14 files changed, 402 insertions, 13 deletions
diff --git a/src/util/asmap.cpp b/src/util/asmap.cpp
index 4b548c5a4d..360573cbae 100644
--- a/src/util/asmap.cpp
+++ b/src/util/asmap.cpp
@@ -6,10 +6,10 @@
 
 #include <clientversion.h>
 #include <crypto/common.h>
-#include <fs.h>
 #include <logging.h>
 #include <serialize.h>
 #include <streams.h>
+#include <util/fs.h>
 
 #include <algorithm>
 #include <cassert>
diff --git a/src/util/asmap.h b/src/util/asmap.h
index 844037f816..08a88f1b3c 100644
--- a/src/util/asmap.h
+++ b/src/util/asmap.h
@@ -5,7 +5,7 @@
 #ifndef BITCOIN_UTIL_ASMAP_H
 #define BITCOIN_UTIL_ASMAP_H
 
-#include <fs.h>
+#include <util/fs.h>
 
 #include <cstdint>
 #include <vector>
diff --git a/src/util/fs.cpp b/src/util/fs.cpp
new file mode 100644
index 0000000000..e8fb72670f
--- /dev/null
+++ b/src/util/fs.cpp
@@ -0,0 +1,138 @@
+// Copyright (c) 2017-2022 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <util/fs.h>
+#include <util/syserror.h>
+
+#ifndef WIN32
+#include <cstring>
+#include <fcntl.h>
+#include <sys/file.h>
+#include <sys/utsname.h>
+#include <unistd.h>
+#else
+#include <codecvt>
+#include <limits>
+#include <windows.h>
+#endif
+
+#include <cassert>
+#include <string>
+
+namespace fsbridge {
+
+FILE *fopen(const fs::path& p, const char *mode)
+{
+#ifndef WIN32
+    return ::fopen(p.c_str(), mode);
+#else
+    std::wstring_convert<std::codecvt_utf8_utf16<wchar_t>,wchar_t> utf8_cvt;
+    return ::_wfopen(p.wstring().c_str(), utf8_cvt.from_bytes(mode).c_str());
+#endif
+}
+
+fs::path AbsPathJoin(const fs::path& base, const fs::path& path)
+{
+    assert(base.is_absolute());
+    return path.empty() ? base : fs::path(base / path);
+}
+
+#ifndef WIN32
+
+static std::string GetErrorReason()
+{
+    return SysErrorString(errno);
+}
+
+FileLock::FileLock(const fs::path& file)
+{
+    fd = open(file.c_str(), O_RDWR);
+    if (fd == -1) {
+        reason = GetErrorReason();
+    }
+}
+
+FileLock::~FileLock()
+{
+    if (fd != -1) {
+        close(fd);
+    }
+}
+
+bool FileLock::TryLock()
+{
+    if (fd == -1) {
+        return false;
+    }
+
+    struct flock lock;
+    lock.l_type = F_WRLCK;
+    lock.l_whence = SEEK_SET;
+    lock.l_start = 0;
+    lock.l_len = 0;
+    if (fcntl(fd, F_SETLK, &lock) == -1) {
+        reason = GetErrorReason();
+        return false;
+    }
+
+    return true;
+}
+#else
+
+static std::string GetErrorReason() {
+    wchar_t* err;
+    FormatMessageW(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
+        nullptr, GetLastError(), MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), reinterpret_cast<WCHAR*>(&err), 0, nullptr);
+    std::wstring err_str(err);
+    LocalFree(err);
+    return std::wstring_convert<std::codecvt_utf8_utf16<wchar_t>>().to_bytes(err_str);
+}
+
+FileLock::FileLock(const fs::path& file)
+{
+    hFile = CreateFileW(file.wstring().c_str(),  GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
+        nullptr, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, nullptr);
+    if (hFile == INVALID_HANDLE_VALUE) {
+        reason = GetErrorReason();
+    }
+}
+
+FileLock::~FileLock()
+{
+    if (hFile != INVALID_HANDLE_VALUE) {
+        CloseHandle(hFile);
+    }
+}
+
+bool FileLock::TryLock()
+{
+    if (hFile == INVALID_HANDLE_VALUE) {
+        return false;
+    }
+    _OVERLAPPED overlapped = {};
+    if (!LockFileEx(hFile, LOCKFILE_EXCLUSIVE_LOCK | LOCKFILE_FAIL_IMMEDIATELY, 0, std::numeric_limits<DWORD>::max(), std::numeric_limits<DWORD>::max(), &overlapped)) {
+        reason = GetErrorReason();
+        return false;
+    }
+    return true;
+}
+#endif
+
+std::string get_filesystem_error_message(const fs::filesystem_error& e)
+{
+#ifndef WIN32
+    return e.what();
+#else
+    // Convert from Multi Byte to utf-16
+    std::string mb_string(e.what());
+    int size = MultiByteToWideChar(CP_ACP, 0, mb_string.data(), mb_string.size(), nullptr, 0);
+
+    std::wstring utf16_string(size, L'\0');
+    MultiByteToWideChar(CP_ACP, 0, mb_string.data(), mb_string.size(), &*utf16_string.begin(), size);
+    // Convert from utf-16 to utf-8
+    return std::wstring_convert<std::codecvt_utf8_utf16<wchar_t>, wchar_t>().to_bytes(utf16_string);
+#endif
+}
+
+} // fsbridge
diff --git a/src/util/fs.h b/src/util/fs.h
new file mode 100644
index 0000000000..886a30394e
--- /dev/null
+++ b/src/util/fs.h
@@ -0,0 +1,251 @@
+// Copyright (c) 2017-2022 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_UTIL_FS_H
+#define BITCOIN_UTIL_FS_H
+
+#include <tinyformat.h>
+
+#include <cstdio>
+#include <filesystem>
+#include <functional>
+#include <iomanip>
+#include <ios>
+#include <ostream>
+#include <string>
+#include <utility>
+
+/** Filesystem operations and types */
+namespace fs {
+
+using namespace std::filesystem;
+
+/**
+ * Path class wrapper to block calls to the fs::path(std::string) implicit
+ * constructor and the fs::path::string() method, which have unsafe and
+ * unpredictable behavior on Windows (see implementation note in
+ * \ref PathToString for details)
+ */
+class path : public std::filesystem::path
+{
+public:
+    using std::filesystem::path::path;
+
+    // Allow path objects arguments for compatibility.
+    path(std::filesystem::path path) : std::filesystem::path::path(std::move(path)) {}
+    path& operator=(std::filesystem::path path) { std::filesystem::path::operator=(std::move(path)); return *this; }
+    path& operator/=(std::filesystem::path path) { std::filesystem::path::operator/=(path); return *this; }
+
+    // Allow literal string arguments, which are safe as long as the literals are ASCII.
+    path(const char* c) : std::filesystem::path(c) {}
+    path& operator=(const char* c) { std::filesystem::path::operator=(c); return *this; }
+    path& operator/=(const char* c) { std::filesystem::path::operator/=(c); return *this; }
+    path& append(const char* c) { std::filesystem::path::append(c); return *this; }
+
+    // Disallow std::string arguments to avoid locale-dependent decoding on windows.
+    path(std::string) = delete;
+    path& operator=(std::string) = delete;
+    path& operator/=(std::string) = delete;
+    path& append(std::string) = delete;
+
+    // Disallow std::string conversion method to avoid locale-dependent encoding on windows.
+    std::string string() const = delete;
+
+    std::string u8string() const
+    {
+        const auto& utf8_str{std::filesystem::path::u8string()};
+        // utf8_str might either be std::string (C++17) or std::u8string
+        // (C++20). Convert both to std::string. This method can be removed
+        // after switching to C++20.
+        return std::string{utf8_str.begin(), utf8_str.end()};
+    }
+
+    // Required for path overloads in <fstream>.
+    // See https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=96e0367ead5d8dcac3bec2865582e76e2fbab190
+    path& make_preferred() { std::filesystem::path::make_preferred(); return *this; }
+    path filename() const { return std::filesystem::path::filename(); }
+};
+
+static inline path u8path(const std::string& utf8_str)
+{
+#if __cplusplus < 202002L
+    return std::filesystem::u8path(utf8_str);
+#else
+    return std::filesystem::path(std::u8string{utf8_str.begin(), utf8_str.end()});
+#endif
+}
+
+// Disallow implicit std::string conversion for absolute to avoid
+// locale-dependent encoding on windows.
+static inline path absolute(const path& p)
+{
+    return std::filesystem::absolute(p);
+}
+
+// Disallow implicit std::string conversion for exists to avoid
+// locale-dependent encoding on windows.
+static inline bool exists(const path& p)
+{
+    return std::filesystem::exists(p);
+}
+
+// Allow explicit quoted stream I/O.
+static inline auto quoted(const std::string& s)
+{
+    return std::quoted(s, '"', '&');
+}
+
+// Allow safe path append operations.
+static inline path operator/(path p1, path p2)
+{
+    p1 /= std::move(p2);
+    return p1;
+}
+static inline path operator/(path p1, const char* p2)
+{
+    p1 /= p2;
+    return p1;
+}
+static inline path operator+(path p1, const char* p2)
+{
+    p1 += p2;
+    return p1;
+}
+static inline path operator+(path p1, path::value_type p2)
+{
+    p1 += p2;
+    return p1;
+}
+
+// Disallow unsafe path append operations.
+template<typename T> static inline path operator/(path p1, T p2) = delete;
+template<typename T> static inline path operator+(path p1, T p2) = delete;
+
+// Disallow implicit std::string conversion for copy_file
+// to avoid locale-dependent encoding on Windows.
+static inline bool copy_file(const path& from, const path& to, copy_options options)
+{
+    return std::filesystem::copy_file(from, to, options);
+}
+
+/**
+ * Convert path object to a byte string. On POSIX, paths natively are byte
+ * strings, so this is trivial. On Windows, paths natively are Unicode, so an
+ * encoding step is necessary. The inverse of \ref PathToString is \ref
+ * PathFromString. The strings returned and parsed by these functions can be
+ * used to call POSIX APIs, and for roundtrip conversion, logging, and
+ * debugging.
+ *
+ * Because \ref PathToString and \ref PathFromString functions don't specify an
+ * encoding, they are meant to be used internally, not externally. They are not
+ * appropriate to use in applications requiring UTF-8, where
+ * fs::path::u8string() and fs::u8path() methods should be used instead. Other
+ * applications could require still different encodings. For example, JSON, XML,
+ * or URI applications might prefer to use higher-level escapes (\uXXXX or
+ * &XXXX; or %XX) instead of multibyte encoding. Rust, Python, Java applications
+ * may require encoding paths with their respective UTF-8 derivatives WTF-8,
+ * PEP-383, and CESU-8 (see https://en.wikipedia.org/wiki/UTF-8#Derivatives).
+ */
+static inline std::string PathToString(const path& path)
+{
+    // Implementation note: On Windows, the std::filesystem::path(string)
+    // constructor and std::filesystem::path::string() method are not safe to
+    // use here, because these methods encode the path using C++'s narrow
+    // multibyte encoding, which on Windows corresponds to the current "code
+    // page", which is unpredictable and typically not able to represent all
+    // valid paths. So fs::path::u8string() and
+    // fs::u8path() functions are used instead on Windows. On
+    // POSIX, u8string/u8path functions are not safe to use because paths are
+    // not always valid UTF-8, so plain string methods which do not transform
+    // the path there are used.
+#ifdef WIN32
+    return path.u8string();
+#else
+    static_assert(std::is_same<path::string_type, std::string>::value, "PathToString not implemented on this platform");
+    return path.std::filesystem::path::string();
+#endif
+}
+
+/**
+ * Convert byte string to path object. Inverse of \ref PathToString.
+ */
+static inline path PathFromString(const std::string& string)
+{
+#ifdef WIN32
+    return u8path(string);
+#else
+    return std::filesystem::path(string);
+#endif
+}
+
+/**
+ * Create directory (and if necessary its parents), unless the leaf directory
+ * already exists or is a symlink to an existing directory.
+ * This is a temporary workaround for an issue in libstdc++ that has been fixed
+ * upstream [PR101510].
+ */
+static inline bool create_directories(const std::filesystem::path& p)
+{
+    if (std::filesystem::is_symlink(p) && std::filesystem::is_directory(p)) {
+        return false;
+    }
+    return std::filesystem::create_directories(p);
+}
+
+/**
+ * This variant is not used. Delete it to prevent it from accidentally working
+ * around the workaround. If it is needed, add a workaround in the same pattern
+ * as above.
+ */
+bool create_directories(const std::filesystem::path& p, std::error_code& ec) = delete;
+
+} // namespace fs
+
+/** Bridge operations to C stdio */
+namespace fsbridge {
+    using FopenFn = std::function<FILE*(const fs::path&, const char*)>;
+    FILE *fopen(const fs::path& p, const char *mode);
+
+    /**
+     * Helper function for joining two paths
+     *
+     * @param[in] base  Base path
+     * @param[in] path  Path to combine with base
+     * @returns path unchanged if it is an absolute path, otherwise returns base joined with path. Returns base unchanged if path is empty.
+     * @pre  Base path must be absolute
+     * @post Returned path will always be absolute
+     */
+    fs::path AbsPathJoin(const fs::path& base, const fs::path& path);
+
+    class FileLock
+    {
+    public:
+        FileLock() = delete;
+        FileLock(const FileLock&) = delete;
+        FileLock(FileLock&&) = delete;
+        explicit FileLock(const fs::path& file);
+        ~FileLock();
+        bool TryLock();
+        std::string GetReason() { return reason; }
+
+    private:
+        std::string reason;
+#ifndef WIN32
+        int fd = -1;
+#else
+        void* hFile = (void*)-1; // INVALID_HANDLE_VALUE
+#endif
+    };
+
+    std::string get_filesystem_error_message(const fs::filesystem_error& e);
+};
+
+// Disallow path operator<< formatting in tinyformat to avoid locale-dependent
+// encoding on windows.
+namespace tinyformat {
+template<> inline void formatValue(std::ostream&, const char*, const char*, int, const std::filesystem::path&) = delete;
+template<> inline void formatValue(std::ostream&, const char*, const char*, int, const fs::path&) = delete;
+} // namespace tinyformat
+
+#endif // BITCOIN_UTIL_FS_H
diff --git a/src/util/fs_helpers.cpp b/src/util/fs_helpers.cpp
index 8ecaa07eb8..d05cb8a63d 100644
--- a/src/util/fs_helpers.cpp
+++ b/src/util/fs_helpers.cpp
@@ -9,10 +9,10 @@
 #include <config/bitcoin-config.h>
 #endif
 
-#include <fs.h>
 #include <logging.h>
 #include <sync.h>
 #include <tinyformat.h>
+#include <util/fs.h>
 #include <util/getuniquepath.h>
 
 #include <cerrno>
diff --git a/src/util/fs_helpers.h b/src/util/fs_helpers.h
index ceaea7744c..e7db01a89b 100644
--- a/src/util/fs_helpers.h
+++ b/src/util/fs_helpers.h
@@ -6,7 +6,7 @@
 #ifndef BITCOIN_UTIL_FS_HELPERS_H
 #define BITCOIN_UTIL_FS_HELPERS_H
 
-#include <fs.h>
+#include <util/fs.h>
 
 #include <cstdint>
 #include <cstdio>
diff --git a/src/util/getuniquepath.cpp b/src/util/getuniquepath.cpp
index 42c5dee0ed..105b4d52d2 100644
--- a/src/util/getuniquepath.cpp
+++ b/src/util/getuniquepath.cpp
@@ -3,7 +3,7 @@
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
 #include <random.h>
-#include <fs.h>
+#include <util/fs.h>
 #include <util/strencodings.h>
 
 fs::path GetUniquePath(const fs::path& base)
diff --git a/src/util/getuniquepath.h b/src/util/getuniquepath.h
index e0c6147876..1563652300 100644
--- a/src/util/getuniquepath.h
+++ b/src/util/getuniquepath.h
@@ -5,7 +5,7 @@
 #ifndef BITCOIN_UTIL_GETUNIQUEPATH_H
 #define BITCOIN_UTIL_GETUNIQUEPATH_H
 
-#include <fs.h>
+#include <util/fs.h>
 
 /**
  * Helper function for getting a unique path
diff --git a/src/util/readwritefile.cpp b/src/util/readwritefile.cpp
index cc555adf45..773d7ad1cc 100644
--- a/src/util/readwritefile.cpp
+++ b/src/util/readwritefile.cpp
@@ -5,7 +5,7 @@
 
 #include <util/readwritefile.h>
 
-#include <fs.h>
+#include <util/fs.h>
 
 #include <algorithm>
 #include <cstdio>
diff --git a/src/util/readwritefile.h b/src/util/readwritefile.h
index 73437baf1b..6ddfcb4f35 100644
--- a/src/util/readwritefile.h
+++ b/src/util/readwritefile.h
@@ -5,7 +5,7 @@
 #ifndef BITCOIN_UTIL_READWRITEFILE_H
 #define BITCOIN_UTIL_READWRITEFILE_H
 
-#include <fs.h>
+#include <util/fs.h>
 
 #include <limits>
 #include <string>
diff --git a/src/util/settings.cpp b/src/util/settings.cpp
index a2e30098dc..bb257c0584 100644
--- a/src/util/settings.cpp
+++ b/src/util/settings.cpp
@@ -2,7 +2,7 @@
 // Distributed under the MIT software license, see the accompanying
 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
-#include <fs.h>
+#include <util/fs.h>
 #include <util/settings.h>
 
 #include <tinyformat.h>
diff --git a/src/util/settings.h b/src/util/settings.h
index b0d8acb711..27e87a4751 100644
--- a/src/util/settings.h
+++ b/src/util/settings.h
@@ -5,7 +5,7 @@
 #ifndef BITCOIN_UTIL_SETTINGS_H
 #define BITCOIN_UTIL_SETTINGS_H
 
-#include <fs.h>
+#include <util/fs.h>
 
 #include <map>
 #include <string>
diff --git a/src/util/system.cpp b/src/util/system.cpp
index 88a8f39ecd..630eff99e0 100644
--- a/src/util/system.cpp
+++ b/src/util/system.cpp
@@ -6,9 +6,9 @@
 #include <util/system.h>
 
 #include <chainparamsbase.h>
-#include <fs.h>
 #include <sync.h>
 #include <util/check.h>
+#include <util/fs.h>
 #include <util/fs_helpers.h>
 #include <util/getuniquepath.h>
 #include <util/strencodings.h>
diff --git a/src/util/system.h b/src/util/system.h
index 317ebd35fa..ff3155b498 100644
--- a/src/util/system.h
+++ b/src/util/system.h
@@ -14,11 +14,11 @@
 #include <config/bitcoin-config.h>
 #endif
 
-#include <compat/compat.h>
 #include <compat/assumptions.h>
-#include <fs.h>
+#include <compat/compat.h>
 #include <logging.h>
 #include <sync.h>
+#include <util/fs.h>
 #include <util/settings.h>
 #include <util/time.h>