| Age | Commit message (Collapse) | Author |
|---|
|
This will disconnect peers that do not transfer a block in 10 minutes, plus
5 minutes for every previously queued block with validated headers
(accomodating downstream bandwidth down to a few kilobytes per second - below
that the node would have trouble staying synchronized anyway).
Github-Pull: #5608
Rebased-From: 916130348ca803d762db912307b247f60f9aacd6
|
|
Add some defensive programming on top of #5634.
This copies the respective OpenSSL code in ECDSA_verify in
OpenSSL pre-1.0.1k (e.g. https://github.com/openssl/openssl/blob/OpenSSL_1_0_1j/crypto/ecdsa/ecs_vrf.c#L89)
more closely.
As reported by @sergiodemianlerner.
Github-Pull: #5640
Rebased-From: c6b7b29f232c651f898eeffb93f36c8f537c56d2
|
|
Github-Pull: #5634
Rebased-From: 8dccba6a45db0466370726ed462b9da2eae43bce
|
|
New versions of OpenSSL will reject non-canonical DER signatures. However,
it'll happily decode them. Decode then re-encode before verification in order
to ensure that it is properly consumed.
Github-Pull: #5634
Rebased-From: 488ed32f2ada1d1dd108fc245d025c4d5f252783
|
|
If these are going to fail in bitcoind, they should fail in the tests as well.
Github-Pull: #5604
Rebased-From: d58c5d6f21fd2421bc8cbb224849e8c38b617775
|
|
2ecd294 Bugfix: configure: Correctly detect "nothing to build" condition (Luke Dashjr)
b7a4ecc Bugfix: Only check for boost when building code that requires it (Luke Dashjr)
a19eeac Bugfix: configure: Check for openssl/ec.h (Luke Dashjr)
fe925e2 Use EXTRA_LIBRARIES instead of noinst_LIBRARIES so we can avoid building unused code (Cory Fields)
|
|
Rebased-From: e41345790f1041f5c5e5605d73a0af174769aa55
Github-Pull: #5597
|
|
Otherwise, if CCoinsViewCache::ModifyCoins throws an exception in between
setting hasModifier and constructing the CCoinsModifier, the cache ends up
in an inconsistent state, resulting in an assert failure in the next
modification.
Bug discovered by Wladimir J. van der Laan.
Rebased-From: 1c52aad540ec1370db60fd68fc3485413e3cb8e1
Github-Pull: #5597
|
|
Rebased-From: 1c52aad540ec1370db60fd68fc3485413e3cb8e1
Github-Pull: #5535
|
|
unused code
|
|
Github-Pull: #5528
Rebased-From: 2a3d988b802dcea4453241e37168d8511078940a a089c50981e822014ffc18e8a37b3518feb52206 2c14d1532fe66a243cdbfb7de48b298213305765
|
|
Rebased-From: be22b3da1df15757ef15e4c4963507bcdff6a872
Github-Pull: #5532
|
|
With the splashscreen being able to be closed it is possible to
shutdown during the lengthy verifyDB method. (Takes about a minute
on my machine). This change allows us to shutdown much sooner.
Github-Pull: #5557
Rebased-From: 70477a0bdf6eb6d123ce256f064bbd3bc356c82a
|
|
Rebased-From: 643415aade0dae528098df2d822288ba0c5f6ce2
Github-Pull: #5583
|
|
There is still a redundancy here between configure.ac and
clientversion.h.
Rebased-From: edbc9045cb21020d0cc19d226f55ee169e2ffb92
|
|
The normative place for these for the entire project is COPYING,
and the main README already has a MIT license section.
Rebased-From: e6df2bb48f4bff7a2dec4aa226102b0cf2cd828b
|
|
Besides giving a nicer error, this also prevents logging arbitrary data (which could have been used to exploit log readers) into debug.log
Rebased-From: 7f718139191d67da29c5d856d29e035bbc51e659
Github-Pull: #5499
|
|
I'm not comfortable with retaining this entry.
Rebased-From: a094b3d9732aaca362e883655319852e4ce9a174
Github-Pull: #5545
|
|
|
|
Rebased-From: 06206bb3b78067f1f433dde8062c8ab01aaf43eb
Github-Pull: 5571
|
|
Rebased-From: f9c571aad8261eb9a5cab9dce5b490bd253c5fe1
Github-Pull: #5565
|
|
|
|
Rebased-From: a15dba5dff1229b67ff44bf16ff14063e885f376
Github-Pull: #5533
|
|
Previously an empty script wouldn't be hashed, and CScriptID would be
assigned the incorrect value of 0 instead. This bug can be seen in the
RPC decodescript command:
$ btc decodescript ""
{
"asm" : "",
"type" : "nonstandard",
"p2sh" : "31h1vYVSYuKP6AhS86fbRdMw9XHieotbST"
}
Correct output:
$ btc decodescript ""
{
"asm" : "",
"type" : "nonstandard",
"p2sh" : "3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy"
}
Rebased-From: d78f0dafd520f481f909cca7e361a4e482cbea72
Github-Pull: #5541
|
|
|
|
|
|
|
|
|
|
Don't allow immediate inv driven block downloads if
a peer already has MAX_BLOCKS_IN_TRANSIT_PER_PEER
active downloads. Prevents bogus inv spam from
blowing up block transfer tracking data structures.
Rebased-From: c90770430d7c1eb7ece2d4ddb987b0f2210fd86f
Github-Pull: #5507
|
|
'Sane' was already defined by this code as:
fee.GetFeePerK() > minRelayFee.GetFeePerK() * 10000
But sanity was only enforced for data loaded from disk.
Note that this is a pretty expansive definition of 'sane': A 10 BTC
fee is still passes the test if its on a 100kb transaction.
This prevents a single insane fee on the network from making us reject
our stored fee data at start. We still may reject valid saved fee
state if minRelayFee is changed between executions.
This also reduces the risk and limits the damage from a cascading
failure where one party pays a bunch of insane fees which cases
others to pay insane fees.
Rebased-From: 64849306905e625fd44d297e8d58c3e1dd98cb90
Github-Pull: #5481
|
|
Previously the minRelayTxFee was only enforced on user specified values.
It was possible for smartfee to produce a fee below minRelayTxFee which
would just result in the transaction getting stuck because it can't be
relayed.
This also introduces a maxtxfee option which sets an absolute maximum
for any fee created by the wallet, with an intention of increasing
user confidence that the automatic fees won't burn them. This was
frequently a concern even before smartfees.
If the configured fee policy won't even allow the wallet to meet the relay
fee the transaction creation may be aborted.
Rebased-From: aa279d613152e87ea25edfdf76c86779c0632f18
Github-Pull: #5485
|
|
Rebased-From: 34970223472c9e83689a1c710eebc7c16f152b02
Github-Pull: #5459
|
|
Rebased-From: 4bc95c43871645c1d69a0d719c13b38151a3a13f
|
|
Previously transactions were only tested again the
STANDARD_SCRIPT_VERIFY_FLAGS prior to mempool acceptance, so any bugs in
those flags that allowed actually-invalid transactions to pass would
result in allowing invalid transactions into the mempool. Fortunately
there is a second check in CreateNewBlock() that would prevent those
transactions from being mined, resulting in an invalid block, however
this could still be exploited as a DoS attack.
Rebased-From: 7c041b3b91aa08a8f5863382b865a5174281ad03
|
|
Rebased-From: 84857e87e42e412336ea60d0f8544c1679bab827
Github-Pull: #5437
|
|
Bump version but keep CLIENT_VERSION_IS_RELEASE at false as this is not
a release yet.
|
|
Github-Pull: #5461
Rebased-From: aa768f1848b00e0fd615016598d3fb1f1da240ed
|
|
34318d7 RPC-test based on invalidateblock for mempool coinbase spends (Gavin Andresen)
7fd6219 Make CTxMemPool::remove more effecient by avoiding recursion (Matt Corallo)
b7b4318 Make CTxMemPool::check more thourough by using CheckInputs (Matt Corallo)
723d12c Remove txn which are invalidated by coinbase maturity during reorg (Matt Corallo)
868d041 Remove coinbase-dependant transactions during reorg. (Matt Corallo)
|
|
|
|
932ef50 [REST] JSON output: remove block infos from tx details if it is nested in block (Jonas Schnelli)
cae5486 [REST] added /rest/block/notxdetails/<hash> into REST-interface.md documentation (Jonas Schnelli)
73351c3 [REST] /rest/block response with full tx details (Jonas Schnelli)
|
|
4be639e Use RPC_INVALID_PARAMETER instead of RPC_WALLET_ERROR for invalid amount. No return at the end of void function. (Pavel Janík)
b93173d Move SendMoney() to rpcwallet.cpp. (Pavel Janík)
|
|
|
|
- rest block request returns full unfolded tx details
- /rest/block/notxdetails/<HASH> returns block where transactions are only represented by its hash
|
|
5ec654b [Qt] update paymentserver license and cleanup ordering (Philip Kaufmann)
4333e26 [Qt] add BIP70 DoS protection test (Philip Kaufmann)
31f8494 [Qt] add BIP70 payment request size DoS protection for URIs (Philip Kaufmann)
2284ccb [Qt] remove dup lock that is done in SetAddressBook() (Philip Kaufmann)
1ec753f [Qt] ensure socket is set to NULL in PaymentServer::ipcSendCommandLine (Philip Kaufmann)
814429d [Qt] add BIP70/BIP71 constants for all messages and mime types (Philip Kaufmann)
b82695b [Qt] make PaymentServer::ipcParseCommandLine void (Philip Kaufmann)
|
|
65b0328 newlines in strings are invalid JSON (Ryan X. Charles)
|
|
|
|
|
|
|
|
This still leaves transactions in mempool that are potentially
invalid if the maturity period has been reorged out of, but at
least they're not missing inputs entirely.
|
|
|
