Commit graph

1354 commits

Author SHA1 Message Date
Hennadii Stepanov
1fbb8b6fa3
script: Remove outdated extract-osx-sdk.sh 2020-12-21 15:03:08 +02:00
Wladimir J. van der Laan
f1dbf92ff0
Merge #20434: contrib: Parse ELF directly for symbol and security checks
a0a771843f contrib: Changes to checks for PowerPC64 (Luke Dashjr)
634f6ec4eb contrib: Parse ELF directly for symbol and security checks (Wladimir J. van der Laan)

Pull request description:

  Instead of the ever-messier text parsing of the output of the readelf tool (which is clearly meant for human consumption not to be machine parseable), parse the ELF binaries directly.

  Add a small dependency-less ELF parser specific to the checks.

  This is slightly more secure, too, because it removes potential ambiguity due to misparsing and changes in the output format of `elfread`. It also allows for stricter and more specific ELF format checks in the future.

  This removes the build-time dependency for `readelf`.

  It passes the test-security-check for me locally, ~~though I haven't checked on all platforms~~. I've checked that this works on the cross-compile output for all ELF platforms supported by Bitcoin Core at the moment, as well as PPC64 LE and BE.

Top commit has no ACKs.

Tree-SHA512: 7f9241fec83ee512642fecf5afd90546964561efd8c8c0f99826dcf6660604a4db2b7255e1afb1e9bb0211fd06f5dbad18a6175dfc03e39761a40025118e7bfc
2020-12-18 12:16:40 +01:00
fanquake
0df9819126 build: Replace genisoimage with xorriso
xorriso and its mkisofs/genisoimage emulation alter-ego xorrisofs are
more maintained, and has the right toggles for us to achieve output
determinism without using blunt tools like faketime.

In this commit, we use xorrisofs from the build environment rather than
building it ourselves using depends. This is not necessary and can be
changed in the future.

From https://wiki.debian.org/genisoimage?action=recall&rev=11 :

> The classical command line interface for production of ISO 9660
> filesystem images is the option set established by program mkisofs.
> For reasons of licensing and other problems with its author, Debian
> ships a fork of mkisofs, called genisoimage, which was split off in
> 2006 and then developed independently.
>
> Meanwhile, genisoimage gets no new features and not even bug fixes. It
> is first choice only if its options -udf or -hfs are needed.
>
> Replacement in most uses cases, especially for bootable ISO 9660
> filesystems, archiving, and backup, is xorrisofs which starts the -as
> mkisofs emulation mode of program xorriso.
2020-12-16 12:29:14 -05:00
Carl Dong
22437fc72e build: Run libdmg-hfsplus's DMG tool in make deploy
Previously, the compression of the .iso file to a .dmg file was done
outside of `make deploy' in order to use the faketime-wrapped version of
libdmg-hfsplus's DMG tool.

Specifying the faketime-wrapped version of the DMG tool to ./configure
fixes this and simplifies build scripts.
2020-12-11 11:43:11 -05:00
fanquake
ae9b48995b
contrib: add symbol check test for PE 2020-12-09 23:13:24 +08:00
fanquake
16b31cc4c5
Merge #20422: build: mac deployment unification
b685f60a08 build: mac_alias 2.1.1 (fanquake)
5d2cbdf772 macdeploy: use Python 3.6 (fanquake)
a42aa94c54 macdeploy: remove runHDIUtil in favor of directly calling subprocess.run (fanquake)
adaa26202b macdeploy: remove existing Bitcoin-Core.dmg if present (fanquake)
ccb0325b1b macdeploy: move qt_conf to where it's used (fanquake)
6390a04862 macdeploy: consolidate .DS_Store generation (fanquake)
32347cd56a macdeploy: assume plistlib is available (fanquake)
0ab4018c12 macdeploy: have a single level of logging output (fanquake)
827d382aa7 macdeploy: remove add-resources argument (fanquake)
464b34d4c3 macdeploy: remove codesigning argument (fanquake)
4d70d3d7fe build: automatically determine macOS translations (fanquake)

Pull request description:

  This consolidates our macOS build code so that `.DS_Store` generation is the same when running `make deploy` for macOS when building on Linux and macOS, rather than maintaining two version of code that essentially do the same thing (just slightly differently).

  It also removes unused code and any AppleScript usage, automates finding translation files and generally simplifies `macdeployqtplus`. It also gets rid of the annoying "popping up" behaviour during DMG generation, names the created image `Bitcoin-Core.dmg` rather than `Bitcoin-Qt.dmg`.

ACKs for top commit:
  dergoegge:
    ACK b685f60a08 - Less and cleaner code looks good. I tested this with `make deploy` and everything still works + the popup during DMG generation is gone.

Tree-SHA512: dcd38344e2dfcfa7ffbccf6226a71425c4d16b421a4881d5ee37b8e7ef393b3e8077262444c39b11912269d8cf688aba897e6518cba8361eb24a03fdd03b8caf
2020-12-08 16:51:49 +08:00
Wladimir J. van der Laan
f3e17686b3
Merge #20468: build: warn when generating man pages for binaries built from a dirty branch
6690adba08 Warn when binaries are built from a dirty branch. (Tyler Chambers)

Pull request description:

  - Adjusted `--version` flag behavior in bitcoind and bitcoin-wallet to have the same behavior.
  - Added `--version` flag to bitcoin-tx to match.
  - Added functionality in gen-manpages.sh to error when attempting to generate man pages for binaries built from a dirty branch.

  mitigates problem with  issue #20412

ACKs for top commit:
  laanwj:
    Tested ACK 6690adba08

Tree-SHA512: b5ca509f1a57f66808c2bebc4b710ca00c6fec7b5ebd7eef58018e28e716f5f2358e36551b8a4df571bf3204baed565a297aeefb93990e7a99add502b97ee1b8
2020-12-07 10:51:45 +01:00
fanquake
ed1bbcefea contrib: add MACHO tests to symbol-check tests 2020-12-03 12:16:19 +01:00
Wladimir J. van der Laan
5bab08df17 contrib: Add test for ELF symbol-check
Check both failure cases:
- Use a glibc symbol from a version that is too new
- Use a symbol from a library that is not in the allowlist

And also check a conforming binary.

Adding a similar check for Windows PE can be done in a separate PR.
2020-12-03 12:15:12 +01:00
fanquake
5d2cbdf772
macdeploy: use Python 3.6 2020-11-30 14:54:20 +08:00
fanquake
a42aa94c54
macdeploy: remove runHDIUtil in favor of directly calling subprocess.run 2020-11-30 14:54:20 +08:00
fanquake
adaa26202b
macdeploy: remove existing Bitcoin-Core.dmg if present 2020-11-30 14:54:20 +08:00
fanquake
ccb0325b1b
macdeploy: move qt_conf to where it's used 2020-11-30 14:54:20 +08:00
fanquake
6390a04862
macdeploy: consolidate .DS_Store generation
Rather than two lots of logic doing roughly the same thing, dependent on if
you're compiling on Linux or macOS, combine the .DS store generation into
macdeployqtplus.

This also removes the -fancy and -volname options.
2020-11-30 14:54:19 +08:00
fanquake
32347cd56a
macdeploy: assume plistlib is available
We already require Python 3.5 or later
2020-11-30 14:54:19 +08:00
fanquake
0ab4018c12
macdeploy: have a single level of logging output
4 different levels of verbosity is overkill for a fairly simple script, which
was always being run at 2 in any case.
2020-11-30 14:54:19 +08:00
fanquake
827d382aa7
macdeploy: remove add-resources argument 2020-11-30 14:54:19 +08:00
fanquake
464b34d4c3
macdeploy: remove codesigning argument 2020-11-30 14:54:19 +08:00
fanquake
4d70d3d7fe
build: automatically determine macOS translations
Rather than using OSX_QT_TRANSLATIONS which must be manually updated,
and we forget to update anyway, i.e: #19059, automatically find and copy
available translations from the translations directory.
2020-11-30 14:54:18 +08:00
Tyler Chambers
6690adba08
Warn when binaries are built from a dirty branch.
Adjusted version flag behavior in bitcoin-tx, bitcoin-wallet, and
bitcoind to match. Added functionality in gen-manpages.sh to warning when
attempting to generate man pages for binaries built from a dirty
branch.
2020-11-28 18:43:55 -05:00
Wladimir J. van der Laan
555b5d1bf9
Merge #20419: build: set minimum supported macOS to 10.14
a52ecc936a build: set minimum supported macOS to 10.14 (fanquake)

Pull request description:

  This is a requirement for C++17 support. See my comments [here](https://github.com/bitcoin/bitcoin/issues/16684#issuecomment-643722538):

  > You cannot use std::get with std::variant on macOS < 10.14, because Apples libc++ doesn't support the std::bad_variant_access exception. [Relevant comment](https://github.com/bitcoin/bitcoin/pull/19183#discussion_r439794318) in #19183.

  > While we could work around this in our own code, using std::get_if, this would still be a problem for 3rd-party dependencies.

  > I've been testing Qt 5.15LTS (we'll have to enable C++17 in qt, and may upgrade to a newer version at the same time), and you can't enable -std c++17, while targeting a macOS deployment version < 10.14, configuring will fail. They are making use of std::get with std::variant throughout their cocoa code.

  We would have to had to have bumped to at least 10.13 in any case, as Qt 5.15 (#19716) [requires 10.13+](https://doc.qt.io/qt-5/supported-platforms.html).

ACKs for top commit:
  hebasto:
    ACK a52ecc936a, I have reviewed the code and it looks OK, I agree it can be merged.

Tree-SHA512: f669b2fc777aeea1e9afdbbc7bd9afe3997418211db6ba53c934cae0e62a9b999603da539518c229f34961d275c9e2f315c7b022cf5fb97bd201a69c85d470cc
2020-11-23 14:24:58 +01:00
Luke Dashjr
a0a771843f contrib: Changes to checks for PowerPC64
Changes from #14066.
2020-11-22 11:11:32 +01:00
Wladimir J. van der Laan
634f6ec4eb contrib: Parse ELF directly for symbol and security checks
Instead of the ever-messier text parsing of the output of the readelf
tool (which is clearly meant for human consumption not to be machine
parseable), parse the ELF binaries directly.

Add a small dependency-less ELF parser specific to the checks.

This is slightly more secure, too, because it removes potential
ambiguity due to misparsing and changes in the output format of `elfread`. It
also allows for stricter and more specific ELF format checks in the future.

This removes the build-time dependency for `readelf`.

It passes the test-security-check for me locally, though I haven't
checked on all platforms.
2020-11-22 11:11:32 +01:00
MarcoFalke
d4159984c3
Merge #20223: build: Drop the leading 0 from the version number
8f7b930475 Drop the leading 0 from the version number (Andrew Chow)

Pull request description:

  Removes the leading 0 from the version number. The minor version, which we had been using as the major version, is now the major version. The revision, which we had been using as the minor version, is now the minor version. The revision number is dropped. The build number is promoted to being part of the version number. This also avoids issues where it was accidentally not included in the version number.

  The CLIENT_VERSION remains the same format as previous as previously, as the Major version was 0 so it never actually got included in it.

  The user agent string formatter is updated to follow this new versioning.

  ***

  Honestly I'm just tired of all of the people asking for "1.0" that maybe this'll shut them up. Skip the whole 1.0 thing and go straight to version 22.0!

  Also, this means that the terminology we commonly use lines up with how the variables are named. So major versions are actually bumping the major version number, etc.

ACKs for top commit:
  jnewbery:
    Code review ACK 8f7b930475
  MarcoFalke:
    review ACK 8f7b930475 🎻

Tree-SHA512: b5c3fae14d4c0a9c0ab3b1db7c949ecc0ac3537646306b13d98dd0efc17c489cdd16d43f0a24aaa28e9c4a92ea360500e05480a335b03f9fb308010cdd93a436
2020-11-20 15:42:07 +01:00
Wladimir J. van der Laan
d9180c50b6
Merge #20145: contrib: add getcoins.py script to get coins from (signet) faucet
e9c8e6eea2 doc: add contrib/signet readme (Karl-Johan Alm)
355d0c4f6b contrib: add getcoins.py script to get coins from (signet) faucet (Karl-Johan Alm)

Pull request description:

  This adds a small python script that can be used to fetch Signet coins from the default (or custom) faucet.

ACKs for top commit:
  laanwj:
    Code and documentation review ACK e9c8e6eea2

Tree-SHA512: 9aaeb96bf0c636a38e2dbe4cfc8b3ef907b1c05d0b782ee51223014952e07ce45a071c7e99aa9aa7700196a67f8a47d74d13e5e8d6890b9be503acd2bacd4d4f
2020-11-19 12:09:19 +01:00
Wladimir J. van der Laan
47b6ad837c
Merge #20333: build: remove native_biplist dependency
7087440894 depends: native_ds_store 1.3.0 (fanquake)

Pull request description:

  `ds_store` [now takes advantage](36fb607940) of Pythons ability to decode binary [plists](https://docs.python.org/3/library/plistlib.html) (since 3.4), so we can drop its biplist dependency.

  The call to `biplist.Data()` in `custom_dsstore.py` doesn't seem to do anything, and from what I can tell can just be removed. i.e:
  ```diff
  diff --git a/contrib/macdeploy/custom_dsstore.py b/contrib/macdeploy/custom_dsstore.py
  index dc1c1882d..e475bc6c3 100755
  --- a/contrib/macdeploy/custom_dsstore.py
  +++ b/contrib/macdeploy/custom_dsstore.py
  @@ -47,6 +47,7 @@ alias.volume.disk_image_alias.target.filename = package_name_ns + '.temp.dmg'
   alias.volume.disk_image_alias.target.carbon_path = 'Macintosh HD:Users:\x00bitcoinuser:\x00Documents:\x00bitcoin:\x00bitcoin:\x00' + package_name_ns + '.temp.dmg'
   alias.volume.disk_image_alias.target.posix_path = 'Users/bitcoinuser/Documents/bitcoin/bitcoin/' + package_name_ns + '.temp.dmg'
   alias.target.carbon_path = package_name_ns + ':.background:\x00background.tiff'
  +assert(biplist.Data(alias.to_bytes()) == alias.to_bytes())
   icvp['backgroundImageAlias'] = biplist.Data(alias.to_bytes())
   ds['.']['icvp'] = icvp
  ```

ACKs for top commit:
  laanwj:
    ACK 7087440894

Tree-SHA512: 8ba3cf561937efe4a3daae8b0cb4de3bf9e425b3a9244161b09d94ee2b1bd4c3e21315fa70e495b19a052aabdc1731b3b6f346b63272d72d2762ced83237d02f
2020-11-19 11:39:00 +01:00
Wladimir J. van der Laan
cddcd22ab3
Merge #20288: script, doc: contrib/seeds updates
961f148cb1 doc: update contrib/seeds/README dnspython installation info (Jon Atack)
dd7b5f46d8 script: fix deprecation warning in makeseeds.py (Jon Atack)

Pull request description:

  Seen while reviewing #20237.

  1. Fix a deprecation warning in `contrib/seeds/makeseeds.py`
  ```
      makeseeds.py:139: DeprecationWarning: please use dns.resolver.resolve() instead
        asn = int([x.to_text() for x in dns.resolver.query('.'.join(
  ```
    - Per https://dnspython.readthedocs.io/en/latest/whatsnew.html, `dns.resolver.query()` was deprecated in `dnspython` version 2.0.0.

    - See https://dnspython.readthedocs.io/en/latest/resolver-class.html for more info on the resolver class.

  2. Update the `dnspython` dependency installation instructions in `contrib/seeds/README`

    - The markdown rendering can be seen here: https://github.com/jonatack/bitcoin/tree/contrib-seeds-fixups/contrib/seeds

ACKs for top commit:
  laanwj:
    code review ACK 961f148cb1

Tree-SHA512: f9c4f318a1a0d35b8de147d24b72c534a1f58eece31e7cfa00b4149a63b6a618d8ca0312f52fd8056f3c645cf2ee68574ca02319fddffdad919a70cd33395d33
2020-11-19 10:40:46 +01:00
Andrew Chow
8f7b930475 Drop the leading 0 from the version number
Removes the leading 0 from the version number. The minor version, which
we had been using as the major version, is now the major version. The
revision, which we had been using as the minor version, is now the minor
version. The revision number is dropped. The build number is promoted to
being part of the version number. This also avoids issues where it was
accidentally not included in the version number.

The CLIENT_VERSION remains the same format as previous as previously,
the Major version was 0 so that was never a factor in CLIENT_VERSION.
2020-11-18 12:00:57 -05:00
fanquake
a52ecc936a
build: set minimum supported macOS to 10.14 2020-11-18 21:46:09 +08:00
fanquake
8a715a6b17
build: Bump gitian descriptors to 0.22 2020-11-18 20:52:44 +08:00
fanquake
3457054c61
Merge #20346: script: modify security-check.py to use "==" instead of "is" for literal comparison
b6121edf70 swapped "is" for "==" in literal comparison (Tyler Chambers)

Pull request description:

  In Python 3.8+ literal comparisons using "is" instead of "==" produce a SyntaxWarning [source](https://docs.python.org/3.8/whatsnew/3.8.html#changes-in-python-behavior).

  I checked the entire devtools directory, this seems to be the only occurrence.

  This is a small fix, but removes the SyntaxWarning.
  Fixes: #20338

ACKs for top commit:
  hebasto:
    re-ACK b6121edf70, only squashed since my [previous](https://github.com/bitcoin/bitcoin/pull/20346#pullrequestreview-525934568) review.
  practicalswift:
    re-ACK b6121edf70: patch still looks correct
  theStack:
    utACK b6121edf70

Tree-SHA512: 82a43495d6552fbaa3b02b58f0930b049d27aa937fe44b47714e3c059f844cc494de20674557371cbccf24fb8873ecb7376fb965ae326847eed2b855ed2d59c6
2020-11-17 13:57:40 +08:00
fanquake
7087440894
depends: native_ds_store 1.3.0
native_ds_store now takes advantage of Pythons ability to decode binary
plists (since 3.4), so we can drop its biplist dependency.

The call to biplist.Data() in custom_dsstore doesn't seem to do anything,
and from what I can tell can just be removed.
2020-11-11 08:01:02 +08:00
Tyler Chambers
b6121edf70 swapped "is" for "==" in literal comparison
update lint-python.sh to include check F632
2020-11-09 10:21:51 -05:00
Wladimir J. van der Laan
f70eb51b05
Merge #20318: build: Ensure source tarball has leading directory name
faa2f06f5e scripted-diff: [build] Ensure source tarball has leading directory name (MarcoFalke)

Pull request description:

  This has been fixed in 0.20, so it needs to be fixed on master as well to avoid a regression

  #18945

ACKs for top commit:
  laanwj:
    ACK faa2f06f5e
  hebasto:
    ACK faa2f06f5e, tested gitian builds only.
  promag:
    ACK faa2f06f5e.

Tree-SHA512: e3b025c29c45b025002abc35262bb5d771f6cbd807f1c256c477c243685e93cd43ad9f642b38e3cf218590912abe6ea0ddfec3bfbef36f99080aad74ed6cc0af
2020-11-09 15:06:20 +01:00
MarcoFalke
faa2f06f5e
scripted-diff: [build] Ensure source tarball has leading directory name
-BEGIN VERIFY SCRIPT-
sed -i 's|git archive --|git archive --prefix="${DISTNAME}/" --|g'                          $(git grep -l 'git archive' ./contrib)
sed -i 's|tar -xf "\?${\?GIT_ARCHIVE}\?"\?|tar --strip-components=1 -xf "${GIT_ARCHIVE}"|g' $(git grep -l 'tar -xf'     ./contrib)
-END VERIFY SCRIPT-
2020-11-05 17:31:24 +01:00
Jonas Schnelli
04a69c200e macOS deploy: use the new plistlib API
See https://docs.python.org/3/library/plistlib.html.
The new API was added in 3.4 and old removed in 3.9.
2020-11-04 10:28:02 +01:00
Jon Atack
961f148cb1
doc: update contrib/seeds/README dnspython installation info 2020-11-02 20:54:59 +01:00
Jon Atack
dd7b5f46d8
script: fix deprecation warning in makeseeds.py
makeseeds.py:139: DeprecationWarning: please use dns.resolver.resolve() instead
  asn = int([x.to_text() for x in dns.resolver.query('.'.join(

per https://dnspython.readthedocs.io/en/latest/whatsnew.html
dns.resolver.query() was deprecated in dnspython version 2.0.0
2020-11-02 20:54:57 +01:00
Wladimir J. van der Laan
6866259fab net: Hardcoded seeds update for 0.21
Stats:

```
  IPv4   IPv6  Onion Pass
426728  59523   7900 Initial
426728  59523   7900 Skip entries with invalid address
426728  59523   7900 After removing duplicates
426727  59523   7900 Skip entries from suspicious hosts
123226  51785   7787 Enforce minimal number of blocks
121710  51322   7586 Require service bit 1
  4706   1427   3749 Require minimum uptime
  4124   1098   3681 Require a known and recent user agent
  4033   1075   3681 Filter out hosts with multiple bitcoin ports
   512    140    512 Look up ASNs and limit results per ASN and per net
```
2020-10-25 14:25:00 +01:00
RandyMcMillan
36e875b4c5 contrib: Add new versions to makeseeds.py and update gitignore 2020-10-25 14:08:33 +01:00
MarcoFalke
fa68755364
contrib: Fix gen_key_io_test_vectors.py imports 2020-10-16 13:48:17 +02:00
Karl-Johan Alm
e9c8e6eea2
doc: add contrib/signet readme 2020-10-16 12:50:18 +09:00
Andrew Chow
e87df82580 Add sqlite to travis and depends 2020-10-14 11:18:13 -04:00
Karl-Johan Alm
355d0c4f6b
contrib: add getcoins.py script to get coins from (signet) faucet 2020-10-14 08:27:32 +09:00
gr0kchain
8a4dcda414 doc: Added default signet config for linearize script 2020-09-25 14:37:22 +02:00
Gregory Sanders
759d94e70f Update zmq notification documentation and sample consumer 2020-09-22 11:34:30 -04:00
Jon Atack
062e6699c4
script: fix zmq_sub.py file permissions 2020-09-04 17:48:32 +02:00
Hennadii Stepanov
bd897ce79f
scripted-diff: Move previous_release.py to test/get_previous_releases.py
-BEGIN VERIFY SCRIPT-
OLD=contrib/devtools/previous_release.py
NEW=test/get_previous_releases.py
sed -i "s|$OLD|$NEW|g" $(git grep -l $OLD)
git mv $OLD $NEW
-END VERIFY SCRIPT-
2020-08-29 11:26:25 +03:00
fanquake
f306384f5a
Merge #19622: build: Drop ancient hack in gitian-linux descriptor
33a84e8f40 build: Update and sort package list in gitian-linux.yml (Hennadii Stepanov)
95051682be build: Drop old hack which is unneeded now (Hennadii Stepanov)

Pull request description:

  The hack was aimed to fix an issue in Ubuntu Trusty 14.04 (see #8188).
  The current hack implementation was added in #8315.

  On master (8db23349fe) this hack is effectively noop, and it is no longer needed.

  I see this PR as a step to removing `libfaketime` from gitian builds.

ACKs for top commit:
  dongcarl:
    tACK 33a84e8f40
  laanwj:
    Code review ACK 33a84e8f40

Tree-SHA512: 90036c555a500649ccc3d108bf11f09a9cfd2c92c0b598f7e0c0df63a713ae7abaf78f350b68c025470619c967223f45f6a235ad37a6ce1d1a0341ed34963ba0
2020-08-10 20:15:09 +08:00
Hennadii Stepanov
33a84e8f40
build: Update and sort package list in gitian-linux.yml
Virtual package 'binutils-gold' replaced with 'binutils'.
Explicitly added 'patch' package.
2020-08-05 18:08:47 +03:00