diff options
| l--------- | README | 1 | ||||
| -rw-r--r-- | README.md | 110 | ||||
| -rw-r--r-- | src/main.cpp | 19 | ||||
| -rw-r--r-- | src/main.h | 2 | ||||
| -rw-r--r-- | src/net.cpp | 47 | ||||
| -rw-r--r-- | src/wallet.cpp | 2 |
6 files changed, 107 insertions, 74 deletions
diff --git a/README b/README deleted file mode 120000 index 42061c01a1..0000000000 --- a/README +++ /dev/null @@ -1 +0,0 @@ -README.md
\ No newline at end of file @@ -1,66 +1,82 @@ - Bitcoin integration/staging tree +================================ + +http://www.bitcoin.org + +Copyright (c) 2009-2012 Bitcoin Developers + +What is Bitcoin? +---------------- + +Bitcoin is an experimental new digital currency that enables instant payments to +anyone, anywhere in the world. Bitcoin uses peer-to-peer technology to operate +with no central authority: managing transactions and issuing money are carried +out collectively by the network. Bitcoin is also the name of the open source +software which enables the use of this currency. + +For more information, as well as an immediately useable, binary version of +the Bitcoin client sofware, see http://www.bitcoin.org. + +License +------- + +Bitcoin is released under the terms of the MIT license. See `COPYING` for more +information or see http://opensource.org/licenses/MIT. Development process -=================== +------------------- -Developers work in their own trees, then submit pull requests when -they think their feature or bug fix is ready. +Developers work in their own trees, then submit pull requests when they think +their feature or bug fix is ready. -If it is a simple/trivial/non-controversial change, then one of the -bitcoin development team members simply pulls it. +If it is a simple/trivial/non-controversial change, then one of the Bitcoin +development team members simply pulls it. -If it is a more complicated or potentially controversial -change, then the patch submitter will be asked to start a -discussion (if they haven't already) on the mailing list: -http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development +If it is a *more complicated or potentially controversial* change, then the patch +submitter will be asked to start a discussion (if they haven't already) on the +[mailing list](http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development). -The patch will be accepted if there is broad consensus that it is a -good thing. Developers should expect to rework and resubmit patches -if they don't match the project's coding conventions (see coding.txt) -or are controversial. +The patch will be accepted if there is broad consensus that it is a good thing. +Developers should expect to rework and resubmit patches if the code doesn't +match the project's coding conventions (see `doc/coding.txt`) or are +controversial. -The master branch is regularly built and tested, but is not guaranteed -to be completely stable. Tags are regularly created to indicate new -official, stable release versions of Bitcoin. +The `master` branch is regularly built and tested, but is not guaranteed to be +completely stable. [Tags](https://github.com/bitcoin/bitcoin/tags) are created +regularly to indicate new official, stable release versions of Bitcoin. Testing -======= +------- + +Testing and code review is the bottleneck for development; we get more pull +requests than we can review and test. Please be patient and help out, and +remember this is a security-critical project where any mistake might cost people +lots of money. + +### Automated Testing -Testing and code review is the bottleneck for development; we get more -pull requests than we can review and test. Please be patient and help -out, and remember this is a security-critical project where any -mistake might cost people lots of money. +Developers are strongly encouraged to write unit tests for new code, and to +submit new unit tests for old code. -Automated Testing ------------------ +Unit tests for the core code are in `src/test/`. To compile and run them: -Developers are strongly encouraged to write unit tests for new code, -and to submit new unit tests for old code. + cd src; make -f makefile.linux test -Unit tests for the core code are in src/test/ -To compile and run them: - cd src; make -f makefile.linux test +Unit tests for the GUI code are in `src/qt/test/`. To compile and run them: -Unit tests for the GUI code are in src/qt/test/ -To compile and run them: - qmake BITCOIN_QT_TEST=1 -o Makefile.test bitcoin-qt.pro - make -f Makefile.test - ./Bitcoin-Qt + qmake BITCOIN_QT_TEST=1 -o Makefile.test bitcoin-qt.pro + make -f Makefile.test + ./Bitcoin-Qt -Every pull request is built for both Windows and -Linux on a dedicated server, and unit and sanity -tests are automatically run. The binaries -produced may be used for manual QA testing -(a link to them will appear in a comment on the pull request -from 'BitcoinPullTester'). -See https://github.com/TheBlueMatt/test-scripts for the -build/test scripts. +Every pull request is built for both Windows and Linux on a dedicated server, +and unit and sanity tests are automatically run. The binaries produced may be +used for manual QA testing -- a link to them will appear in a comment on the +pull request posted by 'BitcoinPullTester'. See `https://github.com/TheBlueMatt/test-scripts` +for the build/test scripts. -Manual Quality Assurance (QA) Testing -------------------------------------- +### Manual Quality Assurance (QA) Testing -Large changes should have a test plan, and should be tested -by somebody other than the developer who wrote the code. +Large changes should have a test plan, and should be tested by somebody other +than the developer who wrote the code. -See https://github.com/bitcoin/QA/ for how to create a test plan. +See `https://github.com/bitcoin/QA/` for how to create a test plan. diff --git a/src/main.cpp b/src/main.cpp index ee1d23c337..cfb459c9a7 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -362,6 +362,14 @@ bool CTransaction::IsStandard() const if (!IsFinal()) return false; + // Extremely large transactions with lots of inputs can cost the network + // almost as much to process as they cost the sender in fees, because + // computing signature hashes is O(ninputs*txsize). Limiting transactions + // to MAX_STANDARD_TX_SIZE mitigates CPU exhaustion attacks. + unsigned int sz = this->GetSerializeSize(SER_NETWORK, CTransaction::CURRENT_VERSION); + if (sz >= MAX_STANDARD_TX_SIZE) + return false; + BOOST_FOREACH(const CTxIn& txin, vin) { // Biggest 'standard' txin is a 3-signature 3-of-3 CHECKMULTISIG @@ -1250,7 +1258,6 @@ bool ConnectBestBlock(CValidationState &state) { BOOST_FOREACH(CBlockIndex *pindexSwitch, vAttach) { if (fRequestShutdown) break; - CValidationState state; try { if (!SetBestChain(state, pindexSwitch)) return false; @@ -1405,7 +1412,7 @@ bool CTransaction::CheckInputs(CValidationState &state, CCoinsViewCache &inputs, } if (nValueIn < GetValueOut()) - return state.DoS(100, error("ChecktInputs() : %s value in < value out", GetHash().ToString().substr(0,10).c_str())); + return state.DoS(100, error("CheckInputs() : %s value in < value out", GetHash().ToString().substr(0,10).c_str())); // Tally transaction fees int64 nTxFee = nValueIn - GetValueOut(); @@ -2259,7 +2266,9 @@ bool ProcessBlock(CValidationState &state, CNode* pfrom, CBlock* pblock, CDiskBl ++mi) { CBlock* pblockOrphan = (*mi).second; - if (pblockOrphan->AcceptBlock(state)) + // Use a dummy CValidationState so someone can't setup nodes to counter-DoS based on orphan resolution (that is, feeding people an invalid block based on LegitBlockX in order to get anyone relaying LegitBlockX banned) + CValidationState stateDummy; + if (pblockOrphan->AcceptBlock(stateDummy)) vWorkQueue.push_back(pblockOrphan->GetHash()); mapOrphanBlocks.erase(pblockOrphan->GetHash()); delete pblockOrphan; @@ -3461,8 +3470,10 @@ bool static ProcessMessage(CNode* pfrom, string strCommand, CDataStream& vRecv) CDataStream(vMsg) >> tx; CInv inv(MSG_TX, tx.GetHash()); bool fMissingInputs2 = false; + // Use a dummy CValidationState so someone can't setup nodes to counter-DoS based on orphan resolution (that is, feeding people an invalid transaction based on LegitTxX in order to get anyone relaying LegitTxX banned) + CValidationState stateDummy; - if (tx.AcceptToMemoryPool(state, true, true, &fMissingInputs2)) + if (tx.AcceptToMemoryPool(stateDummy, true, true, &fMissingInputs2)) { printf(" accepted orphan tx %s\n", inv.hash.ToString().substr(0,10).c_str()); RelayTransaction(tx, inv.hash, vMsg); diff --git a/src/main.h b/src/main.h index 3c7e4e1005..d69aef94ea 100644 --- a/src/main.h +++ b/src/main.h @@ -28,6 +28,8 @@ struct CBlockIndexWorkComparator; static const unsigned int MAX_BLOCK_SIZE = 1000000; /** The maximum size for mined blocks */ static const unsigned int MAX_BLOCK_SIZE_GEN = MAX_BLOCK_SIZE/2; +/** The maximum size for transactions we're willing to relay/mine **/ +static const unsigned int MAX_STANDARD_TX_SIZE = MAX_BLOCK_SIZE_GEN/5; /** The maximum allowed number of signature check operations in a block (network rule) */ static const unsigned int MAX_BLOCK_SIGOPS = MAX_BLOCK_SIZE/50; /** The maximum number of orphan transactions kept in memory */ diff --git a/src/net.cpp b/src/net.cpp index a6017b7356..3406a28b0e 100644 --- a/src/net.cpp +++ b/src/net.cpp @@ -1145,11 +1145,17 @@ void MapPort() // Each pair gives a source name and a seed name. // The first name is used as information source for addrman. // The second name should resolve to a list of seed addresses. -static const char *strDNSSeed[][2] = { +static const char *strMainNetDNSSeed[][2] = { {"bitcoin.sipa.be", "seed.bitcoin.sipa.be"}, {"bluematt.me", "dnsseed.bluematt.me"}, {"dashjr.org", "dnsseed.bitcoin.dashjr.org"}, {"xf2.org", "bitseed.xf2.org"}, + {NULL, NULL} +}; + +static const char *strTestNetDNSSeed[][2] = { + {"bitcoin.petertodd.org", "testnet-seed.bitcoin.petertodd.org"}, + {NULL, NULL} }; void ThreadDNSAddressSeed(void* parg) @@ -1175,32 +1181,31 @@ void ThreadDNSAddressSeed(void* parg) void ThreadDNSAddressSeed2(void* parg) { + static const char *(*strDNSSeed)[2] = fTestNet ? strTestNetDNSSeed : strMainNetDNSSeed; + printf("ThreadDNSAddressSeed started\n"); int found = 0; - if (!fTestNet) - { - printf("Loading addresses from DNS seeds (could take a while)\n"); - - for (unsigned int seed_idx = 0; seed_idx < ARRAYLEN(strDNSSeed); seed_idx++) { - if (HaveNameProxy()) { - AddOneShot(strDNSSeed[seed_idx][1]); - } else { - vector<CNetAddr> vaddr; - vector<CAddress> vAdd; - if (LookupHost(strDNSSeed[seed_idx][1], vaddr)) + printf("Loading addresses from DNS seeds (could take a while)\n"); + + for (unsigned int seed_idx = 0; strDNSSeed[seed_idx][0] != NULL; seed_idx++) { + if (HaveNameProxy()) { + AddOneShot(strDNSSeed[seed_idx][1]); + } else { + vector<CNetAddr> vaddr; + vector<CAddress> vAdd; + if (LookupHost(strDNSSeed[seed_idx][1], vaddr)) + { + BOOST_FOREACH(CNetAddr& ip, vaddr) { - BOOST_FOREACH(CNetAddr& ip, vaddr) - { - int nOneDay = 24*3600; - CAddress addr = CAddress(CService(ip, GetDefaultPort())); - addr.nTime = GetTime() - 3*nOneDay - GetRand(4*nOneDay); // use a random age between 3 and 7 days old - vAdd.push_back(addr); - found++; - } + int nOneDay = 24*3600; + CAddress addr = CAddress(CService(ip, GetDefaultPort())); + addr.nTime = GetTime() - 3*nOneDay - GetRand(4*nOneDay); // use a random age between 3 and 7 days old + vAdd.push_back(addr); + found++; } - addrman.Add(vAdd, CNetAddr(strDNSSeed[seed_idx][0], true)); } + addrman.Add(vAdd, CNetAddr(strDNSSeed[seed_idx][0], true)); } } diff --git a/src/wallet.cpp b/src/wallet.cpp index b8ef2a20bf..2317ac31ac 100644 --- a/src/wallet.cpp +++ b/src/wallet.cpp @@ -1208,7 +1208,7 @@ bool CWallet::CreateTransaction(const vector<pair<CScript, int64> >& vecSend, CW // Limit size unsigned int nBytes = ::GetSerializeSize(*(CTransaction*)&wtxNew, SER_NETWORK, PROTOCOL_VERSION); - if (nBytes >= MAX_BLOCK_SIZE_GEN/5) + if (nBytes >= MAX_STANDARD_TX_SIZE) return false; dPriority /= nBytes; |