Verify TLS certificates w/ wget in fetch-params.sh
Per NCC-2016-017, wget was being run with `--no-check-certificate`, which means that the connection can be man-in-the-middled, even if we are verifying the integrity of the parameters later via hash sums.
The rationale cited in the Bash comments does not stand up to scrutiny. There's really no persuasive reason not to verify certificates.
Fixes#1346.
Add a make command for checking expected failures
With this merged, we can add gtests prefixed with `DISABLED_`, and then configure Buildbot to run those tests but not require they pass in order to merge.
Per NCC-2016-017, wget was run with --no-check-certificate,
which means that the connection can be man-in-the-middled,
even if we are verifying the integrity of the params later via hash sums.
The rationale cited in the Bash comments does not stand up to scrutiny.
There's really no persuasive reason not to verify certificates.
Fixes#1346.
Improvements to fetch-params.sh
Two instances of the fetch-params.sh script running at once will result in corruption of the proving key and an error when the hashes are computed. This implements a lock to stop such a scenario from occurring.
We also terminate and don't create the symlinks if the downloaded parameters fail the checksum command.
Fixes#1306. This is the same as #1310 but now targeting master.
Fix casting error in GetFilteredNotes
Use int for minDepth like upstream instead of size_t which can lead to casting problems if a wallet tx has a depth of -1.
Also don't use FindMyNotes as mapNoteData has already been set on wallet tx.
@str4d As dicussed. This should be merged before other PRs related to wallet.
People seem to agree that dnsseed.* is a more intuitive address.
The original address was committed to beta1 as a result of a misunderstanding.
The DNS seeder service will be updated to coincide with at beta2 release.
Two instances of the fetch-params.sh script running at once will
result in corruption of the proving key and an error when the
hashes are computed. This implements a lock to stop such a
scenario from occurring.
We also terminate and don't create the symlinks if the downloaded
parameters fail the checksum command.
Upstream patch: Fix and improve relay from whitelisted peers
https://github.com/bitcoin/bitcoin/pull/7106
a9f3d3db5c0c8d1697998ed9b3e192ddbf9a31f4
An extra commit modifies the log message string, otherwise there are are a number of commits that need be to backported to add methods e.g. GetDebugMessage. These commits modify the interface in consensus/validation.h so there are conflicts to be resolved. e.g.
9003c7c
a9ac95c
5f12263
fbf44e6
