aboutsummaryrefslogtreecommitdiff
path: root/src/rpcserver.cpp
AgeCommit message (Collapse)Author
2014-12-06Disable SSLv3 (in favor of TLS) for the RPC client and server.Gregory Maxwell
TLS is subject to downgrade attacks when SSLv3 is available, and SSLv3 has vulnerabilities. The popular solution is to disable SSLv3. On the web this breaks some tiny number of very old clients. While Bitcoin RPC shouldn't be exposed to the open Internet, it also shouldn't be exposed to really old SSL implementations, so it shouldn't be a major issue for us to disable SSLv3. There is more information on the downgrade attacks and disabling SSLv3 at https://disablessl3.com/ .
2014-12-02Merge pull request #5369Gavin Andresen
b2d0162 Test resurrecting memory pool transactions during chain re-org (Gavin Andresen) 3dd8ed7 Delay writing block indexes in invalidate/reconsider (Pieter Wuille) 798faec Add 'invalidateblock' and 'reconsiderblock' RPC commands. (Pieter Wuille)
2014-11-28Move `setmocktime` to hidden categoryWladimir J. van der Laan
Another testing-only potential footgun command.
2014-11-26Introduce a hidden categoryPieter Wuille
2014-11-26Add 'invalidateblock' and 'reconsiderblock' RPC commands.Pieter Wuille
These can be used for testing reorganizations or for manual intervention in case of chain forks.
2014-11-26[REST] set REST API behind "-rest" optionJonas Schnelli
2014-11-26[REST] give an appropriate response in warmup phaseJonas Schnelli
2014-11-25Add 'invalidateblock' and 'reconsiderblock' RPC commands.Pieter Wuille
These can be used for testing reorganizations or for manual intervention in case of chain forks.
2014-11-19Truthier error message when rpcpassword is missingGlenn Willen
2014-11-18Merge pull request #5280Gavin Andresen
3c30f27 travis: disable rpc tests for windows until they're not so flaky (Cory Fields) daf03e7 RPC tests: create initial chain with specific timestamps (Gavin Andresen) a8b2ce5 regression test only setmocktime RPC call (Gavin Andresen)
2014-11-18HTTP REST: minor fixesJeff Garzik
1) const-ify internal helper ParseHashStr() 2) use HTTPError() helper when returning HTTP_NOT_FOUND
2014-11-17regression test only setmocktime RPC callGavin Andresen
2014-11-11Add unauthenticated HTTP REST interface to public blockchain data.Jeff Garzik
2014-11-04Add "warmup mode" for RPC server.Daniel Kraft
Start the RPC server before doing all the (expensive) startup initialisations like loading the block index. Until the node is ready, return all calls immediately with a new error signalling "in warmup" with an appropriate status message (similar to the init message). This is useful for RPC clients to know that the server is there (e. g., they don't have to start it) but not yet available. It is used in Namecoin and Huntercoin already for some time, and there exists a UI hooked onto the RPC interface that actively uses this to its advantage.
2014-10-30Update comments in rpcserver to be doxygen compatibleMichael Ford
2014-10-17Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the ↵Mark Friedenbach
message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log.
2014-09-26Use a typedef for monetary valuesMark Friedenbach
2014-09-15Fixing compiler warning C4101ENikS
Github-Pull: #4856
2014-08-26Split up util.cpp/hWladimir J. van der Laan
Split up util.cpp/h into: - string utilities (hex, base32, base64): no internal dependencies, no dependency on boost (apart from foreach) - money utilities (parsesmoney, formatmoney) - time utilities (gettime*, sleep, format date): - and the rest (logging, argument parsing, config file parsing) The latter is basically the environment and OS handling, and is stripped of all utility functions, so we may want to rename it to something else than util.cpp/h for clarity (Matt suggested osinterface). Breaks dependency of sha256.cpp on all the things pulled in by util.
2014-08-19Don't reveal whether password is <20 or >20 characters in RPCWladimir J. van der Laan
As discussed on IRC. It seems bad to base a decision to delay based on the password length, as it leaks a small amount of information.
2014-08-14Closely track mempool byte total. Add "getmempoolinfo" RPC.Jeff Garzik
Goal: Gain live insight into the mempool. Groundwork for future work that caps mempool size.
2014-08-11Categorize rpc help overviewCozz Lovan
Conflicts: src/rpcserver.cpp Github-Pull: #4539 Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com> Rebased-From: df3d321
2014-08-06Remove size limit in RPC client, keep it in serverWladimir J. van der Laan
The size limit makes a lot of sense for the server, as it never has to accept very large data. The client, however, can request arbitrary amounts of data with `listtransactions` on a large wallet. Fixes #4604.
2014-08-06Avoid a copy in RPC outputWladimir J. van der Laan
Split up HTTPReply into HTTPReply and HTTPReplyHeader, so that the message data can be streamed directly. Also removes a c_str(), which would have prevented binary output with NUL characters in it.
2014-08-03Implement "getchaintips" RPC command to monitor blockchain forks.Daniel Kraft
Port over https://github.com/chronokings/huntercoin/pull/19 from Huntercoin: This implements a new RPC command "getchaintips" that can be used to find all currently active chain heads. This is similar to the -printblocktree startup option, but it can be used without restarting just via the RPC interface on a running daemon.
2014-07-14Merge pull request #4400Wladimir J. van der Laan
4eedf4f make RandAddSeed() use OPENSSL_cleanse() (Philip Kaufmann) 6354935 move rand functions from util to new random.h/.cpp (Philip Kaufmann) 001a53d add GetRandBytes() as wrapper for RAND_bytes() (Philip Kaufmann)
2014-07-14Merge pull request #4503Wladimir J. van der Laan
b45a6e8 Add test for getblocktemplate longpolling (Wladimir J. van der Laan) ff6a7af getblocktemplate: longpolling support (Luke Dashjr)
2014-07-11getblocktemplate: longpolling supportLuke Dashjr
2014-07-10Clean up RPCs that are disabled in safe-mode.Gregory Maxwell
This removes some inconsistencies in what worked and didn't work in safemode. Now only RPCs involved in getting balances or sending funds are disabled. Previously you could mine but not submit blocks— but we may need more blocks to resolve a fork that triggered safe mode in the first place, and the non-submission was not reliable since some miners submit blocks via multiple means. There were also a number of random commands disabled that had nothing to do with the blockchain like verifymessage. Thanks to earlz for pointing out that there were some moderately cheap ways to maliciously trigger safe mode, which brought attention to the fact that safemode wasn't used in a very intelligent way.
2014-07-09add GetRandBytes() as wrapper for RAND_bytes()Philip Kaufmann
- add a small wrapper in util around RAND_bytes() and replace with GetRandBytes() in the code to log errors from calling RAND_bytes() - remove OpenSSL header rand.h where no longer needed
2014-07-07Merge pull request #4045Wladimir J. van der Laan
a3e192a replaced MINE_ with ISMINE_ (JaSK) 53a2148 fixed bug where validateaddress doesn't display information (JaSK) f28707a fixed bug in ListReceived() (JaSK) 519dd1c Added MINE_ALL = (spendable|watchonly) (JaSK) 23b0506 Fixed some stuff in TransactionDesc (JaSK) 80dda36 removed default argument values for ismine filter (JaSK) d5087d1 Use script matching rather than destination matching for watch-only. (Pieter Wuille) 0fa2f88 added includedWatchonly argument to listreceivedbyaddress/...account (JaSK) f87ba3d added includeWatchonly argument to 'gettransaction' because it affects balance calculation (JaSK) a5c6c5d fixed tiny glitch and improved readability like laanwj suggested (JaSK) d7d5d23 Added argument to listtransactions and listsinceblock to include watchonly addresses (JaSK) 952877e Showing 'involvesWatchonly' property for transactions returned by 'listtransactions' and 'listsinceblock'. It is only appended when the transaction involves a watchonly address. (JaSK) 83f3543 Added argument to listaccounts to include watchonly addresses (JaSK) d4640d7 Added argument to getbalance to include watchonly addresses and fixed errors in balance calculation. (JaSK) d2692f6 Watchonly transactions are marked in transaction history (JaSK) ffd40da Watchonly balances are shown separately in gui. (JaSK) 2935b21 qt: Hide unspendable outputs in coin control (Wladimir J. van der Laan) c898846 Add support for watch-only addresses (Pieter Wuille)
2014-07-03Clarify error message when invalid -rpcallowipWladimir J. van der Laan
Also add to HelpMessage() what specifications are valid.
2014-07-02Add support for watch-only addressesPieter Wuille
Changes: * Add Add/Have WatchOnly methods to CKeyStore, and implementations in CBasicKeyStore. * Add similar methods to CWallet, and support entries for it in CWalletDB. * Make IsMine in script/wallet return a new enum 'isminetype', rather than a boolean. This allows distinguishing between spendable and unspendable coins. * Add a field fSpendable to COutput (GetAvailableCoins' return type). * Mark watchonly coins in listunspent as 'watchonly': true. * Add 'watchonly' to validateaddress, suppressing script/pubkey/... in this case. Based on a patch by Eric Lombrozo. Conflicts: src/qt/walletmodel.cpp src/rpcserver.cpp src/wallet.cpp
2014-06-28fix RPC error replieskazcw
After pull #4288, RPC messages indicating errors have a Content-Length unrelated to their actual contents, rendering bitcoin-cli and curl unable to decode the reply. This patch sets the Content-Length field based on the actual content returned. Additionally, pull #4288 clobbered the error descriptions provided in ErrorReply, which bitcoin-cli relies upon; this patch moves #4288 http-error descriptions to an HTTPError method, allowing HTTPReply to pass content on unchanged.
2014-06-28Replace HexBits with strprintfjtimon
2014-06-27minor code format fix in rpc-related filesPhilip Kaufmann
2014-06-26RPC code movement: separate out JSON-RPC execution logic from HTTP server logicJeff Garzik
2014-06-26RPC cleanup: Improve HTTP server repliesJeff Garzik
1) support varying content types 2) support only sending the header 3) properly deliver error message as content, if HTTP error 4) move AcceptedConnection class to header, for wider use
2014-06-26JSON-RPC method: prioritisetransaction <txid> <priority delta> <priority tx fee>Luke Dashjr
Accepts the transaction into mined blocks at a higher (or lower) priority
2014-06-25Remove unnecessary dependencies for bitcoin-cliWladimir J. van der Laan
This commit removes all the unnecessary dependencies (key, core, netbase, sync, ...) from bitcoin-cli. To do this it shards the chain parameters into BaseParams, which contains just the RPC port and data directory (as used by utils and bitcoin-cli) and Params, with the rest.
2014-06-21Remove getwork() RPC callPieter Wuille
2014-06-19rpc: Add acceptors only when listening succeededWladimir J. van der Laan
2014-06-19rpc: Ignore and log errors during cancelWladimir J. van der Laan
Cancelling the RPC acceptors can sometimes result in an error about a bad file descriptor. As this is the shutdown sequence we need to continue nevertheless, ignore these errors, log a warning and proceed. Fixes #4352.
2014-06-09Push cs_mains down in ProcessBlockPieter Wuille
2014-06-06estimatefee / estimatepriority RPC methodsGavin Andresen
New RPC methods: return an estimate of the fee (or priority) a transaction needs to be likely to confirm in a given number of blocks. Mike Hearn created the first version of this method for estimating fees. It works as follows: For transactions that took 1 to N (I picked N=25) blocks to confirm, keep N buckets with at most 100 entries in each recording the fees-per-kilobyte paid by those transactions. (separate buckets are kept for transactions that confirmed because they are high-priority) The buckets are filled as blocks are found, and are saved/restored in a new fee_estiamtes.dat file in the data directory. A few variations on Mike's initial scheme: To estimate the fee needed for a transaction to confirm in X buckets, all of the samples in all of the buckets are used and a median of all of the data is used to make the estimate. For example, imagine 25 buckets each containing the full 100 entries. Those 2,500 samples are sorted, and the estimate of the fee needed to confirm in the very next block is the 50'th-highest-fee-entry in that sorted list; the estimate of the fee needed to confirm in the next two blocks is the 150'th-highest-fee-entry, etc. That algorithm has the nice property that estimates of how much fee you need to pay to get confirmed in block N will always be greater than or equal to the estimate for block N+1. It would clearly be wrong to say "pay 11 uBTC and you'll get confirmed in 3 blocks, but pay 12 uBTC and it will take LONGER". A single block will not contribute more than 10 entries to any one bucket, so a single miner and a large block cannot overwhelm the estimates.
2014-05-13Add -rpcbind option to allow binding RPC port on a specific interfaceWladimir J. van der Laan
Add -rpcbind command option to specify binding RPC service on one or multiple specific interfaces. Functionality if -rpcbind is not specified remains the same as before: - If no -rpcallowip specified, bind on localhost - If no -rpcbind specified, bind on any interface Implements part of #3111.
2014-05-12rpc: keep track of acceptors, and cancel them in StopRPCThreadsWladimir J. van der Laan
Fixes #4156. The problem is that the boost::asio::io_service destructor waits for the acceptors to finish (on windows, and boost 1.55). Fix this by keeping track of the acceptors and cancelling them before stopping the event loops.
2014-05-12rpc: Make sure conn object is always cleaned upWladimir J. van der Laan
Make sure conn object always gets cleaned up by using a `boost::shared_ptr`. This makes valgrind happy - before this commit, one connection object always leaked at shutdown, as well as can avoid other leaks, when for example an exception happens. Also add an explicit Close() to the !ClientAllowed path to make it similar to the normal path (I'm not sure whether it is needed, but it can't hurt).
2014-05-12rpc: pass errors from async_acceptWladimir J. van der Laan
According to the [boost::asio documentation](http://www.boost.org/doc/libs/1_55_0/doc/html/boost_asio/reference/basic_socket_acceptor/async_accept/overload2.html), the function signature of the handler must be: void handler( const boost::system::error_code& error // Result of operation. ); We were binding *all* the arguments, instead of all but the error, resulting in nullary function that never got the error. Fix this by adding an input argument substitution.
2014-05-09Add tests for BoostAsioToCNetAddrWladimir J. van der Laan