Age | Commit message (Collapse) | Author |
|
Since users may have thought the null characters in their
passphrases were actually evaluated prior to this change,
they may be surprised to learn that their passphrases no
longer work. Give them feedback to explain how to remedy
the issue.
|
|
`SecureString` is a `std::string` specialization with
a secure allocator. However, it's treated like a C-
string (no explicit length and null-terminated). This
can cause unexpected behavior. For instance, if a user
enters a passphrase with an embedded null character
(which is possible through Qt and the JSON-RPC), it will
ignore any characters after the null, giving the user
a false sense of security.
Instead of assigning `SecureString` via `std::string::c_str()`,
assign it via a `std::string_view` of the original. This
explicitly captures the size and doesn't make any extraneous
copies in memory.
|
|
See https://clang.llvm.org/extra/clang-tidy/checks/modernize/use-default-member-init.html
|
|
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-
Commits of previous years:
* 2020: fa0074e2d82928016a43ca408717154a1c70a4db
* 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
|
|
Windows OS
ac7ccd67d7f2b09e36dd57405f899e4698dd3d78 scripted-diff: Remove unused "What's This" button in dialogs on Windows (Hennadii Stepanov)
b6951483ecdd4409a0e1d492c93bcd4d823f039d qt: Add flags to prevent a "What's This" button on Windows OS (Hennadii Stepanov)
Pull request description:
Fix #74.
From [Qt docs](https://doc.qt.io/qt-5/qdialog.html#QDialog):
> The widget flags _f_ are passed on to the `QWidget` constructor. If, for example, you don't want a **What's This** button in the title bar of the dialog, pass `Qt::WindowTitleHint | Qt::WindowSystemMenuHint` in _f_.
Screenshot on Windows 10 (2004):
- master (3ba25e3bdde3464eed5d2743d68546e48b005544)
![Screenshot from 2020-09-07 16-55-42](https://user-images.githubusercontent.com/32963518/92402384-20dc6a00-f138-11ea-9dcb-3e0f6373ff22.png)
- this PR (e322fe7e19ac504272d14b9b4f9b28b13df888ed)
![Screenshot from 2020-09-07 18-31-16](https://user-images.githubusercontent.com/32963518/92402509-5aad7080-f138-11ea-8b63-9bbbf8b9b9e1.png)
ACKs for top commit:
Bosch-0:
tACK ac7ccd67d7f2b09e36dd57405f899e4698dd3d78 Tested on Windows 10.0.18363 Build 18363.
promag:
Code review ACK ac7ccd67d7f2b09e36dd57405f899e4698dd3d78 but with some suggestions.
jonasschnelli:
utACK ac7ccd67d7f2b09e36dd57405f899e4698dd3d78
Tree-SHA512: f6750a17b7203106cb4db5870becba1cef6a505d4edcc710ba131338bd3aae051510627e62c9bcb8345a7f497c614709e11aeb8f6ae3ea85967bbce2a8c69e64
|
|
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-
|
|
When trying to send a transaction from an encrypted wallet, the ask
passphrase dialog would not allow the user to click the "OK" button
and proceed. Therefore it was impossible to send a transaction
through the gui. It was not enabling the "OK" button after the
passphrase was entered by the user, because it was using the same
form validation logic as the "Change passphrase" flow.
|
|
|
|
Co-authored-by: Sehyun Chung <sehyun@berkeley.edu>
|
|
-BEGIN VERIFY SCRIPT-
git grep -l 'QDialog(parent)' -- src/qt | xargs sed -i -E 's/QDialog\(parent\)/QDialog\(parent, GUIUtil::dialog_flags\)/g'
-END VERIFY SCRIPT-
|
|
CMD+W/CTRL+W is the standard shortcut to close a window without
exiting the program.
|
|
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-
|
|
UI improvements:
- update remaining GUI wallet labels and tooltips from passwords to passphrases
- improve grammar of labels in askpassphrase dialog and WalletController::closeWallet
|
|
|
|
Qt-only changes.
|
|
|
|
c1dde3a949b36ce9c2155777b3fa1372e7ed97d8 No longer shutdown after encrypting the wallet (Andrew Chow)
d7637c5a3f1d62922594cdfb6272e30dacf60ce9 After encrypting the wallet, reload the database environment (Andrew Chow)
5d296ac810755dc47f105eb95b52b7e2bcb8aea8 Add function to close all Db's and reload the databae environment (Andrew Chow)
a769461d5e37ddcb771ae836254fdc69177a28c4 Move BerkeleyEnvironment deletion from internal method to callsite (Andrew Chow)
Pull request description:
This is the replacement for #11678 which implements @ryanofsky's [suggestion](https://github.com/bitcoin/bitcoin/pull/11678#pullrequestreview-76464511).
Shutting down the software was to prevent the BDB environment from writing unencrypted private keys to disk in the database log files, as was noted [here](https://bitcointalk.org/index.php?topic=51474.msg616068#msg616068). This PR replaces the shutdown behavior with a CDBEnv flush, close, and reopen which achieves the same effect: everything is cleanly flushed and closed, the log files are removed, and then the environment reopened to continue normal operation.
To ensure that no unencrypted private keys are in the log files after encrypting the wallet, I wrote [this script](https://gist.github.com/achow101/7f7143e6c3d3fdc034d3470e72823e9d) to pull private keys from the original wallet file and searches for these keys in the log files (note that you will have to change your file paths to make it work on your own machine).
As for concerns about private keys being written to slack space or being kept in memory, these behaviors no longer exist after the original wallet encryption PR and the shutting down solution from 2011.
cc @ryanofsky
Tree-SHA512: 34b894283b0677a873d06dee46dff8424dec85a2973009ac9b84bcf3d22d05f227c494168c395219d9aee3178e420cf70d4b3eeacc9785aa86b6015d25758e75
|
|
|
|
Since the database environment is flushed, closed, and reopened during
EncryptWallet, there is no need to shut down the software anymore.
|
|
|
|
|
|
This makes all include paths in the GUI absolute.
Many changes are involved as every single source file in
src/qt/ assumes to be able to use relative includes.
|
|
-BEGIN VERIFY SCRIPT-
for f in \
src/*.cpp \
src/*.h \
src/bench/*.cpp \
src/bench/*.h \
src/compat/*.cpp \
src/compat/*.h \
src/consensus/*.cpp \
src/consensus/*.h \
src/crypto/*.cpp \
src/crypto/*.h \
src/crypto/ctaes/*.h \
src/policy/*.cpp \
src/policy/*.h \
src/primitives/*.cpp \
src/primitives/*.h \
src/qt/*.cpp \
src/qt/*.h \
src/qt/test/*.cpp \
src/qt/test/*.h \
src/rpc/*.cpp \
src/rpc/*.h \
src/script/*.cpp \
src/script/*.h \
src/support/*.cpp \
src/support/*.h \
src/support/allocators/*.h \
src/test/*.cpp \
src/test/*.h \
src/wallet/*.cpp \
src/wallet/*.h \
src/wallet/test/*.cpp \
src/wallet/test/*.h \
src/zmq/*.cpp \
src/zmq/*.h
do
base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-
|
|
|
|
Edited via:
$ contrib/devtools/copyright_header.py update .
|
|
|
|
This is usability improvement in a case if user gets re-asked
passphrase. (e.g. made a typo)
|
|
|
|
|
|
|
|
|
|
Pagelocker is only needed for secure (usually wallet) operations, so don't make
the zero-after-free allocator depend on it.
|
|
Github-Pull: #5494
Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60
|
|
78253fc Remove references to X11 licence (Michael Ford)
|
|
|
|
|
|
Set minimum sizes appropriately, and make sure that they
are enforced. Replaces #5226.
|
|
|
|
Use misc methods of avoiding unnecesary header includes.
Replace int typedefs with int##_t from stdint.h.
Replace PRI64[xdu] with PRI[xdu]64 from inttypes.h.
Normalize QT_VERSION ifs where possible.
Resolve some indirect dependencies as direct ones.
Remove extern declarations from .cpp files.
|
|
Closes #839
|
|
- rename URL into URI in paymentserver where correct
- add some missing Qt-coding-stuff in paymentserver
- change QSpinBox to QLineEdit as base for BitcoinAmountField in .ui files
(as this is the result when converting the BAF back into base)
- remove some c_str() and replace with QString::fromStdString()
- remove several new-lines
- remove unneeded spaces
- indentation fixes
|
|
On non-us keyboards you can obtain lower case characters even pressing
the SHIFT, this caused false positives.
|
|
- instead of "return false;" use "return QDialog::eventFilter(object,
event);" to harmonize this event filter with our default behaviour
- remove orphan spaces found while editting the files
|
|
|
|
Don't include HTML in translation strings. Do split the huge message over several lines.
Prettier lines
|
|
Fix spelling and grammar errors
|
|
|
|
- ensure warnings always start with "Warning:" and that the first
character after ":" is written uppercase
- ensure the first sentence in warnings ends with an "!"
- remove unneeded spaces from Warning-strings
- add missing Warning-string translation
- remove a "\n" and replace with untranslatable "<br><br>"
|
|
|
|
style-sheet for bold font and use Qt Designer option / remove an unused label default-text and remove an obsolete clear()'
|