395d0d5 rework an ugly hack in processPaymentRequest() (Philip Kaufmann)
952d2cd make processPaymentRequest() use a single SendCoinsRecipient (Philip Kaufmann)
983cef4 payment-request UI: use SendCoinsRecipient.message for memo (Philip Kaufmann)
c6c97e0 [Qt] Rework of payment request UI (mainly for insecure pr) (Philip Kaufmann)
caca6aa Make some globals in main non-public. (Pieter Wuille)
85eb2ce Do not use the redundant BestInvalidWork record in the block database. (Pieter Wuille)
0056095 Show short scriptPubKeys correctly (Peter Todd)
22de68d Relay OP_RETURN TxOut as standard transaction type (Peter Todd)
Signed-off-by: Gavin Andresen <gavinandresen@gmail.com>
As block index entries have a flag for marking invalid blocks, the
'best invalid work' information can be derived from there. In addition,
remove the global from main.h
- this shows insecure (unsecured) payment requests in a new yellowish
colored UI (based on the secure payment request UI) instead of our
normal payment UI
- allows us to receive paymentACK messages for insecure payment requests
- allows us to handle expirations for insecure payment request
- changed walletmodel, so that all types of payment requests don't touch
the addressbook
- add new processSendCoinsReturn() function, which parses the
status of WalletModel::SendCoinsReturn and generates a pair consisting
of a message and message flags
- result is we only need one emit message() call
- this change ensures that the GUI is shown for warnings/errors in
sendcoinsdialog, because of message() taking care of that for modal
messages
- changes 2 warning message into error messages and removed "Error:"
in front of the actual error message string
- re-work -debug help message text
- make -debug log every debugging information again (even all categories)
- remove unneeded fDebug checks in front of LogPrint()/qDebug(), as that
check is done in LogPrintf() when category is != NULL (true for all
LogPrint() calls
- remove fDebug ONLY in code which is NOT performance-critical
- harmonize addrman category name
- deprecate -debugnet usage, should be used via -debug=net and remove the
corresponding global
Changed CDataStream::GetAndClear() to use the most obvious
get get and clear instead of a tricky swap().
Added a unit test for CDataStream insert/erase/GetAndClear.
Note: GetAndClear() is not performance critical, it is used only
by the send-a-message-to-the-network code. Bug was not noticed
before now because the send-a-message code never erased from the
stream.
Instead of explicitly testing for the presence of any output, and
dealing with this case specially, just interpret it as an empty
CCoins.
The case previously caught using the HaveCoins check, is now handled
by the generic outs != outsBlock test.
class template base_uint had its own private lookup table.
This is saving 256 bytes per instantiation.
The result is not spectacular as bitcoin-qt has only shrinked of
about 1Kb but it is still valid improvement.
Also, I have replaced a for loop with a memset() call.
Made CBigNum::SetHex() use the new HexDigit() function.
Signed-off-by: Olivier Langlois <olivier@olivierlanglois.net>
Use proper signals everywhere.
Removes the need to store a pointer to the BitcoinGUI object in
the walletview.
Also removes the interdependence between setWalletModel / setBitcoinGUI.
- remove 2 unneeded windowTitle attributes, which bloat our translations
- cleanup some unneeded .cpp/.h includes and class usages
- use a more generic string for clearing sendcoinsdialog and
requestpaymentdialog
- edit 2 strings in BitcoinGUI and replace "edit" with "show" as this
seems more clear in the context where it is used
This seems to cause problems on recent clang, and looks totally
redundant and unused.
The const_iterator version is identical to the vector::const_iterator
one (which is a typedef thereof). Marking it private (instead of
removing) compiles fine, so this version is effectively unused even.
This required some code movement (what was CWalletTx::AcceptToMemoryPool
doing in main?), and adding a few explicit includes that used to be
implicit through init.h.
INIT_PROTO_VERSION is the initial version, after a succesful version/verack it is increased to a negotiated version.
MIN_PEER_PROTO_VERSION could be a different value to disconnect from peers older than a specified version.
Changes the response to the 'mempool' command so that if
the memory pool has more than MAX_INV_SZ transactions (50,000)
it will respond with multiple 'inv' messages.
They're supposed to be children of the walletview, and are added with
addWidget later on.
Inconsequential change because the object passed was already 0.
- changes some strings that were forgotton or made no sense in the conext
they are used
- remove an orphan file from the qt project file
- revert a small change in signverifymessagedialog.ui
- guard #include "bitcoin-config.h" with #if defined(HAVE_CONFIG_H)
- remove windowTitle from addressbookpage.ui
- this allows us to use emit message() over MessageBox:: or gui->message()
calls in sendcoinsdialog and walletview
- move main handlePaymentRequest() functionality back to BitcoinGUI
- move a showNormalIfMinimized() before gotoSendCoinsPage()
- We no longer have an address book, but "address lists", update message
accordingly
- Add tooltips here and there
- Clarify text on buttons
- add Copy Address button to receive request dialog
- add new slot handlePaymentACK() to paymentserver, which handles
paymentACK messages (currently we just display them)
- make paymentACK message a modal information dialog
- change some QObject::tr() to just tr()
- clarify the processPaymentRequest() error, when IsDust()
- small string change to prevent a tripple + usage with QString
Previously bitcoin-qt's -debug transaction info was showing CTxOut([error])
It is valid for a scriptPubKey to be any size, for example simply
OP_RETURN is valid and can be used to destroy a TXOUT to mining fees.
- fix crash with walletpassphrase by checking if RPC server is running and
give a friendly error message how to fix this (fixes#3100)
- add 3 new RPCErrorCodes RPC_SERVER_NOT_STARTED, RPC_NODE_ALREADY_ADDED
and RCP_NODE_NOT_ADDED (I checked the source to not use a number already
in use for RPC_SERVER_NOT_STARTED)
- use the new codes where needed / missing
- add missing use of RPC_INVALID_PARAMETER
Just-in-case sanity test for JSON spirit and AmountFromValue.
Also update rpc_format_monetary_values test to use ValueFromAmount,
so that ValueFromAmount is also tested.
Simplifies the dialog (makes it look less crowded) as well
as the code and makes it possible to copy multiple fields at once.
Also format bitcoin URI as URI, add copy button for URI.
Also update URI parsing to fill in this field.
Note that the message is not currently used in any way with the client.
It should be stored with the transaction.
These no longer make sense in the new workflow. It's less
clicks to reach sign/verify message from the menu. And sending
from the address book is one kind of automatic address reuse
we're trying to avoid.
The existing CNode::addrLocal member is revealed to the user,
as an address string, similar to the existing "addr" field.
Instead of showing garbage or empty string,
it simply will not appear in the output if local address not known yet.
This adds an executable `bitcoin-rpc` that only serves as a Bitcoin RPC
client.
The commit does not remove RPC functionality from the `bitcoind` yet,
this functionality should be deprecated but is left for a later version
to give users some time to switch.
This ensures the allocator is ready no matter when it's needed (as
some STL implementations allocate in constructors -- i.e., MSVC's STL
in debug builds).
Using boost::call_once to guarantee thread-safe static initialization.
Adding some comments describing why the change was made.
Addressing deinitialization of the LockedPageManager object
by initializing it in a local static initializer and adding
an assert in the base's destructor.
Selecting the button for a pages was going through bitcoingui->walletframe->walletview->bitcoingui.
Because of this, the actions for the pages had to be exposed on the BitcoinGUI object.
- rename reportError() into message() to be in line with our default
message() signal/slot naming (and can be used for all types of messages)
- rename some QStrings to not collide with message() function
- add a missing message for malformed URIs that IS also used in BitcoinGUI
- fix / extend some comments and misc style fixes
There were too many levels of indirection here, and the functionality of
walletframe and walletstack can easily be merged. This commit
merges the two which cuts a lot of lines of boilerplate code.
- this extends the accepted ciphersuites with TLSv1.2 ones
- also removes !AH, as I could not find documentation on it and the change
did not result in a changed ciphersuite list (checked via openssl
ciphers -v)
- closes#3096 (which also contains more details)
SendMessages() tries to acquire a cs_main lock now, but this isn't nessecary
for much of its functionality. Move those parts out of the locked section,
so they can always be performed, and we hold cs_main for a shorter time.
This removes a few unused CBlockLocator methods, and moves the
construction and fork-finding logic to CChain (which can do these
more efficiently, as it has a height-indexable chain available).
It also makes CBlockLocator independent from the validation code.
971bb3e Added ping time measurement. New RPC "ping" command to request ping. Implemented "pong" message handler. New "pingtime" field in getpeerinfo, to provide results to user. New "pingwait" field, to show pings still in flight, to better see newly lagging peers. (Josh Lehan)
- I observed a massive amount of redefinition warnings after #3071, which
are silenced by this patch
- uses the same style as we do in other places, where we define _WIN32_WINNT
- make processPaymentRequest() use our own HTML-escaping function from
GUIUtil
- make string "application/bitcoin-payment" a constant (below similar
constant strings in the .cpp file)
- clear(): clear all UI elements (for secure and insecure payments)
- setValue(): only modify UI elements, which need to be set (for secure
or insecure payments)
Create an allocators.cpp, and move all of the #ifdef WIN32
code and the #include of windows.h into it.
Two motives for this cleanup:
1. I'm getting a weird error in windows.h in my smartfee branch.
2. allocators.h is included (indirectly) just about everywhere, so
this should speed up Windows compiles quite a lot.
- fixes#3037 by adding missing join_all() call and brings bitcoind
shutdown code in line with Bitcoin-Qt shutdown code
- added a comment for the if (!fRet) case
- when closing the client with an open debug window, that window could
become stuck/unsuable (it was still shown wherea the main window was
hidden already)
- fix this by hiding the debug window, when quitting the the client
Changes the maximum size of a free transaction that will be created
from 10,000 bytes to 1,000 bytes.
The idea behind this change is to make the free transaction area
available to a greater number of people; with the default 27K-per-block,
just three very-large very-high-priority transactions could fill the space.
Remove the (relay/mempool) rule that all outputs of free transactions
must be greater than 0.01 XBT. Dust spam is now taken care of by making
dusty outputs non-standard.
New RPC "ping" command to request ping.
Implemented "pong" message handler.
New "pingtime" field in getpeerinfo, to provide results to user.
New "pingwait" field, to show pings still in flight, to better see newly lagging peers.
- remove some unneeded translatable strings from sendcoinsentry.ui file and
rename some elements for better readability
- optimize string prorcessing in SendCoinsDialog::on_sendButton_clicked()
- make all UI labels for secure payments plain text and move the settings
to sendcoinsentry.ui file
- remove unneeded button and default button definiton from warning message
boxes
- remove fixed font-size when sending coins to an address with label and
use monospace font for addresses
- make BitcoinGUI::showPaymentACK() use a reference for msg and use our
own GUIUtil::HtmlEscape() function
- ensure QTimer usage in clientmodel is the same as in walletmodel
- remove an unneeded debug message in walletframe
- flag some parameters as unused in DebugMessageHandler()
- small code formatting changes
Instead of building a full copy of a CTransaction being signed, and
then modifying bits and pieces until its fits the form necessary
for computing the signature hash, use a wrapper serializer that
only serializes the necessary bits on-the-fly.
This makes it easier to see which data is actually being hash,
reduces load on the heap, and also marginally improves performances
(around 3-4us/sigcheck here). The performance improvements are much
larger for large transactions, though.
The old implementation of SignatureHash is moved to a unit tests,
to test whether the old and new algorithm result in the same value
for randomly-constructed transactions.
If BDB_CPPFLAGS returns only "-I", the next argument sent to the preprocessor
is treated as a path. There are 2 fixes here:
1. Check in CPPFLAGS, as a user might have manually passed a path to check.
2. Ensure the value is not empty before setting BDB_CPPFLAGS to "-I value"
This changes the priority calculation to not include the size of per-txin
data including up to 110 bytes of scriptsig so that transactions which
sweep up extra UTXO don't lose priority relative to ones that don't.
I'd toyed with some other variations, but it seems like any formulation
which results in an incentive stronger than making them not count will
sometimes create incentives to add extra outputs so that you have
extra inputs to consume later. The maximum credit is limited so that
users don't lose the disincentive to stuff random data in their
transactions, the limit of 110 is based on the size of a P2SH
redemption with a compressed public key.
This shouldn't need a staged deployment because the priority is not
used as a relay criteria, only a mining criteria.
This change moves test data into the binaries rather than reading them from
the disk at runtime.
Advantages:
- Tests become distributable
- Cross-compile friendly. Build on one machine and execute in an arbitrary
location on another.
- Easier testing for backports. Users can verify that tests pass without having
to track down corresponding test data.
- More trustworthy test results and easier quality assurance as tests make
fewer assumptions about their environment.
- Tests could theoretically run at client/daemon startup and exit on failure.
Disadvantages:
- Required 'hexdump' build-dependency. This is a standard bsd tool that should
be usable everywhere. It is likely already installed on all build-machines.
- Tests can no longer be fudged after build by altering test-data.
libleveldb.a and libmemenv.a should be able to build in parallel, but in
practice calling the leveldb makefile ends up rewriting build_config.mk. If
one target tries to build while the other is halfway through writing the
.mk, the make ends up in an undefined state.
Fix that by making one depend on the other. This also reorders the variables
to be passed by param rather than via the environment, and combines the targets
into a single rule to avoid needless duplication.
As we'd previously learned, OSX's fsync is a data eating lie.
Since 0.8.4 we're still getting some reports of disk corruption on
OSX but now all of it looks like the block files have gotten out of
sync with the database. It turns out that we were still using fsync()
on the block files, so this isn't surprising.
- ensure message boxes are shown in center of our main window, not
centered on the users desktop
- always prefer user supplied titles for message boxes over the functions
defaults (fixes a bug, where transaction info messages did not contain
information, if it was incoming or outgoing)
- rename URL into URI in paymentserver where correct
- add some missing Qt-coding-stuff in paymentserver
- change QSpinBox to QLineEdit as base for BitcoinAmountField in .ui files
(as this is the result when converting the BAF back into base)
- remove some c_str() and replace with QString::fromStdString()
- remove several new-lines
- remove unneeded spaces
- indentation fixes
This also makes negative transaction versions non-standard.
This avoids an issue triggered in block 256818 where transactions with
negative version numbers were incorrectly serialized into the UTXO set.
On restart nodes detect the inconsistency and refuse to start so long as
a block with these transactions is inside the self-consistency check
window, logging "coin database inconsistencies found". The software
recommends reindexing, but reindexing does not correct the problem.
This should be fixed by changing the chainstate serialization, but
working around it seems harmless for now because the version is not
used by any network rule currently.
A patch free workaround is to start with -checklevel=2 which skips
the consistency checks, but the IsStandard change is important for
miners in order to protect unpatched nodes.
I've seen users confused multiple times thinking they
should be using -tor to set their tor proxy and then
finding in horror that they were still connecting to
the IPv4 internet.
Even Jeff guesses wrong about what the knob does, so
I think we should rename it. This leaves the old
knob working, we can pull it out completely in a
later release.
- prepend "Bitcoin-Qt" in front of debug.log entries, which come from Qt
- move DebugMessageHandler installation upwards to the event handler
installation, which fits much better
Correctly use the purpose of addresses that are added after the start
of the client. Addresses with purpose "refund" and "change" should not
be visible in the GUI. This is now handled correctly.
- extend PaymentServer with setOptionsModel() and rework initNetManager()
to make use of that
- fix all other places in the code to use display unit from options and no
hard-coded unit
There have been several incidents where mainnet experimentation with
raw transactions resulted in insane fees. This is hard to prevent
in the raw transaction api because the inputs may not be known.
Since sending doesn't work if the inputs aren't known, we can catch
it there.
This rejects fees > than 10000 * nMinRelayTxFee or 1 BTC with the
defaults and can be overridden with a bool at the rpc.
We're not seeing large reorgs that would justify waiting a large
amount past the rule required maturity, and the extra three
hours is just a nuisance. Take one more block to at least give
the 100th block time to propagate.
Seems it was forgotten about when IsPushOnly() and the unittests were
written. A particular oddity is that OP_RESERVED doesn't count towards
the >201 opcode limit unlike every other named opcode.
getblocktemplate only uses certain portions of the coinbase transaction,
notably ignoring the coinbase TX output entirely.
Use CreateNewBlock() rather than CreateNewBlockWithKey(), eliminating
the needless key passing.
Should be zero behavior changes.
With an encrypted wallet the GUI was prompting for a passphrase every time
the user requested a new address. This is unnecessary, increases the
exposure to keyboard sniffers, and discourages using fresh addresses for
every transaction.
Instead only prompt for a passphrase when the keypool runs out, also call
the new address function with the flag that prevents reuse.
Thanks to AlexNagy on IRC for pointing this out and who wouldn't take any
lip from a curmudgeonly developer and insisted on what he knew to be true.
WalletView:
- add new signal showNormalIfMinimized()
- emit the new signal in handleURI() to fix a bug, preventing the main
window to show up when using bitcoin: URIs
WalletStack:
- connect the showNormalIfMinimized() signal from WalletView with the
showNormalIfMinimized() slot in BitcoinGUI
- rework setCurrentWallet() to return a bool
- add check for valid walletModel in addWallet()
- add missing gui attribute initialisation in constructor
WalletFrame:
- remove unused or unneded class attributes gui and clientModel
- add a check for valid clientModel in setClientModel()
General:
- small code formatting changes
Add support for a Payment Protocol to Bitcoin-Qt.
Payment messages are protocol-buffer encoded and communicated over
http(s), so this adds a dependency on the Google protocol buffer
library, and requires Qt with OpenSSL support.
- move SelectParamsFromCommandLine() from init.cpp to bitcoin.cpp to allow
to use TestNet() for Bitcoin-Qt instead of GetBoolArg("-testnet", false)
- change order in bitcoind.cpp to match bitcoin.cpp functionality
- hamonize error message strings for missing datadir and failing
SelectParamsFromCommandLine() in bitcoin.cpp and bitcoind.cpp
- use TestNet() call in splashscreen.cpp
Straight refactor, so mapAddressBook stores a CAddressBookData
(which just contains a std::string) instead of a std::string.
Preparation for payment protocol work, which will add the notion
of refund addresses to the address book.
Replaces the validation check for "amount == 0" with an isDust check,
so very small output amounts are caught before the wallet
is unlocked, a transaction is created, etc.
- update translation master files
- include current translations from Transifex
- add several new languages
- fix a bug in bitcoin.qrc, which prevents some languages from beeing used
(wrong file extension .ts instead of .qm was used)
This reduces a peer's ability to attack network resources by
using a full bloom filter, but without reducing the usability
of bloom filters. It sets a default match everything filter
for peers and it generalizes a prior optimization to
cover more cases.
To fix a minor malleability found by Sergio Lerner (reported here:
https://bitcointalk.org/index.php?topic=8392.msg1245898#msg1245898)
The problem is that if (R,S) is a valid ECDSA signature for a given
message and public key, (R,-S) is also valid. Modulo N (the order
of the secp256k1 curve), this means that both (R,S) and (R,N-S) are
valid. Given that N is odd, S and N-S have a different lowest bit.
We solve the problem by forcing signatures to have an even S value,
excluding one of the alternatives.
This commit just changes the signing code to always produce even S
values, and adds a verification mode to check it. This code is not
enabled anywhere yet. Existing tests in key_tests.cpp verify that
the produced signatures are still valid.
The length of vectors, maps, sets, etc are serialized using
Write/ReadCompactSize -- which, unfortunately, do not use a
unique encoding.
So deserializing and then re-serializing a transaction (for example)
can give you different bits than you started with. That doesn't
cause any problems that we are aware of, but it is exactly the type
of subtle mismatch that can lead to exploits.
With this pull, reading a non-canonical CompactSize throws an
exception, which means nodes will ignore 'tx' or 'block' or
other messages that are not properly encoded.
Please check my logic... but this change is safe with respect to
causing a network split. Old clients that receive
non-canonically-encoded transactions or blocks deserialize
them into CTransaction/CBlock structures in memory, and then
re-serialize them before relaying them to peers.
And please check my logic with respect to causing a blockchain
split: there are no CompactSize fields in the block header, so
the block hash is always canonical. The merkle root in the block
header is computed on a vector<CTransaction>, so
any non-canonical encoding of the transactions in 'tx' or 'block'
messages is erased as they are read into memory by old clients,
and does not affect the block hash. And, as noted above, old
clients re-serialize (with canonical encoding) 'tx' and 'block'
messages before relaying to peers.
Fixes issue#2838; this is a tweaked version of pull#2845 that
should not leak the length of the password and is more generic,
in case we run into other situations where we need
timing-attack-resistant comparisons.
Orphan transactions were stored as a CDataStream pointer;
this changes the mapOrphanTransactions data structures to
store orphans as a CTransaction.
This also fixes CVE-2013-4627 by always re-serializing
transactions before relaying them.
- move the code for saving and restoring window positions from BitcoinGUI
to GUIUtil, make it more generic and also use it for saving/restoring
debug window positions
- it was possible to trigger an infinite loop in FreespaceChecker::check() by
simply removing the drive letter on Windows (which leads to an infinite
loop in the FreespaceChecker thread)
- this was caused by not checking if we make progress with
parentDir.parent_path()
- remove an unneded include for mswsock.h as we use winsock2.h anyway
- move typedef u_int SOCKET; into the #ifndef WIN32 part
- remove typedef int socklen_t; as this is defined in ws2tcpip.h