An overload of MigrateLegacyToDescriptor is added which takes the wallet
name. The original that took a wallet pointer is still available, it
just gets the name, closes the wallet, and calls the new overload.
Github-Pull: #26595
Reabsed-From: dbfa34540372033d95036a02b7025ddd33f540aa
The default number of tunnels in the Java implementation is 2 and in the
C++ i2pd it is 5. Pick a mid-number (3) and explicitly set it in order
to get a consistent behavior with both routers. Do this for persistent
sessions which are created once at startup and can be used to open up
to ~10 outbound connections and can accept up to ~125 incoming
connections. Transient sessions already set number of tunnels to 1.
Suggested in:
https://github.com/bitcoin/bitcoin/issues/26754#issuecomment-1367356129https://geti2p.net/en/docs/api/samv3
Alleviates: https://github.com/bitcoin/bitcoin/issues/26754
Github-Pull: #26837
Rebased-From: 3c1de032de01e551992975eb374465300a655f44
In the case of `i2pacceptincoming=0` we use transient addresses
(destinations) for ourselves for each outbound connection. It may
happen that we
* create the session (and thus our address/destination too)
* fail to connect to the particular peer (e.g. if they are offline)
* dispose the unused session.
This puts unnecessary load on the I2P network because session creation
is not cheap. Is exaggerated if `onlynet=i2p` is used in which case we
will be trying to connect to I2P peers more often.
To help with this, save the created but unused sessions and pick them
later instead of creating new ones.
Alleviates: https://github.com/bitcoin/bitcoin/issues/26754
Github-Pull: #26837
Rebased-From: b906b64eb76643feaede1da5987a0c4d466c581b
When an encrypted wallet is locked (for instance via the
RPC `walletlock`), the docs indicate that the key is
removed from memory. However, the vector (with a secure
allocator) is merely cleared. This allows the key to persist
indefinitely in memory. Instead, manually fill the bytes with
zeroes before clearing.
Github-Pull: #27080
Rebased-From: 3a11adc7004d21b3dfe028b190d83add31691c55
The way that the main overview page limits the number
of transactions displayed (currently 5) is not
an appropriate use of Qt. If it's run with a DEBUG
build of Qt, it'll result in a segfault in certain
relatively common situations. Instead of artificially
limiting the rowCount() in the subclassed proxy
filter, we hide/unhide the rows in the displaying
QListView upon any changes in the sorted proxy filter.
Github-Pull: bitcoin-core/gui/pull/704
Rebased-From: 08209c039ff4ca5be4982da7a2ab7a624117ce1a
The previous logic would call it once for serializing into the filestream,
and then again for serializing into the hasher. If AddrMan was changed
in between these calls by another thread, the resulting peers.dat would
be corrupt with non-matching checksum and data.
Fix this by using HashedSourceWriter, which writes the data
to the underlying stream and keeps track of the hash in one go.
Github-Pull: #26909
Rebased-From: 5eabb61b2386d00e93e6bbb2f493a56d1b326ad9
This class is the counterpart to CHashVerifier, in that it
writes data to an underlying source stream,
while keeping a hash of the written data.
Github-Pull: #26909
Rebased-From: da6c7aeca38e1d0ab5839a374c26af0504d603fc
To be eligible for fee-bumping, a transaction must not have any
of its outputs (eg - change) spent in other unconfirmed transactions
in the wallet. However, this check should not apply to abandoned
transactions.
A new test case is added to cover this case.
Github-Pull: #26675
Rebased-From: f9ce0eadf4eb58d1e2207c27fabe69a5642482e7
If a wallet has key birthdates that are more recent than the currrent
chain tip, or a bestblock height higher than the current tip, we should
not attempt to rescan as there is nothing to scan for.
Github-Pull: #26679
Rebased-From: 378400953424598fd78ccec5ba8cc38bc253c550
Currently `migratewallet` migrates the address book (i.e. labels and
purposes) for watchonly and solvable wallets only in RAM, but doesn't
persist them on disk. Fix this by adding another loop for both of the
special wallet types after which writes the corresponding NAME and
PURPOSE entries to the database in a single batch.
Github-Pull: #26761
Rebased-From: d5f4ae7fac0bceb0c9ad939b9a4fbdb85da0bf95
There is no situation in which CNodeStateStats could be
missing for a legitimate reason - this can only happen if
there is a race condition between peer disconnection and
the getpeerinfo call, in which case the disconnected peer
doesn't need to be included in the response.
Github-Pull: bitcoin#26515
Rebased-From: 6fefd49
istream_iterator eats whitespace charactesr which causes parsing
failures for PSBTs that contain the bytes corresponding to those
characters.
Github-Pull: bitcoin-core/gui#687
Rebased-From: bb5ea1d9a954b7b9f443ee8fbbb04549cd0b08a7
This exercises the bug inside CoinsResult::Erase that
ends up on (1) a wallet crash or (2) a created and
broadcasted tx that contains a reduced recipient's amount.
This is covered by making the wallet selects the preset
inputs twice during the coin selection process.
Making the wallet think that the selection process result covers
the entire tx target when it does not. It's actually creating
a tx that sends more coins than what inputs are covering for.
Which, combined with the SFFO option, makes the wallet
incorrectly reduce the recipient's amount by the difference
between the original target and the wrongly counted inputs.
Which means, a created and relayed tx sending less coins to
the destination than what the user inputted.
Github-Pull: #26560
Rebased-From: cf793846978a8783c23b66ba6b4f3f30e83ff3eb
This commit documents our assumption about
TxRelay::m_tx_inventory_to_send being empty prior to version handshake
completion.
The added Assume acts as testing oracle for our fuzzing tests to
potentially detect if the assumption is violated.
Github-Pull: #26569
Rebased-From: ce63fca13e9b500e9f687d80a457175ac967a371
If migratewallet fails, we do a cleanup which removes the watchonly and
solvables wallets if they were created. However, if they were not, their
pointers are nullptr and we don't check for that, which causes a
segfault during the cleanup. So check that they aren't nullptr before
cleaning them up.
Github-Pull: #26594
Rebased-From: 86ef7b3c7be84e4183098f448c77ecc9ea7367ab
MacOS 13 sends a window focus change notification after the main
window has been destroyed but before the QTApplication has been
destroyed. This results in the menu bar receiving a notification
despite it no longer existing. The solution is to pass the main
window as context when subscribing to the notifications. Qt
automatically unsubscribes to notifications if the sender OR
context is destroyed.
Github-Pull: bitcoin-core/gui#680
Rebased-From: 8a5014cd8a05b3ab86ae34a47653a82ce11bdf17
Affects the help of the `fundrawtransaction`, `send` and
`walletcratefundedpsbt` RPCs.
Github-Pull: #26449
Rebased-From: c3b1fe59dbc7abe45973e282cddf3677514e220f
In addition to the pubkeys in hd_keypaths and tap_bip32_keypaths, also
see if the descriptor can produce a SigningProvider for the output
pubkey.
Also slightly refactors this area to reduce code duplication.
Github-Pull: #26418
Rebased-From: 8781a1b6bbd0af3cfdf1421fd18de5432494619a
Taproot pubkey info was not being added for multi_a signing. The filling
of this info is moved into the common function CreateTaprootScriptSig so
that any signing of taproot scripts will include the pubkey info.
Github-Pull: #26418
Rebased-From: 323890d0d7db2628f9dc6eaeba6e99ce0a12e1f5
e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f Bugfix: Check for readlink buffer overflow and handle gracefully (Luke Dashjr)
Pull request description:
Identical commit taken as-is from https://github.com/bitcoin/bitcoin/pull/25548 for backport
ACKs for top commit:
hebasto:
ACK e049fd76f0d57c1e6400fbfbaf4cc6ebe540f16f
Tree-SHA512: 37e63d570de898187c1bc8dd311c299c527adea51faa08aa6a3923bdb9390e3263902ace3d52a1cfc34ac2ba84e9358961574f886be1f64b5749a62e3c50ad57
d5701900fcf70220701a1686588114db165dce1c rpc: make `address` field optional (w0xlt)
e4b8c9b2bf2118064e68d33f6b7207e721ae03dd rpc: add non-regression test about deriveaddresses crash when index is 2147483647 (muxator)
bf2bf73bcbc5277074f1211c20b71995a175c314 rpc: fix crash in deriveaddresses when derivation index is 2147483647 (muxator)
b04f5f960893983400e07b96dbe9fe68383a21d2 test: Test for out of bounds vout in sendall (Andrew Chow)
dedee6af572471b9beeebca9543934e788484b2e wallet: Check utxo prevout index out of bounds in sendall (Andrew Chow)
931db785ee6f5c34e0f053314bc8c70b01642b72 test: Test that sendall works with watchonly spending specific utxos (Andrew Chow)
bbe864a13a2e5ce15674eda5c3760ee851120c63 wallet: Correctly check ismine for sendall (Andrew Chow)
4b7d30d026815dbe2330cd3e2edc044835a3eaed Adjust `.tx/config` for new Transifex CLI (Hennadii Stepanov)
Pull request description:
Backports:
* https://github.com/bitcoin/bitcoin/pull/26321
* https://github.com/bitcoin/bitcoin/pull/26344
* https://github.com/bitcoin/bitcoin/pull/26275
* https://github.com/bitcoin/bitcoin/pull/26349
ACKs for top commit:
instagibbs:
ACK d5701900fc
hebasto:
ACK d5701900fcf70220701a1686588114db165dce1c, I've cherry-picked commits manually and got zero diff with this PR branch.
Tree-SHA512: dad64f4074b4f06d666c0f2d804eda92df241bcce0a49c28486311a151f2e9d46b75e1bce02de570dcc85957c9ce936debb2a4faa045800c9757c6c495115d7c
2147483647 is the maximum positive value of a signed int32, and - currently -
the maximum value that the deriveaddresses bitcoin RPC call accepts as
derivation index due to its input validation routines.
Before this change, when the derivation index (and thus range_end) reached
std::numeric_limits<int_32_t>::max(), the "i" variable in the for cycle (which
is declared as int, and as such 32 bits in size on most platforms) would be
incremented at the end of the first iteration and then warp back to
-2147483648. This caused SIGABRT in bitcoind and a core dump.
This change assigns "i" an explicit size of 64 bits on every platform,
sidestepping the problem.
Fixes#26274.
Github-Pull: #26275
Rebased-From: addf9d6502db12cebcc5976df3111cac1a369b82
sendall should be using a bitwise AND for sendall's IsMine check rather
than an equality as IsMine will never return ISMINE_ALL.
Github-Pull: #26344
Rebased-From: 6bcd7e2a3b52f855db84cd23b5ee70d27be3434f
Instead of having an entire TaprootBuilder which may or may not be
complete, and could potentially have future changes that interact oddly
with taproot tree tuples, have m_tap_tree be just the tuples.
When needed in other a TaprootBuilder for actual use, the tuples will be
added to a a TaprootBuilder that, in the future, can take in whatever
other data is needed as well.
Github-Pull: #25858
Rebased-From: 0577d423adda8e719d7611d03355680c8fbacab8
Merging should be checking that the current PSBTOutput doesn't have a
taptree and the other one's is copied over. The original merging had
this inverted and would remove m_tap_tree if the other did not have it.
Github-Pull: #25858
Rebased-From: 7df6e1bb77a96eac4fbcba424bbe780636b86650
Since m_next_resend is now only called from MaybeResendWalletTxs()
we don't have any potential race conditions anymore, so the usage
of std::atomic can be reverted.
Github-Pull: #26205
Rebased-From: b01682a812f0841170657708ef0e896b904fcd77
We only want to relay our resubmitted transactions once every 12-36h.
By separating the timer update logic out of ResubmitWalletTransactions
and into MaybeResendWalletTxs we avoid non-relay calls (previously in
the separate ReacceptWalletTransactions function) from resetting that
timer.
Github-Pull: #26205
Rebased-From: 9245f456705b285e2d9afcc01a6155e1b3f92fad
Moves the logic of whether or not transactions should actually be
resent out of the function that's resending them. This reduces
responsibilities of ResubmitWalletTransactions and allows
carving out the updating of m_next_resend in a future commit.
Github-Pull: #26205
Rebased-From: 7fbde8af5c06694eecd4ce601109bd826a54bd6f
ReacceptWalletTransactions is replaced by ResubmitWalletTransactions
which already handles acquiring the necessary locks internally.
Github-Pull: #26205
Rebased-From: 01f3534632d18c772901fb6ce22f6394eae96799
Since commit f08c9fb0c6a799e3cb75ca5f763a746471625beb from PR
https://github.com/bitcoin/bitcoin/pull/21726, index
`BlockUntilSyncedToCurrentChain` behavior has been less reliable, and there has
also been a race condition in the `coinstatsindex_initial_sync` unit test.
It seems better for `BlockUntilSyncedToCurrentChain` to actually wait for the
last connected block to be fully processed, than to be able to return before
prune locks are set, so this switches the order of `m_best_block_index =
block;` and `UpdatePruneLock` statements in `SetBestBlockIndex` to make it more
reliable.
Also since commit f08c9fb0c6a799e3cb75ca5f763a746471625beb, there has been a
race condition in the `coinstatsindex_initial_sync` test. Before that commit,
the atomic index best block pointer `m_best_block_index` was updated as the
last step of `BaseIndex::BlockConnected`, so `BlockUntilSyncedToCurrentChain`
could safely be used in tests to wait for the last `BlockConnected`
notification to be finished before stopping and destroying the index. But
after that commit, calling `BlockUntilSyncedToCurrentChain` is no longer
sufficient, and there is a race between the test shutdown code which destroys
the index object and the new code introduced in that commit calling
`AllowPrune()` and `GetName()` on the index object. Reproducibility
instructions for this are in
https://github.com/bitcoin/bitcoin/issues/25365#issuecomment-1259744133
This commit fixes the `coinstatsindex_initial_sync` race condition, even though
it will require an additional change to silence TSAN false positives,
https://github.com/bitcoin/bitcoin/pull/26188, after it is fixed. So this
partially addresses but does not resolve the bug reporting TSAN errors
https://github.com/bitcoin/bitcoin/issues/25365.
There is no known race condition outside of test code currently, because the
bitcoind `Shutdown` function calls `FlushBackgroundCallbacks` not
`BlockUntilSyncedToCurrentChain` to safely shut down.
Co-authored-by: Vasil Dimov <vd@FreeBSD.org>
Co-authored-by: MacroFake <falke.marco@gmail.com>
Github-Pull: #26215
Rebased-From: 8891949bdcb25093d3a6703ae8228c3c3687d3a4
Follow-up to #25717. The commit "Utilize anti-DoS headers download
strategy" changed how this bool variable is computed, so that its value
is now the opposite of what it should be.
GitHub-Pull: #26172
Rebased-From: bdcafb913398f0cdaff9c880618f9ebfc85c7693
c1860341a72e7d813bfaa0f2c829850fd6738c90 qt: 24.0rc2 translations update (Hennadii Stepanov)
Pull request description:
This PR pulls the recent translations from the [Transifex.com](https://www.transifex.com/bitcoin/bitcoin) using the [`bitcoin-core/bitcoin-maintainer-tools/update-translations.py`](https://github.com/bitcoin-core/bitcoin-maintainer-tools/blob/main/update-translations.py) tool, and it is supposed to be merged just before `v24.0rc2` tagging.
Top commit has no ACKs.
Tree-SHA512: 4c31452dd36509b0c1f0f5f499b9a3add53409a592d70625c14d7e249de48e7fce65777c9a78882bd37dc345362f45fbae117aa80cec342e6352fc43ad9306c3
