Commit graph

36656 commits

Author SHA1 Message Date
ishaanam
493b813e17 wallet: ensure that the passphrase is not deleted from memory when being used to rescan
`m_relock_mutex` is introduced so that the passphrase is not
deleted from memory when the timeout provided in
`walletpassphrase` is up, but the wallet is still rescanning.
2023-02-14 23:32:40 -05:00
ishaanam
66a86ebabb wallet: keep track of when the passphrase is needed when rescanning
Wallet passphrases are needed to top up the keypool during a
rescan. The following RPCs need the passphrase when rescanning:
    - `importdescriptors`
    - `rescanblockchain`

The following RPCs use the information about whether or not the
passphrase is being used to ensure that full rescans are able to
take place:
    - `walletlock`
    - `encryptwallet`
    - `walletpassphrasechange`
2023-02-14 23:31:26 -05:00
Andrew Chow
576e16e702
Merge bitcoin/bitcoin#26184: test: p2p: check that headers message with invalid proof-of-work disconnects peer
772671245d test: p2p: check that headers message with invalid proof-of-work disconnects peer (Sebastian Falbesoner)

Pull request description:

  One of the earliest anti-DoS checks done after receiving and deserializing a `headers` message from a peer is verifying whether the proof-of-work is valid (called in method `PeerManagerImpl::ProcessHeadersMessage`):
  f227e153e8/src/net_processing.cpp (L2752-L2762)
  The called method `PeerManagerImpl::CheckHeadersPoW` calls `Misbehaving` with a score of 100, i.e. leading to an immediate disconnect of the peer:
  f227e153e8/src/net_processing.cpp (L2368-L2372)

  This PR adds a simple test for both the misbehaving log and the resulting disconnect. For creating a block header with invalid proof-of-work, we first create one that is accepted by the node (the difficulty field `nBits` is copied from the genesis block) and based on that the nonce is modified until we have block header hash prefix that is too high to fulfill even the minimum difficulty.

ACKs for top commit:
  Sjors:
    ACK 772671245d
  achow101:
    ACK 772671245d
  brunoerg:
    crACK 772671245d
  furszy:
    Code review ACK 77267124 with a non-blocking speedup.

Tree-SHA512: 680aa7939158d1dc672b90aa6554ba2b3a92584b6d3bcb0227776035858429feb8bc66eed18b47de0fe56df7d9b3ddaee231aaeaa360136603b9ad4b19e6ac11
2023-02-14 18:45:35 -05:00
fanquake
fb2f093479
Merge bitcoin/bitcoin#27097: descriptors: fix docstring (param [in] vs [out])
588fad868d descriptors: fix docstring (param [in] vs [out]) (SomberNight)

Pull request description:

  As in title, these docstrings look incorrect.

ACKs for top commit:
  john-moffett:
    ACK 588fad868d

Tree-SHA512: 1ab343a1b1fc57a7d6bd8363b84db9d96e8ea11a4cec85bcf79885c9df53da889fe2fb10b1fa92d824ddf0dee800c07353f46f1fea9887d2ad518bed0afebe3d
2023-02-14 17:02:29 +00:00
fanquake
af49d86dd7
Merge bitcoin/bitcoin#27093: test: Fix intermittent sync issue in wallet_pruning
fa9ec7b0fe test: Fix intermittent sync issue in wallet_pruning (MarcoFalke)

Pull request description:

  The `sync_fun=self.no_op` has no motivation or rationale, and seems to be causing issues.

  Fix that by removing it.

  Actually fixes https://github.com/bitcoin/bitcoin/issues/27065, see https://github.com/bitcoin/bitcoin/pull/27066#issuecomment-1428249997

ACKs for top commit:
  fanquake:
    ACK fa9ec7b0fe

Tree-SHA512: 3c67da6705d6698fcabb29de169a2b4723f74705c979380d1fddce5fe9595b4595445fd7d9790a6b2a89f10ce8ec3c64ce45248f58fd920b72b7b6fba8afb09f
2023-02-14 16:52:18 +00:00
SomberNight
588fad868d
descriptors: fix docstring (param [in] vs [out])
As in title, these docstrings look incorrect.
2023-02-14 14:28:08 +00:00
fanquake
d6ef44cccb
Merge bitcoin/bitcoin#27081: Modernize rpcauth.py
e4e17907b6 Modernize rpcauth.py and its tests (Pieter Wuille)

Pull request description:

  Use Python3 constructions, and f-strings.

ACKs for top commit:
  jamesob:
    Github ACK e4e17907b6

Tree-SHA512: 005573d967e04400fec727f45739f138879be703e692745c0a639272d37d221d230f388de23f2615cb954bb47179fb46e53da0410ae9f0865319b91bb2dc01f4
2023-02-14 11:26:17 +00:00
Pieter Wuille
e4e17907b6 Modernize rpcauth.py and its tests 2023-02-13 17:11:15 -05:00
Andrew Chow
2c1fe27bf3
Merge bitcoin/bitcoin#27080: Wallet: Zero out wallet master key upon locking so it doesn't persist in memory
3a11adc700 Zero out wallet master key upon lock (John Moffett)

Pull request description:

  When an encrypted wallet is locked (for instance via the RPC `walletlock`), the documentation indicates that the key is removed from memory:

  b92d609fb2/src/wallet/rpc/encrypt.cpp (L157-L158)

  However, the vector (a `std::vector<unsigned char, secure_allocator<unsigned char>>`) is merely _cleared_. As it is a member variable, it also stays in scope as long as the wallet is loaded, preventing the secure allocator from deallocating. This allows the key to persist indefinitely in memory. I confirmed this behavior on my macOS machine by using an open-source third party memory inspector ("Bit Slicer"). I was able to find my wallet's master key in Bit Slicer after unlocking and re-locking my encrypted wallet. I then confirmed the key data was at the address in LLDB.

  This PR manually fills the bytes with zeroes before calling `clear()` by using our `memory_cleanse` function, which is designed to prevent the compiler from optimizing it away. I confirmed that it does remove the data from memory on my machine upon locking.

  Note: An alternative approach could be to call `vMasterKey.shrink_to_fit()` after the `clear()`, which would trigger the secure allocator's deallocation. However, `shrink_to_fit()` is not _guaranteed_ to actually change the vector's capacity, so I think it's unwise to rely on it.

  ## Edit: A little more clarity on why this is an improvement.

  Since `mlock`ed memory is guaranteed not to be swapped to disk and our threat model doesn't consider a super-user monitoring the memory in realtime, why is this an improvement? Most importantly, consider hibernation. Even `mlock`ed memory may get written to disk. From the `mlock` [manpage](https://man7.org/linux/man-pages/man2/mlock.2.html):

  > (But be aware that the suspend mode on laptops and some desktop computers will save a copy of the system's RAM to disk, regardless of memory locks.)

  As far as I can tell, this is true of [Windows](https://web.archive.org/web/20190127110059/https://blogs.msdn.microsoft.com/oldnewthing/20140207-00/?p=1833#:~:text=%5BThere%20does%20not%20appear%20to%20be%20any%20guarantee%20that%20the%20memory%20won%27t%20be%20written%20to%20disk%20while%20locked.%20As%20you%20noted%2C%20the%20machine%20may%20be%20hibernated%2C%20or%20it%20may%20be%20running%20in%20a%20VM%20that%20gets%20snapshotted.%20%2DRaymond%5D) and macOS as well.

  Therefore, a user with a strong OS password and a strong wallet passphrase could still have their keys stolen if a thief takes their (hibernated) machine and reads the permanent storage.

ACKs for top commit:
  S3RK:
    Code review ACK 3a11adc700
  achow101:
    ACK 3a11adc700

Tree-SHA512: c4e3dab452ad051da74855a13aa711892c9b34c43cc43a45a3b1688ab044e75d715b42843c229219761913b4861abccbcc8d5cb6ac54957d74f6e357f04e8730
2023-02-13 15:18:16 -05:00
MarcoFalke
fa9ec7b0fe
test: Fix intermittent sync issue in wallet_pruning 2023-02-13 17:32:42 +01:00
fanquake
1ad0711d7c
Merge bitcoin/bitcoin#27016: mapport: require miniupnpc API version 17 or later
b3b673f704 mapport: require miniupnpc API version 17 or later (fanquake)

Pull request description:

  Version 17 is currently the latest version, see: https://github.com/miniupnp/miniupnp/blob/master/miniupnpc/apiversions.txt, and has been available since the release of 2.1. 2.1 or newer is readily available across all distros, see https://repology.org/project/miniupnpc/versions, so drop support for the older API versions.

  Split out of #22644.

ACKs for top commit:
  hebasto:
    ACK b3b673f704, tested on Ubuntu 20.04 w/ and w/o [`libminiupnpc-dev`](https://packages.ubuntu.com/focal/libminiupnpc-dev) package.
  TheCharlatan:
    ACK b3b673f704

Tree-SHA512: f53b36b82462c4ea83d9b83413dca8097885d1620f7ca0a53a79d6b3d3cf37c7773828b23f4278ccfcc3b14fcb0faffa35f60191b519b04570f3d2783d0303e2
2023-02-13 16:25:09 +00:00
merge-script
8126551d54
Merge bitcoin/bitcoin#27011: Add simulation-based CCoinsViewCache fuzzer
561848aaf2 Exercise non-DIRTY spent coins in caches in fuzz test (Pieter Wuille)
59e6828bb5 Add deterministic mode to CCoinsViewCache (Pieter Wuille)
b0ff310840 Add CCoinsViewCache::SanityCheck() and use it in fuzz test (Pieter Wuille)
3c9cea1340 Add simulation-based CCoinsViewCache fuzzer (Pieter Wuille)

Pull request description:

  The fuzzer goes through a sequence of operations that get applied to both a real stack of `CCoinsViewCache` objects, and to simulation data, comparing the two at the end.

ACKs for top commit:
  jamesob:
    re-ACK 561848aaf2
  dergoegge:
    Code review ACK 561848aaf2

Tree-SHA512: 68634f251fdb39436b128ecba093f651bff12ac11508dc9885253e57fd21efd44edf3b22b0f821c228175ec507df7d46c7f9f5404fc1eb8187fdbd136a5d5ee2
2023-02-13 15:31:50 +01:00
merge-script
141115a060
Merge bitcoin/bitcoin#27033: ci: Cache stuff in volumes, not host folders
fa8e92c022 doc: Update ci docs (721217.xyz)
5fffff54e9 ci: Cache stuff in volumes, not host folders (MarcoFalke)

Pull request description:

  Storing cached stuff in host system folders may lead to unexpected issues when the ci-built stuff is used for a non-ci build or a ci task leaks into another ci task.

ACKs for top commit:
  john-moffett:
    ACK fa8e92c022

Tree-SHA512: 8b0c9019452fbe507a272c1037c3dce3c178c21f85ab1096ed3372ad9d4b3c7aa27d89e5bf80c9a6260ea652e0268be0cbe61d6a4fcb3add569fa38076d32287
2023-02-13 11:53:50 +01:00
merge-script
a6316590d5
Merge bitcoin/bitcoin#26970: test: fix immediate tx relay in wallet_groups.py
ab4efad51b test: fix immediate tx relay in wallet_groups.py (Sebastian Falbesoner)

Pull request description:

  In the functional test wallet_groups.py we whitelist peers on all nodes (`-whitelist=noban@127.0.0.1`) to enable immediate tx relay for fast mempool synchronization. However, considering that this setting only applies to inbound peers and the default test topology looks like this:
  ```
      node0 <--- node1 <---- node2 <--- ... <-- nodeN
  ```

  txs propagate fast only from lower- to higher-numbered nodes (i.e. "left to right" in the above diagram) and take long from higher- to lower-numbered nodes ("right to left") since in the latter direction we only have outbound peers, where the trickle relay is still active. As a consequence, if a tx is submitted from any node other than node0, the mempool synchronization can take quite long.

  This PR fixes this by simply adding another connection from node0 to the last node, leading to a ~2-3x speedup (5 runs measured via `time ./test/functional/wallet_groups.py` are shown):

  ```
  master:
      0m53.31s real     0m08.22s user     0m05.60s system
      0m32.85s real     0m07.44s user     0m04.08s system
      0m46.40s real     0m09.18s user     0m04.23s system
      0m46.96s real     0m11.10s user     0m05.74s system
      0m57.23s real     0m10.53s user     0m05.59s system

  PR:
      0m19.64s real     0m09.58s user     0m05.50s system
      0m18.05s real     0m07.77s user     0m04.03s system
      0m18.99s real     0m07.90s user     0m04.25s system
      0m17.49s real     0m07.56s user     0m03.92s system
      0m18.11s real     0m07.74s user     0m03.88s system
  ```
  Note that in most tests this is not a problem since txs very often originate from node0.

ACKs for top commit:
  brunoerg:
    utACK ab4efad51b

Tree-SHA512: 12675357e6eb5a18383f2bfe719a184c0790863b37a98749d8e757dd5dc3a36212e16a81f0a192340c11b793eda00db359c7011f46f7c27e3a093af4f5b62147
2023-02-13 11:51:03 +01:00
John Moffett
3a11adc700 Zero out wallet master key upon lock
When an encrypted wallet is locked (for instance via the
RPC `walletlock`), the docs indicate that the key is
removed from memory. However, the vector (with a secure
allocator) is merely cleared. This allows the key to persist
indefinitely in memory. Instead, manually fill the bytes with
zeroes before clearing.
2023-02-10 20:21:23 -05:00
721217.xyz
fa8e92c022
doc: Update ci docs 2023-02-10 17:05:39 +01:00
merge-script
b92d609fb2
Merge bitcoin/bitcoin#27072: doc: Remove unused REVIEWERS file
fa8e3aa60d doc: Remove unused REVIEWERS file (721217.xyz)

Pull request description:

  Unused for way more than two months after https://github.com/bitcoin/bitcoin/pull/25613#issuecomment-1200113115

  See also bb5ebadeaa

ACKs for top commit:
  sipa:
    ACK fa8e3aa60d
  john-moffett:
    ACK fa8e3aa60d

Tree-SHA512: def650d34f04abd18e37cf19b5df34463157a99fbb537c4c98092c8312eb2a572ccde13ec5374f3b9e7cb90cef220cfe07f4522ffbfeb9407b20b3ada1d7706c
2023-02-10 16:57:53 +01:00
merge-script
e0d8378f2d
Merge bitcoin/bitcoin#27069: net: add Ensure{any}Banman
2d955ff006 net: add `Ensure{any}Banman` (brunoerg)

Pull request description:

  This PR adds `Ensure{any}Banman` functions to avoid code repetition and make it cleaner. Same approach as done with argsman, chainman, connman and others.

ACKs for top commit:
  davidgumberg:
    ACK [2d955ff](2d955ff006)

Tree-SHA512: 0beb7125312168a3df130c1793a1412ab423ef0f46023bfe2a121630c79df7e55d3d143fcf053bd09e2d96e9385a7a04594635da3e5c6be0c5d3a9cafbe3b631
2023-02-10 15:10:21 +01:00
721217.xyz
fa8e3aa60d
doc: Remove unused REVIEWERS file 2023-02-10 14:11:31 +01:00
merge-script
4f841cbb81
Merge bitcoin/bitcoin#27070: ci: Fix fingerprint_script for depends subdir caches
d66efa30cd ci: Fix `fingerprint_script` for `depends` subdir caches (Hennadii Stepanov)

Pull request description:

  https://github.com/bitcoin/bitcoin/pull/26977 made current `git rev-list -1 HEAD ./depends` [not working](https://github.com/bitcoin/bitcoin/pull/26977#issuecomment-1424614490).

  This PR fixes this issue with an idea from https://github.com/bitcoin/bitcoin/pull/26977#issuecomment-1424636503.

ACKs for top commit:
  MarcoFalke:
    lgtm ACK d66efa30cd

Tree-SHA512: e6dbb1a80439bf8c044e50afc44b8b08b0903d20da5ef9dcbb265f2d64b6810ea5f4cb8abb44e00b96673082f1dbdd350627627d9d28f362bdb662c92ef257d8
2023-02-10 09:39:11 +01:00
merge-script
ffdf630790
Merge bitcoin/bitcoin#27066: test: Fix intermittent sync issue in wallet_pruning
fa6f67837b test: Fix intermittent sync issue in wallet_pruning (721217.xyz)

Pull request description:

  Setting the mocktime on each loop iteration will make net processing racy and cause a disconnect due to timeout.

  Fix that by setting the mocktime only once.

  Fixes https://github.com/bitcoin/bitcoin/issues/27065

ACKs for top commit:
  brunoerg:
    crACK fa6f67837b

Tree-SHA512: 128b962c05a6fa3caf3ce392e870fff6609ce2206a43bbae6661ecb45291df93bed77fe362a514d4472056f83fb6631df39a5170fa34e41a7577b9685dd26b1f
2023-02-10 09:35:40 +01:00
Sebastian Falbesoner
772671245d test: p2p: check that headers message with invalid proof-of-work disconnects peer 2023-02-10 00:01:04 +01:00
Hennadii Stepanov
d66efa30cd
ci: Fix fingerprint_script for depends subdir caches 2023-02-09 22:20:42 +00:00
brunoerg
2d955ff006 net: add Ensure{any}Banman
it adds `Ensure{any}Banman` functions to avoid
code repetition and make it cleaner. Similar
approach as done with argsman, chainman, connman
and others.
2023-02-09 17:14:01 -03:00
Hennadii Stepanov
1313b90735
Merge bitcoin-core/gui#701: Persist Mask Values option
4de02def84 qt: Persist Mask Values option (Andrew Chow)

Pull request description:

  The mask values option is memory only. If a user has enabled this option, it's reasonable to expect that they would want to have it enabled on the next start.

ACKs for top commit:
  RandyMcMillan:
    tACK 4de02def84
  jarolrod:
    tACK 4de02def84
  pablomartin4btc:
    > tACK [4de02de](4de02def84)
  john-moffett:
    tACK 4de02def84

Tree-SHA512: 247deb78df4911516625bf8b25d752feb480ce30eb31335cf9baeb07b7c6c225fcc37d5c45de62d6e6895ec10c7eefabb15527e3c9723a3b8ddda1e12ebbf46b
2023-02-09 20:11:11 +00:00
merge-script
af2bd07587
Merge bitcoin/bitcoin#27062: ci: Re-introduce depends_built cache back in macOS and Android tasks
73a3b161b7 ci: Inline `MACOS_NATIVE_TASK_TEMPLATE` (Hennadii Stepanov)
8a61527cf6 ci: Re-introduce `depends_built` cache back in macOS and Android tasks (Hennadii Stepanov)

Pull request description:

  This PR brings a `depends_built` cache back to the "macOS 10.15" and "ARM64 Android APK" CI tasks.

  Fixes #27031.

ACKs for top commit:
  MarcoFalke:
    reACK 73a3b161b7 🌻

Tree-SHA512: 2eb845f865ee2ee453c1fd284d5eeddbebb2653586b17946822fec03d46e73c5eb483499761a0de6c3c466b06623957664e22dee01f7312ad18e212f1c9c6439
2023-02-09 19:05:49 +01:00
Hennadii Stepanov
73a3b161b7
ci: Inline MACOS_NATIVE_TASK_TEMPLATE 2023-02-09 12:11:47 +00:00
Hennadii Stepanov
8a61527cf6
ci: Re-introduce depends_built cache back in macOS and Android tasks 2023-02-09 12:11:26 +00:00
721217.xyz
fa6f67837b
test: Fix intermittent sync issue in wallet_pruning 2023-02-09 12:28:56 +01:00
merge-script
dc905f6c2a
Merge bitcoin/bitcoin#27063: ci: Use the latest Ubuntu LTS for "ARM64 Android APK" task
887bb53b67 ci: Use the latest Ubuntu LTS for "ARM64 Android APK" task (Hennadii Stepanov)

Pull request description:

  Suggested in https://github.com/bitcoin/bitcoin/pull/25797#discussion_r1100172227:

  >  I don't expect that anyone is building for android, and if they did, it should be fine to just require the latest Ubuntu LTS, which is Jammy

ACKs for top commit:
  fanquake:
    ACK 887bb53b67 - but I'd also suggest we remove this task entirely, and either replacing it with another task, maybe a *BSD, or delegating the resources to other jobs.

Tree-SHA512: 1f4b6155e5bbb8ca3580809c5999e3abf6b15b409d164a719b0a89205ca48c178aa6401039a22151ce464009adc48ba272a5a2ff05dc3ca06d3b2d64c99e3e22
2023-02-09 10:44:48 +01:00
fanquake
835af48e03
Merge bitcoin/bitcoin#27057: build: set boost cppflags with --enable-fuzz
b03a98291b build: set boost cppflags with --enable-fuzz (fanquake)

Pull request description:

  Even though all other targets are disabled, we still need Boost CPPFLAGS (`use_boost`) to compile. This currently works everywhere, except on arm macOS (where the include path is non-standard), because generally, the Boost include path is generic, i.e `/usr/include`.

ACKs for top commit:
  hebasto:
    ACK b03a98291b

Tree-SHA512: 7544a903ce641fd4b994ae51423a7007de85628ae29be36362a5cbdd62f9b16ac0a62e9edadaaa998ad4c1e82c0fde0d8c53aba41f94ad30ffa9f10ba0984521
2023-02-08 17:09:40 +00:00
fanquake
b03a98291b
build: set boost cppflags with --enable-fuzz
Even though all other targets are disabled, we still need Boost CPPFLAGS
(use_boost) to compile. This currently works everywhere, except on arm
macOS (where the include path is pretty non-standard), because
generally, the Boost include path is generic, i.e `/usr/include`.
2023-02-08 16:10:34 +00:00
merge-script
07a23b4946
Merge bitcoin/bitcoin#26994: depends: define __BSD_VISIBLE for FreeBSD bdb build
0e02f72548 depends: define `__BSD_VISIBLE` for FreeBSD bdb build (fanquake)

Pull request description:

  Required for additional definitions (`IPC_R` & friends), to be available, when compiling under C11, which would otherwise cause compile fails.

  See: https://github.com/MarcoFalke/btc_nightly/pull/4.

ACKs for top commit:
  hebasto:
    ACK 0e02f72548, tested on FreeBSD 13.1:

Tree-SHA512: 885d4aa341d9668da360cf6dfafb97ce816803c54e76c0a06e448db39a723666d42cd14b3e713d17ecbe33163f5af69924567cf449d679a2db95b36357005d43
2023-02-08 16:37:09 +01:00
fanquake
7b850bc2a1
Merge bitcoin/bitcoin#27061: doc: Document affected gcc versions for -fstack-reuse=none workaround
fa83005a26 doc: Document affected gcc versions for -fstack-reuse=none workaround (MarcoFalke)

Pull request description:

  gcc version(s) 11 and prior won't be fixed, looking at the activity in the bug report. So it seems best to just document gcc 12.1+ as fixed, so that in the future the workaround can be removed once the minimum compiler is gcc12.1.

ACKs for top commit:
  fanquake:
    ACK fa83005a26
  hebasto:
    re-ACK fa83005a26

Tree-SHA512: a19723457eb1925196828a5fafd4e7f75a04f86ffae63cb86679d732c662fd1a22e17fe3c69195a97438ff189ba3ff681be3650cf99aa195d7a3e89cd8ee137c
2023-02-08 14:59:43 +00:00
Hennadii Stepanov
887bb53b67
ci: Use the latest Ubuntu LTS for "ARM64 Android APK" task 2023-02-08 14:15:13 +00:00
MarcoFalke
fa83005a26
doc: Document affected gcc versions for -fstack-reuse=none workaround 2023-02-08 13:06:11 +01:00
MarcoFalke
de1d189534
Merge bitcoin/bitcoin#27056: doc: use arch agnostic clang path in fuzzing doc (macOS)
b49e19ccd9 doc: use arch agnostic clang path in fuzzing doc (macOS) (fanquake)

Pull request description:

  The current path will only work for clang installed via brew on x86_64 macOS.

ACKs for top commit:
  hebasto:
    ACK b49e19ccd9, similar to 702836530f.

Tree-SHA512: 8ae4845e1953d5a7178f2b422e2241af1057d8cce1ab79da65df0cd068456dbf85da3489355f81fc4ee09ba602a4b53e989e2dc02476b4abf6c5b3bc3e96473b
2023-02-08 12:49:49 +01:00
MarcoFalke
51d51d3082
Merge bitcoin/bitcoin#26507: test: remove unused vars in feature_block
741c215b5f test: remove unused vars in `feature_block` (brunoerg)

Pull request description:

  There is no need to assign `self.next_block` to variables if we're not using its return value. Most cases touched here, we're reassigning it right after with the value from `self.update_block`.

Top commit has no ACKs.

Tree-SHA512: 25bbea2a09f38c3a3483fa363f024d2a8edd06a00cccc93cef99e489b9a3485d58bbd6a1ed2dddc00f1cebec7e63aed8ad95701a2645ce20a0db9b69573c20a7
2023-02-08 11:42:22 +01:00
fanquake
8d69b614cc
Merge bitcoin/bitcoin#23810: docs: avoid C-style casts; use modern C++ casts
75347236f2 docs: document c-style cast prohibition (Pasta)

Pull request description:

  In the words of practicalswift:
  ```
  A C-style cast is equivalent to try casting in the following order:

      const_cast(...)
      static_cast(...)
      const_cast(static_cast(...))
      reinterpret_cast(...)
      const_cast(reinterpret_cast(...))

  By using static_cast<T>(...) explicitly we avoid the possibility of an unintentional and
  dangerous reinterpret_cast. Furthermore static_cast<T>(...) allows for easier grepping of casts.

  For a more thorough discussion, see "ES.49: If you must use a cast, use a named cast"
  in the C++ Core Guidelines (Stroustrup & Sutter).
  ```

  Modern tooling, specifically `-Wold-style-cast` can enable us to enforce never using C-style casts. I believe this is especially important due to the number of C-style casts the codebase is currently being used as a reinterpret_cast. reinterpret_casts are especially dangerous, and should never be done via C-style casts.

  Update the docs to suggest the use of named cast or functional casts.

Top commit has no ACKs.

Tree-SHA512: 29a98de396f0c78e32d8a1831319162203c4405a670da5add5da956fcc7df200a1cec162ef1cfac4ddfb02714b66406081d40ed435c7f0f28581cfa24d94fac1
2023-02-08 10:36:43 +00:00
MarcoFalke
5fffff54e9
ci: Cache stuff in volumes, not host folders 2023-02-08 11:21:23 +01:00
fanquake
b49e19ccd9
doc: use arch agnostic clang path in fuzzing doc (macOS) 2023-02-08 09:45:04 +00:00
MarcoFalke
1bcabe6f2a
Merge bitcoin-core/gui#697: Remove reindex special case from the progress bar label
faff2ba4f8 Remove reindex special case from the progress bar label (MarcoFalke)

Pull request description:

  The user knows which option they passed to the program, so it seems overly verbose to offer the user feedback whether or not they passed `-reindex`. Treat it as `DISK`, like all other cases that are treated as `DISK`:

  * `-reindex-chainstate`
  * `-loadblock`

ACKs for top commit:
  john-moffett:
    Re-ACK faff2ba4f8
  hebasto:
    ACK faff2ba4f8, I have reviewed the code and it looks OK, I agree it can be merged.

Tree-SHA512: 7f110c4beb1451d26f32da3a60150dac91c8a7b8d1c01749017204712b73cc1b77578af492930e4b6704097a73ed051f77bc39d8f60e0ff15a797a201805312e
2023-02-07 16:49:13 +01:00
fanquake
fe86616bb4
Merge bitcoin/bitcoin#26421: build: copy config.{guess,sub} post autogen in zmq package
1914e470e3 build: copy config.{guess,sub} post autogen in zmq package (fanquake)

Pull request description:

  Otherwise our config.guess and config.sub will be copied over. This problem has been masked by the fact that modern systems ship with versions that recognise all the triplets we use (namely arm64-apple-darwin). However building on ubuntu 20.04 surfaces the issue.

  Fixes #26420.

ACKs for top commit:
  hebasto:
    ACK 1914e470e3, tested on Ubuntu 18.04.

Tree-SHA512: dff64c3c62d9f8fc205e5a4dffe8befd58838418d073a15dfe304a0f64b182dfffd9dcf98b53df44bfab905c12a62d03cd5c0f91fa7c4b246ac21ae5f20540fd
2023-02-07 12:01:30 +00:00
fanquake
ab5b26f072
Merge bitcoin/bitcoin#21995: build: Make dependency package archive timestamps deterministic
6ebe57622c build: Make dependency package archive timestamps deterministic (Hennadii Stepanov)

Pull request description:

  This PR makes testing changes like bitcoin/bitcoin#20641, bitcoin/bitcoin#21593, bitcoin/bitcoin#22142, bitcoin/bitcoin#24279, bitcoin/bitcoin#24285 as easy as comparing hashes.

  With this PR:
  ```
  $ make -C depends clean
  $ make -C depends HOST=x86_64-w64-mingw32
  $ find depends/built/x86_64-w64-mingw32 -name '*.hash' | sort | xargs cat
  1f685a61cbf205f81977ecf88cba91fa1ccdfbe77ab4ec3405dcd33ceb778af4  bdb-4.8.30-ca950bd6d13.tar.gz
  08a9acde276e6e5e5c8913e3ad07eeecda184a996882ae226b3ed056c7ec1b01  boost-1.80.0-b537c466dcb.tar.gz
  144c6d92e4108fcc90740bee27007db58a88336a97be6367f9c8ba4cc208af27  libevent-2.1.12-stable-e13b2bdd8b8.tar.gz
  e3c9c9609bf32bfd460432c6ab99a64e9f8750ed775a193925ff4f5aed363e4c  libnatpmp-07004b97cf691774efebe70404cf22201e4d330d-82255b84667.tar.gz
  62c6a089a4b24a413eccd2f389bf4c8b0716423b0ace5e87e984069635da9f83  miniupnpc-2.2.2-c43fc4cf2f6.tar.gz
  78762700066273e597698a78479a506b33532ea565d18ef561614b9fc3820cf5  qrencode-3.4.4-663de0dc628.tar.gz
  5e2183faf91838510a48e6dbb4b65ae74a7d48ba1abc070b82767c4076582360  qt-5.15.5-986926343e2.tar.gz
  9f8459f8d27fc3af9146712be6ba6577f15741429936504a950cc51c17da1ba8  sqlite-3380500-bec6a4d3299.tar.gz
  0eca5d01d427de50be4bd57c8bb100ab69b017792c32b8733e2b20443f4c9c28  zeromq-4.3.4-8ae81bab6f4.tar.gz
  ```

  As an example, here is an evidence that bitcoin/bitcoin#24279 is a strict refactoring change:
  ```
  $ git fetch origin pull/24279/head
  $ git cherry-pick 706026838d917a3d853e03e83db040f1fd4aeb74
  $ git cherry-pick 3f90ddea8a6a2061cfb347a1d77df2c0a6fa238c
  $ make -C depends clean
  $ make -C depends HOST=x86_64-w64-mingw32
  $ find depends/built/x86_64-w64-mingw32 -name '*.hash' | sort | xargs cat
  1f685a61cbf205f81977ecf88cba91fa1ccdfbe77ab4ec3405dcd33ceb778af4  bdb-4.8.30-c7faf31d5ca.tar.gz
  08a9acde276e6e5e5c8913e3ad07eeecda184a996882ae226b3ed056c7ec1b01  boost-1.80.0-1af3dd1d99e.tar.gz
  144c6d92e4108fcc90740bee27007db58a88336a97be6367f9c8ba4cc208af27  libevent-2.1.12-stable-6228a9f8534.tar.gz
  e3c9c9609bf32bfd460432c6ab99a64e9f8750ed775a193925ff4f5aed363e4c  libnatpmp-07004b97cf691774efebe70404cf22201e4d330d-41aa6194ecc.tar.gz
  62c6a089a4b24a413eccd2f389bf4c8b0716423b0ace5e87e984069635da9f83  miniupnpc-2.2.2-6a93027769c.tar.gz
  78762700066273e597698a78479a506b33532ea565d18ef561614b9fc3820cf5  qrencode-3.4.4-d40cb2d45c9.tar.gz
  5e2183faf91838510a48e6dbb4b65ae74a7d48ba1abc070b82767c4076582360  qt-5.15.5-120c3cb745d.tar.gz
  9f8459f8d27fc3af9146712be6ba6577f15741429936504a950cc51c17da1ba8  sqlite-3380500-bbd4d813c69.tar.gz
  0eca5d01d427de50be4bd57c8bb100ab69b017792c32b8733e2b20443f4c9c28  zeromq-4.3.4-df0858a19d2.tar.gz
  ```

ACKs for top commit:
  TheCharlatan:
    Code review ACK 6ebe57622c

Tree-SHA512: 20e0222781f5dcb50126c11677d0671bcdd7be144b2e528c75a02983acc494206552fb35039697ccd094de27a21b3fb439e9965c34feb8a6d74627fa20a9a5e7
2023-02-07 11:59:11 +00:00
fanquake
6e08e5cb5c
Merge bitcoin/bitcoin#17127: util: Set safe permissions for data directory and wallets/ subdir
c9ba4f9ecb test: Add test for file system permissions (Hennadii Stepanov)
581f16ef34 Apply default umask in `SetupEnvironment()` (Hennadii Stepanov)
8a6219e543 Remove `-sysperms` option (Hennadii Stepanov)

Pull request description:

  On master (1e7564eca8) docs say:
  ```
  $ ./src/bitcoind -help | grep -A 3 sysperms
    -sysperms
         Create new files with system default permissions, instead of umask 077
         (only effective with disabled wallet functionality)

  ```

  Basing on that, one could expect that running `bitcoind` first time will create data directory and `wallets/` subdirectory with safe 0700 permissions.

  But that is not the case:
  ```
  $ stat .bitcoin | grep id
  Access: (0775/drwxrwxr-x)  Uid: ( 1000/ hebasto)   Gid: ( 1000/ hebasto)
  $ stat .bitcoin/wallets | grep id
  Access: (0775/drwxrwxr-x)  Uid: ( 1000/ hebasto)   Gid: ( 1000/ hebasto)
  ```

  Both directories, in fact, are created with system default permissions.

  With this PR:
  ```
  $ stat .bitcoin/wallets | grep id
  Access: (0700/drwx------)  Uid: ( 1000/ hebasto)   Gid: ( 1000/ hebasto)
  $ stat .bitcoin/wallets | grep id
  Access: (0700/drwx------)  Uid: ( 1000/ hebasto)   Gid: ( 1000/ hebasto)
  ```

  ---

  This PR:
  - is alternative to bitcoin/bitcoin#13389
  - fixes bitcoin/bitcoin#15902
  - fixes bitcoin/bitcoin#22595
  - closes bitcoin/bitcoin#13371
  - reverts bitcoin/bitcoin#4286

  Changes in behavior: removed `-sysperms` command-line argument / configure option. The related discussions are here:
  - https://github.com/bitcoin/bitcoin/pull/13389#issuecomment-395306690
  - https://github.com/bitcoin/bitcoin/pull/13389#issuecomment-539906114
  - https://github.com/bitcoin/bitcoin/pull/13389#discussion_r279160472

  If users rely on non-default access permissions, they could use `chmod`.

ACKs for top commit:
  john-moffett:
    ACK c9ba4f9ecb
  willcl-ark:
    ACK c9ba4f9ecb

Tree-SHA512: 96c745339e6bd0e4d7bf65daf9a721e2e1945b2b0ab74ca0f66576d0dc358b5de8eb8cdb89fe2160f3b19c39d2798bb8b291784316085dc73a27102d3415bd57
2023-02-07 10:44:40 +00:00
MarcoFalke
faff2ba4f8
Remove reindex special case from the progress bar label 2023-02-07 11:02:01 +01:00
MarcoFalke
5a80086ec2
Merge bitcoin/bitcoin#26701: contrib: make DNS seeds file an argument in CLI (makeseeds)
1c07500dbb contrib: make DNS seeds file an argument in CLI (brunoerg)

Pull request description:

  Instead of using `makeseeds.py` this way:
  ```sh
  python3 makeseeds.py -a asmap-filled.dat < seeds_main.txt > nodes_main.txt
  ```

  We could use the DNS seeds file as an argument since it is a required one. It improves the way the script handles it when that file is missing as well as makes this script more friendly.
  E.g:
  ```sh
  python3 makeseeds.py -a asmap-filled.dat -s seeds_main.txt > nodes_main.txt
  ```

ACKs for top commit:
  vincenzopalazzo:
    ACK  1c07500dbb

Tree-SHA512: bddf728d5d376659155f5bbeb1fa0d42aa273ec4a0cf5687f4d3f3be85625f541d392f30008e3c9d2c65967cb882deb36af34330994727771be73c9adeb521e0
2023-02-07 10:03:36 +01:00
Andrew Chow
52ddbd52f9
Merge bitcoin/bitcoin#26345: refactor: modernize the implementation of uint256.*
935acdcc79 refactor: modernize the implementation of uint256.* (pasta)

Pull request description:

  - Constructors of uint256 to utilize Span instead of requiring a std::vector
  - converts m_data into a std::array
  - Prefers using `WIDTH` instead of `sizeof(m_data)`
  - make all the things constexpr
  - replace C style functions with c++ equivalents
      - memset -> std::fill
          This may also be replaced by std::memset, but I think that std::fill is more idiomatic of modern c++ and readable.
      - memcpy -> std::copy
          Note: In practice, implementations of std::copy avoid multiple assignments and use bulk copy functions such as std::memmove if the value type is TriviallyCopyable and the iterator types satisfy LegacyContiguousIterator. (https://en.cppreference.com/w/cpp/algorithm/copy)
          This could also likely be replaced by std::memcpy, but as said above, I believe the using std::copy is the more c++ way to do anything and is almost guaranteed to compile to the same asm
      - memcmp -> std::memcmp

ACKs for top commit:
  achow101:
    ACK 935acdcc79
  hebasto:
    Approach ACK 935acdcc79.
  aureleoules:
    reACK 935acdcc79
  john-moffett:
    ACK 935acdcc79
  stickies-v:
    Approach ACK 935acdcc7

Tree-SHA512: 4f1ba54ff2198eea0e505d41e73d552c84c60f6878d5c85a94a8ab57f39afc94ef8d79258e7afd01fa84ec2a99f4404bb877eecd671f65e1ee9273f3129fc650
2023-02-06 13:56:51 -05:00
Hennadii Stepanov
c9ba4f9ecb
test: Add test for file system permissions 2023-02-06 11:08:57 +00:00
Hennadii Stepanov
581f16ef34
Apply default umask in SetupEnvironment()
This change makes all filesystem artifacts--files and directories--being
created with the default umask.
2023-02-06 11:08:03 +00:00