Commit graph

4637 commits

Author SHA1 Message Date
Gavin Andresen
a0bb001431 Merge pull request #2886 from gavinandresen/rpctiming
Make RPC password resistant to timing attacks
2013-08-15 18:53:26 -07:00
Gavin Andresen
9be4cff5f6 Merge pull request #2876 from sipa/fixreorgcrash
Fix reorganization crash
2013-08-15 18:51:06 -07:00
Gregory Maxwell
47491a90b6 Merge pull request #2131 from sipa/evens
Only create signatures with even S, and verification mode to check.
2013-08-15 18:42:28 -07:00
Gavin Andresen
13d3b1c144 Merge pull request #2829 from sipa/bip32
BIP 32 derivation + test vectors
2013-08-15 16:40:03 -07:00
Pieter Wuille
a81cd96805 Only create signatures with even S, and verification mode to check.
To fix a minor malleability found by Sergio Lerner (reported here:
https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898)

The problem is that if (R,S) is a valid ECDSA signature for a given
message and public key, (R,-S) is also valid. Modulo N (the order
of the secp256k1 curve), this means that both (R,S) and (R,N-S) are
valid. Given that N is odd, S and N-S have a different lowest bit.
We solve the problem by forcing signatures to have an even S value,
excluding one of the alternatives.

This commit just changes the signing code to always produce even S
values, and adds a verification mode to check it. This code is not
enabled anywhere yet. Existing tests in key_tests.cpp verify that
the produced signatures are still valid.
2013-08-16 00:17:50 +02:00
Pieter Wuille
2461aba1ac Mempool consistency check 2013-08-15 23:55:35 +02:00
Pieter Wuille
f0784ac470 Fix non-standard disconnected transactions causing mempool orphans 2013-08-15 23:53:55 +02:00
Micha
9afe5a2c32 Clarified the listsinceblock help test
Specifically, the fact that the command
relates to wallet transactions.
2013-08-16 00:15:39 +03:00
Gavin Andresen
4323bfeafd Merge pull request #2776 from jgarzik/keypoolsize
RPC: keypoolrefill now permits optional size parameter, to bump keypool
2013-08-14 22:01:22 -07:00
Gavin Andresen
5c28d820b6 Merge pull request #2877 from gavinandresen/qt_unittest_makefile
Compile into build_test when creating bitcoin-qt_test
2013-08-14 21:55:11 -07:00
Gavin Andresen
5738877bed Merge pull request #2899 from super3/master
Removed duplicate /doc files.
2013-08-14 21:53:31 -07:00
super3
c6cb40f04b Removed duplicate files.
Left behind after the change to Markdown.
2013-08-14 23:03:57 -04:00
Gavin Andresen
8fa9b5cc45 Merge pull request #2658 from TheBlueMatt/forkalert
Detect any sufficiently long fork and alert the user just like any other alert
2013-08-12 23:33:40 -07:00
Gavin Andresen
6fc537f490 Merge pull request #2892 from r000n/master
Add missing 0x prefix in chainparams.cpp
2013-08-12 16:37:14 -07:00
Roman Mindalev
2b6a8993fb Add missing 0x prefix in chainparams.cpp 2013-08-12 18:28:23 +04:00
Gavin Andresen
ac1bd701ba Merge pull request #2890 from cozz/cozz1
do not call BuildMerkleTree() unnecessarily twice
2013-08-12 04:11:00 -07:00
Gavin Andresen
b35e993200 Use HandleError() consistently to handle leveldb errors 2013-08-12 18:06:17 +10:00
Cozz Lovan
c7fa1a3586 do not call BuildMerkleTree() unnecessarily twice 2013-08-10 15:27:25 +02:00
Gavin Andresen
8dc206a1e2 Reject non-canonically-encoded sizes
The length of vectors, maps, sets, etc are serialized using
Write/ReadCompactSize -- which, unfortunately, do not use a
unique encoding.

So deserializing and then re-serializing a transaction (for example)
can give you different bits than you started with. That doesn't
cause any problems that we are aware of, but it is exactly the type
of subtle mismatch that can lead to exploits.

With this pull, reading a non-canonical CompactSize throws an
exception, which means nodes will ignore 'tx' or 'block' or
other messages that are not properly encoded.

Please check my logic... but this change is safe with respect to
causing a network split. Old clients that receive
non-canonically-encoded transactions or blocks deserialize
them into CTransaction/CBlock structures in memory, and then
re-serialize them before relaying them to peers.

And please check my logic with respect to causing a blockchain
split: there are no CompactSize fields in the block header, so
the block hash is always canonical. The merkle root in the block
header is computed on a vector<CTransaction>, so
any non-canonical encoding of the transactions in 'tx' or 'block'
messages is erased as they are read into memory by old clients,
and does not affect the block hash. And, as noted above, old
clients re-serialize (with canonical encoding) 'tx' and 'block'
messages before relaying to peers.
2013-08-09 10:01:35 +10:00
Gavin Andresen
42656ea2e5 Make RPC password resistant to timing attacks
Fixes issue#2838; this is a tweaked version of pull#2845 that
should not leak the length of the password and is more generic,
in case we run into other situations where we need
timing-attack-resistant comparisons.
2013-08-08 19:58:57 +10:00
Gavin Andresen
6cc766fa55 Merge pull request #2856 from Diapolo/crypter_headers
remove windows.h from crypter.cpp includes
2013-08-08 02:16:56 -07:00
Gavin Andresen
9d23db58c1 Merge pull request #2883 from codler/patch-5
Replace with existing constants
2013-08-07 04:44:57 -07:00
Han Lin Yap
1511769239 Use existing RPC_INVALID_PARAMETER constant 2013-08-07 10:14:33 +02:00
Gavin Andresen
ddd0e2f616 Merge pull request #2871 from gavinandresen/simplify_maporphan
Simplify storage of orphan transactions, fix CVE-2013-4627
2013-08-06 17:11:48 -07:00
Gavin Andresen
1188a33d18 Merge pull request #2882 from codler/patch-4
Fix typo
2013-08-06 16:53:23 -07:00
Han Lin Yap
b3915841b0 fix typo in README.md 2013-08-06 14:09:35 +02:00
Gavin Andresen
7b22c8e8ca Merge pull request #2881 from Diapolo/translations_rem_newline
remove a newline from a string in init.cpp
2013-08-06 04:46:02 -07:00
Philip Kaufmann
265e2657b4 remove a newline from a string in init.cpp
- to match all other translatable strings in init.cpp and to simplify
  translations via Transifex
2013-08-06 10:28:52 +02:00
Gavin Andresen
bdd34642dc More unit tests for NUMEQUAL 2013-08-06 16:06:07 +10:00
Wladimir J. van der Laan
e07d9f77e9 Merge pull request #2879 from Diapolo/translations
translations update for Transifex 2013-08-05
2013-08-05 03:34:55 -07:00
Philip Kaufmann
0f1c8f23eb translations update for Transifex 2013-08-05 2013-08-05 11:06:45 +02:00
Gavin Andresen
ae759b3788 Merge pull request #2849 from petertodd/if-else-else
Add unittests for multiple ELSEs in a row
2013-08-05 01:53:57 -07:00
Gavin Andresen
15047f5af0 Merge pull request #2851 from TheBlueMatt/master
Prepare for mempool testing in pull-tester and fix multi-block transaction resurrection
2013-08-05 01:53:17 -07:00
Gavin Andresen
2af267c150 Merge pull request #2857 from Diapolo/compat_cleanup
cleanup compat.h Windows stuff
2013-08-05 01:48:35 -07:00
Gavin Andresen
e622f3f195 Merge pull request #2855 from Diapolo/guard_CreatePidFile
exclude CreatePidFile() function on WIN32 as it is unused
2013-08-05 01:05:59 -07:00
Gavin Andresen
a4ae02969e Merge pull request #2827 from Diapolo/rpccon_winpos
Bitcoin-Qt: save and restore position of debug window
2013-08-05 00:58:05 -07:00
Gavin Andresen
d687aaa311 Merge pull request #2865 from Diapolo/fix_intro_translation
fix string in intro.cpp, which is untranslatable on Transifex
2013-08-05 00:24:49 -07:00
Gavin Andresen
923602f11d Compile into build_test when creating bitcoin-qt_test 2013-08-05 14:36:58 +10:00
Gavin Andresen
159bc48193 Simplify storage of orphan transactions
Orphan transactions were stored as a CDataStream pointer;
this changes the mapOrphanTransactions data structures to
store orphans as a CTransaction.

This also fixes CVE-2013-4627 by always re-serializing
transactions before relaying them.
2013-08-02 16:10:25 +10:00
Gavin Andresen
8f6f92c72b Revert "Truncate oversize 'tx' messages before relaying/storing."
This reverts commit c40a5aaaf4.
2013-08-02 15:50:04 +10:00
Wladimir J. van der Laan
6d89611c3a Merge pull request #2850 from Diapolo/fix_intro
fix possible infinite loop in intro.cpp thread
2013-07-31 22:15:05 -07:00
Jeff Garzik
3b2ed514d3 Merge pull request #2867 from jgarzik/miner-sep
Move internal miner to separate miner.cpp module
2013-07-31 12:32:17 -07:00
Jeff Garzik
d247a5d130 Move internal miner/block creation to separate miner.cpp module.
Public functions referenced elsewhere are added to miner.h.
2013-07-31 09:43:35 -04:00
Jeff Garzik
18946846d5 Minor miner fixes (hey hey it's fun to say)
* Fix UpdateCoins() definition in main.h
* Remove pwalletMain reference from BitcoinMiner(), as it is passed
  a wallet argument.
2013-07-31 08:45:49 -04:00
Jeff Garzik
8351d55cd3 Merge pull request #2866 from gavinandresen/loopdefine
Remove #define loop from util.h
2013-07-31 03:35:33 -07:00
Gavin Andresen
050d2e953f Remove #define loop from util.h
Replace the loop macro with while (true). The #define caused
problems for Qt.
2013-07-31 14:06:44 +10:00
Philip Kaufmann
bef9f573b5 fix string in intro.cpp, which is untranslatable on Transifex
- seems the code tags in the original string cause errors, when using the
  Transifex site for translation
2013-07-29 16:56:03 +02:00
Philip Kaufmann
c431e9f1f0 Bitcoin-Qt: save and restore position of debug window
- move the code for saving and restoring window positions from BitcoinGUI
  to GUIUtil, make it more generic and also use it for saving/restoring
  debug window positions
2013-07-29 16:22:46 +02:00
Pieter Wuille
c4316fefa5 Make sure new wallet variables are initialized 2013-07-29 02:34:01 +02:00
Pieter Wuille
4bb77b4963 Merge pull request #2541 from luke-jr/bugfix_wallet_resend
Bugfix: Store last/next wallet resend times unique per CWallet object
2013-07-28 17:21:21 -07:00