Age | Commit message (Collapse) | Author |
|
This commit adds comments referencing multiple CVEs both in production and test code.
CVEs covered in this commit:
CVE-2010-5137
CVE-2010-5139
CVE-2010-5141
CVE-2012-1909
CVE-2012-2459
CVE-2012-3789
CVE-2018-17144
|
|
00fade007c8c0aba82a2a8c40129ae0b6e530d33 contrib: use newer config.guess & config.sub in install_db4.sh (fanquake)
Pull request description:
The `config.guess` and `config.sub` packaged with `db-4.8.30.NC.tar.gz` are fairly old (2009) and fail to identify some system types i.e `ppc64le`. Replace them with more modern versions before configuring `db4`.
Fixes #16064.
ACKs for commit 00fade:
jamesob:
tACK https://github.com/bitcoin/bitcoin/pull/16086/commits/00fade007c8c0aba82a2a8c40129ae0b6e530d33
dongcarl:
utACK 00fade007c8c0aba82a2a8c40129ae0b6e530d33
laanwj:
Tested ACK 00fade007c8c0aba82a2a8c40129ae0b6e530d33
Tree-SHA512: 54f9f2b0fcf802e6a284214035fcb3833577aa5881beb293921b6036b71d0bcd0872f06d14ddc76a4f8c0eee7ba71461dcc99dc907e7ddb5ae403fc02b245538
|
|
0830d40456 docs: add release note for 14954 (fanquake)
Pull request description:
Adds a release note for #14954: build: Require python 3.5.
ACKs for commit 0830d4:
Tree-SHA512: f647c065ef290fb2acb8f55390d8a8cb197372219700bd48777850646c2410b080e1878582ca08c59e6da37ea1dc2d51724e826894dbb7d8a2b218a3b5464a77
|
|
54245985fb3c89d72e285c4db39d38ed2f5fb0de Squashed 'src/secp256k1/' changes from 0b70241850..b19c000063 (Pieter Wuille)
Pull request description:
It's been 1.5 years since our secp256k1 subtree was updated, while the upstream project has undergone a number of incremental improvements (performance, tests, build system fixes), plus gained the groundwork for batch verification.
As we're early in the 0.19 window, this seems like a good time to get these merged.
ACKs for commit 99df27:
fanquake:
utACK 99df276 the subtree merge, still need to test the actual changes.
laanwj:
utACK 99df276da
Tree-SHA512: 769a699366321635068ebfbd9d3f30f6e72401c4fcdc1fdc84e5b3fd888c3f01437748f6cd23a507ab47cf04c226cd504fd48aee654457c34bb106c9db7e5c09
|
|
fa013664ae23d0682a195b9bded85bc19c99536e util: Add type safe GetTime (MarcoFalke)
Pull request description:
There are basically two ways to get the time in Bitcoin Core:
* get the system time (via `GetSystemTimeInSeconds` or `GetTime{Millis,Micros}`)
* get the mockable time (via `GetTime`)
Both return the same type (a plain int). This can lead to (test-only) bugs such as 99464bc38e9575ff47f8e33223b252dcea2055e3.
Fix that by deprecating `GetTime` and adding a `GetTime<>` that returns the mockable time in a non-int type. The new util function is currently unused, but new code should it where possible.
ACKs for commit fa0136:
promag:
utACK fa013664.
Tree-SHA512: efab9c463f079fd8fd3030c479637c7b1e8be567a881234bd0f555c8f87e518e3b43ef2466128103db8fc40295aaf24e87ad76d91f338c631246fc703477e95c
|
|
c995c870aa4cc9b9ddf0a84ce15c544757a43a18 depends: add ability to skip building zeromq (fanquake)
Pull request description:
Similar to other depends packages, add the ability to skip building `zeromq` by passing `NO_ZMQ=1`.
Fixes #15918.
ACKs for commit c995c8:
practicalswift:
utACK c995c870aa4cc9b9ddf0a84ce15c544757a43a18
jonasschnelli:
utACK c995c870aa4cc9b9ddf0a84ce15c544757a43a18
Tree-SHA512: 72269707916d5af0bc8ecdd89f61e49264dba29350f9508fe0a497e8ce8dae66f6a828cf0bf4d97b6f95356b505cb3e6c365e8476219dd56c4535c850df393c9
|
|
fadbc5d89562df7e34379f9d01a757e30db7bbe2 mempool: remove unused magic number from consistency check (Gregory Sanders)
Pull request description:
Unexplained magic numbers are no good. Since the exact number does not matter, opt for a constant that is less peculiar.
Note that this could only possibly affect mempool consistency checks which is not active by default except on regtest.
see discussion: https://github.com/bitcoin/bitcoin/issues/15080
ACKs for commit fadbc5:
practicalswift:
utACK fadbc5d89562df7e34379f9d01a757e30db7bbe2
Tree-SHA512: 80f95ebc284c5bcc5d825fab0e9f962457a411539946d68ef4c8bdea4b1f2f7f0ead88928fac0eaaa02a1175f01f5ef381613ce53b0f27c3098e90d76ecfe9af
|
|
d5dc66e28046a146b6fdf10ed119dfe4e96af995 doc: fix/improve analyzepsbt in doc/psbt.md (Jon Atack)
Pull request description:
- fix: replace "RPC" with "PSBT"
- output includes the current status of the analyzed psbt's inputs
- apply "if possible" to the fee as well as to the estimated weight and feerate, since the fee is only shown if all utxo slots in the psbt have been filled
- add "final" to the estimated weight and feerate
ACKs for commit d5dc66:
laanwj:
ACK d5dc66e28046a146b6fdf10ed119dfe4e96af995
fanquake:
utACK d5dc66e
Tree-SHA512: 61ff1ef45ec34182613b300d21cc2b17a28d1e955f70848f5be1a40c82009fe3000db3332d2cfca1833d7c881b61cc4ebc9fc779238f76d38e9e3f706cfb3551
|
|
d595b4aae gui: move coin control OK to the right (fanquake)
Pull request description:
Fixes #16101
The simplest fix seems to be to just drop the `sizePolicy` property, as we don't use that on any other instances of `QDialogButtonBox`.
master (76e2cded477bc483ec610212bdadf21fe35292d4):
![master](https://user-images.githubusercontent.com/863730/58490351-fc26d380-813a-11e9-9906-043ff4f4959f.png)
This PR:
![right-side](https://user-images.githubusercontent.com/863730/58490360-00eb8780-813b-11e9-80fb-2dab04a5ba54.png)
ACKs for commit d595b4:
hebasto:
utACK d595b4aae9d6eca7094ed5612f4773d98e422057
jonasschnelli:
utACK d595b4aae9d6eca7094ed5612f4773d98e422057
JosuGZ:
tACK d595b4aae9d6eca7094ed5612f4773d98e422057
Tree-SHA512: 7099e21d58457bfcbc83237f5a47ddf18cfa6bd9d6194b357b314b4d54aed72fdbbf10cbe38223affd87c2542b8f364d37ce6a175e594dfbcd18c725b42a6d3e
|
|
0db94e55d wallet: Pass WalletBatch to CWallet::UnsetWalletFlag (João Barbosa)
6cb888b37 Apply the batch treatment to CWallet::SetAddressBook via ImportScriptPubKeys (Ben Woosley)
6154a09e0 Move some of ProcessImport into CWallet::Import* (Ben Woosley)
ccb26cf34 Batch writes for importmulti (Andrew Chow)
d6576e349 Have WalletBatch automatically flush every 1000 updates (Andrew Chow)
366fe0be0 Add AddWatchOnlyWithDB, AddKeyOriginWithDB, AddCScriptWithDB functions (Andrew Chow)
Pull request description:
Instead of writing each item to the wallet database individually, do them in batches so that the import runs faster.
This was tested by importing a ranged descriptor for 10,000 keys.
Current master
```
$ time src/bitcoin-cli -regtest -rpcwallet=importbig importmulti '[{"desc": "sh(wpkh([73111820/44h/1h/0h]tpubDDoT2SgEjaU5rerQpfcRDWPAcwyZ5g7xxHgVAfPwidgPDKVjm89d6jJ8AQotp35Np3m6VaysfUY1C2g68wFqUmraGbzhSsMF9YBuTGxpBaW/1/*))#3w7php47", "range": [0, 10000], "timestamp": "now", "internal": true, "keypool": false, "watchonly": true}]'
...
real 7m45.29s
```
This PR:
```
$ time src/bitcoin-cli -regtest -rpcwallet=importbig4 importmulti '[{"desc": "pkh([73111820/44h/1h/0h]tpubDDoT2SgEjaU5rerQpfcRDWPAcwyZ5g7xxHgVAfPwidgPDKVjm89d6jJ8AQotp35Np3m6VaysfUY1C2g68wFqUmraGbzhSsMF9YBuTGxpBaW/1/*)#v65yjgmc", "range": [0, 10000], "timestamp": "now", "internal": true, "keypool": false, "watchonly": true}]'
...
real 3.93s
```
Fixes #15739
ACKs for commit 0db94e:
jb55:
utACK 0db94e5
ariard:
Tested ACK 0db94e5
Empact:
re-utACK https://github.com/bitcoin/bitcoin/pull/15741/commits/0db94e55dcbbfc741df463c404818d9033b4fff1 only change is re the privacy of `UnsetWalletFlagWithDB` and `AddCScriptWithDB`.
Tree-SHA512: 3481308a64c99b6129f7bd328113dc291fe58743464628931feaebdef0e6ec770ddd5c19e4f9fbc1249a200acb04aaf62a8d914d53b0a29ac1e557576659c0cc
|
|
97dce72261 contrib: add curl as a required program in gitian-build.py (fanquake)
Pull request description:
Fixes: #16109
Adds `curl` to the list of base programs required by the `gitian-build.py` script.
ACKs for commit 97dce7:
hebasto:
tACK 97dce7226194d5d8a06787afef7df08cebb66bd6 on Debian Buster RC1.
Tree-SHA512: 68847a527aa6b5d883bffd6a6fe6bbbe4b96ceddb30f55ed5ffbfa690a10c2e9c1bc7ba4520319531ab3baa7a7f64c3c8ce89a791f7c746abe73a84c2942b94d
|
|
|
|
|
|
|
|
|
|
|
|
This maintains encapsulation of CWallet::database in the face of
batching, e.g. allows making the `WithDB` methods private.
|
|
ae7faf20d5 Exceptions should be caught by reference, not by value. (Kristaps Kaupe)
Pull request description:
Fixes this warning with GCC8/GCC9:
```
wallet/wallettool.cpp: In function ‘std::shared_ptr<CWallet> WalletTool::LoadWallet(const string&, const boost::filesystem::path&)’:
wallet/wallettool.cpp:62:25: warning: catching polymorphic type ‘const class std::runtime_error’ by value [-Wcatch-value=]
} catch (const std::runtime_error) {
^~~~~~~~~~~~~
```
Related to #15822.
ACKs for commit ae7faf:
practicalswift:
utACK ae7faf20d5fb3e2415ccadc37100dfc44aa0cd94
Tree-SHA512: 07eb774b3296c0b66ac5040269bff6cd8ba0294c8c95cc08c595efbd535260ff0010fa430ca057eeccd7b38c0a981a3d7a95b675d9e2996853c013dc0bfe8127
|
|
|
|
possible
fb434159d1 Remove global symbols: Avoid using the global namespace if possible (practicalswift)
Pull request description:
Remove global symbols: Avoid using the global namespace if possible.
Partially resolves #15612 ("Reduce the number of global symbols used").
Change in global symbols as reported by `nm bitcoind` before vs after:
```
$ diff -u <(nm src/bitcoind-before | c++filt | grep -E '^[0-9a-f]+ [A-Z] ' | cut -f3- -d' ' | sort -u) \
<(nm src/bitcoind-after | c++filt | grep -E '^[0-9a-f]+ [A-Z] ' | cut -f3- -d' ' | sort -u) \
| grep -E '^[+-][^+-]'
-boundSockets
-cs_warnings
-eventHTTP
-fFeeEstimatesInitialized
-fLargeWorkForkFound
-fLargeWorkInvalidChainFound
-pathHandlers
-strMiscWarning[abi:cxx11]
-threadHTTP
```
ACKs for commit fb4341:
Tree-SHA512: d2f78f6188a992b0e0de8d107e2c494cfa0faa2de4fda634a1d3606d6515633bec86289cf2a2e78ffe467b17b795e2243cc459fb44e0dfe2fc69899506ff61c9
|
|
Rename CCriticalSection to RecursiveMutex (both are AnnotatedMixin<std::recursive_mutex>)
```
$ git grep -E '(typedef|using).*(CCriticalSection|RecursiveMutex)'
src/sync.h:using RecursiveMutex = AnnotatedMixin<std::recursive_mutex>;
src/sync.h:typedef AnnotatedMixin<std::recursive_mutex> CCriticalSection;
```
|
|
|
|
480e3415d7 configure: Add flag for enabling thread_local. (Carl Dong)
Pull request description:
- When aiming for glibc compatibility, don't use thread_local. Fixes #15958.
- FreeBSD has a buggy thread_local, don't use it. Fixes #16055.
I've done a Gitian build on my local machine and the symbol tests seem to pass.
ACKs for commit 480e34:
MarcoFalke:
utACK 480e3415d738a4e0e2ad9774c43f29937178ecae
fanquake:
tACK 480e341
Tree-SHA512: 334f21f7cf271c261b115a6410afd4ed4db3e84ad79b98c6c684c1dfa42b081f16d58e77695929e27b0fa173a894b959a327fe82821a3f3ed708b305a906ddd3
|
|
|
|
fa47330397 test: Speed up cache creation (MarcoFalke)
fa6ad7a5ec test: Bump MAX_NODES to 12 (MarcoFalke)
Pull request description:
When testing a combination of settings that affect the datadir (e.g. prune, blockfilter, ...) we may need a lot of datadirs.
Bump the maximum number of nodes proactively from 8 to 12, so that caches get populated with 12 node dirs, as opposed to 8.
Also, add an assert that the list of deterministic keys is exactly the number of max nodes (and not more than that.
Also, create the cache faster.
ACKs for commit fa4733:
laanwj:
utACK fa473303972b7dad600d949dc9b303d8136cb7e7
Tree-SHA512: 9803c765ed52d344102f5a3bce57b05d88a7429dcb05ed66ed6c881fda8d87c2834d02d21b95fe9f39c0efe3b8527e13cf94f006588cde22e8c2cd50b2d517a6
|
|
0784af16ef remove parameters -addresstype=legacy in rpc_rawtransaction test (LongShao007)
a65dafa8f1 replace tx hash with txid in test rawtransaction (LongShao007)
Pull request description:
The transaction hash is different from txid for witness transactions, so we should use txid instead of hash.
ACKs for commit 0784af:
Tree-SHA512: 98b699eb5f25c3a603b11eb7072efe9bc69c0c0ecc7f996405de31bc45d92105970e09fd8e4f75b42a46498817f596d36d9b28eae7d24e63a4f2f2abfcee0eab
|
|
|
|
8afca323e3 doc: add bitcoin_config.h PACKAGE updates to release process (Jon Atack)
3ee28c506d build: bump bitcoin_config.h packages to v0.18 (Jon Atack)
Pull request description:
- Bump PACKAGE_VERSION and PACKAGE_STRING in `build_msvc/bitcoin_config.h` from 0.17 to 0.18 (follow-up to 48ed65b).
- Update `doc/release_process.md` (follow-up to e47dc4f), new version visible [here](https://github.com/jonatack/bitcoin/blob/bitcoin_config-and-release_process-updates/doc/release-process.md).
- Perhaps worth backporting the version updates to 0.18.0.
ACKs for commit 8afca3:
laanwj:
utACK https://github.com/bitcoin/bitcoin/pull/16080/commits/8afca323e371a7a191d874928046d6bf2fbbe072
Tree-SHA512: be4308636846d719d2406790b33861a5ca4775cec77b7b40f2a01e0180d55e36d821b680c923c366de6ddb576f8a94efe59bf66a5f0637cbc2ecff6c824fe602
|
|
- When aiming for glibc compatibility, don't use thread_local.
- Add a flag --enable-threadlocal, which, when specified, will
enable/disable thread_local regardless of the value of glibc_compat.
- FreeBSD has a buggy thread_local, don't use it.
|
|
|
|
run-time check to it
9f85e9cb3d scripted-diff: Rename LockAnnotation to LockAssertion (practicalswift)
de9b5dbca3 Make sure the compile-time locking promises given via LockAnnotation:s hold also in practice at runtime (ifdef DEBUG_LOCKORDER) (practicalswift)
3a809446b3 Move LockAnnotation to make it reflect the truth (practicalswift)
cc2588579c Move LockAnnotation from threadsafety.h (imported code) to sync.h (our code) (practicalswift)
Pull request description:
`LockAnnotation lock(mutex);` is a guarantee to the compiler thread-analysis that `mutex` is locked (when it couldn't be determined otherwise).
Before this PR it was possible to make the mistake of adding a `LockAnnotation` where the correct mutex is _not_ held. This in turn makes the thread-analysis reasoning being based on incorrect premises.
This PR adds an assertion in the `LockAnnotation` ctor which checks that the guarantees given by us at compile-time are held also in practice (`ifdef DEBUG_LOCKORDER`).
Issues like the one described in #16028 will be discovered immediately with this PR merged.
Changes in this PR:
* Move `LockAnnotation` from `threadsafety.h` (imported code) to `sync.h` (our code)
* Move `LockAnnotation` in `wallet_tests` to make it reflect the truth
* Make sure the compile-time locking promises given via `LockAnnotation`:s hold also in practice at runtime (`ifdef DEBUG_LOCKORDER`)
* Rename `LockAnnotation` to `LockAssertion`
ACKs for commit 9f85e9:
ryanofsky:
utACK 9f85e9cb3d687862128ddf464d2bc2462b8627f0. No changes at all since last review except clean rebase after base PR #16033 was merged
Tree-SHA512: fb80e78fe362adfd6ea8405bcb142c09b99f834fe8be4397282b223ca2c3a2bb9719a074a47a043b44757f840b239a6fcd2f98d14771f8729204834ecf608c3a
|
|
RPC example
e23809a05b [rpc] deriveaddresses: Correct descriptor checksum in RPCExamples (Chris Capobianco)
Pull request description:
Trvial: This fixes the descriptor checksum found the in the deriveaddresses RPC example.
The current checksum value does work, but only if the "h" used for the hardened derivation key origin are replaced with "'".
Given the discussion to switch from "'" to "h" [here](https://github.com/bitcoin/bitcoin/issues/15740), I thought it made more sense to update the checksum rather then changing all the "h" to "'" in this example.
ACKs for commit e23809:
instagibbs:
tACK https://github.com/bitcoin/bitcoin/pull/16024/commits/e23809a05b22a5eec354d63980bbddf040d67c3f
Tree-SHA512: 06a2b9f3e714ecde9b9a80b3b7a4082eb072e71d8abcc455ff5387e470d48839f22a70b78bbae1cf9122cb133fee46830819b6f39d67aec8c3c8d5889ae94e04
|
|
and reorganise the section and add relative url links.
Follow-up to e47dc4f.
|
|
Follow-up to 48ed65b.
|
|
bb41e632ca wallet_balance.py: Prevent edge cases (Steven Roose)
Pull request description:
I ran into this edge case when running the test on Elements. I had a 0-value output as change.
ACKs for commit bb41e6:
Tree-SHA512: ef4c25289cafcdb4437f11ed537664dff5afedcefab75a46f985d3be70551de2d3bc8e9cfcb22c0f3d7d2eb95ff40df78b8d01dbacbf90c36bca00426937b0a2
|
|
|
|
|
|
be4efb165a rpc: Mention getwalletinfo where a rescan is triggered (João Barbosa)
Pull request description:
ACKs for commit be4efb:
jonasschnelli:
utACK be4efb165ab7ff5824de9a46aa06eca654b7513f
sipa:
utACK be4efb165ab7ff5824de9a46aa06eca654b7513f
Tree-SHA512: c9e5adda6fcb71dd64ad35cc5af89b0ed815aba440df26b61ef2018abd3b801c9e93cdbedf90db3938e88dc9af39f1577c4c7248bc77260d3afda5e2a0928e68
|
|
df9e15f092c18a8047f09307576c2b77b9c8d01c refactor: Improve CRollingBloomFilter::reset by using std::fill (João Barbosa)
d2dbc7da26e1ca40200521c05a0b1ca75578acd2 bench: Add benchmark for CRollingBloomFilter::reset (João Barbosa)
Pull request description:
Cleaner code. Also improves performance with `--enable-debug` (which is meaningless to non-developers).
Before:
```
# Benchmark, evals, iterations, total, min, max, median
RollingBloomReset, 5, 150, 19.3008, 0.0254917, 0.0259195, 0.0257395
```
After:
```
# Benchmark, evals, iterations, total, min, max, median
RollingBloomReset, 5, 150, 5.43269, 0.00720651, 0.00729697, 0.00724854
```
ACKs for commit df9e15:
MarcoFalke:
re-utACK df9e15f092
jamesob:
re-utACK https://github.com/bitcoin/bitcoin/pull/16073/commits/df9e15f092c18a8047f09307576c2b77b9c8d01c
Tree-SHA512: 22038411dfd41afad77b17a3da9ee04476ffbd4d215dcf47bdd9f14588759bc328a55d958dcebc2036b52ce4c56f79b1284eae11e56ddfaf21f0b2ee1c6a914a
|
|
|
|
|
|
RewindBlockIndex
1609809fb2 validation: Hold cs_main when reading chainActive in RewindBlockIndex (practicalswift)
Pull request description:
Fixes #15980.
Hold `cs_main` when reading `chainActive` (via `::ChainActive()`) in `RewindBlockIndex`.
ACKs for commit 160980:
MarcoFalke:
utACK 1609809fb2a4c2ec15b7c26dc328e2e666bd5d57
Tree-SHA512: 54f180ab391f92f04950735c2bb337f0b7495826d2096f7a0f9a2da50bc29d08747f404a0495e33ca4edd4c842efbab4c4730d5e1a8b9da3e1249cf884268f4b
|
|
d8bc47fde4 depends: switch to secure download of all dependencies (Ulrich Kempken)
Pull request description:
Even if we potentially check the integrity of the downloaded file via hash comparison, we should make use of SSL since it is available.
ACKs for commit d8bc47:
jonasschnelli:
utACK d8bc47fde46ca0711fa54a0d70ff5d066c708e50
practicalswift:
utACK d8bc47fde46ca0711fa54a0d70ff5d066c708e50
dongcarl:
tACK d8bc47fde46ca0711fa54a0d70ff5d066c708e50
Tree-SHA512: e47702f6d243ed7f498ca84c193244382f16f08df6a297caa224b4468f501f3da6fe542fcf3a0dd9c24ab1b0b38bbc51478068e6006a92854ded23abf90de3c8
|
|
importaddress
df0e97ccb1 RPC: Hint for importmulti in help output of importpubkey and importaddress (Kristaps Kaupe)
Pull request description:
Similar to #12702. Hint for `importmulti` also in help output of `importpubkey` and `importaddress`.
ACKs for commit df0e97:
promag:
utACK df0e97ccb13a28825a2731b95d2bb17f355f6920.
jonasschnelli:
utACK df0e97ccb13a28825a2731b95d2bb17f355f6920
Tree-SHA512: db7358d7f4d463a50874e605bbca35a1a40dbefbb1d35cf51fe2f2aa34bef90c3ca398f4ffbcb9d7d43887a03eb8d81b6ef59066a3c7eda18a7eea876f6592e7
|
|
|
|
|
|
versionbits_computeblockversion
2c448d6bc7 parameterize hard coded numbers referring to miner conf window (Jordan Baczuk)
Pull request description:
Replace hard coded values (eg. 2016) with `mainnetParams.nMinerConfirmationWindow` where appropriate. This parameterizes hard coded values in the unit test that refer to the `Miner Confirmation Window`, which currently is `2016`. This includes values not exactly 2016 but which were derived from it. Also changed `int` to `uint32_t` where appropriate to avoid compiler warnings. This makes one source of truth, and also helps people who might be adjusting this value in testing so the unit tests don't break.
ACKs for commit 2c448d:
Tree-SHA512: 9262e0b89c1baf7857b49fe2221b2b00f948f61317b321c4871a9182a86d6f8aadeb59d6b133e8a213cc9b31b4a417888fb1ad31caef16ccbbab1de33c4b8459
|
|
|
|
Some dependency sources were downloaded via http, even though https (SSL/TLS) options are available.
Even if we potentially check the integrity of the downloaded files via hash comparison, we should make
use of this additional security layer.
bdb.mk
fontconfig.mk
freetype.mk
libX11.mk
libXau.mk
libXext.mk
libxcb.mk
native_cctools.mk
native_cdrkit.mk
xcb_proto.mk
xextproto.mk
xproto.mk
xtrans.mk
zlib.mk
miniupnp was switched to official project mirror with SSL support
|
|
|