mirror of
https://github.com/dashpay/dash.git
synced 2024-12-26 12:32:48 +01:00
5179599526
c1dde3a949b36ce9c2155777b3fa1372e7ed97d8 No longer shutdown after encrypting the wallet (Andrew Chow) d7637c5a3f1d62922594cdfb6272e30dacf60ce9 After encrypting the wallet, reload the database environment (Andrew Chow) 5d296ac810755dc47f105eb95b52b7e2bcb8aea8 Add function to close all Db's and reload the databae environment (Andrew Chow) a769461d5e37ddcb771ae836254fdc69177a28c4 Move BerkeleyEnvironment deletion from internal method to callsite (Andrew Chow) Pull request description: This is the replacement for #11678 which implements @ryanofsky's [suggestion](https://github.com/bitcoin/bitcoin/pull/11678#pullrequestreview-76464511). Shutting down the software was to prevent the BDB environment from writing unencrypted private keys to disk in the database log files, as was noted [here](https://bitcointalk.org/index.php?topic=51474.msg616068#msg616068). This PR replaces the shutdown behavior with a CDBEnv flush, close, and reopen which achieves the same effect: everything is cleanly flushed and closed, the log files are removed, and then the environment reopened to continue normal operation. To ensure that no unencrypted private keys are in the log files after encrypting the wallet, I wrote [this script](https://gist.github.com/achow101/7f7143e6c3d3fdc034d3470e72823e9d) to pull private keys from the original wallet file and searches for these keys in the log files (note that you will have to change your file paths to make it work on your own machine). As for concerns about private keys being written to slack space or being kept in memory, these behaviors no longer exist after the original wallet encryption PR and the shutting down solution from 2011. cc @ryanofsky Tree-SHA512: 34b894283b0677a873d06dee46dff8424dec85a2973009ac9b84bcf3d22d05f227c494168c395219d9aee3178e420cf70d4b3eeacc9785aa86b6015d25758e75
157 lines
6.8 KiB
Python
Executable File
157 lines
6.8 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
# Copyright (c) 2016 The Bitcoin Core developers
|
|
# Distributed under the MIT software license, see the accompanying
|
|
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
|
"""Test the dumpwallet RPC."""
|
|
import os
|
|
import sys
|
|
|
|
from test_framework.test_framework import BitcoinTestFramework
|
|
from test_framework.util import (
|
|
assert_equal,
|
|
assert_raises_rpc_error,
|
|
)
|
|
|
|
|
|
def read_dump(file_name, addrs, script_addrs, hd_master_addr_old):
|
|
"""
|
|
Read the given dump, count the addrs that match, count change and reserve.
|
|
Also check that the old hd_master is inactive
|
|
"""
|
|
with open(file_name, encoding='utf8') as inputfile:
|
|
found_addr = 0
|
|
found_script_addr = 0
|
|
found_addr_chg = 0
|
|
found_addr_rsv = 0
|
|
hd_master_addr_ret = None
|
|
for line in inputfile:
|
|
# only read non comment lines
|
|
if line[0] != "#" and len(line) > 10:
|
|
# split out some data
|
|
key_label, comment = line.split("#")
|
|
# key = key_label.split(" ")[0]
|
|
keytype = key_label.split(" ")[2]
|
|
if len(comment) > 1:
|
|
addr_keypath = comment.split(" addr=")[1]
|
|
addr = addr_keypath.split(" ")[0]
|
|
keypath = None
|
|
if keytype == "inactivehdmaster=1":
|
|
# ensure the old master is still available
|
|
assert(hd_master_addr_old == addr)
|
|
elif keytype == "hdmaster=1":
|
|
# ensure we have generated a new hd master key
|
|
assert(hd_master_addr_old != addr)
|
|
hd_master_addr_ret = addr
|
|
elif keytype == "script=1":
|
|
# scripts don't have keypaths
|
|
keypath = None
|
|
else:
|
|
keypath = addr_keypath.rstrip().split("hdkeypath=")[1]
|
|
|
|
# count key types
|
|
for addrObj in addrs:
|
|
if addrObj['address'] == addr and addrObj['hdkeypath'] == keypath and keytype == "label=":
|
|
found_addr += 1
|
|
break
|
|
elif keytype == "change=1":
|
|
found_addr_chg += 1
|
|
break
|
|
elif keytype == "reserve=1":
|
|
found_addr_rsv += 1
|
|
break
|
|
|
|
# count scripts
|
|
for script_addr in script_addrs:
|
|
if script_addr == addr.rstrip() and keytype == "script=1":
|
|
found_script_addr += 1
|
|
break
|
|
|
|
return found_addr, found_script_addr, found_addr_chg, found_addr_rsv, hd_master_addr_ret
|
|
|
|
|
|
class WalletDumpTest(BitcoinTestFramework):
|
|
def set_test_params(self):
|
|
self.setup_clean_chain = True
|
|
self.num_nodes = 1
|
|
self.extra_args = [["-keypool=90", "-usehd=1"]]
|
|
|
|
def setup_network(self):
|
|
# TODO remove this when usehd=1 becomes the default
|
|
# use our own cache and -usehd=1 as extra arg as the default cache is run with -usehd=0
|
|
self.options.tmpdir = os.path.join(self.options.tmpdir, 'hd')
|
|
self.options.cachedir = os.path.join(self.options.cachedir, 'hd')
|
|
self._initialize_chain(extra_args=self.extra_args[0], stderr=sys.stdout)
|
|
self.set_cache_mocktime()
|
|
# Use 1 minute timeout because the initial getnewaddress RPC can take
|
|
# longer than the default 30 seconds due to an expensive
|
|
# CWallet::TopUpKeyPool call, and the encryptwallet RPC made later in
|
|
# the test often takes even longer.
|
|
self.add_nodes(self.num_nodes, extra_args=self.extra_args, timewait=60, stderr=sys.stdout)
|
|
self.start_nodes()
|
|
|
|
def run_test (self):
|
|
wallet_unenc_dump = os.path.join(self.nodes[0].datadir, "wallet.unencrypted.dump")
|
|
wallet_enc_dump = os.path.join(self.nodes[0].datadir, "wallet.encrypted.dump")
|
|
|
|
# generate 20 addresses to compare against the dump
|
|
test_addr_count = 20
|
|
addrs = []
|
|
for i in range(0,test_addr_count):
|
|
addr = self.nodes[0].getnewaddress()
|
|
vaddr= self.nodes[0].getaddressinfo(addr) #required to get hd keypath
|
|
addrs.append(vaddr)
|
|
# Should be a no-op:
|
|
self.nodes[0].keypoolrefill()
|
|
|
|
# Test scripts dump by adding a 1-of-1 multisig address
|
|
multisig_addr = self.nodes[0].addmultisigaddress(1, [addrs[1]["address"]])["address"]
|
|
script_addrs = [multisig_addr]
|
|
|
|
# dump unencrypted wallet
|
|
result = self.nodes[0].dumpwallet(wallet_unenc_dump)
|
|
assert_equal(result['filename'], wallet_unenc_dump)
|
|
|
|
found_addr, found_script_addr, found_addr_chg, found_addr_rsv, hd_master_addr_unenc = \
|
|
read_dump(wallet_unenc_dump, addrs, script_addrs, None)
|
|
assert_equal(found_addr, test_addr_count) # all keys must be in the dump
|
|
# This is 1, not 2 because we aren't testing for witness scripts
|
|
assert_equal(found_script_addr, 1) # all scripts must be in the dump
|
|
assert_equal(found_addr_chg, 50) # 50 blocks where mined
|
|
assert_equal(found_addr_rsv, 180) # keypool size (external+internal)
|
|
|
|
#encrypt wallet, restart, unlock and dump
|
|
self.nodes[0].encryptwallet('test')
|
|
self.nodes[0].walletpassphrase('test', 30)
|
|
# Should be a no-op:
|
|
self.nodes[0].keypoolrefill()
|
|
self.nodes[0].dumpwallet(wallet_enc_dump)
|
|
|
|
found_addr, found_script_addr, found_addr_chg, found_addr_rsv, _ = \
|
|
read_dump(wallet_enc_dump, addrs, script_addrs, hd_master_addr_unenc)
|
|
assert_equal(found_addr, test_addr_count)
|
|
# This is 1, not 2 because we aren't testing for witness scripts
|
|
assert_equal(found_script_addr, 1)
|
|
# TODO clarify if we want the behavior that is tested below in Dash (only when HD seed was generated and not user-provided)
|
|
# assert_equal(found_addr_chg, 180 + 50) # old reserve keys are marked as change now
|
|
assert_equal(found_addr_rsv, 180) # keypool size
|
|
|
|
# Overwriting should fail
|
|
assert_raises_rpc_error(-8, "already exists", lambda: self.nodes[0].dumpwallet(wallet_enc_dump))
|
|
|
|
# Restart node with new wallet, and test importwallet
|
|
self.stop_node(0)
|
|
self.start_node(0, ['-wallet=w2'])
|
|
|
|
# Make sure the address is not IsMine before import
|
|
result = self.nodes[0].getaddressinfo(multisig_addr)
|
|
assert(result['ismine'] == False)
|
|
|
|
self.nodes[0].importwallet(wallet_unenc_dump)
|
|
|
|
# Now check IsMine is true
|
|
result = self.nodes[0].getaddressinfo(multisig_addr)
|
|
assert(result['ismine'] == True)
|
|
|
|
if __name__ == '__main__':
|
|
WalletDumpTest().main()
|