fa48baf23e wallet: Avoid leaking locktime fingerprint when anti-fee-sniping (MarcoFalke)
453803adc9 [test] wallet_txn_clone: Correctly clone txin sequence (MarcoFalke)
Pull request description:
The wallet sets the locktime to the current height of our active chain. This is fine, as long as our node is connected to other nodes. However, when we fall back and get stuck at a particular height (e.g. taking the wallet offline), the same (potentially unique) locktime is used for all transactions. This makes it easier for passive observers to cluster transactions by wallet.
For reference, I visualized "locktime-reuse" with the data:
* blocks 545k-555k (both inclusive)
* locktimes<=60k
* excluding coinbase txs
![distribution of height-based tx locktimes used at least twice](https://user-images.githubusercontent.com/6399679/50446163-b8256d80-0913-11e9-9832-40b76052b2b9.png)
Tree-SHA512: 2af259dd8f9f863312e2732d80ca8ba6a20c8d6d1c486b10a48479e1c85ccf13b0c38723740ebadde0f28d321cd9c133ad3e5d1e925472eb27681143bda2d0e7
Unfortunately, `std::string` elements are (bare) chars. As these
are the most likely type to be passed to these functions, make them use
char instead of unsigned char. This avoids some casts.
This adds a checksum in the gitian build script to make sure that
ossl tool and theuni's patch matches what is expected. Also changes
the url to use https and adds the same instructions to the release docs.
ef5ebc6d8f docs: Clarifying testing instructions (benthecarman)
Pull request description:
This statement confused me on my first time reading through. Hopefully, this addition will help someone else on their first time.
Tree-SHA512: 17f421275adb7586eca954910269d29fcd3bacc42fab4bc2e01110f9e13ca6f8c1ca178246f7192e1131f14ced7f7dc0b57e7aec324898807c1813a2ebc513de
93009618b6 Fix start with the `-min` option (Hennadii Stepanov)
Pull request description:
From IRC:
> 2018-10-17T12:36:38 \<Drakon\> The option to minimize to system tray instead of the taskbar ist available, but doesn't have an effect if it is started with the -min option. If I start it via that option, I have to click on the program symbil on the taskbar and then minimize it again in order to get it minimized to system tray.
> 2018-10-17T12:37:28 \<Drakon\> That's annoying.
> 2018-10-17T13:51:19 \<wumpus\> can you open an issue for that please? https://github.com/bitcoin/bitcoin/issues/new
> 2018-10-17T13:53:24 \<wumpus\> (if there isn't one yet-)
This PR fixes this bug.
Tree-SHA512: c5a5521287b49b13859edc7c6bd1cd07cac14b84740450181dce00bf2781fc3dfc84476794baa16b0e26a2d004164617afdb61f829e629569703c5bcc45e2a4e
369d7b3925 Fix download link (Martin Erlandsson)
Pull request description:
The document currently refers readers to bitcoincore.org at **/en/releases/** for downloads. It makes more sense to point them to **/en/download/**, which is the main page for downloads.
That page also includes a link to **/en/releases/** for those interested in the release history.
This commit is also included in #14787, which has not been getting much attention. (Maybe it was trying to do too much...)
Tree-SHA512: 29beae730203f4b2d8a8bbd52bb70a3f210fbc7a562ce608628da487d37f380e0a48e1e7f38323f8fa96f8307248f527d3473aede50c38b28119697294e19449
8931a95bec Include util/strencodings.h which is required for IsSpace(...) (practicalswift)
7c9f790761 Update KNOWN_VIOLATIONS: Remove fixed violations (practicalswift)
587924f000 Use IsSpace(...) instead of boost::is_space (practicalswift)
c5fd143edb Use ToLower(...) instead of std::tolower (practicalswift)
e70cc8983c Use IsDigit(...) instead of std::isdigit (practicalswift)
Pull request description:
* Use `ToLower(...)` instead of `std::tolower`. `std::tolower` is locale dependent.
* Use `IsDigit(...)` instead of `std::isdigit`. Some implementations (e.g. Microsoft in 1252 codepage) may classify single-byte characters other than `[0-9]` as digits.
* Update `KNOWN_VIOLATIONS`: Remove fixed violations.
* ~~Replace use of locale dependent Boost trim (`boost::trim`) with locale independent `TrimString`.~~
* Use` IsSpace(...)` instead of `boost::is_space`
Tree-SHA512: defed016136b530b723fa185afdbd00410925a748856ba3afa4cee60f61a67617e30f304f2b9991a67b5fe075d9624f051e14342aee176f45fbc024d59e1aa82
6dc4593db1 IsReachable is the inverse of IsLimited (DRY). Includes unit tests (marcaiaf)
Pull request description:
IsReachable is the inverse of IsLimited, but the implementation is duplicated (DRY)
- Changed the implementation accordingly.
- Added unit tests to document behavior and relationship
- My modification in net.cpp applies only to IsReachable.
- Applied clang-format-diffpy
Created new pull request to avoid the mess with:
https://github.com/bitcoin/bitcoin/pull/15044
Checked with supposedly conflicting PRs mentioned in the old PR. No conflicts with the specific changes in this PR.
Tree-SHA512: b132dec6cc2c788ebe4f63f228d78f441614e156743b17adebc990de0180a5872874d2724c86eeaa470b4521918bd137b0e33ebcaae77c5efc1f0d56104f6c87
ca126d490b Fix out-of-bounds write in case of failing mmap(...) in PosixLockedPageAllocator::AllocateLocked (practicalswift)
Pull request description:
`mmap(...)` returns `MAP_FAILED` (`(void *) -1`) in case of allocation failure.
`PosixLockedPageAllocator::AllocateLocked(...)` did not check for allocation failures prior to this PR.
Instead the invalid memory address `(void *) -1` (`0xffffffffffffffff`) was passed to the caller as if it was a valid address.
After some operations the address is wrapped around from `0xffffffffffffffff` to `0x00000003ffdf` (`0xffffffffffffffff + 262112 == 0x00000003ffdf`);
The resulting address `0x00000003ffdf` is then written to.
Before this patch (with failing `mmap` call):
```
$ src/bitcoind
…
2019-01-06T16:28:14Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
2019-01-06T16:28:14Z Using RdRand as an additional entropy source
Segmentation fault (core dumped)
```
Before this patch (under `valgrind` with failing `mmap` call):
```
$ valgrind src/bitcoind
…
2019-01-06T16:28:51Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
==17812== Invalid write of size 1
==17812== at 0x500B7E: void __gnu_cxx::new_allocator<unsigned char>::construct<unsigned char>(unsigned char*) (new_allocator.h:136)
==17812== by 0x500B52: _ZNSt16allocator_traitsI16secure_allocatorIhEE12_S_constructIhJEEENSt9enable_ifIXsr6__and_INS2_18__construct_helperIT_JDpT0_EE4typeEEE5valueEvE4typeERS1_PS6_DpOS7_ (alloc_traits.h:243)
==17812== by 0x500B22: _ZNSt16allocator_traitsI16secure_allocatorIhEE9constructIhJEEEDTcl12_S_constructfp_fp0_spclsr3stdE7forwardIT0_Efp1_EEERS1_PT_DpOS4_ (alloc_traits.h:344)
==17812== by 0x500982: unsigned char* std::__uninitialized_default_n_a<unsigned char*, unsigned long, secure_allocator<unsigned char> >(unsigned char*, unsigned long, secure_allocator<unsigned char>&) (stl_uninitialized.h:631)
==17812== by 0x60BFC2: std::vector<unsigned char, secure_allocator<unsigned char> >::_M_default_initialize(unsigned long) (stl_vector.h:1347)
==17812== by 0x60BD86: std::vector<unsigned char, secure_allocator<unsigned char> >::vector(unsigned long, secure_allocator<unsigned char> const&) (stl_vector.h:285)
==17812== by 0x60BB55: ECC_Start() (key.cpp:351)
==17812== by 0x16AC90: AppInitSanityChecks() (init.cpp:1162)
==17812== by 0x15BAC9: AppInit(int, char**) (bitcoind.cpp:138)
==17812== by 0x15B6C8: main (bitcoind.cpp:201)
==17812== Address 0x3ffdf is not stack'd, malloc'd or (recently) free'd
…
Segmentation fault (core dumped)
```
After this patch (with failing `mmap` call):
```
$ src/bitcoind
…
2019-01-06T15:50:18Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
2019-01-06T15:50:18Z Using RdRand as an additional entropy source
2019-01-06T15:50:18Z
************************
EXCEPTION: St9bad_alloc
std::bad_alloc
bitcoin in AppInit()
************************
EXCEPTION: St9bad_alloc
std::bad_alloc
bitcoin in AppInit()
2019-01-06T15:50:18Z Shutdown: In progress...
2019-01-06T15:50:18Z Shutdown: done
```
To simulate the failing `mmap` call apply the following to `master`:
```diff
diff --git a/src/support/lockedpool.cpp b/src/support/lockedpool.cpp
index 8d577cf52..ce79e569b 100644
--- a/src/support/lockedpool.cpp
+++ b/src/support/lockedpool.cpp
@@ -247,7 +247,8 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess)
{
void *addr;
len = align_up(len, page_size);
- addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+ // addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+ addr = MAP_FAILED;
if (addr) {
*lockingSuccess = mlock(addr, len) == 0;
}
```
Tree-SHA512: 66947f5fc0fbb19afb3e1edbd51df07df9d16b77018cff3d48d30f378a53d6a0dc62bc36622b3966b7e374e61edbcca114ef4ac8ae8d725022c1a597edcbf7c7
ba8c8b2227 Fail if either disk space check fails (Ben Woosley)
Pull request description:
Rather than both.
Introduced in 386a6b62a8, #12653
Tree-SHA512: 24765dd3c62b742c491d7d9a751917c2ce6f3819a8764a7725ce84910ef69bffca07f4c0dfbeed8c4f978a12c4b04a2ac3b8c2ff59602330a8a3e8a68878c41b
fa2510d5c1 Use C++11 default member initializers (MarcoFalke)
Pull request description:
Changes:
* Remove unused constructors that leave some members uninitialized
* Remove manual initialization in each constructor and prefer C++11 default member initializers
This is not a stylistic change, but a change that avoids bugs such as:
* fix uninitialized read when stringifying an addrLocal #14728
* qt: Initialize members in WalletModel #12426
* net: correctly initialize nMinPingUsecTime #6636
* ...
Tree-SHA512: 0f896f3b9fcc464d5fc7525f7c86343ef9ce9fb13425fbc68e9a9728fd8710c2b4e2fd039ee08279ea41ff20fd92b7185cf5cca95a0bcb6a5340a1e6f03cae6b
ed12d5df1b index: Fix for indexers skipping genesis block. (Jim Posen)
Pull request description:
This fixes a bug where indexers would skip processing of the genesis block. Preserves the current behavior of omitting genesis block transaction from the index.
Tree-SHA512: 092fd3d629bf1ef279566217c668cc913a8b8e012d811d0e544231894c49a0c0c179537ac4727c39b9bf407479541745d79c4e118db6f0795a2b848d0fe62cbf
7e4bd19785 Add BitcoinApplication & RPCConsole tests (Russell Yanofsky)
ca20b65cc0 Move BitcoinApplication to header so it can be tested (Russell Yanofsky)
Pull request description:
Add test coverage for Qt initialization code & basic RPC console functionality
Motivation for this change was a bug in #11603 which existing tests failed to catch.
Tree-SHA512: f66546ffc84b8e07679c66a73b265023fbf6a0cb8f24f1606a5fcae2dd3b4dc7b2c6d26c69dedcec53398a26ef17c4d5fb28c055698fa6e45e89aa2995cefe2f
fab17e8272 test: Add basic test for BIP34 (MarcoFalke)
Pull request description:
BIP34 was disabled for testing, which explains why it had no test.
Fix that by enabling it and adding a test.
Tree-SHA512: 9cb5702d474117ce6420226eb93ee09d6fb5fc856fabc8b67abe56a088cd727674e0e5462000e1afa83b911374036f90abdbdde56a8c236a75572ed47e10a00f
fa38d3df69 [rpc] Correct reconsiderblock help text, add test (MarcoFalke)
Pull request description:
Rework documentation and test to match the implementation
Tree-SHA512: d0adef6b054a341bcc1cb87783a4e4cf9be124ba6812e1ac88246a5e01b2861a8071b12dba880b2b428c37da3fa860bfec3fe3e5fbb7c28696872113faa84a9f
c98f8866fe Fix the build problem in libbitcoin_server (Alexey Poghilenkov)
Pull request description:
Fixes https://github.com/bitcoin/bitcoin/issues/15049
The reason of this problem is existance two similar lines in the libbitcoin_server.vcxproj file that appears after the executing the msvc-autogen.py script .
line 157
> <ItemGroup>
<ClCompile Include="..\..\src\rpc\net.cpp">
<ObjectFileName Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(IntDir)\netrpc.obj</ObjectFileName>
<ObjectFileName Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">$(IntDir)\netrpc.obj</ObjectFileName>
<ObjectFileName Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">$(IntDir)\netrpc.obj</ObjectFileName>
<ObjectFileName Condition="'$(Configuration)|$(Platform)'=='Release|x64'">$(IntDir)\netrpc.obj</ObjectFileName>
</ClCompile>
line 256
> <ItemGroup>
<ClCompile Include="..\..\src\rpc\net.cpp">
<ObjectFileName>$(IntDir)rpc_net.obj</ObjectFileName>
</ClCompile>
Tree-SHA512: 0f2841a32253c503731c9007fa2a02d330ab4b670c154dcfce6fd0919752317bc3133f074d21e90f73054ab3c0a8a3d222b4fadc34fbcecd3e8af093eea38b49
fac4e731a8 test: Run invalid_txs.InputMissing test in feature_block (MarcoFalke)
Pull request description:
Tree-SHA512: 24c3f519ba0cf417b66e0df6f5ddc0430e3f419af4705a9c85096da47ff4d8f51487d65b68f3f993800003b3f936d95d8a0bade846e1b45f95b2bdbecc9ebab7
91b0c5b096 qt: Use WalletModel* instead of wallet name in console window (João Barbosa)
b2ce86c3ad qt: Use WalletModel* instead of wallet name in main window (João Barbosa)
d2a1adffeb qt: Factor out WalletModel::getDisplayName() (João Barbosa)
Pull request description:
This a small refactor that doesn't change behavior. This is also necessary if in the future we allow renaming wallets.
Tree-SHA512: 1820d0ff28e84b1d862097f1f55b52f94520fa50c9b1939d235a448a48159748c3bbf99b19e4cb1ff4f91efc008c0971b4c25a91f645f9d43792c8aeaa93cf9e
4f4993fe2a Remove UBSan suppression (practicalswift)
958e1a307e streams: Remove unused seek(size_t) (practicalswift)
Pull request description:
Fix broken `streams_vector_reader` test. Remove unused `seek(size_t)`.
Before this change the test `streams_vector_reader` triggered an unintended unsigned integer wraparound. It tried so seek using a negative value in `reader.seek(-6)`.
Changes in this PR:
* Fix broken `VectorReader::seek(size_t)` test case
* Remove unused `seek(size_t)`
Tree-SHA512: 6c6affd680626363eef9e496748f2f86a522325abab9d6b13161f41125cdc29ceb36c2c1509c90b8ff108d606df7629e55e094cc2b6253b05a892b81ce176b71
6b25f29a91 Use std::vector API for construction of test data. (Daniel Kraft)
Pull request description:
For constructing test scripts, use `std::vector` and, in particular, `std::vector::insert` to insert 20 zero bytes rather than listing the full array of bytes explicitly. This makes the code easier to read and makes it immediately obvious what the structure of the data is, without having to count the zeros to understand it.
Of course, that is a matter of taste - so if you disagree that the change makes the code easier to read, let me know.
This has been split out of #14752.
Tree-SHA512: af82d447f0077259049f1da2d6f86a6c29723c6e17bd342e9a9ecf37b13bddff40643af95c8b3a3260765a5591713d31ca8a45a5a0c20a12c139aee53ea150da
On some Linux systems the minimized to the taskbar (iconified) main
window cannot be restored properly using actions from the systray icon
menu when QSystemTrayIcon::contextMenu() is a child of the main window.
b9f226b41f rpc: Remove cs_main lock from blockToJSON and blockHeaderToJSON (João Barbosa)
343b98cbcd rpc: Specify chain tip instead of chain in GetDifficulty (João Barbosa)
54dc13b6a2 rpc: Fix SoftForkMajorityDesc and SoftForkDesc signatures (João Barbosa)
Pull request description:
Motivated by https://github.com/bitcoin/bitcoin/pull/11913#discussion_r157798157, this pull makes `blockToJSON` and `blockheaderToJSON` free of `cs_main` locks.
Locking `cs_main` was required to access `chainActive` in order to check if the block was in the chain and to retrieve the next block index.
With the this approach, `CBlockIndex::GetAncestor()` is used in a way to check if the block belongs to the specified chain tip and, at the same time, get the next block index.
Tree-SHA512: a6720ace0182c19033bbed1a404f729d793574db8ab16e0966ffe412145611e32c30aaab02975d225df6d439d7b9ef2070e732b16137a902b0293c8cddfeb85f