Merge branch 'dev'

This fixes a bug where sensitive data could be logged to STDOUT, such
as private keys and filenames which contain private keys. This data
was never written to disk, but someone could redirect all STDOUT
to a file on disk with "./silentdragon &> out.txt" or share the STDOUT
in a bug report and not realize private keys were in that data.

application.qrc

@@ -26,9 +26,6 @@
     <qresource prefix="/img">
         <file alias="hushdlogo.png">res/hushdlogo.png</file>
         <file alias="logobig.gif">res/logobig.gif</file>
-        <file alias="silentdragon-animated.gif">res/silentdragon-animated.gif</file>
-        <file alias="silentdragon-animated-dark.gif">res/silentdragon-animated-dark.gif</file>
-        <file alias="silentdragon-animated-startup.gif">res/silentdragon-animated-startup.gif</file>
         <file alias="silentdragon-animated-startup-dark.gif">res/silentdragon-animated-startup-dark.gif</file>
     </qresource>
     <qresource prefix="/translations">

build.sh

@@ -4,18 +4,7 @@
 
 set -e
 UNAME=$(uname)
-
+VERSION=$(grep APP_VERSION src/version.h |cut -d\" -f2)
-if [ "$UNAME" == "Linux" ] ; then
-    JOBS=$(nproc)
-elif [ "$UNAME" == "FreeBSD" ] ; then
-    JOBS=$(nproc)
-elif [ "$UNAME" == "Darwin" ] ; then
-    JOBS=$(sysctl -n hw.ncpu)
-else
-    JOBS=1
-fi
-
-VERSION=$(cat src/version.h |cut -d\" -f2)
 CONF=${SDCONF:-silentdragon.pro}
 WALLET="SilentDragon"
 if [ "$CONF" == "silentdragonx.pro" ] ; then
@@ -40,12 +29,12 @@ make --version
 
 qbuild () {
    qmake $CONF -spec linux-clang CONFIG+=debug
-   make -j$JOBS
+   make -j2 "$@"
 }
 
 qbuild_release () {
    qmake $CONF -spec linux-clang CONFIG+=release
-   make -j$JOBS
+   make -j2 "$@"
 }
 
 if [ "$1" == "clean" ]; then
@@ -55,9 +44,9 @@ elif [ "$1" == "linguist" ]; then
     lrelease $CONF
 elif [ "$1" == "cleanbuild" ]; then
    make clean
-   qbuild
+   qbuild "$@"
 elif [ "$1" == "release" ]; then
-   qbuild_release
+   qbuild_release "$@"
 else
-   qbuild
+   qbuild "$@"
 fi

doc/relnotes/README.md

@@ -10,6 +10,17 @@ and no longer on Github, since they banned Duke Leto and
 also because they censor many people around the world and work with
 evil organizations.
 
+# SilentDragon 1.4.2 "Waggish Weevil"
+
+```
+ 11 files changed, 35 insertions(+), 32 deletions(-)
+```
+
+    * Fix a coredump that can happen after importing a private key https://git.hush.is/hush/SilentDragon/issues/155
+    * Prevent the logging of sensitive data to STDOUT, since it could be redirected to a file or shared in a bug report or screenshot https://git.hush.is/hush/SilentDragon/commit/2754629a95c1efe603b3c3245f90a26b3ed7f177
+    * Update startup animation graphic https://git.hush.is/hush/SilentDragon/pulls/147
+    * Allow compiling with a custom number of jobs in build.sh https://git.hush.is/hush/SilentDragon/issues/156
+
 # SilentDragon 1.4.1 "Scintillating Sundew"
 
 ```
@@ -29,8 +40,6 @@ evil organizations.
   * New Tab "Debug Log" renders content of debug.log
     * Allows showing the last X lines of debug.log, defaults to 50 lines
 
-
-
 # SilentDragon 1.4.0 "Zany Zooid"
 
 ```

src/connection.cpp

@@ -890,15 +890,25 @@ Connection::~Connection() {
 void Connection::doRPC(const QJsonValue& payload, const std::function<void(QJsonValue)>& cb,
                        const std::function<void(QNetworkReply*, const QJsonValue&)>& ne) {
     if (shutdownInProgress) {
-        qDebug() << __func__ << ": Ignoring RPC because shutdown in progress";
+        DEBUG("Ignoring RPC because shutdown in progress");
         return;
     }
 
     if(payload.isNull() || payload.isUndefined()) {
-        qDebug() << "no payload! ignoring";
+        DEBUG("no payload! ignoring");
         return;
     } else {
-        qDebug() << __func__ << ": " << payload["method"].toString() << payload;
+        // this will match importprivkey z_importkey z_importviewingkey  importwallet z_importwallet
+        // and some other RPCs that have no GUI
+        // So this code ends up redacting payloads which contain private keys and filenames which contain private keys
+        QRegExp re("import");
+        //DEBUG("payload.toString==" << payload["method"].toString());
+        //DEBUG("payload.toString.indexIn==" << re.indexIn(payload["method"].toString()) );
+        if( re.indexIn(payload["method"].toString()) == -1 ) {
+            DEBUG( payload["method"].toString() << payload );
+        } else {
+            DEBUG( payload["method"].toString() << " PAYLOAD REDACTED " );
+        }
     }
 
     QJsonDocument jd_rpc_call(payload.toObject());
@@ -909,7 +919,7 @@ void Connection::doRPC(const QJsonValue& payload, const std::function<void(QJson
     QObject::connect(reply, &QNetworkReply::finished, [=] {
         reply->deleteLater();
         if (shutdownInProgress) {
-            // Ignoring callback because shutdown in progress
+            DEBUG("Ignoring callback because shutdown in progress");
             return;
         }
 

src/mainwindow.cpp

@@ -1320,7 +1320,8 @@ void MainWindow::importPrivKey() {
             if (rescan) {
                 //TODO: verify rescanfrom is a valid integer
                 rpc->rescan(pui.rescanfrom->text().trimmed().toInt() , [=] (QJsonValue response){
-                    qDebug() << __func__ << ":rescanning from height " << pui.rescanfrom->text().toInt() << " finished" << response;
+                    //DEBUG("rescanning from height " << pui.rescanfrom->text().toInt() << " finished" << response);
+                    DEBUG("rescanning finished" << response);
                     ui->statusBar->showMessage(tr("Rescanning finished"), 5000);
                 });
             }

src/rpc.cpp

@@ -369,7 +369,7 @@ void RPC::importTPrivKey(QString privkey, bool rescan, const std::function<void(
 
     // If privkey starts with 5, K or L, use old-style Hush params, same as BTC+ZEC
     if( privkey.startsWith("5") || privkey.startsWith("K") || privkey.startsWith("L") ) {
-        qDebug() << "Detected old-style HUSH WIF";
+        DEBUG("Detected old-style taddr HUSH WIF");
         payload = {
             {"jsonrpc", "1.0"},
             {"id", "42"},
@@ -377,7 +377,7 @@ void RPC::importTPrivKey(QString privkey, bool rescan, const std::function<void(
             {"params", QJsonArray { privkey, "", rescan , "0", "128" }},
         };
     } else {
-        qDebug() << "Detected new-style HUSH WIF";
+        DEBUG("Detected new-style taddr HUSH WIF");
         payload = {
             {"jsonrpc", "1.0"},
             {"id", "42"},
@@ -386,7 +386,7 @@ void RPC::importTPrivKey(QString privkey, bool rescan, const std::function<void(
         };
     }
 
-    qDebug() <<  "Importing WIF with rescan=" << rescan;
+    DEBUG("Importing taddr WIF with rescan=" << rescan);
 
     conn->doRPCWithDefaultErrorHandling(payload, cb);
 }
@@ -1715,7 +1715,7 @@ void RPC::shutdownHushd() {
         d.setWindowTitle("SilentDragonX");
     }
 
-    QMovie *movie1 = new QMovie(":/img/silentdragon-animated-dark.gif");;
+    QMovie *movie1 = new QMovie(":/img/silentdragon-animated-startup-dark.gif");;
     auto theme = Settings::getInstance()->get_theme_name();
     movie1->setScaledSize(QSize(512,512));
     connD.topIcon->setMovie(movie1);

src/sendtab.cpp

@@ -693,7 +693,7 @@ bool MainWindow::confirmTx(Tx tx) {
         return true;
     } else {
         return false;
-    }        
+    }
 }
 
 // Send button clicked
@@ -720,7 +720,7 @@ void MainWindow::sendButton() {
         auto connD = new Ui_ConnectionDialog();
         connD->setupUi(d);
 
-        QMovie *movie1 = new QMovie(":/img/silentdragon-animated-dark.gif");;
+        QMovie *movie1 = new QMovie(":/img/silentdragon-animated-startup-dark.gif");;
         auto theme = Settings::getInstance()->get_theme_name();
         movie1->setScaledSize(QSize(512,512));
         connD->topIcon->setMovie(movie1);

src/version.h

@@ -1 +1 @@
-#define APP_VERSION "1.4.1"
+#define APP_VERSION "1.4.2"