Hard-code a special nId=max int alert, to be broadcast if the
alert key is ever compromised. It applies to all versions, never
expires, cancels all previous alerts, and has a fixed message:
URGENT: Alert key compromised, upgrade required
Variations are not allowed (ignored), so an attacker with
the private key cannot broadcast empty-message nId=max alerts.
This fixes two alert system vulnerabilities found by
Sergio Lerner; you could send peers unlimited numbers
of invalid alert message to try to either fill up their
debug.log with messages and/or keep their CPU busy
checking signatures.
Fixed by disconnecting/banning peers if they send 10 or more
bad (invalid/expired/cancelled) alerts.
Windows & WindowsXP style have a problem with displaying the block progress.
Add a custom stylesheet as workaround, but only when one of those renderers is active,
otherwise leave the theme alone (issue #1071).
- add a new label, which can be updated independently from the whole
license information stuff
- the benefit is, we don't need to re-translate that whole wall of text
every year the copyright info changes
- update to the same copyright string we use in the source and in the
bitcoin-qt.exe meta-data information
- removes an obsolete entry from the ui-file
- Show address receiving the generation, and include it in the correct "account"
- Multiple entries in listtransactions output if the coinbase has multiple outputs to us
This applies on top of the coincontrol listaddressgroupings patch
and makes finding eligible outputs from the groups returned
by listaddressgroupings possible.
Logic:
- If sending a transaction, assign its timestamp to the current time.
- If receiving a transaction outside a block, assign its timestamp to the current time.
- If receiving a block with a future timestamp, assign all its (not already known) transactions' timestamps to the current time.
- If receiving a block with a past timestamp, before the most recent known transaction (that we care about), assign all its (not already known) transactions' timestamps to the same timestamp as that most-recent-known transaction.
- If receiving a block with a past timestamp, but after the most recent known transaction, assign all its (not already known) transactions' timestamps to the block time.
For backward compatibility, new accounting data is stored after a \0 in the comment string.
This way, old versions and third-party software should load and store them, but all actual use (listtransactions, for example) ignores it.
Replace direct calls to mlock.
Also, change the class to lock the memory areas in the constructor and unlock them again in the destructor. This makes sure that locked pages won't leak.
Memory locks do not stack, that is, pages which have been locked several times by calls to mlock()
will be unlocked by a single call to munlock(). This can result in keying material ending up in swap when
those functions are used naively. In this commit a class "LockedPageManager" is added
that simulates stacking memory locks by keeping a counter per page.
Allows the user to pass null as the second or third parameter
to signrawtransaction, in case you need to (for example) fetch
private keys from the wallet but want to specify the hash type.
This does two things:
1) Now does not output to debug.log if -printtodebugger flag is passed
2) Unit tests set -printtodebugger so only test results are output to stdout
Note that -printtodebugger only actually prints to the debugger on Windows.
If 950 of the last 1,000 blocks are nVersion=2, reject nVersion=1
(or zero, but no bitcoin release has created block.nVersion=0) blocks
-- 75 of last 100 on testnet3.
This rule is being put in place now so that we don't have to go
through another "express support" process to get what we really
want, which is for every single new block to include the block height
in the coinbase.
"Version 2" blocks are blocks that have nVersion=2 and
have the block height as the first item in their coinbase.
Block-height-in-the-coinbase is strictly enforced when
version=2 blocks are a supermajority in the block chain
(750 of the last 1,000 blocks on main net, 51 of 100 for
testnet). This does not affect old clients/miners at all,
which will continue producing nVersion=1 blocks, and
which will continue to be valid.
- extend bitcoin-qt.rc to include meta information, which is displayed on
Windows, when looking in the executable properties and selecting
"Details"
- does currently NOT include version information, this is scheduled
for later releases
- for RC-file documentation see:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa381058%28v=vs.85%29.aspx
This is the last time for 0.7.0. We should avoid message changes
until the release. Translators can use the remaining time to update their languages on
Transifex.
The other languages need to be merged from Transifex just before release.
Signrawtransaction rpc was crashing when some inputs were unknown,
and even with that fixed was failing to handle all the known inputs
if there were unknown inputs in front of them. This commit instead
attempts to fetch inputs one at a time.
- this enables DEP on all Windows version which support the
SetProcessDEPPolicy() call in Kernel32.dll
- use a dynamic approach via GetProcAddress() to not rely on headers or
compiler libs
- this is the same way the Tor-project does it
- add enableApplyButton() and disableApplyButton() to optionsdialog.{h/cpp}
- they are used to ensure the Ok button does not get disabled, when Apply needs to be disabled (standard UX should allow Ok always to dismiss the dialog and only disable it, when we have a faulty proxy IP)
- disable Apply after initially loading the settings, as nothing new needs to be saved
- remove orphan settings from optionsdialog.ui that are default anyway
- If the height is in the first half, start at the genesis block and go up, rather than at the top
- Cache the last lookup and use it as a reference point if it's close to the next request, to make linear lookups always fast
- ensure warnings always start with "Warning:" and that the first
character after ":" is written uppercase
- ensure the first sentence in warnings ends with an "!"
- remove unneeded spaces from Warning-strings
- add missing Warning-string translation
- remove a "\n" and replace with untranslatable "<br><br>"
- place "-?" option at first
- re-work description and "\n" usage for Gavins new block creation options
to better match current description syntax
- ensure no "\n" is in translated strings, which is better for Transifex
The new bytes are based on "11" to appeal to Gavin's 11 fetish.
This breaks existing testnet3 nodes as the blockchain files
are also versioned. To upgrade a node delete everything
except wallet.dat from your .bitcoin/testnet3 folder.
Modify CreateNewBlock so that instead of processing all transactions
in priority order, process the first 27K of transactions in
priority order and then process the rest in fee-per-kilobyte
order.
This is the first, minimal step towards better a better fee-handling
system for both miners and end-users; this patch should be easy
to backport to the old versions of Bitcoin, and accomplishes the
most important goal-- allow users to "buy their way in" to blocks
using transaction fees.
- remove duplicate includes, that are already present in ui_optionsdialog.h
- change QIntValidator to not allow 0 as port-number
- re-order some function calls to match the Ui element order, for better readbility and to prepare for the addition of further IPv6 and Tor proxy options
- restat warning for the language selection is only shown, when the language was changed (not on simply activating the Ui element)
- split check for object == ui->proxyIp into seperate if-clause
- micro-optimize the code in the above mentioned if-clause
- unify used format for comments in the code
- introduce handleProxyIpValid() function, which handles UI elements and the
save button states for valid/invalid proxy IPs
- add IMPLEMENT_RANDOMIZE_STACK for ipcThread()
- log / print boost interprocess exceptions
- use MAX_URI_LENGTH in guiconstants.h (also used in qrcodedialog.cpp)
- remove unneeded includes and ipcShutdown() from qtipcserver.cpp
- fix a small mem-leak by deleting mq before re-using it
- make ipcThread() and ipcThread2() static functions
- add some more comments
NOTE: This is currently disabled, until a developer with FreeBSD/OpenBSD
can confirm that this works (without causing undefined behaviour
preferrably).
Signed-off-by: Giel van Schijndel <me@mortis.eu>
* Fix wrong thread name for wallet *relocking* thread
- Was named the unlocking thread
* Use consistent naming
Signed-off-by: Giel van Schijndel <me@mortis.eu>
NOTE: These thread names are visible in gdb when using 'info threads'.
Additionally both 'top' and 'ps' show these names *unless* told to
display the command-line instead of task name.
Signed-off-by: Giel van Schijndel <me@mortis.eu>
- this helps user to not think our Client is called "Bitcoin Wallet"
- change "About Bitcoin-Qt" to "About Bitcoin"
- change "Bitcoin debug window" to "Bitcoin - Debug window"
- change "Client" in debug Window to "Bitcoin Core"
- cleanup optionsmodel before adding new proxy options
- place SOCKS version stuff below proxy port (IP, Port, SOCKS version)
- simplyfy some parts of the code (e.g. don't check IP and port, as this
is done in optionsdialog anyway, remove unneeded {} in switch/case)
- small cosmetic changes in the header for better readability
Because new nodes pull from the first connected node the load
balancing of the first connection is more important than it should
be. This change puts Pieter's seed first, because its probably
the best maintained right now.
Fixes#1452. Until we can make the logic water-tight *and* are notified in every
case the balance might have changed, remove the premature optimization and
simply recompute the balance every half a second when the number of blocks changed.
Compiling boost::interprocess::message_queue against
boost 1.50 macports with -arch i386 (how releases are built,
for minimum download size and maximum compatibility) is failing:
src/qt/qtipcserver.cpp:37: error: no matching function for call to ‘boost::interprocess::message_queue_t<boost::interprocess::offset_ptr<void, int, long unsigned int, 0u> >::timed_receive(char (*)[257], long unsigned int, size_t&, unsigned int&, boost::posix_time::ptime&)’
This is probably a boost or macports bug, but since interprocess::message_queue
is only used for URI support, which isn't implemented on OSX anyway, I fixed
the build by #ifdef'ing out that code.
- add signals signMessage() and verifyMessage() in addressbookpage.cpp
- connect to them in bitcoingui.cpp to switch to the corresponding tab in the Sign/Verify Message dialog
- make gotoSignMessageTab() and gotoVerifyMessageTab() private slots
- remove unused #include <QDebug> and lblBTC label
- update Bitcoin input field to a BitcoinAmountField to allow Bitcoin unit selection
- use BitcoinUnits::format for the resulting amount parameter in the generated URI (always use BTC as per BIP21)
- move MAX_URI_LENGTH and EXPORT_IMAGE_SIZE to guiconstants.h
- add OptionsModel in AddressBookPage and use it in on_showQRCode_clicked() to pass it to QRCodeDialog
- add OptionsModel in QRCodeDialog to enable display unit updates
- add updateDisplayUnit() slot to be able to imediately update currently set bitcoin unit
- make all labels in the UI-file plain text
- resize dialog to match for an updated layout (fields are now stacked and new field)
- remove unused parameters from private slots
- only enable save button, when QR Code was generated
- show message when entered amound is invalid
- add read-only QPlainTextEdit field to output generated URI
Adds CBlock::CURRENT_VERSION and CTransaction::CURRENT_VERSION
constants, and makes non-CURRENT_VERSION transactions nonstandard.
This will help make future upgrades smoother.
- add UI-feedback via QValidatedLineEdit
- copy button for generated signature was moved to the signature output field
- add an addressbook button to verify message tab
- input fields are now evenly ordered for sign and verify tabs
- update FIRST_CLASS_MESSAGING support to ensure a good UX
- add a button and context menu entry in addressbook for verify message (to be consistent with sign message)
- focus is now only set/changed, when clearing input fields or adding an address via addressbook
- re-work / update some strings
- ensure model gets initialized in the SignVerifyMessageDialog constructor
- add checks for a valid model to both addressbook buttons
- remove unneeded includes for Qt GUI elements that are listed in ui_signverifymessagedialog.h anyway
Implement listunspent / getrawtransaction / createrawtransaction /
signrawtransaction, to support creation and
signing-on-multiple-device multisignature transactions.
This PULL reworks new (post-0.6.*) features of the
gettransaction/getblock RPC calls as follows:
It removes the 'decompositions' object argument from getblock,
replacing it just a list of transaction hashes; equivalent
(I believe) of passing the {"tx":"hash"} decomposition.
It replaces the 'decompositions' object argument of
gettransaction with a boolean flag; if true, returns
the same stuff that the {"script":"obj"} decomposition
would return (txins/txouts as hex, disassembled, and bitcoin
addresses).
It adds a "rawtx" field to the output of gettransaction,
that is the entire transaction serialized and hex-encoded.
It removes the "size" field from gettransaction, since the size
is trivial to compute from the "rawtx" field (either take the
length after hex-decoding, or just compute it as hex-length/2).
If the top-level object is an array, it is assumed to be an array of
JSON-RPC requests. An array is returned, containing one response (error or
not) per request, in the order submitted.
In a slight change in semantics, batched requests -always- return
an HTTP 200 OK status, even ones full of invalid or incorrect requests.
- remove "#include <QString>" as this is included in the header
- add some missing plural forms that can be translated
- change "yours" into "own address", which is easier to understand and translate in that context
- cleanup translatable strings to not include HTML or unneeded chars (e.g. ":")
- resize TransactionDescDialog a little (remove unwanted line-breaks with non english translations)
Bitcoin will not make an outbound connection to a network group
(/16 for IPv4) that it is already connected to. This means that
if an attacker wants good odds of capturing all a nodes outbound
connections he must have hosts on a a large number of distinct
groups.
Previously both inbound and outbound connections were used to
feed this exclusion. The use of inbound connections, which can be
controlled by the attacker, actually has the potential of making
sibyl attacks _easier_: An attacker can start up hosts in groups
which house many honest nodes and make outbound connections to
the victim to exclude big swaths of honest nodes. Because the
attacker chooses to make the outbound connection he can always
beat out honest nodes for the consumption of inbound slots.
At _best_ the old behavior increases attacker costs by a single
group (e.g. one distinct group to use to fill up all your inbound
slots), but at worst it allows the attacker to select whole
networks you won't connect to.
This commit makes the nodes use only outbound links to exclude
network groups for outbound connections. Fancier things could
be done, like weaker exclusion for inbound groups... but
simplicity is good and I don't believe more complexity is
currently needed.
Useful for developers who need to refer to futher back in debug.log history, but who don't want to
enable the -debug option and all the verbosity that comes with that.
- display as "language - country (locale name)", when locale name consists of 2 parts
- display as "language (locale name)", when locale name consists of 1 part
Use Boost's signal2 slot tracking mechanism to cancel any (still open)
listening sockets when receiving a shutdown signal.
Signed-off-by: Giel van Schijndel <me@mortis.eu>
This commit adds support for .onion addresses (mapped into the IPv6
by using OnionCat's range and encoding), and the ability to connect
to them via a SOCKS5 proxy.
Prior to this change, each TX typically generated 3+ debug messages,
askfor tx 8644cc97480ba1537214 0
sending getdata: tx 8644cc97480ba1537214
askfor tx 8644cc97480ba1537214 1339640761000000
askfor tx 8644cc97480ba1537214 1339640881000000
CTxMemPool::accept() : accepted 8644cc9748 (poolsz 6857)
After this change, there is only one message for each valid TX received
CTxMemPool::accept() : accepted 22a73c5d8c (poolsz 42)
and two messages for each orphan tx received
ERROR: FetchInputs() : 673dc195aa mempool Tx prev not found 1e439346fc
stored orphan tx 673dc195aa (mapsz 19)
The -debugnet option, or its superset -debug, will restore the full debug
output.
Since the minimum signed integer cannot be represented as positive so long as its type is signed, and it's not well-defined what happens if you make it unsigned before negating it, we instead increment the negative integer by 1, convert it, then increment the (now positive) unsigned integer by 1 to compensate
Implement the following rules:
* Interpret [X]:Y as host=X port=Y, if Y is an integer
* Interpret X:Y as host=X port=Y, if Y is an integer and X contains no colon
* Interpret X:Y as host=X:Y port=default otherwise
On Linux/Mac the command-line options were printed to stderr when the button
was pressed in the debug window, resulting in confusion. This is fixed
in this commit by adding a separate method.
The current order of menu options in the tray menu doesn't really match expected usage patterns, this commit changes it to more logical order.
- Toggle show/hide first (unchanged)
- Then, send/receive coins actions, which are the critical functionality of bitcoin
- Then, sign/verify message
- Then finally the options, and closing with the debug window
This is necessary as any strings have changed since last time.
Also the python script used to extract bitcoinstrings.cpp, extract_strings_qt.py
now sorts the strings before generating the output file. This results in more
deterministic output and thus smaller diffs.
- extend network options with a SOCKS version selection
- changing "Unit to show amounts in:" now also updates the unit used in the transaction fee box
- string updates
- link Apply button and OK button when enabling or disabling them
- use LookupNumeric() from netbase to verify proxy address (via an EventFilter)
- change proxy address field to QValidatedLineEdit and add visual feedback
- add a status label used for displaying a message for invalid proxy addresses
- allow usage of IPv6 address as proxy address
- added warning message when enabling / disabling SOCKS proxy
The option to open the debug logfile from the debug window was implemented only for
windows. By using `QDesktopServices::openUrl` it now works on any platform.
AvailableCoins() makes a vector of available outputs which is then passed to SelectCoinsMinConf(). This allows unit tests to test the coin selection algorithm without having the whole blockchain available.