Commit graph

13545 commits

Author SHA1 Message Date
Wladimir J. van der Laan
2479b779aa
Merge #14728: fix uninitialized read when stringifying an addrLocal
b7b36decaf fix uninitialized read when stringifying an addrLocal (Kaz Wesley)
8ebbef0169 add test demonstrating addrLocal UB (Kaz Wesley)

Pull request description:

  Reachable from either place where SetIP is used when all of:
  - our best-guess addrLocal for a peer is IPv4
  - the peer tells us it's reaching us at an IPv6 address
  - NET logging is enabled

  In that case, SetIP turns an IPv4 address into an IPv6 address without
  setting the scopeId, which is subsequently read in GetSockAddr during
  CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
  constructor initializes the scopeId field with something.

Tree-SHA512: 8f0159750995e08b985335ccf60a273ebd09003990bcf2c3838b550ed8dc2659552ac7611650e6dd8e29d786fe52ed57674f5880f2e18dc594a7a863134739e3
2018-11-23 09:53:20 +01:00
Wladimir J. van der Laan
a0d86815cd
Merge #14726: Use RPCHelpMan for all RPCs
fa5e0452e8 rpc: Documentation fixups (MarcoFalke)
fa91e8eda5 Use RPCHelpMan for all RPCs (MarcoFalke)
fa520e72f7 lint: Must use RPCHelpMan to generate the RPC docs (MarcoFalke)

Pull request description:

  The resulting documentation should not change unless the type in the oneline-summary was previously incorrect. (E.g. string vs bool)

Tree-SHA512: 4ff355b6a53178f02781e97a7aca7ee1d0d97ff348b6bf5a01caa1c96904ee33c704465fae54c2cd7445097427fd04c71ad3779bb7a7ed886055ef36c1b5a1d0
2018-11-23 09:42:33 +01:00
João Barbosa
a0f8df365d qt: Call noui_connect to prevent boost::signals2::no_slots_error in early calls to InitWarning 2018-11-22 17:41:01 +00:00
MarcoFalke
2a97f192ea
Merge #14771: test: Add BOOST_REQUIRE to getters returning optional
fa21ca09a8 test: Add BOOST_REQUIRE to getters returning optional (MarcoFalke)

Pull request description:

  Usually the returned value is already checked for equality, but for sanity we might as well require that the getter successfully returned.

Tree-SHA512: 0d613a9a721c61bd7a115ebc681a0890df09b8e5775f176ac18b3a586f2ca57bee0b5b816f5a7c314ff3ac6cbb2a4d9c434f8459e054a7c8a6934a75f0120c2a
2018-11-22 11:37:17 -05:00
Wladimir J. van der Laan
e77a2258e4
Merge #14532: Never bind INADDR_ANY by default, and warn when doing so explicitly
27c44ef9c6 rpcbind: Warn about exposing RPC to untrusted networks (Luke Dashjr)
d6a1287481 CNetAddr: Add IsBindAny method to check for INADDR_ANY (Luke Dashjr)
3615003952 net: Always default rpcbind to localhost, never "all interfaces" (Luke Dashjr)

Pull request description:

  A disturbingly large number of listening nodes appear to be also exposing their RPC server to the public internet. To attempt to mitigate this:

  * Only ever bind localhost by default, even if `rpcallowip` is specified. (A warning is given if `rpcallowip` is specified without `rpcbind`, since it doesn't really make sense to do.)
  * Warn about exposing the RPC server to untrusted networks if the user explicitly binds to any INADDR_ANY address.
  * Include a warning about untrusted networks in the `--help` documentation for `rpcbind`.

Tree-SHA512: 755bbca3db416a31393672eccf6675a5ee4d1eb1812cba73ebb4ff8c6b855ecc5df4c692566e9aa7b0f7d4dce6fedb9c0e9f3c265b9663aca36c4a6ba5efdbd4
2018-11-22 10:53:16 +01:00
Wladimir J. van der Laan
e736b67467
Merge #14715: Drop defunct prevector compat handling
69ca48717c Implement prevector::fill once (Ben Woosley)
7bad78c2c8 Drop defunct IS_TRIVIALLY_CONSTRUCTIBLE handling from prevector.h (Ben Woosley)

Pull request description:

  This is clean-up post #14651:
  * Use one implementation of `prevector::fill`, as it's possible now that the implementations are identical.
  * Only apply the `IS_TRIVIALLY_CONSTRUCTIBLE` handling to the bench file where it is used, and drop the now-unnecessary associated compat includes.

Tree-SHA512: 5930b3a17fccd39af10add40202ad97a297aebecc049af72ca920d0d55b3e4c3c30ce864c8a683355895f0196396d4ea56ba9f9637bdc7d16964cdf66c195485
2018-11-22 10:50:38 +01:00
Luke Dashjr
27c44ef9c6 rpcbind: Warn about exposing RPC to untrusted networks 2018-11-22 01:44:59 +00:00
Luke Dashjr
d6a1287481 CNetAddr: Add IsBindAny method to check for INADDR_ANY 2018-11-22 01:44:59 +00:00
Luke Dashjr
3615003952 net: Always default rpcbind to localhost, never "all interfaces"
We don't support binding to untrusted networks, so avoid a default where that is typical
2018-11-22 01:44:59 +00:00
Wladimir J. van der Laan
d7b0258ff0
Merge #14708: Warn unrecognised sections in the config file
3fb09b9889 Warn unrecognized sections in the config file (Akio Nakamura)

Pull request description:

  This PR intends to resolve #14702.

  In the config file, sections are specified by square bracket pair "[]"$,
  or included in the option name itself which separated by a period"(.)".

  Typicaly, [testnet] is not a correct section name and specified options
  in that section are ignored but user cannot recognize what is happen.

  So, add some log-warning messages if unrecognized section names are
  present in the config file after checking section only args.

  note: Currentry, followings are out of scope of this PR.
  1) Empty section name or option name can describe.
  e.g. [] , .a=b, =c
  2) Multiple period characters can exist in the section name and option name.
  e.g. [c.d.e], [..], f.g.h.i=j, ..=k

Tree-SHA512: 2cea02a0525feb40320613989a75cd7b7b1bd12158d5e6f3174ca77e6a25bb84425dd8812f62483df9fc482045c7b5402d69bc714430518b1847d055a2dc304b
2018-11-21 19:37:22 +01:00
MarcoFalke
fa71eb5196
Convert comments to thread safety annotations 2018-11-20 20:29:16 -05:00
MarcoFalke
fa21ca09a8
test: Add BOOST_REQUIRE to getters returning optional 2018-11-20 19:51:49 -05:00
Wladimir J. van der Laan
afa506f6eb
Merge #14552: wallet: detecting duplicate wallet by comparing the db filename.
591203149f wallet: Create IsDatabaseLoaded function (Chun Kuan Lee)
15c93f075a wallet: Add trailing wallet.dat when detecting duplicate wallet if it's a directory. (Chun Kuan Lee)
c456fbd8df Refactor: Move m_db pointers into BerkeleyDatabase (Russell Yanofsky)

Pull request description:

  Fix #14538

  Fix crash attempting to load the same wallet with different path strings that resolve to the same absolute path. The primary check which prevents loading the same wallet twice is:

  6b8d0a2164/src/wallet/db.cpp (L44)

  But this check is skipped if both wallet paths resolve to the same absolute path, due to caching here:

  6b8d0a2164/src/wallet/db.cpp (L467)

  Meanwhile a secondary check for duplicate wallets is not reliable because it based on a literal comparison, instead of comparison using absolute paths:

  6b8d0a2164/src/wallet/wallet.cpp (L3853)

  This PR fixes the latter check to compare the absolute path of a new wallet being loaded to absolute paths of wallets already loaded, so there should no longer be any way to load the same wallet more than once.

Tree-SHA512: 2fa01811c160b57be3b76c6b4983556a04bbce71a3f8202429987ec020664a062e897deedcd9248bc04e9baaa2fc7b464e2595dcaeff2af0818387bf1fcdbf6f
2018-11-20 15:15:59 +01:00
Akio Nakamura
3fb09b9889 Warn unrecognized sections in the config file
In the config file, sections are specified by square bracket pair "[]"$,
or included in the option name itself which separated by a period"(.)".

Typicaly, [testnet] is not a correct section name and specified options
in that section are ignored but user cannot recognize what is happen.

So, add some log/stderr-warning messages if unrecognized section names
are present in the config file after checking section only args.
2018-11-20 18:28:16 +09:00
Karl-Johan Alm
e816b341ab
revert removal of fstream.hpp header in fs.h
This is required for some architectures.
2018-11-20 14:41:12 +09:00
MarcoFalke
09f1d7fe72
Merge #14718: Remove unreferenced boost headers
c54e5a41c4 Remove unreferenced boost headers (Murray Nesbitt)

Pull request description:

  Building with clang (e.g. on FreeBSD) is very noisy due to `-Wthread-safety-analysis` warnings regarding boost. This change removes a number of unnecessary boost includes, and silences the rest of the warnings when building with clang. This allows more potentially interesting warnings to surface from the noise.

  Tested on FreeBSD 11.2

Tree-SHA512: 5e6a0623188b9be59aeae52866799aefb4c3c9ab5e569b07ee8d43fc92e0b5f1f76b96bb54c35c7043148df84641b4a96927fb71f6eb00460c20cd19cf250900
2018-11-19 13:50:16 -05:00
João Barbosa
4674610300 Log env path in BerkeleyEnvironment::Flush 2018-11-19 16:02:06 +00:00
Wladimir J. van der Laan
6d58a5c3b0
Merge #14685: fix a deserialization overflow edge case
b08af10fb2 disallow oversized CBlockHeaderAndShortTxIDs (Kaz Wesley)
6bed4b374d fix a deserialization overflow edge case (Kaz Wesley)
051faf7e9d add a test demonstrating an overflow in a deserialization edge case (Kaz Wesley)

Pull request description:

  A specially-constructed BlockTransactionsRequest can cause `offset` to wrap in deserialization. In the current code, there is not any way this could be dangerous; but disallowing it reduces the potential for future surprises.

Tree-SHA512: 1aaf7636e0801a905ed8807d0d1762132ac8b4421a600c35fb6d5e5033c6bfb587d8668cd9f48c7a08a2ae793a677b7649661e3ae248ab4f8499ab7b6ede483c
2018-11-18 10:15:18 +01:00
Murray Nesbitt
c54e5a41c4 Remove unreferenced boost headers 2018-11-16 03:20:44 +00:00
Kaz Wesley
b7b36decaf fix uninitialized read when stringifying an addrLocal
Reachable from either place where SetIP is used when our best-guess
addrLocal for a peer is IPv4, but the peer tells us it's reaching us at
an IPv6 address.

In that case, SetIP turns an IPv4 address into an IPv6 address without
setting the scopeId, which is subsequently read in GetSockAddr during
CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
constructor initializes the scopeId field with something.
2018-11-15 13:47:53 -08:00
Kaz Wesley
8ebbef0169 add test demonstrating addrLocal UB 2018-11-15 13:47:53 -08:00
MarcoFalke
384967f311
Merge #13815: util: Add [[nodiscard]] to all {Decode,Parse}[...](...) functions returning bool
9cc0230cfc Add NODISCARD to all {Decode,Parse}[...](...) functions returning bool. Sort includes. (practicalswift)
579497e77a tests: Explicitly ignore the return value of DecodeBase58(...) (practicalswift)
145fe95ec7 tests: Check return value of ParseParameters(...) (practicalswift)
7c5bc2a523 miner: Default to DEFAULT_BLOCK_MIN_TX_FEE if unable to parse -blockmintxfee (practicalswift)

Pull request description:

  Changes in this PR:
  * ~~Add linter to make sure the return value of `Parse[...](...)` is checked~~
  * Add `__attribute__((warn_unused_result))` to all `{Decode,Parse}[...](...)` functions returning `bool`
  * Fix violations

  Context:
  * #13712: `wallet: Fix non-determinism in ParseHDKeypath(...). Avoid using an uninitialized variable in path calculation.` would have been prevented by this

Tree-SHA512: 41a97899f2d5a26584235fa02b1ebfb4faacd81ea97e927022955a658fa7e15d07a1443b4b7635151a43259a1adf8f2f4de3c1c75d7b5f09f0d5496463a1dae6
2018-11-15 14:39:37 -05:00
MarcoFalke
fa5e0452e8
rpc: Documentation fixups 2018-11-15 12:19:11 -05:00
Pieter Wuille
b65326b562 Add matching descriptors to scantxoutset output + tests 2018-11-14 14:21:42 -08:00
Pieter Wuille
16203d5df7 Add descriptors to listunspent and getaddressinfo + tests 2018-11-14 14:21:42 -08:00
MarcoFalke
fa91e8eda5
Use RPCHelpMan for all RPCs 2018-11-14 15:33:15 -05:00
Ben Woosley
69ca48717c
Implement prevector::fill once
Now that the implementation is identical, we can use a default value to
distinguish them.
2018-11-14 12:19:28 -05:00
Ben Woosley
7bad78c2c8
Drop defunct IS_TRIVIALLY_CONSTRUCTIBLE handling from prevector.h
It's now only referenced from the bench, so leave it there. This allows us to
drop the associated includes as well.
2018-11-14 12:19:04 -05:00
MarcoFalke
e74649e951
Merge #14411: [wallet] Restore ability to list incoming transactions by label
da427dbd48 Rename ListTransactions filter variable (Russell Yanofsky)
65b740f92b [wallet] Restore ability to list incoming transactions by label (Russell Yanofsky)

Pull request description:

  This change partially reverts #13075 and #14023.

  Fixes #14382

Tree-SHA512: 8c4e56104b3a45784cdc06bae8e5facdfff04fe3545b63a35e0ec2e440a41b79d84833ca4c4e728d8af7ebb8a519303a9eda7bee4bbfb92bd50c58587a33eb30
2018-11-14 11:59:41 -05:00
MarcoFalke
c7366d2399
Merge #14478: Show error to user when corrupt wallet unlock fails
b4f6e58ca5 Better error message for user when corrupt wallet unlock fails (MeshCollider)

Pull request description:

  Mentioned here: https://github.com/bitcoin/bitcoin/issues/14461#issuecomment-429183503

  Current behavior is to assert(false) and crash, only info is printed in the log. This shows the message to the user before abort() instead.

Tree-SHA512: 526f9ed9262257fca55caf7153ab913ed958b13b079d2f01db797485614d8c375815a1554276e8cf73d3838104b2691a9cf85c8d097973127ae8de9e111446bf
2018-11-14 11:27:01 -05:00
Hennadii Stepanov
2bc3f114d0
Bump the minimum Qt version to 5.2 2018-11-14 01:32:51 +02:00
Russell Yanofsky
da427dbd48 Rename ListTransactions filter variable
Suggested by MeshCollider <dobsonsa68@gmail.com> in
https://github.com/bitcoin/bitcoin/pull/14411#discussion_r232134086
2018-11-13 16:49:23 -05:00
MarcoFalke
8c59bb85f9
Merge #14720: rpc: Correctly name arguments
fa0815c300 rpc: Correctly name arguments (Jon Layton)

Pull request description:

  Consistently use the same name to describe arguments in the documentation and add a test that uses the name.

  By splitting it up, the changes are easier to potentially backport and also make review easier when we switch to `RPCHelpMan`.

  The tests should pass with or without the changes in `src`.

  Partly stolen from #14459 (More RPC help description fixes by ch4ot1c)

Tree-SHA512: 1072992b1e93ac41006613523e54a0a8004f529fcb101eb9d74d91474abb0945a5a7539f249905151b904b87448f9efc0cacbd9e052fbe2ea9111e62f3e7249c
2018-11-13 16:49:23 -05:00
Russell Yanofsky
65b740f92b [wallet] Restore ability to list incoming transactions by label
This change partially reverts #13075 and #14023.

Fixes #14382
2018-11-13 17:49:23 -04:00
Kaz Wesley
b08af10fb2 disallow oversized CBlockHeaderAndShortTxIDs
Otherwise we'd reply with a bogus BlockTransactionsRequest trying to
request indexes with overflowed deltas.
2018-11-13 12:41:41 -08:00
Wladimir J. van der Laan
f617e05c38
Merge #14679: importmulti: Don't add internal addresses to address book
7afddfa8ce importmulti: Don't add internal addresses to address book (Gregory Sanders)

Pull request description:

  Currently anything imported with `internal` will not be treated as change since checking the address book is a primary test of this.

  Added basic tests of all combinations of arguments and change identification.

  Resolves https://github.com/bitcoin/bitcoin/issues/14662

Tree-SHA512: a1f08dc624a3fadee93cc5392d50c4796b0c5eedf38e295382f71570f2066d9e978ed6e3962084b902989863fe1273a8642d8fdb094a266d69de10622a4176b0
2018-11-13 21:34:23 +01:00
Kaz Wesley
6bed4b374d fix a deserialization overflow edge case
A specially-constructed BlockTransactionsRequest can overflow in
deserialization in a way that is currently harmless.
2018-11-13 12:14:34 -08:00
Kaz Wesley
051faf7e9d add a test demonstrating an overflow in a deserialization edge case
Also add a test that the highest legal index is accepted.
2018-11-13 12:14:08 -08:00
Jon Layton
fa0815c300
rpc: Correctly name arguments 2018-11-13 14:24:40 -05:00
Ben Woosley
bd3b0361d8
Add stop_block out arg to ScanForWalletTransactions
Accurately reports the last block successfully scanned, replacing a return of
the chain tip, which represented possibly inaccurated data in a race condition.
2018-11-13 12:51:16 -05:00
MarcoFalke
c651265c93
Merge #14530: Use RPCHelpMan to generate RPC doc strings
fa483e13b3 rpc: Add RPCHelpMan for machine-generated help (MarcoFalke)
fa0d36f712 rpc: Include rpc/util.h where needed for RPCHelpMan (MarcoFalke)

Pull request description:

  This introduces a manager for the RPC help generation and demonstrates its use of it in some RPCs.

  It is the first non-exhaustive step toward #14378 and I will create pull requests for the next steps after this one is merged.

Tree-SHA512: 86f68322443ff01cd964aaf0ebe186be63fbebe4c47676cf7a622cc2b5305fd176bd57badfd1bbf788a036812253eb0dead74ecc3b30664c3e0d9392b2248054
2018-11-13 12:34:50 -05:00
Gregory Sanders
b81a186056 GetPubKey: make sigdata const 2018-11-13 10:42:10 -05:00
Wladimir J. van der Laan
c51e1516a9
Merge #14714: util.h: explicitly include required QString header
27154ce765 util.h: explicitly include required QString header (1Il1)

Pull request description:

  Alternative to #14713.

  Instead of depending on clang formatter to not reorder includes, another fix is to explicitly include the missing header file.

Tree-SHA512: f419ef2fd1dfd8da28160a94d187af78463fb398ef6aadd6c68ebf57e6d02380d93f5f370bf2d39e88dcbfeb252c3e5f245c0a157c7d0a64c38fc0f0c7004515
2018-11-13 14:52:03 +01:00
Wladimir J. van der Laan
ce7fcc3569
Merge #14690: Throw error if CPubKey is invalid during PSBT keypath serialization
4e4de10f69 Throw error if CPubKey is invalid during PSBT keypath serialization (Gregory Sanders)

Pull request description:

  Related to https://github.com/bitcoin/bitcoin/pull/14689

  We should catch this error before attempting to deserialize it later.

Tree-SHA512: d2f3ea7f363818ac70c81ee988231b2bb50d055b6919f7bff3f27120c85a7048bfa183efae33e23e6b81d684bcb8bb81e5b209abb3acbcaff1d88014f4f1aa93
2018-11-13 13:44:09 +01:00
Jonas Schnelli
083f535470
Merge #14608: qt: Remove the "Pay only required fee..." checkbox
a16f44c04 qt: Remove "Pay only required fee" checkbox (Hennadii Stepanov)
8711cc0c7 qt: Improve BitcoinAmountField class (Hennadii Stepanov)

Pull request description:

  Ref #13280
  This PR removes the "Pay only the required fee..." checkbox from the custom transaction fee section in the "Send" tab. Instead, a minimum value will be enforced on the custom fee input box.

  All comments from #13280 are addressed.

  Before:
  ![screenshot from 2018-10-30 16-42-18](https://user-images.githubusercontent.com/32963518/47726622-866d8e80-dc63-11e8-8670-3f97ff0fa5da.png)

  After:
  ![screenshot from 2018-10-30 16-40-37](https://user-images.githubusercontent.com/32963518/47726633-8f5e6000-dc63-11e8-82cf-5b9ff4aae91d.png)

  cc: @promag @MarcoFalke @Sjors

Tree-SHA512: 073577d38d8353b10e8f36fb52e3c6e81dd45d25d84df9b9e4f78f452ff0bdbff3e225bdd6122b5a03839ffdcc2a2a08175f81c2541cf2d12918536abbfa3fd1
2018-11-13 15:44:11 +07:00
Jonas Schnelli
b60f4e3f09
Merge #13381: RPC: creates possibility to preserve labels on importprivkey
a6b5ec18f rpc: creates possibility to preserve labels on importprivkey (marcoagner)

Pull request description:

  Closes #13087.

  As discussed in the issue, this is a feature request instead of a bug report since the behaviour was as intended (i.e. label with default: `''`). With this, the old behaviour is kept while the possibility to achieve the preservation of labels, as expected in the open issue, is added.

Tree-SHA512: b33be50e1e7f62f7ddfae953177ba0926e2d848961f9fac7501c2b513322c0cb95787745d07d137488267bad1104ecfdbe800c6747f94162eb07c976835c1386
2018-11-13 14:52:01 +07:00
1Il1
27154ce765
util.h: explicitly include required QString header 2018-11-13 16:49:34 +09:00
Ben Woosley
3002d6cf31
Return a status enum from ScanForWalletTransactions
Return the failed block as an out var.

This clarifies the outcome as the prior return value could
be null due to user abort or failure.
2018-11-13 00:04:13 -05:00
Ben Woosley
bb24d68650
Make CWallet::ScanForWalletTransactions args and return value const 2018-11-13 00:01:14 -05:00
Ben Woosley
1a9f9f7e5e
Introduce SafeDbt to handle DB_DBT_MALLOC raii-style
This provides additional exception-safety and case handling for the proper
freeing of the associated buffers.
2018-11-12 18:43:52 -05:00