Age | Commit message (Collapse) | Author |
|
Besides giving a nicer error, this also prevents logging arbitrary data (which could have been used to exploit log readers) into debug.log
Rebased-From: 7f718139191d67da29c5d856d29e035bbc51e659
Github-Pull: #5499
|
|
I'm not comfortable with retaining this entry.
Rebased-From: a094b3d9732aaca362e883655319852e4ce9a174
Github-Pull: #5545
|
|
|
|
Rebased-From: 06206bb3b78067f1f433dde8062c8ab01aaf43eb
Github-Pull: 5571
|
|
Rebased-From: f9c571aad8261eb9a5cab9dce5b490bd253c5fe1
Github-Pull: #5565
|
|
|
|
Rebased-From: a15dba5dff1229b67ff44bf16ff14063e885f376
Github-Pull: #5533
|
|
Previously an empty script wouldn't be hashed, and CScriptID would be
assigned the incorrect value of 0 instead. This bug can be seen in the
RPC decodescript command:
$ btc decodescript ""
{
"asm" : "",
"type" : "nonstandard",
"p2sh" : "31h1vYVSYuKP6AhS86fbRdMw9XHieotbST"
}
Correct output:
$ btc decodescript ""
{
"asm" : "",
"type" : "nonstandard",
"p2sh" : "3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy"
}
Rebased-From: d78f0dafd520f481f909cca7e361a4e482cbea72
Github-Pull: #5541
|
|
|
|
|
|
|
|
|
|
Don't allow immediate inv driven block downloads if
a peer already has MAX_BLOCKS_IN_TRANSIT_PER_PEER
active downloads. Prevents bogus inv spam from
blowing up block transfer tracking data structures.
Rebased-From: c90770430d7c1eb7ece2d4ddb987b0f2210fd86f
Github-Pull: #5507
|
|
'Sane' was already defined by this code as:
fee.GetFeePerK() > minRelayFee.GetFeePerK() * 10000
But sanity was only enforced for data loaded from disk.
Note that this is a pretty expansive definition of 'sane': A 10 BTC
fee is still passes the test if its on a 100kb transaction.
This prevents a single insane fee on the network from making us reject
our stored fee data at start. We still may reject valid saved fee
state if minRelayFee is changed between executions.
This also reduces the risk and limits the damage from a cascading
failure where one party pays a bunch of insane fees which cases
others to pay insane fees.
Rebased-From: 64849306905e625fd44d297e8d58c3e1dd98cb90
Github-Pull: #5481
|
|
Previously the minRelayTxFee was only enforced on user specified values.
It was possible for smartfee to produce a fee below minRelayTxFee which
would just result in the transaction getting stuck because it can't be
relayed.
This also introduces a maxtxfee option which sets an absolute maximum
for any fee created by the wallet, with an intention of increasing
user confidence that the automatic fees won't burn them. This was
frequently a concern even before smartfees.
If the configured fee policy won't even allow the wallet to meet the relay
fee the transaction creation may be aborted.
Rebased-From: aa279d613152e87ea25edfdf76c86779c0632f18
Github-Pull: #5485
|
|
Rebased-From: 34970223472c9e83689a1c710eebc7c16f152b02
Github-Pull: #5459
|
|
Rebased-From: 4bc95c43871645c1d69a0d719c13b38151a3a13f
|
|
Previously transactions were only tested again the
STANDARD_SCRIPT_VERIFY_FLAGS prior to mempool acceptance, so any bugs in
those flags that allowed actually-invalid transactions to pass would
result in allowing invalid transactions into the mempool. Fortunately
there is a second check in CreateNewBlock() that would prevent those
transactions from being mined, resulting in an invalid block, however
this could still be exploited as a DoS attack.
Rebased-From: 7c041b3b91aa08a8f5863382b865a5174281ad03
|
|
Rebased-From: 84857e87e42e412336ea60d0f8544c1679bab827
Github-Pull: #5437
|
|
Bump version but keep CLIENT_VERSION_IS_RELEASE at false as this is not
a release yet.
|
|
Github-Pull: #5461
Rebased-From: aa768f1848b00e0fd615016598d3fb1f1da240ed
|
|
34318d7 RPC-test based on invalidateblock for mempool coinbase spends (Gavin Andresen)
7fd6219 Make CTxMemPool::remove more effecient by avoiding recursion (Matt Corallo)
b7b4318 Make CTxMemPool::check more thourough by using CheckInputs (Matt Corallo)
723d12c Remove txn which are invalidated by coinbase maturity during reorg (Matt Corallo)
868d041 Remove coinbase-dependant transactions during reorg. (Matt Corallo)
|
|
|
|
932ef50 [REST] JSON output: remove block infos from tx details if it is nested in block (Jonas Schnelli)
cae5486 [REST] added /rest/block/notxdetails/<hash> into REST-interface.md documentation (Jonas Schnelli)
73351c3 [REST] /rest/block response with full tx details (Jonas Schnelli)
|
|
4be639e Use RPC_INVALID_PARAMETER instead of RPC_WALLET_ERROR for invalid amount. No return at the end of void function. (Pavel Janík)
b93173d Move SendMoney() to rpcwallet.cpp. (Pavel Janík)
|
|
|
|
- rest block request returns full unfolded tx details
- /rest/block/notxdetails/<HASH> returns block where transactions are only represented by its hash
|
|
5ec654b [Qt] update paymentserver license and cleanup ordering (Philip Kaufmann)
4333e26 [Qt] add BIP70 DoS protection test (Philip Kaufmann)
31f8494 [Qt] add BIP70 payment request size DoS protection for URIs (Philip Kaufmann)
2284ccb [Qt] remove dup lock that is done in SetAddressBook() (Philip Kaufmann)
1ec753f [Qt] ensure socket is set to NULL in PaymentServer::ipcSendCommandLine (Philip Kaufmann)
814429d [Qt] add BIP70/BIP71 constants for all messages and mime types (Philip Kaufmann)
b82695b [Qt] make PaymentServer::ipcParseCommandLine void (Philip Kaufmann)
|
|
65b0328 newlines in strings are invalid JSON (Ryan X. Charles)
|
|
|
|
|
|
|
|
This still leaves transactions in mempool that are potentially
invalid if the maturity period has been reorged out of, but at
least they're not missing inputs entirely.
|
|
|
|
- this test required to make readPaymentRequestFromFile() public in order
to be able to is it in paymentservertests.cpp
|
|
- current code only does this for payment request files, which are
used on Mac
- also rename readPaymentRequest to readPaymentRequestFromFile, so it's
obvious that function only handles payment request files and not URIs
- small logging changes in readPaymentRequestFromFile
|
|
|
|
|
|
- also rename current ones to match the new ones
- remove constant from guiconstant.h and add it to paymentserver.cpp
|
|
- the function only returned true, so make it void
- add a comment about payment request network detection
|
|
683dc40 Disable SSLv3 (in favor of TLS) for the RPC client and server. (Gregory Maxwell)
|
|
|
|
|
|
TLS is subject to downgrade attacks when SSLv3 is available, and
SSLv3 has vulnerabilities.
The popular solution is to disable SSLv3. On the web this breaks
some tiny number of very old clients. While Bitcoin RPC shouldn't
be exposed to the open Internet, it also shouldn't be exposed to
really old SSL implementations, so it shouldn't be a major issue
for us to disable SSLv3.
There is more information on the downgrade attacks and disabling
SSLv3 at https://disablessl3.com/ .
|
|
No return at the end of void function.
|
|
afd4b94 Move CMerkleBlock and CPartialMerkleTree to their own file (Matt Corallo)
|
|
|
|
8a20cd3 prioritisetransaction RPC: Restore compatibility with existing implementations by using satoshis for fee offset rather than BTC (Luke Dashjr)
|
|
35e408f Regard connection failures as attempt for addrman (Wladimir J. van der Laan)
|
|
87bddb7 Squashed 'src/secp256k1/' changes from ad2028f..b0210a9 (Pieter Wuille)
ffe3291 Remove gmp dependency and doc mentions (Pieter Wuille)
|