While limitations on the influence of attackers on addrman already
exist (affected buckets are restricted to a subset based on incoming
IP / network group), there is no reason to permit them to let them
feed us addresses at more than a multiple of the normal network
rate.
This commit introduces a "token bucket" rate limiter for the
processing of addresses in incoming ADDR and ADDRV2 messages.
Every connection gets an associated token bucket. Processing an
address in an ADDR or ADDRV2 message from non-whitelisted peers
consumes a token from the bucket. If the bucket is empty, the
address is ignored (it is not forwarded or processed). The token
counter increases at a rate of 0.1 tokens per second, and will
accrue up to a maximum of 1000 tokens (the maximum we accept in a
single ADDR or ADDRV2). When a GETADDR is sent to a peer, it
immediately gets 1000 additional tokens, as we actively desire many
addresses from such peers (this may temporarily cause the token
count to exceed 1000).
The rate limit of 0.1 addr/s was chosen based on observation of
honest nodes on the network. Activity in general from most nodes
is either 0, or up to a maximum around 0.025 addr/s for recent
Bitcoin Core nodes. A few (self-identified, through subver) crawler
nodes occasionally exceed 0.1 addr/s.
Github-Pull: #22387
Rebased-From: 0d64b8f709b4655d8702f810d4876cd8d96ded82
55e941f5df18ce6d9b1ee8759f1419c5d1f03a8f test: Fix intermittent feature_taproot issue (MarcoFalke)
681f728a35b800d6f1cc359171b6b40de9ddb9a4 ci: Build with --enable-werror by default, and document exceptions (Hennadii Stepanov)
89426c43fb75fabd72e6e16433dab7f8ee9c860c ci: Fix macOS brew install command (Hennadii Stepanov)
Pull request description:
This backports a few changes to fix CI failures we are seeing with the 0.21 branch.
Backports #21663, this might be the easiest way to fix the macOS CI failures we're seeing. i.e in #22569. The underlying issue is that the older CI images are using a version of brew that without running `brew update` first, is trying to download packages like Boost, from bintray (which no-longer works).
This also includes #20182, as by fixing macOS failure, via running `brew upgrade`, we end up using a newer version of miniupnpc, which emits a GNU extension related warning, and causes the build to fail, because we use `-Werror`.
Backporting #20535 should fix#22581.
ACKs for top commit:
hebasto:
ACK 55e941f5df18ce6d9b1ee8759f1419c5d1f03a8f, I verified changes by backporting locally.
Tree-SHA512: 3ab2c5c73c707d0f5b862264f3a0179cdeee30ae55aae872f3c3e0bb81d71a5027c39ba830210c99a21f98cc86c4167c4f215e24d1a8891ec79ce512debf82df
e3f1da4bf3db120cc691a844d612fbc522f11fb9 qt: Draw "eye" sign at the beginning of watch-only addresses (Hennadii Stepanov)
6ca54ce2ae0808513172c4945e38165e766e1381 qt: Do not extend recent transaction width to address/label string (Hennadii Stepanov)
f220368220abb11040fa944a853cda3d4f1fe84d qt: Do not use QClipboard::Selection on Windows and macOS. (Hennadii Stepanov)
Pull request description:
Backports https://github.com/bitcoin-core/gui/pull/277, https://github.com/bitcoin-core/gui/pull/365.
ACKs for top commit:
fanquake:
ACK e3f1da4bf3db120cc691a844d612fbc522f11fb9
jarolrod:
ACK e3f1da4bf3db120cc691a844d612fbc522f11fb9
Tree-SHA512: 43cc2ac48f4e5014bfdbe86cc904bb36d2be9fcd257f0fc0800c384bd727bb98466723e450a8909b06708784ad91184be599c49cf60de2e4377202774cb878f6
da816247f0c00e1644f7ebe2b848cfd6a5c7026e util: Properly handle -noincludeconf on command line (MarcoFalke)
513613d8a87337f1d1f639bc9426165c3b6be62e Cleanup -includeconf error message (MarcoFalke)
70eac6fcd02b6c44cb4b1f2fb895eae147e3f490 Fix crash when parsing command line with -noincludeconf=0 (MarcoFalke)
c5357fa4151e1ac90427ae0493a7bb3e451f8de5 fuzz: add missing ECCVerifyHandle to base_encode_decode (Andrew Poelstra)
Pull request description:
Backports #22279, #22002 and #22137 to fix fuzzing issues in the 0.21 branch: https://github.com/bitcoin/bitcoin/runs/2864012729.
ACKs for top commit:
achow101:
ACK da816247f0c00e1644f7ebe2b848cfd6a5c7026e
Tree-SHA512: ab8751387e42e03ff43594ae34be8ed0dba903d7da1aaecb9f19c08366570d8995abe89ba0c9bafe37662940f3e83bef1e9e50f330e86114cd6a773becd1fd21
7b0b201d109b6240f114498fc1b94af9cb85f26e wallet: Do not iterate a directory if having an error while accessing it (Hennadii Stepanov)
Pull request description:
This change prevents infinite looping for, for example, system folders
on Windows.
Github-Pull: #21907
Rebased-From: 29c9e2c2d2015ade47ed4497926363dea3f9c59b
Note: Trivial backport, but in a differently-named function in another file
ACKs for top commit:
hebasto:
ACK 7b0b201d109b6240f114498fc1b94af9cb85f26e, I have reviewed the code and it looks OK, I agree it can be merged.
Tree-SHA512: d41ab267250e8bfd9289cacf1fd804cc1a3bb20fc479dc9da5a69ebf26530b552b11b2ee6b11e17a1c146ca792ee65bd64eeb2269fa5e73a70361da8a2a09925
This bug was introduced in commit
fad0867d6ab9430070aa7d60bf7617a6508e0586.
Unit test
Co-Authored-By: Russell Yanofsky <russ@yanofsky.org>
Github-Pull: #22137
Rebased-From: fa910b47656d0e69cccb1f31804f2b11aa45d053
Remove the erroneous trailing newline '\n'. Also, print only the first
value to remove needless redundancy in the error message.
Github-Pull: #22002
Rebased-From: fad0867d6ab9430070aa7d60bf7617a6508e0586
0fe60a84ae2f52e87ee07cd0243f09d45b0b15e2 Use latest signapple commit (Andrew Chow)
5313d6aed2d8bd515401b3782c0bc352af423015 gitian: Remove codesign_allocate and pagestuff from MacOS build (Andrew Chow)
27d691b6b5b4a15dc3d1f9dd248a8880ab3ab326 gitian: use signapple to create the MacOS code signature (Andrew Chow)
2f33e339a8903e79bf750367c073056bea4a9788 gitian: use signapple to apply the MacOS code signature (Andrew Chow)
65ce8330427114c2827d00a658d2e5887349c76a gitian: install signapple in gitian-osx-signer.yml (Andrew Chow)
Pull request description:
Backport of #20880 and #22190
ACKs for top commit:
MarcoFalke:
cherry-pick-only ACK 0fe60a84ae 🍀
Tree-SHA512: e864048fab02a1857161602dd53abba552ca3f859c133a47a5e62c28d3e4de9cd099bce86123a1b5892042b09f51cc1ddd2ed1b0c71bfba162710eaee3f5bf91
This change prevents infinite looping for, for example, system folders
on Windows.
Github-Pull: #21907
Rebased-From: 29c9e2c2d2015ade47ed4497926363dea3f9c59b
+ Detailed error messages for invalid address
+ Used `IsValidDestination` instead of `IsValidDestinationString`
+ Referred to https://github.com/bitcoin/bitcoin/pull/20832 for solution
Github-Pull: bitcoin-core/gui#280
Rebased-From: 3bad0b3fada9ab7c5b03d31dc33d72654c1ba2be
PF_NOBAN is a multi-flag that includes PF_DOWNLOAD, so the conditional
in CConnman::Bind() using a bitwise AND will return the same result
for both the "noban" status and the "download" status.
Example:
`PF_DOWNLOAD` is `0b1000000`
`PF_NOBAN` is `0b1010000`
This makes a check like `flags & PF_NOBAN` return `true` even if `flags`
is equal to `PF_DOWNLOAD`.
If `-whitebind=download@1.1.1.1:8765` is specified, then `1.1.1.1:8765`
should be added to the list of local addresses. We only want to avoid
adding to local addresses (that are advertised) a whitebind that has a
`noban@` flag.
As a result of a mis-check in `CConnman::Bind()` we would not have added
`1.1.1.1:8765` to the local addresses in the example above.
Co-authored-by: Vasil Dimov <vd@FreeBSD.org>
Github-Pull: bitcoin/bitcoin#21644
Rebased-From: dde69f20a01acca64ac21cb13993c6e4f8709f23
deff4e763e11f92e5cb7732cace7239fead4fba8 depends: update Qt 5.9 source url (Kittywhiskers Van Gogh)
Pull request description:
## Expected Behavior
Running `make` in the depends directory should result in the successful building of host platform dependencies
## Actual Behavior
`make` terminates as `qt.mk` points to (now) outdated URL path for Qt 5.9 sources, returning error 404
## Remedy
Update `qt.mk` to point to updated source location as Qt has relocated them
ACKs for top commit:
RandyMcMillan:
tACK deff4e7
hebasto:
ACK deff4e763e11f92e5cb7732cace7239fead4fba8, I have verified the new link, and checked that old one is unavailable:
jarolrod:
tACK deff4e763e11f92e5cb7732cace7239fead4fba8
Tree-SHA512: d5b11a678c871a87e6884a35641178ee349728ead51da06018953be36aab5a30aef9c80b549da49802e87903eb0b7836cc343301325bd8c505cb4246f6752505
856de5bd5e4594d12c1d35704c49d0d086fc3d84 build,boost: update download url. (fdov)
Pull request description:
Backports #21662 to the 0.21 branch. Boost has migrated it's download URLs due to bintrays imminent closure. The Boost site has also been updated to point to the new URLs. i.e: https://www.boost.org/users/history/version_1_70_0.html.
Github-Pull: #21662
Rebased-From: 36c10b9f4b181db6afa2f8cb7d4872b158768c16
ACKs for top commit:
jarolrod:
ACK 856de5bd5e4594d12c1d35704c49d0d086fc3d84
Tree-SHA512: cae7262f963dd6e00af699c3e1bce2ee3ff9f76c5dcc24c8a5bf37025b53de28e4cb80de65a380208ee1841a89736d5c35605e40b728b6c7a9f026d8165d74c8
Co-authored-by: David A. Harding <dave@dtrt.org>
Co-authored-by: Jon Atack <jon@atack.com>
Co-authored-by: Pieter Wuille <pieter@wuille.net>
Tree-SHA512: dd9ac416ff22276833111198445d76cf8417012a6faad0c3560276f1dcf24586ff41c65ac3430fbf1e840aaa563d3dd101671cff306b0fd92aa2ee03bb7f926b
b8af67eeefc9fc9622f839ec8919b7391d91bf6f fuzz: cleanups for versionbits fuzzer (Anthony Towns)
79cdb4a1984c90a4d9377fbb0dda7bdd61d57031 test: make sure non-IP peers get discouraged and disconnected (Vasil Dimov)
b765f41164663c93d63e5a401d3b23c586a4e4fe test: also check disconnect in denialofservice_tests/peer_discouragement (Vasil Dimov)
dfeb6c10bba80dc91245318feb0ad1d879015a99 test: use pointers in denialofservice_tests/peer_discouragement (Vasil Dimov)
Pull request description:
Backport tests
ACKs for top commit:
vasild:
ACK b8af67eeefc9fc9622f839ec8919b7391d91bf6f
jnewbery:
ACK b8af67eeefc9fc9622f839ec8919b7391d91bf6f
ajtowns:
ACK b8af67eeefc9fc9622f839ec8919b7391d91bf6f ; visually compared individual commits to originals, checked original commits are in master
Tree-SHA512: 22f665560f9d452993b12508d93d93ff54e3e91dcf39f731e27aedfb891570168066c185413d455bee4fa082c011b65ea1b0eee51e3633392b07a0db008d51c8
Use `CConnmanTest` instead of `CConnman` and add the nodes to it
so that their `fDisconnect` flag is set during disconnection.
Github-Pull: #21571
Rebased-From: 637bb6da368b87711005b909f451f94909400092
This is a non-functional change that replaces the `CNode` on-stack
variables with `CNode` pointers.
The reason for this is that it would allow us to add those `CNode`s
to `CConnman::vNodes[]` which in turn would allow us to check that they
are disconnected properly - a `CNode` object must be in
`CConnman::vNodes[]` in order for its `fDisconnect` flag to be set.
If we store pointers to the on-stack variables in `CConnman` then it
would crash at the end, trying to `delete` them.
Github-Pull: #21571
Rebased-From: 4d6e246fa46f2309e2998b542e4c104d73d29071
cbd64c3a28a7466f421477daadc6e6e6b69b898a Add mainnet and testnet taproot activation params (Andrew Chow)
ec7824396bdd2e93b429ddce9fea6bb29695454a chainparams: drop versionbits threshold to 90% for mainnnet and signet (Anthony Towns)
600357306e2e182a457174862ea2e41c7ba39c64 versionbits: simplify state transitions (Anthony Towns)
3acf0379e0979ea4bdd03976f4987aa6711eb92f versionbits: Add explicit NEVER_ACTIVE deployments (Anthony Towns)
b529222ad18f7facbaff394455875b4aa65d653e fuzz: test versionbits delayed activation (Anthony Towns)
71917e01ebf48790b9df48421d8e97986f92e2e4 tests: test versionbits delayed activation (Anthony Towns)
4cab84cfdfc98cd10462681b5eb0fbbc08afd2a7 versionbits: Add support for delayed activation (Anthony Towns)
f9517e6014ccfe91d5a77e2bacca928bdce7c285 tests: clean up versionbits test (Anthony Towns)
1c0164544c66b691f93b3b1114eee97cbabd99b2 tests: test ComputeBlockVersion for all deployments (Anthony Towns)
2e9e7f4329fc313adf9ba2394edbaf2a69b59bc1 tests: pull ComputeBlockVersion test into its own function (Anthony Towns)
Pull request description:
Backport of #21377 and #21686
ACKs for top commit:
instagibbs:
cherry-pick ACK cbd64c3a28
jnewbery:
ACK cbd64c3a28a7466f421477daadc6e6e6b69b898a
Sjors:
tACK cbd64c3
MarcoFalke:
cherry-pick-only ACK cbd64c3a28a7466f421477daadc6e6e6b69b898a 🌾
Tree-SHA512: e9efb0ca9986d685161bcba5ed43efdc5f1dca88322cf65faccf17009b567c2d930c2aba4d1541539fc65347574ed4faa3d4558b907c779d1c128b3d2c681f31
d61fb07da7c12e4a1f68cf645f32d563a657a506 Rename CoinSelectionParams::effective_fee to m_effective_feerate (Andrew Chow)
5fc381e443d6d967e6f7f8bc88a4fd66e18379eb wallet: Move discard feerate fetching to CreateTransaction (Andrew Chow)
bcd716670ba8a189a2e9b8b035318abceb9ce631 wallet: Move long term feerate setting to CreateTransaction (Andrew Chow)
34c89f92f34b5ca12da95d5f0b0240682c5a1c1f wallet: Replace nFeeRateNeeded with effective_fee (Andrew Chow)
48fc675163a657e615fd4b2680fc3accba12f95d wallet: Use existing feerate instead of getting a new one (Andrew Chow)
Pull request description:
Backport of #21083
ACKs for top commit:
MarcoFalke:
cherry-pick-only re-ACK d61fb07da7c12e4a1f68cf645f32d563a657a506 🔙
instagibbs:
utACK d61fb07da7
Tree-SHA512: 23b212301bb467153dd9723903918ae01dd520525c81d541c411e7a4381e46594fe032e2a7c06ddcff7dc56dcb546991d50187c33fcff08ec45bd835cc01bd19
