40e5f26a3f mapport: remove dead code in DispatchMapPort (Antoine Poinsot)
38fdf7c1fb mapport: drop outdated comments (Antoine Poinsot)
b7b2435290 doc: add release note for #31130 (Antoine Poinsot)
1b6dec98da depends: drop miniupnpc (Antoine Poinsot)
953533d021 doc: remove mentions of UPnP (Antoine Poinsot)
94ad614482 ci: remove UPnP options (Antoine Poinsot)
a9598e5eaa build: drop miniupnpc dependency (Antoine Poinsot)
a5fcfb7385 interfaces: remove now unused 'use_upnp' arg from 'mapPort' (Antoine Poinsot)
038bbe7b20 daemon: remove UPnP support (Antoine Poinsot)
844770b05e qt: remove UPnP settings (Antoine Poinsot)
Pull request description:
This PR removes UPnP IGD support and drops our [miniupnp](https://github.com/miniupnp/miniupnp) dependency.
Miniupnpc is a C library (somewhat) maintained by a single person which had several vulnerabilities in the past (a couple dozens are listed [here](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=miniupnp)), some of which directly affected our software ([RCE in 2015](https://bitcoincore.org/en/2024/07/03/disclose_upnp_rce/), [OOM in 2020](https://bitcoincore.org/en/2024/07/31/disclose-upnp-oom/)).
The main purpose of this functionality is to have more (non-data-center) reachable nodes on the network. For a non-technical user running Bitcoin Core at home, the software would automatically open a port on their router to receive incoming connections. This way, users not able to manually open a port on their router would still provide the network with more resources and enhance its diversity.
However, due to past vulnerabilities (and a worry about unknown future ones) in miniupnpc this feature was disabled by default in https://github.com/bitcoin/bitcoin/pull/6795. Having it disabled by default kills (most of?) the purpose of having this functionality in the first place: someone technical enough to understand the `-upnp` startup option or the "enable UPnP" setting is most likely able to open a port on his box in the first place.
In addition, laanwj implemented PCP with a NAT-PMP fallback directly in Bitcoin Core in https://github.com/bitcoin/bitcoin/pull/30043. If we ever want to re-enable automatic NAT traversal by default in Bitcoin Core, this is the best option (and in my opinion the only sane one). The NAT-PMP fallback makes it so compatibility shouldn't be (much of) an issue.
On balance, i believe that keeping this functionality and this barely maintained C dependency has higher costs than benefits. Therefore i propose that we get rid of it.
ACKs for top commit:
jarolrod:
ACK 40e5f26a3f
1440000bytes:
Code Review ACK 40e5f26a3f
laanwj:
Code review ACK 40e5f26a3f
i-am-yuvi:
Tested ACK 40e5f26a3f
Tree-SHA512: 9ea48662775510f5ec6de7af65790f7c8d211603398e9d8c634a86387be81b28081419a95b4d6680d3d7fe6a9f16cec99f16516548201dc7e49781909899a657
The file test/functional/example_test.py is a heavily commented example
of a test case that uses both the RPC and P2P interfaces. If you are writing your first test, copy
that file and modify to fit your needs.
Coverage
Assuming the build directory is build,
running build/test/functional/test_runner.py with the --coverage argument tracks which RPCs are
called by the tests and prints a report of uncovered RPCs in the summary. This
can be used (along with the --extended argument) to find out which RPCs we
don't have test cases for.
Use a python linter like flake8 before submitting PRs to catch common style
nits (eg trailing whitespace, unused imports, etc)
The oldest supported Python version is specified in doc/dependencies.md.
Consider using pyenv, which checks .python-version,
to prevent accidentally introducing modern syntax from an unsupported Python version.
The CI linter job also checks this, but possibly not in all cases.
See the python lint script that checks for violations that
could lead to bugs and issues in the test code.
Use type hints in your code to improve code readability
and to detect possible bugs earlier.
Avoid wildcard imports.
If more than one name from a module is needed, use lexicographically sorted multi-line imports
in order to reduce the possibility of potential merge conflicts.
Use a module-level docstring to describe what the test is testing, and how it
is testing it.
When subclassing the BitcoinTestFramework, place overrides for the
set_test_params(), add_options() and setup_xxxx() methods at the top of
the subclass, then locally-defined helper methods, then the run_test() method.
Use f'{x}' for string formatting in preference to '{}'.format(x) or '%s' % x.
Use platform.system() for detecting the running operating system and os.name to
check whether it's a POSIX system (see also the skip_if_platform_not_{linux,posix}
methods in the BitcoinTestFramework class, which can be used to skip a whole test
depending on the platform).
Naming guidelines
Name the test <area>_test.py, where area can be one of the following:
feature for tests for full features that aren't wallet/mining/mempool, eg feature_rbf.py
interface for tests for other interfaces (REST, ZMQ, etc), eg interface_rest.py
mempool for tests for mempool behaviour, eg mempool_reorg.py
mining for tests for mining features, eg mining_prioritisetransaction.py
p2p for tests that explicitly test the p2p interface, eg p2p_disconnect_ban.py
rpc for tests for individual RPC methods or features, eg rpc_listtransactions.py
tool for tests for tools, eg tool_wallet.py
wallet for tests for wallet features, eg wallet_keypool.py
Use an underscore to separate words
exception: for tests for specific RPCs or command line options which don't include underscores, name the test after the exact RPC or argument name, eg rpc_decodescript.py, not rpc_decode_script.py
Don't use the redundant word test in the name, eg interface_zmq.py, not interface_zmq_test.py
General test-writing advice
Instead of inline comments or no test documentation at all, log the comments to the test log, e.g.
self.log.info('Create enough transactions to fill a block'). Logs make the test code easier to read and the test
logic easier to debug.
Set self.num_nodes to the minimum number of nodes necessary for the test.
Having additional unrequired nodes adds to the execution time of the test as
well as memory/CPU/disk requirements (which is important when running tests in
parallel).
Avoid stop-starting the nodes multiple times during the test if possible. A
stop-start takes several seconds, so doing it several times blows up the
runtime of the test.
Set the self.setup_clean_chain variable in set_test_params() to True to
initialize an empty blockchain and start from the Genesis block, rather than
load a premined blockchain from cache with the default value of False. The
cached data directories contain a 200-block pre-mined blockchain with the
spendable mining rewards being split between four nodes. Each node has 25
mature block subsidies (25x50=1250 BTC) in its wallet. Using them is much more
efficient than mining blocks in your test.
When calling RPCs with lots of arguments, consider using named keyword
arguments instead of positional arguments to make the intent of the call
clear to readers.
Many of the core test framework classes such as CBlock and CTransaction
don't allow new attributes to be added to their objects at runtime like
typical Python objects allow. This helps prevent unpredictable side effects
from typographical errors or usage of the objects outside of their intended
purpose.
RPC and P2P definitions
Test writers may find it helpful to refer to the definitions for the RPC and
P2P messages. These can be found in the following source files:
/src/rpc/* for RPCs
/src/wallet/rpc* for wallet RPCs
ProcessMessage() in /src/net_processing.cpp for parsing P2P messages
Using the P2P interface
P2Ps can be used to test specific P2P protocol behavior.
p2p.py contains test framework p2p objects and
messages.py contains all the definitions for objects passed
over the network (CBlock, CTransaction, etc, along with the network-level
wrappers for them, msg_block, msg_tx, etc).
P2P tests have two threads. One thread handles all network communication
with the bitcoind(s) being tested in a callback-based event loop; the other
implements the test logic.
P2PConnection is the class used to connect to a bitcoind. P2PInterface
contains the higher level logic for processing P2P payloads and connecting to
the Bitcoin Core node application logic. For custom behaviour, subclass the
P2PInterface object and override the callback methods.
They can also be referenced by indexing into a TestNode's p2ps list, which
contains the list of test framework p2p objects connected to itself
(it does not include any TestNodes):
The TestShell class exposes the BitcoinTestFramework
functionality to interactive Python3 environments and can be used to prototype
tests. This may be especially useful in a REPL environment with session logging
utilities, such as
IPython.
The logs of such interactive sessions can later be adapted into permanent test
cases.
Helper functions for creating blocks and transactions.
Benchmarking with perf
An easy way to profile node performance during functional tests is provided
for Linux platforms using perf.
Perf will sample the running node and will generate profile data in the node's
datadir. The profile data can then be presented using perf report or a graphical
tool like hotspot.
There are two ways of invoking perf: one is to use the --perf flag when
running tests, which will profile each node during the entire test run: perf
begins to profile when the node starts and ends when it shuts down. The other
way is the use the profile_with_perf context manager, e.g.
withnode.profile_with_perf("send-big-msgs"):# Perform activity on the node you're interested in profiling, e.g.:for_inrange(10000):node.p2ps[0].send_message(some_large_message)
To see useful textual output, run
perf report -i /path/to/datadir/send-big-msgs.perf.data.xxxx --stdio | c++filt | less
6e21dedbf2