Merge bitcoin/bitcoin#33416: [27.x] Backports

aee53d60d3 doc: update release notes for 27.x (fanquake) be1a94a740 net: Do not apply whitelist permission to onion inbounds (Martin Zumsande) 640cc72577 depends: fix Qt macOS build with Clang 18 (fanquake) Pull request description: Backports: * #30198 (partial) * #33395 ACKs for top commit: willcl-ark: ACK aee53d60d3 Tree-SHA512: 7e1913df148dd1b264a337d7c14de34011a8002fb0950ab00f4c73c60e2df1b3098d3b5aad311d9b33c01416c4e5fa06f23592232d63e9a942eeeb23bd371b3a
2025-12-13 20:36:21 +01:00 · 2025-10-13 12:21:08 +01:00
parent ee048cd32b aee53d60d3
commit cf3a7e97ee
5 changed files with 57 additions and 5 deletions
--- a/depends/packages/qt.mk
+++ b/depends/packages/qt.mk
@@ -22,6 +22,7 @@ $(package)_patches += fast_fixed_dtoa_no_optimize.patch
 $(package)_patches += guix_cross_lib_path.patch
 $(package)_patches += fix-macos-linker.patch
 $(package)_patches += memory_resource.patch
+$(package)_patches += clang_18_libpng.patch
 $(package)_patches += utc_from_string_no_optimize.patch
 $(package)_patches += windows_lto.patch
 $(package)_patches += zlib-timebits64.patch
@@ -250,6 +251,7 @@ define $(package)_preprocess_cmds
  patch -p1 -i $($(package)_patch_dir)/qtbase-moc-ignore-gcc-macro.patch && \
  patch -p1 -i $($(package)_patch_dir)/use_android_ndk23.patch && \
  patch -p1 -i $($(package)_patch_dir)/memory_resource.patch && \
+  patch -p1 -i $($(package)_patch_dir)/clang_18_libpng.patch && \
  patch -p1 -i $($(package)_patch_dir)/rcc_hardcode_timestamp.patch && \
  patch -p1 -i $($(package)_patch_dir)/duplicate_lcqpafonts.patch && \
  patch -p1 -i $($(package)_patch_dir)/utc_from_string_no_optimize.patch && \
--- a/depends/patches/qt/clang_18_libpng.patch
+++ b/depends/patches/qt/clang_18_libpng.patch
@@ -0,0 +1,40 @@
+fix Qt macOS build with Clang 18
+
+    See:
+    https://github.com/pnggroup/libpng/commit/893b8113f04d408cc6177c6de19c9889a48faa24.
+
+    In a similar manner as zlib (madler/zlib#895),
+    libpng contains a header configuration that's no longer valid and
+    hasn't been exercised for the macOS target.
+
+    - The target OS conditional macros are misused. Specifically
+      `TARGET_OS_MAC` covers all Apple targets, including iOS, and it
+      should not be checked with `#if defined` as they would always be
+      defined (to either 1 or 0) on Apple platforms.
+    - `#include <fp.h>` no longer works for the macOS target and results
+      in a compilation failure. macOS ships all required functions in
+      `math.h`, and clients should use `math.h` instead.
+
+--- a/qtbase/src/3rdparty/libpng/pngpriv.h
+++ b/qtbase/src/3rdparty/libpng/pngpriv.h
+@@ -514,18 +514,8 @@
+     */
+ #  include <float.h>
+ 
+-#  if (defined(__MWERKS__) && defined(macintosh)) || defined(applec) || \
+-    defined(THINK_C) || defined(__SC__) || defined(TARGET_OS_MAC)
+-   /* We need to check that <math.h> hasn't already been included earlier
+-    * as it seems it doesn't agree with <fp.h>, yet we should really use
+-    * <fp.h> if possible.
+-    */
+-#    if !defined(__MATH_H__) && !defined(__MATH_H) && !defined(__cmath__)
+-#      include <fp.h>
+-#    endif
+-#  else
+-#    include <math.h>
+-#  endif
+#  include <math.h>
+
+ #  if defined(_AMIGA) && defined(__SASC) && defined(_M68881)
+    /* Amiga SAS/C: We must include builtin FPU functions when compiling using
+     * MATH=68881
--- a/doc/release-notes.md
+++ b/doc/release-notes.md
@@ -42,6 +42,10 @@ Notable changes

 External signing is not currently supported when compiling with Boost version 1.88.0 or later.

+### P2P
+
+- #33395 net: Do not apply whitelist permission to onion inbounds
+
 ### Test

 - #31419 test: fix MIN macro redefinition
@@ -50,6 +54,7 @@ External signing is not currently supported when compiling with Boost version 1.

 ### Build

+- #30198 depends: fix Qt macOS build with Clang 18
 - #31502 depends: Fix CXXFLAGS on NetBSD
 - #31627 depends: Fix spacing issue
 - #32070 build: use make < 3.82 syntax for define directive
@@ -74,7 +79,9 @@ Thanks to everyone who directly contributed to this release:
 - fanquake
 - Hennadii Stepanov
 - MarcoFalke
+- Martin Zumsande
 - Sjors Provoost
+- Vasil Dimov

 As well as to everyone that helped with translations on
 [Transifex](https://www.transifex.com/bitcoin/bitcoin/).
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -558,9 +558,9 @@ void CNode::CloseSocketDisconnect()
    m_i2p_sam_session.reset();
 }

-void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, const CNetAddr &addr) const {
+void CConnman::AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr) const {
    for (const auto& subnet : vWhitelistedRange) {
-        if (subnet.m_subnet.Match(addr)) NetPermissions::AddFlag(flags, subnet.m_flags);
+        if (addr.has_value() && subnet.m_subnet.Match(addr.value())) NetPermissions::AddFlag(flags, subnet.m_flags);
    }
 }

@@ -1726,7 +1726,11 @@ void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
 {
    int nInbound = 0;

-    AddWhitelistPermissionFlags(permission_flags, addr);
+    const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
+
+    // Tor inbound connections do not reveal the peer's actual network address.
+    // Therefore do not apply address-based whitelist permissions to them.
+    AddWhitelistPermissionFlags(permission_flags, inbound_onion ? std::optional<CNetAddr>{} : addr);
    if (NetPermissions::HasFlag(permission_flags, NetPermissionFlags::Implicit)) {
        NetPermissions::ClearFlag(permission_flags, NetPermissionFlags::Implicit);
        if (gArgs.GetBoolArg("-whitelistforcerelay", DEFAULT_WHITELISTFORCERELAY)) NetPermissions::AddFlag(permission_flags, NetPermissionFlags::ForceRelay);
@@ -1793,7 +1797,6 @@ void CConnman::CreateNodeFromAcceptedSocket(std::unique_ptr<Sock>&& sock,
        nodeServices = static_cast<ServiceFlags>(nodeServices | NODE_BLOOM);
    }

-    const bool inbound_onion = std::find(m_onion_binds.begin(), m_onion_binds.end(), addr_bind) != m_onion_binds.end();
    // The V2Transport transparently falls back to V1 behavior when an incoming V1 connection is
    // detected, so use it whenever we signal NODE_P2P_V2.
    const bool use_v2transport(nodeServices & NODE_P2P_V2);
--- a/src/net.h
+++ b/src/net.h
@@ -1339,7 +1339,7 @@ private:

    bool AttemptToEvictConnection();
    CNode* ConnectNode(CAddress addrConnect, const char *pszDest, bool fCountFailure, ConnectionType conn_type, bool use_v2transport) EXCLUSIVE_LOCKS_REQUIRED(!m_unused_i2p_sessions_mutex);
-    void AddWhitelistPermissionFlags(NetPermissionFlags& flags, const CNetAddr &addr) const;
+    void AddWhitelistPermissionFlags(NetPermissionFlags& flags, std::optional<CNetAddr> addr) const;

    void DeleteNode(CNode* pnode);