Commit graph

16766 commits

Author SHA1 Message Date
Suhas Daftuar
37886d5e2f Disconnect outbound peers relaying invalid headers 2017-10-27 16:29:12 -04:00
Suhas Daftuar
4637f18522 moveonly: factor out headers processing into separate function
ProcessMessages will now return earlier when processing headers
messages, rather than continuing on (and do nothing).
2017-10-26 16:37:06 -04:00
Wladimir J. van der Laan
d93fa261f0
Merge #11490: Disconnect from outbound peers with bad headers chains
e065249 Add unit test for outbound peer eviction (Suhas Daftuar)
5a6d00c Permit disconnection of outbound peers on bad/slow chains (Suhas Daftuar)
c60fd71 Disconnecting from bad outbound peers in IBD (Suhas Daftuar)

Pull request description:

  The first commit will disconnect an outbound peer that serves us a headers chain with insufficient work while we're in IBD.

  The second commit introduces a way to disconnect outbound peers whose chains fall out of sync with ours:

  For a given outbound peer, we check whether their best known block (which is known from the blocks they announce to us) has at least as much work as our tip.  If it doesn't, we set a 20 minute timeout, and if we still haven't heard about a block with as much work as our tip had when we set the timeout, then we send a single getheaders message, and wait 2 more minutes.  If after two minutes their best known block has insufficient work, we disconnect that peer.

  We protect 4 of our outbound peers (who provide some "good" headers chains, ie a chain with at least as much work as our tip at some point) from being subject to this logic, to prevent excessive network topology changes as a result of this algorithm, while still ensuring that we have a reasonable number of nodes not known to be on bogus chains.

  We also don't require our peers to be on the same chain as us, to prevent accidental partitioning of the network in the event of a chain split.  Note that if our peers are ever on a more work chain than our tip, then we will download and validate it, and then either reorg to it, or learn of a consensus incompatibility with that peer and disconnect.  This PR is designed to protect against peers that are on a less work chain which we may never try to download and validate.

Tree-SHA512: 2e0169a1dd8a7fb95980573ac4a201924bffdd724c19afcab5efcef076fdbe1f2cec7dc5f5d7e0a6327216f56d3828884f73642e00c8534b56ec2bb4c854a656
2017-10-26 21:53:41 +02:00
Suhas Daftuar
e065249c01 Add unit test for outbound peer eviction 2017-10-26 13:51:06 -04:00
Suhas Daftuar
5a6d00c6de Permit disconnection of outbound peers on bad/slow chains
Currently we have no rotation of outbound peers.  If an outbound peer
stops serving us blocks, or is on a consensus-incompatible chain with
less work than our tip (but otherwise valid headers), then we will never
disconnect that peer, even though that peer is using one of our 8
outbound connection slots.  Because we rely on our outbound peers to
find an honest node in order to reach consensus, allowing an
incompatible peer to occupy one of those slots is undesirable,
particularly if it is possible for all such slots to be occupied by such
peers.

Protect against this by always checking to see if a peer's best known
block has less work than our tip, and if so, set a 20 minute timeout --
if the peer is still not known to have caught up to a chain with as much
work as ours after 20 minutes, then send a single getheaders message,
wait 2 more minutes, and if a better header hasn't been received by then,
disconnect that peer.

Note:

- we do not require that our peer sync to the same tip as ours, just an
equal or greater work tip.  (Doing otherwise would risk partitioning the
network in the event of a chain split, and is also unnecessary.)

- we pick 4 of our outbound peers and do not subject them to this logic,
to be more conservative. We don't wish to permit temporary network
issues (or an attacker) to excessively disrupt network topology.
2017-10-26 13:43:53 -04:00
Suhas Daftuar
c60fd71a65 Disconnecting from bad outbound peers in IBD
When in IBD, we'd like to use all our outbound peers to help us
sync the chain.  Disconnect any outbound peers whose headers have
insufficient work.
2017-10-26 13:43:53 -04:00
John Newbery
11413646be [trivial] (whitespace only) fix getblockchaininfo alignment 2017-10-26 12:11:13 -04:00
John Newbery
bd9c18171d [rpc] Add initialblockdownload to getblockchaininfo 2017-10-26 12:11:09 -04:00
Wladimir J. van der Laan
cf8c4a7633
Merge #11530: Add share/rpcuser to dist. source code archive
fa81534 Add share/rpcuser to dist. source code archive (MarcoFalke)

Pull request description:

  As the legacy rpcuser and rpcpassword are deprected since 0.12.0, we should actually include the script to generate the new auth pair in the distributed source code archive.

  Ref: #6753

  (Tagging for backport, since it is a trivial bugfix)

Tree-SHA512: f2737957a92396444573f41071a785be5fb318df9efeb3ade7e56b3b56d512e5f9ca36723365fe5be8aaee69c5e8d8ed1178510bf02186c848b3910ee001ecb9
2017-10-26 17:27:39 +02:00
Russell Yanofsky
659b2061c4 Make listsinceblock refuse unknown block hash
Change suggested by Cory Fields <cory-nospam-@coryfields.com> who noticed
listsinceblock would ignore invalid block hashes causing it to return a
completely unfiltered list of transactions.
2017-10-26 07:10:59 -04:00
practicalswift
fd3a2f3130 [tests] Add fuzz testing for BlockTransactions and BlockTransactionsRequest 2017-10-25 22:08:10 +02:00
fanquake
9d30f54ef1
[Docs] Update OpenBSD Build Instructions for OpenBSD 6.2 2017-10-25 10:57:56 +08:00
Matt Corallo
a6f33ea77d Sanity-check script sizes in bitcoin-tx 2017-10-24 14:11:52 -04:00
Russell Yanofsky
bc9c0a7b74 Improve wallet-accounts test
Add comments and

- Verify sending to a account causes getaccountaddress to generate new addresses.
- Verify sending to a account causes getreceivedbyaccount to return amount received.
- Verify ways setaccount updates the accounts of existing addresses.
2017-10-24 07:45:17 -04:00
MarcoFalke
57ee73990f
Merge #11538: qa: Fix race condition failures in replace-by-fee.py, sendheaders.py
6d51eaefe qa: Fix race condition in sendheaders.py (Suhas Daftuar)
c96b2e4f0 qa: Fix replace-by-fee race condition failures (Suhas Daftuar)

Pull request description:

  I think #11407 broke replace-by-fee by introducing a race condition.  I was observing frequent failures of replace-by-fee locally, always with a mempool sync failure (the sync call was added in #11407).

  It appeared to me like there were two causes: sometimes the node would be in IBD and not request the transaction that was relayed; other times the blocks generated in make_utxo wouldn't have relayed quickly enough for the spend of the transaction to be accepted.  I believe I've fixed both potential errors.

  ping @instagibbs

  Edit: I found a race condition in the sendheaders.py test, where if the verack from the python node wasn't processed before the first block in the test was generated, then no block announcement would go out to that peer, breaking the test.  Fixed by adding a sync_with_ping after waiting for verack.

Tree-SHA512: 6ad160966e432c151c1ce6e88ae67e60e47123523bda3755cf7697a00e1a5ba38de8561751826e3d7cf0e492f8c2aec298e1b4de8424ebbaf497f099a1ef1d07
2017-10-23 17:19:26 +02:00
Suhas Daftuar
6d51eaefe9 qa: Fix race condition in sendheaders.py 2017-10-23 08:55:21 -04:00
Jonas Schnelli
6157e8ce39
Merge #11499: [Qt] Add upload and download info to the peerlist (debug menu)
6b1891e2c Add Sent and Received information to the debug menu peer list (Aaron Golliver)
8e4aa35ff move human-readable byte formatting to guiutil (Aaron Golliver)

Pull request description:

  Makes the peer list display how much you've uploaded/downloaded from each peer.

  Here's a screenshot ~~[outdated](https://i.imgur.com/MhPbItp.png)~~, [current](https://i.imgur.com/K1htrVv.png) of how it looks. You can now sort to see who are the peers you've uploaded the most too.

  I also moved `RPCConsole::FormatBytes` to `guiutil::formatBytes` so I could use it in the peerlist

Tree-SHA512: 8845ef406e4cbe7f981879a78c063542ce90f50f45c8fa3514ba3e6e1164b4c70bb2093c4e1cac268aef0328b7b63545bc1dfa435c227f28fdb4cb0a596800f5
2017-10-22 15:33:11 -10:00
Wladimir J. van der Laan
c0e5139413
Merge #11458: Don't process unrequested, low-work blocks
01b52ce Add comment explaining forced processing of compact blocks (Suhas Daftuar)
08fd822 qa: add test for minchainwork use in acceptblock (Suhas Daftuar)
ce8cd7a Don't process unrequested, low-work blocks (Suhas Daftuar)

Pull request description:

  A peer could try to waste our resources by sending us unrequested blocks with
  low work (eg to fill up our disk).  Since e265200 we no longer request blocks until we
  know we're on a chain with more than nMinimumChainWork (our anti-DoS
  threshold), but we would still process unrequested blocks that had more work
  than our tip (which generally has low-work during IBD), even though we may not
  yet have found a headers chain with sufficient work.

  Fix this and add a test.

Tree-SHA512: 1a4fb0bbd78054b84683f995c8c3194dd44fa914dc351ae4379c7c1a6f83224f609f8b9c2d9dde28741426c6af008ffffea836d21aa31a5ebaa00f8e0f81229e
2017-10-21 11:14:31 +02:00
Wladimir J. van der Laan
e668a6e61d
Merge #11539: [verify-commits] Allow revoked keys to expire
d23be30 [verify-commits] Allow revoked keys to expire (Matt Corallo)

Pull request description:

  This should fix verify-commits on master.

Tree-SHA512: 9bfca41fdfcdb11f6d07fcbc80a7b2de37706051e963292e0fbb4c608f146c87b65ab1e8395792197b4a7099e89fa045f278a60276672f6540b68d5e15b5a4a7
2017-10-21 09:09:41 +02:00
fanquake
cc5c39ddca
[Build] Add AM_OBJCXXFLAGS and QT_PIE_FLAGS to OBJCXXFLAGS to future-proof darwin targets 2017-10-21 12:13:25 +08:00
Evan Klitzke
f8c66972dd
Fix automake warnings when running autogen.sh 2017-10-21 12:05:36 +08:00
Matt Corallo
d23be309c2 [verify-commits] Allow revoked keys to expire 2017-10-20 16:35:16 -04:00
Suhas Daftuar
c96b2e4f09 qa: Fix replace-by-fee race condition failures 2017-10-20 16:10:12 -04:00
Suhas Daftuar
01b52cedd4 Add comment explaining forced processing of compact blocks 2017-10-19 20:52:30 -04:00
Suhas Daftuar
08fd822771 qa: add test for minchainwork use in acceptblock 2017-10-19 20:38:22 -04:00
Suhas Daftuar
ce8cd7a7da Don't process unrequested, low-work blocks
A peer could try to waste our resources by sending us unrequested blocks with
low work, eg to fill up our disk.  Since
e2652002b6 we no longer request blocks until we
know we're on a chain with more than nMinimumChainWork (our anti-DoS
threshold), but we would still process unrequested blocks that had more work
than our tip.  This commit fixes that behavior.
2017-10-19 20:33:45 -04:00
MarcoFalke
fa81534d06 Add share/rpcuser to dist. source code archive 2017-10-19 22:13:49 +02:00
Wladimir J. van der Laan
ff92fbf247
Merge #11529: Avoid slow transaction search with txindex enabled
7a5f930 Avoid slow transaction search with txindex enabled (João Barbosa)

Pull request description:

  This is an alternative to #11507 where a slow search is not attempted (in any case) if `txindex` is enabled.

Tree-SHA512: e680621781a9241c0513ddd79d23b0b42f3ccec8a63ed1c926b35c43321c81c39a1028770397dd5070501dcf644d897026a2bd68a161a4b435f19227c1bbca48
2017-10-19 20:04:57 +02:00
Wladimir J. van der Laan
99e93de6f8
Merge #11476: Avoid opening copied wallet databases simultaneously
478a89c Avoid opening copied wallet databases simultaneously (Russell Yanofsky)

Pull request description:

  Make sure wallet databases have unique fileids. If they don't, throw an error. BDB caches do not work properly when more than one open database has the same fileid, because values written to one database may show up in reads to other databases.

  Bitcoin will never create different databases with the same fileid, but users can create them by manually copying database files.

  BDB caching bug was reported by @dooglus in https://github.com/bitcoin/bitcoin/issues/11429

Tree-SHA512: e7635dc81a181801f42324b72fe9e0a2a7dd00b1dcf5abcbf27fa50938eb9a1fc3065c2321326c3456c48c29ae6504353b02f3d46e6eb2f7b09e46d8fe24388d
2017-10-19 18:16:46 +02:00
João Barbosa
7a5f9303a9 Avoid slow transaction search with txindex enabled 2017-10-19 16:01:45 +01:00
Wladimir J. van der Laan
13f53b750d
Merge #11527: Remove my testnet DNS seed as I currently don't have the capacity to …
132d322 Remove my testnet DNS seed as I currently don't have the capacity to keep it up to date. (Andreas Schildbach)

Pull request description:

  …keep it up to date.

  I suggest to consider this for backporting.

Tree-SHA512: 2aadb60e9ecab1756f835e62ab784124c61a1fa59380d299ce482f826169da9ed8b7f8615ea9d8d3484eac0b32a9e974685ddc51723c7782a472bc0386243898
2017-10-19 15:01:43 +02:00
Russell Yanofsky
478a89c1ef Avoid opening copied wallet databases simultaneously
Make sure wallet databases have unique fileids. If they don't, throw an error.
BDB caches do not work properly when more than one open database has the same
fileid, because values written to one database may show up in reads to other
databases.

Bitcoin will never create different databases with the same fileid, but users
can create them by manually copying database files.

BDB caching bug was reported by Chris Moore <dooglus@gmail.com>
https://github.com/bitcoin/bitcoin/issues/11429

Fixes #11429
2017-10-19 09:01:43 -04:00
Wladimir J. van der Laan
b9e1299f04
Merge #11521: travis: move back to the minimal image
3d1c311 Revert "travis: filter out pyenv" (Cory Fields)
a86e81b travis: move back to the minimal image (Cory Fields)

Pull request description:

  The most recent update replaced the minimal image with a large one for the
  'generic' image. Switching back to 'minimal' should reduce dependencies and
  maybe speed us up some.

  It should also eliminiate the need for aa2e0f09e.

Tree-SHA512: 0e5f3e97e8d97add07ea228bc5ce1e51e8e069950dbb2871a7eece297995f20b671afdf1c68211ce404cba3ba393d61dfef30ed54d46d6805fde9388f6b4455e
2017-10-19 14:54:35 +02:00
Andreas Schildbach
132d3225f3 Remove my testnet DNS seed as I currently don't have the capacity to keep it up to date. 2017-10-19 12:47:19 +02:00
MeshCollider
c098c58196 Wrap dumpwallet warning and note scripts aren't dumped 2017-10-19 22:02:13 +13:00
Thomas Snider
ff35de8f03 [ui] Add toggle for unblinding password fields 2017-10-18 13:22:30 -07:00
Cory Fields
3d1c31126b Revert "travis: filter out pyenv"
This reverts commit aa2e0f09ec.
2017-10-18 14:42:08 -04:00
Cory Fields
a86e81b78f travis: move back to the minimal image
The most recent update replaced the minimal image with a large one for the
'generic' image. Switching back to 'minimal' should reduce dependencies and
maybe speed us up some.

It should also eliminiate the need for aa2e0f09e.
2017-10-18 14:26:22 -04:00
Wladimir J. van der Laan
02ac8c892b
Merge #11452: Improve ZMQ functional test
cc9ee80 Improve ZMQ functional test (João Barbosa)

Pull request description:

  After #11439, this PR only improves:
   - test comments;
   - simplicity by removing *duplicate* tests;
   - also removes duplicate code.

Tree-SHA512: 3636fa9694c827128128742ad31e635d19670c3645aef8e7b1cb46069c21631e8b0db059486a6f6e7eee237a23d93bce6df95190394b5a8dcfce31a49a72d17f
2017-10-18 19:00:05 +02:00
practicalswift
a3f56578ab Add test cases covering the relevant key length boundaries: 64 bytes +/- 1 byte for HMAC-SHA256 and 128 bytes +/- 1 byte for HMAC-SHA512 2017-10-18 17:27:15 +02:00
practicalswift
13a81b19df Add quotes to variable assignment (as requested by @TheBlueMatt) 2017-10-18 17:10:23 +02:00
practicalswift
683b9d280b Fix valid path output 2017-10-18 17:10:23 +02:00
practicalswift
193c2fb4c8 Use bash instead of POSIX sh. POSIX sh does not support arrays. 2017-10-18 17:10:23 +02:00
practicalswift
80f5f28d38 Fix incorrect quoting of quotes (the previous quotes had no effect beyond unquoting) 2017-10-18 17:10:23 +02:00
practicalswift
564a172dfd Add required space to [[ -n "$1" ]] (previously [[ -n"$1" ]]) 2017-10-18 17:09:36 +02:00
practicalswift
1e44ae0e19 Add error handling: exit if cd fails 2017-10-18 17:09:36 +02:00
practicalswift
b9e79ab415 Remove "\n" from echo argument. echo does not support escape sequences. 2017-10-18 17:09:36 +02:00
practicalswift
f6b3382fa3 Remove unused variables 2017-10-18 17:09:36 +02:00
Wladimir J. van der Laan
937613d215
Merge #11467: Fix typos. Use nullptr instead of NULL.
0aacfa4 Remove accidental stray semicolon (practicalswift)
68feb49 Use nullptr instead of NULL (practicalswift)
c6b07fd Fix a vs. an typo (practicalswift)

Pull request description:

  Minor cleanups:
  * Typo: Fix a vs. an typo
  * Typo: Remove accidental stray semicolon (only remaining instance in repo)
  * Correctness/consistency: Use `nullptr` instead of `NULL` (only remaining instance in repo)

Tree-SHA512: 47142e557da9d3fa0b532c46edeb7f356a1f6dc5973e60b0e496badff3581ff696eade542d49da777ac7f2e895129cc8487ccdb1984ff828434fa86f9a56dad0
2017-10-18 17:01:43 +02:00
Wladimir J. van der Laan
6759a24eaa
Merge #11472: qa: Make tmpdir option an absolute path, misc cleanup
fafa003 qa: Remove never used return value of sync_with_ping (MarcoFalke)
fa9de37 qa: Make tmpdir option an absolute path (MarcoFalke)

Pull request description:

  This should fix issues with the multiwallet test and its symlinks
  when the tmpdir is a relative path.

  Rather than fixing os.symlink to work with paths relative to a
  directory descriptor, which does not work on Windows, normalize
  the path instead.

Tree-SHA512: 189690f3d065ea2f0f48e06775c86d513d0916c7c86312432e8e16df160e65539e288c2bd53d49a4180735fa940f6fcd52b506ccd7d9815651a9b1a69850dda6
2017-10-18 16:52:48 +02:00