576 Commits

Author SHA1 Message Date
Gavin Andresen
881a85a22d Replace printf with LogPrintf / LogPrint 2013-09-18 20:39:25 +10:00
Gregory Maxwell
85311c1ef8 Merge pull request #2982 from gmaxwell/20130908_ccoins_corrupt
Longer term workaround for chainstate corruption from negative versions.
2013-09-10 16:07:34 -07:00
Philip Kaufmann
d78900cc1b fix some cosmetic glitches in the codebase
- rename URL into URI in paymentserver where correct
- add some missing Qt-coding-stuff in paymentserver
- change QSpinBox to QLineEdit as base for BitcoinAmountField in .ui files
  (as this is the result when converting the BAF back into base)
- remove some c_str() and replace with QString::fromStdString()
- remove several new-lines
- remove unneeded spaces
- indentation fixes
2013-09-09 12:36:04 +02:00
Gregory Maxwell
f8b7aa8625 Longer term workaround for chainstate corruption from negative versions.
This also makes negative transaction versions non-standard.

This avoids an issue triggered in block 256818 where transactions with
negative version numbers were incorrectly serialized into the UTXO set.

On restart nodes detect the inconsistency and refuse to start so long as
a block with these transactions is inside the self-consistency check
window, logging "coin database inconsistencies found". The software
recommends reindexing, but reindexing does not correct the problem.

This should be fixed by changing the chainstate serialization, but
working around it seems harmless for now because the version is not
used by any network rule currently.

A patch free workaround is to start with -checklevel=2 which skips
the consistency checks, but the IsStandard change is important for
miners in order to protect unpatched nodes.
2013-09-09 02:11:11 -07:00
Matt Corallo
55ed3f1475 Don't warn about forks while fIsInitialDownload 2013-09-03 22:22:13 -04:00
Gregory Maxwell
9d14e689c8 [raw] reject insanely high fees by default in sendrawtransaction
There have been several incidents where mainnet experimentation with
 raw transactions  resulted in insane fees.  This is hard to prevent
 in the raw transaction api because the inputs may not be known.
 Since sending doesn't work if the inputs aren't known, we can catch
 it there.

This rejects fees > than 10000 * nMinRelayTxFee or 1 BTC with the
 defaults and can be overridden with a bool at the rpc.
2013-08-28 15:49:51 -07:00
Gregory Maxwell
bf3a20a6e8 [wallet] Consider generated coins mature at COINBASE_MATURITY+1
We're not seeing large reorgs that would justify waiting a large
 amount past the rule required maturity, and the extra three
 hours is just a nuisance. Take one more block to at least give
 the 100th block time to propagate.
2013-08-28 10:16:50 -07:00
Pieter Wuille
24e5d7d5ae Fix out-of-bounds check 2013-08-24 23:22:27 +02:00
Gregory Maxwell
a7f533a972 Update the bloom state on the real object, not the temporary one.
This resulted in just passing all transactions to filtered wallets
which worked surprisingly well, except where it didn't.
2013-08-20 17:46:07 -07:00
Gregory Maxwell
37c6389c5a Performance optimization for bloom filters.
This reduces a peer's ability to attack network resources by
 using a full bloom filter, but without reducing the usability
 of bloom filters.  It sets a default match everything filter
 for peers and it generalizes a prior optimization to
 cover more cases.
2013-08-20 02:27:26 -07:00
Pieter Wuille
2461aba1ac Mempool consistency check 2013-08-15 23:55:35 +02:00
Pieter Wuille
f0784ac470 Fix non-standard disconnected transactions causing mempool orphans 2013-08-15 23:53:55 +02:00
Gavin Andresen
8fa9b5cc45 Merge pull request #2658 from TheBlueMatt/forkalert
Detect any sufficiently long fork and alert the user just like any other alert
2013-08-12 23:33:40 -07:00
Cozz Lovan
c7fa1a3586 do not call BuildMerkleTree() unnecessarily twice 2013-08-10 15:27:25 +02:00
Gavin Andresen
8dc206a1e2 Reject non-canonically-encoded sizes
The length of vectors, maps, sets, etc are serialized using
Write/ReadCompactSize -- which, unfortunately, do not use a
unique encoding.

So deserializing and then re-serializing a transaction (for example)
can give you different bits than you started with. That doesn't
cause any problems that we are aware of, but it is exactly the type
of subtle mismatch that can lead to exploits.

With this pull, reading a non-canonical CompactSize throws an
exception, which means nodes will ignore 'tx' or 'block' or
other messages that are not properly encoded.

Please check my logic... but this change is safe with respect to
causing a network split. Old clients that receive
non-canonically-encoded transactions or blocks deserialize
them into CTransaction/CBlock structures in memory, and then
re-serialize them before relaying them to peers.

And please check my logic with respect to causing a blockchain
split: there are no CompactSize fields in the block header, so
the block hash is always canonical. The merkle root in the block
header is computed on a vector<CTransaction>, so
any non-canonical encoding of the transactions in 'tx' or 'block'
messages is erased as they are read into memory by old clients,
and does not affect the block hash. And, as noted above, old
clients re-serialize (with canonical encoding) 'tx' and 'block'
messages before relaying to peers.
2013-08-09 10:01:35 +10:00
Gavin Andresen
ddd0e2f616 Merge pull request #2871 from gavinandresen/simplify_maporphan
Simplify storage of orphan transactions, fix CVE-2013-4627
2013-08-06 17:11:48 -07:00
Gavin Andresen
15047f5af0 Merge pull request #2851 from TheBlueMatt/master
Prepare for mempool testing in pull-tester and fix multi-block transaction resurrection
2013-08-05 01:53:17 -07:00
Gavin Andresen
159bc48193 Simplify storage of orphan transactions
Orphan transactions were stored as a CDataStream pointer;
this changes the mapOrphanTransactions data structures to
store orphans as a CTransaction.

This also fixes CVE-2013-4627 by always re-serializing
transactions before relaying them.
2013-08-02 16:10:25 +10:00
Gavin Andresen
8f6f92c72b Revert "Truncate oversize 'tx' messages before relaying/storing."
This reverts commit c40a5aaaf484855a4350fd702e8e72fd21a68155.
2013-08-02 15:50:04 +10:00
Jeff Garzik
d247a5d130 Move internal miner/block creation to separate miner.cpp module.
Public functions referenced elsewhere are added to miner.h.
2013-07-31 09:43:35 -04:00
Jeff Garzik
18946846d5 Minor miner fixes (hey hey it's fun to say)
* Fix UpdateCoins() definition in main.h
* Remove pwalletMain reference from BitcoinMiner(), as it is passed
  a wallet argument.
2013-07-31 08:45:49 -04:00
Gavin Andresen
050d2e953f Remove #define loop from util.h
Replace the loop macro with while (true). The #define caused
problems for Qt.
2013-07-31 14:06:44 +10:00
Matt Corallo
9bf2a4aba2 Fix multi-block reorg transaction resurrection 2013-07-23 18:02:27 +02:00
Matt Corallo
d9ace8abe8 Don't use checkpoints and accept nonstd txn on -regtest 2013-07-23 18:02:26 +02:00
Matt Corallo
f65e7092a2 Better warning/"alert" messages for large-work forks. 2013-07-22 12:12:45 +02:00
Matt Corallo
f89faa2584 Call the -alertnotify script when we see a long or invalid fork. 2013-07-22 12:11:46 +02:00
Matt Corallo
b8585384da Detect any sufficiently long fork and add a warning.
Such a fork is defined as being at least 7 blocks long and
having a tip which is within 72 blocks of our best block.
2013-07-22 12:10:57 +02:00
Jeff Garzik
d598872726 Merge pull request #2743 from jgarzik/reject-reason
Log reason for non-standard transaction rejection
2013-07-10 08:50:49 -07:00
Pieter Wuille
4ad73c6b08 Merge pull request #2209 from CodeShark/WalletRegistrationLocks
Wallet registration locks in main.cpp + UnregisterAllWallet() function
2013-06-25 16:33:16 -07:00
Jeff Garzik
481d899794 Merge pull request #2792 from sipa/coreimpl
Move core implementations to core.cpp
2013-06-25 11:52:18 -07:00
Peter Todd
c40a5aaaf4 Truncate oversize 'tx' messages before relaying/storing.
Fixes a memory exhaustion attack on low-memory peers.
2013-06-25 10:37:50 -04:00
Pieter Wuille
f121db58e4 Move core implementations to core.cpp 2013-06-25 10:33:29 +02:00
Eric Lombrozo
e5cefb9be1 Added locks on the setpwalletRegistered functions in main.cpp and added an UnregisterAllWallets function. 2013-06-24 09:25:23 -07:00
Eric Lombrozo
2a4d3464fd Pulled AcceptBlock out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
38991ffa8a Pulled CheckBlock out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
1959997afb Pulled AddToBlockIndex out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
f3ae51dcce Pulled ConnectBlock out of CBlock. 2013-06-23 19:59:35 -07:00
Eric Lombrozo
5c363ed622 Pulled DisconnectBlock out of CBlock. 2013-06-23 19:59:34 -07:00
Eric Lombrozo
8031399494 Moved ReadBlockFromDisk implementation to main.cpp 2013-06-23 19:59:34 -07:00
Eric Lombrozo
7db120d531 Moved CBlock::ReadFromDisk out of CBlock to functions ReadBlockFromDisk in main.h 2013-06-23 19:59:34 -07:00
Eric Lombrozo
226f821942 Moved WriteBlockToDisk implementation from main.h to main.cpp 2013-06-23 19:59:32 -07:00
Eric Lombrozo
a6dba0fdb2 Moved CBlock::WriteToDisk out of CBlock to inline function WriteBlockToDisk in main.h 2013-06-23 19:58:23 -07:00
Jeff Garzik
4be2aba302 Merge pull request #2778 from jgarzik/rpc-verifydb
RPC: add 'verifychain' to verify chain database at runtime
2013-06-22 23:08:13 -07:00
Jeff Garzik
980bfe6ef8 Log reason for non-standard transaction rejection 2013-06-23 02:05:25 -04:00
Pieter Wuille
b4a8a326c0 Merge pull request #2660 from TheBlueMatt/gmfrefactor
Refactor fee rules to make them actually readable.
2013-06-22 10:08:57 -07:00
Jeff Garzik
f590653377 RPC: add 'verifychain', to verify chain database at runtime 2013-06-19 11:53:02 -04:00
Jeff Garzik
168ba99392 Pass check level, check depth to VerifyDB() 2013-06-19 11:32:49 -04:00
Mike Hearn
0e4b317555 Introduce a CChainParameters singleton class and regtest mode.
The new class is accessed via the Params() method and holds
most things that vary between main, test and regtest networks.
The regtest mode has two purposes, one is to run the
bitcoind/bitcoinj comparison tool which compares two separate
implementations of the Bitcoin protocol looking for divergence.

The other is that when run, you get a local node which can mine
a single block instantly, which is highly convenient for testing
apps during development as there's no need to wait 10 minutes for
a block on the testnet.
2013-06-19 16:28:52 +02:00
Mike Hearn
70e7fba06d Move implementation of some CBlockLocator methods
Move out of main.h to improve compile times and add documentation
for what the methods do.
2013-06-19 15:39:45 +02:00
Matt Corallo
87cce04c17 Refactor fee rules to make them actually readable.
This (nearly) doesn't change fee rules at all:
 * To make it into the fee transaction area, the dPriority comparison
   changed from < to <=
 * We now just ignore transactions > MAX_BLOCK_SIZE/4 instead of
   doing some calculations to require increasingly large fees as
   size increases.
2013-06-14 13:37:43 +02:00