Update jsonrpc to 15.0.0, bump to 2.5.14

* Patch invalid transaction root.

* Add raw hash to bad and include fix for uncles too.

* Fix submodules.

CHANGELOG.md

@@ -1,3 +1,10 @@
+## Parity-Ethereum [v2.5.13](https://github.com/paritytech/parity-ethereum/releases/tag/v2.5.13)
+
+Parity Ethereum v2.5.13-stable is a security release. Valid blocks with manipulated transactions (added/replaced) cause the client to stall.
+
+The full list of included changes:
+* Make sure to not mark block header hash as invalid if only the body is wrong (#11356)
+
 ## Parity-Ethereum [v2.5.12](https://github.com/paritytech/parity-ethereum/releases/tag/v2.5.12)
 
 Parity Ethereum v2.5.12-stable is a patch release that adds Istanbul hardfork

Cargo.toml

@@ -2,7 +2,7 @@
 description = "Parity Ethereum client"
 name = "parity-ethereum"
 # NOTE Make sure to update util/version/Cargo.toml as well
-version = "2.5.12"
+version = "2.5.14"
 license = "GPL-3.0"
 authors = ["Parity Technologies <admin@parity.io>"]
 
@@ -29,7 +29,7 @@ serde_derive = "1.0"
 futures = "0.1"
 fdlimit = "0.1"
 ctrlc = { git = "https://github.com/paritytech/rust-ctrlc.git" }
-jsonrpc-core = "14.0.0"
+jsonrpc-core = "15.0.0"
 parity-bytes = "0.1"
 common-types = { path = "ethcore/types" }
 ethcore = { path = "ethcore", features = ["parity"] }

cli-signer/rpc-client/Cargo.toml

@@ -15,7 +15,7 @@ serde_json = "1.0"
 url = "2"
 matches = "0.1"
 parking_lot = "0.9"
-jsonrpc-core = "14.0.3"
-jsonrpc-ws-server = "14.0.3"
+jsonrpc-core = "15.0.0"
+jsonrpc-ws-server = "15.0.0"
 parity-rpc = { path = "../../rpc" }
 keccak-hash = "0.1"

ethcore/src/verification/queue/kind.rs

@@ -27,9 +27,12 @@ pub use self::headers::Headers;
 
 /// Something which can produce a hash and a parent hash.
 pub trait BlockLike {
-	/// Get the hash of this item.
+	/// Get the hash of this item - i.e. the header hash.
 	fn hash(&self) -> H256;
 
+	/// Get a raw hash of this item - i.e. the hash of the RLP representation.
+	fn raw_hash(&self) -> H256;
+
 	/// Get the hash of this item's parent.
 	fn parent_hash(&self) -> H256;
 
@@ -160,6 +163,10 @@ pub mod blocks {
 			self.header.hash()
 		}
 
+		fn raw_hash(&self) -> H256 {
+			hash::keccak(&self.bytes)
+		}
+
 		fn parent_hash(&self) -> H256 {
 			self.header.parent_hash().clone()
 		}
@@ -174,6 +181,10 @@ pub mod blocks {
 			self.header.hash()
 		}
 
+		fn raw_hash(&self) -> H256 {
+			hash::keccak(&self.bytes)
+		}
+
 		fn parent_hash(&self) -> H256 {
 			self.header.parent_hash().clone()
 		}
@@ -197,6 +208,7 @@ pub mod headers {
 
 	impl BlockLike for Header {
 		fn hash(&self) -> H256 { self.hash() }
+		fn raw_hash(&self) -> H256 { self.hash() }
 		fn parent_hash(&self) -> H256 { self.parent_hash().clone() }
 		fn difficulty(&self) -> U256 { self.difficulty().clone() }
 	}

ethcore/src/verification/queue/mod.rs

@@ -472,13 +472,14 @@ impl<K: Kind> VerificationQueue<K> {
 	/// Add a block to the queue.
 	pub fn import(&self, input: K::Input) -> Result<H256, (K::Input, Error)> {
 		let hash = input.hash();
+		let raw_hash = input.raw_hash();
 		{
 			if self.processing.read().contains_key(&hash) {
 				bail!((input, ErrorKind::Import(ImportErrorKind::AlreadyQueued).into()));
 			}
 
 			let mut bad = self.verification.bad.lock();
-			if bad.contains(&hash) {
+			if bad.contains(&hash) || bad.contains(&raw_hash) {
 				bail!((input, ErrorKind::Import(ImportErrorKind::KnownBad).into()));
 			}
 
@@ -505,6 +506,16 @@ impl<K: Kind> VerificationQueue<K> {
 				match err {
 					// Don't mark future blocks as bad.
 					Error(ErrorKind::Block(BlockError::TemporarilyInvalid(_)), _) => {},
+					// If the transaction root or uncles hash is invalid, it doesn't necessarily mean
+					// that the header is invalid. We might have just received a malformed block body,
+					// so we shouldn't put the header hash to `bad`.
+					//
+					// We still put the entire `Item` hash to bad, so that we can early reject
+					// the items that are malformed.
+					Error(ErrorKind::Block(BlockError::InvalidTransactionsRoot(_)), _) |
+					Error(ErrorKind::Block(BlockError::InvalidUnclesHash(_)), _) => {
+						self.verification.bad.lock().insert(raw_hash);
+					},
 					_ => {
 						self.verification.bad.lock().insert(hash);
 					}

ipfs/Cargo.toml

@@ -9,8 +9,8 @@ authors = ["Parity Technologies <admin@parity.io>"]
 ethcore = { path = "../ethcore" }
 parity-bytes = "0.1"
 ethereum-types = "0.4"
-jsonrpc-core = "14.0.3"
-jsonrpc-http-server = "14.0.3"
+jsonrpc-core = "15.0.0"
+jsonrpc-http-server = "15.0.0"
 rlp = { version = "0.3.0", features = ["ethereum"] }
 cid = "0.3"
 multihash = "0.8"

miner/stratum/Cargo.toml

@@ -8,8 +8,8 @@ authors = ["Parity Technologies <admin@parity.io>"]
 [dependencies]
 ethereum-types = "0.4"
 keccak-hash = "0.1"
-jsonrpc-core = "14.0.3"
-jsonrpc-tcp-server = "14.0.3"
+jsonrpc-core = "15.0.0"
+jsonrpc-tcp-server = "15.0.0"
 log = "0.4"
 parking_lot = "0.7"
 

rpc/Cargo.toml

@@ -27,12 +27,12 @@ tokio-timer = "0.1"
 transient-hashmap = "0.4"
 itertools = "0.5"
 
-jsonrpc-core = "14.0.3"
-jsonrpc-derive = "14.0.3"
-jsonrpc-http-server = "14.0.3"
-jsonrpc-ws-server = "14.0.3"
-jsonrpc-ipc-server = "14.0.3"
-jsonrpc-pubsub = "14.0.3"
+jsonrpc-core = "15.0.0"
+jsonrpc-derive = "15.0.0"
+jsonrpc-http-server = "15.0.0"
+jsonrpc-ws-server = "15.0.0"
+jsonrpc-ipc-server = "15.0.0"
+jsonrpc-pubsub = "15.0.0"
 
 common-types = { path = "../ethcore/types" }
 ethash = { path = "../ethash" }

rpc/src/tests/http_client.rs

@@ -113,20 +113,20 @@ pub fn request(address: &SocketAddr, request: &str) -> Response {
 pub fn assert_security_headers_present(headers: &[String], port: Option<u16>) {
 	if port.is_none() {
 		assert!(
-			headers.iter().any(|header| header.as_str() == "X-Frame-Options: SAMEORIGIN")
+			headers.iter().any(|header| header.as_str() == "X-Frame-Options: SAMEORIGIN"),
 			"X-Frame-Options: SAMEORIGIN missing: {:?}", headers
 		);
 	}
 	assert!(
-		headers.iter().any(|header| header.as_str() == "X-XSS-Protection: 1; mode=block")
+		headers.iter().any(|header| header.as_str() == "X-XSS-Protection: 1; mode=block"),
 		"X-XSS-Protection missing: {:?}", headers
 	);
 	assert!(
-		headers.iter().any(|header|  header.as_str() == "X-Content-Type-Options: nosniff")
+		headers.iter().any(|header|  header.as_str() == "X-Content-Type-Options: nosniff"),
 		"X-Content-Type-Options missing: {:?}", headers
 	);
 	assert!(
-		headers.iter().any(|header| header.starts_with("Content-Security-Policy: "))
+		headers.iter().any(|header| header.starts_with("Content-Security-Policy: ")),
 		"Content-Security-Policy missing: {:?}", headers
 	)
 }

secret-store/Cargo.toml

@@ -37,7 +37,7 @@ tokio-io = "0.1"
 tokio-service = "0.1"
 url = "2"
 percent-encoding = "2"
-jsonrpc-server-utils = "14.0.3"
+jsonrpc-server-utils = "15.0.0"
 
 [dev-dependencies]
 env_logger = "0.5"

util/version/Cargo.toml

@@ -3,7 +3,7 @@
 [package]
 name = "parity-version"
 # NOTE: this value is used for Parity Ethereum version string (via env CARGO_PKG_VERSION)
-version = "2.5.12"
+version = "2.5.14"
 authors = ["Parity Technologies <admin@parity.io>"]
 build = "build.rs"
 

whisper/Cargo.toml

@@ -26,6 +26,6 @@ smallvec = "0.6"
 tiny-keccak = "1.4"
 time-utils = { path = "../util/time-utils" }
 
-jsonrpc-core = "14.0.3"
-jsonrpc-derive = "14.0.3"
-jsonrpc-pubsub = "14.0.3"
+jsonrpc-core = "15.0.0"
+jsonrpc-derive = "15.0.0"
+jsonrpc-pubsub = "15.0.0"

whisper/cli/Cargo.toml

@@ -10,9 +10,9 @@ docopt = "1.0"
 env_logger = "0.5"
 ethcore-network = { path = "../../util/network" }
 ethcore-network-devp2p = { path = "../../util/network-devp2p" }
-jsonrpc-core = "14.0.0"
-jsonrpc-http-server = "14.0.0"
-jsonrpc-pubsub = "14.0.0"
+jsonrpc-core = "15.0.0"
+jsonrpc-http-server = "15.0.0"
+jsonrpc-pubsub = "15.0.0"
 log = "0.4"
 panic_hook = { path = "../../util/panic-hook" }
 parity-whisper = { path = "../" }