mirrors/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-18 21:35:13 +01:00
Code Issues Projects Releases Wiki Activity
Bitcoin Core integration/staging tree
42,920 Commits 6 Branches 321 Tags 5.7 GiB
C++ 64%
Python 19.9%
C 12.4%
CMake 1.2%
Shell 0.9%
Other 1.5%
6e21dedbf2
Go to file
merge-script 6e21dedbf2
Merge bitcoin/bitcoin#31130: Drop miniupnp dependency 
40e5f26a3f mapport: remove dead code in DispatchMapPort (Antoine Poinsot)
38fdf7c1fb mapport: drop outdated comments (Antoine Poinsot)
b7b2435290 doc: add release note for #31130 (Antoine Poinsot)
1b6dec98da depends: drop miniupnpc (Antoine Poinsot)
953533d021 doc: remove mentions of UPnP (Antoine Poinsot)
94ad614482 ci: remove UPnP options (Antoine Poinsot)
a9598e5eaa build: drop miniupnpc dependency (Antoine Poinsot)
a5fcfb7385 interfaces: remove now unused 'use_upnp' arg from 'mapPort' (Antoine Poinsot)
038bbe7b20 daemon: remove UPnP support (Antoine Poinsot)
844770b05e qt: remove UPnP settings (Antoine Poinsot)

Pull request description:

  This PR removes UPnP IGD support and drops our [miniupnp](https://github.com/miniupnp/miniupnp) dependency.

  Miniupnpc is a C library (somewhat) maintained by a single person which had several vulnerabilities in the past (a couple dozens are listed [here](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=miniupnp)), some of which directly affected our software ([RCE in 2015](https://bitcoincore.org/en/2024/07/03/disclose_upnp_rce/), [OOM in 2020](https://bitcoincore.org/en/2024/07/31/disclose-upnp-oom/)).

  The main purpose of this functionality is to have more (non-data-center) reachable nodes on the network. For a non-technical user running Bitcoin Core at home, the software would automatically open a port on their router to receive incoming connections. This way, users not able to manually open a port on their router would still provide the network with more resources and enhance its diversity.

  However, due to past vulnerabilities (and a worry about unknown future ones) in miniupnpc this feature was disabled by default in https://github.com/bitcoin/bitcoin/pull/6795. Having it disabled by default kills (most of?) the purpose of having this functionality in the first place: someone technical enough to understand the `-upnp` startup option or the "enable UPnP" setting is most likely able to open a port on his box in the first place.

  In addition, laanwj implemented PCP with a NAT-PMP fallback directly in Bitcoin Core in https://github.com/bitcoin/bitcoin/pull/30043. If we ever want to re-enable automatic NAT traversal by default in Bitcoin Core, this is the best option (and in my opinion the only sane one). The NAT-PMP fallback makes it so compatibility shouldn't be (much of) an issue.

  On balance, i believe that keeping this functionality and this barely maintained C dependency has higher costs than benefits. Therefore i propose that we get rid of it.

ACKs for top commit:
  jarolrod:
    ACK 40e5f26a3f
  1440000bytes:
    Code Review ACK 40e5f26a3f
  laanwj:
    Code review ACK 40e5f26a3f
  i-am-yuvi:
    Tested ACK 40e5f26a3f

Tree-SHA512: 9ea48662775510f5ec6de7af65790f7c8d211603398e9d8c634a86387be81b28081419a95b4d6680d3d7fe6a9f16cec99f16516548201dc7e49781909899a657
2024-10-28 10:47:34 +00:00
.github ci: remove UPnP options 2024-10-25 09:27:12 -04:00
.tx qt: Bump Transifex slug for 28.x 2024-07-30 16:14:19 +01:00
ci Merge bitcoin/bitcoin#31130: Drop miniupnp dependency 2024-10-28 10:47:34 +00:00
cmake build: drop miniupnpc dependency 2024-10-24 18:23:31 +02:00
contrib Merge bitcoin/bitcoin#31121: guix: Enable CET for glibc package 2024-10-21 14:59:32 +01:00
depends Merge bitcoin/bitcoin#31130: Drop miniupnp dependency 2024-10-28 10:47:34 +00:00
doc Merge bitcoin/bitcoin#31130: Drop miniupnp dependency 2024-10-28 10:47:34 +00:00
share Merge bitcoin/bitcoin#26334: Add Signet and testnet4 launch shortcuts for Windows 2024-10-21 15:00:32 +01:00
src Merge bitcoin/bitcoin#31130: Drop miniupnp dependency 2024-10-28 10:47:34 +00:00
test Merge bitcoin/bitcoin#31130: Drop miniupnp dependency 2024-10-28 10:47:34 +00:00
.cirrus.yml ci: Inline PACKAGE_MANAGER_INSTALL 2024-09-26 18:52:08 +02:00
.editorconfig code style: update .editorconfig file 2024-09-13 17:55:10 +02:00
.gitattributes
.gitignore build: Remove Autotools-based build system 2024-08-30 21:31:39 +01:00
.python-version Bump python minimum supported version to 3.10 2024-08-28 15:53:07 +02:00
.style.yapf
CMakeLists.txt build: drop miniupnpc dependency 2024-10-24 18:23:31 +02:00
CMakePresets.json build: drop miniupnpc dependency 2024-10-24 18:23:31 +02:00
CONTRIBUTING.md doc: replace Autotools with CMake 2024-08-29 16:06:29 +01:00
COPYING
INSTALL.md
libbitcoinkernel.pc.in build: Add a pkg-config file for libbitcoinkernel 2024-09-06 21:35:07 +02:00
README.md doc: cmake: prepend and explain "build/" where needed 2024-10-11 11:24:21 -06:00
SECURITY.md
vcpkg.json build: drop miniupnpc dependency 2024-10-24 18:23:31 +02:00

README.md

Bitcoin Core integration/staging tree

https://bitcoincore.org

For an immediately usable, binary version of the Bitcoin Core software, see https://bitcoincore.org/en/download/.

What is Bitcoin Core?

Bitcoin Core connects to the Bitcoin peer-to-peer network to download and fully validate blocks and transactions. It also includes a wallet and graphical user interface, which can be optionally built.

Further information about Bitcoin Core is available in the doc folder.

License

Bitcoin Core is released under the terms of the MIT license. See COPYING for more information or see https://opensource.org/licenses/MIT.

Development Process

The master branch is regularly built (see doc/build-*.md for instructions) and tested, but it is not guaranteed to be completely stable. Tags are created regularly from release branches to indicate new official, stable release versions of Bitcoin Core.

The https://github.com/bitcoin-core/gui repository is used exclusively for the development of the GUI. Its master branch is identical in all monotree repositories. Release branches and tags do not exist, so please do not fork that repository unless it is for development reasons.

The contribution workflow is described in CONTRIBUTING.md and useful hints for developers can be found in doc/developer-notes.md.

Testing

Testing and code review is the bottleneck for development; we get more pull requests than we can review and test on short notice. Please be patient and help out by testing other people's pull requests, and remember this is a security-critical project where any mistake might cost people lots of money.

Automated Testing

Developers are strongly encouraged to write unit tests for new code, and to submit new unit tests for old code. Unit tests can be compiled and run (assuming they weren't disabled during the generation of the build system) with: ctest. Further details on running and extending unit tests can be found in /src/test/README.md.

There are also regression and integration tests, written in Python. These tests can be run (if the test dependencies are installed) with: build/test/functional/test_runner.py (assuming build is your build directory).

The CI (Continuous Integration) systems make sure that every pull request is built for Windows, Linux, and macOS, and that unit/sanity tests are run automatically.

Manual Quality Assurance (QA) Testing

Changes should be tested by somebody other than the developer who wrote the code. This is especially important for large or high-risk changes. It is useful to add a test plan to the pull request description if testing the changes is not straightforward.

Translations

Changes to translations as well as new translations can be submitted to Bitcoin Core's Transifex page.

Translations are periodically pulled from Transifex and merged into the git repository. See the translation process for details on how this works.

Important: We do not accept translation changes as GitHub pull requests because the next pull from Transifex would automatically overwrite them again.