aboutsummaryrefslogtreecommitdiff
path: root/src/rpc.cpp
AgeCommit message (Collapse)Author
2011-07-13Add the walletlock RPC method to lock the wallet manually.Matt Corallo
2011-07-13Push unlocked_until in getinfo.Matt Corallo
2011-07-13Add wallet privkey encryption.Matt Corallo
This commit adds support for ckeys, or enCrypted private keys, to the wallet. All keys are stored in memory in their encrypted form and thus the passphrase is required from the user to spend coins, or to create new addresses. Keys are encrypted with AES-256-CBC using OpenSSL's EVP library. The key is calculated via EVP_BytesToKey using SHA512 with (by default) 25000 rounds and a random salt. By default, the user's wallet remains unencrypted until they call the RPC command encryptwallet <passphrase> or, from the GUI menu, Options-> Encrypt Wallet. When the user is attempting to call RPC functions which require the password to unlock the wallet, an error will be returned unless they call walletpassphrase <passphrase> <time to keep key in memory> first. A keypoolrefill command has been added which tops up the users keypool (requiring the passphrase via walletpassphrase first). keypoolsize has been added to the output of getinfo to show the user the number of keys left before they need to specify their passphrase (and call keypoolrefill). Note that walletpassphrase will automatically fill keypool in a separate thread which it spawns when the passphrase is set. This could cause some delays in other threads waiting for locks on the wallet passphrase, including one which could cause the passphrase to be stored longer than expected, however it will not allow the passphrase to be used longer than expected as ThreadCleanWalletPassphrase will attempt to get a lock on the key as soon as the specified lock time has arrived. When the keypool runs out (and wallet is locked) GetOrReuseKeyFromPool returns vchDefaultKey, meaning miners may start to generate many blocks to vchDefaultKey instead of a new key each time. A walletpassphrasechange <oldpassphrase> <newpassphrase> has been added to allow the user to change their password via RPC. Whenever keying material (unencrypted private keys, the user's passphrase, the wallet's AES key) is stored unencrypted in memory, any reasonable attempt is made to mlock/VirtualLock that memory before storing the keying material. This is not true in several (commented) cases where mlock/VirtualLocking the memory is not possible. Although encryption of private keys in memory can be very useful on desktop systems (as some small amount of protection against stupid viruses), on an RPC server, the password is entered fairly insecurely. Thus, the only main advantage encryption has for RPC servers is for RPC servers that do not spend coins, except in rare cases, eg. a webserver of a merchant which only receives payment except for cases of manual intervention. Thanks to jgarzik for the original patch and sipa, gmaxwell and many others for all their input. Conflicts: src/wallet.cpp
2011-07-02Merge branch 'tmp2' into tmp3Jeff Garzik
2011-06-27Fix AddressBook syncrhonization between a CWallet and CWalletDBStéphane Gimenez
This problem was reported independently by laanwj in Issue #350.
2011-06-26rpc: don't send 403 when using SSL to prevent DoSGiel van Schijndel
Signed-off-by: Giel van Schijndel <me@mortis.eu>
2011-06-26rpc server: send '403 Forbidden' to rejected clientsGiel van Schijndel
In order to be a proper HTTP implementation clients that aren't allowed to connect to the RPC server (using -rpcallowip), should receive a proper HTTP response. So instead of closing the connection on them send a '403 Forbidden' status. Signed-off-by: Giel van Schijndel <me@mortis.eu>
2011-06-19Fix missing includes needed for Boost 1.46.Shane Wegner
2011-06-15CWallet classPieter Wuille
* A new class CKeyStore manages private keys, and script.cpp depends on access to CKeyStore. * A new class CWallet extends CKeyStore, and contains all former wallet-specific globals; CWallet depends on script.cpp, not the other way around. * Wallet-specific functions in CTransaction/CTxIn/CTxOut (GetDebit, GetCredit, GetChange, IsMine, IsFromMe), are moved to CWallet, taking their former 'this' argument as an explicit parameter * CWalletTx objects know which CWallet they belong to, for convenience, so they have their own direct (and caching) GetDebit/... functions. * Some code was moved from CWalletDB to CWallet, such as handling of reserve keys. * Main.cpp keeps a set of all 'registered' wallets, which should be informed about updates to the block chain, and does not have any notion about any 'main' wallet. Function in main.cpp that require a wallet (such as GenerateCoins), take an explicit CWallet* argument. * The actual CWallet instance used by the application is defined in init.cpp as "CWallet* pwalletMain". rpc.cpp and ui.cpp use this variable. * Functions in main.cpp and db.cpp that are not used by other modules are marked static. * The code for handling the 'submitorder' message is removed, as it not really compatible with the idea that a node is independent from the wallet(s) connected to it, and obsolete anyway.
2011-06-14Merge pull request #226 from jordanlewis/betterheadersJeff Garzik
Optimize header dependencies; improve Makefile dependency graph
2011-05-26loss of significance in difficulty (by lfm)Pieter Wuille
For instance any nBits compressed value from 0x1a44b800 thru 0x1a44b9ff will show as difficulty 244139.4816. This patch will more accurately convert the nBits compressed values to the double difficulty. This will display any of the recent difficulty levels slightly differently though. Early difficulties and testnet difficulties are not large enough to trigger this bug. None of the actual targets or compressed targets are changed, only the conversion to the floating point difficulty is changed and afaik it is only ever displayed, never converted back so the patch does not effect the target calculations, binary files, databases nor the binary protocol.
2011-05-17Only include certain boost headers if necessary.Jordan Lewis
2011-05-15Only include init.h when we have toJordan Lewis
2011-05-15Only include net.h when we have toJordan Lewis
2011-05-15Only include db.h when we have to.Jordan Lewis
2011-05-15make bitcoin include files more modularWladimir J. van der Laan
2011-05-12Merge pull request #215 from gavinandresen/negativemoveJeff Garzik
Allow move RPC to take account balances negative
2011-05-09Allow move RPC to take account balances negativeGavin Andresen
Use case: Customer owes you bitcoins, so you create a payment address associated with an account with a negative balance (the amount they owe). When customer pays, that account balance will go to zero.
2011-05-09Add settxfee RPC, to permit setting default TX fee at runtime.Jeff Garzik
2011-05-09Help for sendtoaddress/sendfrom was wrong: amounts are rounded to 0.00000001Gavin Andresen
2011-05-09Merge branch 'master' of github.com:bitcoin/bitcoinGavin Andresen
2011-05-09Manual merge of jaromil's source tree reorg commit.Jeff Garzik
Conflicts: src/sha256.cpp
2011-04-23directory re-organization (keeps the old build system)Jaromil
there is no internal modification of any file in this commit files are moved into directories according to established standards in sourcecode distribution; these directories contain: src - Files that are used in constructing the executable binaries, but are not installed. doc - Files in HTML and text format that document usage, quirks of the implementation, and contributor checklists. locale - Files that contain human language translation of strings used in the program contrib - Files contributed from distributions or other third party implementing scripts and auxiliary programs