< gleb>
vasild: Yeah, if there's only a handful of I2P nodes in the network, and a user wants to run on I2P exclusively — that'd be pretty risky.
< gleb>
Consider an eclipse attack or traffic analysis
< gleb>
On the Bitcoin p2p protocol layer I mean.
< vasild>
ah, this one, I see
< vasild>
yeah, running i2p _exclusively_ in the beginning (first 7 years) will may be not a good idea :)
< vasild>
that belongs to doc/i2p.md (not existent yet)
< wumpus>
vasild: how much is that really still a thing?
< vasild>
no idea
< wumpus>
i think UPnP is a terrible protocol, but I'm biased because the only RCE for bitcoin core that I know of used a UPnP xml parsing vulnerability
< wumpus>
one advantage of NATPMP/PCP is that the protocol consists of super simple binary packets, doesn't involve that kind of parsing at all
< wumpus>
so we could even consider enabling it by default
< wumpus>
but yes that's separate from the question 'should it be supported at all', i don't think upnp support is much code to maintain and if it's disabled by default it's low risk so i don't actually feel strongly about that
< wumpus>
i have no idea i have never heard that before
< wumpus>
basically i just though the 'NAT PMP is a low priority protocol' was a strange comment
< vasild>
it is
< vasild>
(strange comment)
< wumpus>
i think the NAT PMP PR is almost ready, the code change looks good to me and it works, we should definitely have it in 0.22
< wumpus>
discussion on whether to enable it by default or whether or not to deprecate UPnP doesn't need to be at the same time
< wumpus>
right now it adds it as an opt-in feature just like UPnP that's a good way to get started
< wumpus>
never delay anything on decisions that might be controversial or we'll still be waiting for it to get merged in 2025 :-)
< promag>
wumpus: create a bunch of dumb issues afaict
< bitcoin-git>
[bitcoin] MarcoFalke opened pull request #20715: util: Add ArgsManager::GetCommands() and use it in bitcoin-wallet (master...2012-argsCmd) https://github.com/bitcoin/bitcoin/pull/20715
< bitcoin-git>
[bitcoin] hebasto opened pull request #20716: ci: Fix COMMIT_RANGE variable value for cloned repos (master...201218-cloned) https://github.com/bitcoin/bitcoin/pull/20716
< bitcoin-git>
[bitcoin] hebasto closed pull request #20716: ci: Fix COMMIT_RANGE variable value for cloned repos (master...201218-cloned) https://github.com/bitcoin/bitcoin/pull/20716
< bitcoin-git>
[bitcoin] hebasto reopened pull request #20716: ci: Fix COMMIT_RANGE variable value for cloned repos (master...201218-cloned) https://github.com/bitcoin/bitcoin/pull/20716
< bitcoin-git>
[bitcoin] hebasto closed pull request #20716: ci: Fix COMMIT_RANGE variable value for cloned repos (master...201218-cloned) https://github.com/bitcoin/bitcoin/pull/20716
< bitcoin-git>
[bitcoin] hebasto opened pull request #20717: ci: Fix COMMIT_RANGE variable value for cloned repos (master...201218-clone) https://github.com/bitcoin/bitcoin/pull/20717
< hebasto>
cirrus builds somehow are not triggefred by new prs
< wumpus>
promag: cannot find the account at all
< bitcoin-git>
[gui] luke-jr opened pull request #157: Refactor P2PKH filtering, via AddressBookSortFilterProxyModel (master...gui_filter_p2pkh) https://github.com/bitcoin-core/gui/pull/157
< hebasto>
sorry for mess with the recent prs open-close, but I have no clue why cirrus is down on the main repo, and it works fine in the gui repo
< jonatack>
sorry, freenode keeps kicking me off, it doesn't like my vpn
< achow101>
would it be desirable for the MacOS code signing tool to still use codesign_allocate?
< sipa>
do you think you can easily replicate it in python?
< achow101>
not really. it seems like macholib doesn't quite do what we need, so I would need to implement my own macho parser and modifier
< achow101>
and that is decidely non trivial
< sipa>
no need then, i think
< sipa>
there is a working open-source tool that does this
< achow101>
right, we just need the signer to also use that
< sipa>
indeed
< sipa>
(and the right one!)
< achow101>
at least it's an easy problem to fix and solve since this works on non-macs too
< achow101>
and won't enforce apple signed codesign_allocate
< sipa>
and if you so desire, the functionality could be added to your tool later with no downsides
< andytoshi>
i'm having trouble building the fuzztests and i can't remember what i did last week that made it work
< andytoshi>
getting stuff like
< andytoshi>
/home/apoelstra/code/bitcoin/bitcoin/fuzz/src/./test/fuzz/fuzz.h:18: multiple definition of `FuzzFrameworkEmptyFun()'; test/fuzz/fuzz-addition_overflow.o:/home/apoelstra/code/bitcoin/bitcoin/fuzz/src/./test/fuzz/fuzz.h:18: first defined here
< andytoshi>
lots of these "multiple definition" errosr
< sipa>
this may be a result of #20560 being merged; does a make clean help?
< sipa>
i think we had some rudimentary support for building without specifically enabling fuzz, but the result wouldn't actually support fuzzing, just making sure stuff compiles
< andytoshi>
yeah, i've kept half an eye on that stuff but i'm not sure where we wound up
< andytoshi>
there is also some configuration which doesn't work with clang for me, but i can't remember what now
< sipa>
it's --with-sanitizer=fuzzer (+ whatever other sanitizers you want to enable in the fuzz tests)
< sipa>
* --with-sanitizers
< andytoshi>
yep. building now. will know in 15-20 mins :)
< sipa>
also see doc/fuzzing.md
< sipa>
you need more CPU cores (or more RAM)
< sipa>
:)
< andytoshi>
i have them! but i am building my computer in canada and i'm not there yet (and because of weird shipping costs i have half the parts with me and half of them there)
< andytoshi>
in a week i'll fly in, pockets full of RAM and a EPYC 7502, and i won't have to worry about this stuff
< andytoshi>
anyway...looks like it worked, except now it's telling me that there are no test to run and to reconfigure with --with-daemon
< andytoshi>
which definitely is new to me
< andytoshi>
and doesn't appear in the CI scripts
< jonatack>
so far the only change i've noticed since 20560 is how to run a fuzzer (the new way is documented in doc/fuzzing.md)
< jonatack>
./autogen.sh ; ./configure --enable-fuzz --with-sanitizers=address,fuzzer,undefined CC=clang CXX=clang++ && make distclean ; make -j5
< jonatack>
is my usual for fuzzing i think
< andytoshi>
ok that looks familiar. but when i try to run test/fuzz/test_runner.py it says i should reconfigure with --with-daemon
< sipa>
bizarre
< sipa>
i tested the PR before ACK'ing, including running test_runner.py
< jonatack>
oh i never got that script to work, i thought it was for the ci
< jonatack>
i just run individual fuzzers
< andytoshi>
hmm, it was definitely working for me a week ago
< andytoshi>
but i wasn't keeping track of what commit or what workdir i was in or anything, so idk what might've changed
< jonatack>
it's been a year since i last tried tho
< sipa>
i think you're callig test/functional/test_runner.py, not test/fuzz/test_runner.py
< andytoshi>
haha dammit
< andytoshi>
well i already did `make clean` so now i gotta wait another 20 minutes
< andytoshi>
fridays..
< sipa>
sounds like you need to install ccache
< andytoshi>
yeah, i really should
< andytoshi>
i installed it, is there anything else i should do? i guess reconfigure so Core detects that i have it
< sipa>
configure will automatically make use of it; all you need to do is install it
< andytoshi>
great thanks
< jonatack>
oh, it does work now...yay!
< andytoshi>
the fact that test_runner wasn't yelling at me for providing no corpus should've tipped me off that i was running the wrong script..
< andytoshi>
sipa: also, is there a good way to run all the fuzzers, against the qa-assets corpus, with a ton of iterations
< andytoshi>
other than editing test_runner.py runs=1 to runs=100000
< sipa>
why would you want to do more than 1 iteration
< andytoshi>
to test more mutations
< sipa>
(i should add that i didn't even knew about the existence of this script before reviewing 20560, i've never actually used it in production)
< sipa>
if you want mutations, you need to start it with -g
< andytoshi>
i assume that if you increase the --runs parameter, it will start from the seeds in the qa-assets corpus, and then search from there
< sipa>
if you don't, it'll just run the existing corpus, with no mutations
< andytoshi>
will -g use the qa-assets corpus? it sounds from the help text like it'll just overwrite it
< sipa>
that would be ridiculous, but let me check because i don't actually know
< sipa>
"Create new corpus seeds (or extend the existing ones) by running"