From 7414733beac92ce8ba365def592d0363fb24872c Mon Sep 17 00:00:00 2001 From: Matt Corallo Date: Sun, 10 Jul 2011 16:07:22 +0200 Subject: Make an invalid addrIncoming so that old clients crash. This prevents old clients from opening, and thus corrupting or otherwise causing harm to encrypted wallets. --- src/wallet.cpp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'src/wallet.cpp') diff --git a/src/wallet.cpp b/src/wallet.cpp index 9f3701a8a7..93313e7b27 100644 --- a/src/wallet.cpp +++ b/src/wallet.cpp @@ -108,6 +108,19 @@ bool CWallet::ChangeWalletPassphrase(const string& strOldWalletPassphrase, const return false; } + +// This class implements an addrIncoming entry that causes pre-0.4 +// clients to crash on startup if reading a private-key-encrypted wallet. +class CCorruptAddress +{ +public: + IMPLEMENT_SERIALIZE + ( + if (nType & SER_DISK) + READWRITE(nVersion); + ) +}; + bool CWallet::EncryptWallet(const string& strWalletPassphrase) { CRITICAL_BLOCK(cs_mapPubKeys) @@ -166,6 +179,8 @@ bool CWallet::EncryptWallet(const string& strWalletPassphrase) if (fFileBacked) { + CCorruptAddress corruptAddress; + pwalletdbEncryption->WriteSetting("addrIncoming", corruptAddress); if (!pwalletdbEncryption->TxnCommit()) exit(1); //We now have keys encrypted in memory, but no on disk...die to avoid confusion and let the user reload their unencrypted wallet. -- cgit v1.2.3