These are available in sandboxes without access to files or
devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls)
to use than `/dev/urandom` as reading from a file has quite a few edge
cases:
- Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html)
was introduced in version 3.17 of the Linux kernel.
- OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2)
function appeared in OpenBSD 5.6.
- FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added
but it has existed for quite a while.
Alternatives:
- Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID`
which gives 16 bytes of randomness. This may be available
on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/)
and even removed in some distros so we shouldn't use it.
Add tests for `GetOSRand()`:
- Test that no error happens (otherwise `RandFailure()` which aborts)
- Test that all 32 bytes are overwritten (initialize with zeros, try multiple times)
Discussion:
- When to use these? Currently they are always used when available.
Another option would be to use them only when `/dev/urandom` is not
available. But this would mean these code paths receive less testing,
and I'm not sure there is any reason to prefer `/dev/urandom`.
Closes: #9676
2fb98f6 Fix bug in dmg builder so that it actually reads in the configuration file (Don Patterson)
b01667c Mention RSVG dependency when creating the disk image on OSX (Jonas Schnelli)
09aefb5 build: Fix 'make deploy' for OSX (Cory Fields)
76faa3c Rename the remaining main.{h,cpp} to validation.{h,cpp} (Matt Corallo)
e736772 Move network-msg-processing code out of main to its own file (Matt Corallo)
87c35f5 Remove orphan state wipe from UnloadBlockIndex. (Matt Corallo)
OBJCXX's std flags don't get defined by our cxx macro. Rather than hard-coding
to c++11, just force OBJCXX to be the same as CXX unless the user specified
otherwise.
Simplified version of #8278. Assumes that every OS that (a) is supported
by Bitcoin Core (b) supports daemonization has the `daemon()` function
in its C library.
- Removes the fallback path for operating systems that support
daemonization but not `daemon()`. This prevents never-exercised code from
ending up in the repository (see discussion here:
https://github.com/bitcoin/bitcoin/pull/8278#issuecomment-242704745).
- Removes the windows-specific path. Windows doesn't support `daemon()`,
so it don't support daemonization there, automatically.
Original code by Matthew King, adapted by Wladimir van der Laan.
62c2915 build: supply `-Wl,--high-entropy-va` (Wladimir J. van der Laan)
9a75d29 devtools: Check for high-entropy ASLR in 64-bit PE executables (Wladimir J. van der Laan)
d19583f improved gen-manpages.sh, includes bitcoin-tx and strips commit tag, now also runs binaries from build dir by default, added variables for more control (nomnombtc)
09546ca regenerated all manpages with commit tag stripped, also add bitcoin-tx (nomnombtc)
ae6e754 change help string --enable-man to --disable-man (nomnombtc)
a32c102 add conditional for --enable-man, default is yes (nomnombtc)
dc84b6f add doc/man to subdir if configure flag --enable-man is set (nomnombtc)
00dba72 add doc/man/Makefile.am to include manpages (nomnombtc)
eb5643b add autogenerated manpages by help2man (nomnombtc)
6edf2fd add gen-manpages.sh description to README.md (nomnombtc)
d2cd9c0 add script to generate manpages with help2man (nomnombtc)
- LevelDB platform was not guessed correctly (it ended up defining
`-DOS_OPENBSD59` instead of `-DOS_OPENBSD`)
- On OpenBSD there is no convenience link from `python3.5` to `python3`:
add detection for other python interpreter names.
- If it has to guess the LevelDB OS, print a autoconf warning so that
the user can check.
We don't use any elliptic curves from OpenSSL anymore, nor include this
header anywhere but optionally in the tests of secp256k1 (which has
its own autoconf setup).
Reported by sinetek on IRC.
- guard PKG_PROG_PKG_CONFIG with an m4_ifdef. If not building for windows,
require it
- add nops as necessary in case the ifdef reduces the if/then to nothing
- AC_SUBST some missing _LIBS. These were split out over time, but not all were
properly substituted. They continued to work if pkg-config is installed
because it does the AC_SUBST itself
- create a script to handle split debug. This will also eventually need to check
targets, and use dsymutil for osx.
- update config.guess/config.sub for bdb for aarch64.
- temporarily disable symbol checks for arm/aarch64
- quit renaming to linux32/linux64 and use the host directly
This also adds a hack to work around an Ubuntu bug in the gcc-multilib package:
https://bugs.launchpad.net/ubuntu/+source/gcc-defaults-armhf-cross/+bug/1347820
The problem is that gcc-multilib conflicts with the aarch toolchain.
gcc-multilib installs a symlink that points
/usr/include/asm -> /usr/include/x86_64-linux-gnu/asm.
Without this link, gcc -m32 can't find asm/errno.h (and others), since
/usr/include/x86_64-linux-gnu isn't in its default include path. But
/usr/include/i386-linux-gnu is (though it doesn't exist on disk).
So work around the problem by linking
/usr/include/i386-linux-gnu/asm -> /usr/include/x86_64-linux-gnu/asm.
The symlink fix is actually quite reasonable, but echoing the password into
sudo is nasty, and should probably be addressed in gitian itself. It makes more
sense to enable passwordless sudo for the build user by default.
- Link pull-tester/rpc-tests.py to the build dir
- Add the build-dir's config to the python path so that tests can find it
- The tests themselves are in srcdir
- Clean up __pycache__ in 'make clean'
7df9224 doc: Add note about new build/test requirements to release notes (Wladimir J. van der Laan)
2aacc72 build: update ax_cxx_compile_stdcxx to serial 4 (Wladimir J. van der Laan)
a398549 depends: use c++11 (Cory Fields)
67969af build: Enable C++11 build, require C++11 compiler (Wladimir J. van der Laan)
Disabling warnings can be tricky, because doing so can cause a different
compiler to create new warnings about unsupported disable flags. Also, some
warnings don't surface until they're paired with another warning (gcc). For
example, adding "-Wno-foo" won't cause any trouble, but if there's a legitimate
warning emitted, the "unknown option -Wno-foo" will show up as well.
Work around this in 2 ways:
1. When checking to see if -Wno-foo is supported, check for "-Wfoo" instead.
2. Enable -Werror while checking 1.
If "-Werror -Wfoo" compiles, "-Wno-foo" is almost guaranteed to be supported.
-Werror itself is also checked. If that fails to compile by itself, it likely
means that the user added a flag that adds a warning. In that case, -Werror
won't be used while checking, and the build may be extra noisy. The user would
need to fix the bad input flag.
Also, silence 2 more additional warnings that can show up post-c++11.