Rework Software Expiry #134
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Approach ACK |
luke-jr
requested changes
Jun 5, 2025
| QMessageBox::critical(nullptr, QObject::tr("Software expired"), QObject::tr("This software is expired, and may be out of consensus. You must choose to upgrade or override this expiration.")); | ||
| return EXIT_FAILURE; | ||
| if (IsThisSoftwareExpiringSoon(GetTime())) { | ||
| QMessageBox::warning(nullptr, QObject::tr("Software expires soon"), QObject::tr("This software expires soon, and may fall out of consensus. You must choose to upgrade, or override this expiration with the 'softwareexpiry' option (Unix datetime, or 0 for no expiry).")); |
There was a problem hiding this comment.
Probably shouldn't pause startup waiting for a response
| return EXIT_FAILURE; | ||
| } | ||
|
|
||
| gArgs.ModifyRWConfigFile("softwareexpiry", "0"); |
There was a problem hiding this comment.
rwconf is kind of deprecated at this point (superceded by settings.json)
| return EXIT_FAILURE; | ||
| } | ||
|
|
||
| gArgs.ModifyRWConfigFile("softwareexpiry", "0"); |
There was a problem hiding this comment.
Probably shouldn't persist forever, and should reset to default if the user upgrades?
| @@ -4458,12 +4458,13 @@ static bool ContextualCheckBlockHeader(const CBlockHeader& block, BlockValidatio | |||
| if (IsThisSoftwareExpired(block.nTime)) { | |||
| // Wait an extra day before we start rejecting blocks | |||
| CBlockIndex const *blockindex_old = pindexPrev; | |||
| for (int i = 0; i < 144; ++i) { | |||
| for (int i = 0; i < std::min(144, pindexPrev->nHeight); ++i) { | |||
There was a problem hiding this comment.
I suppose it should be
Suggested change
| for (int i = 0; i < std::min(144, pindexPrev->nHeight); ++i) { | |
| for (int i = 0; i < std::min(144, pindexPrev->nHeight - 1); ++i) { |
?
But to avoid re-calculating it every iteration, better to offset the starting index.
| assert(blockindex_old); | ||
| blockindex_old = blockindex_old->pprev; | ||
| } | ||
| assert(blockindex_old); | ||
| if (IsThisSoftwareExpired(blockindex_old->GetMedianTimePast())) { | ||
| chainman.GetNotifications().fatalError(_("This software is expired, and may be out of consensus. You must choose to upgrade, or override this expiration with the 'softwareexpiry' option (Unix datetime, or 0 for no expiry).")); |
There was a problem hiding this comment.
Maybe use warningSet so it shows up in RPC, -alertnotify, etc?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As an alternative to #124.
bitcoindandbitcoin-qt.bitcoindstartup failure message for expired software.bitcoin-qtstartup error message for expired software with an input box requiring the user to typeI accept this software may be unsafe.to continue (overriding expiry this way updates configuration).bitcoindorbitcoin-qtexpire at runtime, rather than silently rejecting blocks.The rationale for these changes is largely explained by my comments on the above-linked PR. I considered using the same prompt at runtime as at startup for
bitcoin-qt, but the churn required was much higher with minimal benefit (as it stands, the software pops up a dialog telling the user the software is expired, on closing,bitcoin-qtexits, and if the user tries to start it again, they get the override prompt).As a brief summary:
bitcoind, shutting down with an error message telling the user how to override is effectively identical to pushing a prompt for continued operation when running attached to a terminal and, when not running attached to a terminal (eg disowned, or under a service manager), a prompt cannot be displayed anyway.bitcoin-qtnow gives the user the opportunity to override without going and manually editing the configuration files, without simply showing them a dialog they can hit yes on to continue without thinking about anything.