diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/allocators.h | 5 | ||||
-rw-r--r-- | src/base58.h | 16 | ||||
-rw-r--r-- | src/bitcoinrpc.cpp | 3 | ||||
-rw-r--r-- | src/crypter.cpp | 4 | ||||
-rw-r--r-- | src/crypter.h | 4 | ||||
-rw-r--r-- | src/main.cpp | 81 | ||||
-rw-r--r-- | src/main.h | 28 | ||||
-rw-r--r-- | src/netbase.cpp | 2 | ||||
-rw-r--r-- | src/qt/addressbookpage.h | 2 | ||||
-rw-r--r-- | src/qt/bitcoinamountfield.h | 6 | ||||
-rw-r--r-- | src/qt/bitcoingui.cpp | 2 | ||||
-rw-r--r-- | src/qt/bitcoingui.h | 2 | ||||
-rw-r--r-- | src/qt/macdockiconhandler.h | 2 | ||||
-rw-r--r-- | src/qt/transactiontablemodel.h | 3 | ||||
-rw-r--r-- | src/util.cpp | 2 |
15 files changed, 92 insertions, 70 deletions
diff --git a/src/allocators.h b/src/allocators.h index 99afa10c25..eb2aed6721 100644 --- a/src/allocators.h +++ b/src/allocators.h @@ -9,6 +9,7 @@ #include <string> #include <boost/thread/mutex.hpp> #include <map> +#include <openssl/crypto.h> // for OPENSSL_cleanse() #ifdef WIN32 #ifdef _WIN32_WINNT @@ -212,7 +213,7 @@ struct secure_allocator : public std::allocator<T> { if (p != NULL) { - memset(p, 0, sizeof(T) * n); + OPENSSL_cleanse(p, sizeof(T) * n); LockedPageManager::instance.UnlockRange(p, sizeof(T) * n); } std::allocator<T>::deallocate(p, n); @@ -246,7 +247,7 @@ struct zero_after_free_allocator : public std::allocator<T> void deallocate(T* p, std::size_t n) { if (p != NULL) - memset(p, 0, sizeof(T) * n); + OPENSSL_cleanse(p, sizeof(T) * n); std::allocator<T>::deallocate(p, n); } }; diff --git a/src/base58.h b/src/base58.h index 9dfea86ff5..be8a541f67 100644 --- a/src/base58.h +++ b/src/base58.h @@ -17,9 +17,11 @@ #include <string> #include <vector> + #include "bignum.h" #include "key.h" #include "script.h" +#include "allocators.h" static const char* pszBase58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; @@ -178,7 +180,8 @@ protected: unsigned char nVersion; // the actually encoded data - std::vector<unsigned char> vchData; + typedef std::vector<unsigned char, zero_after_free_allocator<unsigned char> > vector_uchar; + vector_uchar vchData; CBase58Data() { @@ -186,13 +189,6 @@ protected: vchData.clear(); } - ~CBase58Data() - { - // zero the memory, as it may contain sensitive data - if (!vchData.empty()) - memset(&vchData[0], 0, vchData.size()); - } - void SetData(int nVersionIn, const void* pdata, size_t nSize) { nVersion = nVersionIn; @@ -221,7 +217,7 @@ public: vchData.resize(vchTemp.size() - 1); if (!vchData.empty()) memcpy(&vchData[0], &vchTemp[1], vchData.size()); - memset(&vchTemp[0], 0, vchTemp.size()); + OPENSSL_cleanse(&vchTemp[0], vchData.size()); return true; } @@ -457,4 +453,4 @@ public: } }; -#endif +#endif // BITCOIN_BASE58_H diff --git a/src/bitcoinrpc.cpp b/src/bitcoinrpc.cpp index 37f7859324..8c04f577d1 100644 --- a/src/bitcoinrpc.cpp +++ b/src/bitcoinrpc.cpp @@ -11,7 +11,6 @@ #include "bitcoinrpc.h" #include "db.h" -#undef printf #include <boost/asio.hpp> #include <boost/asio/ip/v6_only.hpp> #include <boost/bind.hpp> @@ -26,8 +25,6 @@ #include <boost/shared_ptr.hpp> #include <list> -#define printf OutputDebugStringF - using namespace std; using namespace boost; using namespace boost::asio; diff --git a/src/crypter.cpp b/src/crypter.cpp index 181b8fa00a..a2b62a87c8 100644 --- a/src/crypter.cpp +++ b/src/crypter.cpp @@ -24,8 +24,8 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v if (i != (int)WALLET_CRYPTO_KEY_SIZE) { - memset(&chKey, 0, sizeof chKey); - memset(&chIV, 0, sizeof chIV); + OPENSSL_cleanse(chKey, sizeof(chKey)); + OPENSSL_cleanse(chIV, sizeof(chIV)); return false; } diff --git a/src/crypter.h b/src/crypter.h index 04538a3fa5..6f75170bac 100644 --- a/src/crypter.h +++ b/src/crypter.h @@ -76,8 +76,8 @@ public: void CleanKey() { - memset(&chKey, 0, sizeof chKey); - memset(&chIV, 0, sizeof chIV); + OPENSSL_cleanse(chKey, sizeof(chKey)); + OPENSSL_cleanse(chIV, sizeof(chIV)); fKeySet = false; } diff --git a/src/main.cpp b/src/main.cpp index 0940260f9e..f0bf4755b7 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -2018,52 +2018,51 @@ bool CBlock::AcceptBlock(CDiskBlockPos *dbp) CBlockIndex* pindexPrev = NULL; int nHeight = 0; if (hash != hashGenesisBlock) { - - map<uint256, CBlockIndex*>::iterator mi = mapBlockIndex.find(hashPrevBlock); - if (mi == mapBlockIndex.end()) - return DoS(10, error("AcceptBlock() : prev block not found")); - pindexPrev = (*mi).second; - nHeight = pindexPrev->nHeight+1; - - // Check proof of work - if (nBits != GetNextWorkRequired(pindexPrev, this)) - return DoS(100, error("AcceptBlock() : incorrect proof of work")); - - // Check timestamp against prev - if (GetBlockTime() <= pindexPrev->GetMedianTimePast()) - return error("AcceptBlock() : block's timestamp is too early"); - - // Check that all transactions are finalized - BOOST_FOREACH(const CTransaction& tx, vtx) - if (!tx.IsFinal(nHeight, GetBlockTime())) - return DoS(10, error("AcceptBlock() : contains a non-final transaction")); - - // Check that the block chain matches the known block chain up to a checkpoint - if (!Checkpoints::CheckBlock(nHeight, hash)) - return DoS(100, error("AcceptBlock() : rejected by checkpoint lock-in at %d", nHeight)); - - // Reject block.nVersion=1 blocks when 95% (75% on testnet) of the network has upgraded: - if (nVersion < 2) - { - if ((!fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 950, 1000)) || - (fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 75, 100))) + map<uint256, CBlockIndex*>::iterator mi = mapBlockIndex.find(hashPrevBlock); + if (mi == mapBlockIndex.end()) + return DoS(10, error("AcceptBlock() : prev block not found")); + pindexPrev = (*mi).second; + nHeight = pindexPrev->nHeight+1; + + // Check proof of work + if (nBits != GetNextWorkRequired(pindexPrev, this)) + return DoS(100, error("AcceptBlock() : incorrect proof of work")); + + // Check timestamp against prev + if (GetBlockTime() <= pindexPrev->GetMedianTimePast()) + return error("AcceptBlock() : block's timestamp is too early"); + + // Check that all transactions are finalized + BOOST_FOREACH(const CTransaction& tx, vtx) + if (!tx.IsFinal(nHeight, GetBlockTime())) + return DoS(10, error("AcceptBlock() : contains a non-final transaction")); + + // Check that the block chain matches the known block chain up to a checkpoint + if (!Checkpoints::CheckBlock(nHeight, hash)) + return DoS(100, error("AcceptBlock() : rejected by checkpoint lock-in at %d", nHeight)); + + // Reject block.nVersion=1 blocks when 95% (75% on testnet) of the network has upgraded: + if (nVersion < 2) { - return error("AcceptBlock() : rejected nVersion=1 block"); + if ((!fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 950, 1000)) || + (fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 75, 100))) + { + return error("AcceptBlock() : rejected nVersion=1 block"); + } } - } - // Enforce block.nVersion=2 rule that the coinbase starts with serialized block height - if (nVersion >= 2) - { - // if 750 of the last 1,000 blocks are version 2 or greater (51/100 if testnet): - if ((!fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 750, 1000)) || - (fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 51, 100))) + // Enforce block.nVersion=2 rule that the coinbase starts with serialized block height + if (nVersion >= 2) { - CScript expect = CScript() << nHeight; - if (!std::equal(expect.begin(), expect.end(), vtx[0].vin[0].scriptSig.begin())) - return DoS(100, error("AcceptBlock() : block height mismatch in coinbase")); + // if 750 of the last 1,000 blocks are version 2 or greater (51/100 if testnet): + if ((!fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 750, 1000)) || + (fTestNet && CBlockIndex::IsSuperMajority(2, pindexPrev, 51, 100))) + { + CScript expect = CScript() << nHeight; + if (!std::equal(expect.begin(), expect.end(), vtx[0].vin[0].scriptSig.begin())) + return DoS(100, error("AcceptBlock() : block height mismatch in coinbase")); + } } } - } // Write block to history file unsigned int nBlockSize = ::GetSerializeSize(*this, SER_DISK, CLIENT_VERSION); diff --git a/src/main.h b/src/main.h index 25dddae0f8..e346726045 100644 --- a/src/main.h +++ b/src/main.h @@ -107,33 +107,61 @@ class CTxUndo; class CCoinsView; class CCoinsViewCache; +/** Register a wallet to receive updates from core */ void RegisterWallet(CWallet* pwalletIn); +/** Unregister a wallet from core */ void UnregisterWallet(CWallet* pwalletIn); +/** Push an updated transaction to all registered wallets */ void SyncWithWallets(const uint256 &hash, const CTransaction& tx, const CBlock* pblock = NULL, bool fUpdate = false); +/** Process an incoming block */ bool ProcessBlock(CNode* pfrom, CBlock* pblock, CDiskBlockPos *dbp = NULL); +/** Check whether enough disk space is available for an incoming block */ bool CheckDiskSpace(uint64 nAdditionalBytes=0); +/** Open a block file (blk?????.dat) */ FILE* OpenBlockFile(const CDiskBlockPos &pos, bool fReadOnly = false); +/** Open an undo file (rev?????.dat) */ FILE* OpenUndoFile(const CDiskBlockPos &pos, bool fReadOnly = false); +/** Import blocks from an external file */ bool LoadExternalBlockFile(FILE* fileIn, CDiskBlockPos *dbp = NULL); +/** Load the block tree and coins database from disk */ bool LoadBlockIndex(); +/** Print the loaded block tree */ void PrintBlockTree(); +/** Find a block by height in the currently-connected chain */ CBlockIndex* FindBlockByHeight(int nHeight); +/** Process protocol messages received from a given node */ bool ProcessMessages(CNode* pfrom); +/** Send queued protocol messages to be sent to a give node */ bool SendMessages(CNode* pto, bool fSendTrickle); +/** Run the importer thread, which deals with reindexing, loading bootstrap.dat, and whatever is passed to -loadblock */ void ThreadImport(void *parg); +/** Run the miner threads */ void GenerateBitcoins(bool fGenerate, CWallet* pwallet); +/** Generate a new block, without valid proof-of-work */ CBlock* CreateNewBlock(CReserveKey& reservekey); +/** Modify the extranonce in a block */ void IncrementExtraNonce(CBlock* pblock, CBlockIndex* pindexPrev, unsigned int& nExtraNonce); +/** Do mining precalculation */ void FormatHashBuffers(CBlock* pblock, char* pmidstate, char* pdata, char* phash1); +/** Check mined block */ bool CheckWork(CBlock* pblock, CWallet& wallet, CReserveKey& reservekey); +/** Check whether a block hash satisfies the proof-of-work requirement specified by nBits */ bool CheckProofOfWork(uint256 hash, unsigned int nBits); +/** Calculate the minimum amount of work a received block needs, without knowing its direct parent */ unsigned int ComputeMinWork(unsigned int nBase, int64 nTime); +/** Get the number of active peers */ int GetNumBlocksOfPeers(); +/** Check whether we are doin an inital block download (synchronizing from disk or network) */ bool IsInitialBlockDownload(); +/** Format a string that describes several potential problems detected by the core */ std::string GetWarnings(std::string strFor); +/** Retrieve a transaction (from memory pool, or from disk, if possible) */ bool GetTransaction(const uint256 &hash, CTransaction &tx, uint256 &hashBlock, bool fAllowSlow = false); +/** Connect/disconnect blocks until pindexNew is the new tip of the active block chain */ bool SetBestChain(CBlockIndex* pindexNew); +/** Find the best known block, and make it the tip of the block chain */ bool ConnectBestBlock(); +/** Create a new block index entry for a given block hash */ CBlockIndex * InsertBlockIndex(uint256 hash); diff --git a/src/netbase.cpp b/src/netbase.cpp index 7b28e7f1bc..9e7307204a 100644 --- a/src/netbase.cpp +++ b/src/netbase.cpp @@ -545,7 +545,7 @@ bool ConnectSocketByName(CService &addr, SOCKET& hSocketRet, const char *pszDest void CNetAddr::Init() { - memset(ip, 0, 16); + memset(ip, 0, sizeof(ip)); } void CNetAddr::SetIP(const CNetAddr& ipIn) diff --git a/src/qt/addressbookpage.h b/src/qt/addressbookpage.h index df87486949..f7d177c513 100644 --- a/src/qt/addressbookpage.h +++ b/src/qt/addressbookpage.h @@ -82,4 +82,4 @@ signals: void verifyMessage(QString addr); }; -#endif // ADDRESSBOOKDIALOG_H +#endif // ADDRESSBOOKPAGE_H diff --git a/src/qt/bitcoinamountfield.h b/src/qt/bitcoinamountfield.h index 66792e00a9..4797c4c882 100644 --- a/src/qt/bitcoinamountfield.h +++ b/src/qt/bitcoinamountfield.h @@ -1,5 +1,5 @@ -#ifndef BITCOINFIELD_H -#define BITCOINFIELD_H +#ifndef BITCOINAMOUNTFIELD_H +#define BITCOINAMOUNTFIELD_H #include <QWidget> @@ -57,4 +57,4 @@ private slots: }; -#endif // BITCOINFIELD_H +#endif // BITCOINAMOUNTFIELD_H diff --git a/src/qt/bitcoingui.cpp b/src/qt/bitcoingui.cpp index 9c47daf85d..0198a92c05 100644 --- a/src/qt/bitcoingui.cpp +++ b/src/qt/bitcoingui.cpp @@ -505,8 +505,10 @@ void BitcoinGUI::setNumBlocks(int count, int nTotalBlocks) case BLOCK_SOURCE_NONE: case BLOCK_SOURCE_NETWORK: importText = tr("Synchronizing with network..."); + break; case BLOCK_SOURCE_DISK: importText = tr("Importing blocks from disk..."); + break; case BLOCK_SOURCE_REINDEX: importText = tr("Reindexing blocks on disk..."); } diff --git a/src/qt/bitcoingui.h b/src/qt/bitcoingui.h index a48911ee7f..8b4607d3ed 100644 --- a/src/qt/bitcoingui.h +++ b/src/qt/bitcoingui.h @@ -177,4 +177,4 @@ private slots: void toggleHidden(); }; -#endif +#endif // BITCOINGUI_H diff --git a/src/qt/macdockiconhandler.h b/src/qt/macdockiconhandler.h index 2092fb26b3..dd85e0c33d 100644 --- a/src/qt/macdockiconhandler.h +++ b/src/qt/macdockiconhandler.h @@ -1,7 +1,7 @@ #ifndef MACDOCKICONHANDLER_H #define MACDOCKICONHANDLER_H -#include <QtCore/QObject> +#include <QObject> class QMenu; class QIcon; diff --git a/src/qt/transactiontablemodel.h b/src/qt/transactiontablemodel.h index fd321ce280..b0687d5399 100644 --- a/src/qt/transactiontablemodel.h +++ b/src/qt/transactiontablemodel.h @@ -81,5 +81,4 @@ public slots: friend class TransactionTablePriv; }; -#endif - +#endif // TRANSACTIONTABLEMODEL_H diff --git a/src/util.cpp b/src/util.cpp index 9162886450..03014a5da0 100644 --- a/src/util.cpp +++ b/src/util.cpp @@ -156,7 +156,7 @@ void RandAddSeedPerfmon() if (ret == ERROR_SUCCESS) { RAND_add(pdata, nSize, nSize/100.0); - memset(pdata, 0, nSize); + OPENSSL_cleanse(pdata, nSize); printf("RandAddSeed() %lu bytes\n", nSize); } #endif |