fa694f706c test: Add tests for truncated scripts (MarcoFalke)
Pull request description:
Previously not covered by any test
Tree-SHA512: 9f99659bdf3947271074938456a2fe64f5b39fc868e9aa474cec199a536ae5d7428f1cfa7f361936b71b09ee4c426261e6b25668fa77b8416b30dbe4ddb357f0
e414486d56 Do not permit copying FastRandomContexts (Pieter Wuille)
022cf47dd7 Simplify testing RNG code (Pieter Wuille)
fd3e7973ff Make unit tests use the insecure_rand_ctx exclusively (Pieter Wuille)
8d98d42611 Bugfix: randbytes should seed when needed (non reachable issue) (Pieter Wuille)
273d02580a Use a FastRandomContext in LimitOrphanTxSize (Pieter Wuille)
3db746beb4 Introduce a Shuffle for FastRandomContext and use it in wallet and coinselection (Pieter Wuille)
8098379be5 Use a local FastRandomContext in a few more places in net (Pieter Wuille)
9695f31d75 Make addrman use its local RNG exclusively (Pieter Wuille)
Pull request description:
This improves a few minor issues with the RNG code:
* Avoid calling `GetRand*()` functions (which currently invoke OpenSSL, later may switch to using our own RNG pool) inside loops in addrman, networking code, `KnapsackSolver`, and `LimitOrphanSize`
* Fix a currently unreachable bug in `FastRandomContext::randbytes`.
* Make a number of simplifications to the unit tests' randomness code (some tests unnecessarily used their own RNG or the OpenSSL one, instead of using the unit test specific `insecure_rand_ctx`).
* As a precaution, make it illegal to copy a `FastRandomContext`.
Tree-SHA512: 084c70b533ea68ca7adc0186c39f0b3e0a5c0ae43a12c37286e5d42086e056a8cd026dde61b12c0a296dc80f87fdc87fe303b9e8e6161b460ac2086cf7615f9d
dcb70b1522 Indicate -rpcauth option password hashing alg (Carl Dong)
Pull request description:
By indicating the password hashing algorithm, users of bitcoin distributions without the script in `share/rpcauth` and users who don't want to rely on said script can use alternative means to generate the password hash.
Question for reviewers: perhaps we should also indicate that it is specifically a HMAC-SHA-256 of the _**UTF-8**_ encoding of their password?
Tree-SHA512: 86b546c2e78699fa253da0c1e76b21ef60e9b6a5778826ac5136e764d70e3213044cc05cdb4786ba27968781647c46e358a823bbc2db7d45d041d291ee03b83c
This introduces various changes to the importmulti logic:
* Instead of processing input and importing things at the same time, first
process all input data and verify it, so no changes are made in case of
an error.
* Verify that no superfluous information is provided (no keys or scripts
that don't contribute to solvability in particular).
* Add way more sanity checks, by means of descending into all involved
scripts.
8db0c3d42b Removed implicit CTransaction conversion from benchmaks (lucash-dev)
ed61abedb2 Removed implicit CTransaction constructor from tests (lucash-dev)
Pull request description:
This PR was split from #14906 and is a prerequisite for it.
It updates tests and benchmarks, removing all implicit calls to `CTransaction(CMutableTransaction&)` constructors. This will make possible making the constructor explicit in the next PR.
The original rationale for making the constructor explicit:
- Conversion constructors should not be explicit unless there's a strong reason for it (in the opinion of, for example, https://google.github.io/styleguide/cppguide.html, and https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Ro-conversion. Let me know your take on this).
- This particular conversion is very costly -- it implies a serialization plus hash of the transaction.
- Even though `CTransaction` and `CMutableTransaction` represent the same data, they have very different use cases and performance properties.
- Making it explicit allows for easier reasoning of performance trade-offs.
- There has been previous performance issues caused by unneeded use of this implicit conversion.
- This PR creates a map for places to look for possible refactoring and performance gains (this benefit still holds if the PR is not merged).
Tree-SHA512: de8073aa6ff8a3153bcbe10818616677ecf9598e4978d8a0b4c39a262e71c36be5679cec08554c760d1f011ba6d37350318248eef15f6d9b86f9e4462b2de0d2
bd3b0361d Add stop_block out arg to ScanForWalletTransactions (Ben Woosley)
3002d6cf3 Return a status enum from ScanForWalletTransactions (Ben Woosley)
bb24d6865 Make CWallet::ScanForWalletTransactions args and return value const (Ben Woosley)
Pull request description:
Return the failed block as an out arg.
Fixes#11450.
/cc #12275
Tree-SHA512: 6a523e5425ebfe24e664a942ae21c797ccc1281c25b1bf8d02ad95c19dae343fd8051985ef11853474de7628fd6bed5f15190fbc087c3466ce6fdecab37d72a9
26879509f Add comments to descriptor tests (Pieter Wuille)
82df4c64f Add descriptor expansion cache (Pieter Wuille)
1eda33aab [refactor] Combine the ToString and ToPrivateString implementations (Pieter Wuille)
24d3a7b3a [refactor] Use DescriptorImpl internally, permitting access to new methods (Pieter Wuille)
6be0fb4b3 [refactor] Add a base DescriptorImpl with most common logic (Pieter Wuille)
Pull request description:
This patch modifies the internal `Descriptor` class to optionally construct and use an "expansion cache". Such a cache is a byte array that encodes all information necessary to expand a `Descriptor` a second time without access to private keys, and without the need to perform expensive BIP32 derivations. For all currently defined descriptors, the cache simply contains a concatenation of all public keys used.
This is motivated by the goal of importing a descriptor into the wallet and using it as a replacement for the keypool, where it would be impossible to expand descriptors if they use hardened derivation.
Tree-SHA512: f531a0a82ec1eecc30b78ba8a31724d1249826b028cc3543ad32372e1aedd537f137ab03dbffc222c5df444d5865ecd5cec754c1ae1d4989b6e9baeaffade32a
Calling getblocktemplate without the segwit rule specified is most
likely a client error, since it results in lower fees for the miner.
Prevent this client error by failing getblocktemplate if called without
the segwit rule specified.
e09a5875ca rpc: Assert named arguments are unique in RPCHelpMan (João Barbosa)
Pull request description:
Prevents an obvious mistake.
Tree-SHA512: 32c24a1934b17ab6f0d5cd31bdf0388e93ee5156ccc1b4f78eb9fd7f1d4b27a4b978b594ff11812bc9f20987c9fc36bf4497ddaedf18cf6bcbea19c050571334
fa4c8679ed rpc: Avoid creating non-standard raw transactions (MarcoFalke)
Pull request description:
Multiple OP_RETURN outputs in a transaction are not standard and unlikely to be relayed, so avoid creating them.
Apart from that, the logic was broken in that it duplicated the same hex-data for each data output: Closes#14868.
Tree-SHA512: b08d08062b5622e8a7b497e490ccaf53b06e844c863fda3bf3f932a98684a809e8341aeb98232059a795afb32d8770a6c5591a66f8e6ee372b672af245607887
7d1b60ce93 Cleanup SplashScreen class (Hennadii Stepanov)
Pull request description:
Cleaning up after replacing the `QSplashScreen` base class with the `QWidget` class (#4941 by @laanwj).
cc @jonasschnelli
Tree-SHA512: 72e2d67905d85247a11ae6a884f74f710f765adf20db7d1daf0927e6990687e836b486c4ff93bc6dabc3759ed667acfe1d69c8b94fae7181ab271a3fa7a0229a
b7df96f456 refactor: Drop boost::this_thread::interruption_point and boost::thread_interrupted in main thread (Chun Kuan Lee)
Pull request description:
This PR drops useless `boost::this_thread::interruption_point` and `boost::thread_interrupted` catch. They are only executed in main thread.
Tree-SHA512: a980d098c1a8238e4f0da9493731d7e69b9ca8e010103f442722d0d4cce471cc40a1fafd5f05535ad0e18899b6cf7563ee20e4025f7c7bc15182a0058c028922
fa4fc8856b validation: Add and use HaveTxsDownloaded where appropriate (MarcoFalke)
Pull request description:
`nChainTx` is an implementation detail that shouldn't be exposed without a wrapper that comes with appropriate documentation.
Tree-SHA512: 56ab7378c2ce97794498724c271f861de982de69099e90ec09632a26230ae6fded3c59668adb378bd64dcb8ef714769b970210977b88a53fc7550774ddba3d59
6bbdb2077e squashme: connect thru node interface (João Barbosa)
a0f8df365d qt: Call noui_connect to prevent boost::signals2::no_slots_error in early calls to InitWarning (João Barbosa)
Pull request description:
Adding the following to `bitcoin.conf`
```
[xxx]
disablewallet=1
```
And running `bitcoin-qt` gives:
```
libc++abi.dylib: terminating with uncaught exception of type boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::signals2::no_slots_error> >: boost::signals2::no_slots_error
```
Fixes regression in #14708.
Tree-SHA512: 7c158376fad6ebcd80fc0dbe549d5b6e893fb82e7dc1e455825633d7f91b14dc34493487cab7642152e88f9eaf99bfa91988972d600e9fb289cf26afd64aff8a
28479f926f qa: Test bitcond shutdown (João Barbosa)
8d3f46ec39 http: Remove timeout to exit event loop (João Barbosa)
e98a9eede2 http: Remove unnecessary event_base_loopexit call (João Barbosa)
6b13580f4e http: Unlisten sockets after all workers quit (João Barbosa)
18e9685816 http: Send "Connection: close" header if shutdown is requested (João Barbosa)
02e1e4eff6 rpc: Add wait argument to stop (João Barbosa)
Pull request description:
Fixes#11777. Reverts #11006. Replaces #13501.
With this change the HTTP server will exit gracefully, meaning that all requests will finish processing and sending the response, even if this means to wait more than 2 seconds (current time allowed to exit the event loop).
Another small change is that connections are accepted even when the server is stopping, but HTTP requests are rejected. This can be improved later, especially if chunked replies are implemented.
Briefly, before this PR, this is the order or events when a request arrives (RPC `stop`):
1. `bufferevent_disable(..., EV_READ)`
2. `StartShutdown()`
3. `evhttp_del_accept_socket(...)`
4. `ThreadHTTP` terminates (event loop exits) because there are no active or pending events thanks to 1. and 3.
5. client doesn't get the response thanks to 4.
This can be verified by applying
```diff
// Event loop will exit after current HTTP requests have been handled, so
// this reply will get back to the client.
StartShutdown();
+ MilliSleep(2000);
return "Bitcoin server stopping";
}
```
and checking the log output:
```
Received a POST request for / from 127.0.0.1:62443
ThreadRPCServer method=stop user=__cookie__
Interrupting HTTP server
** Exited http event loop
Interrupting HTTP RPC server
Interrupting RPC
tor: Thread interrupt
Shutdown: In progress...
torcontrol thread exit
Stopping HTTP RPC server
addcon thread exit
opencon thread exit
Unregistering HTTP handler for / (exactmatch 1)
Unregistering HTTP handler for /wallet/ (exactmatch 0)
Stopping RPC
RPC stopped.
Stopping HTTP server
Waiting for HTTP worker threads to exit
msghand thread exit
net thread exit
... sleep 2 seconds ...
Waiting for HTTP event thread to exit
Stopped HTTP server
```
For this reason point 3. is moved right after all HTTP workers quit. In that moment HTTP replies are queued in the event loop which keeps spinning util all connections are closed. In order to trigger the server side close with keep alive connections (implicit in HTTP/1.1) the header `Connection: close` is sent if shutdown was requested. This can be tested by
```
bitcoind -regtest
nc localhost 18443
POST / HTTP/1.1
Authorization: Basic ...
Content-Type: application/json
Content-Length: 44
{"jsonrpc": "2.0","method":"stop","id":123}
```
Summing up, this PR:
- removes explicit event loop exit — event loop exits once there are no active or pending events
- changes the moment the listening sockets are removed — explained above
- sends header `Connection: close` on active requests when shutdown was requested which is relevant when it's a persistent connection (default in HTTP 1.1) — libevent is aware of this header and closes the connection gracefully
- removes event loop explicit break after 2 seconds timeout
Tree-SHA512: 4dac1e86abe388697c1e2dedbf31fb36a394cfafe5e64eadbf6ed01d829542785a8c3b91d1ab680d3f03f912d14fc87176428041141441d25dcb6c98a1e069d8
688f665a5e Scripts and tools & Docs: Used #!/usr/bin/env bash instead of obsolete #!/bin/bash, added linting for .sh files shebang and updated the Developer Notes. (vim88)
Pull request description:
As it was discussed in [#13510](https://github.com/bitcoin/bitcoin/pull/13510), it is better to use `#!/usr/bin/env bash` instead of `#!/bin/bash`.
Tree-SHA512: 25f71eb9a6a0cdc91568b5c6863205c5fe095f77a69e633503a2ac7805bd9013af8538e538c0c666ce96a28e3f43ce7a8df5f08d4ff007723bb588d85674f2da
cf4b0327ed Use std::numeric_limits<UNSIGNED>::max()) instead of (UNSIGNED)-1 (practicalswift)
6b82fc59eb Use const in COutPoint class (Hennadii Stepanov)
Pull request description:
Refactoring:
- all cases of using `(uint32_t) -1` in `COutPoint` class are replaced with const;
- also all remaining instances of `(UNSIGNED)-1` transformed to `std::numeric_limits<UNSIGNED>::max()` (by @practicalswift).
Tree-SHA512: fc7fe9838b6e5136d8b97ea3d6f64c4aaa1215f4369832df432cab017396620bb6e30520a64180ceab6de222562ac11eab243a78dfa5a658ba018835a34caa19
fabca42c68 RPCHelpMan: Add space after colons in extended description (MarcoFalke)
fafd040f73 rpc: Add description to fundrawtransaction vout_index (MarcoFalke)
1db0096f61 rpc: Pass argument descriptions to RPCHelpMan (MarcoFalke)
Pull request description:
This will normalize the type names and formatting for the rpc arguments
Tree-SHA512: 6ab344882f0fed36046ab4636cb2fa5d2479c6aae22666ca9a0d067edbb9eff8de98010ad97c8ce40ab532d15d1ae67120a561b0bf3da837090d7de427679f4f
b14948e2e Remove duplicate libconsensus linking in test make (Amir Abrams)
Pull request description:
`LIBBITCOIN_CONSENSUS` is linked twice in Makefile.test.include
Tree-SHA512: d4240e6f15f62ec1500021760af5155c6ce3898d1ca8da463ad85e2bff4435aa3b9204505ef889149509ae959d44dd845914671bc3d7df61e89aa3ab5e1aa751
48b37db50 make peertimeout a debug argument, remove error message translation (Zain Iqbal Allarakhia)
8042bbfbf p2p: allow p2ptimeout to be configurable, speed up slow test (Zain Iqbal Allarakhia)
Pull request description:
**Summary:**
1. _Primary_: Adds a `debug_only=true` flag for peertimeout, defaults to 60 sec., the current hard-coded setting.
2. _Secondary_: Drastically speeds up `p2p_timeout.py` test.
3. _Secondary_: Tests that the correct code path is being tested by adding log assertions to the test.
**Rationale:**
- P2P timeout was hard-coded: make it explicitly specified and configurable, instead of a magic number.
- Addresses #13518; `p2p_timeout.py` takes 4 sec. to run instead of 61 sec.
- Makes `p2p_timeout.py` more explicit. Previously, we relied on a comment to inform us of the timeout amount being tested. Now it is specified directly in the test via passing in the new arg; `-peertimeout=3`.
- Opens us up to testing more P2P scenarios; oftentimes slow tests are the reason we don't test.
**Locally verified changes:**
_With Proposed Change (4.7 sec.):_
```
$ time ./test/functional/p2p_timeouts.py
2018-11-19T00:04:19.077000Z TestFramework (INFO): Initializing test directory /tmp/testhja7g2n7
2018-11-19T00:04:23.479000Z TestFramework (INFO): Stopping nodes
2018-11-19T00:04:23.683000Z TestFramework (INFO): Cleaning up /tmp/testhja7g2n7 on exit
2018-11-19T00:04:23.683000Z TestFramework (INFO): Tests successful
real 0m4.743s
```
_Currently on master (62.8 sec.):_
```
$ time ./test/functional/p2p_timeouts.py
2018-11-19T00:06:10.948000Z TestFramework (INFO): Initializing test directory /tmp/test6mo6k21h
2018-11-19T00:07:13.376000Z TestFramework (INFO): Stopping nodes
2018-11-19T00:07:13.631000Z TestFramework (INFO): Cleaning up /tmp/test6mo6k21h on exit
2018-11-19T00:07:13.631000Z TestFramework (INFO): Tests successful
real 1m2.836s
```
_Error message demonstrated for new argument `-peertimeout`:_
```
$ ./bitcoind -peertimeout=-5
...
Error: peertimeout cannot be configured with a negative value.
```
Tree-SHA512: ff7a244ebea54c4059407bf4fb86465714e6a79cef5d2bcaa22cfe831a81761aaf597ba4d5172fc2ec12266f54712216fc41b5d24849e5d9dab39ba6f09e3a2a
1c28feb7d qt: Remove hidden columns in coin control dialog (João Barbosa)
Pull request description:
Instead of having hidden columns, store the data in specific roles.
Overlaps with #14817, fixes#11811.
Tree-SHA512: e86e9ca426b9146ac28997ca1920dbae6cc4e2e494ff94fe131d605cd6c013183fc5de10036c886a4d6dcae497ac4067de3791be0ef9c88f7ce9f57f7bd97422
82d6c5aad gui: Show watch-only eye instead of HD disabled (Chun Kuan Lee)
fe1ff5026 Hide spendable label if priveate key is disabled (Chun Kuan Lee)
Pull request description:
If a wallet is in private key disabled mode, the spendable balance is always zero, it does not have to show on GUI. Show the watch-only balance at normal balance column if a wallet is in that mode.
![image](https://user-images.githubusercontent.com/11154118/45662527-dfaab400-bb34-11e8-98c8-c06ac5c0b08a.png)
Tree-SHA512: 8b535427d26d3f8e61081f50e4773bd25656be042d378fd34cf647e9a0065cb4dfb67a8ab9fb4fbf5f196390df8cb983ebf2f0fa8a6503b7c046c56bec87ba72
c5ed6e73d Move CheckBlock() call to critical section (Hennadii Stepanov)
Pull request description:
This is an alternative to #14803.
Refs:
- #14058
- #14072
- https://github.com/bitcoin/bitcoin/pull/14803#issuecomment-442233211 by @gmaxwell
> It doesn't support multithreaded validation and there are lot of things that prevent that, which is why I was concerned. Why doesn't the lock on the block index or even cs main prevent concurrency here?
- https://github.com/bitcoin/bitcoin/pull/14803#issuecomment-442237566 by @MarcoFalke
Tree-SHA512: 2152e97106e11da5763b2748234ecd2982daadab13a0da04215f4db60af802a44ab5700f32249137d122eb13fc2a02e0f2d561d364607d727d8c6ab879339afb
bf2e01097 uint256: Remove unnecessary crypto/common.h use (Karl-Johan Alm)
Pull request description:
This is an alternative to #13242 which keeps the `ReadLE64` part, but moves the `crypto/common.h` dependency into `crypto/common.h` as a function outside of `uint256`.
**Reason:** this change will remove dependencies for `uint256` to `crypto/common.h`, `compat/endian.h`, and `compat/byteswap.h`.
This PR removes the need to update tests to be endian-aware/-independent, but keeps the (arguably dubious) `ReadLE64` part (which was only introduced to fix the tests, not for any functionality).
Tree-SHA512: 78b35123cdb185b3b3ec59aba5ca8a5db72624d147f2d6a5484ffa5ce626a72f782a01dc6893fc8f5619b03e2eae7b5a03b0df5d43460f3bda428e719e188aec
0fb2e69815 CreateTransaction: Assume minimum p2sh-p2wpkh spend size for unknown change (Gregory Sanders)
b06483c96a Remove stale comment in CalculateMaximumSignedInputSize (Gregory Sanders)
Pull request description:
This is triggered anytime a fundraw type call(psbt or legacy) is used with a change output address that the wallet doesn't know how to sign for.
This regression was added in 6a34ff5335 since BnB coin selection actually cares about this.
The fix is to assume the smallest typical spend, a P2SH-P2WPKH, which is calculated using a "prototype" dummy signature flow. Future work could generalize this infrastructure to get estimated sizes of inputs for a variety of types.
I also removed a comment which I believe is stale and misleading.
Tree-SHA512: c7e2be189e524f81a7aa4454ad9370cefba715e3781f1e462c8bab77e4d27540191419029e3ebda11e3744c0703271e479dcd560d05e4d470048d9633e34da16
fa5cef0f78 bench: Destroy wallet txs instead of leaking their memory (MarcoFalke)
Pull request description:
This should destroy the wallet txs when the benchmark ends to avoid having to hold them when the following benchmarks run.
Tree-SHA512: e2510946e6a47fad3ec5fb28d298df8ddc2e017455fcff777fa7bbc12d801c08739db6a7a7289509aaa881ccdc59dfff9bcb6772b48db2c457d3787081a46c06
109699dd33 Add release notes (Pieter Wuille)
b65326b562 Add matching descriptors to scantxoutset output + tests (Pieter Wuille)
16203d5df7 Add descriptors to listunspent and getaddressinfo + tests (Pieter Wuille)
9b2a25b13f Add tests for InferDescriptor and Descriptor::IsSolvable (Pieter Wuille)
225bf3e3b0 Add Descriptor::IsSolvable() to distinguish addr/raw from others (Pieter Wuille)
4d78bd93b5 Add support for inferring descriptors from scripts (Pieter Wuille)
Pull request description:
This PR adds functionality to convert a script to a descriptor, given a `SigningProvider` with the relevant information about public keys and redeemscripts/witnessscripts.
The feature is exposed in `listunspent`, `getaddressinfo`, and `scantxoutset` whenever these calls are applied to solvable outputs/addresses.
This is not very useful on its own, though when we add RPCs to import descriptors, or sign PSBTs using descriptors, these strings become a compact and standalone way of conveying everything necessary to sign an output (excluding private keys).
Unit tests and rudimentary RPC tests are included (more relevant tests can be added once RPCs support descriptors).
Fixes#14503.
Tree-SHA512: cb36b84a3e0200375b7e06a98c7e750cfaf95cf5de132cad59f7ec3cbd201f739427de0dc108f515be7aca203652089fbf5f24ed283d4553bddf23a3224ab31f
c77f09230b Fix descriptor_tests not checking ToString output of public descriptors (Russell Yanofsky)
Pull request description:
This fixes a minor test bug introduced in #13697 that I noticed while reviewing #14646
Tree-SHA512: efed91200cdff5f86ba5de3461ac00759d285e2905f6cb24cea15d3e23e0581ce5fc14b24a40db093f7ebd662ee1ee2cf67f8798bac1903a78298eda08909cfb
fa739d4bd7 qa: Add wallet_encryption error tests (MarcoFalke)
Pull request description:
The errors for empty passphrases are the help text of the RPC call, which is not very specific. Replace that with proper RPC errors and test them.
Tree-SHA512: 3137e0f8f2e42a1f8ab1eeb57c99052557725f6f85139ff48c24acc8f3cf4087802de5216f3ce97375b291d21bddb7cd1379a6f280166136a306a0c9663bbd42
Let event base loop exit cleanly by processing all active and pending
events. The call is no longer necessary because closing persistent
connections is now properly handled.
This (almost) move only ensures the event base loop doesn't exit before
HTTP worker threads exit. This way events registered by HTTP workers are
processed and not discarded.
Sending the header "Connection: close" makes libevent close persistent
connections (implicit with HTTP 1.1) which cleans the event base when
shutdown is requested.
b81a186056 GetPubKey: make sigdata const (Gregory Sanders)
f7beb95a1f remove redundant KeyOriginInfo access, already done in CreateSig (Gregory Sanders)
Pull request description:
This redundancy is confusing as it looks like pubkeyhashes are special in some way based on where it's called.
Tree-SHA512: a980b7c774c6d69322945227a2b156489fb1991ebf57fe6f26096d5f8047f246a133debc241b05af67810f604b040079add3ab3d30d9e2928095905a2afe17eb
0c69ff6171 clarify rpcwallet flag url change (Jordan Baczuk)
Pull request description:
This adds clarification to the bitcoin-cli -rpcwallet flag in the help command. This will benefit users who want to utilize this feature without the cli, for example curl. It isn't readily apparent that this changes the url used in the RPC call.
Tree-SHA512: 6fc759f193f0a918884aab8ba4dc77ed9e89ee3840feeff737a754be758750590f5bd44b40f4810c3b82601e125e62e10360af45cb8e9d95be206ebeb9120ebf
b7b36decaf fix uninitialized read when stringifying an addrLocal (Kaz Wesley)
8ebbef0169 add test demonstrating addrLocal UB (Kaz Wesley)
Pull request description:
Reachable from either place where SetIP is used when all of:
- our best-guess addrLocal for a peer is IPv4
- the peer tells us it's reaching us at an IPv6 address
- NET logging is enabled
In that case, SetIP turns an IPv4 address into an IPv6 address without
setting the scopeId, which is subsequently read in GetSockAddr during
CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
constructor initializes the scopeId field with something.
Tree-SHA512: 8f0159750995e08b985335ccf60a273ebd09003990bcf2c3838b550ed8dc2659552ac7611650e6dd8e29d786fe52ed57674f5880f2e18dc594a7a863134739e3
fa5e0452e8 rpc: Documentation fixups (MarcoFalke)
fa91e8eda5 Use RPCHelpMan for all RPCs (MarcoFalke)
fa520e72f7 lint: Must use RPCHelpMan to generate the RPC docs (MarcoFalke)
Pull request description:
The resulting documentation should not change unless the type in the oneline-summary was previously incorrect. (E.g. string vs bool)
Tree-SHA512: 4ff355b6a53178f02781e97a7aca7ee1d0d97ff348b6bf5a01caa1c96904ee33c704465fae54c2cd7445097427fd04c71ad3779bb7a7ed886055ef36c1b5a1d0
fa21ca09a8 test: Add BOOST_REQUIRE to getters returning optional (MarcoFalke)
Pull request description:
Usually the returned value is already checked for equality, but for sanity we might as well require that the getter successfully returned.
Tree-SHA512: 0d613a9a721c61bd7a115ebc681a0890df09b8e5775f176ac18b3a586f2ca57bee0b5b816f5a7c314ff3ac6cbb2a4d9c434f8459e054a7c8a6934a75f0120c2a
27c44ef9c6 rpcbind: Warn about exposing RPC to untrusted networks (Luke Dashjr)
d6a1287481 CNetAddr: Add IsBindAny method to check for INADDR_ANY (Luke Dashjr)
3615003952 net: Always default rpcbind to localhost, never "all interfaces" (Luke Dashjr)
Pull request description:
A disturbingly large number of listening nodes appear to be also exposing their RPC server to the public internet. To attempt to mitigate this:
* Only ever bind localhost by default, even if `rpcallowip` is specified. (A warning is given if `rpcallowip` is specified without `rpcbind`, since it doesn't really make sense to do.)
* Warn about exposing the RPC server to untrusted networks if the user explicitly binds to any INADDR_ANY address.
* Include a warning about untrusted networks in the `--help` documentation for `rpcbind`.
Tree-SHA512: 755bbca3db416a31393672eccf6675a5ee4d1eb1812cba73ebb4ff8c6b855ecc5df4c692566e9aa7b0f7d4dce6fedb9c0e9f3c265b9663aca36c4a6ba5efdbd4
69ca48717c Implement prevector::fill once (Ben Woosley)
7bad78c2c8 Drop defunct IS_TRIVIALLY_CONSTRUCTIBLE handling from prevector.h (Ben Woosley)
Pull request description:
This is clean-up post #14651:
* Use one implementation of `prevector::fill`, as it's possible now that the implementations are identical.
* Only apply the `IS_TRIVIALLY_CONSTRUCTIBLE` handling to the bench file where it is used, and drop the now-unnecessary associated compat includes.
Tree-SHA512: 5930b3a17fccd39af10add40202ad97a297aebecc049af72ca920d0d55b3e4c3c30ce864c8a683355895f0196396d4ea56ba9f9637bdc7d16964cdf66c195485
3fb09b9889 Warn unrecognized sections in the config file (Akio Nakamura)
Pull request description:
This PR intends to resolve#14702.
In the config file, sections are specified by square bracket pair "[]"$,
or included in the option name itself which separated by a period"(.)".
Typicaly, [testnet] is not a correct section name and specified options
in that section are ignored but user cannot recognize what is happen.
So, add some log-warning messages if unrecognized section names are
present in the config file after checking section only args.
note: Currentry, followings are out of scope of this PR.
1) Empty section name or option name can describe.
e.g. [] , .a=b, =c
2) Multiple period characters can exist in the section name and option name.
e.g. [c.d.e], [..], f.g.h.i=j, ..=k
Tree-SHA512: 2cea02a0525feb40320613989a75cd7b7b1bd12158d5e6f3174ca77e6a25bb84425dd8812f62483df9fc482045c7b5402d69bc714430518b1847d055a2dc304b
591203149f wallet: Create IsDatabaseLoaded function (Chun Kuan Lee)
15c93f075a wallet: Add trailing wallet.dat when detecting duplicate wallet if it's a directory. (Chun Kuan Lee)
c456fbd8df Refactor: Move m_db pointers into BerkeleyDatabase (Russell Yanofsky)
Pull request description:
Fix#14538
Fix crash attempting to load the same wallet with different path strings that resolve to the same absolute path. The primary check which prevents loading the same wallet twice is:
6b8d0a2164/src/wallet/db.cpp (L44)
But this check is skipped if both wallet paths resolve to the same absolute path, due to caching here:
6b8d0a2164/src/wallet/db.cpp (L467)
Meanwhile a secondary check for duplicate wallets is not reliable because it based on a literal comparison, instead of comparison using absolute paths:
6b8d0a2164/src/wallet/wallet.cpp (L3853)
This PR fixes the latter check to compare the absolute path of a new wallet being loaded to absolute paths of wallets already loaded, so there should no longer be any way to load the same wallet more than once.
Tree-SHA512: 2fa01811c160b57be3b76c6b4983556a04bbce71a3f8202429987ec020664a062e897deedcd9248bc04e9baaa2fc7b464e2595dcaeff2af0818387bf1fcdbf6f
In the config file, sections are specified by square bracket pair "[]"$,
or included in the option name itself which separated by a period"(.)".
Typicaly, [testnet] is not a correct section name and specified options
in that section are ignored but user cannot recognize what is happen.
So, add some log/stderr-warning messages if unrecognized section names
are present in the config file after checking section only args.
c54e5a41c4 Remove unreferenced boost headers (Murray Nesbitt)
Pull request description:
Building with clang (e.g. on FreeBSD) is very noisy due to `-Wthread-safety-analysis` warnings regarding boost. This change removes a number of unnecessary boost includes, and silences the rest of the warnings when building with clang. This allows more potentially interesting warnings to surface from the noise.
Tested on FreeBSD 11.2
Tree-SHA512: 5e6a0623188b9be59aeae52866799aefb4c3c9ab5e569b07ee8d43fc92e0b5f1f76b96bb54c35c7043148df84641b4a96927fb71f6eb00460c20cd19cf250900
b08af10fb2 disallow oversized CBlockHeaderAndShortTxIDs (Kaz Wesley)
6bed4b374d fix a deserialization overflow edge case (Kaz Wesley)
051faf7e9d add a test demonstrating an overflow in a deserialization edge case (Kaz Wesley)
Pull request description:
A specially-constructed BlockTransactionsRequest can cause `offset` to wrap in deserialization. In the current code, there is not any way this could be dangerous; but disallowing it reduces the potential for future surprises.
Tree-SHA512: 1aaf7636e0801a905ed8807d0d1762132ac8b4421a600c35fb6d5e5033c6bfb587d8668cd9f48c7a08a2ae793a677b7649661e3ae248ab4f8499ab7b6ede483c
Reachable from either place where SetIP is used when our best-guess
addrLocal for a peer is IPv4, but the peer tells us it's reaching us at
an IPv6 address.
In that case, SetIP turns an IPv4 address into an IPv6 address without
setting the scopeId, which is subsequently read in GetSockAddr during
CNetAddr::ToStringIP and passed to getnameinfo. Fix by ensuring every
constructor initializes the scopeId field with something.
9cc0230cfc Add NODISCARD to all {Decode,Parse}[...](...) functions returning bool. Sort includes. (practicalswift)
579497e77a tests: Explicitly ignore the return value of DecodeBase58(...) (practicalswift)
145fe95ec7 tests: Check return value of ParseParameters(...) (practicalswift)
7c5bc2a523 miner: Default to DEFAULT_BLOCK_MIN_TX_FEE if unable to parse -blockmintxfee (practicalswift)
Pull request description:
Changes in this PR:
* ~~Add linter to make sure the return value of `Parse[...](...)` is checked~~
* Add `__attribute__((warn_unused_result))` to all `{Decode,Parse}[...](...)` functions returning `bool`
* Fix violations
Context:
* #13712: `wallet: Fix non-determinism in ParseHDKeypath(...). Avoid using an uninitialized variable in path calculation.` would have been prevented by this
Tree-SHA512: 41a97899f2d5a26584235fa02b1ebfb4faacd81ea97e927022955a658fa7e15d07a1443b4b7635151a43259a1adf8f2f4de3c1c75d7b5f09f0d5496463a1dae6
b4f6e58ca5 Better error message for user when corrupt wallet unlock fails (MeshCollider)
Pull request description:
Mentioned here: https://github.com/bitcoin/bitcoin/issues/14461#issuecomment-429183503
Current behavior is to assert(false) and crash, only info is printed in the log. This shows the message to the user before abort() instead.
Tree-SHA512: 526f9ed9262257fca55caf7153ab913ed958b13b079d2f01db797485614d8c375815a1554276e8cf73d3838104b2691a9cf85c8d097973127ae8de9e111446bf
fa0815c300 rpc: Correctly name arguments (Jon Layton)
Pull request description:
Consistently use the same name to describe arguments in the documentation and add a test that uses the name.
By splitting it up, the changes are easier to potentially backport and also make review easier when we switch to `RPCHelpMan`.
The tests should pass with or without the changes in `src`.
Partly stolen from #14459 (More RPC help description fixes by ch4ot1c)
Tree-SHA512: 1072992b1e93ac41006613523e54a0a8004f529fcb101eb9d74d91474abb0945a5a7539f249905151b904b87448f9efc0cacbd9e052fbe2ea9111e62f3e7249c
7afddfa8ce importmulti: Don't add internal addresses to address book (Gregory Sanders)
Pull request description:
Currently anything imported with `internal` will not be treated as change since checking the address book is a primary test of this.
Added basic tests of all combinations of arguments and change identification.
Resolves https://github.com/bitcoin/bitcoin/issues/14662
Tree-SHA512: a1f08dc624a3fadee93cc5392d50c4796b0c5eedf38e295382f71570f2066d9e978ed6e3962084b902989863fe1273a8642d8fdb094a266d69de10622a4176b0
Accurately reports the last block successfully scanned, replacing a return of
the chain tip, which represented possibly inaccurated data in a race condition.
fa483e13b3 rpc: Add RPCHelpMan for machine-generated help (MarcoFalke)
fa0d36f712 rpc: Include rpc/util.h where needed for RPCHelpMan (MarcoFalke)
Pull request description:
This introduces a manager for the RPC help generation and demonstrates its use of it in some RPCs.
It is the first non-exhaustive step toward #14378 and I will create pull requests for the next steps after this one is merged.
Tree-SHA512: 86f68322443ff01cd964aaf0ebe186be63fbebe4c47676cf7a622cc2b5305fd176bd57badfd1bbf788a036812253eb0dead74ecc3b30664c3e0d9392b2248054
27154ce765 util.h: explicitly include required QString header (1Il1)
Pull request description:
Alternative to #14713.
Instead of depending on clang formatter to not reorder includes, another fix is to explicitly include the missing header file.
Tree-SHA512: f419ef2fd1dfd8da28160a94d187af78463fb398ef6aadd6c68ebf57e6d02380d93f5f370bf2d39e88dcbfeb252c3e5f245c0a157c7d0a64c38fc0f0c7004515
4e4de10f69 Throw error if CPubKey is invalid during PSBT keypath serialization (Gregory Sanders)
Pull request description:
Related to https://github.com/bitcoin/bitcoin/pull/14689
We should catch this error before attempting to deserialize it later.
Tree-SHA512: d2f3ea7f363818ac70c81ee988231b2bb50d055b6919f7bff3f27120c85a7048bfa183efae33e23e6b81d684bcb8bb81e5b209abb3acbcaff1d88014f4f1aa93
a6b5ec18f rpc: creates possibility to preserve labels on importprivkey (marcoagner)
Pull request description:
Closes#13087.
As discussed in the issue, this is a feature request instead of a bug report since the behaviour was as intended (i.e. label with default: `''`). With this, the old behaviour is kept while the possibility to achieve the preservation of labels, as expected in the open issue, is added.
Tree-SHA512: b33be50e1e7f62f7ddfae953177ba0926e2d848961f9fac7501c2b513322c0cb95787745d07d137488267bad1104ecfdbe800c6747f94162eb07c976835c1386