aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-10-11doc: Update release notes for 0.10.3rc2v0.10.3rc2v0.10.3Wladimir J. van der Laan
2015-10-11Bump minrelaytxfee defaultWladimir J. van der Laan
To bridge the time until a dynamic method for determining this fee is merged. This is especially aimed at the stable releases (0.10, 0.11) because full mempool limiting, as will be in 0.12, is too invasive and risky to backport. Github-Pull: #6793 Rebased-From: 28e3249e53b8ef7516636df0f1406466a513095d 4e2efb3c5fde4b1e332cc032e3dc4082ec4e3cac
2015-10-10Do not store more than 200 timedata samples.Pavel Janík
Github-Pull: #6797 Rebased-From: 8be371db340b03dc03142c1bb3390fdfc84f56b4
2015-10-10net: Disable upnp by defaultWladimir J. van der Laan
Common sentiment is that the miniupnpc codebase likely contains further vulnerabilities. I'd prefer to get rid of the dependency completely, but a compromise for now is to at least disable it by default. Rebased-From: 21d27ebad5721bc61c62bc72dc3ab3197f9da268 Github-Pull: #6795
2015-10-09Bump version to 0.10.3Wladimir J. van der Laan
2015-10-09qt: Translations update before 0.10.3v0.10.3rc1Wladimir J. van der Laan
2015-10-09doc: Update release notes for 0.10.3Wladimir J. van der Laan
2015-10-09Update miniupnpc to 1.9.20151008Wladimir J. van der Laan
This version of miniupnpc fixes a buffer overflow in the XML (ugh) parser during initial network discovery. http://talosintel.com/reports/TALOS-2015-0035/ The commit fixing the vulnerability is: https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78 Reported by timothy on IRC. Github-Pull: #6789 Rebased-From: 0cca0248f030ea32bd8de778b5a2782e0d191978
2015-10-07Test LowS in standardness, removes nuisance malleability vector.Gregory Maxwell
This adds SCRIPT_VERIFY_LOW_S to STANDARD_SCRIPT_VERIFY_FLAGS which will make the node require the canonical 'low-s' encoding for ECDSA signatures when relaying or mining. Consensus behavior is unchanged. The rational is explained in a81cd96805ce6b65cca3a40ebbd3b2eb428abb7b: Absent this kind of test ECDSA is not a strong signature as given a valid signature {r, s} both that value and {r, -s mod n} are valid. These two encodings have different hashes allowing third parties a vector to change users txids. These attacks are avoided by picking a particular form as canonical and rejecting the other form(s); in the of the LOW_S rule, the smaller of the two possible S values is used. If widely deployed this change would eliminate the last remaining known vector for nuisance malleability on boring SIGHASH_ALL p2pkh transactions. On the down-side it will block most transactions made by sufficiently out of date software. Unlike the other avenues to change txids on boring transactions this one was randomly violated by all deployed bitcoin software prior to its discovery. So, while other malleability vectors where made non-standard as soon as they were discovered, this one has remained permitted. Even BIP62 did not propose applying this rule to old version transactions, but conforming implementations have become much more common since BIP62 was initially written. Bitcoin Core has produced compatible signatures since a28fb70e in September 2013, but this didn't make it into a release until 0.9 in March 2014; Bitcoinj has done so for a similar span of time. Bitcoinjs and electrum have been more recently updated. This does not replace the need for BIP62 or similar, as miners can still cooperate to break transactions. Nor does it replace the need for wallet software to handle malleability sanely[1]. This only eliminates the cheap and irritating DOS attack. [1] On the Malleability of Bitcoin Transactions Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Łukasz Mazurek http://fc15.ifca.ai/preproceedings/bitcoin/paper_9.pdf Conflicts: src/policy/policy.h Rebased-From: b196b685c9089b74fd4ff3d9a28ea847ab36179b Github-Pull: #6769
2015-09-29qt: periodic translations updateWladimir J. van der Laan
2015-09-22Merge pull request #6704Wladimir J. van der Laan
5e6d893 travis: for travis generating an extra build (Cory Fields) ceba0f8 PARTIAL: typofixes (found by misspell_fixer) (Veres Lajos) 2ede6b7 add support for miniupnpc api version 14 (Pavel Vasin) 0dfcdd4 rpc-tests: re-enable rpc-tests for Windows (Cory Fields) c9ad65e net: Set SO_REUSEADDR for Windows too (Cory Fields) 0194bdd add unit test for CNetAddr::GetGroup. (Alex Morcos) bdf2542 Fix masking of irrelevant bits in address groups. (Alex Morcos) 65426ac Add missing files to files.md (fanquake) 28d76d2 Handle leveldb::DestroyDB() errors on wipe failure (Adam Weiss) 843469e Use unique name for AlertNotify tempfile (Casey Rodarmor) 4e5ea71 Make sure LogPrint strings are line-terminated (J Ross Nicoll) 3861f0f build: fix libressl detection (Cory Fields) 04507de Avoid leaking file descriptors in RegisterLoad (Casey Rodarmor) 8b59079 Add autogen.sh to source tarball. (randy-waterhouse)
2015-09-22[QT] fix thin space word wrap line brake issueJonas Schnelli
The thin space QT html hack results in cut-off chars/nums after a line break. Avoid word wrap line breaks by using a smaller font and a line break before each alternative value) Rebased-From: 24cb7c7bbba224dcb73fcf69296f5ef4734f745f Github-Pull: #6694
2015-09-21travis: for travis generating an extra buildCory Fields
2015-09-21PARTIAL: typofixes (found by misspell_fixer)Veres Lajos
Upstream: 9f68ed6b6d1a9c6436ce37913666165f2b180ee3 (PR #6539)
2015-09-21add support for miniupnpc api version 14Pavel Vasin
The value of new arg ttl is set to 2 as it's recommended default.
2015-09-21rpc-tests: re-enable rpc-tests for WindowsCory Fields
2015-09-21net: Set SO_REUSEADDR for Windows tooCory Fields
When running the rpc tests in Wine, nodes often fail to listen on localhost due to a stale socket from a previous run. This aligns the behavior with other platforms.
2015-09-21add unit test for CNetAddr::GetGroup.Alex Morcos
2015-09-21Fix masking of irrelevant bits in address groups.Alex Morcos
2015-09-21Add missing files to files.mdfanquake
typo
2015-09-21Handle leveldb::DestroyDB() errors on wipe failureAdam Weiss
Add error checking to CLevelDBWrapper for errors from leveldb::DestroyDB(). Without it, if unlink() or DeleteFileW() fail to delete files, they will fail silent. If they fail to delete any files, CLevelDBWrapper will silently open and read the existing database. Typically any permissions issues would be caught by leveldb as it churns through many files as part of its compaction process, but it is conceivable that this could cause problems on Windows with anti-virus and indexing software.
2015-09-21Use unique name for AlertNotify tempfileCasey Rodarmor
2015-09-21Make sure LogPrint strings are line-terminatedJ Ross Nicoll
2015-09-21build: fix libressl detectionCory Fields
Checking libcrypto for a function after we've already found a (possibly different) libcrypto is not what we want to do here. pkg-config might've found a cross lib while AC_CHECK_LIB may find a different or native one. Run a link-test against the lib that's already been found instead.
2015-09-21Avoid leaking file descriptors in RegisterLoadCasey Rodarmor
This is pretty trivial, but if there's an error here we'll leak a file descriptor. Changed it to always close the file.
2015-09-21Add autogen.sh to source tarball.randy-waterhouse
2015-07-20Fix warning introduced by #6412Wladimir J. van der Laan
SOCKET are defined as unsigned integers, thus always >=0. Rebased-From: 89289d875da108c42ca013f33597eda46cb6eb53
2015-07-20Test whether created sockets are select()ablePieter Wuille
Conflicts: src/net.cpp Github-Pull: #6412 Rebased-From: d422f9b1fdb42a51aadaa1bbc157542dca2feb17
2015-07-17Updated URL location of netinstall for Debian฿tcDrak
Conflicts: doc/gitian-building.md Github-Pull: #6439 Rebased-From: 09d4ddf1c5841b757c2676d508a68baa2dbdc4c7
2015-07-17openssl: avoid config file load/raceCory Fields
Rebased-From: d4b1d5a8baf18e4c8d62846360c0c1c0c9331d70 Github-Pull: #6438
2015-06-22doc: update mailing list addressWladimir J. van der Laan
Move from sourceforge to linux foundation. Also get rid of some other stale mentions of sourceforge. Github-Pull: #6319 Rebased-From: 88d8525ca2ff2afc171cd0f625a098371f3a6af5
2015-06-15Add option `-alerts` to opt out of alert systemWladimir J. van der Laan
Make it possible to opt-out of the centralized alert system by providing an option `-noalerts` or `-alerts=0`. The default remains unchanged. This is a gentler form of #6260, in which I went a bit overboard by removing the alert system completely. I intend to add this to the GUI options in another pull after this. Conflicts: src/init.cpp src/main.cpp Github-Pull: #6274 Rebased-From: 02a6702a82a5b00e0e0351041dd3267308b7f319
2015-06-15Fix getbalance *Tom Harding
Chance "getbalance *" not to use IsTrusted. The method and result now match the "getbalance <specific-account>" behavior. In particular, "getbalance * 0" now works. Also fixed a comment -- GetGalance has required 1 confirmation for many years, and the default "getbalance *" behavior matches that. Github-Pull: #6276 Rebased-From: 7d6a85ab5b1dc96e0f3f6f835f27bb81ba2af919 Rebased-By: @trasher-
2015-06-10configure: Detect (and reject) LibreSSLLuke Dashjr
Rebased-From: a5a81f7354b3aa3e797d973a7e6840f0e50e6533 Github-Pull: #6244
2015-06-03json: fail read_string if string contains trailing garbageWladimir J. van der Laan
Change `read_string` to fail when not the entire input has been consumed. This avoids unexpected, even dangerous behavior (fixes #6223). The new JSON parser adapted in #6121 also solves this problem so in master this is a temporary fix, but should be backported to older releases. Also adds tests for the new behavior. Github-Pull: #6226 Rebased-From: 4e157fc60dae5ca69933ea4c1585a2a078b4d957
2015-06-02Remove P2SH coinbase flag, no longer interestingLuke Dashjr
Github-Pull: #6203 Rebased-From: d449772cf69c01932fc5d72c46054815d6300b3c
2015-05-27Parameter interaction: disable upnp if -proxy setWladimir J. van der Laan
To protect privacy, do not use UPNP when a proxy is set. The user may still specify -listen=1 to listen locally (for a hidden service), so don't rely on this happening through -listen. Fixes #2927. Conflicts: src/init.cpp Rebased-From: 8c35b6f3be218101630101806300cfd75be23f58 Github-Pull: #6153
2015-05-27Fix two problems in CSubNet parsingWladimir J. van der Laan
Fix two CSubNet constructor problems: - The use of `/x` where 8 does not divide x was broken, due to a bit-order issue - The use of e.g. `1.2.3.4/24` where the netmasked bits in the network are not 0 was broken. Fix this by explicitly normalizing the netwok according to the bitmask. Also add tests for these cases. Fixes #6179. Thanks to @jonasschnelli for reporting and initial fix. Rebased-From: b45c50ce511dbf541ea086ae40a3ad16ff06de0c Github-Pull: #6186
2015-05-27Simplify code for CSubnetWladimir J. van der Laan
Simplify the code by using CAddress.ip directly, instead of the reversed GetByte() semantics. Rebased-From: 19e8d7be42039724b4893515ec6457d0187024a9 Github-Pull: #6186
2015-05-16doc: small amandment to release notesv0.10.2Wladimir J. van der Laan
2015-05-12Release notes 0.10.2v0.10.2rc1Wladimir J. van der Laan
2015-05-12Avoid crash on start in TestBlockValidity with gen=1.Gregory Maxwell
When the internal miner is enabled at the start of a new node, there is an near instant assert in TestBlockValidity because its attempting to mine a block before the top checkpoint. Also avoids a data race around vNodes. Github-Pull: #6123 Rebased-From: bba7c249296a9a2f444e1035fef8f8b593ba2aaf
2015-05-12Translations updateWladimir J. van der Laan
2015-05-12Preparations for 0.10.2 releaseWladimir J. van der Laan
2015-05-10don't imbue boost::filesystem::path with locale "C" on windowsJonas Schnelli
fixes https://github.com/bitcoin/bitcoin/issues/6078 Github-Pull: #6093 Rebased-From: b3ffcdf91608d4435acfb9b0a6266a4073ffaf7f 3da78490073b04f52f0136e17b07246cc37bedf1
2015-05-07Merge pull request #6114Wladimir J. van der Laan
824c011 wallet: fix boost::get usage with boost 1.58 (Cory Fields)
2015-05-06wallet: fix boost::get usage with boost 1.58Cory Fields
Backport from master
2015-05-04qt: translation update for next 0.10 point releaseWladimir J. van der Laan
2015-04-25doc: improve credits in release notesv0.10.1Gregory Maxwell
2015-04-20update release notes for 0.10.1rc3v0.10.1rc3Wladimir J. van der Laan