Previously -proxy was not setting the proxy for IsLimited networks, so
if you set your configuration to be onlynet=tor you wouldn't get an
IPv4 proxy set.
The payment protocol gets its proxy configuration from the IPv4 proxy,
and so it would experience a connection leak.
This addresses issue #5355 and also clears up a cosmetic bug where
getinfo proxy output shows nothing when onlynet=tor is set.
Like in a real world situation, a safe mode test should also be visible in the
UI. A test of safe mode is furthermore mostly relevant for developers, so it
should not be overwritten by a warning about a pre-release test build.
Add a sanity check to prevent cosmic rays from flipping a bit in the
generated public key, or bugs in the elliptic curve code. This is
simply done by signing a (randomized) message, and verifying the
result.
- Update comments in checkpoints to be doxygen compatible
- Update comments in checkqueue to be doxygen compatible
- Update coins to be doxygen compatible
- Fix comment typo in crypter.h
- Update licenses/copyright dates
Closes#5325#5184#5183#5182
ca81587 Test the exact order of CHECKMULTISIG sig/pubkey evaluation (Peter Todd)
98b135f Make STRICTENC invalid pubkeys fail the script rather than the opcode. (Pieter Wuille)
Some users may have libtool libs (.la) installed in their linker search paths.
In this case, using -static-libtool-libs would try to link in .a's instead of
shared libs. That would be harmless unless the .a was built in a way that
would break linking, like non-fpic.
What we really want is "-static" here. Despite its name, it's actually less
aggressive than -static-libtool-libs. It causes only internal libs to be linked
statically (libbitcoinconsensus is the one were'a after).
This turns STRICTENC turn into a softforking-safe change (even though it
is not intended as a consensus rule), and as a result guarantee that using
it for mempool validation only results in consensus-valid transactions in
the mempool.
Previously, AcceptBlockHeader did not check the header (in particular
PoW). This made the client accept invalid-PoW-headers from peers in
headers-first sync.
f9e40fb revert part of 9eda1620b (Cory Fields)
4300876 build: secp256k1 as a subdir, since it's required (Cory Fields)
0dc8613 build: fixup configure to not export anything (Cory Fields)
54566de depends: quit exporting in config.site (Cory Fields)
ff1e5ba depends: add gmp package (Cory Fields)
cf61b54 Don't use bashisms in configure (Pieter Wuille)
dffb8f8 Use libsecp256k1 in key.cpp (Pieter Wuille)
4c97c64 Do not use EC code in global constructors (Pieter Wuille)
07a9901 Always build and link libsecp256k1 (Pieter Wuille)
d48555b Squashed 'src/secp256k1/' content from commit ad2028f (Pieter Wuille)
7a7e109 Delete src/secp256k1 before subtree import (Pieter Wuille)
3c30f27 travis: disable rpc tests for windows until they're not so flaky (Cory Fields)
daf03e7 RPC tests: create initial chain with specific timestamps (Gavin Andresen)
a8b2ce5 regression test only setmocktime RPC call (Gavin Andresen)
Currently Bitcoin-Qts support for OSX User Notification Center is broken. This pull will fix a known issue of non-official-apple-built apps having problems sending user notifications.
NOP1 to NOP10 are reserved for future soft-fork upgrades. In the event
of an upgrade such NOPs have *VERIFY behavior, meaning that if their
arguments are not correct the script fails. Discouraging these NOPs by
rejecting transactions containing them from the mempool ensures that
we'll never accept transactions, nor mine blocks, with scripts that are
now invalid according to the majority of hashing power even if we're not
yet upgraded. Previously this wasn't an issue as the IsStandard() rules
didn't allow upgradable NOPs anyway, but 7f3b4e95 relaxed the
IsStandard() rules for P2SH redemptions allowing any redeemScript to be
spent.
We *do* allow upgradable NOPs in scripts so long as they are not
executed. This is harmless as there is no opportunity for the script to
be invalid post-upgrade.
Attempt to codify the possible error statuses associated with script
validation. script/types.h has been created with the expectation that it will
be part of the public lib interface. The other flag enums will be moved here in
a future commit.
Logging has also been removed in order to drop the dependency on core.h. It can
be re-added to bitcoind as-needed. This makes script verification finally free
of application state and boost!
Speed up generating blocks in regression test mode, by moving
block-creating and nonce-finding directly into the setgenerate
RPC call (instead of starting up a mining thread and waiting for
it to find a block).
This makes the forknotify RPC test three times quicker, for
example (10 seconds runtime instead of 30 seconds, assuming
the initial blockchain cache is already built).
- use __func__ instead of hard-coded function name for logging
- update -discover help message to reflect newly added parameter
interaction
- use DEFAULT_LISTEN in a parameter interaction check instead a hard coded
value
0d91ae3 The first thing that SelectParams does is call SelectBaseParams. Therefore, we do not need to call SelectBaseParams immediately prior to calling SelectParams. (mruddy)
Previously transactions were only tested again the
STANDARD_SCRIPT_VERIFY_FLAGS prior to mempool acceptance, so any bugs in
those flags that allowed actually-invalid transactions to pass would
result in allowing invalid transactions into the mempool. Fortunately
there is a second check in CreateNewBlock() that would prevent those
transactions from being mined, resulting in an invalid block, however
this could still be exploited as a DoS attack.
This is a simplified re-do of closed pull #3088.
This patch eliminates the privacy and reliability problematic use
of centralized web services for discovering the node's addresses
for advertisement.
The Bitcoin protocol already allows your peers to tell you what
IP they think you have, but this data isn't trustworthy since
they could lie. So the challenge is using it without creating a
DOS vector.
To accomplish this we adopt an approach similar to the one used
by P2Pool: If we're announcing and don't have a better address
discovered (e.g. via UPNP) or configured we just announce to
each peer the address that peer told us. Since peers could
already replace, forge, or drop our address messages this cannot
create a new vulnerability... but if even one of our peers is
giving us a good address we'll eventually make a useful
advertisement.
We also may randomly use the peer-provided address for the
daily rebroadcast even if we otherwise have a seemingly routable
address, just in case we've been misconfigured (e.g. by UPNP).
To avoid privacy problems, we only do these things if discovery
is enabled.
We're using GetRandomBytes in several contexts where it's either
unwieldy to return an error, or an error would mean a fatal exception
anyhow.
@gmaxwell checked OpenSSL a while ago and discovered that it never
actually fails, but it can't hurt to be a bit paranoid here.
This is less surprising.
Avoids the overload-the-CPU default of using N threads for script
verification as well as N threads for generation where N is number of cores.
50b43fd Be a bit more verbose during -loadblock if we already have blocks (Matt Corallo)
8375e22 Fix -loadblock after shutdown during IBD (Matt Corallo)
4ead850 Fix for crash during block download (Matt Corallo)
Start the RPC server before doing all the (expensive) startup
initialisations like loading the block index. Until the node is ready,
return all calls immediately with a new error signalling "in warmup"
with an appropriate status message (similar to the init message).
This is useful for RPC clients to know that the server is there (e. g.,
they don't have to start it) but not yet available. It is used in
Namecoin and Huntercoin already for some time, and there exists a UI
hooked onto the RPC interface that actively uses this to its advantage.
1bea2bb Rename ProcessBlock to ProcessNewBlock to indicate change of behaviour, and document it (Luke Dashjr)
d29a291 Rename RPC_TRANSACTION_* errors to RPC_VERIFY_* and use RPC_VERIFY_ERROR for submitblock (Luke Dashjr)
f877aaa Bugfix: submitblock: Use a temporary CValidationState to determine accurately the outcome of ProcessBlock, now that it no longer does the full block validity check (Luke Dashjr)
24e8896 Add CValidationInterface::BlockChecked notification (Luke Dashjr)
2191eac add tests to travis (Cory Fields)
7667850 tests: replace the old (unused since Travis) tests with new rpc test scripts (Cory Fields)
fa7f8cd tests: remove old pull-tester scripts (Cory Fields)
5122ea7 tests: fix forknotify.py on windows (Cory Fields)
7a41614 tests: allow rpc-tests to get filenames for bitcoind and bitcoin-cli from the environment (Cory Fields)
f635269 tests: enable alertnotify test for Windows (Cory Fields)
484e350 Update comments in client version to be doxygen compatible (Michael Ford)
6395ba3 Update comments in version to be doxygen compatible (Michael Ford)
02fe12d Update generate-seeds.py to produce doxygen compatible comments (Michael Ford)
f2e03ff Update comments in chainparams to be doxygen compatible (Michael Ford)
2fdc335 Update comments in chain to be doxygen compatible (Michael Ford)
- guard 4 connect calls by an #ifdef when no wallet is loaded to fix "No
such slot" warnings
- also add comments when #ifdef ENABLE_WALLET end
- fixes#5175
Move transaction new/update notification to TransactionTableModel.
This moves the concerns to where they're actually handled.
No need to bounce this through wallet model.
- Do wallet transaction preprocessing on signal handler side;
avoids locking cs_main/cs_wallet on notification in GUI thread
(except for new transactions)
99f41b9 MOVEONLY: core.o -> core/block.o (jtimon)
561e9e9 MOVEONLY: Move script/compressor out of script and put CTxOutCompressor (from core) with it (jtimon)
999a2ab MOVEONLY: separate CTxUndo out of core (jtimon)
4a3587d MOVEONLY: Separate CTransaction and dependencies from core (jtimon)
eda3733 MOVEONLY: Move CFeeRate and Amount constants to amount.o (jtimon)
50f71cd boost: code movement only: split CECKey into separate files (Cory Fields)
bdaec6a boost: remove CPubKey dependency from CECKey. Follow-up of e405aa48 (Cory Fields)
Make the CBlockIndex* (optionally) returned by GetDepthInMainChain
const. This prevents accidental modification. The result is for
reading its properties rather than modifying it.
85c579e script: add a slew of includes all around and drop includes from script.h (Cory Fields)
db8eb54 script: move ToString and ValueString out of the header (Cory Fields)
e9ca428 script: add ToByteVector() for converting anything with begin/end (Cory Fields)
066e2a1 script: move CScriptID to standard.h and add a ctor for creating them from CScripts (Cory Fields)
a873823 CAutoFile: Explicit Get() and remove unused methods (Wladimir J. van der Laan)
fef24ca Add IsNull() to class CAutoFile and remove operator ! (Ruben Dario Ponticeli)
This fixes an iterator leak resulting in
bitcoind: db/version_set.cc:789: leveldb::VersionSet::~VersionSet(): Assertion `dummy_versions_.next_ == &dummy_versions_' failed."
exception on shutdown.
Also make sure to flush pcoinsTip before calling GetStats() to make
sure we apply them to the current height.
c0195b1 Bugfix: Remove default from -zapwallettxes description (inaccurate) (Luke Dashjr)
0a08aa8 Parameterise command line option defaults, so translations are independent of them (Luke Dashjr)
d4746d5 Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log. (Mark Friedenbach)
This allows for a reversal of the current behavior.
This:
CScript foo;
CScriptID bar(foo.GetID());
Becomes:
CScript foo;
CScriptID bar(foo);
This way, CScript is no longer dependent on CScriptID or Hash();