be sure that there's an incompatibility and enable the
work-around.
Don't scan the wallet to see if the current key has been used if we're going to make a new key anyway.
Stop scanning the wallet as soon as we see that the current key has been used.
Don't call isValid() twice on the current key.
After discussion in #7164 I think this is better.
Max tip age was introduced in #5987 to make it possible to run
testnet-in-a-box. But associating this behavior with the testnet chain
is wrong conceptually, as it is not needed in normal usage.
Should aim to make testnet test the software as-is.
Replace it with a (debug) option `-maxtipage`, which can be
specified only in the specific case.
d812daf fix logic for error log (accraze)
c611acc wallet: check if tx scriptPubKey is unspendable (accraze)
b6915b8 checks for null data transaction before debug.log (accraze)
CWalletTx::GetAmounts could not find output address for null data transactions, thus issuing an error in debug.log. This change checks to see if the transaction is OP_RETURN before issuing error.
resolves#6142
We used to have a trickle node, a node which was chosen in each iteration of
the send loop that was privileged and allowed to send out queued up non-time
critical messages. Since the removal of the fixed sleeps in the network code,
this resulted in fast and attackable treatment of such broadcasts.
This pull request changes the 3 remaining trickle use cases by random delays:
* Local address broadcast (while also removing the the wiping of the seen filter)
* Address relay
* Inv relay (for transactions; blocks are always relayed immediately)
The code is based on older commits by Patrick Strateman.
- Avoids string typos (by making the compiler check)
- Makes it easier to grep for handling/generation of a certain message type
- Refer directly to documentation by following the symbol in IDE
- Move list of valid message types to protocol.cpp:
protocol.cpp is a more appropriate place for this, and having
the array there makes it easier to keep things consistent.
2041190 test: Add basic test for `reject` code (Wladimir J. van der Laan)
9fc6ed6 net: Fix sent reject messages for blocks and transactions (Wladimir J. van der Laan)
fc0f52d Added a test for the pruning of extraneous inputs after ApproximateBestSet (Murch)
af9510e Moved set reduction to the end of ApproximateBestSubset to reduce performance impact (Murch)
5c03483 Coinselection prunes extraneous inputs from ApproximateBestSubset (AlSzacrel)
Some extra bytes in libconsensus to get all the crypto (except for signing, which is in the common module) below the libconsensus future independent repo (that has libsecp256k1 as a subtree).
hmac_sha256.o seems to be the only thing libbitcoinconsensus doesn't depend on from crypto, some more bytes for the final libconsensus: I'm not personally worried.
A further pass over the available inputs has been added to ApproximateBestSubset after a candidate set has been found. It will prune any extraneous inputs in the selected subset, in order to decrease the number of input and the resulting change.
Mempool requests use a fair amount of bandwidth when the mempool is large,
disconnecting peers using them follows the same logic as disconnecting
peers fetching historical blocks.
aa4b0c2 When not filtering blocks, getdata sends more in one test (Pieter Wuille)
d41e44c Actually only use filterInventoryKnown with MSG_TX inventory messages. (Gregory Maxwell)
b6a0da4 Only use filterInventoryKnown with MSG_TX inventory messages. (Patick Strateman)
6b84935 Rename setInventoryKnown filterInventoryKnown (Patick Strateman)
e206724 Remove mruset as it is no longer used. (Gregory Maxwell)
ec73ef3 Replace setInventoryKnown with a rolling bloom filter. (Gregory Maxwell)
One test in AcceptToMemoryPool was to compare a transaction's fee
agains the value returned by GetMinRelayFee. This value was zero for
all small transactions. For larger transactions (between
DEFAULT_BLOCK_PRIORITY_SIZE and MAX_STANDARD_TX_SIZE), this function
was preventing low fee transactions from ever being accepted.
With this function removed, we will now allow transactions in that range
with fees (including modifications via PrioritiseTransaction) below
the minRelayTxFee, provided that they have sufficient priority.
Redo the feerate index to be based on mining score, rather than fee.
Update mempool_packages.py to test prioritisetransaction's effect on
package scores.
- Add new translations (finally, after a long time)
- update-translation script was not considering new translations - oops
- fixed this, also remove (nearly) empty translations
- Update translation process, it was still describing the old repository
structure
Use the score index on the mempool to only add sorted txs in order. Remove much of the validation while building the block, relying on mempool to be consistent and only contain txs that can be mined.
The mempool is assumed to be consistent as far as not containing txs which spend non-existent outputs or double spends, and scripts are valid. Finality of txs is still checked (except not coinbase maturity, assumed in mempool).
Still TestBlockValidity in case mempool consistency breaks and return error state if an invalid block was created.
Unit tests are modified to realize that invalid blocks can now be constructed if the mempool breaks its consistency assumptions and also updated to have the right fees, since the cached value is now used for block construction.
Conflicts:
src/miner.cpp
The score index is meant to represent the order of priority for being included in a block for miners. Initially this is set to the transactions modified (by any feeDelta) fee rate. Index improvements and unit tests by sdaftuar.
Store sum of legacy and P2SH sig op counts. This is calculated in AcceptToMemory pool and storing it saves redoing the expensive calculation in block template creation.
But keep translating them in the GUI.
This - necessarily - requires duplication of a few messages.
Alternative take on #7134, that keeps the translations from being wiped.
Also document GetWarnings() input argument.
Fixes#5895.
ff723da [Qt] improve minimum absolute fee option - Only display the minimum absolute fee control if CoinControl is enabled (Jonas Schnelli)
31b508a [Qt] make use of the nMinimumTotalFee (absolute) in coincontrols fee calculation (Jonas Schnelli)
80462dd [Qt] use ASYMP_UTF8 (≈) whenever we show a fee that is not absolute (Jonas Schnelli)
ecc7c82 Move fPayAtLeastCustomFee function to CC (Pieter Wuille)
ebb25f4 Limit setAskFor and retire requested entries only when a getdata returns. (Gregory Maxwell)
5029698 prevent peer flooding request queue for an inv (kazcw)
Make RPC tests have a default block priority size of 50000 (the old default) so we can still use free transactions in RPC tests. When priority is eliminated, we will have to make a different change if we want to continue allowing free txs.
9af5f9c Move uiInterface.NotifyBlockTip signal above the core/wallet signal - This will keep getbestblockhash more in sync with blocknotify callbacks (Jonas Schnelli)
4082e46 [Qt] call GuessVerificationProgress synchronous during core signal, pass double over UI signal (Jonas Schnelli)
947d20b [Qt] reduce cs_main in getVerificationProgress() (Jonas Schnelli)
e6d50fc [Qt] update block tip (height and date) without locking cs_main, update always (each block) (Jonas Schnelli)
012fc91 NotifyBlockTip signal: switch from hash (uint256) to CBlockIndex* - also adds a boolean for indication if the tip update was happening during initial sync - emit notification also during initial sync (Jonas Schnelli)
Mruset setInventoryKnown was reduced to a remarkably small 1000
entries as a side effect of sendbuffer size reductions in 2012.
This removes setInventoryKnown filtering from merkleBlock responses
because false positives there are especially unattractive and
also because I'm not sure if there aren't race conditions around
the relay pool that would cause some transactions there to
be suppressed. (Also, ProcessGetData was accessing
setInventoryKnown without taking the required lock.)
This replaces using inv messages to announce new blocks, when a peer requests
(via the new "sendheaders" message) that blocks be announced with headers
instead of inv's.
Since headers-first was introduced, peers send getheaders messages in response
to an inv, which requires generating a block locator that is large compared to
the size of the header being requested, and requires an extra round-trip before
a reorg can be relayed. Save time by tracking headers that a peer is likely to
know about, and send a headers chain that would connect to a peer's known
headers, unless the chain would be too big, in which case we revert to sending
an inv instead.
Based off of @sipa's commit to announce all blocks in a reorg via inv,
which has been squashed into this commit.
Rebased-by: Pieter Wuille
This allows for much finer control of the transaction fees per kilobyte
as it prevent small transactions using a fee that is more appropriate
for one that is of a kilobyte.
This also allows controlling the fee per kilobyte over rpc such that:
bitcoin-cli settxfee `bitcoin-cli estimatefee 2`
would make sense, while currently it grossly fails often by a factor of x3
For each 'bit' in the filter we really maintain 2 bits, which store either:
0: not set
1-3: set in generation N
After (nElements / 2) insertions, we switch to a new generation, and wipe
entries which already had the new generation number, effectively switching
from the last 1.5 * nElements set to the last 1.0 * nElements set.
This is 25% more space efficient than the previous implementation, and can
(at peak) store 1.5 times the requested amount of history (though only
1.0 times the requested history is guaranteed).
The existing unit tests should be sufficient.
This switches the Merkle tree logic for blocks to one that runs in constant (small) space.
The old code is moved to tests, and a new test is added that for various combinations of
block sizes, transaction positions to compute a branch for, and mutations:
* Verifies that the old code and new code agree for the Merkle root.
* Verifies that the old code and new code agree for the Merkle branch.
* Verifies that the computed Merkle branch is valid.
* Verifies that mutations don't change the Merkle root.
* Verifies that mutations are correctly detected.
a46f87f Initialize logging before we do parameter interaction (Jonas Schnelli)
df66147 Move -blocksonly parameter interaction to the new ParameterInteraction() function (Jonas Schnelli)
68354e7 [QT] Call inits parameter interaction before we create the options model (Jonas Schnelli)
411b05a Refactor parameter interaction, call it before AppInit2() (Jonas Schnelli)
This makes sure that retransmits by a whitelisted peer also actually
result in a retransmit.
Further, this changes the logic to never relay in case we would assign
a DoS score, as we expect to get DoS banned ourselves as a result.
Adds 127.0.0.1:9050 for the .onion proxy if we can succesfully connect
to the control port.
Natural followup to creating hidden services automatically.
Previously all of these functions could return negative values (for different
readons). Large portions of the codebase currently assume that these
functions return positive values.
Previously peers which implement a protocol version less than NO_BLOOM_VERSION
would not be disconnected for sending a filter command, regardless of the
peerbloomfilter option.
Many node operators do not wish to provide expensive bloom filtering for SPV
clients, previously they had to cherry pick the commit which enabled the
disconnect logic.
The default should remain false until a sufficient percent of SPV clients
have updated.
1) Chainparams: Explicit CChainParams arg for main:
-AcceptBlock
-AcceptBlockHeader
-ActivateBestChain
-ConnectTip
-InitBlockIndex
-LoadExternalBlockFile
-VerifyDB parametric constructor
2) Also pickup more Params()\. in main.cpp
3) Pass nPruneAfterHeight explicitly to new FindFilesToPrune() in main.cpp
The setAskFor duplicate elimination was too eager and removed entries
when we still had no getdata response, allowing the peer to keep
INVing and not responding.
mapAlreadyAskedFor does not keep track of which peer has a request queued for a
particular tx. As a result, a peer can blind a node to a tx indefinitely by
sending many invs for the same tx, and then never replying to getdatas for it.
Each inv received will be placed 2 minutes farther back in mapAlreadyAskedFor,
so a short message containing 10 invs would render that tx unavailable for 20
minutes.
This is fixed by disallowing a peer from having more than one entry for a
particular inv in mapAlreadyAskedFor at a time.
80ae230 Improve log messages for blocks only violations. (Patick Strateman)
08843ed Add relaytxes status to getpeerinfo (Peter Todd)
d8aaa51 Bail early in processing transactions in blocks only mode. (Patick Strateman)
3587f6a Fix relay mechanism for whitelisted peers under blocks only mode. (Patick Strateman)
6531f17 Add mediantime field to getblock and getblockheader (Peter Todd)
7259769 Document new mediantime field in getblockchaininfo (Peter Todd)
c277a63 Clarify nLockTime-by-time comment in CheckFinalTx() (Peter Todd)
748321e Add mediantime field to getblockchaininfo RPC call (Peter Todd)
Previously in blocks only mode all inv messages where type!=MSG_BLOCK would be
rejected without regard for whitelisting or whitelistalwaysrelay.
As such whitelisted peers would never send the transaction (which would be
processed).
Compute the value of inputs that already are in the chain at time of mempool entry and only increase priority due to aging for those inputs. This effectively changes the CTxMemPoolEntry's GetPriority calculation from an upper bound to a lower bound.
It's possible coins with the same hash exist when you create a duplicate coinbase, so previously we were reading from the database to make sure we had the old coins cached so if we were to spend the new ones, the old ones would also be spent. This pull instead just marks the new coins as not fresh if they are from a coinbase, so if they are spent they will be written all the way down to the database anyway overwriting any duplicates.
Previously it would break if you flushed a parent cache while there was a child cache referring to it. This change will allow the flushing of parent caches.
1cf3dd8 Add unit test for UpdateCoins (Alex Morcos)
03c8282 Make CCoinsViewTest behave like CCoinsViewDB (Alex Morcos)
14470f9 ModifyNewCoins saves database lookups (Alex Morcos)
This provides more conservative estimates and reacts more quickly to a backlog.
Unfortunately the unit test for fee estimation depends on the success threshold (and the decay) chosen; also modify the unit test for the new default success thresholds.
These are more useful fee and priority estimation functions. If there is no fee/pri high enough for the target you are aiming for, it will give you the estimate for the lowest target that you can reliably obtain. This is better than defaulting to the minimum. It will also pass back the target for which it returned an answer.
bbf49da Fix comment for blocksonly parameter interactions (Patick Strateman)
6a4982f Fix fRelayTxs comment (Patick Strateman)
59441a0 Display DEFAULT_WHITELISTALWAYSRELAY in help text (Patick Strateman)
71a2683 Use DEFAULT_BLOCKSONLY and DEFAULT_WHITELISTALWAYSRELAY constants (Patick Strateman)
762b13b Add help text for blocksonly and whitelistalwaysrelay (Patick Strateman)
3a96497 Add whitelistalwaysrelay option (Patick Strateman)
420fa81 Do not process tx inv's in blocksonly mode (Patick Strateman)
4044f07 Add blocksonly mode (Patick Strateman)
Useful now that BIP113 is enforced for transactions entering the
mempool. Was previously only (indirectly) available by calling
getblocktemplate, a relatively expensive RPC call.
This continues/fixes #6719.
`event_base_loopbreak` was not doing what I expected it to, at least in
libevent 2.0.21.
What I expected was that it sets a timeout, given that no other pending
events it would exit in N seconds. However, what it does was delay the
event loop exit with 10 seconds, even if nothing is pending.
Solve it in a different way: give the event loop thread time to exit
out of itself, and if it doesn't, send loopbreak.
This speeds up the RPC tests a lot, each exit incurred a 10 second
overhead, with this change there should be no shutdown overhead in the
common case and up to two seconds if the event loop is blocking.
As a bonus this breaks dependency on boost::thread_group, as the HTTP
server minds its own offspring.
2bfb82b Merge pull request #351
06aeea5 Turn secp256k1_ec_pubkey_serialize outlen to in/out
970164d Merge pull request #348
6466625 Improvements for coordinate decompression
e2100ad Merge pull request #347
8e48787 Change secp256k1_ec_pubkey_combine's count argument to size_t.
c69dea0 Clear output in more cases for pubkey_combine, adds tests.
269d422 Comment copyediting.
b4d17da Merge pull request #344
4709265 Merge pull request #345
26abce7 Adds 32 static test vectors for scalar mul, sqr, inv.
5b71a3f Better error case handling for pubkey_create & pubkey_serialize, more tests.
3b7bc69 Merge pull request #343
eed87af Change contrib/laxder from headers-only to files compilable as standalone C
d7eb1ae Merge pull request #342
7914a6e Make lax_der_privatekey_parsing.h not depend on internal code
73f64ff Merge pull request #339
9234391 Overhaul flags handling
1a36898 Make flags more explicit, add runtime checks.
1a3e03a Merge pull request #340
96be204 Add additional tests for eckey and arg-checks.
bb5aa4d Make the tweak function zeroize-output-on-fail behavior consistent.
4a243da Move secp256k1_ec_privkey_import/export to contrib.
1b3efc1 Move secp256k1_ecdsa_sig_recover into the recovery module.
e3cd679 Eliminate all side-effects from VERIFY_CHECK() usage.
b30fc85 Avoid nonce_function_rfc6979 algo16 argument emulation.
70d4640 Make secp256k1_ec_pubkey_create skip processing invalid secret keys.
6c476a8 Minor comment improvements.
131afe5 Merge pull request #334
0c6ab2f Introduce explicit lower-S normalization
fea19e7 Add contrib/lax_der_parsing.h
3bb9c44 Rewrite ECDSA signature parsing code
fa57f1b Use secp256k1_rand_int and secp256k1_rand_bits more
49b3749 Add new tests for the extra testrand functions
f684d7d Faster secp256k1_rand_int implementation
251b1a6 Improve testrand: add extra random functions
31994c8 Merge pull request #338
f79aa88 Bugfix: swap arguments to noncefp
c98df26 Merge pull request #319
67f7da4 Extensive interface and operations tests for secp256k1_ec_pubkey_parse.
ee2cb40 Add ARG_CHECKs to secp256k1_ec_pubkey_parse/secp256k1_ec_pubkey_serialize
7450ef1 Merge pull request #328
68a3c76 Merge pull request #329
98135ee Merge pull request #332
37100d7 improve ECDH header-doc
b13d749 Fix couple of typos in API comments
7c823e3 travis: fixup module configs
cc3141a Merge pull request #325
ee58fae Merge pull request #326
213aa67 Do not force benchmarks to be statically linked.
338fc8b Add API exports to secp256k1_nonce_function_default and secp256k1_nonce_function_rfc6979.
52fd03f Merge pull request #320
9f6993f Remove some dead code.
357f8cd Merge pull request #314
118cd82 Use explicit symbol visibility.
4e64608 Include public module headers when compiling modules.
1f41437 Merge pull request #316
fe0d463 Merge pull request #317
cfe0ed9 Fix miscellaneous style nits that irritate overactive static analysis.
2b199de Use the explicit NULL macro for pointer comparisons.
9e90516 Merge pull request #294
dd891e0 Get rid of _t as it is POSIX reserved
201819b Merge pull request #313
912f203 Eliminate a few unbraced statements that crept into the code.
eeab823 Merge pull request #299
486b9bb Use a flags bitfield for compressed option to secp256k1_ec_pubkey_serialize and secp256k1_ec_privkey_export
05732c5 Callback data: Accept pointers to either const or non-const data
1973c73 Bugfix: Reinitialise buffer lengths that have been used as outputs
788038d Use size_t for lengths (at least in external API)
c9d7c2a secp256k1_context_set_{error,illegal}_callback: Restore default handler by passing NULL as function argument
9aac008 secp256k1_context_destroy: Allow NULL argument as a no-op
64b730b secp256k1_context_create: Use unsigned type for flags bitfield
cb04ab5 Merge pull request #309
a551669 Merge pull request #295
81e45ff Update group_impl.h
85e3a2c Merge pull request #112
b2eb63b Merge pull request #293
dc0ce9f [API BREAK] Change argument order to out/outin/in
6d947ca Merge pull request #298
c822693 Merge pull request #301
6d04350 Merge pull request #303
7ab311c Merge pull request #304
5fb3229 Fixes a bug where bench_sign would fail due to passing in too small a buffer.
263dcbc remove unused assignment
b183b41 bugfix: "ARG_CHECK(ctx != NULL)" makes no sense
6da1446 build: fix parallel build
5eb4356 Merge pull request #291
c996d53 Print success
9f443be Move pubkey recovery code to separate module
d49abbd Separate ECDSA recovery tests
439d34a Separate recoverable and normal signatures
a7b046e Merge pull request #289
f66907f Improve/reformat API documentation secp256k1.h
2f77487 Add context building benchmarks
cc623d5 Merge pull request #287
de7e398 small typo fix
9d96e36 Merge pull request #280
432e1ce Merge pull request #283
14727fd Use correct name in gitignore
356b0e9 Actually test static precomputation in Travis
ff3a5df Merge pull request #284
2587208 Merge pull request #212
a5a66c7 Add support for custom EC-Schnorr-SHA256 signatures
d84a378 Merge pull request #252
72ae443 Improve perf. of cmov-based table lookup
92e53fc Implement endomorphism optimization for secp256k1_ecmult_const
ed35d43 Make `secp256k1_scalar_add_bit` conditional; make `secp256k1_scalar_split_lambda_var` constant time
91c0ce9 Add benchmarks for ECDH and const-time multiplication
0739bbb Add ECDH module which works by hashing the output of ecmult_const
4401500 Add constant-time multiply `secp256k1_ecmult_const` for ECDH
e4ce393 build: fix hard-coded usage of "gen_context"
b8e39ac build: don't use BUILT_SOURCES for the static context header
baa75da tests: add a couple tests
ae4f0c6 Merge pull request #278
995c548 Introduce callback functions for dealing with errors.
c333074 Merge pull request #282
18c329c Remove the internal secp256k1_ecdsa_sig_t type
74a2acd Add a secp256k1_ecdsa_signature_t type
23cfa91 Introduce secp256k1_pubkey_t type
4c63780 Merge pull request #269
3e6f1e2 Change rfc6979 implementation to be a generic PRNG
ed5334a Update configure.ac to make it build on OpenBSD
1b68366 Merge pull request #274
a83bb48 Make ecmult static precomputation default
166b32f Merge pull request #276
c37812f Add gen_context src/ecmult_static_context.h to CLEANFILES to fix distclean.
125c15d Merge pull request #275
76f6769 Fix build with static ecmult altroot and make dist.
5133f78 Merge pull request #254
b0a60e6 Merge pull request #258
733c1e6 Add travis build to test the static context.
fbecc38 Add ability to use a statically generated ecmult context.
4fb174d Merge pull request #263
4ab8990 Merge pull request #270
bdf0e0c Merge pull request #271
31d0c1f Merge pull request #273
eb2c8ff Add missing casts to SECP256K1_FE_CONST_INNER
55399c2 Further performance improvements to _ecmult_wnaf
99fd963 Add secp256k1_ec_pubkey_compress(), with test similar to the related decompress() function.
145cc6e Improve performance of _ecmult_wnaf
36b305a Verify the result of GMP modular inverse using non-GMP code
0cbc860 Merge pull request #266
06ff7fe Merge pull request #267
5a43124 Save 1 _fe_negate since s1 == -s2
a5d796e Update code comments
3f3964e Add specific VERIFY tests for _fe_cmov
7d054cd Refactor to save a _fe_negate
b28d02a Refactor to remove a local var
55e7fc3 Perf. improvement in _gej_add_ge
a0601cd Fix VERIFY calculations in _fe_cmov methods
17f7148 Merge pull request #261
7657420 Add tests for adding P+Q with P.x!=Q.x and P.y=-Q.y
8c5d5f7 tests: Add failing unit test for #257 (bad addition formula)
5de4c5d gej_add_ge: fix degenerate case when computing P + (-lambda)P
bcf2fcf gej_add_ge: rearrange algebra
e2a07c7 Fix compilation with C++
873a453 Merge pull request #250
91eb0da Merge pull request #247
210ffed Use separate in and out pointers in `secp256k1_ec_pubkey_decompress`
a1d5ae1 Tiny optimization
729badf Merge pull request #210
2d5a186 Apply effective-affine trick to precomp
4f9791a Effective affine addition in EC multiplication
2b4cf41 Use pkg-config always when possible, with failover to manual checks for libcrypto
git-subtree-dir: src/secp256k1
git-subtree-split: 2bfb82b10edf0f0b0e366a12f94c8b21a914159d
58ef0ff doc: update docs for Tor listening (Wladimir J. van der Laan)
68ccdc4 doc: Mention Tor listening in release notes (Wladimir J. van der Laan)
09c1ae1 torcontrol improvements and fixes (Wladimir J. van der Laan)
2f796e5 Better error message if Tor version too old (Peter Todd)
8f4e67f net: Automatically create hidden service, listen on Tor (Wladimir J. van der Laan)
- Force AUTHCOOKIE size to be 32 bytes: This provides protection against
an attack where a process pretends to be Tor and uses the cookie
authentication method to nab arbitrary files such as the
wallet
- torcontrol logging
- fix cookie auth
- add HASHEDPASSWORD auth, fix fd leak when fwrite() fails
- better error reporting when cookie file is not ok
- better init/shutdown flow
- stop advertizing service when disconnected from tor control port
- COOKIE->SAFECOOKIE auth
69d373f Don't wipe the sigcache in TestBlockValidity (Pieter Wuille)
0b9e9dc Evict sigcache entries that are seen in a block (Pieter Wuille)
830e3f3 Make sigcache faster and more efficient (Pieter Wuille)
Previous text could be interpreted as the the _additional_ fee paid by
the result on top of the fee the original version paid, rather than the
correct interpretation: the absolute fee the resulting tx pays.
Previously all conflicting transactions were evaluated as a whole to
determine if the feerate was being increased. This meant that low
feerate children pulled the feerate down, potentially allowing a high
transaction with a high feerate to be replaced by one with a lower
feerate.
Replaces transactions already in the mempool if a new transaction seen
with a higher fee, specifically both a higher fee per KB and a higher
absolute fee. Children are evaluateed for replacement as well, using the
mempool package tracking to calculate replaced fees/size. Transactions
can opt-out of transaction replacement by setting nSequence >= maxint-1
on all inputs. (which all wallets do already)
Starting with Tor version 0.2.7.1 it is possible, through Tor's control socket
API, to create and destroy 'ephemeral' hidden services programmatically.
https://stem.torproject.org/api/control.html#stem.control.Controller.create_ephemeral_hidden_service
This means that if Tor is running (and proper authorization is available),
bitcoin automatically creates a hidden service to listen on, without user
manual configuration. This will positively affect the number of available
.onion nodes.
- When the node is started, connect to Tor through control socket
- Send `ADD_ONION` command
- First time:
- Make it create a hidden service key
- Save the key in the data directory for later usage
- Make it redirect port 8333 to the local port 8333 (or whatever port we're listening on).
- Keep control socket connection open for as long node is running. The hidden service will
(by default) automatically go away when the connection is closed.
Process `getheaders` messages from whitelisted peers even if we are in
initial block download. Whitelisted peers can always use a node as a
block source.
Also log a debug message when the request is ignored, for
troubleshooting.
Fixes#6971.
d1c3762 Revert "Revert "Enable policy enforcing GetMedianTimePast as the end point of lock-time constraints"" (Gregory Maxwell)
e4e5334 Restore MedianTimePast for locktime. (Gregory Maxwell)
Previously, the undo weren't being flushed during a reindex because
fKnown was set to true in FindBlockPos. That is the correct behaviour
for block files as they aren't being touched, but undo files are
touched.
This changes the behaviour to always flush when switching to a new file
(even for block files, though that isn't really necessary).
The docs talk about bits 2 and 4 instead of 2 and 3, and bits are being
indexed from both 1 (describing nCode) and 0 (in second example).
Changed to use zero-indexing for all.
6342a48 Init: Use DEFAULT_TRANSACTION_MINFEE in help message (MarcoFalke)
a9c73a1 [wallet] Add comments for doxygen (MarcoFalke)
6b0e622 [wallet] Refactor to use new MIN_CHANGE (MarcoFalke)
a6efc01 Bugfix: Omit wallet-related options from -help when wallet is disabled (Luke Dashjr)
5f9260f Bugfix: If genproclimit is omitted to RPC setgenerate, don't change it; also show correct default in getmininginfo (Luke Dashjr)
420a82f Bugfix: Describe dblogsize option correctly (it refers to the wallet database, not memory pool) (Luke Dashjr)
caa3d42 Bugfix: RPC: blockchain: Display correct defaults in help for verifychain method (Luke Dashjr)
Moves the call Initialize() from init.cpp to CreateWithArguments() and handles the
return value. Moves the call Shutdown() from init.cpp to destructor.
Changes Initialize() and Shutdown() to protected members.
Revert "Revert "Add rules--presently disabled--for using GetMedianTimePast as endpoint for lock-time calculations""
This reverts commit 40cd32e835.
After careful analysis it was determined that the change was, in fact, safe and several people were suffering
momentary confusion about locktime semantics.
When processing a new transaction, in addition to spending the Coins of its txin's it creates a new Coins for its outputs. The existing ModifyCoins function will first make sure this Coins does not already exist. It can not exist due to BIP 30, but because of that the lookup can't be cached and always has to go to the database. Since we are creating the coins to match the new tx anyway, there is no point in checking if they exist first anyway. However this should not be used for coinbase tx's in order to preserve the historical behavior of overwriting the two existing duplicate tx pairs.
40cd32e Revert "Add rules--presently disabled--for using GetMedianTimePast as endpoint for lock-time calculations" (Gregory Maxwell)
8537ecd Revert "Enable policy enforcing GetMedianTimePast as the end point of lock-time constraints" (Gregory Maxwell)
This reverts commit 9d55050773.
As noted by Luke-Jr, under some conditions this will accept transactions which are invalid by the network
rules. This happens when the current block time is head of the median time past and a transaction's
locktime is in the middle.
This could be addressed by changing the rule to MAX(this_block_time, MTP+offset) but this solution and
the particular offset used deserve some consideration.
* Introduce new constant MIN_CHANGE and use it instead of the
hardcoded "CENT"
* Add test case for MIN_CHANGE
* Introduce new constant for -mintxfee default:
DEFAULT_TRANSACTION_MINFEE = 1000
Reduce the default limits on maximum number of transactions and the cumulative size of those transactions in both ancestor and descendant packages to 25 txs and 101kb total size.
Update the unittest that is meant to catch a transaction that is invalid
because it has a null input. The old test failed not because of that
but because it was considered a coinbase with too large script. This is
already checked with a different test, though.
The new test is *not* a coinbase since it has two inputs, but one of
them is null. This really checks the corresponding code path in
CheckTransaction.
143d173 Use BOOST_CHECK_MESSAGE() rather than BOOST_CHECK() in alerts_tests.cpp and initialize strMiscWarning before calling PartitionCheck()." (Eric Lombrozo)
* -maxuploadtarget can be set in MiB
* if <limit> - ( time-left-in-24h-cycle / 600 * MAX_BLOCK_SIZE ) has reach, stop serve blocks older than one week and filtered blocks
* no action if limit has reached, no guarantee that the target will not be surpassed
* add outbound limit informations to rpc getnettotals
dea8d21 Enable policy enforcing GetMedianTimePast as the end point of lock-time constraints (Mark Friedenbach)
9d55050 Add rules--presently disabled--for using GetMedianTimePast as endpoint for lock-time calculations (Mark Friedenbach)
Until now there were quite a few leftovers, and only the coverage
related files in `src/` were cleaned, while the ones in the other dirs
remained. `qa/tmp/` is related to the BitcoinJ tests, and `cache/` is
related to RPC tests.
Transactions are not allowed in the memory pool or selected for inclusion in a block until their lock times exceed chainActive.Tip()->GetMedianTimePast(). However blocks including transactions which are only mature under the old rules are still accepted; this is *not* the soft-fork required to actually rely on the new constraint in production.
The lock-time code currently uses CBlock::nTime as the cutoff point for time based locked transactions. This has the unfortunate outcome of creating a perverse incentive for miners to lie about the time of a block in order to collect more fees by including transactions that by wall clock determination have not yet matured. By using CBlockIndex::GetMedianTimePast from the prior block instead, the self-interested miner no longer gains from generating blocks with fraudulent timestamps. Users can compensate for this change by simply adding an hour (3600 seconds) to their time-based lock times.
If enforced, this would be a soft-fork change. This commit only adds the functionality on an unexecuted code path, without changing the behaviour of Bitcoin Core.
Nagle appears to be a significant contributor to latency now that the static
sleeps are gone. Most of our messages are relatively large compared to
IP + TCP so I do not expect this to create enormous overhead.
This may also reduce traffic burstyness somewhat.
Add a comment that explains why the initial "getheader" requests are
made starting from the block preceding the currently best one.
Thanks to sdaftuar for the explanation!
There is no exact science to setting this parameter, but 5000
(just over 1 US cent at the time of writing) is higher than the
cost to relay a transaction around the network (the new benchmark
due to mempool limiting).
After each transaction which is added to mempool, we first call
Expire() to remove old transactions, then throwing away the
lowest-feerate transactions.
After throwing away transactions by feerate, we set the minimum
relay fee to the maximum fee transaction-and-dependant-set we
removed, plus the default minimum relay fee.
After the next block is received, the minimum relay fee is allowed
to decrease exponentially. Its halflife defaults to 12 hours, but
is decreased to 6 hours if the mempool is smaller than half its
maximum size, and 3 hours if the mempool is smaller than a quarter
its maximum size.
The minimum -maxmempool size is 40*-limitdescendantsize, as it is
easy for an attacker to play games with the cheapest
-limitdescendantsize transactions. -maxmempool defaults to 300MB.
This disables high-priority transaction relay when the min relay
fee adjustment is >0 (ie when the mempool is full). When the relay
fee adjustment drops below the default minimum relay fee / 2 it is
set to 0 (re-enabling priority-based free relay).
(note the 9x multiplier on (void*)'s for CTxMemPool::DynamicMemoryUsage
was accidentally introduced in 5add7a7 but should have waited for this
commit which adds the extra index)
To bridge the time until a dynamic method for determining this fee is
merged.
This is especially aimed at the stable releases (0.10, 0.11) because
full mempool limiting, as will be in 0.12, is too invasive and risky to
backport.
1534d9a Creates unittests for addrman, makes addrman testable. Adds several unittests for addrman to verify it works as expected. Makes small modifications to addrman to allow deterministic and targeted tests. (EthanHeilman)
Adds an `obfuscate` parameter to `CLevelDBWrapper` and makes use of it
for all new chainstate stores built via `CCoinsViewDB`. Also adds an
`Xor` method to `CDataStream`.
Thanks to @sipa @laanwj @pstratem @dexX7 @KyrosKrane @gmaxwell.
This adds SCRIPT_VERIFY_LOW_S to STANDARD_SCRIPT_VERIFY_FLAGS which
will make the node require the canonical 'low-s' encoding for
ECDSA signatures when relaying or mining.
Consensus behavior is unchanged.
The rational is explained in a81cd96805:
Absent this kind of test ECDSA is not a strong signature as given
a valid signature {r, s} both that value and {r, -s mod n} are valid.
These two encodings have different hashes allowing third parties a
vector to change users txids. These attacks are avoided by picking
a particular form as canonical and rejecting the other form(s); in
the of the LOW_S rule, the smaller of the two possible S values is
used.
If widely deployed this change would eliminate the last remaining
known vector for nuisance malleability on boring SIGHASH_ALL
p2pkh transactions. On the down-side it will block most
transactions made by sufficiently out of date software.
Unlike the other avenues to change txids on boring transactions this
one was randomly violated by all deployed bitcoin software prior to
its discovery. So, while other malleability vectors where made
non-standard as soon as they were discovered, this one has remained
permitted. Even BIP62 did not propose applying this rule to
old version transactions, but conforming implementations have become
much more common since BIP62 was initially written.
Bitcoin Core has produced compatible signatures since a28fb70e in
September 2013, but this didn't make it into a release until 0.9
in March 2014; Bitcoinj has done so for a similar span of time.
Bitcoinjs and electrum have been more recently updated.
This does not replace the need for BIP62 or similar, as miners can
still cooperate to break transactions. Nor does it replace the
need for wallet software to handle malleability sanely[1]. This
only eliminates the cheap and irritating DOS attack.
[1] On the Malleability of Bitcoin Transactions
Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Łukasz Mazurek
http://fc15.ifca.ai/preproceedings/bitcoin/paper_9.pdf
- to match the peers.dat handling also supply a debug.log entry for how
many entries were loaded from banlist.dat and how long it took
- add a GUI init message for loading the banlist (same as with peers.dat)
- move the same message for peers.dat upwards in the code, to be able to
reuse the timing variable nStart and also just log, if our read from
peers.dat didn't fail
- only start working on/with banlist data, if reading in the banlist from
disk didn't fail
- as CNode::setBannedIsDirty is false (default) when reading fails, we
don't need to explicitly set it to false to prevent writing
banlist.dat in that case either
Previously only one PUSHDATA was allowed, needlessly limiting
applications such as matching OP_RETURN contents with bloom filters that
operate on a per-PUSHDATA level. Now any combination that passes
IsPushOnly() is allowed, so long as the total size of the scriptPubKey
is less than 42 bytes. (unchanged modulo non-minimal PUSHDATA encodings)
Also, this fixes the odd bug where previously the PUSHDATA could be
replaced by any single opcode, even sigops consuming opcodes such as
CHECKMULTISIG. (20 sigops!)
Previously unlike other transaction types the TX_SCRIPTHASH would not
clear vSolutionsRet, which means that unlike other transaction types if
it was called twice in a row you would get the result of the previous
invocation as well.
Avoid calling gettimeofday every time through the benchmarking loop, by keeping
track of how long each loop takes and doubling the number of iterations done
between time checks when they take less than 1/16'th of the total elapsed time.
Benchmarking framework, loosely based on google's micro-benchmarking
library (https://github.com/google/benchmark)
Wny not use the Google Benchmark framework? Because adding Even More Dependencies
isn't worth it. If we get a dozen or three benchmarks and need nanosecond-accurate
timings of threaded code then switching to the full-blown Google Benchmark library
should be considered.
The benchmark framework is hard-coded to run each benchmark for one wall-clock second,
and then spits out .csv-format timing information to stdout. It is left as an
exercise for later (or maybe never) to add command-line arguments to specify which
benchmark(s) to run, how long to run them for, how to format results, etc etc etc.
Again, see the Google Benchmark framework for where that might end up.
See src/bench/MilliSleep.cpp for a sanity-test benchmark that just benchmarks
'sleep 100 milliseconds.'
To compile and run benchmarks:
cd src; make bench
Sample output:
Benchmark,count,min,max,average
Sleep100ms,10,0.101854,0.105059,0.103881
This makes sure that the event loop eventually terminates, even if an
event (like an open timeout, or a hanging connection) happens to be
holding it up.
Add a WaitExit() call to http's WorkQueue to make it delete the work
queue only when all worker threads stopped.
This fixes a problem that was reproducable by pressing Ctrl-C during
AppInit2:
```
/usr/include/boost/thread/pthread/condition_variable_fwd.hpp:81: boost::condition_variable::~condition_variable(): Assertion `!ret' failed.
/usr/include/boost/thread/pthread/mutex.hpp:108: boost::mutex::~mutex(): Assertion `!posix::pthread_mutex_destroy(&m)' failed.
```
I was assuming that `threadGroup->join_all();` would always have been
called when entering the Shutdown(). However this is not the case in
bitcoind's AppInit2-non-zero-exit case "was left out intentionally
here".
Shutting down the HTTP server currently breaks off all current requests.
This can create a race condition with RPC `stop` command, where the calling
process never receives confirmation.
This change removes the listening sockets on shutdown so that no new
requests can come in, but no longer breaks off requests in progress.
Meant to fix#6717.
The "please check your computer's data and time" message when the clock
deviates from the network currently generates an overkill of messages:
orion@lethe:~/bitcoin$ src/bitcoind
Warning: Warning: Please check that your computer's date and time are correct! If your clock is wrong Bitcoin Core will not work properly.
In the log:
2015-09-27 16:24:13 *** Warning: Please check that your computer's date and time are correct! If your clock is wrong Bitcoin Core will not work properly.
2015-09-27 16:24:13 Warning: Warning: Please check that your computer's date and time are correct! If your clock is wrong Bitcoin Core will not work properly.
Remove one level of 'Warning:' and reduce to one log message.
af3208b Resolve issue 3166. These changes decode valid SIGHASH types on signatures in assembly (asm) representations of scriptSig scripts. This squashed commit incorporates substantial helpful feedback from jtimon, laanwj, and sipa. (mruddy)
CalculateMemPoolAncestors was always looping over a transaction's inputs
to find in-mempool parents. When adding a new transaction, this is the
correct behavior, but when removing a transaction, we want to use the
ancestor set that would be calculated by walking mapLinks (which should
in general be the same set, except during a reorg when the mempool is
in an inconsistent state, and the mapLinks-based calculation would be the
correct one).
* Raise the debug window when hidden behind other windows
* Switch to the debug window when on another virtual desktop
* Show the debug window when minimized
This change is a conceptual copy of 5ffaaba and 382e9e2
Assume that when a wallet transaction has a valid block hash and transaction position
in it, the transaction is actually there. We're already trusting wallet data in a
much more fundamental way anyway.
To prevent backward compatibility issues, a new record is used for storing the
block locator in the wallet. Old wallets will see a wallet file synchronized up
to the genesis block, and rescan automatically.
7aac6db [QT] dump banlist to disk in case of ban/unban over QT (Jonas Schnelli)
7f90ea7 [QA] adabt QT_NO_KEYWORDS for QT ban implementation (Jonas Schnelli)
07f70b2 [QA] fix netbase tests because of new CSubNet::ToString() output (Jonas Schnelli)
4ed0510 [Qt] call DumpBanlist() when baning unbaning nodes (Philip Kaufmann)
be89292 [Qt] reenabling hotkeys for ban context menu, use different words (Jonas Schnelli)
b1189cf [Qt] adapt QT ban option to banlist.dat changes (Jonas Schnelli)
65abe91 [Qt] add sorting for bantable (Philip Kaufmann)
51654de [Qt] bantable polish (Philip Kaufmann)
cdd72cd [Qt] simplify ban list signal handling (Philip Kaufmann)
43c1f5b [Qt] remove unused timer-code from banlistmodel.cpp (Jonas Schnelli)
e2b8028 net: Fix CIDR notation in ToString() (Wladimir J. van der Laan)
9e521c1 [Qt] polish ban table (Philip Kaufmann)
607809f net: use CIDR notation in CSubNet::ToString() (Jonas Schnelli)
53caec6 [Qt] bantable overhaul (Jonas Schnelli)
f0bcbc4 [Qt] bantable fix timestamp 64bit issue (Jonas Schnelli)
6135309 [Qt] banlist, UI optimizing and better signal handling (Jonas Schnelli)
770ca79 [Qt] add context menu with unban option to ban table (Jonas Schnelli)
5f42132 [Qt] add ui signal for banlist changes (Jonas Schnelli)
ad204df [Qt] add banlist table below peers table (Jonas Schnelli)
50f0908 [Qt] add ban functions to peers window (Jonas Schnelli)
ddf98d1 Make RPC tests cope with server-side timeout between requests (Wladimir J. van der Laan)
2190ea6 rpc: Split option -rpctimeout into -rpcservertimeout and -rpcclienttimeout (Wladimir J. van der Laan)
8b2d6ed http: Disable libevent debug logging, if not explicitly enabled (Wladimir J. van der Laan)
5ce43da init: Ignore SIGPIPE (Wladimir J. van der Laan)
The two timeouts for the server and client, are essentially different:
- In the case of the server it should be a lower value to avoid clients
clogging up connection slots
- In the case of the client it should be a high value to accomedate slow
responses from the server, for example for slow queries or when the
lock is contended
Split the options into `-rpcservertimeout` and `-rpcclienttimeout` with
respective defaults of 30 and 900.
Associate with each CTxMemPoolEntry all the size/fees of descendant
mempool transactions. Sort mempool by max(feerate of entry, feerate
of descendants). Update statistics on-the-fly as transactions enter
or leave the mempool.
Also add ancestor and descendant limiting, so that transactions can
be rejected if the number or size of unconfirmed ancestors exceeds
a target, or if adding a transaction would cause some other mempool
entry to have too many (or too large) a set of unconfirmed in-
mempool descendants.
Ignore SIGPIPE on all non-win32 OSes, otherwise an unexpectedly disconnecting
RPC client will terminate the application. This problem was introduced
with the libhttp-based RPC server.
Fixes#6660.
The thin space QT html hack results in cut-off chars/nums after a line break.
Avoid word wrap line breaks by using a smaller font and a line break before each alternative value)
GetTransaction needs to lock cs_main until ReadBlockFromDisk completes, the data inside CBlockIndex's can change since pruning. This lock was held by all calls to GetTransaction except rest_tx.
- removes mapBlockIndex find operation
- theoretically allows removing the cs_main lock during zqm notification while introducing a new file position lock
- add missing NULL pointer checks
- add better comments and reorder some code in rpcconsole.cpp
- remove unneeded leftovers in bantable.cpp
- update bantable column sizes to prevent cutting of banned until
- remove banListChanged signal from client model
- directly call clientModel->getBanTableModel()->refresh() without the way
over clientModel->updateBanlist()
- also fix clearing peer detail window, when selecting (clicking)
peers in the ban list
Continues Johnathan Corgan's work.
Publishing multipart messages
Bugfix: Add missing zmq header includes
Bugfix: Adjust build system to link ZeroMQ code for Qt binaries
We log the cleanSubVer as part of connect. It is not uniquely more informative
than any of the other data we have about a peer, often less. It's also often
long now as well. There is no need to output it as part of mempoolrej,
AcceptToMemoryPool, or pong entries. Leaving it out makes our log entries
more uniform and consistent.
This patch changes the way the suffix (giving the requested data format) is
parsed for REST requests. Before, the string was split at '.'
characters and it was assumed that the second part was the suffix.
Now, we look for the last dot and use that to determine the suffix.
This allows for strings that contain dots (not used now, though), and
seems, in general, to be clearer and more intuitive.
Complete rescan is incompatible with pruning, but rescan is optional on
our wallet key import RPCs. Import on use is very useful in some common
situations in conjunction with pruning, e.g. merchant payment tracking.
This reenables importprivkey/importaddress/importpubkey when rescan
is not used.
In the future we should consider changing the rescan argument to allow depth
or date to allow limited rescanning when compatible with the retained
block depth.
Lets nodes advertise that they offer bloom filter support explicitly.
The protocol version bump allows SPV nodes to assume that NODE_BLOOM is
set if NODE_NETWORK is set for pre-70011 nodes.
Also adds an option to turn bloom filter support off for nodes which
advertise a version number >= 70011. Nodes attempting to use bloom
filters on such protocol versions are banned, and a later upgade
should drop nodes of an older version which attempt to use bloom
filters.
Much code stolen from Peter Todd.
Implements BIP 111
`nMinPingUsecTime` was left uninitialized in CNode.
The correct initialization for a minimum-until-now is int64_t's max value, so initialize it to that.
Thanks @MarcoFalke for noticing.
d528025 Revert "rpc-tests: re-enable rpc-tests for Windows" (Wladimir J. van der Laan)
1e700c9 doc: update deps in build-unix.md after libevent (Wladimir J. van der Laan)
26c9b83 Move windows socket init to utility function (Wladimir J. van der Laan)
4be0b08 libevent: Windows reuseaddr workaround in depends (Cory Fields)
3a174cd Fix race condition between starting HTTP server thread and setting EventBase() (Wladimir J. van der Laan)
6d2bc22 Document options for new HTTP/RPC server in --help (Wladimir J. van der Laan)
be33f3f Implement RPCTimerHandler for Qt RPC console (Wladimir J. van der Laan)
57d85d9 doc: mention SSL support dropped for RPC in release notes (Wladimir J. van der Laan)
40b556d evhttpd implementation (Wladimir J. van der Laan)
ee2a42b tests: GET requests cannot have request body, use POST in rest.py (Wladimir J. van der Laan)
6e996d3 tests: fix qt payment test (Cory Fields)
3140ef9 build: build-system changes for libevent (Wladimir J. van der Laan)
a9af234 libevent: add depends (Cory Fields)
6a21dd5 Remove rpc_boostasiotocnetaddr test (Wladimir J. van der Laan)
8f9301c qa: Remove -rpckeepalive tests from httpbasics (Wladimir J. van der Laan)
51fcfc0 doc: remove documentation for rpcssl (Wladimir J. van der Laan)
The main effect is to exit processing for recently-rejected hashes,
in case they are pushed to us without prior advertisement. This
behavior was seen in the wild.
An additional effect is to do early checks for mempool or mapOrphan
existence. No logging or nDoS tracking is needed for failures of
these checks.
027de94 Use network group instead of CNetAddr in final pass to select node to disconnect (Patrick Strateman)
000c18a Fix comment (Patrick Strateman)
fed3094 Acquire cs_vNodes before changing refrence counts (Patrick Strateman)
69ee1aa CNodeRef copy constructor and assignment operator (Patrick Strateman)
dc81dd0 Return false early if vEvictionCandidates is empty (Patrick Strateman)
17f3533 Better support for nodes with non-standard nMaxConnections (Patrick Strateman)
1317cd1 RAII wrapper for CNode* (Patrick Strateman)
df23937 Add comments to AttemptToEvictConnection (Patrick Strateman)
a8f6e45 Remove redundant whiteconnections option (Patrick Strateman)
b105ba3 Prefer to disconnect peers in favor of whitelisted peers (Patrick Strateman)
2c70153 AttemptToEvictConnection (Patrick Strateman)
4bac601 Record nMinPingUsecTime (Patrick Strateman)
ae037b7 Refactor: Move failure conditions to the top of AcceptConnection (Patrick Strateman)
1ef4817 Refactor: Bail early in AcceptConnection (Patrick Strateman)
541a1dd Refactor: AcceptConnection (Patrick Strateman)
Split StartHTTPServer into InitHTTPServer and StartHTTPServer to give
clients a window to register their handlers without race conditions.
Thanks @ajweiss for figuring this out.
Implement RPCTimerHandler for Qt RPC console, so that `walletpassphrase`
works with GUI and `-server=0`.
Also simplify HTTPEvent-related code by using boost::function directly.
- *Replace usage of boost::asio with [libevent2](http://libevent.org/)*.
boost::asio is not part of C++11, so unlike other boost there is no
forwards-compatibility reason to stick with it. Together with #4738 (convert
json_spirit to UniValue), this rids Bitcoin Core of the worst offenders with
regard to compile-time slowness.
- *Replace spit-and-duct-tape http server with evhttp*. Front-end http handling
is handled by libevent, a work queue (with configurable depth and parallelism)
is used to handle application requests.
- *Wrap HTTP request in C++ class*; this makes the application code mostly
HTTP-server-neutral
- *Refactor RPC to move all http-specific code to a separate file*.
Theoreticaly this can allow building without HTTP server but with another RPC
backend, e.g. Qt's debug console (currently not implemented) or future RPC
mechanisms people may want to use.
- *HTTP dispatch mechanism*; services (e.g., RPC, REST) register which URL
paths they want to handle.
By using a proven, high-performance asynchronous networking library (also used
by Tor) and HTTP server, problems such as #5674, #5655, #344 should be avoided.
What works? bitcoind, bitcoin-cli, bitcoin-qt. Unit tests and RPC/REST tests
pass. The aim for now is everything but SSL support.
Configuration options:
- `-rpcthreads`: repurposed as "number of work handler threads". Still
defaults to 4.
- `-rpcworkqueue`: maximum depth of work queue. When this is reached, new
requests will return a 500 Internal Error.
- `-rpctimeout`: inactivity time, in seconds, after which to disconnect a
client.
- `-debug=http`: low-level http activity logging
When running the rpc tests in Wine, nodes often fail to listen on localhost
due to a stale socket from a previous run. This aligns the behavior with other
platforms.
Fix https://github.com/bitcoin/bitcoin/issues/6558. In particular, stop
parsing JSON after the first object or array is finished. Check that no
other garbage follows, and fail the parser if it does.
c5c1edf Fix spelling mistake in -> if. (Mark Friedenbach)
e846b2a Correct a possibly intentional pun that is nevertheless hard to read: "two times of nLockTime." What is meant is that there are two kinds, or categories of nLockTime. (Mark Friedenbach)
Since the introduction of the ScriptForMining callback, the mining
functions (setgenerate and generate) crash with an assertion failure
(due to a NULL pointer script returned) if the keypool is empty. Fix
this by giving a proper error.