16d9bfc4172b4f6ce24a3cd1a1cfa3933cd26751 Avoid test-before-evict evictions of current peers (Suhas Daftuar)
e8b215a086d91a8774210bb6ce8d1560aaaf0789 Refactor test for existing peer connection into own function (Suhas Daftuar)
4fe338ab3ed73b3ffb20eedf95500c56ec2920e1 Call CAddrMan::Good() on block-relay-only peer addresses (Suhas Daftuar)
daf55531260833d597ee599e2d289ea1be0b1d9c Avoid calling CAddrMan::Connected() on block-relay-only peer addresses (Suhas Daftuar)
Pull request description:
This PR does two things:
* Block-relay-only interaction with addrman.
* Calling `CAddrMan::Connected()` on an address that was a block-relay-only peer causes the time we report in `addr` messages containing that peer to be updated; particularly now that we use anchor connections with a our block-relay-only peers, this risks leaking information about those peers. So, stop this.
* Avoiding calling `CAddrMan::Good()` on block-relay-only peer addresses causes the addrman logic around maintaining the new and tried table to be less good, and in particular makes it so that block-relay-only peer addresses are more likely to be evicted from the addrman (for no good reason I can think of). So, mark those addresses as good when we connect.
* Fix test-before-evict bug. There's a bug where if we get a collision in the tried table with an existing address that is one of our current peers, and the connection is long-lived enough, then `SelectTriedCollisions()` might return that existing peer address to us as a test-before-evict connection candidate. However, our logic for new outbound connections would later prevent us from actually making a connection; the result would be that when we get a collision with a long-lived current peer, that peer's address is likely to get evicted from the tried table. Fix this by checking to see if a test-before-evict candidate is a peer we're currently connected to, and if so, mark it as `Good()`.
ACKs for top commit:
sipa:
utACK 16d9bfc4172b4f6ce24a3cd1a1cfa3933cd26751
amitiuttarwar:
code review ACK 16d9bfc417
mzumsande:
Code-Review ACK 16d9bfc4172b4f6ce24a3cd1a1cfa3933cd26751.
jnewbery:
utACK 16d9bfc4172b4f6ce24a3cd1a1cfa3933cd26751
ariard:
Code Review ACK 16d9bfc.
jonatack:
Tested ACK 16d9bfc4172b4f6ce24a3cd1a1cfa3933cd26751
Tree-SHA512: 188ccb814e436937cbb91d29d73c316ce83f4b9c22f1cda56747f0949a093e10161ae724e87e4a2d85ac40f85f5f6b4e87e97d350a1ac44f80c57783f4423324
fa90ba36d3f640ef2d559b69ae1ea99a73da6ac8 Update assumed chain params (MarcoFalke)
Pull request description:
> Oh, by the way, the same procedure as last year, Miss Sophie?
> Same procedure as every year, James.
See https://github.com/bitcoin/bitcoin/blob/master/doc/release-process.md#before-branch-off
ACKs for top commit:
jonatack:
ACK fa90ba36d3f640ef2d559b69ae1ea99a73da6ac8 per `git diff fa0c1b5 fa90ba3` and re-running getblockheader/getblockhash/getchaintxstats on the signet chain
dergoegge:
ACK fa90ba36d3 - mainnet and testnet data matches my node.
theStack:
re-ACK fa90ba36d3f640ef2d559b69ae1ea99a73da6ac8 ✔️
darosior:
re-ACK fa90ba36d3f640ef2d559b69ae1ea99a73da6ac8 for mainnet and testnet.
Tree-SHA512: 83044cc59d9fc873cb29f13008d00b54cb4bb4646c1ca53ab4f429e7333a32402becb888d3be117d390c1297c2f7d083f77ae12ac8633265edceb3cfefac087f
3d0556d41087f945ed0a47a5d770076ad42ce432 Increase feature_taproot inactive test coverage (Pieter Wuille)
525cbd425e2f6a1dbd0febc53d7ada22cec4661f Only relay Taproot spends if next block has it active (Pieter Wuille)
Pull request description:
There should be no change to mempool transaction behavior for witness v1 transactions as long as no activation is defined. Until that point, we should treat the consensus rules as under debate, and for soft-fork safety, that means spends should be treated as non-standard.
It's possible to go further: don't relay them unless the consensus rules are actually active for the next block. This extends non-relay to the period where a deployment is defined, started, locked in, or failed. I see no downsides to this, and the code change is very simple.
ACKs for top commit:
Sjors:
utACK 3d0556d41087f945ed0a47a5d770076ad42ce432
MarcoFalke:
review ACK 3d0556d41087f945ed0a47a5d770076ad42ce432 🏓
jnewbery:
utACK 3d0556d41087f945ed0a47a5d770076ad42ce432
Tree-SHA512: ca625a2981716b4b44e8f3722718fd25fd04e25bf3ca1684924b8974fca49f7c1d438fdd9dcdfbc091a442002e20d441d42c41a0e2096e74a61068da6c60267a
fab94534b64593be1620c989bf69eb02e1be9b1b doc: Document that wallet salvage is experimental (MarcoFalke)
Pull request description:
See #20151
ACKs for top commit:
practicalswift:
ACK fab94534b64593be1620c989bf69eb02e1be9b1b: user safety first
hebasto:
ACK fab94534b64593be1620c989bf69eb02e1be9b1b, maybe capitalize into "WARNING"?
meshcollider:
Trivial ACK fab94534b64593be1620c989bf69eb02e1be9b1b
Tree-SHA512: 94912c491facc485293e4333066057933d706d84c7172f615296e7ba998c583c8bd07e751e6f00cd6576e7791007ace321f959181f7bf6a4e15e10d7ec8a1b7e
ad5cef5dfdd5802fc187a52e74d940a52f420a51 doc: Update data directory path comments (Hennadii Stepanov)
b19e88230f0e93e95e883e65376963cb9c36f606 util: Add StripRedundantLastElementsOfPath function (Hennadii Stepanov)
Pull request description:
Wallet names in `listwalletdir` RPC are correct now, even if the `-datadir` path has any number of trailing `/`.
This PR is an alternative to #19933.
Fixes #19928.
ACKs for top commit:
MarcoFalke:
review ACK ad5cef5dfd 🔙
promag:
Code review ACK ad5cef5dfdd5802fc187a52e74d940a52f420a51.
meshcollider:
Code review + test run ACK ad5cef5dfdd5802fc187a52e74d940a52f420a51
Tree-SHA512: bccabbd6c18243d48d15b2b27201cc0f5984623dcbc635c8740cf74523f359844c36eadd40391142874fcf452a43880bb6afbf89815ae736e499f9a98143a661
01476a88a6095fd3af71cb9bf1eadef920a1197b wallet: Make -wallet setting not create wallets (Russell Yanofsky)
Pull request description:
This changes `-wallet` setting to only load existing wallets, not create new ones.
- Fixes settings.json corner cases reported by sjors & promag: https://github.com/bitcoin-core/gui/issues/95, https://github.com/bitcoin/bitcoin/pull/19754#issuecomment-685858578, https://github.com/bitcoin/bitcoin/pull/19754#issuecomment-685858578
- Prevents accidental creation of wallets reported most recently by jb55 http://www.erisian.com.au/bitcoin-core-dev/log-2020-09-14.html#l-355
- Simplifies behavior after #15454. #15454 took the big step of disabling creation of the default wallet. This PR extends it to avoid creating other wallets as well. With this change, new wallets just aren't created on startup, instead of sometimes being created, sometimes not. #15454 release notes are updated here and are simpler.
This change should be targeted for 0.21.0. It's a bug fix and simplifies behavior of the #15937 / #19754 / #15454 features added in 0.21.0.
---
This PR is implementing the simplest, most basic alternative listed in https://github.com/bitcoin-core/gui/issues/95#issuecomment-694236940. Other improvements mentioned there can build on top of this.
ACKs for top commit:
achow101:
ACK 01476a88a6095fd3af71cb9bf1eadef920a1197b
hebasto:
re-ACK 01476a88a6095fd3af71cb9bf1eadef920a1197b
MarcoFalke:
review ACK 01476a88a6095fd3af71cb9bf1eadef920a1197b 🏂
Tree-SHA512: 0d50f4e5dfbd04a2efd9fd66c02085a0ed705807bdec1cf5770d0ae8cb6af07080fb81306349937bf66acdb713d03fb35636f6442b650d0820e66cbae09c2f87
6c0259fc2f8bd34ba83ad10a6a11d6d99e8d1fc7 Squashed 'src/secp256k1/' changes from c6b6b8f1bb..3967d96bf1 (Pieter Wuille)
Pull request description:
Nothing important changed, but this silences this (erroneous) warning in certain GCC 9 versions:
```
In file included from src/secp256k1.c:16:
src/ecmult_impl.h: In function ‘secp256k1_ecmult’:
src/ecmult_impl.h:496:48: warning: array subscript [1, 268435456] is outside array bounds of ‘struct secp256k1_strauss_point_state[1]’ [-Warray-bounds]
496 | secp256k1_gej tmp = a[state->ps[np].input_pos];
| ~~~~~~~~~~~~~^~~~~~~~~~
src/ecmult_impl.h:565:42: note: while referencing ‘ps’
565 | struct secp256k1_strauss_point_state ps[1];
| ^~
src/ecmult_impl.h:502:139: warning: array subscript [1, 268435456] is outside array bounds of ‘struct secp256k1_strauss_point_state[1]’ [-Warray-bounds]
502 | secp256k1_fe_mul(state->zr + np * ECMULT_TABLE_SIZE(WINDOW_A), state->zr + np * ECMULT_TABLE_SIZE(WINDOW_A), &(a[state->ps[np].input_pos].z));
| ~~~~~~~~~~~~~^~~~~~~~~~
src/ecmult_impl.h:565:42: note: while referencing ‘ps’
565 | struct secp256k1_strauss_point_state ps[1];
| ^~
```
(see https://github.com/bitcoin-core/secp256k1/issues/834)
ACKs for top commit:
fanquake:
ACK 5803f5f5f6030e69b46a46f0511b8173bf89de0d - performed the update myself and got the same change: [check_20257_subtree](https://github.com/fanquake/bitcoin/tree/check_20257_subtree).
hebasto:
ACK 5803f5f5f6030e69b46a46f0511b8173bf89de0d, tested on Linux Mint 20 (x86_64) with `gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0` -- no warnings are emitted.
Tree-SHA512: 386281d23aee93a3b1d1a09fec8319c3a477e46967430c935677eed54abddc62d5a7710f9eeab1ec476ace05adcb194b5b377712e44a6bb95a74ffa35faf77f3
398045ba8b3694931069f88ec95553b3207dd1a6 cli -netinfo: print oversized/extreme ping times as "-" (Jon Atack)
773f4c99c00c0b1d8c1b53cb99ba571337100953 cli -netinfo: handle longer tor v3 local addresses (Jon Atack)
33e987452f869c279f2491499939e51e0af8364c cli -netinfo: make age column variable-width (Jon Atack)
f8a1c4d9469cb496fdafaf6f4d94977687df9190 cli -netinfo: various quick updates and fixes (Jon Atack)
Pull request description:
Quick fixups and updates for v0.21.0:
- [x] handle larger BIP155 `addrv2` addresses
- [x] add Signet chain
- [x] add an additional space between the `net` and `mping` columns; add missing `tinyformat` and `algorithm` headers
- [x] s/uptime/age/ per 0xB10C suggestion, and make the column auto-adjusting variable width
- [x] display `-` for oversized mping/ping times like `1.17348e+06`, as reported by practicalswift
Edit: removed the release note commit, as this PR was not merged before the notes were moved to the wiki. It's here:
```
- A new `bitcoin-cli -netinfo` command returns a network peer connections
dashboard that displays data from the `getpeerinfo` and `getnetworkinfo` RPCs
in a human-readable format. An optional integer argument from `0` to `4` may
be passed to see various levels of detail. (#19643)
```
ACKs for top commit:
michaelfolkson:
ACK 398045ba8b3694931069f88ec95553b3207dd1a6
Emzy:
Tested ACK 398045ba8b3694931069f88ec95553b3207dd1a6
Tree-SHA512: 0625ee840141bafbfcaf8f1fce53f8f850ae91721b2bdad4279372da87c18a1fe3a214d90bfdbbabdf6da38d58290d7dd0f1109b4e2ca5d20cacf417d6ced0f9
bbb42a68961a8ae1e4ef3221ffb1d5ff7272b075 RPC: createwallet: Nicer error message if descriptor wallet requested and sqlite support not compiled in (Luke Dashjr)
6608fec332eac4dfd91138bc4fe2e1b5c7bb758f GUI: Create Wallet: Nicely disable descriptor wallet checkbox if sqlite support not compiled in (Luke Dashjr)
7b54d768e1514b328e1ac108d3db2f1bac3ba7ff Make sqlite support optional (compile-time) (Luke Dashjr)
Pull request description:
As a new requirement, sqlite support should be optional. This PR aims to be only minimum/blocker changes for 0.21.
Potential follow-up PRs after this:
* Make BDB support optional
* Nicer error messages when user tries to load an unsupported wallet
* Don't compile descriptor wallet code if sqlite disabled
ACKs for top commit:
jonasschnelli:
Tested ACK bbb42a68961a8ae1e4ef3221ffb1d5ff7272b075
achow101:
ACK bbb42a68961a8ae1e4ef3221ffb1d5ff7272b075
Sjors:
re-utACK bbb42a68961a8ae1e4ef3221ffb1d5ff7272b075
hebasto:
ACK bbb42a68961a8ae1e4ef3221ffb1d5ff7272b075, tested on Linux Mint 20 (x86_64, Qt 5.12.8).
Tree-SHA512: 500209dd1971310fab8ae51543343ce0ba91f088ccccff6109b4cc27547cd5532289dca6cb7dac2a7d7c59cdf3c8f5aacc31e9b0f912e38cea52ec26b97100bd
d419fdedbe34c7ea19c0473660cc1b486b4e70d8 [net processing] Don't add AlreadyHave txs to recentRejects (Troy Giorshev)
Pull request description:
If we already have a transaction, don't add it to recentRejects
Now, we only add a transaction to our recentRejects filter if we didn't already have it, meaning that it is added at most once, as intended.
ACKs for top commit:
jnewbery:
Code review ACK d419fdedbe34c7ea19c0473660cc1b486b4e70d8
laanwj:
Code review ACK d419fdedbe34c7ea19c0473660cc1b486b4e70d8
Tree-SHA512: cff5c1ba36c4700e2d6ab3eec4a3e51e1bef28fb3cc1bc850c84e06d6e5a9f6c32825207c253cc9cdf596b2eaadb6b5be68b3f8ca752b4ef6c31cf85138e3c99
3967d96bf1 Merge #838: Make autotools check for all the used openssl functions
3734b68200 Configure echo if openssl tests are enabled
6f54e69f03 Merge #841: Avoids a potentially shortening size_t to int cast in strauss_wnaf_
8893f42438 Avoids a potentially shortening size_t to int cast in strauss_wnaf_
e6692778d3 Modify bitcoin_secp.m4's openssl check to call all the functions that we use in the tests/benchmarks. That way linking will fail if those symbols are missing
ac05f61fcf Merge #809: Stop treating ECDH as experimental
e6e3d5da2f travis: add schnorrsig to valgrind and big endian platform test
353dff156f Stop treating ECDH as experimental
git-subtree-dir: src/secp256k1
git-subtree-split: 3967d96bf184519eb98b766af665b4d4b072563e
Outbound peer logic prevents connecting to addresses that we're already
connected to, so prevent inadvertent eviction of current peers via
test-before-evict by checking this condition and marking current peer's
addresses as Good().
Co-authored-by: John Newbery <john@johnnewbery.com>
Being able to invoke Good() is important for address management (new vs tried
table, tried table eviction via test-before-evict). We mitigate potential
information leaks by not calling Connected() on these peer addresses.
- add new signet chain
- update change "uptime" column name to "age" per suggestion by 0xB10C (Timo)
- add an additional digit to mping field width
- change m_networks_size from size_t to uint8_t, as size_t was a holdover
from m_networks_size being defined as size_t m_networks.size() in a draft
- order Peer struct members by decreasing memory size
20c9e035543892e322c7134e89eb33115678bb30 gui: Call setWalletActionsEnabled(true) only for the first wallet (Hennadii Stepanov)
Pull request description:
On master (a78742830aa35bf57bcb0a4730977a1e5a1876bc) there is a bug:
- open an encrypted wallet; please note that the "Encrypt Wallet..." menu item is disabled that is expected:
- then open any other wallet; note that the "Encrypt Wallet..." menu item gets enabled that is wrong:
This PR fixes this bug.
ACKs for top commit:
jonasschnelli:
Tested ACK 20c9e035543892e322c7134e89eb33115678bb30 - I could reproduce the issue on master and have verify that this PR fixes it.
achow101:
ACK 20c9e035543892e322c7134e89eb33115678bb30
Tree-SHA512: 2c9ab94bde8c4f413b0a95c05bf3a1a29f5910e0f99d6639a11dd77758c78af25b060b3fecd78117066ef15b113feb79870bc1347cc04289da915c00623e5787
56a461f72796ca60de28e78f144741eb1a4f5213 wallet: fix buffer over-read in SQLite file magic check (Sebastian Falbesoner)
Pull request description:
Looking at our new SQLite database code, I noticed that there is a potential problem in the method `IsSQLiteFile()`: If there is no terminating zero within the first 16 bytes of the file, the `magic` buffer would be over-read in the `std::string` constructor for `magic_str`. Fixed by using the "from buffer" variant of the string ctor (that also takes a size) rather than the "from c-string" variant (see http://www.cplusplus.com/reference/string/string/string/).
The behaviour can be reproduced by the following steps:
* Creating a file of at least 512 bytes in size (to pass the minimum size check) that doesn't contain zero bytes in the magic area, e.g. simply:
`$ python3 -c "print('A'*512)" > /tmp/corrupt_wallet`
* Showing content and size of the `magic_str` string in case the magic check fails
* Create a simple unit test that simply calls `IsSQLiteFile` with the corrupt wallet file
* Run the unit test and see the random gibberish output of `magic_str` after 16 `A`s :-)
Or, TLDR variant, just get the branch https://github.com/theStack/bitcoin/tree/reproduce_sqlite_magic_overread, compile unit Tests and run the script `./reproduce_sqlite_magic_overread.sh`.
Note that this is the minimal diff, probably it would be better to avoid `std::string` at all in this case and just use `memcmp`, strings that include null bytes are pretty confusing.
ACKs for top commit:
promag:
Code review ACK 56a461f72796ca60de28e78f144741eb1a4f5213.
practicalswift:
ACK 56a461f72796ca60de28e78f144741eb1a4f5213: patch looks correct
achow101:
ACK 56a461f72796ca60de28e78f144741eb1a4f5213
Tree-SHA512: a7aadd4d38eb92337e6281df2980f4bde744dbb6cf112b9cd0f2cab8772730e302db9123a8fe7ca4e7e844c47e68957487adb2bed4518c40b4bed6a69d7922b4
If there is no terminating zero within the 16 magic bytes, the buffer would be
over-read in the std::string constructor. Fixed by using the "from buffer"
variant of the ctor (that also takes a size) rather than the "from c-string"
variant.
fa4074b395a47c54069bd9f598244701505ff11d Show name, format and if uses descriptors in bitcoin-wallet tool (Jonas Schnelli)
Pull request description:
ACKs for top commit:
MarcoFalke:
ACK fa4074b395a47c54069bd9f598244701505ff11d
jonatack:
re-ACK fa4074b395a47c54069bd9f598244701505ff11d
Tree-SHA512: cf6ee96ff21532fc4b0ba7a0fdfdc1fa485c9b1495447350fe65cd0bd919e0e0280613933265cdee069b8c29ccf015ac374535a70cac3d4fb89f4d08b3a03519
2d5793c0161902730cde384dbdf3e3ba3e55c9e0 Bugfix: chainparams: Add missing (disabled) Taproot deployment for Signet (Luke Dashjr)
Pull request description:
Is there a way we can trigger compiler warnings if a deployment is undefined?
ACKs for top commit:
decryp2kanon:
utACK 2d5793c0161902730cde384dbdf3e3ba3e55c9e0
MarcoFalke:
review ACK 2d5793c0161902730cde384dbdf3e3ba3e55c9e0
Tree-SHA512: 135cefae0f8dc552b0f682c2b87cabca7a4716290a36410a55968850e803a5049234e3cc597c8ef8d7917ae5d5ea3fb851e160df171b6793114c6bc01c5ea3e7
624bab00dd2cc8e2ebd77dc0a669bc8d507c3721 test: add coverage for getwalletinfo format field (Jon Atack)
5e737a009234cbd7cf53748d3d28a2da5221192f rpc, wallet: Expose database format in getwalletinfo (João Barbosa)
Pull request description:
Support for sqlite based wallets was added in #19077. This PR adds the `format` key in `getwalletinfo` response, that can be `bdb` or `sqlite`.
ACKs for top commit:
jonatack:
Tested ACK 624bab00dd2cc8e2ebd77dc0a669bc8d507c3721
laanwj:
Code review ACK 624bab00dd2cc8e2ebd77dc0a669bc8d507c3721.
MarcoFalke:
doesn't hurt ACK 624bab00dd2cc8e2ebd77dc0a669bc8d507c3721
hebasto:
ACK 624bab00dd2cc8e2ebd77dc0a669bc8d507c3721, tested on Linux Mint 20 (x86_64).
meshcollider:
utACK 624bab00dd2cc8e2ebd77dc0a669bc8d507c3721
Tree-SHA512: a81f8530f040f6381d33e073a65f281993eccfa717424ab6e651c1203cbaf27794dcb7175570459e7fdaa211565bc060d0a3ecbe70d2b6f9c49b8d5071e4441c
