Commit graph

12883 commits

Author SHA1 Message Date
Cory Fields
d9434918d2 qa: add a test to detect leaky p2p messages
This is certainly not exhaustive, but it's better than nothing. Adds checks
for:

- Any message received before sending a version
- Any message received other than version/reject before sending a verack

It also tries to goad the remote into sending a pong, address, or block
announcement.
2017-02-13 18:56:03 -05:00
Matt Corallo
8650bbb660 qa: Expose on-connection to mininode listeners 2017-02-13 18:56:03 -05:00
Matt Corallo
5b5e4f8330 qa: mininode learns when a socket connects, not its first action 2017-02-13 18:56:03 -05:00
Cory Fields
cbfc5a6728 net: require a verack before responding to anything else
7a8c251901 made this logic hard to follow. After that change, messages would
not be sent to a peer via SendMessages() before the handshake was complete, but
messages could still be sent as a response to an incoming message.

For example, if a peer had not yet sent a verack, we wouldn't notify it about
new blocks, but we would respond to a PING with a PONG.

This change makes the behavior straightforward: until we've received a verack,
never send any message other than version/verack/reject.

The behavior until a VERACK is received has always been undefined, this change
just tightens our policy.

This also makes testing much easier, because we can now connect but not send
version/verack, and anything sent to us is an error.
2017-02-13 18:55:35 -05:00
Cory Fields
8502e7acbe net: parse reject earlier
Prior to this change, all messages were ignored until a VERSION message was
received, as well as possibly incurring a ban score.

Since REJECT messages can be sent at any time (including as a response to a bad
VERSION message), make sure to always parse them.

Moving this parsing up keeps it from being caught in the
if (pfrom->nVersion == 0) check below.
2017-02-13 18:55:35 -05:00
Cory Fields
c45b9fb54c net: correctly ban before the handshake is complete
7a8c251901 made a change to avoid getting into SendMessages() until the
version handshake (VERSION + VERACK) is complete. That was done to avoid
leaking out messages to nodes who could connect, but never bothered sending
us their version/verack.

Unfortunately, the ban tally and possible disconnect are done as part of
SendMessages(). So after 7a8c251901, if a peer managed to do something
bannable before completing the handshake (say send 100 non-version messages
before their version), they wouldn't actually end up getting
disconnected/banned. That's fixed here by checking the banscore as part of
ProcessMessages() in addition to SendMessages().
2017-02-13 18:55:34 -05:00
MarcoFalke
d304fef374
Merge #9712: bench: Fix initialization order in registration
29c5328 bench: Fix initialization order in registration (Wladimir J. van der Laan)
2017-02-08 04:43:13 +01:00
Wladimir J. van der Laan
29c53289a9 bench: Fix initialization order in registration
The initialization order of global data structures in different
implementation units is undefined. Making use of this is essentially
gambling on what the linker does, the so-called [Static initialization
order fiasco](https://isocpp.org/wiki/faq/ctors#static-init-order).

In this case it apparently worked on Linux but failed on OpenBSD and
FreeBSD.

To create it on first use, make the registration structure local to
a function.

Fixes #8910.
2017-02-07 19:07:29 +01:00
Wladimir J. van der Laan
b709fe7ffc
Merge #9532: Remove unused variables
90fd29b Remove unused int64_t nSinceLastSeen (practicalswift)
ac4a095 Remove unused Python variables (practicalswift)
2017-02-07 15:28:50 +01:00
Wladimir J. van der Laan
729de15b63
Merge #9604: [Trivial] add comment about setting peer as HB peer.
dd5b011 [Trivial] add comment about setting peer as HB peer. (John Newbery)
2017-02-07 13:03:57 +01:00
Wladimir J. van der Laan
02464da5e4
Merge #9227: Make nWalletDBUpdated atomic to avoid a potential race.
d63ff62 Make nWalletDBUpdated atomic to avoid a potential race. (Patrick Strateman)
2017-02-06 16:14:17 +01:00
Wladimir J. van der Laan
870cd2b58a
Merge #9378: [trivial] Add documentation for CWalletTx::fFromMe member.
39c77b0 Add documentation for CWalletTx::fFromMe member. (Russell Yanofsky)
2017-02-06 14:58:02 +01:00
Wladimir J. van der Laan
40f7e27d25
Merge #9650: Better handle invalid parameters to signrawtransaction
6dbfe08 [qa] test signrawtransaction merge with missing inputs (Matt Corallo)
ec4f7e4 [qa] Add second input to signrawtransaction test case (Matt Corallo)
691710a [qa] Test that decoderawtransaction throws with extra data appended (Matt Corallo)
922bea9 Better handle invalid parameters to signrawtransaction (Matt Corallo)
7ea0ad5 Fail in DecodeHexTx if there is extra data at the end (Matt Corallo)
2017-02-06 14:51:00 +01:00
Wladimir J. van der Laan
09e0c28f85
Merge #9659: Net: Turn some methods and params/variables const
0729102 Net: pass interruptMsgProc as const where possible (Jorge Timón)
fc7f2ff Net: Make CNetMsgMaker more const (Jorge Timón)
d45955f Net: CConnman: Make some methods const (Jorge Timón)
2017-02-06 14:34:53 +01:00
Wladimir J. van der Laan
986ba005ed
Merge #9651: Fix typos
5f62e3e Fix typos (practicalswift)
2017-02-06 14:20:05 +01:00
Wladimir J. van der Laan
8d6447ecf7
Merge #9673: Set correct metadata on bumpfee wallet transactions
4ec057d [wallet] Set correct metadata on bumpfee wallet transactions (Russell Yanofsky)
2017-02-06 12:48:55 +01:00
Wladimir J. van der Laan
fc67cd22f8
Merge #9691: Init ECC context for test_bitcoin_fuzzy.
ac719c9 Init ECC context for test_bitcoin_fuzzy. (Gregory Maxwell)
2017-02-06 09:22:14 +01:00
Pieter Wuille
923dc447ea
Merge #9578: Add missing mempool lock for CalculateMemPoolAncestors
003cd60 Add missing mempool lock for CalculateMemPoolAncestors (Matt Corallo)
2017-02-05 12:08:08 -08:00
Gregory Maxwell
ac719c936d Init ECC context for test_bitcoin_fuzzy.
This avoids calling things like pubkey_parse with a null context argument.
2017-02-05 17:37:13 +00:00
Wladimir J. van der Laan
7821db30e1
Merge #9671: Fix super-unlikely race introduced in 236618061a
885cfdd Fix super-unlikely race introduced in 236618061a (Matt Corallo)
2017-02-04 11:39:17 +01:00
Wladimir J. van der Laan
496691741d
Merge #9609: net: fix remaining net assertions
08bb6f4 net: log an error rather than asserting if send version is misused (Cory Fields)
7a8c251 net: Disallow sending messages until the version handshake is complete (Cory Fields)
12752af net: don't run callbacks on nodes that haven't completed the version handshake (Cory Fields)
2046617 net: deserialize the entire version message locally (Cory Fields)
80ff034 Dont deserialize nVersion into CNode, should fix #9212 (Matt Corallo)
2017-02-04 11:38:02 +01:00
Wladimir J. van der Laan
a3511628d0
Merge #9679: Access WorkQueue::running only within the cs lock
7b2d96b Access WorkQueue::running only within the cs lock. (Matt Corallo)
2017-02-04 11:37:26 +01:00
Matt Corallo
7b2d96b634 Access WorkQueue::running only within the cs lock.
This removes a "race" between Interrupt() and Run(), though it
should not effect any of our supported platforms.
2017-02-03 13:50:17 -05:00
Matt Corallo
6dbfe08c29 [qa] test signrawtransaction merge with missing inputs 2017-02-02 17:40:49 -05:00
Russell Yanofsky
4ec057dfa7 [wallet] Set correct metadata on bumpfee wallet transactions
Preserve comment, order form, and account strings from the original wallet
transaction. Also set fTimeReceivedIsTxTime and fFromMe fields for consistency
with CWallet::CreateTransaction. The latter two fields don't influence current
wallet behavior, but do record that the transaction originated in the wallet
instead of coming from the network or sendrawtransaction.
2017-02-02 17:34:22 -05:00
Matt Corallo
ec4f7e433e [qa] Add second input to signrawtransaction test case 2017-02-02 17:32:28 -05:00
Matt Corallo
691710a648 [qa] Test that decoderawtransaction throws with extra data appended 2017-02-02 17:32:28 -05:00
Matt Corallo
922bea90c2 Better handle invalid parameters to signrawtransaction
This silently skips trying to merge signatures from inputs which
do not exist from transactions provided to signrawtransaction,
instead of hitting an assert.
2017-02-02 17:32:27 -05:00
Matt Corallo
7ea0ad539f Fail in DecodeHexTx if there is extra data at the end 2017-02-02 17:32:27 -05:00
Cory Fields
08bb6f4ed4 net: log an error rather than asserting if send version is misused
Also cleaned up the comments and moved from the header to the .cpp so that
logging headers aren't needed from net.h
2017-02-02 16:14:16 -05:00
Cory Fields
7a8c251901 net: Disallow sending messages until the version handshake is complete
This is a change in behavior, though it's much more sane now than before.
2017-02-02 16:14:16 -05:00
Cory Fields
12752af0cc net: don't run callbacks on nodes that haven't completed the version handshake
Since ForEach* are can be used to send messages to  all nodes, the caller may
end up sending a message before the version handshake is complete. To limit
this, filter out these nodes. While we're at it, may as well filter out
disconnected nodes as well.

Delete unused methods rather than updating them.
2017-02-02 16:14:16 -05:00
Cory Fields
2046617b5e net: deserialize the entire version message locally
This avoids having some vars set if the version negotiation fails.

Also copy it all into CNode at the same site. nVersion and
fSuccessfullyConnected are set last, as they are the gates for the other vars.
Make them atomic for that reason.
2017-02-02 16:13:52 -05:00
Matt Corallo
80ff0344ae Dont deserialize nVersion into CNode, should fix #9212 2017-02-02 13:56:05 -05:00
Matt Corallo
885cfdd217 Fix super-unlikely race introduced in 236618061a
Once the CNode has been added to vNodes, it is possible that it is
disconnected+deleted in the socket handler thread. However, after
that we now call InitializeNode, which accesses the pnode.

helgrind managed to tickle this case (somehow), but I suspect it
requires in immensely braindead scheduler.
2017-02-02 13:51:57 -05:00
Wladimir J. van der Laan
1c2edd9f67
Merge #9654: Add jtimon pgp keys for commit sigs and future gitian builds
178454d Contrib: Add jtimon pgp keys for commit sigs and future gitian builds (Jorge Timón)
2017-02-02 13:25:59 +01:00
Wladimir J. van der Laan
7c93952fec
Merge #9656: Check verify-commits on pushes to master
ba94426 Test that pushes to bitcoin/bitcoin are signed per verify-commits (Matt Corallo)
3e900ac Require merge commits merge branches on top of other merge commits (Matt Corallo)
2017-02-02 13:04:53 +01:00
Wladimir J. van der Laan
4e19efba03
Merge #9556: Remove redundant semicolons
8fc6989 Remove redundant semicolons (practicalswift)
2017-02-02 11:57:40 +01:00
Wladimir J. van der Laan
ae972a5e99
Merge #9580: Fix various minor linearization script issues
b9d95bd Fix various minor linearization script issues (Douglas Roark)
2017-02-02 10:19:15 +01:00
Wladimir J. van der Laan
e30d9287fd
Merge #9663: [RPC] clarify listunspent amount description
3eba88d clarify listunspent amount description (Gregory Sanders)
2017-02-02 10:13:21 +01:00
Matt Corallo
ba94426d53 Test that pushes to bitcoin/bitcoin are signed per verify-commits 2017-02-01 18:22:55 -05:00
Matt Corallo
3e900acafa Require merge commits merge branches on top of other merge commits
Specifically, require that the left branch (first restult of git
show -s --format=format:%P) is a signed merge commit, instead of
allowing either. This is fine for now, but might need to be relaxed
in the future.

Also fixes an out-of-file-descriptors issue by holding too many
open FDs writing to /dev/null
2017-02-01 18:22:27 -05:00
Gregory Sanders
3eba88d44c clarify listunspent amount description 2017-02-01 12:18:31 -05:00
Wladimir J. van der Laan
77bd8c4cab
Merge #9625: Increase minimum debug.log size to 10MB after shrink.
29fb311 Increase minimum debug.log size to 10MB after shrink. (Alex Morcos)
2017-02-01 11:41:00 +01:00
Wladimir J. van der Laan
7bfb77045c
Merge #9640: Bumpfee: bugfixes for error handling and feerate calculation
9522b53 rpc: bumpfee: handle errors more gracefully (Suhas Daftuar)
f626594 rpc: bumpfee: use correct maximum signed tx size for fee calculation (Suhas Daftuar)
d625b90 wallet: Refactor dummy signature signing for reusability (Suhas Daftuar)
2017-02-01 08:42:53 +01:00
Suhas Daftuar
9522b53a91 rpc: bumpfee: handle errors more gracefully 2017-01-31 20:03:45 -05:00
Suhas Daftuar
f62659448c rpc: bumpfee: use correct maximum signed tx size for fee calculation
More accurate than simply adding one byte per input, and properly handles the
case where the original transaction happened to have very small signatures
2017-01-31 20:03:45 -05:00
Jorge Timón
0729102f99
Net: pass interruptMsgProc as const where possible 2017-01-31 23:45:47 +01:00
Jorge Timón
fc7f2ffad4
Net: Make CNetMsgMaker more const 2017-01-31 23:29:28 +01:00
Jorge Timón
d45955fa09
Net: CConnman: Make some methods const 2017-01-31 23:20:26 +01:00