[stable] Backports (#8133)

* updater: apply exponential backoff after download failure (#8059)

* updater: apply exponential backoff after download failure

* updater: reset backoff on new release

* Limit incoming connections.  (#8060)

* Limit ingress connections
* Optimized handshakes logging

* Max code size on Kovan (#8067)

* Enable code size limit on kovan

* Fix formatting.

* add some dos protection (#8084)

* more dos protection (#8104)

* Const time comparison (#8113)

* Use `subtle::slices_equal` for constant time comparison.

Also update the existing version of subtle in `ethcrypto` from
0.1 to 0.5

* Test specifically for InvalidPassword error.

* revert removing blooms (#8066)

* Revert "fix traces, removed bloomchain crate, closes #7228, closes #7167"

This reverts commit 1bf62038678295e5586f02a38a0c5aab9a9efe62.

* Revert "fixed broken logs (#7934)"

This reverts commit f8a2e53f3e.

* fixed broken logs

* bring back old lock order

* remove migration v13

* revert CURRENT_VERSION to 12 in migration.rs

* Fix compilation.

* Check one step deeper if we're on release track branches

* add missing pr

* Fix blooms?

* Fix tests compiilation.

* Fix size.

ethstore/src/account/crypto.rs

@@ -21,6 +21,7 @@ use crypto::Keccak256;
 use random::Random;
 use smallvec::SmallVec;
 use account::{Cipher, Kdf, Aes128Ctr, Pbkdf2, Prf};
+use subtle;
 
 /// Encrypted data
 #[derive(Debug, PartialEq, Clone)]
@@ -136,7 +137,7 @@ impl Crypto {
 
 		let mac = crypto::derive_mac(&derived_right_bits, &self.ciphertext).keccak256();
 
-		if mac != self.mac {
+		if subtle::slices_equal(&mac, &self.mac) == 0 {
 			return Err(Error::InvalidPassword);
 		}
 
@@ -158,7 +159,7 @@ impl Crypto {
 #[cfg(test)]
 mod tests {
 	use ethkey::{Generator, Random};
-	use super::Crypto;
+	use super::{Crypto, Error};
 
 	#[test]
 	fn crypto_with_secret_create() {
@@ -169,11 +170,10 @@ mod tests {
 	}
 
 	#[test]
-	#[should_panic]
 	fn crypto_with_secret_invalid_password() {
 		let keypair = Random.generate().unwrap();
 		let crypto = Crypto::with_secret(keypair.secret(), "this is sparta", 10240);
-		let _ = crypto.secret("this is sparta!").unwrap();
+		assert_matches!(crypto.secret("this is sparta!"), Err(Error::InvalidPassword))
 	}
 
 	#[test]

ethstore/src/lib.rs

@@ -28,6 +28,7 @@ extern crate rustc_hex;
 extern crate serde;
 extern crate serde_json;
 extern crate smallvec;
+extern crate subtle;
 extern crate time;
 extern crate tiny_keccak;
 extern crate tempdir;
@@ -42,7 +43,11 @@ extern crate log;
 #[macro_use]
 extern crate serde_derive;
 
-pub mod accounts_dir; 
+#[cfg(test)]
+#[macro_use]
+extern crate matches;
+
+pub mod accounts_dir;
 pub mod ethkey;
 
 mod account;