11e0fd8d6 Descriptor expansions only need pubkey entries for PKH/WPKH (Pieter Wuille)
Pull request description:
Currently, calling `Expand` on a `Descriptor` object will populate the output FlatSigningProvider with all public keys involved in the descriptor. This is overkill, as pubkey entries are only needed when the lookup of a public key based on its hash is desired (which is the case for `pkh`, `wpkh`, and `combo` descriptors).
Fix this by pushing the population of pubkey entries down into the individual descriptor implementation's `MakeScript` function, instead of doing it generically.
This should make it easier to implement #14491 without importing P2PKH outputs for the individual public keys listed inside a multisig.
Tree-SHA512: 5bc7e9bd29f1b3bc63514803e9489b3bf126bfc177d46313aa9eeb98770ec61a97b55bd8ad4e2384154799f24b1bc4183bfdb4708b2ffa6e37ed2601a451cabc
Without this lock BerkeleyEnvironment::~BerkeleyEnvironment and
GetWalletEnv would race for g_dbenvs. This wasn't detected before
because thread safety analysis does not check constructors and
destructors.
119d360aab travis: Document whether functional tests are run in the job name (Ben Woosley)
64f28545e3 Revert "travis: Compile trusty with depends for now" (Ben Woosley)
267eac00f9 Prefer boost::optional#get_value_or over #value_or (Ben Woosley)
1971f5ba04 Piecewise construct to avoid invalid construction (Ben Woosley)
Pull request description:
In light of #14979, I realized that only qt 5.5+ was being tested under CI, while compatibility lists 5.2+.
In #15276, Marco added Trusty to CI, building with depends. This changes that build to system libraries, in order to ensure ongoing compatibility with our claimed minimum required versions.
Fixes#14983, previously open as #14998
Tree-SHA512: 6cff5e28c756ecb8bf797c8f6eb77c1944ba61a8dd6d7d4984e63eef384f6429dc79c505da3241c05b9c4db31c72b2a9846c7365aba9280f2e0620e5f3998d07
e6c58d3b01 Do not import private keys to wallets with private keys disabled (Andrew Chow)
b5c5021b64 Refactor importwallet to extract data from the file and then import (Andrew Chow)
1f77f6754c tests: unify RPC argument to cli argument conversion and handle dicts and lists (Andrew Chow)
Pull request description:
Fixes a bug where private keys could be imported to wallets with private keys disabled. Now every RPC which can import private keys checks for whether the wallet has private keys are disabled and errors if it is. Also added an belt-and-suspenders check to `AddKeyPubkeyWithDB` to have it assert that the wallet has private keys enabled.
Tree-SHA512: 5cd04febce9aa2bd9bfd02f312c6ff8705e37278cae59efd3895f6d6e2f1b477aefd297e2dd0860791bdd3d4f3cad8eb1a404f8f3d4e2035b91314ad2c1028ae
In CMainSignals::RegisterWithMempoolSignals running under Ubuntu 14.04
(QT 5.2), absent piecewise construction this fails to create the pair
because the argument is a connection, which is converted into a
non-copyable scoped_connection.
validationinterface.cpp:80:186: required from here
/usr/include/boost/signals2/connection.hpp:234:7: error: ‘boost::signals2::scoped_connection::scoped_connection(const boost::signals2::scoped_connection&)’ is private
scoped_connection(const scoped_connection &other);
^
In file included from /usr/include/c++/4.8/utility:70:0,
from /usr/include/c++/4.8/algorithm:60,
from ./prevector.h:13,
from ./script/script.h:10,
from ./primitives/transaction.h:11,
from ./validationinterface.h:9,
from validationinterface.cpp:6:
/usr/include/c++/4.8/bits/stl_pair.h:134:45: error: within this context
: first(std::forward<_U1>(__x)), second(__y) { }
https://travis-ci.org/bitcoin/bitcoin/jobs/473689141#L2172
14bc2a17dd Trivial: add doxygen-compatible comments relating to BerkeleyEnvironment (Pierre Rochard)
88b1d956fe Tests: add unit tests for GetWalletEnv (Pierre Rochard)
f1f4bb7345 Free BerkeleyEnvironment instances when not in use (Russell Yanofsky)
Pull request description:
Instead of adding BerkeleyEnvironment objects permanently to the g_dbenvs map, use reference counted shared pointers and remove map entries when the last BerkeleyEnvironment reference goes out of scope.
This change was requested by @TheBlueMatt and makes code that sets up mock databases cleaner. The mock database environment will now go out of scope and be reset on destruction so there is no need to call BerkeleyEnvironment::Reset() during wallet construction to clear out prior state.
This change does affect bitcoin behavior slightly. On startup, instead of same wallet environments staying open throughout VerifyWallets() and OpenWallets() calls, VerifyWallets() will open and close an environment once for each wallet, and OpenWallets() will create its own environment(s) later.
Tree-SHA512: 219d77a9e2268298435b86088f998795e059fdab1d2050ba284a9ab8d8a44961c9b5cf96e94ee521688108d23c6db680e3e3a999b8cb2ac2a8590f691d50668b
3c3e31c3a4 [tests] Add wallet-tool test (João Barbosa)
49d2374acf [tools] Add wallet inspection and modification tool (Jonas Schnelli)
Pull request description:
Adds an offline tool `bitcoin-wallet-tool` for wallet creation and maintenance.
Currently this tool can create a new wallet file, display information on an existing wallet, and run the salvage and zapwallettxes maintenance tasks on an existing wallet. It can later be extended to support other common wallet maintenance tasks.
Doing wallet maintenance tasks in an offline tool makes much more sense (and is potentially safer) than having to spin up a full node.
Tree-SHA512: 75a28b8a58858d9d76c7532db40eacdefc5714ea5aab536fb1dc9756e2f7d750d69d68d59c50a68e633ce38fb5b8c3e3d4880db30fe01561e07ce58d42bceb2b
2bc4c3eaf9 Notify the GUI that the keypool has changed to set the receive button (Andrew Chow)
14bcdbe09c Check for more than private keys disabled to show receive button (Andrew Chow)
Pull request description:
Currently the Receive button in the GUI is displayed enabled or disabled by the initial state of the wallet when the wallet is first loaded. The button is only enabled or disabled depending on whether the disable private keys flag is set when the wallet is loaded. However, future changes to the wallet means that this initial state and check may no longer be accurate. #14938 introduces empty wallets which do not have private keys. An empty wallet that is loaded should have the Receive button disabled, and then it should become enabled once `sethdseed` is used so that a keypool can be generated and new keys generated. Likewise, with #14075, a wallet can be loaded with no keypool initially, so the button should be disabled. Later, public keys can be imported into the keypool, at which time the button should become enabled. When the keypool runs out again (no new keys are generated as the keypool only consists of imports), the button should become disabled.
This PR makes it so that the button becomes enabled and disabled as the keypool state changes. The check for whether to enable or disable the receive button has changed to checking whether it is possible to get new keys. It now checks for whether the wallet has an HD seed and, if not, whether the private keys are disabled. When an action happens which would make it possible for a new address to be retrieved or make it possible for a no more addresses to be retrieved, a signal is emitted which has the GUI recheck the conditions for the Receive button. These actions are setting a new HD seed, topping up the keypool, retrieving a key from the keypool, and returning a key to the keypool.
Tree-SHA512: eff15a5337f4c64ecd7169414fb47053c04f6a0f0130341b6dd9799ac4d79f451e25284701c668971fca33f0909d5352a474a2c12349375bedfdb59b63077d50
This commit adds wallet-tool, a tool for creating and interacting with
wallet files. Original implementation was by Jonas Schnelli
<dev@jonasschnelli.ch> with modifications by John Newbery
<john@johnnewbery.com>
MSVC files were provided by Chun Kuan Lee <ken2812221@gmail.com>:
build: Add MSVC project files for bitcoin-wallet-tool
2ca632e5b4 test: Build fuzz targets into seperate executables (MarcoFalke)
fab4bed68a [test] fuzz: make test_one_input return void (MarcoFalke)
Pull request description:
Currently our fuzzer is a single binary that decides on the first few bits of the buffer what target to pick. This is ineffective as the fuzzer needs to "learn" how the fuzz targets are organized and could get easily confused. Not to mention that the (seed) corpus can not be categorized by target, since targets might "leak" into each other. Also the corpus would potentially become invalid if we ever wanted to remove a target...
Solve that by building each fuzz target into their own executable.
Tree-SHA512: a874febc85a3c5e6729199542b65cad10640553fba6f663600c827fe144543744dd0f844fb62b4c95c6a04c670bfce32cdff3d5f26de2dfc25f10b258eda18ab
6f6514a080 Correct units for "-dbcache" and "-prune" (Hennadii Stepanov)
Pull request description:
Actually, all `dbcache`-related values in the code are measured in MiB (not in megabytes, MB) or in bytes (e.g., `nTotalCache`).
See: https://github.com/bitcoin/bitcoin/blob/master/src/txdb.hba8c8b2227/src/init.cpp (L1405-L1424)
Also, "-prune" is fixed:
1. The GUI values in GB are translated to the node values in MiB correctly.
2. The maximum of the "prune" `QSpinBox` is not limited by default value of 99 (GB).
Fix: #15106
Tree-SHA512: 151ec43b31b1074db8b345fedb1dcc10bde225899a5296bfc183f57e1553d13ac27db8db100226646769ad03c9fcab29d88763065a471757c6c41ac51108459d
fa5e6ef55c wallet: Fixup rescanblockchain result doc (MarcoFalke)
Pull request description:
This was probably accidentally added to the wrong line when addressing the feedback here: https://github.com/bitcoin/bitcoin/pull/7061#discussion_r142199778
I already added the default values in #14877, but it could be clarified more that this really has no specific block height as default value, since the tip can change during a rescan.
Tree-SHA512: 48a3c5143e2b7129ee8f396d2e77550cb393fbe45f5936aeebeb7a201d61560336a3ae47b26bb757a4dbbe217e06abfd67a5a673aef266b6c4d7a80d049a2b49
04da9f4834 [RPC] Update getrawtransaction interface (Amiti Uttarwar)
Pull request description:
- stop checking unspent UTXOs for a transaction when txindex is not enabled, as per conversation here: https://github.com/bitcoin/bitcoin/issues/3220#issuecomment-377458383
- code contributed by sipa
Tree-SHA512: aa07353bccc14b81b7803992a25d076d6bc06d15ec7c1b85828dc10aea7e0498d9b49f71783e352ab8a14b0bb2010cfb7835de3dfd1bc6f2323f460449348e66
All dbcache-related values in the code are measured in MiB (not in
megabytes, MB) or in bytes.
The GUI "-prune" values in GB are translated to the node values in MiB
correctly. The maximum of the "-prune" QSpinBox is not limited by the
default value of 99 (GB).
Also, this improves log readability.
44de1561a Remove remaining chainActive references from CWallet (Russell Yanofsky)
db21f0264 Convert CWallet::ScanForWalletTransactions and SyncTransaction to the new Chain apis (Russell Yanofsky)
2ffb07929 Add findFork and findBlock to the Chain interface (Russell Yanofsky)
d93c4c1d6 Add time methods to the Chain interface (Russell Yanofsky)
700c42b85 Add height, depth, and hash methods to the Chain interface (Russell Yanofsky)
Pull request description:
This change removes uses of `chainActive` and `mapBlockIndex` globals in wallet code. It is a refactoring change which does not affect external behavior.
This is the next step in the larger #10973 refactoring change, which removes all other accesses to node global variables from wallet code. Doing this is useful to provide a better defined interface between the wallet and node, and necessary to allow wallet and node code to run in separate processes in #10102.
Tree-SHA512: 4dcec8a31c458f54e2ea6ecf01e430469b0994c5b41a21a2d150efa67cd209f4c93ae210a101e064b3a87c52c6edfc70b070e979992be0e3a00fd425de6230a8
0297be61a Allow connections from misbehavior banned peers. (Gregory Maxwell)
Pull request description:
This allows incoming connections from peers which are only banned
due to an automatic misbehavior ban if doing so won't fill inbound.
These peers are preferred for eviction when inbound fills, but may
still be kept if they fall into the protected classes. This
eviction preference lasts the entire life of the connection even
if the ban expires.
If they misbehave again they'll still get disconnected.
The main purpose of banning on misbehavior is to prevent our
connections from being wasted on unhelpful peers such as ones
running incompatible consensus rules. For inbound peers this
can be better accomplished with eviction preferences.
A secondary purpose was to reduce resource waste from repeated
abuse but virtually any attacker can get a nearly unlimited
supply of addresses, so disconnection is about the best we can
do.
This can reduce the potential from negative impact due to incorrect misbehaviour bans.
Tree-SHA512: 03bc8ec8bae365cc437daf70000c8f2edc512e37db821bc4e0fafa6cf56cc185e9ab40453aa02445f48d6a2e3e7268767ca2017655aca5383108416f1e2cf20f
faa1522e5e RPCHelpMan: Pass through Result and Examples (MarcoFalke)
Pull request description:
Passing the rpc result and rpc examples through `RPCHelpMan` makes it clear in what order they appear in the stringified version. Future improvements could then autoformat or autogenerate them.
Tree-SHA512: b32a5c178cc80f50a7e9b93a38e2b26d5994188ecafe9e61bbc599941b44b9b0e4e4be6413d4464fac6e8e73661a191a77d34917f2e6293de19fb59519dd4487
fa5f890aeb rpc: Compile on GCC4.8 (MarcoFalke)
Pull request description:
GCC 4.8 is lacking some C++11 signatures (see "Adjust C++11 signatures to take a const_iterator." in GCC 4.9: 3d2b2f494d)
Fix that by changing the code to use the pre-GCC 4.9 signature.
Can be reverted after #13356.
Fixes#15172 (reports on `Linux Mint 17.3 Rosa` and `CentOS Linux release 7.5.1804 (Core)`)
Tree-SHA512: 0c0b18968270ad4fcd0c2000c57485be881a461135dac3ad0bdab22c1a2292cf6b28ebeb930ccaa0290ff20ce87547fd07ab8189c4c4fb54d652a3d0bc9615f8
b09dab0f2d Prevent mutex lock fail even if --enable-debug (Akio Nakamura)
Pull request description:
This PR intends to resolve#15227.
```configure --enable-debug``` enables ```#ifdef DEBUG_LOCKORDER```.
Then ```lockdata``` (in sync.cpp) will be initialized same as other static objects.
But unfortunately, ```lockdata.push_lock()``` was called before its initialization (via initializing ```signatureCache``` which is declared in ```script/sigcache.cpp```) on macOS.
This PR apply the "Construct On First Use Idiom" to ```lockdata``` to prevent it.
edited --- fix typo.
Tree-SHA512: 59df99ef78a335b1b7ebed7207d4719ea4412900eea38739f6e8eaaba1f594e1950044851659ce83f4f69813fc96978244bd176676e1aa2277c813ede832e6fb
This PR intends to resolve#15227.
"configure --debug-enabled" enables "#ifdef DEBUG_LOCKORDER".
Then "lockdata" (in sync.cpp) will be initialized same as other
static objects.
But unfortunately, lockdata.push_lock() was called before its
initialization (via initializing signatureCache which is declared
in script/sigcache.cpp) on macOS.
This PR apply the "Construct On First Use Idiom" to "lockdata"
to prevent it.
a36d97d866 Default -whitelistforcerelay to off (Suhas Daftuar)
Pull request description:
No one seems to use this "feature", and at any rate the behavior of relaying transactions when they violate local policy is error-prone, if we ever consider changing the ban behavior of our software from one version to the next.
Defaulting this to off means that users who use -whitelist won't be unexpectedly surprised by this interaction. If anyone is still relying on this feature, it can still be explicitly turned on.
Tree-SHA512: 52650ad464a728d1648f496751e3f713077ea3a1de7278ed03531b2e8723e63cf2f6f41b56c98c0f73ffa22c36e01d9170b409ab452c737aca35b7ecd7a6b448
Whenever the keypool changes (new keys generated, new seed set,
keypool runs out, etc.), notify the GUI that the keypool has changed. The
receive button can then be enabled and disabled as necessary.
42ff30ec6 [Docs] add short documentation for /rest/blockhashbyheight (Jonas Schnelli)
579d418f7 [QA] add rest tests for /rest/blockhashbyheight/<HEIGHT>.<FORMAT> (Jonas Schnelli)
eb9ef04c4 REST: add "blockhashbyheight" call, fetch blockhash by height (Jonas Schnelli)
Pull request description:
Completes the REST interface for trivial block exploring by adding a call that allows to fetch the blockhash in the main chain by a given height.
Tree-SHA512: 94be9e56718f857279b11cc16dfa8d04f3b5a762e87ae54281b4d87247c71c844895f4944d5a47f09056bf851f4c4761ac4fbdbaaee957265d14de5c1c73e8d2
da6011826a Fix macOS launch-at-startup memory issue (Jonas Schnelli)
516437a1b7 Qt: remove macOS launch-at-startup option when compiled with > macOS 10.11 (Jonas Schnelli)
Pull request description:
The launch-at-startup API Bitcoin Core uses on macOS where removed in macOS 10.11 leading to a segmentation-fault due to the weak-linking when not actively compiled against SDK 10.11 (`-mmacosx-version-min=10.11`)
This PR removes the launch-at-startup feature on macOS when compiled with macOS min version > 10.11 (the default is always the macOS version you compile on).
**The depends built binaries (Gitian) are not affected since we are building with min macOS 10.10.**
Users self compiling on macOS > 10.11 can re-enable the feature by compiling with min version <= 10.11 (`CXXFLAGS="-mmacosx-version-min=10.11" CFLAGS="-mmacosx-version-min=10.11" ./configure`)
**Isn't there a new API from Apple?**
Yes, [there is](https://developer.apple.com/library/archive/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLoginItems.html).
It will require to create a helper application which needs to be embedded in the .app folder (needs code signing as well). Developers willing to go down that rabbit hole are welcome.
Fixes#15142
Tree-SHA512: fa9cc4e39d5a2d2559919b7e22b7766f5e0269a361719294d4a4a2df2fd9d955e5b23b5907e68023fdeee297f652f844f3c447904bf18f9c1145348ad101c432
This allows incoming connections from peers which are only banned
due to an automatic misbehavior ban if doing so won't fill inbound.
These peers are preferred for eviction when inbound fills, but may
still be kept if they fall into the protected classes. This
eviction preference lasts the entire life of the connection even
if the ban expires.
If they misbehave again they'll still get disconnected.
The main purpose of banning on misbehavior is to prevent our
connections from being wasted on unhelpful peers such as ones
running incompatible consensus rules. For inbound peers this
can be better accomplished with eviction preferences.
A secondary purpose was to reduce resource waste from repeated
abuse but virtually any attacker can get a nearly unlimited
supply of addresses, so disconnection is about the best we can
do.
b301950df3 Made expicit constructor CTransaction(const CMutableTransaction &tx). (lucash-dev)
faf29dd019 Minimal changes to comply with explicit CMutableTransaction -> CTranaction conversion. (lucash-dev)
Pull request description:
This PR is re-submission of #14156, which was automatically closed by github (glitch?)
Original description:
This PR makes explicit the now implicit conversion constructor `CTransaction(const CMutableTransaction&)` in `transaction.h`.
Minimal changes were made elsewhere to make the code compilable. I'll follow up with other PRs to address individually refactoring functions that should have a `CMutableTransaction` version, or where a `CTransaction` should be reused.
The rationale for this change is:
- Conversion constructors should not be explicit unless there's a strong reason for it (in the opinion of, for example, https://google.github.io/styleguide/cppguide.html, and https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Ro-conversion. Let me know your take on this).
- This particular conversion is very costly -- it implies a serialization plus hash of the transaction.
- Even though `CTransaction` and `CMutableTransaction` represent the same data, they have very different use cases and performance properties.
- Making it explicit allows for easier reasoning of performance trade-offs.
- There has been previous performance issues caused by unneeded use of this implicit conversion.
- This PR creates a map for places to look for possible refactoring and performance gains (this benefit still holds if the PR is not merged).
Tree-SHA512: 2427462e7211b5ffc7299dae17339d27f8c43266e0895690fda49a83c72751bd2489d4471b3993075a18f3fef25d741243e5010b2f49aeef4a9688b30b6d0631
223de8d94d Document RNG design in random.h (Pieter Wuille)
f2e60ca985 Use secure allocator for RNG state (Pieter Wuille)
cddb31bb0a Encapsulate RNGState better (Pieter Wuille)
152146e782 DRY: Implement GetRand using FastRandomContext::randrange (Pieter Wuille)
a1f252eda8 Sprinkle some sweet noexcepts over the RNG code (Pieter Wuille)
4ea8e50837 Remove hwrand_initialized. (Pieter Wuille)
9d7032e4f0 Switch all RNG code to the built-in PRNG. (Pieter Wuille)
16e40a8b56 Integrate util/system's CInit into RNGState (Pieter Wuille)
2ccc3d3aa3 Abstract out seeding/extracting entropy into RNGState::MixExtract (Pieter Wuille)
aae8b9bf0f Add thread safety annotations to RNG state (Pieter Wuille)
d3f54d1c82 Rename some hardware RNG related functions (Pieter Wuille)
05fde14e3a Automatically initialize RNG on first use. (Pieter Wuille)
2d1cc50939 Don't log RandAddSeedPerfmon details (Pieter Wuille)
6a57ca91da Use FRC::randbytes instead of reading >32 bytes from RNG (Pieter Wuille)
Pull request description:
This does not remove OpenSSL, but makes our own PRNG the 'main' one; for GetStrongRandBytes, the OpenSSL RNG is still used (indirectly, by feeding its output into our PRNG state).
It includes a few policy changes (regarding what entropy is seeded when).
Before this PR:
* GetRand*:
* OpenSSL
* GetStrongRand*:
* CPU cycle counter
* Perfmon data (on Windows, once 10 min)
* /dev/urandom (or equivalent)
* rdrand (if available)
* From scheduler when idle:
* CPU cycle counter before and after 1ms sleep
* At startup:
* CPU cycle counter before and after 1ms sleep
After this PR:
* GetRand*:
* Stack pointer (which indirectly identifies thread and some call stack information)
* rdrand (if available)
* CPU cycle counter
* GetStrongRand*:
* Stack pointer (which indirectly identifies thread and some call stack information)
* rdrand (if available)
* CPU cycle counter
* /dev/urandom (or equivalent)
* OpenSSL
* CPU cycle counter again
* From scheduler when idle:
* Stack pointer (which indirectly identifies thread and some call stack information)
* rdrand (if available)
* CPU cycle counter before and after 1ms sleep
* Perfmon data (on Windows, once every 10 min)
* At startup:
* Stack pointer (which indirectly identifies thread and some call stack information)
* rdrand (if available)
* CPU cycle counter
* /dev/urandom (or equivalent)
* OpenSSL
* CPU cycle counter again
* Perfmon data (on Windows, once every 10 min)
The interface of random.h is also simplified, and documentation is added.
This implements most of #14623.
Tree-SHA512: 0120e19bd4ce80a509b5c180a4f29497d299ce8242e25755880851344b825bc2d64a222bc245e659562fb5463fb7c70fbfcf003616be4dc59d0ed6534f93dd20
de7266fc3c [net] add dnsseed.emzy.de to DNS seeds (Stephan Oeste)
Pull request description:
ACK https://github.com/bitcoin/bitcoin/blob/master/doc/dnsseed-policy.md
I'm willing to keep it up and running, unless something bad happens.
I have 15+ years experience running dns servers.
About my setup:
- the server may change over time, but the service will be up all the time
- running [sipa/bitcoin-seeder](https://github.com/sipa/bitcoin-seeder) with default settings (and the non-root port redirect)
Tree-SHA512: 7abc975c148cc738d045c79d5bdb8d9926da41bb8dde66c21e954652b3c72a7aa2526af0c3c4fb8c234d3deaed5563542defe8a5137188d65ad7201b6b1d80eb
18185b57c3 scripted-diff: batch-recase BanMan variables (Carl Dong)
c2e04d37f3 banman: Add, use CBanEntry ctor that takes ban reason (Carl Dong)
1ffa4ce27d banman: reformulate nBanUtil calculation (Carl Dong)
daae598feb banman: add thread annotations and mark members const where possible (Cory Fields)
84fc3fbd03 scripted-diff: batch-rename BanMan members (Cory Fields)
af3503d903 net: move BanMan to its own files (Cory Fields)
d0469b2e93 banman: pass in default ban time as a parameter (Cory Fields)
2e56702ece banman: pass the banfile path in (Cory Fields)
4c0d961eb0 banman: create and split out banman (Cory Fields)
83c1ea2e5e net: split up addresses/ban dumps in preparation for moving them (Cory Fields)
136bd7926c tests: remove member connman/peerLogic in TestingSetup (Cory Fields)
7cc2b9f678 net: Break disconnecting out of Ban() (Cory Fields)
Pull request description:
**Old English à la Beowulf**
```
Banman wæs bréme --blaéd wíde sprang--
Connmanes eafera Coreum in.
aéglaéca léodum forstandan
Swá bealdode bearn Connmanes
guma gúðum cúð gódum daédum·
dréah æfter dóme· nealles druncne slóg
```
**Modern English Translation**
```
Banman was famed --his renown spread wide--
Conman's hier, in Core-land.
against the evil creature defend the people
Thus he was bold, the son of Connman
man famed in war, for good deeds;
he led his life for glory, never, having drunk, slew
```
--
With @theuni's blessing, here is Banman, rebased. Original PR: https://github.com/bitcoin/bitcoin/pull/11457
--
Followup PRs:
1. Give `CNode` a `Disconnect` method ([source](https://github.com/bitcoin/bitcoin/pull/14605#discussion_r248065847))
2. Add a comment to `std::atomic_bool fDisconnect` in `net.h` that setting this to true will cause the node to be disconnected the next time `DisconnectNodes()` runs ([source](https://github.com/bitcoin/bitcoin/pull/14605#discussion_r248384309))
Tree-SHA512: 9c207edbf577415c22c9811113e393322d936a843d4ff265186728152a67c057779ac4d4f27b895de9729f7a53e870f828b9ebc8bcdab757520c2aebe1e9be35
85f0ca95f3 Remove errant past from walletcreatefundedpsbt for nLocktime replaceability (Gregory Sanders)
Pull request description:
nLockTime has no bearing on bip125
Tree-SHA512: cb123242ee7e1eeff10dbfcab8e57f9aa88590e2da6794343a90a18472a97f23ce7c6bbc55b88163e007fe38c5d8ee5b749cc4ce2bf145f560e084d61b568159
1ed425ea17 gui: Fix window title update (João Barbosa)
Pull request description:
Removes trailing `-` from window title when running on mainnet.
Reported by @Sjors in https://github.com/bitcoin/bitcoin/pull/15149#issuecomment-455787938.
Tree-SHA512: 22f13c361496720f30a4926d928851ed74456c0d70bd313b0ebaca91a9ebfde96991091ac3d1b094f33d3ce9afafd709eb1917f00d96fa3ca69751b6b14e1d2b
a2a6c8f453 rpc: remove duplicate solvable field from getaddressinfo (fanquake)
Pull request description:
Also added optional to `iscompressed`.
Tree-SHA512: 28442a9dbfb2a9992b9b57142fa13d374d39444f04ae63460cb6330d896160cfd4b9651a3e231893eac3142ce55eff597a54cbafd3b57ffa46d3711c64044acb
0dd9bdefa gui: Refactor to use WalletController (João Barbosa)
8fa271f08 gui: Add WalletController (João Barbosa)
cefb399e2 gui: Use AutoConnection for WalletModel::unload signal (João Barbosa)
Pull request description:
This PR is a subset of the work done in the context of #13100. This change consists in extracting from the application class the code that manages the wallet models.
The role of the `WalletController` instance is to coordinate wallet operations and the window.
Tree-SHA512: 6a824054376730eb7d16c643dd2003f5f60778e8ad3af707b82bc12c48438db179ca4446316b28fb17b206f4b9aba8998419aab8c5dd1f7c32467015732b5094
24313fbf7e Remove redundant stopExecutor() signal (Hennadii Stepanov)
1c0e0a5e38 Remove redundant stopThread() signal (Hennadii Stepanov)
Pull request description:
The `QThread::finished` signal do this work.
Tree-SHA512: 1afce23d30232276d50c3af5af79d83b88e390a2b71f7df585cc1079585d330447d179bbc34c0a89599beb2da035dfd5b9ce23238171490825cabc3a19ae6e67
It includes the following policy changes:
* All GetRand* functions seed the stack pointer and rdrand result
(in addition to the performance counter)
* The periodic entropy added by the idle scheduler now seeds stack pointer,
rdrand and perfmon data (once every 10 minutes) in addition to
just a sleep timing.
* The entropy added when calling GetStrongRandBytes no longer includes
the once-per-10-minutes perfmon data on windows (it is moved to the
idle scheduler instead, where latency matters less).
Other changes:
* OpenSSL is no longer seeded directly anywhere. Instead, any generated
randomness through our own RNG is fed back to OpenSSL (after an
additional hashing step to prevent leaking our RNG state).
* Seeding that was previously done directly in RandAddSeedSleep is now
moved to SeedSleep(), which is indirectly invoked through ProcRand
from RandAddSeedSleep.
* Seeding that was previously done directly in GetStrongRandBytes()
is now moved to SeedSlow(), which is indirectly invoked through
ProcRand from GetStrongRandBytes().
This guarantees that OpenSSL is initialized properly whenever randomness
is used, even when that randomness is invoked from global constructors.
Note that this patch uses Mutex directly, rather than CCriticalSection.
This is because the lock-detection code is not necessarily initialized
during global constructors.
89282379ba threads: fix unitialized members in sched_param (Cory Fields)
Pull request description:
Rebased theuni's #14342.
Building with gcc 8.2 against musl libc, which apparently has more attributes available in its sched_param. The following warnings were produced:
warning: missing initializer for member 'sched_param::sched_ss_low_priority' [-Wmissing-field-initializers]
warning: missing initializer for member 'sched_param::sched_ss_repl_period' [-Wmissing-field-initializers]
warning: missing initializer for member 'sched_param::sched_ss_init_budget' [-Wmissing-field-initializers]
warning: missing initializer for member 'sched_param::sched_ss_max_repl' [-Wmissing-field-initializers]
Since the current thread may have interesting non-zero values for these fields, we want to be sure to only change the intended one. Query and modify the current sched_param rather than starting from a zeroed one.
Tree-SHA512: a0bedbcf0130b3ee8261bb704e4bf6c9b760ad377c8a28c258765d54e54462b76707efc188b936b0a635cdd2bdf6b3b9298ab06ba361dc4806150b670d9702a3
These are separate events which need to be carried out by separate subsystems.
This also cleans up some whitespace and tabs in qt to avoid getting flagged by
the linter.
Current behavior is preserved.
b745e149c2 [docs] Expand help text for importmulti changes (John Newbery)
Pull request description:
Expands the RPC help text for changes to the importmulti RPC method.
Tree-SHA512: e90e5abf66bba3863e7519b5f79c26d18a4d624e6e7878293bdd4ebb57f1a01c67de52e4a5621901a8cb87fb3516264b3b1a826997c7c3c17b11216f1f1a3db0
4a86a0acd9 Make SafeDbt DB_DBT_MALLOC on default initialization (Ben Woosley)
1a9f9f7e5e Introduce SafeDbt to handle DB_DBT_MALLOC raii-style (Ben Woosley)
951a44e9cd Drop unused setRange arg to BerkeleyBatch::ReadAtCursor (Ben Woosley)
Pull request description:
This provides additional exception-safety and case handling for the proper
freeing of the associated buffers.
Tree-SHA512: a038d728290cdb3905e7d881608052a6675b6425729ceaf7cfe69a6e91c2ee293cdb01e4b695a20963459ffdd9d4a1f9a08b3c07b1b5ba1aa8590a8149f686db
b9dafe7d9f Fix remaining compiler warnings (MSVC). Move disabling of specific warnings from /nowarn to project file. (practicalswift)
Pull request description:
Fix remaining compiler warnings (MSVC).
Before:
```
$ msbuild /p:TrackFileAccess=false /p:CLToolExe=clcache.exe build_msvc\bitcoin.sln /m /v:q /nowarn:C4244;C4267;C4715 /nologo
…\script\script.cpp(272): warning C4018: '>': signed/unsigned mismatch
…\test\allocator_tests.cpp(147): warning C4312: 'reinterpret_cast': conversion from 'int' to 'void *' of greater size
…\boost\test\tools\old\impl.hpp(107): warning C4805: '==': unsafe mix of type 'const Left' and type 'const Right' in operation
…\test\crypto_tests.cpp(535): warning C4334: '<<': result of 32-bit shift implicitly converted to 64 bits (was 64-bit shift intended?)
…\test\script_tests.cpp(188): warning C4805: '==': unsafe mix of type 'int' and type 'bool' in operation
…\test\script_tests.cpp(190): warning C4805: '==': unsafe mix of type 'int' and type 'bool' in operation
…\test\script_tests.cpp(191): warning C4805: '==': unsafe mix of type 'int' and type 'bool' in operation
$
```
After:
```
$ msbuild /p:TrackFileAccess=false /p:CLToolExe=clcache.exe build_msvc\bitcoin.sln /m /v:q /nowarn:C4244;C4267;C4715;C4805 /nologo
$
```
Tree-SHA512: 5b30334d3804e869779e77dad75a799e8e5e7eb2e08634cd40035cce140edd623cbb6c8b5806d2158c3df97888d3ea9ff4b8b6a5a83de3fe2cb361e29588c115
e4a0c3547e Improve blocksdir functional test. (Hennadii Stepanov)
c3f1821ac7 Make blockdir always net specific (Hennadii Stepanov)
Pull request description:
The blocks directory is net specific by definition.
Also this prevents the side effect of calling `GetBlocksDir(false)` in the non-mainnet environment.
Currently a new node creates an unused `blocks\` directory in the root of the data directory when `-testnet` or `-regtest` is specified.
Refs:
- #12653
- https://github.com/bitcoin/bitcoin/pull/12653#discussion_r174784834 by @laanwj
- https://github.com/bitcoin/bitcoin/issues/14595#issuecomment-436011186
Tree-SHA512: c9957a68a4a200ebd2010823a56db7e61563afedcb7c9828e86b13f3af2990e07854b622c1f3374756f94574acb3ea32de7d2a399eef6c0623f0e11265155627
Added a note that results can be queried in the parenthesized syntax.
Deprecated boolean `verbose` replaced with numerical `verbosity` in
`getblock` examples.
fe7048b39 gui: Show current wallet name in window title (João Barbosa)
8a7926112 gui: Keep network style in BitcoinGUI (João Barbosa)
f411c8b35 gui: Remove unused return type in some BitcoinGUI methods (João Barbosa)
Pull request description:
<img width="876" alt="screenshot 2019-01-11 at 23 58 26" src="https://user-images.githubusercontent.com/3534524/51065458-d7ebaf80-15fc-11e9-9162-e37e9a10d448.png">
Tree-SHA512: 5c43f615834983bc1c5045e07c6e119044dd78ca947fd2679d302b519d5ce1d08d29ca00b1c11e88c4bbc4d56f2e6f4a8adc42084f3503e751e642e8a13112dc
fa5e373365 validation: Add cs_main locking annotations (MarcoFalke)
fa5c346c5a doc: Add comment to cs_main and mempool::cs (MarcoFalke)
fafe941bdd test: Add missing validation locks (MarcoFalke)
fac4558462 sync: Add RecursiveMutex type alias (MarcoFalke)
Pull request description:
Both the chain state and the transaction pool are validation specific, but access to them is protected by two locks. The two locks have the following semantics:
* Writing to the chain state or adding transactions to the transaction pool -> Take both `cs_main` and `mempool::cs`
* Reading either or removing transactions from the the transaction pool -> Take only the appropriate lock
Tree-SHA512: 6f6e612ffc391904c6434a79a4f3f8de1b928bf0a3e3434b73561037b395e2b40a70a5a4bd8472dd230e9eacc8e5d5374c904a3c509910cf3971dd7ff59a626c
Only change in behavior is "Rescan started from block <height>" message
replaced by "Rescan started from block <hash>" message in
ScanForWalletTransactions.
Co-authored-by: Ben Woosley <ben.woosley@gmail.com>
And use them to remove uses of chainActive and mapBlockIndex in wallet code
This commit does not change behavior.
Co-authored-by: Ben Woosley <ben.woosley@gmail.com>
And use them to remove uses of chainActive and mapBlockIndex in wallet code
This commit does not change behavior.
Co-authored-by: Ben Woosley <ben.woosley@gmail.com>
And use them to remove uses of chainActive and mapBlockIndex in wallet code
This commit does not change behavior.
Co-authored-by: Ben Woosley <ben.woosley@gmail.com>
fb3ce75807 Don't label transactions "Open" while catching up (Hennadii Stepanov)
Pull request description:
Fix#13299.
Since the default `nSequence` is `0xFFFFFFFE` and locktime is enabled, the checking `wtx.is_final` is meaningless until the syncing has completed (ref: #1026).
This PR makes the wallet mark a transaction "Unconfirmed" instead of misleading "Open for NNN more blocks" when syncing after a period of being offline.
Before this PR (with the issue):
With this PR (the issue has been resolved):
Tree-SHA512: 358ec83b43c266a4d32a37a79dda80e80d40a2b77ad38261c84a095e613399f674aa7184805b3f6310e51ddb83ae2636b8849fcc7c4333e1b3ecbb0f70ad86d3
a88640e123 Fix minimized window bug on Linux (Hennadii Stepanov)
Pull request description:
Fix#14591
On some Linux systems the minimized to the taskbar (iconified) main window cannot be restored properly using actions from the systray icon menu when `QSystemTrayIcon::contextMenu()` is a child of the main window.
Tree-SHA512: 05c9f724fc2278d45dac6fe72b09859f12b5d71f54659bb779403c8cd81b55e610fb7b5aa912ac273d3cd19bf953b0405bbc6451feb00d1827c95dd9f0876aa4
645e905c32 doc: Add release notes for unloadwallet change to synchronous call (João Barbosa)
c37851de57 rpc: Make unloadwallet wait for complete wallet unload (João Barbosa)
Pull request description:
Currently the `unloadwallet` RPC is asynchronous, it only signals the intent to unload the wallet and then returns the response to the client. The actual unload can happen later and the client has no way to be notified of that.
This PR makes the `unloadwallet` RPC synchronous, meaning that it blocks until the wallet is fully unloaded.
Replaces #14919, fixes#14917.
Tree-SHA512: ad88b980e2f3652809a58f904afbfe020299f3aa6a517f495ba943b8d54d4520f6e70074d6749be8f5967065c0f476e0faedcde64c8b4899e5f99c70f0fd6534
a0ac15459a doc: Add getrpcinfo release notes (João Barbosa)
251a91c1bf qa: Add tests for getrpcinfo (João Barbosa)
d0730f5ce4 rpc: Add getrpcinfo command (João Barbosa)
068a8fc05f rpc: Track active commands (João Barbosa)
bf4383277d rpc: Remove unused PreCommand signal (João Barbosa)
Pull request description:
The new `getrpcinfo` command exposes details of the RPC interface. The details can be configuration properties or runtime values/stats.
This can be particular useful to coordinate concurrent functional tests (see #14958 from where this was extracted).
Tree-SHA512: 7292cb6087f4c429973d991aa2b53ffa1327d5a213df7d6ba5fc69b01b2e1a411f6d1609fed9234896293317dab05f65064da48b8f2b4a998eba532591d31882
3a0e76fc12 Replace remaining 0 with nullptr in Qt code (Ben Woosley)
9096276e0b Don't use zero as null pointer constant (-Wzero-as-null-pointer-constant) (practicalswift)
Pull request description:
This corrects all violations of `-Wzero-as-null-pointer-constant` identified in the Qt codebase.
These changes are extracted from #15112 as suggested by @MarcoFalke to ease review. This is in service of enabling `-Wzero-as-null-pointer-constant`, which should eliminate this as a concern going forward.
Note there are 2 non-Qt changes: `src/test/allocator_tests.cpp` and `src/wallet/db.cpp`.
Tree-SHA512: 206bd668802147ba42bc413c2d7d259cb59aca9ec1da74a6bf2ca3932e60ae492faacbc61bcee0fd6b4b49a4d59d075b7e5404f0526b36c47718f9b0587e7768
fac2f5ecae Use C++11 default member initializers (MarcoFalke)
Pull request description:
The second and last change on this topic (c.f. #15109). Split up because the diff would otherwise interleave, making review harder than necessary.
This is not a stylistic change, but a change that avoids bugs such as:
* fix uninitialized read when stringifying an addrLocal #14728
* qt: Initialize members in WalletModel #12426
* net: correctly initialize nMinPingUsecTime #6636
* ...
Tree-SHA512: 547ae72b87aeaed5890eb5fdcff612bfc93354632b238d89e1e1c0487187f39609bcdc537ef21345e0aea8cfcf1ea48da432d672c5386dd87cf58742446a86b1
d6b076c17b Drop IsLimited in favor of IsReachable (Ben Woosley)
Pull request description:
These two methods have had the same meaning, but inverted, since
110b62f069. Having one name for a single
concept simplifies the code.
This is a follow-up to #15051.
/cc #7553
Tree-SHA512: 347ceb9e2a55ea06f4c01226411c7bbcade09dd82130e4c59d0824ecefd960875938022edbe5d4bfdf12b0552c9b4cb78b09a688284d707119571daf4eb371b4
There was only one place in the codebase where we're directly reading >32 bytes from
the RNG. One possibility would be to make the built-in RNG support large reads, but
using FastRandomContext lets us reuse code better.
There is no change in behavior here, because the FastRandomContext constructor
uses GetRandBytes internally.
9d0e52834 implements different disk sizes for different networks on intro (marcoagner)
Pull request description:
Fixes https://github.com/bitcoin/bitcoin/issues/13213.
Mostly, I layed out the concept to open the PR for refinement and getting feedback if the approach is okay. Changes are expected.
Two points:
- The values for both new consts `TESTNET_BLOCK_CHAIN_SIZE` and `TESTNET_CHAIN_STATE_SIZE` is certainly not optimal; I just checked the size of my testnet3 related dirs and set them to little bit higher values. Which values should be used?
- Should we do something like this to regtest? Or these "niceties" do not matter when on regtest?
Thanks!
Tree-SHA512: 8ae87a29fa8356b899e7a823c76cde793d9126b4ee59554d7a2a8edb088fe42a19976b34c06c2fd4a98a727e1e4971dd983f42b6093ea6caa255b45004e22bb4
332b3dd7c1 util: Make ToLower and ToUpper take a char (Wladimir J. van der Laan)
edb5bb3500 util: remove unused [U](BEGIN|END) macros (Wladimir J. van der Laan)
7fa238c701 Replace use of BEGIN and END macros on uint256 (Wladimir J. van der Laan)
Pull request description:
Two cleanups in `util/strencodings.h`:
- Remove `[U](BEGIN|END)` macros — The only use of these was in the Merkle tree code with `uint256` which has its own `begin` and `end` methods which are better.
- Make ToLower and ToUpper take a char — Unfortunately, `std::string` elements are (bare) chars. As these are the most likely type to be passed to these functions, make them use char instead of unsigned char. This avoids some casts.
Tree-SHA512: 96c8292e1b588d3d7fde95c2e98ad4e7eb75e7baab40a8e8e8209d4e8e7a1bd3b6846601d20976be34a9daabefc50cbc23f3b04200af17d0dfc857c4ec42aca7
fa48baf23e wallet: Avoid leaking locktime fingerprint when anti-fee-sniping (MarcoFalke)
453803adc9 [test] wallet_txn_clone: Correctly clone txin sequence (MarcoFalke)
Pull request description:
The wallet sets the locktime to the current height of our active chain. This is fine, as long as our node is connected to other nodes. However, when we fall back and get stuck at a particular height (e.g. taking the wallet offline), the same (potentially unique) locktime is used for all transactions. This makes it easier for passive observers to cluster transactions by wallet.
For reference, I visualized "locktime-reuse" with the data:
* blocks 545k-555k (both inclusive)
* locktimes<=60k
* excluding coinbase txs
Tree-SHA512: 2af259dd8f9f863312e2732d80ca8ba6a20c8d6d1c486b10a48479e1c85ccf13b0c38723740ebadde0f28d321cd9c133ad3e5d1e925472eb27681143bda2d0e7
Unfortunately, `std::string` elements are (bare) chars. As these
are the most likely type to be passed to these functions, make them use
char instead of unsigned char. This avoids some casts.
93009618b6 Fix start with the `-min` option (Hennadii Stepanov)
Pull request description:
From IRC:
> 2018-10-17T12:36:38 \<Drakon\> The option to minimize to system tray instead of the taskbar ist available, but doesn't have an effect if it is started with the -min option. If I start it via that option, I have to click on the program symbil on the taskbar and then minimize it again in order to get it minimized to system tray.
> 2018-10-17T12:37:28 \<Drakon\> That's annoying.
> 2018-10-17T13:51:19 \<wumpus\> can you open an issue for that please? https://github.com/bitcoin/bitcoin/issues/new
> 2018-10-17T13:53:24 \<wumpus\> (if there isn't one yet-)
This PR fixes this bug.
Tree-SHA512: c5a5521287b49b13859edc7c6bd1cd07cac14b84740450181dce00bf2781fc3dfc84476794baa16b0e26a2d004164617afdb61f829e629569703c5bcc45e2a4e
8931a95bec Include util/strencodings.h which is required for IsSpace(...) (practicalswift)
7c9f790761 Update KNOWN_VIOLATIONS: Remove fixed violations (practicalswift)
587924f000 Use IsSpace(...) instead of boost::is_space (practicalswift)
c5fd143edb Use ToLower(...) instead of std::tolower (practicalswift)
e70cc8983c Use IsDigit(...) instead of std::isdigit (practicalswift)
Pull request description:
* Use `ToLower(...)` instead of `std::tolower`. `std::tolower` is locale dependent.
* Use `IsDigit(...)` instead of `std::isdigit`. Some implementations (e.g. Microsoft in 1252 codepage) may classify single-byte characters other than `[0-9]` as digits.
* Update `KNOWN_VIOLATIONS`: Remove fixed violations.
* ~~Replace use of locale dependent Boost trim (`boost::trim`) with locale independent `TrimString`.~~
* Use` IsSpace(...)` instead of `boost::is_space`
Tree-SHA512: defed016136b530b723fa185afdbd00410925a748856ba3afa4cee60f61a67617e30f304f2b9991a67b5fe075d9624f051e14342aee176f45fbc024d59e1aa82
6dc4593db1 IsReachable is the inverse of IsLimited (DRY). Includes unit tests (marcaiaf)
Pull request description:
IsReachable is the inverse of IsLimited, but the implementation is duplicated (DRY)
- Changed the implementation accordingly.
- Added unit tests to document behavior and relationship
- My modification in net.cpp applies only to IsReachable.
- Applied clang-format-diffpy
Created new pull request to avoid the mess with:
https://github.com/bitcoin/bitcoin/pull/15044
Checked with supposedly conflicting PRs mentioned in the old PR. No conflicts with the specific changes in this PR.
Tree-SHA512: b132dec6cc2c788ebe4f63f228d78f441614e156743b17adebc990de0180a5872874d2724c86eeaa470b4521918bd137b0e33ebcaae77c5efc1f0d56104f6c87
ca126d490b Fix out-of-bounds write in case of failing mmap(...) in PosixLockedPageAllocator::AllocateLocked (practicalswift)
Pull request description:
`mmap(...)` returns `MAP_FAILED` (`(void *) -1`) in case of allocation failure.
`PosixLockedPageAllocator::AllocateLocked(...)` did not check for allocation failures prior to this PR.
Instead the invalid memory address `(void *) -1` (`0xffffffffffffffff`) was passed to the caller as if it was a valid address.
After some operations the address is wrapped around from `0xffffffffffffffff` to `0x00000003ffdf` (`0xffffffffffffffff + 262112 == 0x00000003ffdf`);
The resulting address `0x00000003ffdf` is then written to.
Before this patch (with failing `mmap` call):
```
$ src/bitcoind
…
2019-01-06T16:28:14Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
2019-01-06T16:28:14Z Using RdRand as an additional entropy source
Segmentation fault (core dumped)
```
Before this patch (under `valgrind` with failing `mmap` call):
```
$ valgrind src/bitcoind
…
2019-01-06T16:28:51Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
==17812== Invalid write of size 1
==17812== at 0x500B7E: void __gnu_cxx::new_allocator<unsigned char>::construct<unsigned char>(unsigned char*) (new_allocator.h:136)
==17812== by 0x500B52: _ZNSt16allocator_traitsI16secure_allocatorIhEE12_S_constructIhJEEENSt9enable_ifIXsr6__and_INS2_18__construct_helperIT_JDpT0_EE4typeEEE5valueEvE4typeERS1_PS6_DpOS7_ (alloc_traits.h:243)
==17812== by 0x500B22: _ZNSt16allocator_traitsI16secure_allocatorIhEE9constructIhJEEEDTcl12_S_constructfp_fp0_spclsr3stdE7forwardIT0_Efp1_EEERS1_PT_DpOS4_ (alloc_traits.h:344)
==17812== by 0x500982: unsigned char* std::__uninitialized_default_n_a<unsigned char*, unsigned long, secure_allocator<unsigned char> >(unsigned char*, unsigned long, secure_allocator<unsigned char>&) (stl_uninitialized.h:631)
==17812== by 0x60BFC2: std::vector<unsigned char, secure_allocator<unsigned char> >::_M_default_initialize(unsigned long) (stl_vector.h:1347)
==17812== by 0x60BD86: std::vector<unsigned char, secure_allocator<unsigned char> >::vector(unsigned long, secure_allocator<unsigned char> const&) (stl_vector.h:285)
==17812== by 0x60BB55: ECC_Start() (key.cpp:351)
==17812== by 0x16AC90: AppInitSanityChecks() (init.cpp:1162)
==17812== by 0x15BAC9: AppInit(int, char**) (bitcoind.cpp:138)
==17812== by 0x15B6C8: main (bitcoind.cpp:201)
==17812== Address 0x3ffdf is not stack'd, malloc'd or (recently) free'd
…
Segmentation fault (core dumped)
```
After this patch (with failing `mmap` call):
```
$ src/bitcoind
…
2019-01-06T15:50:18Z Using the 'sse4(1way),sse41(4way)' SHA256 implementation
2019-01-06T15:50:18Z Using RdRand as an additional entropy source
2019-01-06T15:50:18Z
************************
EXCEPTION: St9bad_alloc
std::bad_alloc
bitcoin in AppInit()
************************
EXCEPTION: St9bad_alloc
std::bad_alloc
bitcoin in AppInit()
2019-01-06T15:50:18Z Shutdown: In progress...
2019-01-06T15:50:18Z Shutdown: done
```
To simulate the failing `mmap` call apply the following to `master`:
```diff
diff --git a/src/support/lockedpool.cpp b/src/support/lockedpool.cpp
index 8d577cf52..ce79e569b 100644
--- a/src/support/lockedpool.cpp
+++ b/src/support/lockedpool.cpp
@@ -247,7 +247,8 @@ void *PosixLockedPageAllocator::AllocateLocked(size_t len, bool *lockingSuccess)
{
void *addr;
len = align_up(len, page_size);
- addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+ // addr = mmap(nullptr, len, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+ addr = MAP_FAILED;
if (addr) {
*lockingSuccess = mlock(addr, len) == 0;
}
```
Tree-SHA512: 66947f5fc0fbb19afb3e1edbd51df07df9d16b77018cff3d48d30f378a53d6a0dc62bc36622b3966b7e374e61edbcca114ef4ac8ae8d725022c1a597edcbf7c7
ba8c8b2227 Fail if either disk space check fails (Ben Woosley)
Pull request description:
Rather than both.
Introduced in 386a6b62a8, #12653
Tree-SHA512: 24765dd3c62b742c491d7d9a751917c2ce6f3819a8764a7725ce84910ef69bffca07f4c0dfbeed8c4f978a12c4b04a2ac3b8c2ff59602330a8a3e8a68878c41b
fa2510d5c1 Use C++11 default member initializers (MarcoFalke)
Pull request description:
Changes:
* Remove unused constructors that leave some members uninitialized
* Remove manual initialization in each constructor and prefer C++11 default member initializers
This is not a stylistic change, but a change that avoids bugs such as:
* fix uninitialized read when stringifying an addrLocal #14728
* qt: Initialize members in WalletModel #12426
* net: correctly initialize nMinPingUsecTime #6636
* ...
Tree-SHA512: 0f896f3b9fcc464d5fc7525f7c86343ef9ce9fb13425fbc68e9a9728fd8710c2b4e2fd039ee08279ea41ff20fd92b7185cf5cca95a0bcb6a5340a1e6f03cae6b
ed12d5df1b index: Fix for indexers skipping genesis block. (Jim Posen)
Pull request description:
This fixes a bug where indexers would skip processing of the genesis block. Preserves the current behavior of omitting genesis block transaction from the index.
Tree-SHA512: 092fd3d629bf1ef279566217c668cc913a8b8e012d811d0e544231894c49a0c0c179537ac4727c39b9bf407479541745d79c4e118db6f0795a2b848d0fe62cbf
7e4bd19785 Add BitcoinApplication & RPCConsole tests (Russell Yanofsky)
ca20b65cc0 Move BitcoinApplication to header so it can be tested (Russell Yanofsky)
Pull request description:
Add test coverage for Qt initialization code & basic RPC console functionality
Motivation for this change was a bug in #11603 which existing tests failed to catch.
Tree-SHA512: f66546ffc84b8e07679c66a73b265023fbf6a0cb8f24f1606a5fcae2dd3b4dc7b2c6d26c69dedcec53398a26ef17c4d5fb28c055698fa6e45e89aa2995cefe2f
fab17e8272 test: Add basic test for BIP34 (MarcoFalke)
Pull request description:
BIP34 was disabled for testing, which explains why it had no test.
Fix that by enabling it and adding a test.
Tree-SHA512: 9cb5702d474117ce6420226eb93ee09d6fb5fc856fabc8b67abe56a088cd727674e0e5462000e1afa83b911374036f90abdbdde56a8c236a75572ed47e10a00f
fa38d3df69 [rpc] Correct reconsiderblock help text, add test (MarcoFalke)
Pull request description:
Rework documentation and test to match the implementation
Tree-SHA512: d0adef6b054a341bcc1cb87783a4e4cf9be124ba6812e1ac88246a5e01b2861a8071b12dba880b2b428c37da3fa860bfec3fe3e5fbb7c28696872113faa84a9f
fac4e731a8 test: Run invalid_txs.InputMissing test in feature_block (MarcoFalke)
Pull request description:
Tree-SHA512: 24c3f519ba0cf417b66e0df6f5ddc0430e3f419af4705a9c85096da47ff4d8f51487d65b68f3f993800003b3f936d95d8a0bade846e1b45f95b2bdbecc9ebab7
91b0c5b096 qt: Use WalletModel* instead of wallet name in console window (João Barbosa)
b2ce86c3ad qt: Use WalletModel* instead of wallet name in main window (João Barbosa)
d2a1adffeb qt: Factor out WalletModel::getDisplayName() (João Barbosa)
Pull request description:
This a small refactor that doesn't change behavior. This is also necessary if in the future we allow renaming wallets.
Tree-SHA512: 1820d0ff28e84b1d862097f1f55b52f94520fa50c9b1939d235a448a48159748c3bbf99b19e4cb1ff4f91efc008c0971b4c25a91f645f9d43792c8aeaa93cf9e
4f4993fe2a Remove UBSan suppression (practicalswift)
958e1a307e streams: Remove unused seek(size_t) (practicalswift)
Pull request description:
Fix broken `streams_vector_reader` test. Remove unused `seek(size_t)`.
Before this change the test `streams_vector_reader` triggered an unintended unsigned integer wraparound. It tried so seek using a negative value in `reader.seek(-6)`.
Changes in this PR:
* Fix broken `VectorReader::seek(size_t)` test case
* Remove unused `seek(size_t)`
Tree-SHA512: 6c6affd680626363eef9e496748f2f86a522325abab9d6b13161f41125cdc29ceb36c2c1509c90b8ff108d606df7629e55e094cc2b6253b05a892b81ce176b71
6b25f29a91 Use std::vector API for construction of test data. (Daniel Kraft)
Pull request description:
For constructing test scripts, use `std::vector` and, in particular, `std::vector::insert` to insert 20 zero bytes rather than listing the full array of bytes explicitly. This makes the code easier to read and makes it immediately obvious what the structure of the data is, without having to count the zeros to understand it.
Of course, that is a matter of taste - so if you disagree that the change makes the code easier to read, let me know.
This has been split out of #14752.
Tree-SHA512: af82d447f0077259049f1da2d6f86a6c29723c6e17bd342e9a9ecf37b13bddff40643af95c8b3a3260765a5591713d31ca8a45a5a0c20a12c139aee53ea150da
On some Linux systems the minimized to the taskbar (iconified) main
window cannot be restored properly using actions from the systray icon
menu when QSystemTrayIcon::contextMenu() is a child of the main window.
b9f226b41f rpc: Remove cs_main lock from blockToJSON and blockHeaderToJSON (João Barbosa)
343b98cbcd rpc: Specify chain tip instead of chain in GetDifficulty (João Barbosa)
54dc13b6a2 rpc: Fix SoftForkMajorityDesc and SoftForkDesc signatures (João Barbosa)
Pull request description:
Motivated by https://github.com/bitcoin/bitcoin/pull/11913#discussion_r157798157, this pull makes `blockToJSON` and `blockheaderToJSON` free of `cs_main` locks.
Locking `cs_main` was required to access `chainActive` in order to check if the block was in the chain and to retrieve the next block index.
With the this approach, `CBlockIndex::GetAncestor()` is used in a way to check if the block belongs to the specified chain tip and, at the same time, get the next block index.
Tree-SHA512: a6720ace0182c19033bbed1a404f729d793574db8ab16e0966ffe412145611e32c30aaab02975d225df6d439d7b9ef2070e732b16137a902b0293c8cddfeb85f
75778a0724 test: Correct ineffectual WithOrVersion from transactions_tests (Ben Woosley)
Pull request description:
`WithOrVersion` uses `|` to combine the versions, and `|` with 0 is a no-op.
NicolasDorier / sipa do you recall why the version is being overridden here?
Introduced in ab48c5e721
Last updated 81e3228fcb
Tree-SHA512: 2aea925497bab2da973f17752410a6759d67181a57c3b12a685d184fbfcca2984c45b702ab0bd641d75e086696a0424f1bf77c5578ca765d6882dc03b42d5f9a
e58985c916 Log progress while verifying blocks at level 4. (Daniel Kraft)
Pull request description:
When verifying blocks at startup, the progress is printed in 10% increments to logs. When `-checklevel=4`, however, the second half of the verification (connecting the blocks again) does not log the progress anymore. (It is still computed and shown in the UI, but not printed to logs.)
This change makes the behaviour consistent, by adding the missing progress logging also for level-4 checks.
Tree-SHA512: 6a4c5914726fc1a1337de0c5130b20d4edf4e2feeb0aa0449d2ce422b2d8c41e56ede94163a02044d9a28ac4dc6624b1ad611da93ce5792ff32ad9fb1f0ea1e0
cc341adbbb gui: Fix for Incorrect application name when passing -regtest (Ben Carman)
Pull request description:
Changes the application name to `Bitcoin-Qt-regtest` when instead of `Bitcoin-Qt-testnet`
Fixes#15079
Tree-SHA512: 42ce3bea0bc3ff358708b9715f8d07c3a93e11fc4fe1a1425996ac70fd06ec8e5b186c5bbb254a7a189678ccbef3109174ca1f72c2c40c360927ec5da7315d8d
For constructing test scripts, use std::vector and, in particular,
std::vector::insert to insert 20 zero bytes rather than listing the full
array of bytes explicitly. This makes the code easier to read and makes
it immediately obvious what the structure of the data is, without having
to count the zeros to understand it.
WithOrVersion uses | to combine the versions, and | with 0 is a no-op.
Instead I run it with PROTOCOL_VERSION and 0 separately, as the original
code only tested PROTOCOL_VERSION but apparently only intended to test
version 0.
Introduced in ab48c5e721
Last updated 81e3228fcb
c8d9d9093b Fix broken notificator on GNOME (Hennadii Stepanov)
Pull request description:
Fix#14994; that bug was introduced in #14228 (that was my fault).
~Also this commit explicit separates~ There are two functions of the tray icon:
- a system tray widget (`QSystemTrayIcon::isSystemTrayAvailable() == true`)
- a high-level notificator via balloon messages (`QSystemTrayIcon::supportsMessages() == true`)
~These properties are mutually independent,~ e.g., on Fedora 29 + GNOME:
```
QSystemTrayIcon::isSystemTrayAvailable() == false;
QSystemTrayIcon::supportsMessages() == true;
```
UPDATE:
`supportsMessages()` makes no sense without `isSystemTrayAvailable()`: `QSystemTrayIcon::showMessage()` just not working on Fedora 29 + GNOME.
Tree-SHA512: 3e75ed2dfcef112bd64b8c329227ae68ba57f3be55769629f4eb3b1c52ef1f33db635f00bb5fd57c25f73a692971d6a847ea14c525f41c594fddde6e970a8ad8
4927bf2f25 Increase maxconnections limit when using poll. (Patrick Strateman)
11cc491a28 Implement poll() on systems which support it properly. (Patrick Strateman)
28211a4bc9 Move SocketEvents logic to private method. (Patrick Strateman)
7e403c0ae7 Move GenerateSelectSet logic to private method. (Patrick Strateman)
1e6afd0dbc Introduce and use constant SELECT_TIMEOUT_MILLISECONDS. (Patrick Strateman)
Pull request description:
Implement poll() on systems which support it properly.
This eliminates the restriction on maximum socket descriptor number.
Tree-SHA512: b945cd9294afdafcce96d547f67679d5cdd684cf257904a239cd1248de3b5e093b8d6d28d8d1b7cc923dc0b2b5723faef9bc9bf118a9ce1bdcf357c2323f5573
cb53b825c2 scripted-diff: Replace boost::bind with std::bind (Chun Kuan Lee)
2196c51821 refactor: Use boost::scoped_connection in signal/slot, also prefer range-based loop instead of std::transform (Chun Kuan Lee)
Pull request description:
Replace boost::bind with std::bind
- In `src/rpc/server.cpp`, replace `std::transform` with simple loop.
- In `src/validation.cpp`, store the `boost::signals2::connection` object and use it to disconnect.
- In `src/validationinterface.cpp`, use 2 map to store the `boost::signals2::scoped_connection` object.
Tree-SHA512: 6653cbe00036fecfc495340618efcba6d7be0227c752b37b81a27184433330f817e8de9257774e9b35828026cb55f11ee7f17d6c388aebe22c4a3df13b5092f0
b74a52192b fix testmempoolaccept CLI syntax (1Il1)
Pull request description:
`testmempoolaccept "hexstring"` will give a "JSON parse error". The correct syntax is `testmempoolaccept \[\"hexstring\"\]` (but seems escaping is not displayed in other areas so leaving backspaces out).
Tree-SHA512: ad755147d6db0bd3f2d8481517dab29df755a32b28a3bdb4553b1fddd1940850450d1e9a6c3bd04e4e3faa7bc09aadfd3412b4cd65e61d61ea34452831597967
84104c781a clarifying getrawtransaction[time] get help text (Ben Carman)
Pull request description:
#12339
The `time` and `blocktime` entries have the same value so they should have the same help text as well
Tree-SHA512: 1e9a94678eec8501c761f16bf3d8e269d68620596d1fdd31a32989a1b53be5a8097ece8bfabe99979e658dec82237e37d8194ae2acd7c1deef7501ee701667fb
eacff95de Add release notes (Pieter Wuille)
bdacbda25 Overhaul importmulti logic (Pieter Wuille)
Pull request description:
This is an alternative to #14558 (it will warn when fields are being ignored). In addition:
* It makes sure no changes to the wallet are made when an error in the input exists.
* It validates all arguments, and will fail if anything fails to parse.
* Adds a whole bunch of sanity checks
Tree-SHA512: fdee0b6aca8c643663f0bc295a7c1d69c1960951493b06abf32c58977f3e565f75918dbd0402dde36e508dc746c9310a968a0ebbacccc385a57ac2a68b49c1d0
66e15e8f97 Explain GetAncestor check for m_failed_blocks in AcceptBlockHeader (Sjors Provoost)
Pull request description:
Salvaged (but slightly modified) from #12138, the comment there was really helpful to wrap my head around that part of the code.
In addition, a naive reader like yours truly will first think `IsValid(BLOCK_VALID_SCRIPTS)` means the previous block was invalid. But IIUC that's not what it means. Instead, it means the block hasn't been checked for validity at the `BLOCK_VALID_SCRIPTS` level yet. So in that case the existing text "previous block index isn't valid" is wrong.
Tree-SHA512: 442a319a83290d94697fdf51376463b70454e0f3909d4a45594ddc2e7c26cd19dc703808385a25e26d6d2dddab0aa35ca41722f2e65ee6fe57bbaf62652d3ec8
e4ed8ce2c8 blockfilter: Remove default clause in switch statement. (Jim Posen)
c30620983d blockfilter: Additional constructors for BlockFilter. (Jim Posen)
20b812993a blockfilter: Refactor GCS params into struct. (Jim Posen)
Pull request description:
These commits have been split out of #14121 because they are fairly independent and that PR is very large.
Tree-SHA512: b9643b159e114df50a295f433e807afe6082db55a2a3a17401c1509b850c71bf5011ab3638863b46663709726be4445be6fde1dec514aec7696135497a9f0183
d2ce315fbf [docs] add release note for change to GBT (John Newbery)
0025c9eae4 [mining] segwit option must be set in GBT (John Newbery)
Pull request description:
Calling getblocktemplate without the segwit rule specified is most
likely a client error, since it results in lower fees for the miner.
Prevent this client error by failing getblocktemplate if called without
the segwit rule specified.
Of the previous 1000 blocks (measured at block [551591 (hash 0x...173c811)](https://blockstream.info/block/000000000000000000173c811e79858808abc3216af607035973f002bef60a7a)), 991 included segwit transactions.
Tree-SHA512: 7933b073d72683c9ab9318db46a085ec19a56a14937945c73f783ac7656887619a86b74db0bdfcb8121df44f63a1d6a6fb19e98505b2a26a6a8a6e768e442fee
f3f6dde56e Test coinbase category in wallet rpcs (andrewtoth)
e982f0b682 Add all category options to wallet rpc help (andrewtoth)
Pull request description:
The current helptext for `listtransactions`, `listsinceblock` and `gettransaction` only list two of the five possible options for `category`. This incorrectly implies that these are the only two options, and can cause problems if the other three options aren't accounted for. Also, some of the documentation is incorrect when specifying which options are returned for which categories.
This PR updates the helptext for these RPCs and adds a functional regression test for the cases when the other three categories are returned.
Tree-SHA512: 67dd7ff6269a3b0f17f5d1a61b0ae1fb1f3778f05e1c440bfbb9b3a005c9c6d740abcace20f3d597cf2bd6779c494448690f13fab0bd2340f206213bc7890b51
fa9a5bc1a0 RPCHelpMan: Support required arguments after optional ones (MarcoFalke)
Pull request description:
There was a requirement that required arguments could not be positioned after an optional argument, but the deprecation of priority made the second argument to `prioritisetransaction` optional. So support that in `RPCHelpMan`.
Also format all named arguments in the same way (without the wrapping `"` even for strings), since the extended description already mentions the type and it feels odd to special case strings.
Tree-SHA512: c125145afb4a63abc995aaf0a89489efc0f470a720727a1ca6ee0bfd2bcbc59e87c38128dd1e0cdf03dbb5b18e84867887c3dabf6ec8378e66cb1f4cecb9e407
fa61202cae test: Add comment to g_insecure_rand_ctx (MarcoFalke)
fa0d3c4407 test: Undo thread_local g_insecure_rand_ctx (MarcoFalke)
Pull request description:
`thread_local` seems to be highly controversial according to the discussion in #14953, so remove it again from the tests.
Also remove boost::thread_group in the test that uses it, since I am touching it anyway.
Tree-SHA512: 977c1f597e3cfbd0e97d0b037d998fdbc701f62e9a2f57e02dbe1727b63ae8ff478dbd9d3d6dc4ffdfa23f2058b331f04949d51f23a8f55b41ecb75f088f1cbe
4d454dcb6 Refactoring with QString::toNSString (Hennadii Stepanov)
Pull request description:
This PR makes `MacNotificationHandler::showNotification()` cleaner and more readable.
The used `QString::toNSString()` function was introduced in Qt 5.2 which is minimum version now (#14725).
The behavior of `MacNotificationHandler::showNotification()` has not been changed.
cc: @jonasschnelli
Tree-SHA512: 940327a77746ee016415efd3b696ad8ec85dcf12bf3f62e55c9bdc1700415d81a8d03fbc79310982d37a4098786dcaef7cd9702db5498d59d8065447babc27f5
This makes the above constructor explicit. The rationale is that this conversion has very significant performance effects. Making it explicit makes it easier to reason about these performance trade-offs, and helps identify possible functions that need a CMutableTransaction version.
This commit makes the minimal changes necessary to fix compilation once CTransaction(const CMutableTransaction &tx) is made explicit. In each case an explicit call `CTransaction(...)` was added. Shouldn't affect behaviour or performance.
8b9171ccf wallet: Initialize stop_block to nullptr in CWallet::ScanForWalletTransactions (Ben Woosley)
Pull request description:
Previously the argument would be untouched if the first block scan failed. This
makes the behavior predictable, and consistent with the documentation.
Tree-SHA512: 3efadf9fd5e25ecd9450f32545f58e61a123ad883e921ef427b13e4782ffdd8ffe905c9ad3edc7e8f9e4953342cd72247bb4cc9eeaf9e5fd04291ac5c1bb5eec
95a5a9fcc qt: Remove ellipsis from sending/receiving addresses (João Barbosa)
a96c0df35 qt: Add Window menu (João Barbosa)
9ea38d022 qt: Allow to inspect RPCConsole tabs (João Barbosa)
Pull request description:
Overall this PR does the following:
- add top level menu Window
- add Minimize and Zoom actions to Window menu
- move Sending/Receiving address to Window
- remove Help->Debug window
- add one menu entry for each debug window tab
This removes the access to address book from the File menu.
With wallet support:
<img width="522" alt="screenshot 2018-12-11 at 00 33 05" src="https://user-images.githubusercontent.com/3534524/49770451-5bec0800-fcdc-11e8-91d6-f8f850ead92d.png">
Without wallet support:
<img width="593" alt="screenshot 2018-12-11 at 12 55 21" src="https://user-images.githubusercontent.com/3534524/49802183-19f6ac80-fd44-11e8-9973-36fcfb4f129e.png">
Tree-SHA512: 4fb03702efe18df7bae33950e462940162abe634c55d0214b8920812127b763234cc9b73f27b3702502a37b6d49bdd6c50b7c8d9a3daea75cecb0136556dd1ea
`testmempoolaccept "hexstring"` will give a "JSON parse error". The correct syntax is `testmempoolaccept \[\"hexstring\"\]` (but seems escaping is not displayed in other areas so leaving backspaces out).
c84c2b8c92 tests: Test for expected return values when calling functions returning a success code (practicalswift)
Pull request description:
Test for expected return values when calling functions returning a success code (instead of discarding the return values).
**Note to reviewers:** The following commands can be used to verify that the only text fragments added in this PR are `BOOST_CHECK(`, `!` and `)` :
```
$ git diff HEAD~1 | grep -E '^[\-][^\-]' | cut -b2- > before.txt
$ git diff HEAD~1 | grep -E '^[\+][^\+]' | cut -b2- > after.txt
$ cat after.txt | sed 's/BOOST_CHECK(//g' | sed 's/));/);/g' | tr -d '!' > after-sed.txt
$ diff -u before.txt after-sed.txt
$
```
Tree-SHA512: ff0863ef2046a2eda3c44e9c6b9aedfe167881f2fa58db29fef859416831233ef6502a3a11fd2322bc1a924db83df8d4a5c5879298007f2a7b085e2a7286af70
0e75f44a0 Replace CAffectedKeysVisitor with descriptor based logic (Pieter Wuille)
Pull request description:
It seems we don't need a custom visitor pattern anymore to find what keys are affected by a script. Instead, infer the descriptor, and see which keys it expands to.
Tree-SHA512: 8a52f61fb74e8ebfd8d02e759629e423ced6bd7d9a9ee7c4bdd2cca8465bc27b951cc69c8d835244a611ba55c6d22f83b81acef05487cb988c88c0951b797699
fbaaf782ce validation: assert that pindexPrev is non-null when required (Karl-Johan Alm)
Pull request description:
In `ContextualCheckBlock`, we are checking if `pindexPrev == nullptr` conditionally at the start, but then assume it is non-`null` later. This removes the latter assumption.
Tree-SHA512: 95f1e9dc839b2cc0e099d155e6180634ece8c6760d00b53e7d27128762e64c92e82d98a5f4a5786b48a4851b17cdbb4b667d3b6a99adb651256e2032de67d05c
fa694f706c test: Add tests for truncated scripts (MarcoFalke)
Pull request description:
Previously not covered by any test
Tree-SHA512: 9f99659bdf3947271074938456a2fe64f5b39fc868e9aa474cec199a536ae5d7428f1cfa7f361936b71b09ee4c426261e6b25668fa77b8416b30dbe4ddb357f0
e414486d56 Do not permit copying FastRandomContexts (Pieter Wuille)
022cf47dd7 Simplify testing RNG code (Pieter Wuille)
fd3e7973ff Make unit tests use the insecure_rand_ctx exclusively (Pieter Wuille)
8d98d42611 Bugfix: randbytes should seed when needed (non reachable issue) (Pieter Wuille)
273d02580a Use a FastRandomContext in LimitOrphanTxSize (Pieter Wuille)
3db746beb4 Introduce a Shuffle for FastRandomContext and use it in wallet and coinselection (Pieter Wuille)
8098379be5 Use a local FastRandomContext in a few more places in net (Pieter Wuille)
9695f31d75 Make addrman use its local RNG exclusively (Pieter Wuille)
Pull request description:
This improves a few minor issues with the RNG code:
* Avoid calling `GetRand*()` functions (which currently invoke OpenSSL, later may switch to using our own RNG pool) inside loops in addrman, networking code, `KnapsackSolver`, and `LimitOrphanSize`
* Fix a currently unreachable bug in `FastRandomContext::randbytes`.
* Make a number of simplifications to the unit tests' randomness code (some tests unnecessarily used their own RNG or the OpenSSL one, instead of using the unit test specific `insecure_rand_ctx`).
* As a precaution, make it illegal to copy a `FastRandomContext`.
Tree-SHA512: 084c70b533ea68ca7adc0186c39f0b3e0a5c0ae43a12c37286e5d42086e056a8cd026dde61b12c0a296dc80f87fdc87fe303b9e8e6161b460ac2086cf7615f9d
dcb70b1522 Indicate -rpcauth option password hashing alg (Carl Dong)
Pull request description:
By indicating the password hashing algorithm, users of bitcoin distributions without the script in `share/rpcauth` and users who don't want to rely on said script can use alternative means to generate the password hash.
Question for reviewers: perhaps we should also indicate that it is specifically a HMAC-SHA-256 of the _**UTF-8**_ encoding of their password?
Tree-SHA512: 86b546c2e78699fa253da0c1e76b21ef60e9b6a5778826ac5136e764d70e3213044cc05cdb4786ba27968781647c46e358a823bbc2db7d45d041d291ee03b83c
This introduces various changes to the importmulti logic:
* Instead of processing input and importing things at the same time, first
process all input data and verify it, so no changes are made in case of
an error.
* Verify that no superfluous information is provided (no keys or scripts
that don't contribute to solvability in particular).
* Add way more sanity checks, by means of descending into all involved
scripts.
8db0c3d42b Removed implicit CTransaction conversion from benchmaks (lucash-dev)
ed61abedb2 Removed implicit CTransaction constructor from tests (lucash-dev)
Pull request description:
This PR was split from #14906 and is a prerequisite for it.
It updates tests and benchmarks, removing all implicit calls to `CTransaction(CMutableTransaction&)` constructors. This will make possible making the constructor explicit in the next PR.
The original rationale for making the constructor explicit:
- Conversion constructors should not be explicit unless there's a strong reason for it (in the opinion of, for example, https://google.github.io/styleguide/cppguide.html, and https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Ro-conversion. Let me know your take on this).
- This particular conversion is very costly -- it implies a serialization plus hash of the transaction.
- Even though `CTransaction` and `CMutableTransaction` represent the same data, they have very different use cases and performance properties.
- Making it explicit allows for easier reasoning of performance trade-offs.
- There has been previous performance issues caused by unneeded use of this implicit conversion.
- This PR creates a map for places to look for possible refactoring and performance gains (this benefit still holds if the PR is not merged).
Tree-SHA512: de8073aa6ff8a3153bcbe10818616677ecf9598e4978d8a0b4c39a262e71c36be5679cec08554c760d1f011ba6d37350318248eef15f6d9b86f9e4462b2de0d2
bd3b0361d Add stop_block out arg to ScanForWalletTransactions (Ben Woosley)
3002d6cf3 Return a status enum from ScanForWalletTransactions (Ben Woosley)
bb24d6865 Make CWallet::ScanForWalletTransactions args and return value const (Ben Woosley)
Pull request description:
Return the failed block as an out arg.
Fixes#11450.
/cc #12275
Tree-SHA512: 6a523e5425ebfe24e664a942ae21c797ccc1281c25b1bf8d02ad95c19dae343fd8051985ef11853474de7628fd6bed5f15190fbc087c3466ce6fdecab37d72a9
26879509f Add comments to descriptor tests (Pieter Wuille)
82df4c64f Add descriptor expansion cache (Pieter Wuille)
1eda33aab [refactor] Combine the ToString and ToPrivateString implementations (Pieter Wuille)
24d3a7b3a [refactor] Use DescriptorImpl internally, permitting access to new methods (Pieter Wuille)
6be0fb4b3 [refactor] Add a base DescriptorImpl with most common logic (Pieter Wuille)
Pull request description:
This patch modifies the internal `Descriptor` class to optionally construct and use an "expansion cache". Such a cache is a byte array that encodes all information necessary to expand a `Descriptor` a second time without access to private keys, and without the need to perform expensive BIP32 derivations. For all currently defined descriptors, the cache simply contains a concatenation of all public keys used.
This is motivated by the goal of importing a descriptor into the wallet and using it as a replacement for the keypool, where it would be impossible to expand descriptors if they use hardened derivation.
Tree-SHA512: f531a0a82ec1eecc30b78ba8a31724d1249826b028cc3543ad32372e1aedd537f137ab03dbffc222c5df444d5865ecd5cec754c1ae1d4989b6e9baeaffade32a
Calling getblocktemplate without the segwit rule specified is most
likely a client error, since it results in lower fees for the miner.
Prevent this client error by failing getblocktemplate if called without
the segwit rule specified.
e09a5875ca rpc: Assert named arguments are unique in RPCHelpMan (João Barbosa)
Pull request description:
Prevents an obvious mistake.
Tree-SHA512: 32c24a1934b17ab6f0d5cd31bdf0388e93ee5156ccc1b4f78eb9fd7f1d4b27a4b978b594ff11812bc9f20987c9fc36bf4497ddaedf18cf6bcbea19c050571334
Building with gcc 8.2 against musl libc, which apparently has more attributes
available in its sched_param. The following warnings were produced:
warning: missing initializer for member 'sched_param::sched_ss_low_priority' [-Wmissing-field-initializers]
warning: missing initializer for member 'sched_param::sched_ss_repl_period' [-Wmissing-field-initializers]
warning: missing initializer for member 'sched_param::sched_ss_init_budget' [-Wmissing-field-initializers]
warning: missing initializer for member 'sched_param::sched_ss_max_repl' [-Wmissing-field-initializers]
Since the current thread may have interesting non-zero values for these fields,
we want to be sure to only change the intended one. Query and modify the
current sched_param rather than starting from a zeroed one.
fa4c8679ed rpc: Avoid creating non-standard raw transactions (MarcoFalke)
Pull request description:
Multiple OP_RETURN outputs in a transaction are not standard and unlikely to be relayed, so avoid creating them.
Apart from that, the logic was broken in that it duplicated the same hex-data for each data output: Closes#14868.
Tree-SHA512: b08d08062b5622e8a7b497e490ccaf53b06e844c863fda3bf3f932a98684a809e8341aeb98232059a795afb32d8770a6c5591a66f8e6ee372b672af245607887
7d1b60ce93 Cleanup SplashScreen class (Hennadii Stepanov)
Pull request description:
Cleaning up after replacing the `QSplashScreen` base class with the `QWidget` class (#4941 by @laanwj).
cc @jonasschnelli
Tree-SHA512: 72e2d67905d85247a11ae6a884f74f710f765adf20db7d1daf0927e6990687e836b486c4ff93bc6dabc3759ed667acfe1d69c8b94fae7181ab271a3fa7a0229a
b7df96f456 refactor: Drop boost::this_thread::interruption_point and boost::thread_interrupted in main thread (Chun Kuan Lee)
Pull request description:
This PR drops useless `boost::this_thread::interruption_point` and `boost::thread_interrupted` catch. They are only executed in main thread.
Tree-SHA512: a980d098c1a8238e4f0da9493731d7e69b9ca8e010103f442722d0d4cce471cc40a1fafd5f05535ad0e18899b6cf7563ee20e4025f7c7bc15182a0058c028922
fa4fc8856b validation: Add and use HaveTxsDownloaded where appropriate (MarcoFalke)
Pull request description:
`nChainTx` is an implementation detail that shouldn't be exposed without a wrapper that comes with appropriate documentation.
Tree-SHA512: 56ab7378c2ce97794498724c271f861de982de69099e90ec09632a26230ae6fded3c59668adb378bd64dcb8ef714769b970210977b88a53fc7550774ddba3d59
6bbdb2077e squashme: connect thru node interface (João Barbosa)
a0f8df365d qt: Call noui_connect to prevent boost::signals2::no_slots_error in early calls to InitWarning (João Barbosa)
Pull request description:
Adding the following to `bitcoin.conf`
```
[xxx]
disablewallet=1
```
And running `bitcoin-qt` gives:
```
libc++abi.dylib: terminating with uncaught exception of type boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::signals2::no_slots_error> >: boost::signals2::no_slots_error
```
Fixes regression in #14708.
Tree-SHA512: 7c158376fad6ebcd80fc0dbe549d5b6e893fb82e7dc1e455825633d7f91b14dc34493487cab7642152e88f9eaf99bfa91988972d600e9fb289cf26afd64aff8a
28479f926f qa: Test bitcond shutdown (João Barbosa)
8d3f46ec39 http: Remove timeout to exit event loop (João Barbosa)
e98a9eede2 http: Remove unnecessary event_base_loopexit call (João Barbosa)
6b13580f4e http: Unlisten sockets after all workers quit (João Barbosa)
18e9685816 http: Send "Connection: close" header if shutdown is requested (João Barbosa)
02e1e4eff6 rpc: Add wait argument to stop (João Barbosa)
Pull request description:
Fixes#11777. Reverts #11006. Replaces #13501.
With this change the HTTP server will exit gracefully, meaning that all requests will finish processing and sending the response, even if this means to wait more than 2 seconds (current time allowed to exit the event loop).
Another small change is that connections are accepted even when the server is stopping, but HTTP requests are rejected. This can be improved later, especially if chunked replies are implemented.
Briefly, before this PR, this is the order or events when a request arrives (RPC `stop`):
1. `bufferevent_disable(..., EV_READ)`
2. `StartShutdown()`
3. `evhttp_del_accept_socket(...)`
4. `ThreadHTTP` terminates (event loop exits) because there are no active or pending events thanks to 1. and 3.
5. client doesn't get the response thanks to 4.
This can be verified by applying
```diff
// Event loop will exit after current HTTP requests have been handled, so
// this reply will get back to the client.
StartShutdown();
+ MilliSleep(2000);
return "Bitcoin server stopping";
}
```
and checking the log output:
```
Received a POST request for / from 127.0.0.1:62443
ThreadRPCServer method=stop user=__cookie__
Interrupting HTTP server
** Exited http event loop
Interrupting HTTP RPC server
Interrupting RPC
tor: Thread interrupt
Shutdown: In progress...
torcontrol thread exit
Stopping HTTP RPC server
addcon thread exit
opencon thread exit
Unregistering HTTP handler for / (exactmatch 1)
Unregistering HTTP handler for /wallet/ (exactmatch 0)
Stopping RPC
RPC stopped.
Stopping HTTP server
Waiting for HTTP worker threads to exit
msghand thread exit
net thread exit
... sleep 2 seconds ...
Waiting for HTTP event thread to exit
Stopped HTTP server
```
For this reason point 3. is moved right after all HTTP workers quit. In that moment HTTP replies are queued in the event loop which keeps spinning util all connections are closed. In order to trigger the server side close with keep alive connections (implicit in HTTP/1.1) the header `Connection: close` is sent if shutdown was requested. This can be tested by
```
bitcoind -regtest
nc localhost 18443
POST / HTTP/1.1
Authorization: Basic ...
Content-Type: application/json
Content-Length: 44
{"jsonrpc": "2.0","method":"stop","id":123}
```
Summing up, this PR:
- removes explicit event loop exit — event loop exits once there are no active or pending events
- changes the moment the listening sockets are removed — explained above
- sends header `Connection: close` on active requests when shutdown was requested which is relevant when it's a persistent connection (default in HTTP 1.1) — libevent is aware of this header and closes the connection gracefully
- removes event loop explicit break after 2 seconds timeout
Tree-SHA512: 4dac1e86abe388697c1e2dedbf31fb36a394cfafe5e64eadbf6ed01d829542785a8c3b91d1ab680d3f03f912d14fc87176428041141441d25dcb6c98a1e069d8
688f665a5e Scripts and tools & Docs: Used #!/usr/bin/env bash instead of obsolete #!/bin/bash, added linting for .sh files shebang and updated the Developer Notes. (vim88)
Pull request description:
As it was discussed in [#13510](https://github.com/bitcoin/bitcoin/pull/13510), it is better to use `#!/usr/bin/env bash` instead of `#!/bin/bash`.
Tree-SHA512: 25f71eb9a6a0cdc91568b5c6863205c5fe095f77a69e633503a2ac7805bd9013af8538e538c0c666ce96a28e3f43ce7a8df5f08d4ff007723bb588d85674f2da
cf4b0327ed Use std::numeric_limits<UNSIGNED>::max()) instead of (UNSIGNED)-1 (practicalswift)
6b82fc59eb Use const in COutPoint class (Hennadii Stepanov)
Pull request description:
Refactoring:
- all cases of using `(uint32_t) -1` in `COutPoint` class are replaced with const;
- also all remaining instances of `(UNSIGNED)-1` transformed to `std::numeric_limits<UNSIGNED>::max()` (by @practicalswift).
Tree-SHA512: fc7fe9838b6e5136d8b97ea3d6f64c4aaa1215f4369832df432cab017396620bb6e30520a64180ceab6de222562ac11eab243a78dfa5a658ba018835a34caa19
fabca42c68 RPCHelpMan: Add space after colons in extended description (MarcoFalke)
fafd040f73 rpc: Add description to fundrawtransaction vout_index (MarcoFalke)
1db0096f61 rpc: Pass argument descriptions to RPCHelpMan (MarcoFalke)
Pull request description:
This will normalize the type names and formatting for the rpc arguments
Tree-SHA512: 6ab344882f0fed36046ab4636cb2fa5d2479c6aae22666ca9a0d067edbb9eff8de98010ad97c8ce40ab532d15d1ae67120a561b0bf3da837090d7de427679f4f
b14948e2e Remove duplicate libconsensus linking in test make (Amir Abrams)
Pull request description:
`LIBBITCOIN_CONSENSUS` is linked twice in Makefile.test.include
Tree-SHA512: d4240e6f15f62ec1500021760af5155c6ce3898d1ca8da463ad85e2bff4435aa3b9204505ef889149509ae959d44dd845914671bc3d7df61e89aa3ab5e1aa751
48b37db50 make peertimeout a debug argument, remove error message translation (Zain Iqbal Allarakhia)
8042bbfbf p2p: allow p2ptimeout to be configurable, speed up slow test (Zain Iqbal Allarakhia)
Pull request description:
**Summary:**
1. _Primary_: Adds a `debug_only=true` flag for peertimeout, defaults to 60 sec., the current hard-coded setting.
2. _Secondary_: Drastically speeds up `p2p_timeout.py` test.
3. _Secondary_: Tests that the correct code path is being tested by adding log assertions to the test.
**Rationale:**
- P2P timeout was hard-coded: make it explicitly specified and configurable, instead of a magic number.
- Addresses #13518; `p2p_timeout.py` takes 4 sec. to run instead of 61 sec.
- Makes `p2p_timeout.py` more explicit. Previously, we relied on a comment to inform us of the timeout amount being tested. Now it is specified directly in the test via passing in the new arg; `-peertimeout=3`.
- Opens us up to testing more P2P scenarios; oftentimes slow tests are the reason we don't test.
**Locally verified changes:**
_With Proposed Change (4.7 sec.):_
```
$ time ./test/functional/p2p_timeouts.py
2018-11-19T00:04:19.077000Z TestFramework (INFO): Initializing test directory /tmp/testhja7g2n7
2018-11-19T00:04:23.479000Z TestFramework (INFO): Stopping nodes
2018-11-19T00:04:23.683000Z TestFramework (INFO): Cleaning up /tmp/testhja7g2n7 on exit
2018-11-19T00:04:23.683000Z TestFramework (INFO): Tests successful
real 0m4.743s
```
_Currently on master (62.8 sec.):_
```
$ time ./test/functional/p2p_timeouts.py
2018-11-19T00:06:10.948000Z TestFramework (INFO): Initializing test directory /tmp/test6mo6k21h
2018-11-19T00:07:13.376000Z TestFramework (INFO): Stopping nodes
2018-11-19T00:07:13.631000Z TestFramework (INFO): Cleaning up /tmp/test6mo6k21h on exit
2018-11-19T00:07:13.631000Z TestFramework (INFO): Tests successful
real 1m2.836s
```
_Error message demonstrated for new argument `-peertimeout`:_
```
$ ./bitcoind -peertimeout=-5
...
Error: peertimeout cannot be configured with a negative value.
```
Tree-SHA512: ff7a244ebea54c4059407bf4fb86465714e6a79cef5d2bcaa22cfe831a81761aaf597ba4d5172fc2ec12266f54712216fc41b5d24849e5d9dab39ba6f09e3a2a
1c28feb7d qt: Remove hidden columns in coin control dialog (João Barbosa)
Pull request description:
Instead of having hidden columns, store the data in specific roles.
Overlaps with #14817, fixes#11811.
Tree-SHA512: e86e9ca426b9146ac28997ca1920dbae6cc4e2e494ff94fe131d605cd6c013183fc5de10036c886a4d6dcae497ac4067de3791be0ef9c88f7ce9f57f7bd97422
82d6c5aad gui: Show watch-only eye instead of HD disabled (Chun Kuan Lee)
fe1ff5026 Hide spendable label if priveate key is disabled (Chun Kuan Lee)
Pull request description:
If a wallet is in private key disabled mode, the spendable balance is always zero, it does not have to show on GUI. Show the watch-only balance at normal balance column if a wallet is in that mode.
Tree-SHA512: 8b535427d26d3f8e61081f50e4773bd25656be042d378fd34cf647e9a0065cb4dfb67a8ab9fb4fbf5f196390df8cb983ebf2f0fa8a6503b7c046c56bec87ba72
c5ed6e73d Move CheckBlock() call to critical section (Hennadii Stepanov)
Pull request description:
This is an alternative to #14803.
Refs:
- #14058
- #14072
- https://github.com/bitcoin/bitcoin/pull/14803#issuecomment-442233211 by @gmaxwell
> It doesn't support multithreaded validation and there are lot of things that prevent that, which is why I was concerned. Why doesn't the lock on the block index or even cs main prevent concurrency here?
- https://github.com/bitcoin/bitcoin/pull/14803#issuecomment-442237566 by @MarcoFalke
Tree-SHA512: 2152e97106e11da5763b2748234ecd2982daadab13a0da04215f4db60af802a44ab5700f32249137d122eb13fc2a02e0f2d561d364607d727d8c6ab879339afb
bf2e01097 uint256: Remove unnecessary crypto/common.h use (Karl-Johan Alm)
Pull request description:
This is an alternative to #13242 which keeps the `ReadLE64` part, but moves the `crypto/common.h` dependency into `crypto/common.h` as a function outside of `uint256`.
**Reason:** this change will remove dependencies for `uint256` to `crypto/common.h`, `compat/endian.h`, and `compat/byteswap.h`.
This PR removes the need to update tests to be endian-aware/-independent, but keeps the (arguably dubious) `ReadLE64` part (which was only introduced to fix the tests, not for any functionality).
Tree-SHA512: 78b35123cdb185b3b3ec59aba5ca8a5db72624d147f2d6a5484ffa5ce626a72f782a01dc6893fc8f5619b03e2eae7b5a03b0df5d43460f3bda428e719e188aec
0fb2e69815 CreateTransaction: Assume minimum p2sh-p2wpkh spend size for unknown change (Gregory Sanders)
b06483c96a Remove stale comment in CalculateMaximumSignedInputSize (Gregory Sanders)
Pull request description:
This is triggered anytime a fundraw type call(psbt or legacy) is used with a change output address that the wallet doesn't know how to sign for.
This regression was added in 6a34ff5335 since BnB coin selection actually cares about this.
The fix is to assume the smallest typical spend, a P2SH-P2WPKH, which is calculated using a "prototype" dummy signature flow. Future work could generalize this infrastructure to get estimated sizes of inputs for a variety of types.
I also removed a comment which I believe is stale and misleading.
Tree-SHA512: c7e2be189e524f81a7aa4454ad9370cefba715e3781f1e462c8bab77e4d27540191419029e3ebda11e3744c0703271e479dcd560d05e4d470048d9633e34da16
fa5cef0f78 bench: Destroy wallet txs instead of leaking their memory (MarcoFalke)
Pull request description:
This should destroy the wallet txs when the benchmark ends to avoid having to hold them when the following benchmarks run.
Tree-SHA512: e2510946e6a47fad3ec5fb28d298df8ddc2e017455fcff777fa7bbc12d801c08739db6a7a7289509aaa881ccdc59dfff9bcb6772b48db2c457d3787081a46c06
109699dd33 Add release notes (Pieter Wuille)
b65326b562 Add matching descriptors to scantxoutset output + tests (Pieter Wuille)
16203d5df7 Add descriptors to listunspent and getaddressinfo + tests (Pieter Wuille)
9b2a25b13f Add tests for InferDescriptor and Descriptor::IsSolvable (Pieter Wuille)
225bf3e3b0 Add Descriptor::IsSolvable() to distinguish addr/raw from others (Pieter Wuille)
4d78bd93b5 Add support for inferring descriptors from scripts (Pieter Wuille)
Pull request description:
This PR adds functionality to convert a script to a descriptor, given a `SigningProvider` with the relevant information about public keys and redeemscripts/witnessscripts.
The feature is exposed in `listunspent`, `getaddressinfo`, and `scantxoutset` whenever these calls are applied to solvable outputs/addresses.
This is not very useful on its own, though when we add RPCs to import descriptors, or sign PSBTs using descriptors, these strings become a compact and standalone way of conveying everything necessary to sign an output (excluding private keys).
Unit tests and rudimentary RPC tests are included (more relevant tests can be added once RPCs support descriptors).
Fixes#14503.
Tree-SHA512: cb36b84a3e0200375b7e06a98c7e750cfaf95cf5de132cad59f7ec3cbd201f739427de0dc108f515be7aca203652089fbf5f24ed283d4553bddf23a3224ab31f
c77f09230b Fix descriptor_tests not checking ToString output of public descriptors (Russell Yanofsky)
Pull request description:
This fixes a minor test bug introduced in #13697 that I noticed while reviewing #14646
Tree-SHA512: efed91200cdff5f86ba5de3461ac00759d285e2905f6cb24cea15d3e23e0581ce5fc14b24a40db093f7ebd662ee1ee2cf67f8798bac1903a78298eda08909cfb
fa739d4bd7 qa: Add wallet_encryption error tests (MarcoFalke)
Pull request description:
The errors for empty passphrases are the help text of the RPC call, which is not very specific. Replace that with proper RPC errors and test them.
Tree-SHA512: 3137e0f8f2e42a1f8ab1eeb57c99052557725f6f85139ff48c24acc8f3cf4087802de5216f3ce97375b291d21bddb7cd1379a6f280166136a306a0c9663bbd42
Instead of adding BerkeleyEnvironment objects permanently to the g_dbenvs map,
use reference counted shared pointers and remove map entries when the last
BerkeleyEnvironment reference goes out of scope.
This change was requested by Matt Corallo <git@bluematt.me> and makes code that
sets up mock databases cleaner. The mock database environment will now go out
of scope and be reset on destruction so there is no need to call
BerkeleyEnvironment::Reset() during wallet construction to clear out prior
state.
This change does affect bitcoin behavior slightly. On startup, instead of same
wallet environments staying open throughout VerifyWallets() and OpenWallets()
calls, VerifyWallets() will open and close an environment once for each wallet,
and OpenWallets() will create its own environment(s) later.
Let event base loop exit cleanly by processing all active and pending
events. The call is no longer necessary because closing persistent
connections is now properly handled.
This (almost) move only ensures the event base loop doesn't exit before
HTTP worker threads exit. This way events registered by HTTP workers are
processed and not discarded.
Sending the header "Connection: close" makes libevent close persistent
connections (implicit with HTTP 1.1) which cleans the event base when
shutdown is requested.
b81a186056 GetPubKey: make sigdata const (Gregory Sanders)
f7beb95a1f remove redundant KeyOriginInfo access, already done in CreateSig (Gregory Sanders)
Pull request description:
This redundancy is confusing as it looks like pubkeyhashes are special in some way based on where it's called.
Tree-SHA512: a980b7c774c6d69322945227a2b156489fb1991ebf57fe6f26096d5f8047f246a133debc241b05af67810f604b040079add3ab3d30d9e2928095905a2afe17eb
0c69ff6171 clarify rpcwallet flag url change (Jordan Baczuk)
Pull request description:
This adds clarification to the bitcoin-cli -rpcwallet flag in the help command. This will benefit users who want to utilize this feature without the cli, for example curl. It isn't readily apparent that this changes the url used in the RPC call.
Tree-SHA512: 6fc759f193f0a918884aab8ba4dc77ed9e89ee3840feeff737a754be758750590f5bd44b40f4810c3b82601e125e62e10360af45cb8e9d95be206ebeb9120ebf
b7b36decaf fix uninitialized read when stringifying an addrLocal (Kaz Wesley)
8ebbef0169 add test demonstrating addrLocal UB (Kaz Wesley)
Pull request description:
Reachable from either place where SetIP is used when all of:
- our best-guess addrLocal for a peer is IPv4
- the peer tells us it's reaching us at an IPv6 address
- NET logging is enabled
In that case, SetIP turns an IPv4 address into an IPv6 address without
setting the scopeId, which is subsequently read in GetSockAddr during
CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
constructor initializes the scopeId field with something.
Tree-SHA512: 8f0159750995e08b985335ccf60a273ebd09003990bcf2c3838b550ed8dc2659552ac7611650e6dd8e29d786fe52ed57674f5880f2e18dc594a7a863134739e3
fa5e0452e8 rpc: Documentation fixups (MarcoFalke)
fa91e8eda5 Use RPCHelpMan for all RPCs (MarcoFalke)
fa520e72f7 lint: Must use RPCHelpMan to generate the RPC docs (MarcoFalke)
Pull request description:
The resulting documentation should not change unless the type in the oneline-summary was previously incorrect. (E.g. string vs bool)
Tree-SHA512: 4ff355b6a53178f02781e97a7aca7ee1d0d97ff348b6bf5a01caa1c96904ee33c704465fae54c2cd7445097427fd04c71ad3779bb7a7ed886055ef36c1b5a1d0
fa21ca09a8 test: Add BOOST_REQUIRE to getters returning optional (MarcoFalke)
Pull request description:
Usually the returned value is already checked for equality, but for sanity we might as well require that the getter successfully returned.
Tree-SHA512: 0d613a9a721c61bd7a115ebc681a0890df09b8e5775f176ac18b3a586f2ca57bee0b5b816f5a7c314ff3ac6cbb2a4d9c434f8459e054a7c8a6934a75f0120c2a
27c44ef9c6 rpcbind: Warn about exposing RPC to untrusted networks (Luke Dashjr)
d6a1287481 CNetAddr: Add IsBindAny method to check for INADDR_ANY (Luke Dashjr)
3615003952 net: Always default rpcbind to localhost, never "all interfaces" (Luke Dashjr)
Pull request description:
A disturbingly large number of listening nodes appear to be also exposing their RPC server to the public internet. To attempt to mitigate this:
* Only ever bind localhost by default, even if `rpcallowip` is specified. (A warning is given if `rpcallowip` is specified without `rpcbind`, since it doesn't really make sense to do.)
* Warn about exposing the RPC server to untrusted networks if the user explicitly binds to any INADDR_ANY address.
* Include a warning about untrusted networks in the `--help` documentation for `rpcbind`.
Tree-SHA512: 755bbca3db416a31393672eccf6675a5ee4d1eb1812cba73ebb4ff8c6b855ecc5df4c692566e9aa7b0f7d4dce6fedb9c0e9f3c265b9663aca36c4a6ba5efdbd4
69ca48717c Implement prevector::fill once (Ben Woosley)
7bad78c2c8 Drop defunct IS_TRIVIALLY_CONSTRUCTIBLE handling from prevector.h (Ben Woosley)
Pull request description:
This is clean-up post #14651:
* Use one implementation of `prevector::fill`, as it's possible now that the implementations are identical.
* Only apply the `IS_TRIVIALLY_CONSTRUCTIBLE` handling to the bench file where it is used, and drop the now-unnecessary associated compat includes.
Tree-SHA512: 5930b3a17fccd39af10add40202ad97a297aebecc049af72ca920d0d55b3e4c3c30ce864c8a683355895f0196396d4ea56ba9f9637bdc7d16964cdf66c195485
3fb09b9889 Warn unrecognized sections in the config file (Akio Nakamura)
Pull request description:
This PR intends to resolve#14702.
In the config file, sections are specified by square bracket pair "[]"$,
or included in the option name itself which separated by a period"(.)".
Typicaly, [testnet] is not a correct section name and specified options
in that section are ignored but user cannot recognize what is happen.
So, add some log-warning messages if unrecognized section names are
present in the config file after checking section only args.
note: Currentry, followings are out of scope of this PR.
1) Empty section name or option name can describe.
e.g. [] , .a=b, =c
2) Multiple period characters can exist in the section name and option name.
e.g. [c.d.e], [..], f.g.h.i=j, ..=k
Tree-SHA512: 2cea02a0525feb40320613989a75cd7b7b1bd12158d5e6f3174ca77e6a25bb84425dd8812f62483df9fc482045c7b5402d69bc714430518b1847d055a2dc304b
591203149f wallet: Create IsDatabaseLoaded function (Chun Kuan Lee)
15c93f075a wallet: Add trailing wallet.dat when detecting duplicate wallet if it's a directory. (Chun Kuan Lee)
c456fbd8df Refactor: Move m_db pointers into BerkeleyDatabase (Russell Yanofsky)
Pull request description:
Fix#14538
Fix crash attempting to load the same wallet with different path strings that resolve to the same absolute path. The primary check which prevents loading the same wallet twice is:
6b8d0a2164/src/wallet/db.cpp (L44)
But this check is skipped if both wallet paths resolve to the same absolute path, due to caching here:
6b8d0a2164/src/wallet/db.cpp (L467)
Meanwhile a secondary check for duplicate wallets is not reliable because it based on a literal comparison, instead of comparison using absolute paths:
6b8d0a2164/src/wallet/wallet.cpp (L3853)
This PR fixes the latter check to compare the absolute path of a new wallet being loaded to absolute paths of wallets already loaded, so there should no longer be any way to load the same wallet more than once.
Tree-SHA512: 2fa01811c160b57be3b76c6b4983556a04bbce71a3f8202429987ec020664a062e897deedcd9248bc04e9baaa2fc7b464e2595dcaeff2af0818387bf1fcdbf6f
In the config file, sections are specified by square bracket pair "[]"$,
or included in the option name itself which separated by a period"(.)".
Typicaly, [testnet] is not a correct section name and specified options
in that section are ignored but user cannot recognize what is happen.
So, add some log/stderr-warning messages if unrecognized section names
are present in the config file after checking section only args.
c54e5a41c4 Remove unreferenced boost headers (Murray Nesbitt)
Pull request description:
Building with clang (e.g. on FreeBSD) is very noisy due to `-Wthread-safety-analysis` warnings regarding boost. This change removes a number of unnecessary boost includes, and silences the rest of the warnings when building with clang. This allows more potentially interesting warnings to surface from the noise.
Tested on FreeBSD 11.2
Tree-SHA512: 5e6a0623188b9be59aeae52866799aefb4c3c9ab5e569b07ee8d43fc92e0b5f1f76b96bb54c35c7043148df84641b4a96927fb71f6eb00460c20cd19cf250900
b08af10fb2 disallow oversized CBlockHeaderAndShortTxIDs (Kaz Wesley)
6bed4b374d fix a deserialization overflow edge case (Kaz Wesley)
051faf7e9d add a test demonstrating an overflow in a deserialization edge case (Kaz Wesley)
Pull request description:
A specially-constructed BlockTransactionsRequest can cause `offset` to wrap in deserialization. In the current code, there is not any way this could be dangerous; but disallowing it reduces the potential for future surprises.
Tree-SHA512: 1aaf7636e0801a905ed8807d0d1762132ac8b4421a600c35fb6d5e5033c6bfb587d8668cd9f48c7a08a2ae793a677b7649661e3ae248ab4f8499ab7b6ede483c
Reachable from either place where SetIP is used when our best-guess
addrLocal for a peer is IPv4, but the peer tells us it's reaching us at
an IPv6 address.
In that case, SetIP turns an IPv4 address into an IPv6 address without
setting the scopeId, which is subsequently read in GetSockAddr during
CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
constructor initializes the scopeId field with something.
9cc0230cfc Add NODISCARD to all {Decode,Parse}[...](...) functions returning bool. Sort includes. (practicalswift)
579497e77a tests: Explicitly ignore the return value of DecodeBase58(...) (practicalswift)
145fe95ec7 tests: Check return value of ParseParameters(...) (practicalswift)
7c5bc2a523 miner: Default to DEFAULT_BLOCK_MIN_TX_FEE if unable to parse -blockmintxfee (practicalswift)
Pull request description:
Changes in this PR:
* ~~Add linter to make sure the return value of `Parse[...](...)` is checked~~
* Add `__attribute__((warn_unused_result))` to all `{Decode,Parse}[...](...)` functions returning `bool`
* Fix violations
Context:
* #13712: `wallet: Fix non-determinism in ParseHDKeypath(...). Avoid using an uninitialized variable in path calculation.` would have been prevented by this
Tree-SHA512: 41a97899f2d5a26584235fa02b1ebfb4faacd81ea97e927022955a658fa7e15d07a1443b4b7635151a43259a1adf8f2f4de3c1c75d7b5f09f0d5496463a1dae6
b4f6e58ca5 Better error message for user when corrupt wallet unlock fails (MeshCollider)
Pull request description:
Mentioned here: https://github.com/bitcoin/bitcoin/issues/14461#issuecomment-429183503
Current behavior is to assert(false) and crash, only info is printed in the log. This shows the message to the user before abort() instead.
Tree-SHA512: 526f9ed9262257fca55caf7153ab913ed958b13b079d2f01db797485614d8c375815a1554276e8cf73d3838104b2691a9cf85c8d097973127ae8de9e111446bf
fa0815c300 rpc: Correctly name arguments (Jon Layton)
Pull request description:
Consistently use the same name to describe arguments in the documentation and add a test that uses the name.
By splitting it up, the changes are easier to potentially backport and also make review easier when we switch to `RPCHelpMan`.
The tests should pass with or without the changes in `src`.
Partly stolen from #14459 (More RPC help description fixes by ch4ot1c)
Tree-SHA512: 1072992b1e93ac41006613523e54a0a8004f529fcb101eb9d74d91474abb0945a5a7539f249905151b904b87448f9efc0cacbd9e052fbe2ea9111e62f3e7249c
7afddfa8ce importmulti: Don't add internal addresses to address book (Gregory Sanders)
Pull request description:
Currently anything imported with `internal` will not be treated as change since checking the address book is a primary test of this.
Added basic tests of all combinations of arguments and change identification.
Resolves https://github.com/bitcoin/bitcoin/issues/14662
Tree-SHA512: a1f08dc624a3fadee93cc5392d50c4796b0c5eedf38e295382f71570f2066d9e978ed6e3962084b902989863fe1273a8642d8fdb094a266d69de10622a4176b0
Accurately reports the last block successfully scanned, replacing a return of
the chain tip, which represented possibly inaccurated data in a race condition.
fa483e13b3 rpc: Add RPCHelpMan for machine-generated help (MarcoFalke)
fa0d36f712 rpc: Include rpc/util.h where needed for RPCHelpMan (MarcoFalke)
Pull request description:
This introduces a manager for the RPC help generation and demonstrates its use of it in some RPCs.
It is the first non-exhaustive step toward #14378 and I will create pull requests for the next steps after this one is merged.
Tree-SHA512: 86f68322443ff01cd964aaf0ebe186be63fbebe4c47676cf7a622cc2b5305fd176bd57badfd1bbf788a036812253eb0dead74ecc3b30664c3e0d9392b2248054
27154ce765 util.h: explicitly include required QString header (1Il1)
Pull request description:
Alternative to #14713.
Instead of depending on clang formatter to not reorder includes, another fix is to explicitly include the missing header file.
Tree-SHA512: f419ef2fd1dfd8da28160a94d187af78463fb398ef6aadd6c68ebf57e6d02380d93f5f370bf2d39e88dcbfeb252c3e5f245c0a157c7d0a64c38fc0f0c7004515
4e4de10f69 Throw error if CPubKey is invalid during PSBT keypath serialization (Gregory Sanders)
Pull request description:
Related to https://github.com/bitcoin/bitcoin/pull/14689
We should catch this error before attempting to deserialize it later.
Tree-SHA512: d2f3ea7f363818ac70c81ee988231b2bb50d055b6919f7bff3f27120c85a7048bfa183efae33e23e6b81d684bcb8bb81e5b209abb3acbcaff1d88014f4f1aa93
a6b5ec18f rpc: creates possibility to preserve labels on importprivkey (marcoagner)
Pull request description:
Closes#13087.
As discussed in the issue, this is a feature request instead of a bug report since the behaviour was as intended (i.e. label with default: `''`). With this, the old behaviour is kept while the possibility to achieve the preservation of labels, as expected in the open issue, is added.
Tree-SHA512: b33be50e1e7f62f7ddfae953177ba0926e2d848961f9fac7501c2b513322c0cb95787745d07d137488267bad1104ecfdbe800c6747f94162eb07c976835c1386
88a79cb436 fix converttopsbt permitsigdata arg, add basic test (Gregory Sanders)
Pull request description:
The final check for extraneous sigdata has a flipped boolean, resulting in incorrect behavior.
Resolves https://github.com/bitcoin/bitcoin/issues/14355
Tree-SHA512: 5157a74b8ddebd7d836fba96765c4d7ed15a73d4289817353d3566a0f6803bd4bbc3f936735c517c7a83a6cbdb4052b9c61d23f6cc4ad00a6077278cd51adbd4
0385109444 Add test for rpcpassword hash error (MeshCollider)
13fe258e91 Error if rpcpassword in conf contains a hash character (MeshCollider)
Pull request description:
Fixes#13143 now #13482 was merged
Tree-SHA512: e7d00c8df1657f6b8d0eee1e06b9ce2b1b0a2de487377699382c1b057836e1571dac313ca878b5877c862f0461ba789a50b239d2a9f34accd8a6321f126e3d2a
ec1201a368 Don't use systray icon on inappropriate systems (Hennadii Stepanov)
Pull request description:
Prevent a user from losing access to the main window by minimizing it to the tray on the systems which have not “system tray” or “notification area” available (e.g. GNOME 3.26+).
Tested on Fedora 28 + GNOME 3.28.
Tree-SHA512: c2dc26ff31c38a882dbd7d1ff71af99f1ba38a04a1c8b7fe7b99b93e4c0719f2916c7db0e620806a36582402d18939c635e1913c276b452ecbf939936067407b
0a656f85a9 qt: All tray menu actions call showNormalIfMinimized (João Barbosa)
6fc21aca6d qt: Use GUIUtil::bringToFront where possible (João Barbosa)
5796671e1d qt: Add GUIUtil::bringToFront (João Barbosa)
6b1d2972bf Remove obj_c for macOS Dock icon menu (Hennadii Stepanov)
2464925e7b Use Qt signal for macOS Dock icon click event (Hennadii Stepanov)
53bb6be3f8 Remove obj_c for macOS Dock icon setting (Hennadii Stepanov)
Pull request description:
The sequence `show -> raise -> activateWindow` is factored out to the new function `GUIUtil::bringToFront` where a macOS fix is added in order to fix#13829.
Also included:
- simplification of `BitcoinGUI::showNormalIfMinimized`
- simplified some connections to `BitcoinGUI::showNormalIfMinimized`
- added missing connections to `BitcoinGUI::showNormalIfMinimized`.
Tree-SHA512: a8e301aebc359aa353821e2af352ae356f44555724921b01da907e128653ef9dc55d8764a1bff72a579e5ff96df8a681f6804bfe83acba441da92fedff974a55
76e13b586f warnings: Compiler warning on memset usage for non-trivial type (Lenny Maiorani)
Pull request description:
Fixing warnings reported by GCC: memset of non-trivial type
Tree-SHA512: 357aeac60acfb922851daaf0bd8d4b81e377da7c9b31c2942b54cfdd4129dae61e577fc0a6aa430348cb07abd16ae32f986a64dbb2c1d90ec148f53e7451a229
1e0f3c4499 macOS: disable AppNap during sync (Alexey Ivanov)
Pull request description:
Code based on pull/5804. Tested only on macOS 10.13.3 and should support 10.9+.
What macOS versions bitcoin core currently supports?
Tree-SHA512: 85809b8d8d8a05169437b4268988da0b7372c29c6da3223ebdc106dc16dcb6d3caa5c52ace3591467005b50a63fd8b2ab1cb071cb4f450032932df25d5063315
6b8d86ddb8 Require a public key to be retrieved when signing a P2PKH input (Andrew Chow)
Pull request description:
If we do not have the public key for a P2PKH input, we should not continue to attempt to sign for it.
This fixes a problem where a PSBT with a P2PKH output would include invalid BIP 32 derivation paths that are missing the public key.
Tree-SHA512: 850d5e74c06833da937d5bf0348bd134180be7167b6f9b9cecbf09f75e3543fbad60d0abbc0b9afdfa51ce165aa36168849f24a7c5abf1e75f37ce8f9a13d127
e13fea975d Add regression test for PSBT signing bug #14473 (Glenn Willen)
565500508a Refactor PSBTInput signing to enforce invariant (Glenn Willen)
0f5bda2bd9 Simplify arguments to SignPSBTInput (Glenn Willen)
53e6fffb8f Add bool PSBTInputSigned (Glenn Willen)
65166d4cf8 New PartiallySignedTransaction constructor from CTransction (Glenn Willen)
4f3f5cb4b1 Remove redundant txConst parameter to FillPSBT (Glenn Willen)
fe5d22bc67 More concise conversion of CDataStream to string (Glenn Willen)
Pull request description:
As discussed in the comments on #14473, I think that bug was caused primarily by failure to adhere to the invariant that a PSBTInput always has exactly one of the two utxo fields present -- an invariant that is already enforced by PSBTInput::IsSane, but which we were temporarily suspending during signing.
This refactor repairs the invariant, also fixing the bug. It also simplifies some other code, and removes redundant parameters from some related functions.
fixes#14473
Tree-SHA512: cbad3428175e30f9b7bac3f600668dd1a8f9acde16b915d27a940a2fa6d5149d4fbe236d5808fd590fb20a032274c99e8cac34bef17f79a53fdf69a5948c0fd0
Just a preparatory commit to add the header to the includes and run
clang-format to sort the include lists.
Splitting this up into a separate commit makes future scripted-diffs
easier.
081accb875 Pass chain locked variables where needed (Russell Yanofsky)
79d579f4e1 Remove uses of cs_main in wallet code (Russell Yanofsky)
ea961c3d72 Remove direct node->wallet calls in init.cpp (Russell Yanofsky)
8db11dd0b1 Pass chain and client variables where needed (Russell Yanofsky)
7e2e62cf7c Add skeleton chain and client classes (Russell Yanofsky)
Pull request description:
This creates an incomplete [`Chain`](https://github.com/ryanofsky/bitcoin/blob/pr/wipc-sep/src/interfaces/chain.h) interface in [`src/interfaces/`](https://github.com/ryanofsky/bitcoin/tree/pr/wipc-sep/src/interfaces) and begins to update wallet code to use it.
#10973 builds on this, changing the wallet to use the new interface to access chain state, instead of using CBlockIndex pointers and global variables like `chainActive`.
Tree-SHA512: 6ef05a4d8ebf57f2ad71835e4d970c9c59e34057e39e48cee76b887492c2fee907e3f6a74a9861e5a9f97cdc6823f4865ebc41ec556ab371ebca1b664c20dbea
fa4da3c058 [doc] conf: Remove deprecated options from docs, Other cleanup (MarcoFalke)
Pull request description:
Some dumb fixes, like removing the mention that free transactions are still a thing or that rpcuser/pass should be used (as opposed to rpcauth or rpc cookie).
Combined with other fixes because I don't want to create 3 pull requests:
* conf: Remove deprecated options from docs
* Remove only mention of MIT/X11
* Link to developer notes in README.md
Tree-SHA512: 9e45dc6c63037e7618cf3c871d7d9e65b66f1a952f91a6e623d97d90171e29bc40299a06029c4dc21a0f579e68021e3663186bd3a65e3ab333aff711f7dcb2bf
b191c7dfb7 doc: add comment explaining recentRejects-DoS behavior (James O'Beirne)
Pull request description:
When we receive invalid txs for the first time, we mark the sender as
misbehaving. If we receive the same tx before a new block is seen, we *don't*
punish the second sender (in the same way we do the original sender). It wasn't
initially clear to me that this is intentional, so add a clarifying comment.
Tree-SHA512: d12c674db137ed3ad83e0b941bffe6ddcd2982238048742afa574a4235881f0e58cfc0a4a576a0503e74c5c5240c270b9520fa30221e8b43a371fb3e0b37066b
535203075e Avoid using numeric_limits for sequence numbers and lock times (Russell Yanofsky)
bafb921507 Remove duplicated code (Hennadii Stepanov)
e4dc39b3bc Replace platform dependent type with proper const (Hennadii Stepanov)
Pull request description:
Switches to named constants, because numeric_limits calls can be harder to read and less portable.
Change was suggested by jamesob in https://github.com/bitcoin/bitcoin/pull/10973#discussion_r213473620
There are no changes in behavior except on some platforms we don't support (ILP64, IP16L32, I16LP32), where `SignalsOptInRBF` and `MutateTxAddInput` functions would now work correctly.
Tree-SHA512: 3f5c6393c260551f65a0edfba55ef7eb3625232eec8d85b1457f26e144aa0b90c7ef5f44b2fd2f7d9be3c3bcb301030a9f5473c21b3bac566cc59b8c8780737c
This commit does not change behavior. All it does is pass new function
parameters.
It is easiest to review this change with:
git log -p -n1 -U0 --word-diff-regex=.
Route calls during node initialization and shutdown that would happen between a
node process and wallet processes through the serializable `Chain::Client`
interface, rather than `WalletInitInterface` which is now simpler and only
deals with early initialization and parameter interaction.
This commit mostly does not change behavior. The only change is that the
"Wallet disabled!" and "No wallet support compiled in!" messages are now logged
earlier during startup.
This commit does not change behavior. All it does is pass new function
parameters.
It is easiest to review this change with:
git log -p -n1 -U0 --word-diff-regex=.
fef5adcc33 blockfilter: Use unordered_set instead of set in blockfilter. (Jim Posen)
4fb789e9b2 Extract CSipHasher to it's own file in crypto/ directory. (Jim Posen)
Pull request description:
Use `std::unordered_set` (hash set) instead of `std::set` (tree set) in blockfilter interface, as suggested by @ryanofsky in #12254. This may result in a very minor speedup, but I haven't measured.
This moves `CSipHasher` to it's own file `crypto/siphash.h`, so that it can be used in the libbitcoin_util library without including `hash.{h,cpp}`. I'm open to other suggestions on solving this issue if people would prefer to leave CSipHasher where it is.
Tree-SHA512: 593d1abda771e45f2860d5334272980d20df0b81925a402bb9ee875e17595c2517c0d8ac9c579218b84bbf66e15b49418241c1fe9f9265719bcd2377b0cd0d88
