aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am2
-rw-r--r--src/allocators.h10
-rw-r--r--src/base58.cpp2
-rw-r--r--src/chainparams.h2
-rw-r--r--src/crypter.cpp4
-rw-r--r--src/crypter.h4
-rw-r--r--src/db.cpp2
-rw-r--r--src/pow.cpp8
-rw-r--r--src/qt/paymentrequestplus.cpp1
-rw-r--r--src/qt/paymentrequestplus.h2
-rw-r--r--src/qt/paymentserver.cpp1
-rw-r--r--src/random.cpp13
-rw-r--r--src/rpcmining.cpp2
-rw-r--r--src/rpcmisc.cpp2
-rw-r--r--src/streams.h1
-rw-r--r--src/support/cleanse.cpp13
-rw-r--r--src/support/cleanse.h13
-rw-r--r--src/test/data/script_invalid.json8
-rw-r--r--src/test/data/script_valid.json8
-rw-r--r--src/test/script_tests.cpp8
-rw-r--r--src/util.cpp7
21 files changed, 77 insertions, 36 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 009c3c5196..7644f6b325 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -123,6 +123,7 @@ BITCOIN_CORE_H = \
script/standard.h \
serialize.h \
streams.h \
+ support/cleanse.h \
sync.h \
threadsafety.h \
timedata.h \
@@ -268,6 +269,7 @@ libbitcoin_util_a_SOURCES = \
compat/strnlen.cpp \
random.cpp \
rpcprotocol.cpp \
+ support/cleanse.cpp \
sync.cpp \
uint256.cpp \
util.cpp \
diff --git a/src/allocators.h b/src/allocators.h
index 6a131c3517..8ffe015b9e 100644
--- a/src/allocators.h
+++ b/src/allocators.h
@@ -6,6 +6,8 @@
#ifndef BITCOIN_ALLOCATORS_H
#define BITCOIN_ALLOCATORS_H
+#include "support/cleanse.h"
+
#include <map>
#include <string>
#include <string.h>
@@ -14,8 +16,6 @@
#include <boost/thread/mutex.hpp>
#include <boost/thread/once.hpp>
-#include <openssl/crypto.h> // for OPENSSL_cleanse()
-
/**
* Thread-safe class to keep track of locked (ie, non-swappable) memory pages.
*
@@ -174,7 +174,7 @@ void LockObject(const T& t)
template <typename T>
void UnlockObject(const T& t)
{
- OPENSSL_cleanse((void*)(&t), sizeof(T));
+ memory_cleanse((void*)(&t), sizeof(T));
LockedPageManager::Instance().UnlockRange((void*)(&t), sizeof(T));
}
@@ -217,7 +217,7 @@ struct secure_allocator : public std::allocator<T> {
void deallocate(T* p, std::size_t n)
{
if (p != NULL) {
- OPENSSL_cleanse(p, sizeof(T) * n);
+ memory_cleanse(p, sizeof(T) * n);
LockedPageManager::Instance().UnlockRange(p, sizeof(T) * n);
}
std::allocator<T>::deallocate(p, n);
@@ -254,7 +254,7 @@ struct zero_after_free_allocator : public std::allocator<T> {
void deallocate(T* p, std::size_t n)
{
if (p != NULL)
- OPENSSL_cleanse(p, sizeof(T) * n);
+ memory_cleanse(p, sizeof(T) * n);
std::allocator<T>::deallocate(p, n);
}
};
diff --git a/src/base58.cpp b/src/base58.cpp
index 980d3cbf42..c809185056 100644
--- a/src/base58.cpp
+++ b/src/base58.cpp
@@ -172,7 +172,7 @@ bool CBase58Data::SetString(const char* psz, unsigned int nVersionBytes)
vchData.resize(vchTemp.size() - nVersionBytes);
if (!vchData.empty())
memcpy(&vchData[0], &vchTemp[nVersionBytes], vchData.size());
- OPENSSL_cleanse(&vchTemp[0], vchData.size());
+ memory_cleanse(&vchTemp[0], vchData.size());
return true;
}
diff --git a/src/chainparams.h b/src/chainparams.h
index f52bf4e55f..86b84df667 100644
--- a/src/chainparams.h
+++ b/src/chainparams.h
@@ -68,7 +68,7 @@ public:
bool RequireStandard() const { return fRequireStandard; }
int64_t TargetTimespan() const { return nTargetTimespan; }
int64_t TargetSpacing() const { return nTargetSpacing; }
- int64_t Interval() const { return nTargetTimespan / nTargetSpacing; }
+ int64_t DifficultyAdjustmentInterval() const { return nTargetTimespan / nTargetSpacing; }
/** Make miner stop after a block is found. In RPC, don't return until nGenProcLimit blocks are generated */
bool MineBlocksOnDemand() const { return fMineBlocksOnDemand; }
/** In the future use NetworkIDString() for RPC fields */
diff --git a/src/crypter.cpp b/src/crypter.cpp
index 75d84dbf13..c7f7e21679 100644
--- a/src/crypter.cpp
+++ b/src/crypter.cpp
@@ -26,8 +26,8 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v
if (i != (int)WALLET_CRYPTO_KEY_SIZE)
{
- OPENSSL_cleanse(chKey, sizeof(chKey));
- OPENSSL_cleanse(chIV, sizeof(chIV));
+ memory_cleanse(chKey, sizeof(chKey));
+ memory_cleanse(chIV, sizeof(chIV));
return false;
}
diff --git a/src/crypter.h b/src/crypter.h
index cbaf1562f0..8a91498e2e 100644
--- a/src/crypter.h
+++ b/src/crypter.h
@@ -82,8 +82,8 @@ public:
void CleanKey()
{
- OPENSSL_cleanse(chKey, sizeof(chKey));
- OPENSSL_cleanse(chIV, sizeof(chIV));
+ memory_cleanse(chKey, sizeof(chKey));
+ memory_cleanse(chIV, sizeof(chIV));
fKeySet = false;
}
diff --git a/src/db.cpp b/src/db.cpp
index a7f885135b..3246e4b67a 100644
--- a/src/db.cpp
+++ b/src/db.cpp
@@ -21,8 +21,6 @@
#include <boost/thread.hpp>
#include <boost/version.hpp>
-#include <openssl/rand.h>
-
using namespace std;
diff --git a/src/pow.cpp b/src/pow.cpp
index e49f0d104c..6dd5c4c12c 100644
--- a/src/pow.cpp
+++ b/src/pow.cpp
@@ -20,8 +20,8 @@ unsigned int GetNextWorkRequired(const CBlockIndex* pindexLast, const CBlockHead
if (pindexLast == NULL)
return nProofOfWorkLimit;
- // Only change once per interval
- if ((pindexLast->nHeight+1) % Params().Interval() != 0)
+ // Only change once per difficulty adjustment interval
+ if ((pindexLast->nHeight+1) % Params().DifficultyAdjustmentInterval() != 0)
{
if (Params().AllowMinDifficultyBlocks())
{
@@ -34,7 +34,7 @@ unsigned int GetNextWorkRequired(const CBlockIndex* pindexLast, const CBlockHead
{
// Return the last non-special-min-difficulty-rules-block
const CBlockIndex* pindex = pindexLast;
- while (pindex->pprev && pindex->nHeight % Params().Interval() != 0 && pindex->nBits == nProofOfWorkLimit)
+ while (pindex->pprev && pindex->nHeight % Params().DifficultyAdjustmentInterval() != 0 && pindex->nBits == nProofOfWorkLimit)
pindex = pindex->pprev;
return pindex->nBits;
}
@@ -44,7 +44,7 @@ unsigned int GetNextWorkRequired(const CBlockIndex* pindexLast, const CBlockHead
// Go back by what we want to be 14 days worth of blocks
const CBlockIndex* pindexFirst = pindexLast;
- for (int i = 0; pindexFirst && i < Params().Interval()-1; i++)
+ for (int i = 0; pindexFirst && i < Params().DifficultyAdjustmentInterval()-1; i++)
pindexFirst = pindexFirst->pprev;
assert(pindexFirst);
diff --git a/src/qt/paymentrequestplus.cpp b/src/qt/paymentrequestplus.cpp
index 4c1e898020..b69461ad9e 100644
--- a/src/qt/paymentrequestplus.cpp
+++ b/src/qt/paymentrequestplus.cpp
@@ -13,7 +13,6 @@
#include <stdexcept>
-#include <openssl/x509.h>
#include <openssl/x509_vfy.h>
#include <QDateTime>
diff --git a/src/qt/paymentrequestplus.h b/src/qt/paymentrequestplus.h
index fbc3a09265..61f8a3415d 100644
--- a/src/qt/paymentrequestplus.h
+++ b/src/qt/paymentrequestplus.h
@@ -9,6 +9,8 @@
#include "base58.h"
+#include <openssl/x509.h>
+
#include <QByteArray>
#include <QList>
#include <QString>
diff --git a/src/qt/paymentserver.cpp b/src/qt/paymentserver.cpp
index 9aab944f6b..96ceeb18a4 100644
--- a/src/qt/paymentserver.cpp
+++ b/src/qt/paymentserver.cpp
@@ -16,7 +16,6 @@
#include <cstdlib>
-#include <openssl/x509.h>
#include <openssl/x509_vfy.h>
#include <QApplication>
diff --git a/src/random.cpp b/src/random.cpp
index 663456e962..0ba0de908d 100644
--- a/src/random.cpp
+++ b/src/random.cpp
@@ -5,6 +5,7 @@
#include "random.h"
+#include "support/cleanse.h"
#ifdef WIN32
#include "compat.h" // for Windows API
#endif
@@ -18,7 +19,6 @@
#include <sys/time.h>
#endif
-#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/rand.h>
@@ -40,22 +40,23 @@ void RandAddSeed()
// Seed with CPU performance counter
int64_t nCounter = GetPerformanceCounter();
RAND_add(&nCounter, sizeof(nCounter), 1.5);
- OPENSSL_cleanse((void*)&nCounter, sizeof(nCounter));
+ memory_cleanse((void*)&nCounter, sizeof(nCounter));
}
void RandAddSeedPerfmon()
{
RandAddSeed();
+#ifdef WIN32
+ // Don't need this on Linux, OpenSSL automatically uses /dev/urandom
+ // Seed with the entire set of perfmon data
+
// This can take up to 2 seconds, so only do it every 10 minutes
static int64_t nLastPerfmon;
if (GetTime() < nLastPerfmon + 10 * 60)
return;
nLastPerfmon = GetTime();
-#ifdef WIN32
- // Don't need this on Linux, OpenSSL automatically uses /dev/urandom
- // Seed with the entire set of perfmon data
std::vector<unsigned char> vData(250000, 0);
long ret = 0;
unsigned long nSize = 0;
@@ -70,7 +71,7 @@ void RandAddSeedPerfmon()
RegCloseKey(HKEY_PERFORMANCE_DATA);
if (ret == ERROR_SUCCESS) {
RAND_add(begin_ptr(vData), nSize, nSize / 100.0);
- OPENSSL_cleanse(begin_ptr(vData), nSize);
+ memory_cleanse(begin_ptr(vData), nSize);
LogPrint("rand", "%s: %lu bytes\n", __func__, nSize);
} else {
static bool warned = false; // Warn only once
diff --git a/src/rpcmining.cpp b/src/rpcmining.cpp
index e3ae5cff42..165a9df697 100644
--- a/src/rpcmining.cpp
+++ b/src/rpcmining.cpp
@@ -44,7 +44,7 @@ Value GetNetworkHashPS(int lookup, int height) {
// If lookup is -1, then use blocks since last difficulty change.
if (lookup <= 0)
- lookup = pb->nHeight % Params().Interval() + 1;
+ lookup = pb->nHeight % Params().DifficultyAdjustmentInterval() + 1;
// If lookup is larger than chain, then set it to chain length.
if (lookup > pb->nHeight)
diff --git a/src/rpcmisc.cpp b/src/rpcmisc.cpp
index 8d260b1cc9..2eda4d3355 100644
--- a/src/rpcmisc.cpp
+++ b/src/rpcmisc.cpp
@@ -228,6 +228,8 @@ CScript _createmultisig_redeemScript(const Array& params)
throw runtime_error(
strprintf("not enough keys supplied "
"(got %u keys, but need at least %d to redeem)", keys.size(), nRequired));
+ if (keys.size() > 16)
+ throw runtime_error("Number of addresses involved in the multisignature address creation > 16\nReduce the number");
std::vector<CPubKey> pubkeys;
pubkeys.resize(keys.size());
for (unsigned int i = 0; i < keys.size(); i++)
diff --git a/src/streams.h b/src/streams.h
index bd8568b1af..9999c2341f 100644
--- a/src/streams.h
+++ b/src/streams.h
@@ -16,6 +16,7 @@
#include <map>
#include <set>
#include <stdint.h>
+#include <stdio.h>
#include <string>
#include <string.h>
#include <utility>
diff --git a/src/support/cleanse.cpp b/src/support/cleanse.cpp
new file mode 100644
index 0000000000..a2141b2449
--- /dev/null
+++ b/src/support/cleanse.cpp
@@ -0,0 +1,13 @@
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2009-2015 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include "cleanse.h"
+
+#include <openssl/crypto.h>
+
+void memory_cleanse(void *ptr, size_t len)
+{
+ OPENSSL_cleanse(ptr, len);
+}
diff --git a/src/support/cleanse.h b/src/support/cleanse.h
new file mode 100644
index 0000000000..3e02aa8fd1
--- /dev/null
+++ b/src/support/cleanse.h
@@ -0,0 +1,13 @@
+// Copyright (c) 2009-2010 Satoshi Nakamoto
+// Copyright (c) 2009-2015 The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_SUPPORT_CLEANSE_H
+#define BITCOIN_SUPPORT_CLEANSE_H
+
+#include <stdlib.h>
+
+void memory_cleanse(void *ptr, size_t len);
+
+#endif // BITCOIN_SUPPORT_CLEANSE_H
diff --git a/src/test/data/script_invalid.json b/src/test/data/script_invalid.json
index a67c157aff..3c52547a64 100644
--- a/src/test/data/script_invalid.json
+++ b/src/test/data/script_invalid.json
@@ -696,7 +696,13 @@
"BIP66 example 11, with DERSIG"
],
[
- "0x49 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef05101",
+ "0x48 0x304402203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022054e1c258c2981cdfba5df1f46661fb6541c44f77ca0092f3600331abfffb12510101",
+ "0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG",
+ "DERSIG",
+ "P2PK with multi-byte hashtype, with DERSIG"
+],
+[
+ "0x48 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef001",
"0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG",
"LOW_S",
"P2PK with high S"
diff --git a/src/test/data/script_valid.json b/src/test/data/script_valid.json
index fb81fcb1f5..34e2c8d61a 100644
--- a/src/test/data/script_valid.json
+++ b/src/test/data/script_valid.json
@@ -814,7 +814,13 @@
"BIP66 example 12, with DERSIG"
],
[
- "0x49 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef05101",
+ "0x48 0x304402203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022054e1c258c2981cdfba5df1f46661fb6541c44f77ca0092f3600331abfffb12510101",
+ "0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG",
+ "",
+ "P2PK with multi-byte hashtype, without DERSIG"
+],
+[
+ "0x48 0x304502203e4516da7253cf068effec6b95c41221c0cf3a8e6ccb8cbf1725b562e9afde2c022100ab1e3da73d67e32045a20e0b999e049978ea8d6ee5480d485fcf2ce0d03b2ef001",
"0x21 0x03363d90d447b00c9c99ceac05b6262ee053441c7e55552ffe526bad8f83ff4640 CHECKSIG",
"",
"P2PK with high S but no LOW_S"
diff --git a/src/test/script_tests.cpp b/src/test/script_tests.cpp
index 6092afd782..e410b59710 100644
--- a/src/test/script_tests.cpp
+++ b/src/test/script_tests.cpp
@@ -107,7 +107,6 @@ void static NegateSignatureS(std::vector<unsigned char>& vchSig) {
std::vector<unsigned char> r, s;
r = std::vector<unsigned char>(vchSig.begin() + 4, vchSig.begin() + 4 + vchSig[3]);
s = std::vector<unsigned char>(vchSig.begin() + 6 + vchSig[3], vchSig.begin() + 6 + vchSig[3] + vchSig[5 + vchSig[3]]);
- unsigned char hashtype = vchSig.back();
// Really ugly to implement mod-n negation here, but it would be feature creep to expose such functionality from libsecp256k1.
static const unsigned char order[33] = {
@@ -141,7 +140,6 @@ void static NegateSignatureS(std::vector<unsigned char>& vchSig) {
vchSig.push_back(0x02);
vchSig.push_back(s.size());
vchSig.insert(vchSig.end(), s.begin(), s.end());
- vchSig.push_back(hashtype);
}
namespace
@@ -478,6 +476,12 @@ BOOST_AUTO_TEST_CASE(script_build)
good.push_back(TestBuilder(CScript() << OP_2 << ToByteVector(keys.pubkey1C) << ToByteVector(keys.pubkey2C) << OP_2 << OP_CHECKMULTISIG << OP_NOT,
"BIP66 example 12, with DERSIG", SCRIPT_VERIFY_DERSIG
).Num(0).PushSig(keys.key1, SIGHASH_ALL, 33, 32).EditPush(1, "45022100", "440220").Num(0));
+ good.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
+ "P2PK with multi-byte hashtype, without DERSIG", 0
+ ).PushSig(keys.key2, SIGHASH_ALL).EditPush(70, "01", "0101"));
+ bad.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
+ "P2PK with multi-byte hashtype, with DERSIG", SCRIPT_VERIFY_DERSIG
+ ).PushSig(keys.key2, SIGHASH_ALL).EditPush(70, "01", "0101"));
good.push_back(TestBuilder(CScript() << ToByteVector(keys.pubkey2C) << OP_CHECKSIG,
"P2PK with high S but no LOW_S", 0
diff --git a/src/util.cpp b/src/util.cpp
index 0d0f7e5f91..361b3631f5 100644
--- a/src/util.cpp
+++ b/src/util.cpp
@@ -698,13 +698,8 @@ void RenameThread(const char* name)
// removed.
pthread_set_name_np(pthread_self(), name);
-#elif defined(MAC_OSX) && defined(__MAC_OS_X_VERSION_MAX_ALLOWED)
-
-// pthread_setname_np is XCode 10.6-and-later
-#if __MAC_OS_X_VERSION_MAX_ALLOWED >= 1060
+#elif defined(MAC_OSX)
pthread_setname_np(name);
-#endif
-
#else
// Prevent warnings for unused parameters...
(void)name;