Age | Commit message (Collapse) | Author |
|
|
|
faede70882b4fd54390f5205dbe1dbcf019195c8 doc: Add formatting to the good first issue template (MarcoFalke)
Pull request description:
Add minor formatting to the good first issue template so that it is easier to see with one glance what the required skills are.
Preview is here: https://github.com/MarcoFalke/bitcoin-core/issues/new/choose
ACKs for top commit:
fanquake:
ACK faede70882b4fd54390f5205dbe1dbcf019195c8
Tree-SHA512: 0b0fcd051166981455061442e69f42c9fa726eaa228856e57434e012f7224781f4f3f12c31ce0a7a322df9999e79a8fbe63bf800b7933bc52c7cdaed90f37598
|
|
c78b123982d59fe2d633659f23d6893de627f3f6 build: add -bind_at_load to hardened LDFLAGS (fanquake)
Pull request description:
This performs the same function as `-Wl,-z,now`, except for ld on macOS.
You can check the binaries using `otool -l`, and looking for the `LC_DYLD_INFO_ONLY` section; `lazy_bind_off` and `lazy_bind_size` should both be 0.
This seems to be the case with our current release binaries. However we can make the check, and applying the flag explicit in configure.
man ld:
```bash
-bind_at_load
Sets a bit in the mach header of the resulting binary which tells dyld
to bind all symbols when the binary is loaded, rather than lazily.
```
TODO:
- [ ] Follow up with `MH_BINDATLOAD` flag.
ACKs for top commit:
theuni:
ACK c78b123982d59fe2d633659f23d6893de627f3f6.
Tree-SHA512: 12259558b84f7e3d75d6fcde63b517685e42b18fcf8e8cfcf347483c5ba089d3b4b6d330e7b7f61f83a328fe4d141b771e8e52ddee9cac6da87dfc073ab1183d
|
|
abc147de95fb294a2c0a3105695e708517010322 build: remove WINDOWS_BITS from build system (fanquake)
Pull request description:
We no longer build/ship 32 bit windows executables.
ACKs for top commit:
laanwj:
LGTM ACK abc147de95fb294a2c0a3105695e708517010322
Tree-SHA512: 7101393cddb7e578740e4c79532dac981eb963630ce63c28dfebf0f5ecde266c1836ac0efd1fd82e6010a6151755ad2cc2b09bc2f67edd7c0c77060ac046a9cd
|
|
6e77a7b65cda1b46ce42f0c99ca91562255aeb28 keypool: Add comment about TopUp and when to use it (Andrew Chow)
ea50e34b287e0da0806c1116bb55ade730e8ff6c keypool: Move opportunistic TopUps from LegacyScriptPubKeyMan to CWallet and ReserveDestination (Andrew Chow)
bb2c8ce23c9d7ba8d0e5538243e07218443c85b4 keypool: Remove superfluous topup from CWallet::GetNewChangeDestination (Andrew Chow)
Pull request description:
* The `TopUp()` in `CWallet::GetNewChangeDestination` is unnecessary as currently m_spk_man calls TopUp further down the call stack inside LegacyScriptPubKeyMan::ReserveKeyFromKeyPool (called by LegacyScriptPubKeyMan::GetReservedDestination). This also lets us prepare for future changes with multiple ScriptPubKeyMans in the wallet.
* An opportunistic `TopUp()` is moved from `LegacyScriptPubKeyMan::GetNewDestination` to `CWallet::GetNewDestination`.
* Another opportunistic `TopUp()` is moved from `LegacyScriptPubKeyMan::ReserveKeyFromKeyPool`
Moving opportunistic TopUps ensures that ScriptPubKeyMans will always be topped up before requesting Destinations from them as we cannot always rely on future ScriptPubKeyMan implementaions topping up internally.
See also: https://github.com/bitcoin/bitcoin/pull/17373#discussion_r348598174
ACKs for top commit:
instagibbs:
utACK https://github.com/bitcoin/bitcoin/pull/17537/commits/6e77a7b65cda1b46ce42f0c99ca91562255aeb28 only change is slight elaboration on comment
ryanofsky:
Code review ACK 6e77a7b65cda1b46ce42f0c99ca91562255aeb28. Only the comment changed since my previous review.
Tree-SHA512: bdfc8d303842c3fb7c3d40af7abfa6d9dac4ef71a24922bb92229674ee89bfe3113ebb46d3903ac48ef99f0a7d6eaac33282495844f2b31f91b8df55084c421f
|
|
|
|
facb416ad5ba47b01ee52c273a5c5e3709f06f07 ci: Add valgrind run (MarcoFalke)
Pull request description:
Fixes #17460
ACKs for top commit:
practicalswift:
ACK facb416ad5ba47b01ee52c273a5c5e3709f06f07
Tree-SHA512: 55396e548a76f976d7b7170b68bc5f93cfd44656162267172f66db7eb549699a2a22d3b1bb0d5f180fe0697931939e652c8cdb86b435e81e7ce572485798009d
|
|
e1900008699bd45031b7faa9ef3d0a81d54091b0 ci-s390x: Add qemu and depends support in the ci script (Elichai Turkel)
Pull request description:
Related: #17599
This adds qemu support just like we have in arm and compile the depends.
other than that I also fixed some missing includes to make the depends compile.
ACKs for top commit:
MarcoFalke:
ACK e190000 (first commit only, didn't look at second commit)
Tree-SHA512: 2b8a39772b86408569f52cdc33832dbce7e5e9cdd710524295f3d259628cdfc017e740f6f94941307d7f8e413236814a95ba851153c617eb5fb75b4bd9a7e52f
|
|
529d332fbfe633d60845a97e1a06f552bd63d0d4 test: add IsRFC2544 tests (Mark Tyneway)
419ef3b7cc04e3ab26252d7024da847dfd5ab1a3 CNetAddr: fix IsRFC2544 comment (Mark Tyneway)
Pull request description:
The comment describing the functionality of `CNetAddr::IsRFC2544` is incorrect.
https://github.com/bitcoin/bitcoin/blob/46d6930f8c7ba7cbcd7d86dd5d0117642fcbc819/src/netaddress.h#L57
It should actually read `198.18.0.0/15` based on [RFC 3330](https://tools.ietf.org/html/rfc3330):
```
198.18.0.0/15 - This block has been allocated for use in benchmark
tests of network interconnect devices. Its use is documented in
[RFC2544].
```
See [RFC 2544](https://tools.ietf.org/html/rfc2544) here.
See the implementation here:
https://github.com/bitcoin/bitcoin/blob/47d981e8273804a040d71665a4cb16038d6717e1/src/netaddress.cpp#L142-L145
This PR also adds tests for the minimum and maximum values that are valid RFC 2544 addresses.
ACKs for top commit:
practicalswift:
ACK 529d332fbfe633d60845a97e1a06f552bd63d0d4
laanwj:
ACK 529d332fbfe633d60845a97e1a06f552bd63d0d4
promag:
ACK 529d332fbfe633d60845a97e1a06f552bd63d0d4, nit could squash.
jonatack:
ACK 529d332fbfe633d60845a97e1a06f552bd63d0d4
Tree-SHA512: 954a9582856d77564e0ea5fd2e3d287d0cfc4ecfe0588115692d01005e8ca7ad8ab20ff390ded867dc91af2bfb758d4e73a336e6c0b7798846c30a6d69b8ae3d
|
|
|
|
|
|
hex related functions
c18405732e38eadb2c47533c3f982f4605fbfd9a tests: Add fuzzing harness for various hex related functions (practicalswift)
526dd78bedcebcf170ce13349eb3e9fc7fbf39bb tests: Add fuzzing harness for various Base{32,58,64} related functions (practicalswift)
32e27129ff26c7cc10321652d5d2678876081983 util: Move TrimString(...). Introduce default pattern (trims whitespace). Add NODISCARD. (practicalswift)
22d9bae36f2a164acf35765231f1d93364c1c4a9 tests: Add corpora suppression (FUZZERS_MISSING_CORPORA) for fuzzers missing in https://github.com/bitcoin-core/qa-assets/tree/master/fuzz_seed_corpus (practicalswift)
Pull request description:
Add fuzzing harnesses for various Base{32,58,64} and hex related functions.
**Testing this PR**
Run:
```
$ CC=clang CXX=clang++ ./configure --enable-fuzz \
--with-sanitizers=address,fuzzer,undefined
$ make
$ src/test/fuzz/base_encode_decode
…
$ src/test/fuzz/hex
…
```
ACKs for top commit:
MarcoFalke:
ACK c18405732e38eadb2c47533c3f982f4605fbfd9a 🔁
Tree-SHA512: 4fcbe4f641fc553e43fd5c3c40a6beec0d2ce90c5ffc718213b37fc18aba4c055e51e26f93d01ea1248fd89473d07c9dce77db7f014b47d3abd045f61b5f1905
|
|
|
|
|
|
Add NODISCARD.
|
|
in https://github.com/bitcoin-core/qa-assets/tree/master/fuzz_seed_corpus
|
|
78e283e656bf1643944ffdb76185f3468eb25895 [test] move wallet helper functions into test library (Martin Zumsande)
f613e5dfdafe708f63ebb5193c44e2bc770c6651 [test] move mining helper functions into test library (Martin Zumsande)
2cb4e8bdc7ef75ae8d95c246af1e8e1f9c7045bd [test] move string helper functions into test library (Martin Zumsande)
Pull request description:
This disbands `test/util.h` and `test/util.cpp` and moves the content into the test utility library recently created in #17542, so that all test utility functions are in one place.
The content of the original files are split into three modules:
1) string helper functions go to `test/util/str`
2) mining helper functions go to the newly created `test/util/mining`
3) wallet helper functions go to the newly created `test/util/wallet`
ACKs for top commit:
MarcoFalke:
ACK 78e283e656bf1643944ffdb76185f3468eb25895 🔧
Tree-SHA512: f182a61e86e76c32bcb84e37f44904d3a4a9c5a321f7a8efdda5368a6623cb8b5a5384ec4f96e67f0357b0c22099f6e3ecd0ac4cb467e3fa3f3128f8d36edfb8
|
|
7aab8d1024996c7c422bd34a8226df0117b813f7 [style] Code style fixups in GetWarnings() (John Newbery)
492c6dc1e742a62599dc6d5ba6c3896825b5144f util: change GetWarnings parameter to bool (John Newbery)
869b6314fd180856b6054fff28b5de994252c54c [qt] remove unused parameter from getWarnings() (John Newbery)
Pull request description:
`GetWarnings()` changes the format of the output warning string based on a passed-in string argument that can be set to "gui" or "statusbar".
Change the argument to a bool:
- there are only two types of behaviour, so a bool is a more natural argument type
- changing the name to `verbose` does not set any expectations for the how the calling code will use the returned string (currently, `statusbar` is used for RPC warnings, not a status bar)
- removes some error-handling code for when the passed-in string is not one of the two strings expected.
ACKs for top commit:
laanwj:
code review ACK 7aab8d1024996c7c422bd34a8226df0117b813f7
practicalswift:
ACK 7aab8d1024996c7c422bd34a8226df0117b813f7 -- diff looks correct :)
MarcoFalke:
ACK 7aab8d1024996c7c422bd34a8226df0117b813f7 otherwise.
promag:
Code review ACK 7aab8d1024996c7c422bd34a8226df0117b813f7.
Tree-SHA512: 75882c6e3e44aa9586411b803149b36ba487f4eb9cac3f5c8f07cd9f586870bba4488a51e674cf8147f05718534f482836e6a4e3f66e0d4ef6821900c7dfd04e
|
|
fa8e650b525e9493bdfa393c0c3e34cb22c78c08 rest: Use mempool from node context instead of global (MarcoFalke)
fa660d65d7cc401ad5bbfdc076a074de19a79329 node: Use mempool from node context instead of global (MarcoFalke)
facbaf092f1ab298943206603cff6e6e3d30d452 rpc: Use mempool from node context instead of global (MarcoFalke)
Pull request description:
Currently they are identical, but in the future we might want to turn
the mempool into a unique_ptr. Replacing the global with the mempool
pointer from the node context simplifies this step.
ACKs for top commit:
jnewbery:
Code review ACK fa8e650b5
ryanofsky:
Code review ACK fa8e650b525e9493bdfa393c0c3e34cb22c78c08, Only the discussed REST server changes since the last review.
Tree-SHA512: 0836f3f39cf90306455962918446e5f8612e88c32072b92afc30929aea1f17430bbda0e2b3668d36c9d6b97d63a93cf4903185194571108642b7bf5a39b89125
|
|
We no longer build/ship 32 bit windows executables.
|
|
a5089f62bda9a39c1d6cbba285477670f1aa1f3f fix directory path for secp256k1 subtree in developer-notes (hackerrdave)
Pull request description:
Documentation update to fix the directory path of the `secp256k1` subtree in the developer notes
ACKs for top commit:
laanwj:
ACK a5089f62bda9a39c1d6cbba285477670f1aa1f3f
Tree-SHA512: d0986721d7091af26edaee769db78c9aabac25bbaddb2a1bfa96c7208187226e280e9c38897b5227ee6c9e40d5a1af86bb7c58e72c6a30a94a478c4bf54c086e
|
|
|
|
CBlock related functions
893aa207e84b74e7623243967d29f03570fdfd6f tests: Add fuzzing harness for CheckBlock(...) and other CBlock related functions (practicalswift)
ec8dcb0199c6d6ae47a13abbd158f59532554adb tests: Add corpora suppression (FUZZERS_MISSING_CORPORA) for fuzzers missing in https://github.com/bitcoin-core/qa-assets/tree/master/fuzz_seed_corpus (practicalswift)
Pull request description:
Add fuzzing harness for `CheckBlock(...)` and other `CBlock` related functions.
**Testing this PR**
Run:
```
$ CC=clang CXX=clang++ ./configure --enable-fuzz --with-sanitizers=address,fuzzer,undefined
$ make
$ src/test/fuzz/block
…
# And to to quickly verify that the relevant code regions are triggered, that the
# fuzzing throughput seems reasonable, etc.
$ contrib/devtools/test_fuzzing_harnesses.sh '^block$'
```
`test_fuzzing_harnesses.sh` can be found in PR #17000.
Top commit has no ACKs.
Tree-SHA512: 275abd46d8ac970b28d8176f59124988b1e07c070173e001acd55995b830333417f301c309199fc589da08a6ac4c03aa74650d5e1638f6e3023dfbd3c9f6921d
|
|
strings with embedded NUL characters. Add tests.
137c80d579502e329964d7d1028a9507d4667774 tests: Add tests for decoding/parsing of base32, base64 and money strings containing NUL characters (practicalswift)
a6fc26da55dea3b76bd89fbbca24ded170238674 util: Don't allow DecodeBase32(...) of strings with embedded NUL characters (practicalswift)
93cc18b0f6fa5fa8144079a4f51904d8b3087e94 util: Don't allow DecodeBase64(...) of strings with embedded NUL characters (practicalswift)
ccc53e43c5464058171d6291da861a88184b230e util: Don't allow ParseMoney(...) of strings with embedded NUL characters (practicalswift)
Pull request description:
Don't allow Base32/64-decoding or `ParseMoney(…)` on strings with embedded `NUL` characters. Add tests.
Added tests before:
```
$ src/test/test_bitcoin
Running 385 test cases...
test/base32_tests.cpp(31): error: in "base32_tests/base32_testvectors":
check failure == true has failed [false != true]
test/base64_tests.cpp(31): error: in "base64_tests/base64_testvectors":
check failure == true has failed [false != true]
test/util_tests.cpp(1074): error: in "util_tests/util_ParseMoney":
check !ParseMoney(std::string("\0-1", 3), ret) has failed
test/util_tests.cpp(1076): error: in "util_tests/util_ParseMoney":
check !ParseMoney(std::string("1\0", 2), ret) has failed
*** 4 failures are detected in the test module "Bitcoin Core Test Suite"
```
Added tests after:
```
$ src/test/test_bitcoin
Running 385 test cases...
*** No errors detected
```
ACKs for top commit:
laanwj:
Code review ACK 137c80d579502e329964d7d1028a9507d4667774
Tree-SHA512: 9486a0d32b4cf686bf5a47a0778338ac571fa39c66ad6d6d6cede58ec798e87bb50a2f9b7fd79ecd1fef1ba284e4073c1b430110967073ff87bdbbde7cada447
|
|
244501fc85a1319857efb227093c0e71c1d5a01e depends: disable unused qt networking features (fanquake)
29d56c62b7f206d42f0908819ff2e1926737f988 depends: -optimized-qmake is now -optimized-tools (fanquake)
ccdda96804088ec3ad01aec5ab0ff8e9b05b161b depends: skip building qt proxies (fanquake)
Pull request description:
Somewhat of a followup to removing BIP70 support in #17165. This removes networking features from our Qt build. This also removes the need to link against the `CFNetwork` and `SystemConfiguration` libraries on macOS.
```diff
src/qt/bitcoin-qt:
/usr/lib/libSystem.B.dylib
/System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
/System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
/System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
-/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
/System/Library/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
/System/Library/Frameworks/Carbon.framework/Versions/A/Carbon
/usr/lib/libc++.1.dylib
-/System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
/System/Library/Frameworks/CoreText.framework/Versions/A/CoreText
/System/Library/Frameworks/ImageIO.framework/Versions/A/ImageIO
/usr/lib/libobjc.A.dylib
```
> Introduced the -optimized-tools option; supersedes -optimized-qmake.
`optimized-qmake` became `optimized-tools` in Qt 5.6.0. While the former still works, we can use the newer flag.
A diff of the removed symbols is available [here](https://gist.github.com/fanquake/9c8d5961c91f90a2966191367adfb391).
We still need to actually build the network module, because we are using `QLocalServer` & `QLocalSocket` in the payment server.
ACKs for top commit:
Sjors:
Code review ACK 244501fc85a1319857efb227093c0e71c1d5a01e: just a rebase (_updated since I accidentally repeated the previous hash_)
practicalswift:
ACK 244501fc85a1319857efb227093c0e71c1d5a01e -- diff looks correct
promag:
Code review ACK 244501fc85a1319857efb227093c0e71c1d5a01e.
Tree-SHA512: 79734e3c96c40e7e484c86ac4cd4f738c05fcebe4771aeac443883f618a6c766e667909d5f8f14f9bd82f43206387c952458c5fa765cd0830f8beda6e6ac80ae
|
|
7965e0b41ae03110ad784a1b374f831600c0cca1 doc: Add release note for RPC Whitelist (Emil Engler)
Pull request description:
A release note for #12763
ACKs for top commit:
laanwj:
ACK 7965e0b41ae03110ad784a1b374f831600c0cca1
Tree-SHA512: 4ac3e62029a403e64e4cd3183433dc7aa071d42688b689d7cffb8f08dc4b26d2a586d32fa791d2b5679d6b95cd6e34c56e40a5592b9af446ad9429307f7267fe
|
|
containing NUL characters
|
|
|
|
|
|
|
|
|
|
functions
|
|
in https://github.com/bitcoin-core/qa-assets/tree/master/fuzz_seed_corpus
|
|
|
|
|
|
GetWarnings() changes the format of the output warning string based on a
passed-in string argument that can be set to "gui" or "statusbar".
Change the argument to a bool:
- there are only two types of behaviour, so a bool is a more natural
argument type
- changing the name to 'verbose' does not set any expectations for the
how the calling code will use the returned string (currently,
'statusbar' is used for RPC warnings, not a status bar)
- removes some error-handling code for when the passed-in string is not
one of the two strings expected.
|
|
|
|
7d263571bee8c36fbe3c854b69c6f31cf1ee3b9b rpc: require second argument only for scantxoutset start action (Andrew Chow)
Pull request description:
It was reported on [IRC](http://www.erisian.com.au/bitcoin-core-dev/log-2019-12-11.html#l-377) that `scantxoutset`'s API was broken in 0.19.0:
```
<belcher> i think scantxoutset may have been broken in bitcoin core 0.19 ? regardless of what parameters i run it with (e.g. "scantxoutset abort", "scantxoutset status") it just returns the help doc, according to the release notes the only change was https://github.com/bitcoin/bitcoin/pull/16285/files but i dont see anything that wouldve broken it, it works fine in 0.18
<belcher> im on regtest, in case its important
<harding> I can confirm `scantxoutset abort` returns the help doc on latest master. Waiting for 0.18.1 to start now to attempt to reproduce there.
<harding> It looks like it's expecting a second parameter (even though that doesn't make sense with "abort").
<jonatack> Same for me as well
<harding> Can also confirm that `scantxoutset abort` returns the expected result on 0.18.1.
```
As noted in the conversation, previously, the second argument of `scanobjects` is only required for the `start` action. `Stop` and `abort` actions did not and could work without them.
It appears that this was broken by #16240 which enforced the size of the arguments to match the listed required arguments.
To fix this issue, this PR makes the `scanobjects` argument an optional argument. Then only in the `start` action do we check whether the `scanobjects` argument is there and throw an informative error about that. Also a test is added for this case.
ACKs for top commit:
laanwj:
ACK 7d263571bee8c36fbe3c854b69c6f31cf1ee3b9b
promag:
ACK 7d263571bee8c36fbe3c854b69c6f31cf1ee3b9b.
Tree-SHA512: 828bdfe47f4fffa5d00a2cf88db6cea4a2714d9c49276841ca5cbdd1603b87bb6862147b86edcf36d7b40314ddb80b1a07fd399faf288572c55cc788c5cf9526
|
|
|
|
a64e97dd476bda7c7981979d045b0d06d6f7ce47 wallet: unbreak with boost 1.72 (Jan Beich)
Pull request description:
Regressed by https://github.com/boostorg/filesystem/commit/9a14c37d6f95. See [error log](http://package22.nyi.freebsd.org/data/113amd64-default-PR241449/2019-11-27_11h48m22s/logs/bitcoin-0.19.0.1.log).
https://github.com/bitcoin/bitcoin/blob/35eda631ed3bd23d4a41761a85a96f925d4a6337/src/fs.h#L14
ACKs for top commit:
MarcoFalke:
ACK a64e97dd476bda7c7981979d045b0d06d6f7ce47
Tree-SHA512: 0aad2b8ec211bb81021a2f8cd2059364f949be716ebaf154dd97d5c2f7119f42553892e90e6c375018ff2155b996690c7520374762259778de88014cb531ad3b
|
|
This performs the same function as -Wl,-z,now, except for ld on macOS.
You can check the binaries using otool -l, looking for the
LC_DYLD_INFO_ONLY section. lazy_bind_off and lazy_bind_size should both
be 0.
man ld:
-bind_at_load
Sets a bit in the mach header of the resulting binary which tells dyld
to bind all symbols when the binary is loaded, rather than lazily.
|
|
|
|
|
|
|
|
2081442c421cc4376e5d7839f68fbe7630e89103 test: Add test for rpc_whitelist (Emil Engler)
7414d3820c833566b4f48c6c120a18bf53978c55 Add RPC Whitelist Feature from #12248 (Jeremy Rubin)
Pull request description:
Summary
====
This patch adds the RPC whitelisting feature requested in #12248. RPC Whitelists help enforce application policies for services being built on top of Bitcoin Core (e.g., your Lightning Node maybe shouldn't be adding new peers). The aim of this PR is not to make it advisable to connect your Bitcoin node to arbitrary services, but to reduce risk and prevent unintended access.
Using RPC Whitelists
====
The way it works is you specify (in your bitcoin.conf) configurations such as
```
rpcauth=user1:4cc74397d6e9972e5ee7671fd241$11849357f26a5be7809c68a032bc2b16ab5dcf6348ef3ed1cf30dae47b8bcc71
rpcauth=user2:181b4a25317bff60f3749adee7d6bca0$d9c331474f1322975fa170a2ffbcb176ba11644211746b27c1d317f265dd4ada
rpcauth=user3:a6c8a511b53b1edcf69c36984985e$13cfba0e626db19061c9d61fa58e712d0319c11db97ad845fa84517f454f6675
rpcwhitelist=user1:getnetworkinfo
rpcwhitelist=user2:getnetworkinfo,getwalletinfo, getbestblockhash
rpcwhitelistdefault=0
```
Now user1 can only call getnetworkinfo, user2 can only call getnetworkinfo or getwalletinfo, while user3 can still call all RPCs.
If any rpcwhitelist is set, act as if all users are subject to whitelists unless rpcwhitelistdefault is set to 0. If rpcwhitelistdefault is set to 1 and no rpcwhitelist is set, act as if all users are subject to whitelists.
Review Request
=====
In addition to normal review, would love specific review from someone working on LN (e.g., @ roasbeef) and someone working on an infrastructure team at an exchange (e.g., @ jimpo) to check that this works well with their system.
Notes
=====
The rpc list is spelling sensitive -- whitespace is stripped though. Spelling errors fail towards the RPC call being blocked, which is safer.
It was unclear to me if HTTPReq_JSONRPC is the best function to patch this functionality into, or if it would be better to place it in exec or somewhere else.
It was also unclear to me if it would be preferred to cache the whitelists on startup or parse them on every RPC as is done with multiUserAuthorized. I opted for the cached approach as I thought it was a bit cleaner.
Future Work
=====
In a future PR, I would like to add an inheritance scheme. This seemed more controversial so I didn't want to include that here. Inheritance semantics are tricky, but it would also make these whitelists easier to read.
It also might be good to add a `getrpcwhitelist` command to facilitate permission discovery.
Tests
=====
Thanks to @ emilengler for adding tests for this feature. The tests cover all cases except for where `rpcwhitelistdefault=1` is used, given difficulties around testing with the current test framework.
ACKs for top commit:
laanwj:
ACK 2081442c421cc4376e5d7839f68fbe7630e89103
Tree-SHA512: 0dc1ac6a6f2f4b0be9c9054d495dd17752fe7b3589aeab2c6ac4e1f91cf4e7e355deedcb5d76d707cbb5a949c2f989c871b74d6bf129351f429569a701adbcbf
|
|
Base58 tests.
d945c6f5e6f61b6e289ac7da6834c18f1b677b0f util: Don't allow base58-decoding of std::string:s containing non-base58 characters (practicalswift)
ff7a9992263f5a19f73097c86068b6150d213c23 tests: Add tests for base58-decoding of std::string:s containing non-base58 characters (practicalswift)
Pull request description:
Don't allow Base58 decoding of non-Base58 strings. Add Base58 tests.
Fixes #17718.
Added tests before the Base58 decoding patch:
```
$ make check
…
test/base58_tests.cpp(62): error: in "base58_tests/base58_DecodeBase58":
check !DecodeBase58(std::string("\0invalid", 8), result) has failed
test/base58_tests.cpp(67): error: in "base58_tests/base58_DecodeBase58":
check !DecodeBase58(std::string("good\0bad0IOl", 12), result) has failed
test/base58_tests.cpp(76): error: in "base58_tests/base58_DecodeBase58":
check !DecodeBase58Check(std::string("3vQB7B6MrGQZaxCuFg4oh\00IOl", 26), result) has failed
*** 3 failures are detected in the test module "Bitcoin Core Test Suite"
…
$ echo $?
1
```
Added tests before the Base58 decoding patch:
```
$ make check
…
OK
…
$ echo $?
0
```
ACKs for top commit:
MarcoFalke:
ACK d945c6f5e6f61b6e289ac7da6834c18f1b677b0f 🚓
laanwj:
ACK d945c6f5e6f61b6e289ac7da6834c18f1b677b0f
Tree-SHA512: 78fee3a18718c9cfbf2e4b26daaf8f24b4deca00475b7b254fec7f8be740f8898c696d9cd0eaa7c50bca55909b9dff3b516b6fe4db92dc132dcc0a1c5e3d61af
|
|
d94d34f05f4ae3efa07de409489d68bbcc216346 doc: update developer notes wrt unix epoch time (Jon Atack)
e2f32cb5c5c7f2b1d1fc7003587b6573fb59526a qa: unify unix epoch time descriptions (Jon Atack)
Pull request description:
Closes #17613.
Updated call sites: mocktime, getblockheader, getblock, pruneblockchain,
getchaintxstats, getblocktemplate, setmocktime, getpeerinfo, setban,
getnodeaddresses, getrawtransaction, importmulti, listtransactions,
listsinceblock, gettransaction, getwalletinfo, getaddressinfo
Commands for testing manually:
```
bitcoind -help-debug | grep -A1 mocktime
bitcoin-cli help getblockheader
bitcoin-cli help getblock
bitcoin-cli help pruneblockchain
bitcoin-cli help getchaintxstats
bitcoin-cli help getblocktemplate
bitcoin-cli help setmocktime
bitcoin-cli help getpeerinfo
bitcoin-cli help setban
bitcoin-cli help getnodeaddresses
bitcoin-cli help getrawtransaction
bitcoin-cli help importmulti
bitcoin-cli help listtransactions
bitcoin-cli help listsinceblock
bitcoin-cli help gettransaction
bitcoin-cli help getwalletinfo
bitcoin-cli help getaddressinfo
```
ACKs for top commit:
laanwj:
re-ACK d94d34f05f4ae3efa07de409489d68bbcc216346
Tree-SHA512: 060713ea4e20ab72c580f06c5c7e3ef344ad9c2c9cb034987d980a54e3ed2ac0268eb3929806daa5caa7797c45f5305254fd499767db7f22862212cf77acf236
|
|
|
|
to "UNIX epoch time".
Call sites updated:
```
mocktime
getblockheader
getblock
pruneblockchain
getchaintxstats
getblocktemplate
setmocktime
getpeerinfo
setban
getnodeaddresses
getrawtransaction
importmulti
listtransactions
listsinceblock
gettransaction
getwalletinfo
getaddressinfo
```
|
|
75d9317bc1aecaab95bf875f8dca97ac3daddff4 Update msvc build for Visual Studio 2019 v16.4 (Aaron Clauson)
Pull request description:
msvc warning C4834 for the Bitcoin Core build was introduced by Visual Studio 16.4.0. This PR adds an ignore rule for the warning (it's related to the nodiscard attribute and is not considered relevant).
An additional side effect of the msvc compiler update is the prebuilt Qt5.9.8 libraries cannot be linked due to being built with an earlier version of the compiler. To fix this a new Qt5.9.8 version has been compiled and the appveyor job updated to use them.
The GitHub Actions job needs to continue to use the original Qt5.9.8 libraries until the latest GitHub Windows image also updates to >= Visual Studio 2019 v16.4.
Top commit has no ACKs.
Tree-SHA512: c28d64d78a968eb0bd614932b2d42d762d68853120c345970072b473e2c43fb34e99865062ae1517b10e76f269de6b8f4eed119cf05d59aa883a3553d6a76812
|