aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-02Merge bitcoin/bitcoin#27183: doc: Update Transifex links and slug format in ↵fanquake
Release Process 9c371e50a225e158264b008ba05c9e95055d9800 doc: Update Transifex links and slug format in Release Process (Hennadii Stepanov) Pull request description: Reflected the recent changes in Transifex's [workflow](https://github.com/bitcoin/bitcoin/pull/26321) and on its website. ACKs for top commit: jarolrod: ACK 9c371e50a225e158264b008ba05c9e95055d9800 Tree-SHA512: d11f2fa197bba2e3198ca255d80edd7178e8074dc84b03262054d01fa33c8160ca492a1358e9da1e7d32cec21a298593322d10e4cb045ef99ccec2cbe901cb63
2023-03-01Merge bitcoin/bitcoin#27172: guix: switch to some `minimal` versions of ↵Andrew Chow
packages in our manifest 2c9eb4afe1f583aafa552b2711b149f17ef8320f guix: use cmake-minimal over cmake (fanquake) 1475515312856afe3f19a95f2c32bc80c7c54484 guix: use coreutils-minimal over coreutils (fanquake) 444562141504ff7f0bb071d6e7bf7f511517e372 guix: use bash-minimal over bash (fanquake) Pull request description: Minimal versions of the same packages, that should still be sufficient for our use: > (define-public bash-minimal ;; A stripped-down Bash for non-interactive use. > (define-public coreutils-minimal ;; Coreutils without its optional dependencies. > ;;; This minimal variant of CMake does not include the documentation. It is ;;; used by the cmake-build-system. (define-public cmake-minimal ACKs for top commit: TheCharlatan: ACK 2c9eb4afe1f5 Sjors: tACK 2c9eb4afe1f583aafa552b2711b149f17ef8320f achow101: ACK 2c9eb4afe1f583aafa552b2711b149f17ef8320f hebasto: ACK 2c9eb4afe1f583aafa552b2711b149f17ef8320f, Tree-SHA512: f91ca9e088b8346b20c2affc80870c31640de3aedcfcc0fb98a5e82c77ef64537870b88552f26759d31d8d0956b1fd685e6c25d5acbc92f5feaececd1a7dd37e
2023-03-01doc: Update Transifex links and slug format in Release ProcessHennadii Stepanov
2023-03-01Merge bitcoin/bitcoin#27169: Update translations for 25.0 soft translation ↵fanquake
string freeze 9172cc672ea99eac6d0210e8b793ca030c20e179 qt: Update translation source file (Hennadii Stepanov) 7b0cbf444d2ecdd2a6c0754990bf677ab1152dab qt: Bump Transifex slug for 25.x (Hennadii Stepanov) 369023d22def0917fd879f52f86cf6a4945498ca qt: Periodic translation updates from Transifex (Hennadii Stepanov) Pull request description: This PR follows our [Release Process](https://github.com/bitcoin/bitcoin/blob/master/doc/release-process.md). Required to open Transifex translations for 25.0 on 2023-03-01 as it's [planned](https://github.com/bitcoin/bitcoin/issues/26549). **NOTE.** Translations for the following languages for the latest 24.x Transifex resource have been effectively cancelled/damaged/vandalized: - German (de) by [nesbonk83](https://www.transifex.com/user/profile/nesbonk83/) on 2023-01-27 - Dutch (nl) by [bram00767](https://www.transifex.com/user/profile/bram00767/) on 2022-12-17 - Spanish, Mexico (es_MX) by [VCFNFT](https://www.transifex.com/user/profile/VCFNFT/) on 2022-08-08 The first commit ignores changes to translations mentioned above. ACKs for top commit: jarolrod: ACK 9172cc672ea99eac6d0210e8b793ca030c20e179 Tree-SHA512: 85641facecd11526bbcde934b43629aba1b856c4f97272a956c2ce194af8a1723325a160a0a518fc052af9373f853204848b58d3c0a3bea09788fccfc5d9f557
2023-02-28Merge bitcoin/bitcoin#27165: Make miniscript_{stable,smart} fuzzers avoid ↵fanquake
too large scripts 56e37e71a2538a240cc360678aeb752d17bd8f45 Make miniscript fuzzers avoid script size limit (Pieter Wuille) bcec5ab4ff1039c0c309dbbb9953adbd0a4f3e88 Make miniscript fuzzers avoid ops limit (Pieter Wuille) 213fffa5138229eac2d4a9eda0f643fe90870378 Enforce type consistency in miniscript_stable fuzz test (Pieter Wuille) e1f30414c6b9434048e089ccc3ec4f475f980c60 Simplify miniscript fuzzer NodeInfo struct (Pieter Wuille) 5abb0f5ac37e8a17072d5989a025227035fdc7e6 Do base type propagation in miniscript_stable fuzzer (Pieter Wuille) Pull request description: This adds a number of improvements to the miniscript fuzzers that all amount to rejecting invalid or overly big miniscripts early on: * Base type propagation in the miniscript_stable fuzzers prevents constructing a large portion of miniscripts that would be illegal, with just a little bit of type logic in the fuzzer. The fuzzer input format is unchanged. * Ops and script size tracking in GenNode means that too-large scripts (either due to script size limit or ops limit) will be detected on the fly during fuzz input processing, before actually constructing the scripts. Closes #27147. ACKs for top commit: darosior: re-ACK 56e37e71a2 dergoegge: tACK 56e37e71a2538a240cc360678aeb752d17bd8f45 Tree-SHA512: 245584adf9a6644a35fe103bc81b619e5b4f5d467571a761b5809d08b1dec48f7ceaf4d8791ccd8208b45c6b309d2ccca23b3d1ec5399df76cd5bf88f2263280
2023-02-28Merge bitcoin/bitcoin#27173: valgrind: remove libsecp256k1 suppressionfanquake
29b62c01c8d211475ea9dd1a1093820f0a86c06d valgrind: remove libsecp256k1 suppression (fanquake) Pull request description: I am no-longer been able to recreate this issue, atleast after the most recent libsecp256k1 changes. Can someone else confirm? ACKs for top commit: MarcoFalke: lgtm ACK 29b62c01c8d211475ea9dd1a1093820f0a86c06d sipa: utACK 29b62c01c8d211475ea9dd1a1093820f0a86c06d Tree-SHA512: e61e5b88ac2af3c779f23d999938bec4497f6433a029c07dd57a9481fe9cc104d8d8f63586910b29f41e66bbf0ed094bc7539c0df84754a1783c4b1b15af072e
2023-02-28Merge bitcoin/bitcoin#23897: refactor: Move calculation logic out from ↵glozow
`CheckSequenceLocksAtTip()` 75db62ba4cae048e742ca02dc6a52b3b3d6727de refactor: Move calculation logic out from `CheckSequenceLocksAtTip()` (Hennadii Stepanov) 3bc434f4590758db673e1bd4ebf1906ea632f593 refactor: Add `CalculateLockPointsAtTip()` function (Hennadii Stepanov) Pull request description: This PR is follow up for bitcoin/bitcoin#22677 and bitcoin/bitcoin#23683. On master (013daed9acca1b723f599d63ab36b9c2a5c60e5f) it is not obvious that `CheckSequenceLocksAtTip()` function can modify its `LockPoints* lp` parameter which leads to https://github.com/bitcoin/bitcoin/pull/22677#discussion_r762040101. This PR: - separates the lockpoint calculate logic from `CheckSequenceLocksAtTip()` function into a new `CalculateLockPointsAtTip()` one - cleans up the `CheckSequenceLocksAtTip()` function interface - makes code easier to reason about (hopefully) ACKs for top commit: achow101: ACK 75db62ba4cae048e742ca02dc6a52b3b3d6727de stickies-v: re-ACK 75db62b Tree-SHA512: 072c3fd9cd1e1b0e0bfc8960a67b01c80a9f16d6778f374b6944ade03a020415ce8b8ab2593b0f5e787059c8cf90af798290b4c826785d41955092f6e12e7486
2023-02-28Merge bitcoin/bitcoin#27170: refactor: Stop using gArgs global in system.cppAndrew Chow
9a9d5da11fa6033f82dcf8e2298aee29587f5396 refactor: Stop using gArgs global in system.cpp (Ryan Ofsky) b20b34f5b33230fe253c81008496bd9b13fd6ecf refactor: Use new GetConfigFilePath function (Ryan Ofsky) Pull request description: Most of the code in `util/system.cpp` that was hardcoded to use the global `ArgsManager` instance `gArgs` has been changed to stop using it (for example in https://github.com/bitcoin/bitcoin/pull/20092). But a few hardcoded references to `gArgs` remain. This commit removes the last ones so these functions aren't reading or writing global state. Noticed these `gArgs` references while reviewing #27073 ACKs for top commit: achow101: ACK 9a9d5da11fa6033f82dcf8e2298aee29587f5396 stickies-v: ACK 9a9d5da11 willcl-ark: tACK 9a9d5da11 Tree-SHA512: 2c74b0d5fc83e9ed2ec6562eb26ec735512f75db8876a11a5d5f04e6cdbe0cd8beec19894091aa2cbf29319194d2429ccbf8036f5520ecc394f6fe89a0079a7b
2023-02-28Merge bitcoin/bitcoin#27174: ci: bump lint task to bookworm for git v2.38fanquake
a984beeca10e3ae1ceb3ea53e4dea778160e7079 [ci] change lint to bookworm for git v2.38 (glozow) Pull request description: Since 5497c14, verify-commits.py uses `git merge-tree` which requires git v2.38 or later. Fix the lint jobs on master (e.g. https://cirrus-ci.com/task/4971007513985024). ACKs for top commit: achow101: ACK a984beeca10e3ae1ceb3ea53e4dea778160e7079 hebasto: re-ACK a984beeca10e3ae1ceb3ea53e4dea778160e7079 Tree-SHA512: dd50598aefb6f9c86cf221dea27fcc521e335cb182f7a3abcb3215d3991794354085be3e07c133ab74ca8b957e3a6acc43722899165957b3d898867d6253ebdc
2023-02-28Merge bitcoin/bitcoin#27176: docs: GetDataDirNet and GetDataDirBase don't ↵fanquake
create datadir fb0dbe94233ec509570cbba3118cf62d8e60842b docs: GetDataDirNet and GetDataDirBase don't create datadir (stickies-v) Pull request description: Since #27073, the behaviour of `GetDataDir()` [changed](https://github.com/bitcoin/bitcoin/pull/27073/files#diff-19427b0dd1a791adc728c82e88f267751ba4f1c751e19262cac03cccd2822216L435-L443) to only return the datadir path, but not create it if non-existent. This also changed the behaviour of `GetDataDirNet()` and `GetDataDirBase()` but the docs do not yet reflect that. ACKs for top commit: TheCharlatan: ACK fb0dbe94233ec509570cbba3118cf62d8e60842b theStack: ACK fb0dbe94233ec509570cbba3118cf62d8e60842b willcl-ark: ACK fb0dbe942 Tree-SHA512: 3f10f4871df59882f3649c6d3b2362cae2f8a01ad0bd0c636c5608b0d177d279a2e8712930b819d6d3912e91fa6447b9e54507c33d8afe427f7f39002b013bfb
2023-02-28Merge bitcoin/bitcoin#26533: prune: scan and unlink already pruned block ↵Andrew Chow
files on startup 3141eab9c669488a2e7fef5f60d356ac92294922 test: add functional test for ScanAndUnlinkAlreadyPrunedFiles (Andrew Toth) e252909e561e47d75cb3a892657662a139f6532c test: add unit test for ScanAndUnlinkAlreadyPrunedFiles (Andrew Toth) 77557dda4a123515d0fa2a545ee21d7c43a66988 prune: scan and unlink already pruned block files on startup (Andrew Toth) Pull request description: There are a few cases where we can mark a block and undo file as pruned in our block index, but not actually remove the files from disk. 1. If we call `FindFilesToPrune` or `FindFilesToPruneManual` and crash before `UnlinkPrunedFiles`. 2. If on Windows there is an open file handle to the file somewhere else when calling `fs::remove` in `UnlinkPrunedFiles` (https://en.cppreference.com/w/cpp/filesystem/remove, https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-deletefilew#remarks). This could be from another process, or if we are calling `ReadBlockFromDisk`/`ReadRawBlockFromDisk` without having a lock on `cs_main` (which has been allowed since https://github.com/bitcoin/bitcoin/commit/ccd8ef65f93ed82a87cee634660bed3ac17d9eb5). This PR mitigates this by scanning all pruned block files on startup after `LoadBlockIndexDB` and unlinking them again. ACKs for top commit: achow101: ACK 3141eab9c669488a2e7fef5f60d356ac92294922 pablomartin4btc: re-ACK with added functional test 3141eab9c669488a2e7fef5f60d356ac92294922. furszy: Code review ACK 3141eab9 theStack: Code-review ACK 3141eab9c669488a2e7fef5f60d356ac92294922 Tree-SHA512: 6c73bc57838ad1b7e5d441af3c4d6bf4c61c4382e2b86485e57fbb74a61240710c0ceeceb8b4834e610ecfa3175c6955c81ea4b2285fee11ca6383f472979d8d
2023-02-28[ci] change lint to bookworm for git v2.38glozow
Since 5497c14, verify-commits.py requires git merge-tree which is only available in git v2.38 or later.
2023-02-28Make miniscript fuzzers avoid script size limitPieter Wuille
Use the same technique as is using in the FromString miniscript parser to predict the final script size of the miniscript being generated in the miniscript_stable and miniscript_smart fuzzers (by counting every unexplored sub node as 1 script byte, which is possible because every leaf node always adds at least 1 byte). This allows bailing out early if the script being generated would exceed the maximum allowed size (before actually constructing the miniscript, as that may happen only significantly later potentially). Also add a self-check to make sure this predicted script size matches that of generated scripts.
2023-02-28Make miniscript fuzzers avoid ops limitPieter Wuille
Keep track of the total number of ops the constructed script will have during miniscript_stable and miniscript_smart fuzzers' GenNode, so it can abort early if the 201 ops limit would be exceeded. Also add a self-check that the final constructed node has the predicted ops size limit, so we know the fuzzer's logic for keeping track of this is correct.
2023-02-28Enforce type consistency in miniscript_stable fuzz testPieter Wuille
Add a self-check to the fuzzer that the constructed types match the expected types in the miniscript_stable fuzzer too.
2023-02-28Simplify miniscript fuzzer NodeInfo structPieter Wuille
Since we now keep track of all expected child node types (even if rudimentary) in both miniscript_stable and miniscript_smart fuzzers, there is no need anymore for the former shortcut NodeInfo constructors without sub types.
2023-02-28Do base type propagation in miniscript_stable fuzzerPieter Wuille
Keep track of which base type (B, K, V, or W) is desired in the miniscript_stable ConsumeStableNode function. This allows aborting early if the constructed node won't have the right type. Note that this does not change the fuzzer format; the meaning of inputs in ConsumeStableNode is unmodified. The only change is that often the fuzzer will abort early. The direct motivation is preventing recursing v: wrappers, which are the only fragment type that does not otherwise increase the overall minimum possible script size. In a later commit this will be exploited to prevent overly-large scripts from being constructed.
2023-02-28docs: GetDataDirNet and GetDataDirBase don't create datadirstickies-v
Since #27073, the behaviour of GetDataDir changed to only return the datadir path, but not create it. This also changed the behaviour of GetDataDirNet and GetDataDirBase but the docs do not yet reflect that.
2023-02-28guix: use cmake-minimal over cmakefanquake
2023-02-28guix: use coreutils-minimal over coreutilsfanquake
2023-02-28guix: use bash-minimal over bashfanquake
2023-02-28valgrind: remove libsecp256k1 suppressionfanquake
2023-02-28Merge bitcoin/bitcoin#27157: init: Return ChainstateLoadStatus::INTERRUPTED ↵fanquake
when verification was interrupted. c5825e14f8999a8c5f5121027af9e07ac51ab42e doc: add explanation for fail_on_insufficient_dbcache (Ryan Ofsky) 7dff7da4f5eafa89546565a63362e57516e4064e init: Return more fitting ChainStateLoadStatus if verification was interrupted (Martin Zumsande) Pull request description: This addresses two outstanding comments by ryanofsky from #25574: * return `ChainstateLoadStatus::INTERRUPTED` instead of `ChainstateLoadStatus::SUCCESS` if verification was stopped by an interrupt. This would coincide with straightforward expectation, and it avoids a misleading [log entry](https://github.com/mzumsande/bitcoin/blob/c5825e14f8999a8c5f5121027af9e07ac51ab42e/src/init.cpp#L1526) in `init` for the block index load time (because that would include the verificiation, which didn't complete). It shouldn't affect node behavior otherwise because the shutdown signal would be caught in init anyway. In test, this would lead to an assert ([link](https://github.com/mzumsande/bitcoin/blob/c5825e14f8999a8c5f5121027af9e07ac51ab42e/src/test/util/setup_common.cpp#L230)), which also makes more sense because benign interrupts are not expected there during init. This can be tested by setting a large value for `-checkblocks`, interrupting the node during block verification and observing the log. https://github.com/bitcoin/bitcoin/pull/25574#discussion_r1110050930 * add documentation for `require_full_verification` https://github.com/bitcoin/bitcoin/pull/25574#discussion_r1110031541 ACKs for top commit: MarcoFalke: thanks lgtm ACK c5825e14f8999a8c5f5121027af9e07ac51ab42e Tree-SHA512: ca1c71a1b046d30083337dd9ef6d52e66fa1ac8c4ecd807716e4aa6a894179a81df41caee916fa30997fd6e0b284412a3c8f2919d19c29d826fb580ffb89fd73
2023-02-28Merge bitcoin/bitcoin#27118: depends: harden libeventfanquake
ff4a73aea2b8346f48f75e1130a36749f70e9049 depends: use FORTIFY_SOURCE=3 with libevent (fanquake) Pull request description: Use `FORTIFY_SOURCE=3` when building libevent in depends. I've upstreamed a change to switch libevent from using =2 to =3 as well: https://github.com/libevent/libevent/pull/1418. Solves half of #27038, by giving us some fortified funcs in `bitcoin-cli`. ACKs for top commit: TheCharlatan: ACK ff4a73aea2b8346f48f75e1130a36749f70e9049 Tree-SHA512: eaf692ec92b288f0cb524c011fc81529f58efa4c43d418a7b3ae7108eba2bccba708a81a28ac6d063267be80ca615637c6e3fccc02497d7367af2eaae0e8d812
2023-02-27refactor: Stop using gArgs global in system.cppRyan Ofsky
Most of the code in util/system.cpp that was hardcoded to use the global ArgsManager instance `gArgs` has been changed to work with explicit ArgsManager instances (for example in https://github.com/bitcoin/bitcoin/pull/20092). But a few hardcoded references to `gArgs` remain. This commit removes the last ones so these functions aren't reading or writing global state.
2023-02-27refactor: Use new GetConfigFilePath functionRyan Ofsky
New function was introduced by willcl-ark <will@256k1.dev> in commit 56e370fbb9413260723c598048392219b1055ad0 from https://github.com/bitcoin/bitcoin/pull/27073 and removes some duplicate code.
2023-02-27Merge bitcoin/bitcoin#26032: wallet: skip R-value signature grinding for ↵Andrew Chow
external signers 807de2cebdad960c2b52185528ca8960ec694f49 wallet: skip R-value grinding for external signers (Sjors Provoost) 72b763e4521e674990da5dd1999b7a8c7bd3ba8c wallet: annotate bools in descriptor SPKM FillPSBT() (Sjors Provoost) Pull request description: When producing a dummy signature for the purpose of estimating the transaction fee, do not assume an external signer performs R-value grinding on the signature. In particular, this avoids a scenario where the fee rate is 1 sat / vbyte and a transaction with a 72 byte signature is not accepted into our mempool. Suggested testing: 1. On master, launch with `-signet` and create an external signer wallet using e.g. a Trezor and HWI, see [guide](https://github.com/bitcoin/bitcoin/blob/master/doc/external-signer.md#example-usage) (with the GUI it should "just work" once you have the HWI path configured). 2. Create a few addresses and fund them from the faucet: https://signet.bc-2.jp/ (wait for confirmation) 3. Create another address, and now send the entire wallet to it, set the fee to 1 sat/byte 4. Most likely this transaction never gets broadcast and you won't see it on the [signet explorer](https://explorer.bc-2.jp) 5. With this PR, try again. 6. Check the explorer and inspect the transaction. Each input witness starts with either `30440220` (R has 32 bytes) or `30440221` (R has 33 bytes). See this explainer for [DER encoding](https://bitcoin.stackexchange.com/questions/92680/what-are-the-der-signature-and-sec-format). Fixes #26030 ACKs for top commit: S3RK: ACK 807de2cebdad960c2b52185528ca8960ec694f49 achow101: ACK 807de2cebdad960c2b52185528ca8960ec694f49 furszy: ACK 807de2ce ishaanam: utACK 807de2cebdad960c2b52185528ca8960ec694f49 Tree-SHA512: 64f626a3030ef0ab1e43af86d8fba113151512561baf425e6e5182af53df3a64fa9e85c7f67bf4ed15b5ad6e5d5afc7fbba8b6e1f3bad388e48db51cb9446074
2023-02-27Merge bitcoin/bitcoin#27146: Fix various libbitcoinkernel DLL build problemsfanquake
5da7c0b3e34626ca57d1f0773db61e7d8351d8c7 build: allow libitcoinkernel dll builds now that exports are fixed (Cory Fields) 130490aef95e4b352a47dfbd55df855db56760c7 build: always build bitcoin-chainstate against static libbitcoinkernel (Cory Fields) 545a74ef320d0abb1e45f88ed857ccee951e81c3 build: fix bitcoin-chainstate when libbitcoinkernel is static (Cory Fields) 9c253d2398005d852cab77c4456bc1f44831a16b build: don't define DLL_EXPORT for windows (Cory Fields) Pull request description: Fixes #25008. Fixes #19772. 1. Fixup the build defines so that exports are clean. 2. Work around a libtool issue wrt dependency calculation 3. Simplify everything by only ever building in-tree bitcoin-chainstate against a static libbitcoinkernel 4. Remove Windows-only hack that disabled dll creation ACKs for top commit: TheCharlatan: ACK 5da7c0b3e34626ca57d1f0773db61e7d8351d8c7 Tree-SHA512: 61bab457e13842946387240da703d313509af30d4ca3371a19a26a5ef1716e4d7107b09567323041b549ab1fc97a064aa1d6992406936ab9c491a616bc7f4e7f
2023-02-27Merge bitcoin/bitcoin#25227: Handle invalid hex encoding in ParseHexfanquake
faab273e060d27e166b5fb7fe7692614ec9e5c76 util: Return empty vector on invalid hex encoding (MarcoFalke) fa3549a77bf6a15d8309d36056237f3126baf721 test: Add hex parse unit tests (MarcoFalke) Pull request description: Seems a bit confusing to happily accept random bytes and pretend they are hex encoded strings. ACKs for top commit: stickies-v: re-ACK faab273e060d27e166b5fb7fe7692614ec9e5c76 Tree-SHA512: a808135f744f50aece03d4bf5a71481c7bdca1fcdd0d5b113abdb0c8b382bf81cafee6d17c239041fb49b59f4e19970f24a475378e7f711c3a47d6438de2bdab
2023-02-27qt: Update translation source fileHennadii Stepanov
The diff is produced by running `make -C src translate`.
2023-02-27qt: Bump Transifex slug for 25.xHennadii Stepanov
2023-02-27qt: Periodic translation updates from TransifexHennadii Stepanov
Pulled from 24.x resource. Changes to "de", "es_MX" and "nl" have been ignored as they remove translations altogether.
2023-02-27Merge bitcoin/bitcoin#27058: contrib: Improve verify-commits.py to work with ↵glozow
maintainers leaving 14fac808bd6c12bce121011bbf50501960c7326f verify-commits: Mention git v2.38.0 requirement (Andrew Chow) bb86887527d817ee2a015863ddf3541dac42080f verify-commits: Skip checks for commits older than trusted roots (Andrew Chow) 5497c1483097a9b582ef78089a2ce1101b7d722e verify-commits: Use merge-tree in clean merge check (Andrew Chow) 76923bfa09397568fb8eb72142468a986fc6f790 verify-commits: Remove all allowed commit exceptions (Andrew Chow) 53b07b2b47aa3d4ca80fac74e432783a1e724df3 verify-commits: Move trusted-keys valid sig check into verify-commits itself (Andrew Chow) Pull request description: Currently the `verify-commits.py` script does not work well with maintainers giving up their commit access. If a key is removed from `trusted-keys`, any commits it signed previously will fail to verify, however keys cannot be kept in the list as it would allow that person to continue to push new commits. Furthermore, the `trusted-keys` used depends on the working tree which `verify-commits.py` itself may be modifying. When the script is run, the `trusted-keys` may be the one that is intended to be used, but the script may change the tree to a different commit with a different `trusted-keys` and use that instead! To resolve these issues, I've updated `verify-commits.py` to load the `trusted-keys` file and check the keys itself rather than delegating that to `gpg.sh` (which previously read in `trusted-keys`). This avoids the issue with the tree changing. I've also updated the script so that it stops modifying the tree. It would do this for the clean merge check where it would checkout each individual commit and attempt to reapply the merges, and then checking out the commit given as a cli arg. `git merge-tree` lets us do basically that but without modifying the tree. It will give us the object id for the resulting tree which we can compare against the object id of the tree in the merge commit in question. This also appears to be quite a bit faster. Lastly I've removed all of the exception commits in `allow-revsig-commits`, `allow-incorrect-sha512-commits`, and `allow-unclean-merge-commits` since all of these predate the commits in `trusted-git-root` and `trusted-sha512-root`. I've also updated the script to skip verification of commits that predate `trusted-git-root`, and skip sha512 verification for those that predate `trusted-sha512-root`. ACKs for top commit: Sjors: ACK 14fac808bd6c12bce121011bbf50501960c7326f glozow: Concept ACK 14fac808bd6c12bce121011bbf50501960c7326f Tree-SHA512: f9b0c6e1f1aecb169cdd6c833b8871b15e31c2374dc589858df0523659b294220d327481cc36dd0f92e9040d868eee6a8a68502f3163e05fa751f9fc2fa8832a
2023-02-27util: Return empty vector on invalid hex encodingMarcoFalke
2023-02-27test: Add hex parse unit testsMarcoFalke
2023-02-24doc: add explanation for fail_on_insufficient_dbcacheRyan Ofsky
2023-02-24init: Return more fitting ChainStateLoadStatus if verification was interruptedMartin Zumsande
This also avoids a misleading block index loadtime log entry in init. Co-authored-by: Ryan Ofsky <ryan@ofsky.org>
2023-02-24Merge bitcoin/bitcoin#27154: doc: mention sanitizer suppressions in ↵glozow
developer docs 84ca5b349ecc2ad083bb39352e5d5ae731fb1622 doc: mention sanitizer suppressions in developer docs (fanquake) Pull request description: Should be enough to close #17834. ACKs for top commit: MarcoFalke: lgtm ACK 84ca5b349ecc2ad083bb39352e5d5ae731fb1622 Tree-SHA512: 233c688a3cef1006c9a00f7b7a52fd6ee0ec150367e5e56904b6f1bbdca21b9217c69f8fcf653a4943613d12c3178a39f761b25eb24fc1954a563cfb1f832f5e
2023-02-24doc: mention sanitizer suppressions in developer docsfanquake
Should be enough to close #17834.
2023-02-24Merge bitcoin/bitcoin#27135: Remove MarcoFalke fingerprint, update ↵glozow
trusted-git-root fab17f08e24f0db687dc25c5e10eb62293070048 Revert "[contrib] verify-commits: Add MarcoFalke fingerprint" (MarcoFalke) Pull request description: This reverts commit fa243293343eb964bfee5b91cc52b91f16232ab6. The commit may be signed by my key, but I haven't checked it. Also, I haven't checked the new `contrib/verify-commits/trusted-git-root`. ACKs for top commit: achow101: ACK fab17f08e24f0db687dc25c5e10eb62293070048 glozow: ACK fab17f08e2 Tree-SHA512: 485fb302f7e42704412afffd6c09a031f63df18f259b27282b8373d5bf95b0ec72426cec476d88bf23e793a6e1dae4c1df2059645961806e34b50448ebf1862a
2023-02-24Merge bitcoin/bitcoin#27151: util: Remove duplicate includefanquake
e8462690a9ff0b4155c31981fd97be16663ebb35 util: Remove duplicate include (Andrew Chow) Pull request description: Duplicate `#include <utility>` is upsetting the linter. ACKs for top commit: davidgumberg: ACK https://github.com/bitcoin/bitcoin/pull/27151/commits/e8462690a9ff0b4155c31981fd97be16663ebb35 theStack: ACK e8462690a9ff0b4155c31981fd97be16663ebb35 john-moffett: ACK e8462690a9ff0b4155c31981fd97be16663ebb35 Tree-SHA512: 9e45d8f6a2dd5efcb8eb1c3c440d94b16490dbd63255784cb39863767fa07227e06da112a150ef337ef89e2e305b60b00d5b1c12ff7e1e9c02f6648ed97fac8c
2023-02-23util: Remove duplicate includeAndrew Chow
Duplicate `#include <utility>` is upsetting the linter.
2023-02-23Merge bitcoin/bitcoin#27073: Convert ArgsManager::GetDataDir to a read-only ↵Andrew Chow
function 64c105442ce8c10900ea6fbecdbcfebe42f2d387 util: make GetDataDir read-only & create datadir.. (willcl-ark) 56e370fbb9413260723c598048392219b1055ad0 util: add ArgsManager datadir helper functions (willcl-ark) Pull request description: Fixes #20070 Currently `ArgsManager::GetDataDir()` ensures it will always return a datadir by creating one if necessary. The function is shared between `bitcoind` `bitcoin-qt` and `bitcoin-cli` which results in the undesirable behaviour described in #20070. This PR splits out the part of the function which creates directories and adds it as a standalone function, only called as part of `bitcoind` and `bitcoin-qt` init, but not `bitcoin-cli`. `ReadConfigFiles`' behavior is changed to use the absolute path of the config file in error and warning messages instead of a relative path. This was inadvertantly the form being tested [here](https://github.com/bitcoin/bitcoin/blob/73966f75f67fb797163f0a766292a79d4b2c1b70/test/functional/feature_config_args.py#L287), whilst we were _not_ testing that a relative path was returned by the message even though we passed a relative path in as argument. ACKs for top commit: achow101: ACK 64c105442ce8c10900ea6fbecdbcfebe42f2d387 hebasto: re-ACK 64c105442ce8c10900ea6fbecdbcfebe42f2d387, only comments have been adjusted as requsted since my previous [review](https://github.com/bitcoin/bitcoin/pull/27073#pullrequestreview-1307435890). TheCharlatan: Re-ACK 64c105442ce8c10900ea6fbecdbcfebe42f2d387 ryanofsky: Code review ACK 64c105442ce8c10900ea6fbecdbcfebe42f2d387. Only comment changes since last review Tree-SHA512: b129501346071ad62551c9714492b21536d0558a94117d97218e255ef4e948d00df899a4bc2788faea27d3b1f20fc6136ef9d03e6a08498d926d9ad8688d6c96
2023-02-23Merge bitcoin/bitcoin#16195: util: Use void* throughout support/lockedpool.hAndrew Chow
f36d1d5b8934aac60d3097047ecedeb58bae2185 Use void* throughout support/lockedpool.h (Jeffrey Czyz) Pull request description: Replace uses of char* with void* in Arena's member variables. Instead, cast to char* where needed in the implementation. Certain compiler environments disallow std::hash<char*> specializations to prevent hashing the pointer's value instead of the string contents. Thus, compilation fails when std::unordered_map is keyed by char*. Explicitly using void* is a workaround in such environments. For consistency, void* is used throughout all member variables similarly to the public interface. Changes to this code are covered by src/test/allocator_tests.cpp. ACKs for top commit: achow101: ACK f36d1d5b8934aac60d3097047ecedeb58bae2185 theStack: Code-review ACK f36d1d5b8934aac60d3097047ecedeb58bae2185 jonatack: ACK f36d1d5b8934aac60d3097047ecedeb58bae2185 review, debug build, unit tests, checked clang 15 raises "error: arithmetic on a pointer to void" without the conversions here from the generic void* pointer back to char* Tree-SHA512: f9074e6d29ef78c795a512a6e00e9b591e2ff34165d09b73eae9eef25098c59e543c194346fcd4e83185a39c430d43744b6f7f9d1728a132843c67bd27ea5189
2023-02-23Merge bitcoin/bitcoin#25943: rpc: Add a parameter to sendrawtransaction ↵Andrew Chow
which sets a maximum value for unspendable outputs. 7013da07fbcddb04abae9759767a9419ab90444c Add release note for PR#25943 (David Gumberg) 04f270b4358417fc2827b9f91717816062b1864e Add test for unspendable transactions and parameter 'maxburnamount' to sendrawtransaction. (David Gumberg) Pull request description: This PR adds a user configurable, zero by default parameter — `maxburnamount` — to `sendrawtransaction`. This PR makes bitcoin core reject transactions that contain unspendable outputs which exceed `maxburnamount`. closes #25899. As a result of this PR, `sendrawtransaction` will by default block 3 kinds of transactions: 1. Those that begin with `OP_RETURN` - (datacarriers) 2. Those whose lengths exceed the script limit. 3. Those that contain invalid opcodes. The user is able to configure a `maxburnamount` that will override this check and allow a user to send a potentially unspendable output into the mempool. I see two legitimate use cases for this override: 1. Users that deliberately use `OP_RETURN` for datacarrier transactions that embed data into the blockchain. 2. Users that refuse to update, or are unable to update their bitcoin core client would be able to make use of new opcodes that their client doesn't know about. ACKs for top commit: glozow: reACK 7013da07fbcddb04abae9759767a9419ab90444c achow101: re-ACK 7013da07fbcddb04abae9759767a9419ab90444c Tree-SHA512: f786a796fb71a587d30313c96717fdf47e1106ab4ee0c16d713695e6c31ed6f6732dff6cbc91ca9841d66232166eb058f96028028e75c1507324426309ee4525
2023-02-23wallet: skip R-value grinding for external signersSjors Provoost
When producing a dummy signature for the purpose of estimating the transaction fee, do not assume an external signer performs R-value grinding on the signature. In particular, this avoids a scenario where the fee rate is 1 sat / vbyte and a transaction with a 72 byte signature is not accepted into our mempool. This commit also drops the nullptr default for CCoinControl arguments for functions that it touches. This is because having a boolean argument right next to an optional pointer is error prone. Co-Authored-By: S3RK <1466284+S3RK@users.noreply.github.com>
2023-02-23wallet: annotate bools in descriptor SPKM FillPSBT()Sjors Provoost
2023-02-23Merge bitcoin/bitcoin#27124: docs: add ramdisk guide for running tests on OSXfanquake
2f84ad7b9e62dd710940c2f265b65973b94864d7 docs: add ramdisk guide for running tests on OSX (Matthew Zipkin) Pull request description: Using a ramdisk on OSX sped up the test suite by about 5x (using default `jobs=4`) on my M1 macbook pro running macOS Monterey 12.3.1. This PR adds the relevant OSX commands following the Linux directions. Default: ``` 8204 s (accumulated) Runtime: 2104 s ``` following commands from the PR: ``` 1606 s (accumulated) Runtime: 421 s ``` ramdisk + `jobs=32`: ``` 2090 s (accumulated) Runtime: 85 s ``` ACKs for top commit: jonatack: ACK 2f84ad7b9e62dd710940c2f265b65973b94864d7 willcl-ark: ACK 2f84ad7b9e62dd710940c2f265b65973b94864d7 brunoerg: utACK 2f84ad7b9e62dd710940c2f265b65973b94864d7 Tree-SHA512: 37a9903c8ac2cbfaa91e7e73fc96ef65042ff4b15763d452af7b8615255adf03429ad01cf85265a99dd569290c1d69c05a393d616868c05c190b60b053820786
2023-02-23util: make GetDataDir read-only & create datadir..willcl-ark
.. only in bitcoind and bitcoin-qt This changes behaviour of GetConfigFilePath which now always returns the absolute path of the provided -conf argument.
2023-02-23util: add ArgsManager datadir helper functionswillcl-ark
* Add ArgsManager::EnsureDataDir() Creates data directory if it doesn't exist * Add ArgsManager::GetConfigFilePath() Return config file path (read-only)