Commit Graph

79 Commits

Author SHA1 Message Date
MarcoFalke
b6bde7322c
Merge bitcoin/bitcoin#26827: doc: use "std lib clock" over "C++11 clock"
672f7ad747ecc6e04472f96fa88332be1f39d39b doc: remove usages of C++11 (fanquake)

Pull request description:

  These were new in C++11, and now they are just our standard library.

ACKs for top commit:
  jarolrod:
    re-ACK 672f7ad747ecc6e04472f96fa88332be1f39d39b
  hebasto:
    re-ACK 672f7ad747ecc6e04472f96fa88332be1f39d39b

Tree-SHA512: 7e3b8b0346ba29b19e6d8536700ca510e2b543cdeecd9e740bba71ea6d0133dd96cdaeaa00f371f8ef85913ff5aaabe12878255f393dac7d354a8b89b58d050a
2024-08-12 11:52:41 +07:00
laanwj
e9f5b4b735
Merge bitcoin/bitcoin#24213: refactor: use Span in random.*
3ae7791bcaa88f5c68592673b8926ee807242ce7 refactor: use Span in random.* (pasta)

Pull request description:

  ~This PR does two things~
  1. use a Span<unsigned char> for GetRandBytes and GetStrongRandBytes

  ~2. make GetRand a template for which any integral type can be used, where the default behavior is to return a random integral up to the max of the integral unless a max is provided.
  This simplifies a lot of code from `GetRand(std::numeric_limits<uint64_t>::max()` -> `GetRand<uint64_t>()`~

  MarcoFalke this was inspired by your comment here: https://github.com/bitcoin/bitcoin/pull/24185#issuecomment-1025514263 about using Span, so hopefully I'll be able to get this PR done and merged 😂

  ~Also, if requested I could revert the `GetRand(std::numeric_limits<uint64_t>::max()` -> `GetRand<uint64_t>()` related changes if it ends up causing too many conflicts~

ACKs for top commit:
  laanwj:
    Thank you! Code review re-ACK 3ae7791bcaa88f5c68592673b8926ee807242ce7

Tree-SHA512: 12375a83b68b288916ba0de81cfcab4aac14389a66a36811ae850427435eb67dd55e47df9ac3ec47db4e214f4330139e548bec815fff8a3f571484ea558dca79
2024-06-06 22:58:30 -05:00
Kittywhiskers Van Gogh
5dde8e7b33
merge bitcoin#25109: Strengthen AssertLockNotHeld assertions 2024-05-09 08:52:48 +00:00
Kittywhiskers Van Gogh
b60c493265
merge bitcoin#28100: more Span<std::byte> modernization & follow-ups 2024-03-05 21:43:22 +00:00
Kittywhiskers Van Gogh
2b26a87874
merge bitcoin#28012: Allow FastRandomContext::randbytes for std::byte, Allow std::byte serialization 2024-02-28 13:37:36 -06:00
Kittywhiskers Van Gogh
1d6aafea47
merge bitcoin#21817: Replace &foo[0] with foo.data() 2024-02-28 13:37:33 -06:00
MacroFake
6a8b3f2b40
Merge bitcoin/bitcoin#25440: log: Use consistent wording in random.cpp log
c01ae8f5ead6837162a2772ce792a83f66757ee4 Use consistent wording in log (Igor Bubelov)

Pull request description:

  It's a trivial change, but it bothers me a bit that two log lines in a row aren't grammatically identical while following exactly the same pattern. I've read `contributing.md` and I'm aware that changes like this are usually being ignored and dropped, but I decided to leave it here anyway in case someone feels the same way about inconsistent log messages or grammar =)

ACKs for top commit:
  laanwj:
    Code review ACK c01ae8f5ead6837162a2772ce792a83f66757ee4

Tree-SHA512: d5b3849b3a6e3de7ea9b468c05f17cacd1dbd1aca2f3401b5138383dc8d385cea9e221db558ab472c1c4c7f6921d57dcc7af89a54776c5765fa00e429694b4e7
2024-02-27 10:02:43 -06:00
MarcoFalke
5ebb66db18 Merge #18781: Add templated GetRandDuration<>
0000ea32656833efa3d2ffd9bab66c88c83334f0 test: Add test for GetRandMillis and GetRandMicros (MarcoFalke)
fa0e5b89cf742df56c6c8f49fe9b3c54d2970a66 Add templated GetRandomDuration<> (MarcoFalke)

Pull request description:

  A naive implementation of this template is dangerous, because the call site might accidentally omit the template parameter:

  ```cpp
  template <typename D>
  D GetRandDur(const D& duration_max)
  {
      return D{GetRand(duration_max.count())};
  }

  BOOST_AUTO_TEST_CASE(util_time_GetRandTime)
  {
      std::chrono::seconds rand_hour = GetRandDur(std::chrono::hours{1});
      // Want seconds to be in range [0..1hour), but always get zero :((((
      BOOST_CHECK_EQUAL(rand_hour.count(), 0);
  }
  ```

  Luckily `std::common_type` is already specialised in the standard lib for `std::chrono::duration` (https://en.cppreference.com/w/cpp/chrono/duration/common_type). And its effect seem to be that the call site must always specify the template argument explicitly.

  So instead of implementing the function for each duration type by hand, replace it with a templated version that is safe to use.

ACKs for top commit:
  laanwj:
    Code review ACK 0000ea32656833efa3d2ffd9bab66c88c83334f0
  promag:
    Code review ACK 0000ea32656833efa3d2ffd9bab66c88c83334f0.
  jonatack:
    ACK 0000ea3 thanks for the improved documentation. Code review, built, ran `src/test/test_bitcoin -t random_tests -l test_suite` for the new unit tests, `git diff fa05a4c 0000ea3` since previous review:
  hebasto:
    ACK 0000ea32656833efa3d2ffd9bab66c88c83334f0 with non-blocking [nit](https://github.com/bitcoin/bitcoin/pull/18781#discussion_r424924671).

Tree-SHA512: e89d46e31452be6ea14269ecbbb2cdd9ae83b4412cd14dff7d1084283092722a2f847cb501e8054394e4a3eff852f9c87f6d694fd008b3f7e8458cb5a3068af7
2023-12-05 12:47:47 -06:00
Kittywhiskers Van Gogh
78a9f1e55b merge bitcoin#27479: BIP324: ElligatorSwift integrations 2023-11-21 07:59:03 -06:00
fanquake
5a4406ef98 Merge bitcoin/bitcoin#26153: Reduce wasted pseudorandom bytes in ChaCha20 + various improvements
511aa4f1c7508f15cab8d7e58007900ad6fd3d5d Add unit test for ChaCha20's new caching (Pieter Wuille)
fb243d25f754da8f01793b41e2d225b917f3e5d7 Improve test vectors for ChaCha20 (Pieter Wuille)
93aee8bbdad808b7009279b67470d496cc26b936 Inline ChaCha20 32-byte specific constants (Pieter Wuille)
62ec713961ade7b58e90c905395558a41e8a59f0 Only support 32-byte keys in ChaCha20{,Aligned} (Pieter Wuille)
f21994a02e1cc46d41995581b54222abc655be93 Use ChaCha20Aligned in MuHash3072 code (Pieter Wuille)
5d16f757639e2cc6e81db6e07bc1d5dd74abca6c Use ChaCha20 caching in FastRandomContext (Pieter Wuille)
38eaece67b1bc37b2f502348c5d7537480a34346 Add fuzz test for testing that ChaCha20 works as a stream (Pieter Wuille)
5f05b27841af0bed1b6e7de5f46ffe33e5919e4d Add xoroshiro128++ PRNG (Martin Leitner-Ankerl)
12ff72476ac0dbf8add736ad3fb5fad2eeab156c Make unrestricted ChaCha20 cipher not waste keystream bytes (Pieter Wuille)
6babf402130a8f3ef3058594750aeaa50b8f5044 Rename ChaCha20::Seek -> Seek64 to clarify multiple of 64 (Pieter Wuille)
e37bcaa0a6dbb334ab6e817efcb609ccee6edc39 Split ChaCha20 into aligned/unaligned variants (Pieter Wuille)

Pull request description:

  This is an alternative to #25354 (by my benchmarking, somewhat faster), subsumes #25712, and adds additional test vectors.

  It separates the multiple-of-64-bytes-only "core" logic (which becomes simpler) from a layer around which performs caching/slicing to support arbitrary byte amounts. Both have their uses (in particular, the MuHash3072 code can benefit from multiple-of-64-bytes assumptions), plus the separation results in more readable code. Also, since FastRandomContext effectively had its own (more naive) caching on top of ChaCha20, that can be dropped in favor of ChaCha20's new built-in caching.

  I thought about rebasing #25712 on top of this, but the changes before are fairly extensive, so redid it instead.

ACKs for top commit:
  ajtowns:
    ut reACK 511aa4f1c7508f15cab8d7e58007900ad6fd3d5d
  dhruv:
    tACK crACK 511aa4f1c7

Tree-SHA512: 3aa80971322a93e780c75a8d35bd39da3a9ea570fbae4491eaf0c45242f5f670a24a592c50ad870d5fd09b9f88ec06e274e8aa3cefd9561d623c63f7198cf2c7
2023-11-19 10:20:12 -06:00
Konstantin Akimov
4aa197dbdb Merge #18673: scripted-diff: Sort test includes
fa4632c41714dfaa699bacc6a947d72668a4deef test: Move boost/stdlib includes last (MarcoFalke)
fa488f131fd4f5bab0d01376c5a5013306f1abcd scripted-diff: Bump copyright headers (MarcoFalke)
fac5c373006a9e4bcbb56843bb85f1aca4d87599 scripted-diff: Sort test includes (MarcoFalke)

Pull request description:

  When writing tests, often includes need to be added or removed. Currently the list of includes is not sorted, so developers that write tests and have `clang-format` installed will either have an unrelated change (sorting) included in their commit or they will have to manually undo the sort.

  This pull preempts both issues by just sorting all includes in one commit.

  Please be aware that this is **NOT** a change to policy to enforce clang-format or any other developer guideline or process. Developers are free to use whatever tool they want, see also #18651.

  Edit: Also includes a commit to bump the copyright headers, so that the touched files don't need to be touched again for that.

ACKs for top commit:
  practicalswift:
    ACK fa4632c41714dfaa699bacc6a947d72668a4deef
  jonatack:
    ACK fa4632c41714dfaa, light review and sanity checks with gcc build and clang fuzz build

Tree-SHA512: 130a8d073a379ba556b1e64104d37c46b671425c0aef0ed725fd60156a95e8dc83fb6f0b5330b2f8152cf5daaf3983b4aca5e75812598f2626c39fd12b88b180
2023-08-29 22:00:59 -05:00
Kittywhiskers Van Gogh
8542752296 merge bitcoin#20429: replace (sizeof(a)/sizeof(a[0])) with C++17 std::size
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
2022-11-01 00:28:53 -05:00
Wladimir J. van der Laan
7b0981e210 Merge #17699: Make env data logging optional
0ccad08fb25e00fcf41ffbad6ce2501e363a0033 Make env data logging optional (Pieter Wuille)

Pull request description:

  The dynamic env feeding logging is a bit chatty, make it dependent on `-debug=rand`.

ACKs for top commit:
  practicalswift:
    ACK 0ccad08fb25e00fcf41ffbad6ce2501e363a0033 -- less noise is good and diff looks correct
  laanwj:
    ACK 0ccad08fb25e00fcf41ffbad6ce2501e363a0033
  promag:
    ACK 0ccad08fb25e00fcf41ffbad6ce2501e363a0033.
  jonatack:
    ACK 0ccad08fb25e00fcf41ffbad6ce2501e363a0033, was considering to propose this.

Tree-SHA512: 01d7f9ac134852c2c0d5f66f96ee4395f0ff7a60573e648f3d01054073624042148c8e8b9f69a29c9a41c296e1f4be77c2015a642ee4113a2fd8779b62aa137d
2022-05-30 19:09:39 +07:00
MarcoFalke
c5c5b520cb Merge #17670: Move events_hasher into RNGState()
8bda0960f94dfb6462fc810cd61a8a065730eb79 Move events_hasher into RNGState() (Pieter Wuille)

Pull request description:

  This moves `events_hasher` and `events_mutex` into `RNGState()` in random.cpp. This guarantees (through the existing `GetRNGState()` function) that the mutex is always created before any events are added, even when that happens inside global initializers.

  Fixes the issue reported here: https://github.com/bitcoin/bitcoin/pull/17573#issuecomment-561828251, and includes the annotation from #17666).

ACKs for top commit:
  MarcoFalke:
    re-ACK 8bda0960f94dfb6462fc810cd61a8a065730eb79 🥈
  sipsorcery:
    re-ACK 8bda0960f94dfb6462fc810cd61a8a065730eb79.

Tree-SHA512: 78702d668764df19e9d61d87d82eca71cceca87d5351b740e13e732a1c18a3d53d7fbaaf63245266da597370bfebec9fa6a4749c15ec5a78dcfe6122c33553ed
2022-05-30 19:09:39 +07:00
Wladimir J. van der Laan
3c9bf2e02b Merge #17573: Seed RNG with precision timestamps on receipt of net messages.
02d8c56a18b9a2960888d6ec1209955105bae847 Seed RNG with precision timestamps on receipt of net messages. (Matt Corallo)

Pull request description:

  See title. Exposes a generic dead-simple "SeedEvent" interface, but currently just used for net messages.

ACKs for top commit:
  sipa:
    utACK 02d8c56a18
  laanwj:
    ACK 02d8c56a18b9a2960888d6ec1209955105bae847
  meshcollider:
    utACK 02d8c56a18b9a2960888d6ec1209955105bae847

Tree-SHA512: 28eb39a201ee2b13393c5c64dbf7c1913f3482f095969ef5141bfe549ce77dd63bb5f14738f6eedb296c686ea36014aa157b9c5e8059710a318590f30e9caa14
2022-05-30 19:09:39 +07:00
Kittywhiskers Van Gogh
6390cae926 merge bitcoin#18038: Mempool tracks locally submitted transactions to improve wallet privacy 2022-05-18 20:49:34 +05:30
Wladimir J. van der Laan
b582fbb9a6 Merge #18359: build: fix sysctl() detection on macOS
e90e3e684ffa7b25f0dfb5b45e70bb0c358261fb build: fix sysctl() detection on macOS (fanquake)

Pull request description:

  [`sysctl()` on *BSD](https://www.unix.com/man-page/FreeBSD/3/sysctl/) takes a "const int *name", whereas [`sysctl()` on macOS](https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man3/sysctl.3.html)
  it takes an "int *name". So our configure check and `sysctl()` detection on
  macOS currently fails:

  ```bash
  /usr/include/sys/sysctl.h:759:9: note: candidate function not viable:
  	no known conversion from 'const int [2]' to 'int *' for 1st argument
  int     sysctl(int *, u_int, void *, size_t *, void *, size_t);
  ```

  The simplest change seems to be to change the param to a "int *name", which
  will work during configure on macOS and *BSD systems.

  For consistency I've changed both calls, but note that macOS doesn't
  have `KERN_ARND`, so that check will always fail regardless. We can revert/add
  documentation if preferred.

ACKs for top commit:
  laanwj:
    Re-ACK e90e3e684ffa7b25f0dfb5b45e70bb0c358261fb

Tree-SHA512: 29e9348136fc72882f63079bf10d2490e845d7656aae2c003e282bea49dd2778204a7776a67086bd88c2852af9a07dd04ba358eede7e37029e1c10f73c85d6a5
2022-04-25 14:02:48 -05:00
Wladimir J. van der Laan
d195881704 Merge #17507: random: mark RandAddPeriodic and SeedPeriodic as noexcept
55b2cb199c276781b6daa5438af2da57dea3ac52 random: mark RandAddPeriodic and SeedPeriodic as noexcept (fanquake)
461e547877da0c04db69e067c923cc4540aab03a doc: correct random.h docs after #17270 (fanquake)

Pull request description:

  The usage of `MilliSleep()` in SeedPeriodic (previously SeedSleep) was
  [removed](d61f2bb076) in #17270, meaning it, and its users can now be marked `noexcept`.

  This also corrects the docs in random.h for some of the changes in #17270.

ACKs for top commit:
  practicalswift:
    ACK 55b2cb199c276781b6daa5438af2da57dea3ac52
  laanwj:
    ACK 55b2cb199c276781b6daa5438af2da57dea3ac52
  sipa:
    ACK 55b2cb199c276781b6daa5438af2da57dea3ac52

Tree-SHA512: 672d369796e7c4f9b4d98dc545e5454999fa1bef373871994a26041d6163c58909e2255e4f820d3ef011679aa3392754eb57477306a89f5fd3d57e2bd7f0811a
2022-04-25 14:02:43 -05:00
Kittywhiskers Van Gogh
2314ba4c99 merge bitcoin#17265: Remove OpenSSL 2022-04-25 15:29:52 +05:30
Kittywhiskers Van Gogh
946858204f merge bitcoin#17270: Feed environment data into RNG initializers 2022-04-25 15:29:51 +05:30
Kittywhiskers Van Gogh
c7c42fff3d revert dash#4683: remove the ability to opt-out from building openssl
This reverts commit b26eaf6954.
2022-04-25 15:18:55 +05:30
PastaPastaPasta
b26eaf6954
build: allow building without openssl, enables native m1 development builds (#4683)
* build: allow building without openssl, enables native m1 development builds

* Update configure.ac, according to review

Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>

* introduce `--with-openssl`

Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
2022-02-13 11:50:23 +03:00
pasta
f04cf7bf47
16659 continuation
Signed-off-by: pasta <pasta@dashboost.org>
2021-12-17 12:02:16 -05:00
MarcoFalke
3c5dcb036a Merge #16659: refactoring: Remove unused includes
084e17cebd424b8e8ced674bc810eef4e6ee5d3b Remove unused includes (practicalswift)

Pull request description:

  As requested by MarcoFalke in https://github.com/bitcoin/bitcoin/pull/16273#issuecomment-521332089:

  This PR removes unused includes.

  Please note that in contrast to #16273 I'm limiting the scope to the trivial cases of pure removals (i.e. no includes added) to make reviewing easier.

  I'm seeking "Concept ACK":s for this obviously non-urgent minor cleanup.

  Rationale:
  * Avoids unnecessary re-compiles in case of header changes.
  * Makes reasoning about code dependencies easier.
  * Reduces compile-time memory usage.
  * Reduces compilation time.
  * Warm fuzzy feeling of being lean :-)

ACKs for top commit:
  ryanofsky:
    Code review ACK 084e17cebd424b8e8ced674bc810eef4e6ee5d3b. PR only removes include lines and it still compiles. In the worst case someone might have to explicitly add an include later for something now included implicitly. But maybe some effort was taken to avoid this, and it wouldn't be a tragedy anyway.

Tree-SHA512: 89de56edc6ceea4696e9579bccff10c80080821685b9fb4e8c5ef593b6e43cf662f358788701bb09f84867693f66b2e4db035b92b522a0a775f50b7ecffd6a6d
2021-12-12 16:44:54 -05:00
Wladimir J. van der Laan
391c59af6d Merge #17191: random: remove call to RAND_screen() (Windows only)
e892f9648ae5f72b2020bdaa1e28901e8378e9fc random: remove call to RAND_screen() (Windows only) (fanquake)

Pull request description:

  Follow up to https://github.com/bitcoin/bitcoin/pull/17151 where there were multiple calls to also remove our call to RAND_screen().

ACKs for top commit:
  MarcoFalke:
    unsigned ACK e892f9648ae5f72b2020bdaa1e28901e8378e9fc
  laanwj:
    ACK e892f9648ae5f72b2020bdaa1e28901e8378e9fc

Tree-SHA512: 1b846016d91e8113f90466b61fcaf0574edb6b4726eba1947549e2ac28907e1318d893f7b303e756f19730c8507c79b10e08d54b97153224b585ff1e0ac1953e
2021-09-21 14:42:21 -04:00
MarcoFalke
70dae106e4 Merge #17169: doc: correct function name in ReportHardwareRand()
5013171eaf111d43ff824a212aebe40901221d6d doc: correct function name in ReportHardwareRand() (fanquake)

Pull request description:

  The function is `InitHardwareRand` not `HWRandInit`.

  46d6930f8c/src/random.cpp (L99)

ACKs for top commit:
  laanwj:
    ACK 5013171eaf111d43ff824a212aebe40901221d6d
  theStack:
    ACK 5013171eaf

Tree-SHA512: c25e1bb56e923961fc8a9178d751222b60f5ca36be84abf8fd1ac971f3a9b79b587ed9d8a4a175981b66f3fd5ad7edd6697d343e4dc4852351a1510718745455
2021-09-21 14:42:16 -04:00
Wladimir J. van der Laan
5167cbe911 Merge #15250: Use RdSeed when available, and reduce RdRand load
1435fabc19d2143187efb493cbe23225eaf851ae Use RdSeed when available, and reduce RdRand load (Pieter Wuille)

Pull request description:

  This introduces support for autodetecting and using the RdSeed instruction on x86/x86_64 systems.

  In addition:
  * In SeedFast, only 64 bits of entropy are generated through RdRand (256 was relatively slow).
  * In SeedStartup, 256 bits of entropy are generated, using RdSeed (preferably) or RdRand (otherwise).

Tree-SHA512: fb7d3e22e93e14592f4b07282aa79d7c3cc4e9debdd9978580b8d2562bbad345e289bf3f80de2c50c9b50b8bac2aa9b838f9f272f7f8d43f1efc0913aa8acce3
2021-09-16 13:34:59 +03:00
Wladimir J. van der Laan
f1c784ffc3
Merge #15224: Add RNG strengthening (10ms once every minute)
3cb9ce85d0c6d01217babf0df7efc2eabde1b12f Document strenghtening (Pieter Wuille)
1d207bc46f995ad3b5ae89bb504affaca09d10b1 Add hash strengthening to the RNG (Pieter Wuille)

Pull request description:

  This patch improves the built-in RNG using hash strengthening.

  At startup, and once every minute, 32 bytes of entropy are produced from the RNG, repeatedly hashed using SHA512 for 10ms, and then fed back into the RNG, together with high-precision timestamps obtained every 1000 iterations.

ACKs for commit 3cb9ce:
  pstratem:
    utACK 3cb9ce85d0c6d01217babf0df7efc2eabde1b12f

Tree-SHA512: 4fb6f61639b392697beb81c5f0903f79f10dd1087bed7f34de2abb5c22704a671e37b2d828ed141492491863efb1e7d1fa04408a1d32c9de2f2cc8ac406bbe57
2021-09-15 13:54:40 -04:00
Dzutte
be79070f60
Merge #14955: Switch all RNG code to the built-in PRNG (#4411)
223de8d94d6522f795ec3c2e7db27469f24aa68c Document RNG design in random.h (Pieter Wuille)
f2e60ca98530e0a865ff6c6fd3c5633aec11a515 Use secure allocator for RNG state (Pieter Wuille)
cddb31bb0a132afa50b5350196cf26f0064fe3e2 Encapsulate RNGState better (Pieter Wuille)
152146e782d401aa1ce7d989d62306aabc85f22e DRY: Implement GetRand using FastRandomContext::randrange (Pieter Wuille)
a1f252eda87356fa329c838a7bf569808489648f Sprinkle some sweet noexcepts over the RNG code (Pieter Wuille)
4ea8e50837a0932b31a241988fd68d6730a2048a Remove hwrand_initialized. (Pieter Wuille)
9d7032e4f066777c97c58b1394884716e213790a Switch all RNG code to the built-in PRNG. (Pieter Wuille)
16e40a8b562ad849a5f5e8b21ceb375e46038243 Integrate util/system's CInit into RNGState (Pieter Wuille)
2ccc3d3aa346e96206281a391bc29874cf5ee7f4 Abstract out seeding/extracting entropy into RNGState::MixExtract (Pieter Wuille)
aae8b9bf0f4fd2b801ee72cf191588c8b3a67c3c Add thread safety annotations to RNG state (Pieter Wuille)
d3f54d1c82b131d817b20cd9daa75f9d3c9475e1 Rename some hardware RNG related functions (Pieter Wuille)
05fde14e3afe6f7156ebb6df6cd0e3ae12635b89 Automatically initialize RNG on first use. (Pieter Wuille)
2d1cc5093949f8ea9487a68724162c8b39035ad8 Don't log RandAddSeedPerfmon details (Pieter Wuille)
6a57ca91da23c6a5d91399ffc7fc09a99b6d4c76 Use FRC::randbytes instead of reading >32 bytes from RNG (Pieter Wuille)

Pull request description:

  This does not remove OpenSSL, but makes our own PRNG the 'main' one; for GetStrongRandBytes, the OpenSSL RNG is still used (indirectly, by feeding its output into our PRNG state).

  It includes a few policy changes (regarding what entropy is seeded when).

  Before this PR:
  * GetRand*:
    * OpenSSL
  * GetStrongRand*:
    * CPU cycle counter
    * Perfmon data (on Windows, once 10 min)
    * /dev/urandom (or equivalent)
    * rdrand (if available)
  * From scheduler when idle:
    * CPU cycle counter before and after 1ms sleep
  * At startup:
    * CPU cycle counter before and after 1ms sleep

  After this PR:
  * GetRand*:
    * Stack pointer (which indirectly identifies thread and some call stack information)
    * rdrand (if available)
    * CPU cycle counter
  * GetStrongRand*:
    * Stack pointer (which indirectly identifies thread and some call stack information)
    * rdrand (if available)
    * CPU cycle counter
    * /dev/urandom (or equivalent)
    * OpenSSL
    * CPU cycle counter again
  * From scheduler when idle:
    * Stack pointer (which indirectly identifies thread and some call stack information)
    * rdrand (if available)
    * CPU cycle counter before and after 1ms sleep
    * Perfmon data (on Windows, once every 10 min)
  * At startup:
    * Stack pointer (which indirectly identifies thread and some call stack information)
    * rdrand (if available)
    * CPU cycle counter
    * /dev/urandom (or equivalent)
    * OpenSSL
    * CPU cycle counter again
    * Perfmon data (on Windows, once every 10 min)

  The interface of random.h is also simplified, and documentation is added.

  This implements most of #14623.

Tree-SHA512: 0120e19bd4ce80a509b5c180a4f29497d299ce8242e25755880851344b825bc2d64a222bc245e659562fb5463fb7c70fbfcf003616be4dc59d0ed6534f93dd20

Co-authored-by: Wladimir J. van der Laan <laanwj@gmail.com>
2021-09-11 23:52:36 +03:00
Kittywhiskers Van Gogh
7f2e7d7ba7 merge #18364: remove getentropy() fallback for macOS < 10.12 2021-09-03 21:35:53 +05:30
Wladimir J. van der Laan
9009f57e27 Merge #14624: Some simple improvements to the RNG code
e414486d56b9f06af7aeb07ce13e3c3780c2b69b Do not permit copying FastRandomContexts (Pieter Wuille)
022cf47dd7ef8f46e32a184e84f94d1e9f3a495c Simplify testing RNG code (Pieter Wuille)
fd3e7973ffaaa15ed32e5aeadcb02956849b8fc7 Make unit tests use the insecure_rand_ctx exclusively (Pieter Wuille)
8d98d426116f0178612f14d1874d331042c4c4b7 Bugfix: randbytes should seed when needed (non reachable issue) (Pieter Wuille)
273d02580aa736b7ccea8fce51d90541665fdbd1 Use a FastRandomContext in LimitOrphanTxSize (Pieter Wuille)
3db746beb407f7cdd9cd6a605a195bef1254b4c0 Introduce a Shuffle for FastRandomContext and use it in wallet and coinselection (Pieter Wuille)
8098379be5465f598220e1d6174fc57c56f9da42 Use a local FastRandomContext in a few more places in net (Pieter Wuille)
9695f31d7544778853aa373f0aeed629fa68d85e Make addrman use its local RNG exclusively (Pieter Wuille)

Pull request description:

  This improves a few minor issues with the RNG code:
  * Avoid calling `GetRand*()` functions (which currently invoke OpenSSL, later may switch to using our own RNG pool) inside loops in addrman, networking code, `KnapsackSolver`, and `LimitOrphanSize`
  * Fix a currently unreachable bug in `FastRandomContext::randbytes`.
  * Make a number of simplifications to the unit tests' randomness code (some tests unnecessarily used their own RNG or the OpenSSL one, instead of using the unit test specific `insecure_rand_ctx`).
  * As a precaution, make it illegal to copy a `FastRandomContext`.

Tree-SHA512: 084c70b533ea68ca7adc0186c39f0b3e0a5c0ae43a12c37286e5d42086e056a8cd026dde61b12c0a296dc80f87fdc87fe303b9e8e6161b460ac2086cf7615f9d
2021-07-19 19:00:04 -05:00
fanquake
3c79f6120f Merge #17563: lib: fix a compiler warning: unused GetDevURandom()
ca2e47437277ef6851a739f247b44e73a53f21a1 Fix a compiler warning: unused GetDevURandom() (Vasil Dimov)

Pull request description:

  ~~Only define GetDevURandom() if it is going to be used.~~

  Silence by planting a dummy reference to the `GetDevURandom` symbol
  in the places where we don't call the function.

ACKs for top commit:
  practicalswift:
    ACK ca2e47437277ef6851a739f247b44e73a53f21a1 -- increased signal to noise in compiler diagnostics is good
  sipa:
    utACK ca2e47437277ef6851a739f247b44e73a53f21a1
  hebasto:
    re-ACK ca2e47437277ef6851a739f247b44e73a53f21a1, tested on macOS 10.15.6 + llvm clang 10.0.0

Tree-SHA512: 03c98f00dad5d9a3c5c9f68553d72ad5489ec02f18b9769108a22003ec7be7819a731b1eab6a9f64dafb5be0efddccf6980de7e3bb90cd20d4f4d72f74124675
2021-07-15 19:30:07 -05:00
Kittywhiskers Van Gogh
ef4dfa8524 merge bitcoin#14555: Move util files to directory
(script modified to account for Dash backports, doesn't account for rebasing)

------------- BEGIN SCRIPT ---------------
mkdir -p src/util
git mv src/util.h src/util/system.h
git mv src/util.cpp src/util/system.cpp
git mv src/utilmemory.h src/util/memory.h
git mv src/utilmoneystr.h src/util/moneystr.h
git mv src/utilmoneystr.cpp src/util/moneystr.cpp
git mv src/utilstrencodings.h src/util/strencodings.h
git mv src/utilstrencodings.cpp src/util/strencodings.cpp
git mv src/utiltime.h src/util/time.h
git mv src/utiltime.cpp src/util/time.cpp
git mv src/utilasmap.h src/util/asmap.h
git mv src/utilasmap.cpp src/util/asmap.cpp
git mv src/utilstring.h src/util/string.h
git mv src/utilstring.cpp src/util/string.cpp

gsed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
gsed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
gsed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
gsed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
gsed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
gsed -i 's/<utilasmap\.h>/<util\/asmap\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')
gsed -i 's/<utilstring\.h>/<util\/string\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp')

gsed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h
gsed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h
gsed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h
gsed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h
gsed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h
gsed -i 's/BITCOIN_UTILASMAP_H/BITCOIN_UTIL_ASMAP_H/g' src/util/asmap.h
gsed -i 's/BITCOIN_UTILSTRING_H/BITCOIN_UTIL_STRING_H/g' src/util/string.h

gsed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am
gsed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am
gsed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am
gsed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am
gsed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am
gsed -i 's/utilasmap\.\(h\|cpp\)/util\/asmap\.\1/g' src/Makefile.am
gsed -i 's/utilstring\.\(h\|cpp\)/util\/string\.\1/g' src/Makefile.am

gsed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh
gsed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh
gsed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh
gsed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh
------------- END   SCRIPT ---------------
2021-06-27 12:03:13 +05:30
Kittywhiskers Van Gogh
638fdf25fd bitcoin#18843: warn on potentially uninitialized reads 2021-06-17 19:54:52 +05:30
Kittywhiskers Van Gogh
944aea8753 merge #11599: Small locking rename 2021-06-06 16:22:17 +05:30
Kittywhiskers Van Gogh
c5c3dee308 merge #11640: Make LOCK, LOCK2, TRY_LOCK work with CWaitableCriticalSection 2021-06-06 16:22:17 +05:30
MarcoFalke
7475782bc0
Merge #13163: Make it clear which functions that are intended to be translation unit local
c3f34d06be Make it clear which functions that are intended to be translation unit local (practicalswift)

Pull request description:

  Make it clear which functions that are intended to be translation unit local.

  Do not share functions that are meant to be translation unit local with other translation units. Use internal linkage for those consistently.

Tree-SHA512: 05eebd233d5cfbf6116724eec3a99b465bf534ca220f2b6f5e56341a7da41387454d3cb6ceadd8ab6714a5df94069e4ad0dcab8801ccc7e8949be7199a19fb53
2021-05-25 14:09:36 +03:00
MarcoFalke
26ca2ce77d Merge #13236: break circular dependency: random/sync -> util -> random/sync
84f41946b9 break circular dependency: random/sync -> util -> random/sync (Chun Kuan Lee)

Pull request description:

  LogPrintf  has acutally been moved to logging.h

Tree-SHA512: a7135f5fea421e62f010f2e434873bd1c1738f115453377dada7d24900b3b095535d8aa0462c3acffdacf2f4e819e05ad39b13f2de5a36ac8f7b8467c639a0db
2020-07-18 03:08:13 -05:00
MarcoFalke
005d241fea Merge #11878: Add Travis check for duplicate includes
c36b720d00 Add Travis check for duplicate includes (practicalswift)
280023f31d Remove duplicate includes (practicalswift)

Pull request description:

  This enforces parts of the project header include guidelines (added by @sipa in #10575).

  Example run:

  ```
  $ git diff
  diff --git a/src/warnings.cpp b/src/warnings.cpp
  index c52a1fd..d8994dd 100644
  --- a/src/warnings.cpp
  +++ b/src/warnings.cpp
  @@ -5,6 +5,8 @@

   #include <sync.h>
   #include <clientversion.h>
  +#include <string>
   #include <util.h>
   #include <warnings.h>
  +#include <util.h>

  diff --git a/src/warnings.h b/src/warnings.h
  index e8e982c..8d2252e 100644
  --- a/src/warnings.h
  +++ b/src/warnings.h
  @@ -7,6 +7,7 @@
   #define BITCOIN_WARNINGS_H

   #include <stdlib.h>
   #include <string>
  +#include <stdlib.h>

   void SetMiscWarning(const std::string& strWarning);
  $ contrib/devtools/lint-includes.sh
  Duplicate include(s) in src/warnings.h:
  #include <stdlib.h>

  Include(s) from src/warnings.h duplicated in src/warnings.cpp:
  #include <string>

  Duplicate include(s) in src/warnings.cpp:
  #include <util.h>
  $ echo $?
  1
  $ git checkout .
  $ contrib/devtools/lint-includes.sh
  $ echo $?
  0
  ```

Tree-SHA512: f653d23c58ebc024dfc5b1fb8570698fd3c515c75b60b5cabbc43595548c488fca92349fa4c8b64460edbe61c879ff1d24f37f959e18552e202a7342460ddbf1
2020-07-01 20:12:03 -05:00
MarcoFalke
6a71087902 Merge #13314: Fix FreeBSD build by including utilstrencodings.h
c865ee1e73 Fix FreeBSD build by including utilstrencodings.h (Wladimir J. van der Laan)

Pull request description:

  `random.cpp` needs to explicitly include `utilstrencodings.h` to get `ARRAYLEN`. This fixes the FreeBSD build.

  This was broken in 84f41946b9026e8bf7bc44ed848dfb945394b693 (#13236).

Tree-SHA512: bdc2a28411ae217e40697c0315ef5a37cc2f5b6bc7bbde16684fb7343d1c1c620d67777a88e609a2190115edb08b823cfb5d31ed16356a7cb0d00c3b6f877c0e
2020-07-01 14:08:47 -05:00
Alexander Block
4118b77249 Better clarification for future conflict resolution 2020-04-14 15:16:51 +02:00
Wladimir J. van der Laan
d4065e79ac Merge #15324: test: Make bloom tests deterministic
fae169c95e09ddf068dcaebc8170c4f41b02cf66 test: Make bloom tests deterministic (MarcoFalke)

Pull request description:

  non-deterministic tests are useless, since a failing test could not be reproduced unless the seed is known.

Tree-SHA512: 4f634ff0c6adf663444f1ac504f6dbceaa46b78d697b840531977ba30006453ac559d5c21cc3eaef6d92b87d46008a34b0db6331ea3318001987fcfaec634acf
2020-04-14 15:16:51 +02:00
Alexander Block
8e5fbedf21 net: Use mockable time for tx download
# Conflicts:
#	src/net_processing.cpp
#	src/random.cpp
#	src/random.h
2020-04-08 14:51:14 +02:00
PastaPastaPasta
8a1ec935a0
Backport 11651 (#3358)
* scripted-diff: Replace #include "" with #include <> (ryanofsky)

-BEGIN VERIFY SCRIPT-
for f in \
  src/*.cpp \
  src/*.h \
  src/bench/*.cpp \
  src/bench/*.h \
  src/compat/*.cpp \
  src/compat/*.h \
  src/consensus/*.cpp \
  src/consensus/*.h \
  src/crypto/*.cpp \
  src/crypto/*.h \
  src/crypto/ctaes/*.h \
  src/policy/*.cpp \
  src/policy/*.h \
  src/primitives/*.cpp \
  src/primitives/*.h \
  src/qt/*.cpp \
  src/qt/*.h \
  src/qt/test/*.cpp \
  src/qt/test/*.h \
  src/rpc/*.cpp \
  src/rpc/*.h \
  src/script/*.cpp \
  src/script/*.h \
  src/support/*.cpp \
  src/support/*.h \
  src/support/allocators/*.h \
  src/test/*.cpp \
  src/test/*.h \
  src/wallet/*.cpp \
  src/wallet/*.h \
  src/wallet/test/*.cpp \
  src/wallet/test/*.h \
  src/zmq/*.cpp \
  src/zmq/*.h
do
  base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-

Signed-off-by: Pasta <pasta@dashboost.org>

* scripted-diff: Replace #include "" with #include <> (Dash Specific)

-BEGIN VERIFY SCRIPT-
for f in \
  src/bls/*.cpp \
  src/bls/*.h \
  src/evo/*.cpp \
  src/evo/*.h \
  src/governance/*.cpp \
  src/governance/*.h \
  src/llmq/*.cpp \
  src/llmq/*.h \
  src/masternode/*.cpp \
  src/masternode/*.h \
  src/privatesend/*.cpp \
  src/privatesend/*.h
do
  base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f
done
-END VERIFY SCRIPT-

Signed-off-by: Pasta <pasta@dashboost.org>

* build: Remove -I for everything but project root

Remove -I from build system for everything but the project root,
and built-in dependencies.

Signed-off-by: Pasta <pasta@dashboost.org>

# Conflicts:
#	src/Makefile.test.include

* qt: refactor: Use absolute include paths in .ui files

* qt: refactor: Changes to make include paths absolute

This makes all include paths in the GUI absolute.

Many changes are involved as every single source file in
src/qt/ assumes to be able to use relative includes.

Signed-off-by: Pasta <pasta@dashboost.org>

# Conflicts:
#	src/qt/dash.cpp
#	src/qt/optionsmodel.cpp
#	src/qt/test/rpcnestedtests.cpp

* test: refactor: Use absolute include paths for test data files

* Recommend #include<> syntax in developer notes

* refactor: Include obj/build.h instead of build.h

* END BACKPORT #11651 Remove trailing whitespace causing travis failure

* fix backport 11651

Signed-off-by: Pasta <pasta@dashboost.org>

* More of 11651

* fix blockchain.cpp

Signed-off-by: pasta <pasta@dashboost.org>

* Add missing "qt/" in includes

* Add missing "test/" in includes

* Fix trailing whitespaces

Co-authored-by: Wladimir J. van der Laan <laanwj@gmail.com>
Co-authored-by: Russell Yanofsky <russ@yanofsky.org>
Co-authored-by: MeshCollider <dobsonsa68@gmail.com>
Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com>
2020-03-20 01:46:56 +03:00
Wladimir J. van der Laan
c15a442663
Merge #10843: Add attribute [[noreturn]] (C++11) to functions that will not return
b82c55a Add attribute [[noreturn]] (C++11) to functions that will not return (practicalswift)

Pull request description:

  Add attribute `[[noreturn]]` (C++11) to functions that will not return.

  Rationale:
  * Reduce the number of false positives/false negatives from static analyzers with regards to things such as unused or unreachable code
  * Potentially enable additional compiler optimizations

Tree-SHA512: 899683fe8b2fcf19bd334352271d368b46b805be9d426aac1808335fd95732d6d7078d3296951b9879196f3f6e3ec0fdb7695d0afdc3fbe4dd78a2ca70e91ff7
Signed-off-by: Pasta <pasta@dashboost.org>

Fixes for bitcoin#10843 backport

10843 continued

Signed-off-by: Pasta <pasta@dashboost.org>
2020-01-03 08:35:55 -06:00
Pasta
1a0d52814e
#10483 scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal instead of the macro NULL
-BEGIN VERIFY SCRIPT-
sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h
sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp
sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp
sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp
sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp
sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp
-END VERIFY SCRIPT-

Signed-off-by: Pasta <pasta@dashboost.org>
2019-08-12 09:07:03 -05:00
UdjinM6
5bc53b6c26
Merge pull request #3043 from PastaPastaPasta/backports-0.15-pr23
Backports 0.15 pr23
2019-08-07 18:48:59 +03:00
Wladimir J. van der Laan
52aef4cfec
Merge #10301: Check if sys/random.h is required for getentropy.
ee2d10a Check if sys/random.h is required for getentropy on OSX. (James Hilliard)

Pull request description:

  This should check and include sys/random.h if required for osx as mentioned [here](https://github.com/bitcoin/bitcoin/pull/9821#issuecomment-290936636).

Tree-SHA512: e9491f67f2e8b2e6bcdbcbb8063295e844d5627daf5336e3e17b4a8027d888fa65a08e4580a745abdc35ffd8d86b4fc7434daaac172c4a06ab7566a2ed0bfb92
2019-08-01 14:41:39 -05:00
UdjinM6
51c84248ad
Merge pull request #3032 from PastaPastaPasta/backport-chacha-poly1305
Backport chacha-poly1305, prepare for V2 P2P Encrypted Messaging
2019-08-01 17:49:40 +03:00
Wladimir J. van der Laan
cea9e1cf01
Merge #10855: random: only use getentropy on openbsd
077d01f random: only use getentropy on openbsd (Cory Fields)

Pull request description:

  Follow-up from #10335. I can confirm that this fixes my issue when building against a new glibc + old linux headers for back-compat.

Tree-SHA512: a0fcf26995fbd3636f970e729a172c6e1d7c0de371e703f0653cd9776600f438ec43acd2b1eb92f2678a011968da8fbbeef8a54599434851f4c6ffe78291c172
2019-07-24 11:59:09 -05:00