mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-07-30 02:03:43 +02:00
6e21dedbf2
40e5f26a3fmapport: remove dead code in DispatchMapPort (Antoine Poinsot)38fdf7c1fbmapport: drop outdated comments (Antoine Poinsot)b7b2435290doc: add release note for #31130 (Antoine Poinsot)1b6dec98dadepends: drop miniupnpc (Antoine Poinsot)953533d021doc: remove mentions of UPnP (Antoine Poinsot)94ad614482ci: remove UPnP options (Antoine Poinsot)a9598e5eaabuild: drop miniupnpc dependency (Antoine Poinsot)a5fcfb7385interfaces: remove now unused 'use_upnp' arg from 'mapPort' (Antoine Poinsot)038bbe7b20daemon: remove UPnP support (Antoine Poinsot)844770b05eqt: remove UPnP settings (Antoine Poinsot) Pull request description: This PR removes UPnP IGD support and drops our [miniupnp](https://github.com/miniupnp/miniupnp) dependency. Miniupnpc is a C library (somewhat) maintained by a single person which had several vulnerabilities in the past (a couple dozens are listed [here](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=miniupnp)), some of which directly affected our software ([RCE in 2015](https://bitcoincore.org/en/2024/07/03/disclose_upnp_rce/), [OOM in 2020](https://bitcoincore.org/en/2024/07/31/disclose-upnp-oom/)). The main purpose of this functionality is to have more (non-data-center) reachable nodes on the network. For a non-technical user running Bitcoin Core at home, the software would automatically open a port on their router to receive incoming connections. This way, users not able to manually open a port on their router would still provide the network with more resources and enhance its diversity. However, due to past vulnerabilities (and a worry about unknown future ones) in miniupnpc this feature was disabled by default in https://github.com/bitcoin/bitcoin/pull/6795. Having it disabled by default kills (most of?) the purpose of having this functionality in the first place: someone technical enough to understand the `-upnp` startup option or the "enable UPnP" setting is most likely able to open a port on his box in the first place. In addition, laanwj implemented PCP with a NAT-PMP fallback directly in Bitcoin Core in https://github.com/bitcoin/bitcoin/pull/30043. If we ever want to re-enable automatic NAT traversal by default in Bitcoin Core, this is the best option (and in my opinion the only sane one). The NAT-PMP fallback makes it so compatibility shouldn't be (much of) an issue. On balance, i believe that keeping this functionality and this barely maintained C dependency has higher costs than benefits. Therefore i propose that we get rid of it. ACKs for top commit: jarolrod: ACK40e5f26a3f1440000bytes: Code Review ACK40e5f26a3flaanwj: Code review ACK40e5f26a3fi-am-yuvi: Tested ACK40e5f26a3fTree-SHA512: 9ea48662775510f5ec6de7af65790f7c8d211603398e9d8c634a86387be81b28081419a95b4d6680d3d7fe6a9f16cec99f16516548201dc7e49781909899a657