Skip to content
Commits on Oct 12, 2015
Commits on Oct 11, 2015
  1. @laanwj

    Merge pull request #6793

    laanwj committed
    4e2efb3 tests: update transaction_tests for new dust threshold (Wladimir J. van der Laan)
    28e3249 Bump minrelaytxfee default (Wladimir J. van der Laan)
Commits on Oct 10, 2015
  1. @laanwj
  2. @laanwj

    Merge pull request #6795

    laanwj committed
    21d27eb net: Disable upnp by default (Wladimir J. van der Laan)
Commits on Oct 9, 2015
  1. @laanwj

    net: Disable upnp by default

    laanwj committed
    Common sentiment is that the miniupnpc codebase likely contains further
    vulnerabilities.
    
    I'd prefer to get rid of the dependency completely, but a compromise for
    now is to at least disable it by default.
  2. @laanwj

    Bump minrelaytxfee default

    laanwj committed
    To bridge the time until a dynamic method for determining this fee is
    merged.
    
    This is especially aimed at the stable releases (0.10, 0.11) because
    full mempool limiting, as will be in 0.12, is too invasive and risky to
    backport.
  3. @laanwj

    Merge pull request #6789

    laanwj committed
    0cca024 Update miniupnpc to 1.9.20151008 (Wladimir J. van der Laan)
  4. @laanwj

    Update miniupnpc to 1.9.20151008

    laanwj committed
    This version of miniupnpc fixes a buffer overflow in the XML (ugh)
    parser during initial network discovery.
    
    http://talosintel.com/reports/TALOS-2015-0035/
    
    The commit fixing the vulnerability is:
    miniupnp/miniupnp@79cca97
    
    Reported by timothy on IRC.
  5. @laanwj

    Merge pull request #6779

    laanwj committed
    b22692c build: Make use of ZMQ_CFLAGS (Cory Fields)
  6. @laanwj

    Merge pull request #6783

    laanwj committed
    34754ce [Trivial] Fixed typo when referring to a previous section in depends/README.md [skip ci] (Chris Kleeschulte)
  7. @laanwj

    Merge pull request #6770

    laanwj committed
    b2af29b Ignore bench_bitcoin binary. (Pavel Janík)
Commits on Oct 8, 2015
  1. @kleetus

    [Trivial] Fixed typo when referring to a previous section in

    kleetus committed
    depends/README.md [skip ci]
  2. @theuni

    build: Make use of ZMQ_CFLAGS

    theuni committed
Commits on Oct 7, 2015
  1. @laanwj

    Merge pull request #6720

    laanwj committed
    1534d9a Creates unittests for addrman, makes addrman testable. Adds several unittests for addrman to verify it works as expected. Makes small modifications to addrman to allow deterministic and targeted tests. (EthanHeilman)
  2. @laanwj

    Merge pull request #6769

    laanwj committed
    b196b68 Test LowS in standardness, removes nuisance malleability vector. (Gregory Maxwell)
Commits on Oct 6, 2015
  1. @laanwj

    Merge pull request #6650

    laanwj committed
    42cb388 Add chainstate obfuscation to avoid spurious antivirus detection (James O'Beirne)
  2. @paveljanik
  3. @jamesob

    Add chainstate obfuscation to avoid spurious antivirus detection

    jamesob committed
    Adds an `obfuscate` parameter to `CLevelDBWrapper` and makes use of it
    for all new chainstate stores built via `CCoinsViewDB`. Also adds an
    `Xor` method to `CDataStream`.
    
    Thanks to @sipa @laanwj @pstratem @dexX7 @KyrosKrane @gmaxwell.
  4. @laanwj

    Merge pull request #6733

    laanwj committed
    7072c54 Support very-fast-running benchmarks (Gavin Andresen)
    535ed92 Simple benchmarking framework (Gavin Andresen)
  5. @laanwj

    Merge pull request #6762

    laanwj committed
    a19504b tests-config.sh is superseded by tests_config.py (Pavel Janík)
  6. @laanwj

    Merge pull request #6743

    laanwj committed
    dd28089 autotools: move checking for zmq library to common area in configure.ac (Johnathan Corgan)
  7. @laanwj

    Merge pull request #6760

    laanwj committed
    efb37d4 Changed run-bitcoind-for-test.sh.in to non-executable mode. Consistency with other *.in input files. (randy-waterhouse)
  8. @laanwj

    Merge pull request #6763

    laanwj committed
    202f612 The Bitcoin Core project is releasing Bitcoin Core, not Bitcoin. (Pavel Janík)
  9. @laanwj

    Merge pull request #6751

    laanwj committed
    9204930 Document pull-req #6424 in release-notes (Peter Todd)
  10. @laanwj

    Merge pull request #6768

    laanwj committed
    9f5c641 zmq: update docs to reflect feature is compiled in automatically if possible (Johnathan Corgan)
  11. @laanwj

    Merge pull request #6742

    laanwj committed
    58981d4 Changed logging to make -logtimestamps to work also for -printtoconsole (Arne Brutschy)
  12. @gmaxwell

    Test LowS in standardness, removes nuisance malleability vector.

    gmaxwell committed
    This adds SCRIPT_VERIFY_LOW_S to STANDARD_SCRIPT_VERIFY_FLAGS which
     will make the node require the canonical 'low-s' encoding for
     ECDSA signatures when relaying or mining.
    
    Consensus behavior is unchanged.
    
    The rational is explained in a81cd96:
     Absent this kind of test ECDSA is not a strong signature as given
     a valid signature {r, s} both that value and {r, -s mod n} are valid.
     These two encodings have different hashes allowing third parties a
     vector to change users txids.  These attacks are avoided by picking
     a particular form as canonical and rejecting the other form(s); in
     the of the LOW_S rule, the smaller of the two possible S values is
     used.
    
    If widely deployed this change would eliminate the last remaining
     known vector for nuisance malleability on boring SIGHASH_ALL
     p2pkh transactions.  On the down-side it will block most
     transactions made by sufficiently out of date software.
    
    Unlike the other avenues to change txids on boring transactions this
     one was randomly violated by all deployed bitcoin software prior to
     its discovery.  So, while other malleability vectors where made
     non-standard as soon as they were discovered, this one has remained
     permitted.  Even BIP62 did not propose applying this rule to
     old version transactions, but conforming implementations have become
     much more common since BIP62 was initially written.
    
    Bitcoin Core has produced compatible signatures since a28fb70 in
     September 2013, but this didn't make it into a release until 0.9
     in March 2014; Bitcoinj has done so for a similar span of time.
     Bitcoinjs and electrum have been more recently updated.
    
    This does not replace the need for BIP62 or similar, as miners can
     still cooperate to break transactions.  Nor does it replace the
     need for wallet software to handle malleability sanely[1]. This
     only eliminates the cheap and irritating DOS attack.
    
    [1] On the Malleability of Bitcoin Transactions
    Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Łukasz Mazurek
    http://fc15.ifca.ai/preproceedings/bitcoin/paper_9.pdf
  13. @jmcorgan

    zmq: update docs to reflect feature is compiled in automatically if p…

    jmcorgan committed
    …ossible
    
    Signed-off-by: Johnathan Corgan <johnathan@corganlabs.com>
Commits on Oct 5, 2015
  1. @petertodd

    Document pull-req #6424 in release-notes

    petertodd committed
    Mention now allowed sequence of pushdatas in OP_RETURN outputs in
    release notes.
  2. @paveljanik
  3. @paveljanik
  4. @randy-waterhouse

    Changed run-bitcoind-for-test.sh.in to non-executable mode.

    randy-waterhouse committed
    Consistency with other *.in input files.
  5. @laanwj

    Merge pull request #6744

    laanwj committed
    bb24835 build: disable -Wself-assign (Wladimir J. van der Laan)
  6. @laanwj

    Merge pull request #6748

    laanwj committed
    9ee5ac8 Rewrite help texts for features enabled by default. (Pavel Janík)
  7. @ptschip @laanwj
Something went wrong with that request. Please try again.