revert to #7677 #7679

2018-01-25 02:48:19 +03:00 · 2018-01-25 02:48:19 +03:00 · 568dc33a02
parent cf10450108
commit 568dc33a02
23 changed files with 1496 additions and 586 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -18,9 +18,9 @@ linux-stable:
  stage: build
  image: parity/rust:gitlab-ci
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - rustup default stable
@ -36,9 +36,9 @@ linux-stable-debian:
  stage: build
  image: parity/rust-debian:gitlab-ci
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - export LIBSSL="libssl1.1 (>=1.1.0)"
@ -53,9 +53,9 @@ linux-centos:
  stage: build
  image: parity/rust-centos:gitlab-ci
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - scripts/gitlab-build.sh x86_64-unknown-centos-gnu x86_64-unknown-linux-gnu x86_64 gcc g++
@ -69,9 +69,9 @@ linux-i686:
  stage: build
  image: parity/rust-i686:gitlab-ci
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - scripts/gitlab-build.sh i686-unknown-linux-gnu i686-unknown-linux-gnu i386 gcc g++
@ -85,9 +85,9 @@ linux-armv7:
  stage: build
  image: parity/rust-armv7:gitlab-ci
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - scripts/gitlab-build.sh armv7-unknown-linux-gnueabihf armv7-unknown-linux-gnueabihf armhf arm-linux-gnueabihf-gcc arm-linux-gnueabihf-g++
@ -101,9 +101,9 @@ linux-arm:
  stage: build
  image: parity/rust-arm:gitlab-ci
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - scripts/gitlab-build.sh arm-unknown-linux-gnueabihf arm-unknown-linux-gnueabihf armhf arm-linux-gnueabihf-gcc arm-linux-gnueabihf-g++
@ -117,9 +117,9 @@ linux-aarch64:
  stage: build
  image: parity/rust-arm64:gitlab-ci
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - scripts/gitlab-build.sh aarch64-unknown-linux-gnu aarch64-unknown-linux-gnu arm64 aarch64-linux-gnu-gcc aarch64-linux-gnu-g++
@ -149,9 +149,9 @@ linux-snap:
 darwin:
  stage: build
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - scripts/gitlab-build.sh x86_64-apple-darwin x86_64-apple-darwin macos gcc g++
@ -167,9 +167,9 @@ windows:
    untracked: true
  stage: build
  only:
    - stable
    - beta
    - tags
    - stable
    - triggers
  script:
    - sh scripts/gitlab-build.sh x86_64-pc-windows-msvc x86_64-pc-windows-msvc installer "" "" ""
@ -182,8 +182,6 @@ windows:
 docker-build:
  stage: build
  only:
    - stable
    - beta
    - tags
    - triggers
  before_script:
@ -246,8 +244,8 @@ js-release:
  stage: js-build
  only:
    - master
    - stable
    - beta
    - stable
    - tags
    - triggers
  image: parity/rust:gitlab-ci
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2671,7 +2671,7 @@ dependencies = [
 [[package]]
 name = "rocksdb"
 version = "0.4.5"
-source = "git+https://github.com/paritytech/rust-rocksdb#ecf06adf3148ab10f6f7686b724498382ff4f36e"
+source = "git+https://github.com/paritytech/rust-rocksdb#7adec2311d31387a832b0ef051472cdef906b480"
 dependencies = [
 "libc 0.2.31 (registry+https://github.com/rust-lang/crates.io-index)",
 "local-encoding 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
@ -2681,11 +2681,10 @@ dependencies = [
 [[package]]
 name = "rocksdb-sys"
 version = "0.3.0"
-source = "git+https://github.com/paritytech/rust-rocksdb#ecf06adf3148ab10f6f7686b724498382ff4f36e"
+source = "git+https://github.com/paritytech/rust-rocksdb#7adec2311d31387a832b0ef051472cdef906b480"
 dependencies = [
 "cc 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
 "libc 0.2.31 (registry+https://github.com/rust-lang/crates.io-index)",
 "local-encoding 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
 "snappy-sys 0.1.0 (git+https://github.com/paritytech/rust-snappy)",
 ]
--- a/dapps/src/handlers/mod.rs
+++ b/dapps/src/handlers/mod.rs
@ -47,8 +47,6 @@ pub fn add_security_headers(headers: &mut header::Headers, embeddable_on: Embedd
 	// Content Security Policy headers
 	headers.set_raw("Content-Security-Policy", String::new()
 		// Restrict everything to the same origin by default.
 		+ "default-src 'self';"
 		// Allow connecting to WS servers and HTTP(S) servers.
 		// We could be more restrictive and allow only RPC server URL.
 		+ "connect-src http: https: ws: wss:;"
@ -66,9 +64,7 @@ pub fn add_security_headers(headers: &mut header::Headers, embeddable_on: Embedd
 		+ "style-src 'self' 'unsafe-inline' data: blob: https:;"
 		// Allow fonts from data: and HTTPS.
 		+ "font-src 'self' data: https:;"
-		// Disallow objects
+		// Allow inline scripts and scripts eval (webpack/jsconsole)
 		+ "object-src 'none';"
 		// Allow scripts
 		+ {
 			let script_src = embeddable_on.as_ref()
 				.map(|e| e.extra_script_src.iter()
@ -76,16 +72,18 @@ pub fn add_security_headers(headers: &mut header::Headers, embeddable_on: Embedd
 					 .join(" ")
 				).unwrap_or_default();
 			&format!(
-				"script-src 'self' {};",
+				"script-src 'self' 'unsafe-inline' 'unsafe-eval' {};",
 				script_src
 			)
 		}
 		// Same restrictions as script-src with additional
 		// blob: that is required for camera access (worker)
-		+ "worker-src 'self' https: blob:;"
+		+ "worker-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:;"
 		// Restrict everything else to the same origin.
 		+ "default-src 'self';"
 		// Run in sandbox mode (although it's not fully safe since we allow same-origin and script)
 		+ "sandbox allow-same-origin allow-forms allow-modals allow-popups allow-presentation allow-scripts;"
-		// Disallow submitting forms from any dapps
+		// Disallow subitting forms from any dapps
 		+ "form-action 'none';"
 		// Never allow mixed content
 		+ "block-all-mixed-content;"
--- a/ethcore/src/engines/authority_round/mod.rs
+++ b/ethcore/src/engines/authority_round/mod.rs
@ -44,7 +44,8 @@ use bigint::hash::{H256, H520};
 use semantic_version::SemanticVersion;
 use parking_lot::{Mutex, RwLock};
 use unexpected::{Mismatch, OutOfBounds};
-use util::Address;
+use util::*;
 use bytes::Bytes;
 mod finality;
@ -290,11 +291,9 @@ struct EpochVerifier {
 impl super::EpochVerifier<EthereumMachine> for EpochVerifier {
 	fn verify_light(&self, header: &Header) -> Result<(), Error> {
 		// Validate the timestamp
 		verify_timestamp(&*self.step, header_step(header)?)?;
 		// always check the seal since it's fast.
 		// nothing heavier to do.
-		verify_external(header, &self.subchain_validators)
+		verify_external(header, &self.subchain_validators, &*self.step, |_| {})
 	}
 	fn check_finality_proof(&self, proof: &[u8]) -> Option<Vec<H256>> {
@ -318,7 +317,7 @@ impl super::EpochVerifier<EthereumMachine> for EpochVerifier {
 			//
 			// `verify_external` checks that signature is correct and author == signer.
 			if header.seal().len() != 2 { return None }
-			otry!(verify_external(header, &self.subchain_validators).ok());
+			otry!(verify_external(header, &self.subchain_validators, &*self.step, |_| {}).ok());
 			let newly_finalized = otry!(finality_checker.push_hash(header.hash(), header.author().clone()).ok());
 			finalized.extend(newly_finalized);
@ -328,6 +327,16 @@ impl super::EpochVerifier<EthereumMachine> for EpochVerifier {
 	}
 }
 // Report misbehavior
 #[derive(Debug)]
 #[allow(dead_code)]
 enum Report {
 	// Malicious behavior
 	Malicious(Address, BlockNumber, Bytes),
 	// benign misbehavior
 	Benign(Address, BlockNumber),
 }
 fn header_step(header: &Header) -> Result<usize, ::rlp::DecoderError> {
 	UntrustedRlp::new(&header.seal().get(0).expect("was either checked with verify_block_basic or is genesis; has 2 fields; qed (Make sure the spec file has a correct genesis seal)")).as_val()
 }
@ -346,35 +355,34 @@ fn is_step_proposer(validators: &ValidatorSet, bh: &H256, step: usize, address:
 	step_proposer(validators, bh, step) == *address
 }
-fn verify_timestamp(step: &Step, header_step: usize) -> Result<(), BlockError> {
+fn verify_external<F: Fn(Report)>(header: &Header, validators: &ValidatorSet, step: &Step, report: F)
-	match step.check_future(header_step) {
+	-> Result<(), Error>
-		Err(None) => {
+{
 			trace!(target: "engine", "verify_timestamp: block from the future");
 			Err(BlockError::InvalidSeal.into())
 		},
 		Err(Some(oob)) => {
 			// NOTE This error might be returned only in early stage of verification (Stage 1).
 			// Returning it further won't recover the sync process.
 			trace!(target: "engine", "verify_timestamp: block too early");
 			Err(BlockError::TemporarilyInvalid(oob).into())
 		},
 		Ok(_) => Ok(()),
 	}
 }
 fn verify_external(header: &Header, validators: &ValidatorSet) -> Result<(), Error> {
 	let header_step = header_step(header)?;
-	let proposer_signature = header_signature(header)?;
+	match step.check_future(header_step) {
-	let correct_proposer = validators.get(header.parent_hash(), header_step);
+		Err(None) => {
-	let is_invalid_proposer = *header.author() != correct_proposer ||
+			trace!(target: "engine", "verify_block_external: block from the future");
-		!verify_address(&correct_proposer, &proposer_signature, &header.bare_hash())?;
+			report(Report::Benign(*header.author(), header.number()));
 			return Err(BlockError::InvalidSeal.into())
 		},
 		Err(Some(oob)) => {
 			trace!(target: "engine", "verify_block_external: block too early");
 			return Err(BlockError::TemporarilyInvalid(oob).into())
 		},
 		Ok(_) => {
 			let proposer_signature = header_signature(header)?;
 			let correct_proposer = validators.get(header.parent_hash(), header_step);
 			let is_invalid_proposer = *header.author() != correct_proposer ||
 				!verify_address(&correct_proposer, &proposer_signature, &header.bare_hash())?;
-	if is_invalid_proposer {
+			if is_invalid_proposer {
-		trace!(target: "engine", "verify_block_external: bad proposer for step: {}", header_step);
+				trace!(target: "engine", "verify_block_external: bad proposer for step: {}", header_step);
-		Err(EngineError::NotProposer(Mismatch { expected: correct_proposer, found: header.author().clone() }))?
+				Err(EngineError::NotProposer(Mismatch { expected: correct_proposer, found: header.author().clone() }))?
-	} else {
+			} else {
-		Ok(())
+				Ok(())
 			}
 		}
 	}
 }
@ -647,38 +655,26 @@ impl Engine<EthereumMachine> for AuthorityRound {
 	/// Check the number of seal fields.
 	fn verify_block_basic(&self, header: &Header) -> Result<(), Error> {
 		if header.number() >= self.validate_score_transition && *header.difficulty() >= U256::from(U128::max_value()) {
-			return Err(From::from(BlockError::DifficultyOutOfBounds(
+			Err(From::from(BlockError::DifficultyOutOfBounds(
 				OutOfBounds { min: None, max: Some(U256::from(U128::max_value())), found: *header.difficulty() }
-			)));
+			)))
-		}
+		} else {
-
+			Ok(())
 		// TODO [ToDr] Should this go from epoch manager?
 		// If yes then probably benign reporting needs to be moved further in the verification.
 		let set_number = header.number();
 		match verify_timestamp(&*self.step, header_step(header)?) {
 			Err(BlockError::InvalidSeal) => {
 				self.validators.report_benign(header.author(), set_number, header.number());
 				Err(BlockError::InvalidSeal.into())
 			}
 			Err(e) => Err(e.into()),
 			Ok(()) => Ok(()),
 		}
 	}
 	/// Do the step and gas limit validation.
 	fn verify_block_family(&self, header: &Header, parent: &Header) -> Result<(), Error> {
 		let step = header_step(header)?;
 		let parent_step = header_step(parent)?;
 		// TODO [ToDr] Should this go from epoch manager?
 		let set_number = header.number();
 		// Ensure header is from the step after parent.
 		if step == parent_step
 			|| (header.number() >= self.validate_step_transition && step <= parent_step) {
 			trace!(target: "engine", "Multiple blocks proposed for step {}.", parent_step);
-			self.validators.report_malicious(header.author(), set_number, header.number(), Default::default());
+			self.validators.report_malicious(header.author(), header.number(), header.number(), Default::default());
 			Err(EngineError::DoubleVote(header.author().clone()))?;
 		}
@ -691,7 +687,7 @@ impl Engine<EthereumMachine> for AuthorityRound {
 				let skipped_primary = step_proposer(&*self.validators, &parent.hash(), s);
 				// Do not report this signer.
 				if skipped_primary != me {
-					self.validators.report_benign(&skipped_primary, set_number, header.number());
+					self.validators.report_benign(&skipped_primary, header.number(), header.number());
 				}
 				// Stop reporting once validators start repeating.
 				if !reported.insert(skipped_primary) { break; }
@ -706,8 +702,9 @@ impl Engine<EthereumMachine> for AuthorityRound {
 		// fetch correct validator set for current epoch, taking into account
 		// finality of previous transitions.
 		let active_set;
-		let validators = if self.immediate_transitions {
+
-			&*self.validators
+		let (validators, set_number) = if self.immediate_transitions {
 			(&*self.validators, header.number())
 		} else {
 			// get correct validator set for epoch.
 			let client = match self.client.read().as_ref().and_then(|weak| weak.upgrade()) {
@ -725,12 +722,21 @@ impl Engine<EthereumMachine> for AuthorityRound {
 			}
 			active_set = epoch_manager.validators().clone();
-			&active_set as &_
+			(&active_set as &_, epoch_manager.epoch_transition_number)
 		};
 		// always report with "self.validators" so that the report actually gets
 		// to the contract.
 		let report = |report| match report {
 			Report::Benign(address, block_number) =>
 				self.validators.report_benign(&address, set_number, block_number),
 			Report::Malicious(address, block_number, proof) =>
 				self.validators.report_malicious(&address, set_number, block_number, proof),
 		};
 		// verify signature against fixed list, but reports should go to the
 		// contract itself.
-		verify_external(header, validators)
+		verify_external(header, validators, &*self.step, report)
 	}
 	fn genesis_epoch_data(&self, header: &Header, call: &Call) -> Result<Vec<u8>, String> {
@ -1053,7 +1059,8 @@ mod tests {
 		assert!(engine.verify_block_family(&header, &parent_header).is_ok());
 		assert!(engine.verify_block_external(&header).is_ok());
 		header.set_seal(vec![encode(&5usize).into_vec(), encode(&(&*signature as &[u8])).into_vec()]);
-		assert!(engine.verify_block_basic(&header).is_err());
+		assert!(engine.verify_block_family(&header, &parent_header).is_ok());
 		assert!(engine.verify_block_external(&header).is_err());
 	}
 	#[test]
@ -1193,4 +1200,3 @@ mod tests {
 		AuthorityRound::new(params, machine).unwrap();
 	}
 }
--- a/ethcore/src/engines/validator_set/contract.rs
+++ b/ethcore/src/engines/validator_set/contract.rs
@ -192,7 +192,7 @@ mod tests {
 		header.set_number(2);
 		header.set_parent_hash(client.chain_info().best_block_hash);
 		// `reportBenign` when the designated proposer releases block from the future (bad clock).
-		assert!(client.engine().verify_block_basic(&header).is_err());
+		assert!(client.engine().verify_block_external(&header).is_err());
 		// Seal a block.
 		client.engine().step();
 		assert_eq!(client.chain_info().best_block_number, 1);
--- a/ethcore/src/state/mod.rs
+++ b/ethcore/src/state/mod.rs
@ -1406,7 +1406,7 @@ mod tests {
 	}
 	#[test]
-	fn should_trace_delegatecall_properly() {
+	fn should_not_trace_delegatecall() {
 		init_log();
 		let mut state = get_temp_state();
@ -1426,7 +1426,7 @@ mod tests {
 		}.sign(&secret(), None);
 		state.init_code(&0xa.into(), FromHex::from_hex("6000600060006000600b618000f4").unwrap()).unwrap();
-		state.init_code(&0xb.into(), FromHex::from_hex("60056000526001601ff3").unwrap()).unwrap();
+		state.init_code(&0xb.into(), FromHex::from_hex("6000").unwrap()).unwrap();
 		let result = state.apply(&info, &machine, &t, true).unwrap();
 		let expected_trace = vec![FlatTrace {
@ -1441,23 +1441,23 @@ mod tests {
 				call_type: CallType::Call,
 			}),
 			result: trace::Res::Call(trace::CallResult {
-				gas_used: U256::from(736), // in post-eip150
+				gas_used: U256::from(721), // in post-eip150
 				output: vec![]
 			}),
 		}, FlatTrace {
 			trace_address: vec![0].into_iter().collect(),
 			subtraces: 0,
 			action: trace::Action::Call(trace::Call {
-				from: 0xa.into(),
+				from: "9cce34f7ab185c7aba1b7c8140d620b4bda941d6".into(),
-				to: 0xb.into(),
+				to: 0xa.into(),
 				value: 0.into(),
 				gas: 32768.into(),
 				input: vec![],
 				call_type: CallType::DelegateCall,
 			}),
 			result: trace::Res::Call(trace::CallResult {
-				gas_used: 18.into(),
+				gas_used: 3.into(),
-				output: vec![5],
+				output: vec![],
 			}),
 		}];
--- a/ethcore/src/trace/types/trace.rs
+++ b/ethcore/src/trace/types/trace.rs
@ -74,23 +74,13 @@ pub struct Call {
 impl From<ActionParams> for Call {
 	fn from(p: ActionParams) -> Self {
-		match p.call_type {
+		Call {
-			CallType::DelegateCall => Call {
+			from: p.sender,
-				from: p.address,
+			to: p.address,
-				to: p.code_address,
+			value: p.value.value(),
-				value: p.value.value(),
+			gas: p.gas,
-				gas: p.gas,
+			input: p.data.unwrap_or_else(Vec::new),
-				input: p.data.unwrap_or_else(Vec::new),
+			call_type: p.call_type,
 				call_type: p.call_type,
 			},
 			_ => Call {
 				from: p.sender,
 				to: p.address,
 				value: p.value.value(),
 				gas: p.gas,
 				input: p.data.unwrap_or_else(Vec::new),
 				call_type: p.call_type,
 			},
 		}
 	}
 }
--- a/js-old/src/redux/store.js
+++ b/js-old/src/redux/store.js
@ -65,15 +65,15 @@ export default function (api, browserHistory, forEmbed = false) {
      .then(() => console.log('v1: started Status Provider'))
      .then(() => console.log('v1: starting Personal Provider...'))
-      .then(() => withTimeoutForLight('personal', PersonalProvider.start(), store))
+      .then(() => PersonalProvider.start())
      .then(() => console.log('v1: started Personal Provider'))
      .then(() => console.log('v1: starting Balances Provider...'))
-      .then(() => withTimeoutForLight('balances', BalancesProvider.start(), store))
+      .then(() => BalancesProvider.start())
      .then(() => console.log('v1: started Balances Provider'))
      .then(() => console.log('v1: starting Tokens Provider...'))
-      .then(() => withTimeoutForLight('tokens', TokensProvider.start(), store))
+      .then(() => TokensProvider.start())
      .then(() => console.log('v1: started Tokens Provider'));
  };
@ -97,39 +97,3 @@ export default function (api, browserHistory, forEmbed = false) {
  return store;
 }
 function withTimeoutForLight (id, promise, store) {
  const { nodeKind } = store.getState().nodeStatus;
  const isLightNode = nodeKind.capability !== 'full';
  if (!isLightNode) {
    // make sure that no values are passed
    return promise.then(() => {});
  }
  return new Promise((resolve, reject) => {
    let isResolved = false;
    const doResolve = () => {
      if (!isResolved) {
        isResolved = true;
        resolve();
      }
    };
    const timeout = setTimeout(() => {
      console.warn(`Resolving ${id} by timeout.`);
      doResolve();
    }, 1000);
    promise
      .then(() => {
        clearTimeout(timeout);
        doResolve();
      })
      .catch(err => {
        clearTimeout(timeout);
        if (!isResolved) {
          reject(err);
        }
      });
  });
 }
--- a/js/package-lock.json
+++ b/js/package-lock.json
--- a/js/package.json
+++ b/js/package.json
@ -170,6 +170,7 @@
    "redux": "3.7.2",
    "semantic-ui-react": "0.77.0",
    "solc": "ngotchac/solc-js",
-    "store": "1.3.20"
+    "store": "1.3.20",
    "web3": "1.0.0-beta.26"
  }
 }
--- a/js/src/Status/DefaultAccount/defaultAccount.css
+++ b/js/src/Status/DefaultAccount/defaultAccount.css
@ -26,14 +26,11 @@
 .list {
  margin: 0 !important;
  padding: 1em 1em !important;
-  background-color: white;
+  background-color: #f5f5f5;
 }
-.accountsList {
+.isDefault {
-  background-color: #f5f5f5;
+  background-color: white;
  height: 300px;
  overflow-y: auto;
 }
 .hasOtherAccounts {
--- a/js/src/Status/DefaultAccount/defaultAccount.js
+++ b/js/src/Status/DefaultAccount/defaultAccount.js
@ -68,14 +68,14 @@ class DefaultAccount extends Component {
        }
        content={
          <div>
-            <List relaxed='very' selection className={ [styles.list, allAccounts.length > 1 && styles.hasOtherAccounts].join(' ') }>
+            <List relaxed='very' selection className={ [styles.list, styles.isDefault, allAccounts.length > 1 && styles.hasOtherAccounts].join(' ') }>
              <AccountItem
                isDefault
                account={ defaultAccount }
              />
            </List>
            {allAccounts.length > 1 &&
-              <List relaxed='very' selection className={ [styles.list, styles.accountsList].join(' ') } divided>
+              <List relaxed='very' selection className={ styles.list } divided>
                {allAccounts
                  .filter(({ address }) => address !== defaultAddress)
                  .map(account => (
--- a/js/src/inject.js
+++ b/js/src/inject.js
@ -16,6 +16,7 @@
 import Api from '@parity/api';
 import qs from 'query-string';
 import Web3 from 'web3';
 function initProvider () {
  const path = window.location.pathname.split('/');
@ -47,9 +48,24 @@ function initProvider () {
 }
 function initWeb3 (ethereum) {
-  const currentProvider = new Api.Provider.SendAsync(ethereum);
+  // FIXME: Use standard provider for web3
  const provider = new Api.Provider.SendAsync(ethereum);
  const web3 = new Web3(provider);
-  window.web3 = { currentProvider };
+  if (!web3.currentProvider) {
    web3.currentProvider = provider;
  }
  // set default account
  web3.eth.getAccounts((error, accounts) => {
    if (error || !accounts || !accounts[0]) {
      return;
    }
    web3.eth.defaultAccount = accounts[0];
  });
  window.web3 = web3;
 }
 function initParity (ethereum) {
--- a/nsis/installer.nsi
+++ b/nsis/installer.nsi
@ -9,7 +9,7 @@
 !define COMPANYNAME "Parity Technologies"
 !define DESCRIPTION "Fast, light, robust Ethereum implementation"
 !define VERSIONMAJOR 1
-!define VERSIONMINOR 9
+!define VERSIONMINOR 10
 !define VERSIONBUILD 0
 !define ARGS ""
 !define FIRST_START_ARGS "--mode=passive ui"
--- a/parity/configuration.rs
+++ b/parity/configuration.rs
@ -586,12 +586,7 @@ impl Configuration {
 				let mut extra_embed = dev_ui.clone();
 				match self.ui_hosts() {
 					// In case host validation is disabled allow all frame ancestors
-					None => {
+					None => extra_embed.push(("*".to_owned(), ui_port)),
 						// NOTE Chrome does not seem to support "*:<port>"
 						// we use `http(s)://*:<port>` instead.
 						extra_embed.push(("http://*".to_owned(), ui_port));
 						extra_embed.push(("https://*".to_owned(), ui_port));
 					},
 					Some(hosts) => extra_embed.extend(hosts.into_iter().filter_map(|host| {
 						let mut it = host.split(":");
 						let host = it.next();
--- a/rpc/src/v1/helpers/light_fetch.rs
+++ b/rpc/src/v1/helpers/light_fetch.rs
@ -147,30 +147,19 @@ impl LightFetch {
 			Err(e) => return Box::new(future::err(e)),
 		};
 		let maybe_future = self.sync.with_context(move |ctx| {
 			Box::new(self.on_demand.request_raw(ctx, reqs)
 				.expect("all back-references known to be valid; qed")
 				.map(|res| extract_header(&res, header_ref)
 					.expect("these responses correspond to requests that header_ref belongs to. \
 							 therefore it will not fail; qed"))
 				.map_err(errors::on_demand_cancel))
 		});
-		self.send_requests(reqs, |res|
+		match maybe_future {
-			extract_header(&res, header_ref)
+			Some(recv) => recv,
-				.expect("these responses correspond to requests that header_ref belongs to \
+			None => Box::new(future::err(errors::network_disabled()))
-						therefore it will not fail; qed")
+		}
 		)
 	}
 	/// Helper for getting contract code at a given block.
 	pub fn code(&self, address: Address, id: BlockId) -> BoxFuture<Vec<u8>> {
 		let mut reqs = Vec::new();
 		let header_ref = match self.make_header_requests(id, &mut reqs) {
 			Ok(r) => r,
 			Err(e) => return Box::new(future::err(e)),
 		};
 		reqs.push(request::Account { header: header_ref.clone(), address: address }.into());
 		let account_idx = reqs.len() - 1;
 		reqs.push(request::Code { header: header_ref, code_hash: Field::back_ref(account_idx, 0) }.into());
 		self.send_requests(reqs, |mut res| match res.pop() {
 			Some(OnDemandResponse::Code(code)) => code,
 			_ => panic!("responses correspond directly with requests in amount and type; qed"),
 		})
 	}
 	/// Helper for getting account info at a given block.
@ -184,10 +173,20 @@ impl LightFetch {
 		reqs.push(request::Account { header: header_ref, address: address }.into());
-		self.send_requests(reqs, |mut res|match res.pop() {
+		let maybe_future = self.sync.with_context(move |ctx| {
-			Some(OnDemandResponse::Account(acc)) => acc,
+			Box::new(self.on_demand.request_raw(ctx, reqs)
-			_ => panic!("responses correspond directly with requests in amount and type; qed"),
+				.expect("all back-references known to be valid; qed")
-		})
+				.map(|mut res| match res.pop() {
 					Some(OnDemandResponse::Account(acc)) => acc,
 					_ => panic!("responses correspond directly with requests in amount and type; qed"),
 				})
 				.map_err(errors::on_demand_cancel))
 		});
 		match maybe_future {
 			Some(recv) => recv,
 			None => Box::new(future::err(errors::network_disabled()))
 		}
 	}
 	/// Helper for getting proved execution.
@ -278,10 +277,20 @@ impl LightFetch {
 		reqs.push(request::Body(header_ref).into());
-		self.send_requests(reqs, |mut res| match res.pop() {
+		let maybe_future = self.sync.with_context(move |ctx| {
-			Some(OnDemandResponse::Body(b)) => b,
+			Box::new(self.on_demand.request_raw(ctx, reqs)
-			_ => panic!("responses correspond directly with requests in amount and type; qed"),
+				.expect(NO_INVALID_BACK_REFS)
-		})
+				.map(|mut res| match res.pop() {
 					Some(OnDemandResponse::Body(b)) => b,
 					_ => panic!("responses correspond directly with requests in amount and type; qed"),
 				})
 				.map_err(errors::on_demand_cancel))
 		});
 		match maybe_future {
 			Some(recv) => recv,
 			None => Box::new(future::err(errors::network_disabled()))
 		}
 	}
 	/// Get the block receipts. Fails on unknown block ID.
@ -294,10 +303,20 @@ impl LightFetch {
 		reqs.push(request::BlockReceipts(header_ref).into());
-		self.send_requests(reqs, |mut res| match res.pop() {
+		let maybe_future = self.sync.with_context(move |ctx| {
-			Some(OnDemandResponse::Receipts(b)) => b,
+			Box::new(self.on_demand.request_raw(ctx, reqs)
-			_ => panic!("responses correspond directly with requests in amount and type; qed"),
+				.expect(NO_INVALID_BACK_REFS)
-		})
+				.map(|mut res| match res.pop() {
 					Some(OnDemandResponse::Receipts(b)) => b,
 					_ => panic!("responses correspond directly with requests in amount and type; qed"),
 				})
 				.map_err(errors::on_demand_cancel))
 		});
 		match maybe_future {
 			Some(recv) => recv,
 			None => Box::new(future::err(errors::network_disabled()))
 		}
 	}
 	/// Get transaction logs
@ -414,23 +433,6 @@ impl LightFetch {
 			Either::B(extract_transaction)
 		}))
 	}
 	fn send_requests<T, F>(&self, reqs: Vec<OnDemandRequest>, parse_response: F) -> BoxFuture<T> where
 		F: FnOnce(Vec<OnDemandResponse>) -> T + Send + 'static,
 		T: Send + 'static,
 	{
 		let maybe_future = self.sync.with_context(move |ctx| {
 			Box::new(self.on_demand.request_raw(ctx, reqs)
 					 .expect(NO_INVALID_BACK_REFS)
 					 .map(parse_response)
 					 .map_err(errors::on_demand_cancel))
 		});
 		match maybe_future {
 			Some(recv) => recv,
 			None => Box::new(future::err(errors::network_disabled()))
 		}
 	}
 }
 #[derive(Clone)]
--- a/rpc/src/v1/impls/light/eth.rs
+++ b/rpc/src/v1/impls/light/eth.rs
@ -349,8 +349,8 @@ impl<T: LightChainClient + 'static> Eth for EthClient<T> {
 		}))
 	}
-	fn code_at(&self, address: RpcH160, num: Trailing<BlockNumber>) -> BoxFuture<Bytes> {
+	fn code_at(&self, _address: RpcH160, _num: Trailing<BlockNumber>) -> BoxFuture<Bytes> {
-		Box::new(self.fetcher().code(address.into(), num.unwrap_or_default().into()).map(Into::into))
+		Box::new(future::err(errors::unimplemented(None)))
 	}
 	fn send_raw_transaction(&self, raw: Bytes) -> Result<RpcH256> {
--- a/rpc/src/v1/impls/light/parity.rs
+++ b/rpc/src/v1/impls/light/parity.rs
@ -208,12 +208,7 @@ impl Parity for ParityClient {
 	}
 	fn registry_address(&self) -> Result<Option<H160>> {
-		let reg = self.light_dispatch.client.engine().params().registrar;
+		Err(errors::light_unimplemented(None))
 		if reg == Default::default() {
 			Ok(None)
 		} else {
 			Ok(Some(reg.into()))
 		}
 	}
 	fn rpc_settings(&self) -> Result<RpcSettings> {
--- a/scripts/gitlab-test.sh
+++ b/scripts/gitlab-test.sh
@ -1,100 +0,0 @@
 #!/bin/bash
 #ARGUMENT test for RUST, JS, COVERAGE or JS_RELEASE
 set -e # fail on any error
 set -u # treat unset variables as error
 if [[ "$CI_COMMIT_REF_NAME" = "beta" || "$CI_COMMIT_REF_NAME" = "stable" ]]; then
  export GIT_COMPARE=$CI_COMMIT_REF_NAME;
 else
  export GIT_COMPARE=master;
 fi
 export JS_FILES_MODIFIED="$(git --no-pager diff --name-only $GIT_COMPARE...$CI_COMMIT_SHA | grep ^js/ | wc -l)"
 export JS_OLD_FILES_MODIFIED="$(git --no-pager diff --name-only $GIT_COMPARE...$CI_COMMIT_SHA | grep ^js-old/ | wc -l)"
 export RUST_FILES_MODIFIED="$(git --no-pager diff --name-only $GIT_COMPARE...$CI_COMMIT_SHA | grep -v -e ^js -e ^\\. -e ^LICENSE -e ^README.md -e ^test.sh -e ^windows/ -e ^scripts/ -e ^mac/ -e ^nsis/ | wc -l)"
 echo "RUST_FILES_MODIFIED: $RUST_FILES_MODIFIED"
 echo "JS_FILES_MODIFIED: $JS_FILES_MODIFIED"
 echo "JS_OLD_FILES_MODIFIED: $JS_OLD_FILES_MODIFIED"
 TEST_SWITCH=$1
 rust_test () {
  git submodule update --init --recursive
  rustup show
  if [[ "${RUST_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping Rust tests since no Rust files modified.";
    else ./test.sh;
  fi
  if [[ "$CI_COMMIT_REF_NAME" == "nightly" ]];
    then sh scripts/aura-test.sh;
  fi
 }
 js_test () {
  git submodule update --init --recursive
  if [[ "${JS_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping JS deps install since no JS files modified.";
    else ./js/scripts/install-deps.sh;
  fi
  if [[ "${JS_OLD_FILES_MODIFIED}" == "0"  ]];
    then echo "Skipping JS (old) deps install since no JS files modified.";
    else ./js-old/scripts/install-deps.sh;
  fi
  if [[ "${JS_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping JS lint since no JS files modified.";
    else ./js/scripts/lint.sh && ./js/scripts/test.sh && ./js/scripts/build.sh;
  fi
  if [[ "${JS_OLD_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping JS (old) lint since no JS files modified.";
    else ./js-old/scripts/lint.sh && ./js-old/scripts/test.sh && ./js-old/scripts/build.sh;
  fi
 }
 js_release () {
  rustup default stable
  if [[ "${JS_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping JS deps install since no JS files modified.";
    else echo "install JS deps---------------"&&./js/scripts/install-deps.sh&&echo "done----------------";
  fi
  if [[ "${JS_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping JS rebuild since no JS files modified.";
    else echo "build JS--------------"&&./js/scripts/build.sh&&echo "Puch JS precompiled-----------------"&&./js/scripts/push-precompiled.sh&&echo "done----------------";
  fi
  if [[ "${JS_OLD_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping JS (old) deps install since no JS files modified.";
    else echo "install JS (old) deps---------------"&&./js-old/scripts/install-deps.sh&&echo "done----------------";
  fi
  if [[ "${JS_OLD_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping JS (old) rebuild since no JS files modified.";
    else echo "build JS (old)--------------"&&./js-old/scripts/build.sh&&echo "Puch JS (old) precompiled-----------------"&&./js-old/scripts/push-precompiled.sh&&echo "done----------------";
  fi
  if [[ "${JS_FILES_MODIFIED}" == "0" ]] && [[ "${JS_OLD_FILES_MODIFIED}" == "0" ]];
    then echo "Skipping Cargo update since no JS files modified.";
    else echo "push cargo---------"&&./js/scripts/push-cargo.sh&&echo "done----------------";
  fi
 }
 coverage_test () {
  git submodule update --init --recursive
  rm -rf target/*
  rm -rf js/.coverage
  scripts/cov.sh
 }
 case $TEST_SWITCH in
  stable )
    rustup default stable
    rust_test
    ;;
  beta)
    rustup default beta
    rust_test
    ;;
  nightly)
    rustup default nightly
    rust_test
    ;;
  js-test)
    js_test
    ;;
  js-release)
    js_release
    ;;
  test-coverage)
    coverage_test
    ;;
 esac
--- a/scripts/snapcraft.yaml
+++ b/scripts/snapcraft.yaml
@ -17,6 +17,6 @@ apps:
 parts:
  parity:
-    source: ..
+    source: .
    plugin: rust
    build-packages: [g++, libudev-dev, libssl-dev, make, pkg-config]
--- a/sync/src/api.rs
+++ b/sync/src/api.rs
@ -170,18 +170,7 @@ pub struct AttachedProtocol {
 }
 impl AttachedProtocol {
-	fn register(&self, network: &NetworkService) {
+	fn register(&self, _network: &NetworkService) {}
 		let res = network.register_protocol(
 			self.handler.clone(),
 			self.protocol_id,
 			self.packet_count,
 			self.versions
 		);
 		if let Err(e) = res {
 			warn!(target: "sync", "Error attaching protocol {:?}: {:?}", self.protocol_id, e);
 		}
 	}
 }
 /// EthSync initialization parameters.
--- a/sync/src/block_sync.rs
+++ b/sync/src/block_sync.rs
@ -522,10 +522,6 @@ impl BlockDownloader {
 					trace!(target: "sync", "Unknown new block parent, restarting sync");
 					break;
 				},
 				Err(BlockImportError::Block(BlockError::TemporarilyInvalid(_))) => {
 					debug!(target: "sync", "Block temporarily invalid, restarting sync");
 					break;
 				},
 				Err(e) => {
 					debug!(target: "sync", "Bad block {:?} : {:?}", h, e);
 					bad = true;
--- a/util/kvdb-rocksdb/src/lib.rs
+++ b/util/kvdb-rocksdb/src/lib.rs
@ -32,7 +32,7 @@ use std::cmp;
 use std::collections::HashMap;
 use std::marker::PhantomData;
 use std::path::{PathBuf, Path};
-use std::{fs, io, mem, result};
+use std::{mem, fs, io};
 use parking_lot::{Mutex, MutexGuard, RwLock};
 use rocksdb::{
@ -257,25 +257,7 @@ pub struct Database {
 	flushing_lock: Mutex<bool>,
 }
 #[inline]
 fn check_for_corruption<T, P: AsRef<Path>>(path: P, res: result::Result<T, String>) -> result::Result<T, String> {
 	if let Err(ref s) = res {
 		if s.starts_with("Corruption:") {
 			warn!("DB corrupted: {}. Repair will be triggered on next restart", s);
 			let _ = fs::File::create(path.as_ref().join(Database::CORRUPTION_FILE_NAME));
 		}
 	}
 	res
 }
 fn is_corrupted(s: &str) -> bool {
 	s.starts_with("Corruption:") || s.starts_with("Invalid argument: You have to open all column families")
 }
 impl Database {
 	const CORRUPTION_FILE_NAME: &'static str = "CORRUPTED";
 	/// Open database with default settings.
 	pub fn open_default(path: &str) -> Result<Database> {
 		Database::open(&DatabaseConfig::default(), path)
@ -305,14 +287,6 @@ impl Database {
 			block_opts.set_cache(cache);
 		}
 		// attempt database repair if it has been previously marked as corrupted
 		let db_corrupted = Path::new(path).join(Database::CORRUPTION_FILE_NAME);
 		if db_corrupted.exists() {
 			warn!("DB has been previously marked as corrupted, attempting repair");
 			DB::repair(&opts, path)?;
 			fs::remove_file(db_corrupted)?;
 		}
 		let columns = config.columns.unwrap_or(0) as usize;
 		let mut cf_options = Vec::with_capacity(columns);
@ -332,11 +306,12 @@ impl Database {
 		let mut cfs: Vec<Column> = Vec::new();
 		let db = match config.columns {
-			Some(_) => {
+			Some(columns) => {
 				match DB::open_cf(&opts, path, &cfnames, &cf_options) {
 					Ok(db) => {
 						cfs = cfnames.iter().map(|n| db.cf_handle(n)
 							.expect("rocksdb opens a cf_handle for each cfname; qed")).collect();
 						assert!(cfs.len() == columns as usize);
 						Ok(db)
 					}
 					Err(_) => {
@ -346,7 +321,7 @@ impl Database {
 								cfs = cfnames.iter().enumerate().map(|(i, n)| db.create_cf(n, &cf_options[i])).collect::<::std::result::Result<_, _>>()?;
 								Ok(db)
 							},
-							err => err,
+							err @ Err(_) => err,
 						}
 					}
 				}
@ -356,18 +331,14 @@ impl Database {
 		let db = match db {
 			Ok(db) => db,
-			Err(ref s) if is_corrupted(s) => {
+			Err(ref s) if s.starts_with("Corruption:") => {
-				warn!("DB corrupted: {}, attempting repair", s);
+				info!("{}", s);
 				info!("Attempting DB repair for {}", path);
 				DB::repair(&opts, path)?;
 				match cfnames.is_empty() {
 					true => DB::open(&opts, path)?,
-					false => {
+					false => DB::open_cf(&opts, path, &cfnames, &cf_options)?
 						let db = DB::open_cf(&opts, path, &cfnames, &cf_options)?;
 						cfs = cfnames.iter().map(|n| db.cf_handle(n)
 							.expect("rocksdb opens a cf_handle for each cfname; qed")).collect();
 						db
 					},
 				}
 			},
 			Err(s) => { return Err(s.into()); }
@ -454,11 +425,7 @@ impl Database {
 						}
 					}
 				}
-
+				db.write_opt(batch, &self.write_opts)?;
 				check_for_corruption(
 					&self.path,
 					db.write_opt(batch, &self.write_opts))?;
 				for column in self.flushing.write().iter_mut() {
 					column.clear();
 					column.shrink_to_fit();
@ -504,10 +471,7 @@ impl Database {
 						},
 					}
 				}
-
+				db.write_opt(batch, &self.write_opts).map_err(Into::into)
 				check_for_corruption(
 					&self.path,
 					db.write_opt(batch, &self.write_opts)).map_err(Into::into)
 			},
 			None => Err("Database is closed".into())
 		}