No description

Find a file

Wladimir J. van der Laan 67be6d7a17 Merge #16248 : Make whitebind/whitelist permissions more flexible `c5b404e8f1` Add functional tests for flexible whitebind/list (nicolas.dorier) `d541fa3918` Replace the use of fWhitelisted by permission checks (nicolas.dorier) `ecd5cf7ea4` Do not disconnect peer for asking mempool if it has NO_BAN permission (nicolas.dorier) `e5b26deaaa` Make whitebind/whitelist permissions more flexible (nicolas.dorier) Pull request description: # Motivation In 0.19, bloom filter will be disabled by default. I tried to make [a PR](https://github.com/bitcoin/bitcoin/pull/16176) to enable bloom filter for whitelisted peers regardless of `-peerbloomfilters`. Bloom filter have non existent privacy and server can omit filter's matches. However, both problems are completely irrelevant when you connect to your own node. If you connect to your own node, bloom filters are the most bandwidth efficient way to synchronize your light client without the need of some middleware like Electrum. It is also a superior alternative to BIP157 as it does not require to maintain an additional index and it would work well on pruned nodes. When I attempted to allow bloom filters for whitelisted peer, my proposal has been NACKed in favor of [a more flexible approach](https://github.com/bitcoin/bitcoin/pull/16176#issuecomment-500762907) which should allow node operator to set fine grained permissions instead of a global `whitelisted` attribute. Doing so will also make follow up idea very easy to implement in a backward compatible way. # Implementation details The PR propose a new format for `--white{list,bind}`. I added a way to specify permissions granted to inbound connection matching `white{list,bind}`. The following permissions exists: * ForceRelay * Relay * NoBan * BloomFilter * Mempool Example: * `-whitelist=bloomfilter@127.0.0.1/32`. * `-whitebind=bloomfilter,relay,noban@127.0.0.1:10020`. If no permissions are specified, `NoBan \| Mempool` is assumed. (making this PR backward compatible) When we receive an inbound connection, we calculate the effective permissions for this peer by fetching the permissions granted from `whitelist` and add to it the permissions granted from `whitebind`. To keep backward compatibility, if no permissions are specified in `white{list,bind}` (e.g. `--whitelist=127.0.0.1`) then parameters `-whitelistforcerelay` and `-whiterelay` will add the permissions `ForceRelay` and `Relay` to the inbound node. `-whitelistforcerelay` and `-whiterelay` are ignored if the permissions flags are explicitly set in `white{bind,list}`. # Follow up idea Based on this PR, other changes become quite easy to code in a trivially review-able, backward compatible way: * Changing `connect` at rpc and config file level to understand the permissions flags. * Changing the permissions of a peer at RPC level. ACKs for top commit: laanwj: re-ACK `c5b404e8f1` Tree-SHA512: adfefb373d09e68cae401247c8fc64034e305694cdef104bdcdacb9f1704277bd53b18f52a2427a5cffdbc77bda410d221aed252bc2ece698ffbb9cf1b830577		2019-08-14 17:07:12 +02:00
.github
.travis	travis: Print memory and number of cpus	2019-07-22 20:26:10 -04:00
.tx	qt: Pre-0.18 split-off translations update	2019-02-04 15:24:37 +01:00
build-aux/m4	doc: fix typo in bitcoin_qt.m4 comment	2019-07-24 09:17:47 +08:00
build_msvc	Updated python command in readme so it will work on systems that have both python2 and 3 installed.	2019-07-29 10:16:22 +02:00
contrib	sipsorcery gitian key.	2019-08-10 05:39:47 +02:00
depends	build: disable libxcb extensions	2019-08-06 16:53:36 +08:00
doc	Add missing contributor to release notes	2019-08-14 23:01:36 +12:00
share	Merge #16291 : gui: Stop translating PACKAGE_NAME	2019-07-08 13:39:59 -04:00
src	Merge #16248 : Make whitebind/whitelist permissions more flexible	2019-08-14 17:07:12 +02:00
test	Merge #16248 : Make whitebind/whitelist permissions more flexible	2019-08-14 17:07:12 +02:00
.appveyor.yml	Changes the verbosity of msbuild from quiet to normal in the appveyor script. Increasing the verbosity helps to identify the cause of build errors which is the main purpose of the appveyor script.	2019-07-31 10:00:02 +02:00
.cirrus.yml	ci: Run extended tests	2019-06-20 14:52:36 -04:00
.gitattributes
.gitignore	[build] .gitignore add Qt Creator Makefile.am.user	2019-08-02 10:11:24 +01:00
.python-version	.python-version: Specify full version 3.5.6	2019-03-02 12:06:26 -05:00
.style.yapf	test: .style.yapf: Set column_limit=160	2019-03-04 18:28:13 -05:00
.travis.yml	travis: Bump timeout from 50 minutes to 90	2019-08-13 10:03:20 -04:00
autogen.sh	Enable ShellCheck rules	2019-07-04 19:35:25 +03:00
configure.ac	build: disable libsecp256k1 benchmarks	2019-08-09 11:12:51 +08:00
CONTRIBUTING.md	doc: update labels in CONTRIBUTING.md	2019-07-29 13:17:05 -04:00
COPYING
INSTALL.md
libbitcoinconsensus.pc.in
Makefile.am	Failing functional tests stop lcov	2019-06-13 11:39:15 -04:00
README.md	doc: Remove travis badge from readme	2019-06-19 11:39:27 -04:00
SECURITY.md	doc: Remove explicit mention of version from SECURITY.md	2019-06-14 06:39:17 -04:00

README.md

Bitcoin Core integration/staging tree

https://bitcoincore.org

What is Bitcoin?

Bitcoin is an experimental digital currency that enables instant payments to anyone, anywhere in the world. Bitcoin uses peer-to-peer technology to operate with no central authority: managing transactions and issuing money are carried out collectively by the network. Bitcoin Core is the name of open source software which enables the use of this currency.

For more information, as well as an immediately useable, binary version of the Bitcoin Core software, see https://bitcoincore.org/en/download/, or read the original whitepaper.

License

Bitcoin Core is released under the terms of the MIT license. See COPYING for more information or see https://opensource.org/licenses/MIT.

Development Process

The master branch is regularly built and tested, but is not guaranteed to be completely stable. Tags are created regularly to indicate new official, stable release versions of Bitcoin Core.

The contribution workflow is described in CONTRIBUTING.md and useful hints for developers can be found in doc/developer-notes.md.

Testing

Testing and code review is the bottleneck for development; we get more pull requests than we can review and test on short notice. Please be patient and help out by testing other people's pull requests, and remember this is a security-critical project where any mistake might cost people lots of money.

Automated Testing

Developers are strongly encouraged to write unit tests for new code, and to submit new unit tests for old code. Unit tests can be compiled and run (assuming they weren't disabled in configure) with: make check. Further details on running and extending unit tests can be found in /src/test/README.md.

There are also regression and integration tests, written in Python, that are run automatically on the build server. These tests can be run (if the test dependencies are installed) with: test/functional/test_runner.py

The Travis CI system makes sure that every pull request is built for Windows, Linux, and macOS, and that unit/sanity tests are run automatically.

Manual Quality Assurance (QA) Testing

Changes should be tested by somebody other than the developer who wrote the code. This is especially important for large or high-risk changes. It is useful to add a test plan to the pull request description if testing the changes is not straightforward.

Translations

Changes to translations as well as new translations can be submitted to Bitcoin Core's Transifex page.

Translations are periodically pulled from Transifex and merged into the git repository. See the translation process for details on how this works.

Important: We do not accept translation changes as GitHub pull requests because the next pull from Transifex would automatically overwrite them again.

Translators should also subscribe to the mailing list.