a9d0ebc262 Enable flake8 warnings for all currently non-violated rules (practicalswift)
4cbab15e75 tests: Fix accidental redefinition of previously defined variable via list comprehension (practicalswift)
0b9207efbe Enable flake8 warning for "list comprehension redefines 'foo' from line N" (F812) (practicalswift)
Pull request description:
* Enable `flake8` warnings for all currently non-violated rules
* Fix accidental redefinition via list comprehension
Tree-SHA512: 738b87789e99d02abb2c6b8ff58f65c0cbfeb93e3bf320763e033e510ebd0a4f72861bc8faaf42c14a056a5d4659c33dc70a63730a32cc15159559427bf21193
fabb72b contrib: Remove xpired 522739F6 key (MarcoFalke)
faeab66 contrib: Replace developer keys with list of pgp fingerprints (MarcoFalke)
Pull request description:
Having to host a copy of the keys in this repo was a common source of discussion and distraction, caused by problems such as:
* Outdated keys. Unclear whether and when to replace by fresh copies.
* Unclear when to add a key of a new developer or Gitian builder.
The problems are solved by
* Having no keys but only the fingerprints
* Adding a rule of thumb, when to add a new key
<strike>Moving the keys to a different repo solves none of these issues, but since the keys are not bound to releases or git branches of Bitcoin Core, they should live somewhere else.
Obviously, all keys are hosted and distributed on key servers, but were added to the repo solely for convenience and redundancy.
Moving the mirror of those keys to a different repo makes it less distracting to update them -- let's say -- prior to every major release.
I updated our `doc/release-process.md` to reflect the new location.
DEPENDS_ON https://github.com/bitcoin-core/gitian.sigs/pull/621
</strike>
Tree-SHA512: c00795a07603190e26dc4526f6ce11e492fb048dc7ef54b38f859b77dcde25f58ec4449f5cf3f85a5e9c2dd2743bde53f7ff03c8eccf0d75d51784a6b164e47d
This adds support for setting the environment variable `BUILDDIR`
to point to executables that are outside the source directory.
E.g. to invoke the tool when the build is in $PWD/build:
```bash
BUILDDIR=$PWD/build contrib/devtools/gen-manpages.sh
```
2b839ab Update chainparams comment for more info on service bits per dnsseed (Matt Corallo)
62e7642 Fall back to oneshot for DNS Seeds which don't support filtering. (Matt Corallo)
51ae766 Use GetDesireableServiceFlags in static seeds, document this. (Matt Corallo)
fb6f6b1 bluematt's testnet-seed now supports x9 (and is just a static list) (Matt Corallo)
Pull request description:
4440710 broke inserting entries into addrman from dnsseeds which
did not support service bits, as well as static seeds. Static seeds
were already being filtered by UA for 0.13.1+ (ie NODE_WITNESS), so
simply changing the default service bits to include NODE_WITNESS
(and updating docs appropriately) is sufficient. For DNS Seeds, not
supporting NODE_WITNESS is no longer useful, so instead use
non-filtering seeds as oneshot hosts irrespective of named proxy.
I've set my testnet-seed to also support x9, though because it is simply a static host, it may be useful to leave the support off so that it is used as a oneshot to get addresses from a live node instead. I'm fine with either.
Tree-SHA512: 3f17d4d2b0b84d876981c962d2b44cb0c8f95f52c56a48c6b35fd882f6d7a40805f320ec452985a1c0b34aebddb1922709156c3ceccd1b9f8363fd7cb537d21d
44407100f broke inserting entries into addrman from static seeds
(as well as dnsseeds which did not support service bits). Static
seeds were already being filtered by UA for 0.13.1+ (ie
NODE_WITNESS), so simply changing the default service bits to
include NODE_WITNESS (and updating docs appropriately) is
sufficient.
For DNS Seeds, we will later fix by falling back to oneshot if a
seed does not support filtering.
c9439e735a [Trivial] Update license year range to 2018 (Akira Takizawa)
Pull request description:
The same as #9617.
Happy new year! 😃
Tree-SHA512: 4b8fe343bf841da12157595bb51b59ac8e5cfa8ceb5910a499f26cff35c7ef8420dbf3ad8e5dd9f4225441e2fecff7fc6939f1a55f98ea51b57e420d326bda47
415f86c6ae [scripts] Add missing univalue file to copyright_header.py (fanquake)
Pull request description:
This needs to be added so that PRs like #12062 don't modify the subtree.
Tree-SHA512: 3642bdb0c8271ae700857a79fa5800b0c26c4b3f126d4406f224293817fb74d498fa1fc581d576ae747fbbb6952d4369fc4ab823ab48fd0946c1e8ccbe93cee6
2712742 doc: Update FreeBSD build instructions to use bdb4 (Wladimir J. van der Laan)
d95c83d contrib: FreeBSD compatibility in install_db4.sh (Wladimir J. van der Laan)
c0298b0 contrib: Make X=Y arguments work in install_db4 (Wladimir J. van der Laan)
b798f9b contrib: New clang patch for install_db4 (Wladimir J. van der Laan)
Pull request description:
This PR improves the BSD compatibility of the bdb4 installer script.
See #11921, #11868.
I've tested this on OpenBSD 6.2 (clang) and Ubuntu 16.04 (gcc).
This needs testing on OSX at least, ~~and on gcc/Linux to make sure that applying the patch unconditionally doesn't negatively affect gcc~~.
~~NB: this is not yet sufficient to make `install_db4.sh` work on FreeBSD, as we need to use yet another `sha256` tool there. But it's a step in the right direction.~~
### contrib: New clang patch for install_db4
Replace the clang patch with a new and improved version that also fixes the build issues with OpenBSD and FreeBSD's clang, and apply it unconditionally.
Thanks to @fanquake for finding the patch.
### contrib: Make X=Y arguments work in install_db4
Trailing X=Y arguments are supposed to be passed through unchanged to bdb's configure. This was not the case, at least with OpenBSD 6.2's shell.
Fix this by not storing the arguments in a temporary variable but passing "$@" through directly.
### contrib: FreeBSD compatibility in install_db4.sh
Unfortunately, FreeBSD uses yet another syntax for `sha256`.
Support FreeBSD's syntax too. Using `uname` is a bit of a hack but it works and I found no way to distinguish the two.
Tree-SHA512: 12461a58dfeb4834701891762efc747c8187d834f41d98c8451edee1402a3958c4842bbc02c61bacbc7b0d90cc6b020a2ca158b65304d9760c9f0d2052ff36d4
Unfortunately, FreeBSD uses yet another syntax for `sha256`.
Support FreeBSD's syntax too. Using `uname` is a bit of a hack but it
works and I found no way to distinguish the two.
Trailing X=Y arguments are supposed to be passed through unchanged
to bdb's configure. This was not the case, at least with OpenBSD
6.2's shell.
Fix this by not storing the arguments in a temporary variable but
passing "$@" through directly.
Replace the clang patch with a new and improved version that also fixes
the build issues with OpenBSD and FreeBSD's clang, and apply it
unconditionally.
This needs testing on OSX.
3121d76 doc: Update release notes for share/rpcauth/rpcauth.py rename (Henrik Jonsson)
3fdb297 Rename rpcuser.py to rpcauth.py (Henrik Jonsson)
Pull request description:
This script creates `rpcauth` entries for bitcoin.conf, not the deprecated `rpcuser` entry, so this changes the name of the script to match.
As discussed in #11830.
Tree-SHA512: cd71c2a4043ef1381d3810b057cc83be3fac612df576b91b683ef91fdb7998c534b3b97a3313845eb867dc4bf7cc42a1250474d2261ab3f9ed2f884ca8ebd9f4
13a81b19d Add quotes to variable assignment (as requested by @TheBlueMatt) (practicalswift)
683b9d280 Fix valid path output (practicalswift)
193c2fb4c Use bash instead of POSIX sh. POSIX sh does not support arrays. (practicalswift)
80f5f28d3 Fix incorrect quoting of quotes (the previous quotes had no effect beyond unquoting) (practicalswift)
564a172df Add required space to [[ -n "$1" ]] (previously [[ -n"$1" ]]) (practicalswift)
1e44ae0e1 Add error handling: exit if cd fails (practicalswift)
b9e79ab41 Remove "\n" from echo argument. echo does not support escape sequences. (practicalswift)
f6b3382fa Remove unused variables (practicalswift)
Pull request description:
Shell script cleanups:
* Add required space to `[ -n ]`.
* Avoid quote within quote.
* Exit if `cd` fails.
* Remove `\n` which is not handled by `echo`.
* ~~Remove redundant `$` in arithmetic variable expression.~~
* ~~Use `$(command)` instead of legacy form `` `command` ``.~~
* Arrays are not supported in POSIX `sh`. Use `bash` when arrays are used.
* ~~`[ foo -a bar ]` is not well defined, use `[ foo ] && [ bar ]` instead.~~
* ~~`[ foo -o bar ]` is not well defined, use `[ foo ] || [ bar ]` instead.~~
Tree-SHA512: 80f6ded58bce625b15b4da30d69d2714c633e184e62b21ed67d2c58e2ebaa08b4147593324012694d02bf4f1f252844cdff2fd1cf5e817ddb07e2777db7a6390
Instead of maintaining not-easily-tested instructions for building BerkeleyDB
in doc/build-unix.md, package the installation as a script in contrib/. This
allows shared usage from a number of contexts, e.g. Docker.
Thanks to @jonasschnelli, @laanwj for feedback.
2f041f0e7 contrib/init: Update openrc-run filename (Luke Dashjr)
Pull request description:
OpenRC changed their program binary names in 2014 (3 years ago), and using the old names has loud warnings now
Tree-SHA512: 2b81802b21c32b8df6010142f9593c0b6cc814a052f83b7f5654f6885566e8dbcaf4da772145fa2cf5d94c16c2fb488c5d4879f71021407c4d7b3a3b7e7ed21e
487aff421 Check subtree consistency in Travis (Pieter Wuille)
e1d0cc23a Improve git-subtree-check.sh (Pieter Wuille)
Pull request description:
Apparently many of our subtrees get modified by PRs in this repository, without getting noticed.
To improve upon this:
* Make git-subtree-check.sh capable of doing a weaker consistency check (that doesn't need access to external repositories), but which should be sufficient to detect unintended changes. It can be fooled by a fake subtree merge commit, but that would hopefully be obvious to reviewers.
* Make Travis invoke this subtree check for each of our subtrees.
Note that Travis is currently expected to fail on this PR, as 2 out of 4 subtrees (`src/secp156k1` and `src/univalue` have been modified directly in master).
Tree-SHA512: 465b680392d3daf38a8c1dda77d6f74b1d1c23324c378774777fb95aa673e119a8f7e3ccc124e41d97b5ac8975f3d79f3015797d2d309666582394364917ec4e
ab8e8b9 Remove unused variables in shell scripts. (practicalswift)
Pull request description:
Remove unused variables in shell scripts. Use `_` where we don't care about the result.
Tree-SHA512: 35049e79ee432c805f061456c32902a92811b5214d50ce6770b22d1442cc5999ed53cfe05bb2347f6995ca33c707a0f3fe92d5829c0385c4a3e254953924cbc4
16be7dd Improve bitcoind systemd service file (Florian Schmaus)
Pull request description:
Add comment how further options can be added or existing ones
modified. Use /run/${RuntimeDirectory} for PID file.
Remove TimeoutStopSec, TimeoutStartSec, StartLimitInterval,
StartLimitBurst directives as those should be set indivdually.
Remove Group to user the bitcoin user's default group.
Changed Restart from 'always' to 'on-failure' (can also be overwritten
individually).
Tree-SHA512: f76674c11fd6e3faaf786aa05686926523d9c875aad6b776337f800108fdb716470286805c532b494f8cf713cb5eea6b735e1c7c238ffb407a5cc909dda41aa4
We have several pieces of information about subtrees:
1) What their current directory contents is
2) What their directory contents was at the time of the last subtree merge
3) What the directory contents of the upstream project is in the commit referred to by the subtree merge.
Normally, all 3 should be identical. git-subtree-check.sh so far only compared (1) with (3) however.
Fix this by comparing all three, and give some more useful diff output in the case of mismatch.
The added benefit is that (1) and (2) can be compared without needing to see the upstream repository.
fae60e3 qa: Fix lcov for out-of-tree builds (MarcoFalke)
fae2673 qa: check-rpc-mapping must not run on empty lists (MarcoFalke)
Pull request description:
Random qa fixups:
* `make cov` should work for out-of-tree builds
* `check-rpc-mappings.py` should assert that it is actually checking something and the lists are not empty.
Tree-SHA512: 2b66f69d6a1ae035c772f8ceb1d58dce904d98058330dad6ccb1421941e167aa748fe1c12126b87f43b0843f51fa85d89de079d586629fcaf8261c44a8dc6053
ab5bba778 Fix launchctl not being able to stop bitcoind (Alejandro Avilés)
Pull request description:
`bitcoind` should not be launched as daemon from the Launch Agent. Otherwise, the process cannot be stopped from `launchctl stop`/`launchctl unload`.
To reproduce the issue:
```console
$ launchctl load ~/Library/LaunchAgents/org.bitcoin.bitcoind.plist
$ pgrep -fla bitcoin
60225 /usr/local/opt/bitcoin/bin/bitcoind
$ launchctl unload ~/Library/LaunchAgents/org.bitcoin.bitcoind.plist
```
Wait a few seconds and then run `pgrep` again:
```console
$ pgrep -fla bitcoin
60225 /usr/local/opt/bitcoin/bin/bitcoind
```
The node is still running. This happens because Launch Agent is not supposed to run programs as daemons, since the agent makes sure they run in the background. Running them as daemons makes the Launch Agent lose control of the process and, so, it cannot be stopped.
Tree-SHA512: 5342e1a858e478a226a1db292f1b8f8666bb252ee951753b131902c325ea3d47592cf245298decb423ac658a3175761b54dc2e7df6feea5343d65ba255613f67
884913041 Remove lxcbr0 lines from gitian-build.sh (MeshCollider)
Pull request description:
The `gitian-build.sh` script crashes with an error when I tried to use it, @kallewoof also had this same issue:
lxcbr0: ERROR while getting interface flags: No such device
SIOCSIFADDR: No such device
lxcbr0: ERROR while getting interface flags: No such device
And then:
lxc-execute: failed to find gateway addresses
lxc-execute: failed to spawn 'gitian'
./bin/gbuild:21:in `system!': failed to run make-clean-vm --suite trusty --arch amd64 (RuntimeError)
I believe it's because of the two lines which this PR removes, I tested it and seems to work as expected now. These lines are unique to this script and aren't mentioned in `gitian-building.md` or `release-process.md`. We discussed it on IRC, @achow101 agrees removing these lines would probably fix it: https://botbot.me/freenode/bitcoin-core-dev/2017-09-19/?msg=91299782&page=2
Has anyone successfully used this script as-is? Or does everyone else manually run the builds/write their own script like I have up til this point?
Tree-SHA512: 0cffd3df307ad107fb1d4bae45094fc5002b56c2fe64f03642d968659fdc62f586ba249dbc540b69058b276f2456962e5bc4d665cab21ef1f561735eb78afcc2
Lint checks should not test these, they are historical documents,
and we don't want to encourage silly changes to them to satisfy
a checker.
Hopefully makes travis pass again on master.
Tree-SHA512: 37e6716c4fd5e8a4e579f9b84042e6b0ac224836b6c851cd1ca3f7d46611ffd3003bed0ae08dd0457f69d6eaa485a0d21c631e7ef16b14bdb0f2f78ea700332d
This adds a new CHECK_DOC check that looks for newly introduced trailing
whitespace. Existing trailing whitespace (of which there is plenty!)
will not trigger an error.
This is written in a generic way so that new lint-*.sh scripts can be
added to contrib/devtools/, as I'd like to contribute additional lint
checks in the future.
77aa9e59e test: Check RPC argument mapping (Wladimir J. van der Laan)
Pull request description:
Parse the dispatch tables from the server implementation files, and the conversion table from the client (see #10751).
Perform the following consistency checks:
- Arguments defined in conversion table, must be present in dispatch table. If not, it was probably forgotten to add them to the dispatch table, and they will not work.
- Arguments defined in conversion table must have the same names as in the dispatch table. If not, they will not work.
- All aliases for an argument must either be present in the conversion table, or not. Anything in between means an oversight and some aliases won't work.
Any of these results in an error.
It also performs a consistency check to see if the same named argument is sometimes converted, and sometimes not. E.g. one RPC call might have a 'verbose' argument that is converted,
another RPC call might have one that is not converted. This is not necessarily wrong, but points at a possible error (as well as makes the API harder to memorize) - so it is emitted as a warning (could upgrade this to error).
This test is added to travis and run when `CHECK_DOC`. Currently fails with the following output:
```
* Checking consistency between dispatch tables and vRPCConvertParams
ERROR: createrawtransaction argument 3 (named optintorbf in vRPCConvertParams) is not defined in dispatch table
ERROR: getblock argument ['verbosity', 'verbose'] has conflicts in vRPCConvertParams conversion specifier [True, False]
WARNING: conversion mismatch for argument named verbose ([('getblock', False), ('getblockheader', True), ('getmempoolancestors', True), ('getmempooldescendants', True), ('getrawmempool', True), ('getrawtransaction', True)])
```
- ~#10698 fixes the first ERROR~
- #10747 fixes the second ERROR, as well as the WARNING
Update: #10698 was merged, leaving:
```
* Checking consistency between dispatch tables and vRPCConvertParams
ERROR: getblock argument ['verbosity', 'verbose'] has conflicts in vRPCConvertParams conversion specifier [True, False]
WARNING: conversion mismatch for argument named verbose ([('getblock', False), ('getblockheader', True), ('getmempoolancestors', True), ('getmempooldescendants', True), ('getrawmempool', True), ('getrawtransaction', True)])
```
Tree-SHA512: feabebfbeda5d4613b2b9d5265aa6bde4e1a0235297ffd48fa415ad7edc531d9ed7913fe76d191ac60d481a915a326f216bc93de3c671e45e1d14e97d07dea7a
Parse the dispatch tables from the server implementation files,
and the conversion table from the client.
Perform the following consistency checks:
- Arguments defined in conversion table, must be present in dispatch
table. If not, it was probably forgotten to add them to the
dispatch table, and they will not work.
- Arguments defined in conversion table must have the same names as
in the dispatch table. If not, they will not work.
- All aliases for an argument must either be present in the
conversion table, or not. Anything in between means an oversight
and some aliases won't work.
Any of these results in an error.
It also performs a consistency check to see if the same
named argument is sometimes converted, and sometimes not. E.g.
one RPC call might have a 'verbose' argument that is converted,
another RPC call might have one that is not converted. This is not
necessarily wrong, but points at a possible error (as well as
makes the API harder to memorize) - so it is emitted as a warning
(could upgrade this to error).
ce3baa193 changed regtest RPCport to 18443 to avoid conflict with testnet 18332 (Ferdinando M. Ametrano)
Pull request description:
using the same JSON-RPC default port for both testnet and regtest prevents running both at the same time on the same machine. Since RPCport=P2Pport-1 for both mainnet and testnet, and regtest P2Pport being 18444, 18443 is proposed for regtest RPCport
Documentation has been updated (or created where missing); manpages doc/man/bitcoin*.1 could include information for regtest too
Tree-SHA512: d42185f7ef54dc918ece19b543c8681d08bb9c5a971394e21f2d9a1091734b091b08df69fab622c207b46f402cf9323ded5b7a33fbd0af722388930169124e7f
Fetch the destination branch as well as PR in one go. Saves a few
seconds (as well as one ssh authentication, when using a yubikey) when
using github-merge.py.
Release version strings were broken in Gitian by 7522. This is a minimal fix
suitable for 0.15.
After this, we should fix up version handling for good so that gitian packages
the correct string in the release tarball, so that git is not required to get
the tag name.
Includes known Valgrind warnings in our dependencies that cannot be fixed in-tree.
Example use:
```
$ valgrind --suppressions=contrib/valgrind.supp src/test/test_bitcoin
$ valgrind --suppressions=contrib/valgrind.supp --leak-check=full \
--show-leak-kinds=all src/test/test_bitcoin --log_level=test_suite
```
1d8df0141 Fix MD formatting in REST-interface.md and spelling mistake in test_runner.py (MeshCollider)
41f3e84aa Fix inconsistencies and grammar in various files (MeshCollider)
Pull request description:
Just a simple fix of some inconsistent capitalization, formatting and grammar in a few files (no code changes)
Tree-SHA512: 60b12a5a5c69a1af4a25b7db0b32ed806ed62ad2966cee08b3792a7cfa7f51848fd485349b4c09e60a7eedfdf55ee730c51daa066d6e226ae404c93342bf3e13
f42fc1d50 doc: spelling fixes (klemens)
Pull request description:
patch contains some spelling fixes ( just in comments ) as found by a bot ( http://www.misfix.org, https://github.com/ka7/misspell_fixer ).
Tree-SHA512: ba6046cfcd81b0783420daae7d776be92dd7b85a593e212f8f1b4403aca9b1b6af12cef7080d4ea5ed4a14952fd25e4300109a59c414e08f5395cdb9947bb750
475c08c Add PR description to merge commit in github-merge.py (Pieter Wuille)
Pull request description:
There is often some context given in PR descriptions that is missing from commits, and it may be worthwhile to retain that information in our history in git. This PR adds that information to the merge commit when created through `github-merge.py`.
We should also encourage people to provide as much information as possible in the PR commits themselves, but I believe that is an orthogonal issue. Individual commits don't need to have a description of the overall goal of a PR.
Tree-SHA512: cbae46ec24ce911744e11a07e5d51895d3acc79659db306d8124304ef8e422bba99001ee2a741b08c92a5eb39d9c3f6b723622b20d6553ca5cfa0a8de866194c
3c85332 contrib: Update laanwj key (Wladimir J. van der Laan)
Tree-SHA512: c8cad76158850a3e480ccb58ee86c3dbb4e45ef67376173720c2520d3cb02c1c3e13b4e0acea3be6d90991e073db49aad2e185a87a09be194f1d1605b31b6ee4
I recently added a signing subkey, which is used to sign gitian
asserts as well as commits.
Old:
```
pub rsa2048/0x74810B012346C9A6 2011-08-24
uid Wladimir J. van der Laan <laanwj@gmail.com>
sub rsa2048/0xF69705ED890DE427 2011-08-24
```
New:
```
pub rsa2048/0x74810B012346C9A6 2011-08-24 [expires: 2019-02-14]
uid Wladimir J. van der Laan <laanwj@visucore.com>
uid Wladimir J. van der Laan <laanwj@gmail.com>
sub rsa2048/0xF69705ED890DE427 2011-08-24
sub rsa2048/0x1E4AED62986CD25D 2017-05-17 [expires: 2019-05-17]
sub rsa2048/0x69B4C4CDC628F8F9 2017-05-17 [expires: 2019-05-17]
```
d5711f4 Filter subtrees and and benchmarks from coverage report (Andrew Chow)
405b86a Replace lcov -r commands with faster way (Andrew Chow)
c8914b9 Have `make cov` optionally include branch coverage statistics (Andrew Chow)
Tree-SHA512: 9c349a7baeb7430ea586617c52f91177df58e3546d6dc573e26815ddb79e30ab1873542d85ac1daca5e1fb2c6d6c8965824b42d027b6b0496a744af57b095852
A few "a->an" and "an->a".
"Shows, if the supplied default SOCKS5 proxy" -> "Shows if the supplied default SOCKS5 proxy". Change made on 3 occurrences.
"without fully understanding the ramification of a command" -> "without fully understanding the ramifications of a command".
Removed duplicate words such as "the the".
5432fc3 Fail on commit with VERIFY SCRIPT but no scripted-diff (Pieter Wuille)
Tree-SHA512: 687b6c825f6f882f9c8e9d301bc893383710bad70216fa40b95f7e24d83a7148f9c759c3e4bd905a6cd26960829f8f6bd03106dc6c83ac312bf34ad239917018
Remove leveldb baseline coverage gathering.
Added filter rules to remove all of the subtress (leveldb, secp256k1, ctaes, univalue) and
benchmarking from the coverage report. These items are unnecessary as we do not test for any
of the subtrees and benchmark coverage is unneeded.
Instead of using lcov -r (which is extremely slow), first use a python script to perform bulk cleanup of the /usr/include/* coverage. Then use lcov -a to remove the duplicate entries. This has the same effect of lcov -r but runs significantly faster
Downloading all the binaries of all platforms can take quite long,
especially for slow connections, which may deter people from using
this script and, therefore, to disregard security altogether.
This change introduces the new possibility of specifying the
platform along with the version number, so that only the binaries
that contain the platform name are downloaded.
Add comment how further options can be added or existing ones
modified. Use /run/${RuntimeDirectory} for PID file.
Remove TimeoutStopSec, TimeoutStartSec, StartLimitInterval,
StartLimitBurst directives as those should be set indivdually.
Remove Group to user the bitcoin user's default group.
Changed Restart from 'always' to 'on-failure' (can also be overwritten
individually).
ac9cd95 contrib: Update location of seeds.txt (Wladimir J. van der Laan)
Tree-SHA512: c12a75787ba87f03707c21731da083b466762a7e0af9ca501107695ea1074025907cc24805c7c87f4a66daa7f4f13e574da16be1681e61deaf1acbd72176b3ff
ed1fcdc Bugfix: Detect genbuild.sh in repo correctly (Luke Dashjr)
e98e3dd Bugfix: Only use git for build info if the repository is actually the right one (Luke Dashjr)
Tree-SHA512: 510d7ec8cfeff4e8e0c7ac53631eb32c7acaada7017e7f8cc2e6f60d86afe1cd131870582e01022f961c85a783a130bcb8fef971f8b110070c9c02afda020726
91700aa Re-enable upnp support in contrib/debian (Matt Corallo)
c5071e1 Build with QT5 on Debian-based systems using contrib/debian (Matt Corallo)
a8e9286 Bump minimum boost version in contrib/debian (Matt Corallo)
9970219 Update contrib/debian to latest Ubuntu PPA upload. (Matt Corallo)
Tree-SHA512: ee4d3c5927a9cfb2794672eaca883c4af5df541383afbdbc6500714ee17518e78b58f509b2e9805bbc424ef97a5e64be0b9a977212c5002cb682f0569d28099b
This:
* Partially reverts 9f68ed6 (which fixed spelling in a changelog,
though generally changelogs should be append-only).
* Disables UPnP support (PPA has not had it for a while, and I
still don't trust miniupnpc, plus it seems uneccessary - its
been a while since we needed to care about Bitcoin-Qt home users
getting their inbound ports auto-mapped).
* Enables ZMQ.
* Forces GUI to Qt4 to fix various issues people have been seeing
on Ubuntu and elsewhere with Qt5.
* Reverts 70899d70b (Bitcoin does not enable "instant payments",
not is transaction management "carried out collectively by the
network", for whatever "transaction management" means, finally
Bitcoin Core is not the only way to use the Bitcoin currency,
as seemingly implied in the description).
b508424 contrib: github-merge improvements (Wladimir J. van der Laan)
Tree-SHA512: 56a34e887716bf6bfcd1b6520f6b9a1bb742e1ad17e75618caf982af71fceb75d50caec1bf4279cb9a2f7a74319f1bcec4c824682841bd6e994acc0991616451
Some minor github-merge improvements I've made over time:
User interface:
- Print merge details again before signing off, to refresh your memory -
usually I'll have done lots of different things in the shell so this
will have scrolled out a long time ago.
- Require a valid answer on the prompts. One of the requested answers
must be typed, if not, the prompt will re-ask. This prevents
accidentally rejecting.
Efficiency:
- Condense "accept merge" and "sign off" prompts. There's no reason to
have this as two separate prompts, both are just opportunities to skip
out on the merge, no action is performed in between.
Merging:
- Strip spaces from github title. This avoids redundant spaces
surrounding it from getting into the commit message.
b99fbad Fix init README format to render correctly on github (Jameson Lopp)
Tree-SHA512: 52b8ed9661e48e830c9e0c0e9aa670fe8d1a3848426d2d854494b477a9926f286d87e0586c2bc63f433136f8e5acd2cab3ab1f616380fb517c5a8f9d34ed52da
c0651cc Update bitcoin.conf with example for pruning (Kyle Honeycutt)
Tree-SHA512: f27180ac5d5a4bd32c7a63de156ca14eb8068509e64d386ca84ee16d0dacfa8e1bab9a8e7b88175fae12c8d823f71f8705d413f224a15d5aa7cf059f416fa023
This option is becoming more popular recently, and I propose an example to be shown in the bitcoin.conf.
pruning comments
updated and corrected pruning comments
Revised details on pruning in bitcoin.conf
Revised details on pruning in bitcoin.conf
spelling and space
spelling and space
add details on pruning in bitcoin.conf
Adds a datadir configuration option to the linearize scripts to allow the script to use the RPC cookie instead of requiring the user to set a rpcuser and rpcpassword for the rpc server.
This changes tree_sha512sum() to requests the objects for hashing from
git instead of from the working tree.
The change should make the process more deterministic (it hashes what
will be pushed) and hopefully avoids the frequent miscomputed SHA512's
that happen now.
df5bae2 Update trusted-sha512-root-commit for new bad tree hash (Matt Corallo)
efc06c2 If GNU sha512sum is missing, try perl shasum in verify-commits (Matt Corallo)
8ed849f Fix travis failing to fetch keys from the sks keyserver pool (Matt Corallo)
fd5e905 Make verify-commits.sh non-recursive (Matt Corallo)
Tree-SHA512: 457cc81d6e0a77ab32d030ecd058c59857f22cb998a1394593e115639081f3fdc74a6376035b77be0712ad5cb9143bc3f498b77e99eb66034492dbbb38c39bc6
09fe2d9 release: update docs to show basic codesigning procedure (Cory Fields)
f642753 release: create a bundle for the new signing script (Cory Fields)
0068361 release: add win detached sig creator and our cert chain (Cory Fields)
Tree-SHA512: 032ad84697c70faaf857b9187f548282722cffca95d658e36413dc048ff02d9183253373254ffcc1158afb71140753f35abfc9fc8781ea5329c04d13c98759c0
bbd7579 Fix regsig checking for subkey sigs in verify-commits (Matt Corallo)
d025bc7 Allow any subkey in verify-commits (Matt Corallo)
eddc77a Add comment re: why SHA1 is disabled (Peter Todd)
d9c450f Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1 (Matt Corallo)
be908a6 Fail merge if there are any symlinks (Matt Corallo)
Tree-SHA512: bb66c59cc1c6b1c86d7d8be7adb0769c6598c0e28ad927409941f30af87d390521e82fc13700ee22e92db1bd571db3e19a152ec7b2c0349c6e06f5de62c0b65f
This removes the option from the wallet to not pay a fee on "small"
transactions which spend "old" inputs.
This code is no longer worth keeping around, as almost all miners
prefer not to include transactions which pay no fee at all.
b471daf Adddress nits, use asyncio signal handling, create_task (Bob McElrath)
4bb7d1b Add python version checks and 3.4 example (Bob McElrath)
5406d51 Rewrite to not use Polling wrapper for asyncio, link to python2.7 example (Bob McElrath)
5ea5368 ZMQ example using python3 and asyncio (Bob McElrath)
7179e7c qt: Periodic translations update (Wladimir J. van der Laan)
5e903a5 devtools: Handle Qt formatting characters edge-case in update-translations.py (Wladimir J. van der Laan)
If both numeric format specifiers and "others" are used, assume we're
dealing with a Qt-formatted message. In the case of Qt formatting (see
https://doc.qt.io/qt-5/qstring.html#arg) only numeric formats are
replaced at all. This means "(percentage: %1%)" is valid (which was
introduced in #9461), without needing any kind of escaping that would be
necessary for strprintf. Without this, this function would wrongly
detect '%)' as a printf format specifier.
ba94426 Test that pushes to bitcoin/bitcoin are signed per verify-commits (Matt Corallo)
3e900ac Require merge commits merge branches on top of other merge commits (Matt Corallo)
Specifically, require that the left branch (first restult of git
show -s --format=format:%P) is a signed merge commit, instead of
allowing either. This is fine for now, but might need to be relaxed
in the future.
Also fixes an out-of-file-descriptors issue by holding too many
open FDs writing to /dev/null
- The last-timestamp-encountered variable wasn’t being used properly. Rewrite code to properly allow for new blockchain files to be written when split by month.
- Properly set a blockchain file’s access and modify times.
- Add a “debug output” option to quiet certain output that might not always be desirable.
- Update the README.
Also change the mac filename to match
The procedure remains the same, but now there's a nifty script to automate
the signing process.
Future steps:
- Build osslsigncode in the gitian-win descriptor so that the signer itself is
deterministic.
- Verify in the gitian-win-signer descriptor that the expected cert chain was
used.
To ensure that this is the correct chain, it is pulled from a previous release
binary.
Procedure:
$ osslsigncode extract-signature -pem -in bitcoin-0.13.2-win32-setup.exe \
-out bitcoin-0.13.2-win32-setup.exe.pem
$ openssl pkcs7 -print_certs -in bitcoin-0.13.2-win32-setup.exe.pem \
-out win-codesign.cert
Hand-edit to remove comments, as well as the timestamp cert.
Three categories of modifications:
1)
1 instance of 'The Bitcoin Core developers \n',
1 instance of 'the Bitcoin Core developers\n',
3 instances of 'Bitcoin Core Developers\n', and
12 instances of 'The Bitcoin developers\n'
are made uniform with the 443 instances of 'The Bitcoin Core developers\n'
2)
3 instances of 'BitPay, Inc\.\n' are made uniform with the other 6
instances of 'BitPay Inc\.\n'
3)
4 instances where there was no '(c)' between the 'Copyright' and the year
where it deviates from the style of the local directory.
The consistency is helpful for gauging Gitian build progress. Right now it's necessary to remember which platform builds in which order, which can be confusing if you're attempting to get a quick idea of how far along your builds are.
62c2915 build: supply `-Wl,--high-entropy-va` (Wladimir J. van der Laan)
9a75d29 devtools: Check for high-entropy ASLR in 64-bit PE executables (Wladimir J. van der Laan)
d19583f improved gen-manpages.sh, includes bitcoin-tx and strips commit tag, now also runs binaries from build dir by default, added variables for more control (nomnombtc)
09546ca regenerated all manpages with commit tag stripped, also add bitcoin-tx (nomnombtc)
ae6e754 change help string --enable-man to --disable-man (nomnombtc)
a32c102 add conditional for --enable-man, default is yes (nomnombtc)
dc84b6f add doc/man to subdir if configure flag --enable-man is set (nomnombtc)
00dba72 add doc/man/Makefile.am to include manpages (nomnombtc)
eb5643b add autogenerated manpages by help2man (nomnombtc)
6edf2fd add gen-manpages.sh description to README.md (nomnombtc)
d2cd9c0 add script to generate manpages with help2man (nomnombtc)
Three subcommands to this script:
1) ./copyright_header.py report
Examines git-tracked files with extensions that match:
INCLUDE = ['*.h', '*.cpp', '*.cc', '*.c', '*.py']
Helps to:
-> Identify source files without copyright
-> Identify source files added with something other than "The Bitcoin Core
developers" holder so we can be sure it is appropriate
-> Identify unintentional typos in the copyright line
2) ./copyright_header.py update
Replaces fix-copyright-headers.py. It does file editing in native python
rather than subprocessing out to perl as was the case with
fix-copyright-headers.py. It also shares code with the 'report' functions.
3) ./copyright_header.py insert
Inserts a copyright header into a source file with the proper format and
dates.
3fe0b68 Set defaults to gitian defaults (Andrew Chow)
6ffd6b4 Create option to detach sign gitian builds and not commit the files in the script (Andrew Chow)
498d8da Check for OSX SDK (Andrew Chow)
eda4cfb Create an easy to use gitian building script (Andrew Chow)
fafe7b3 contrib: Make fix-copyright-headers.py more portable (MarcoFalke)
fa27c0a [doc] Fix typos in comments, doxygen: Fix comment syntax (MarcoFalke)
fabfd5d [qa] pull-tester: Don't mute zmq ImportError (MarcoFalke)
67a5502 init: Fix typo in help message for -whitelistforcerelay (Wladimir J. van der Laan)
I've written a script that automates the setup and building of binaries with gitian. All of the commands are pulled from various documentation on gitian building.
C_INCLUDE_PATH and CPLUS_INCLUDE_PATH work globally as though -isystem was used
for each invocation.
Since that changes the build results, force a rebuild of x86 depends by adding
the value to $HOST_ID_SALT.
* separate completion for bitcoind and bitcoin-cli
* remove RPC support from bitcoind completion
* add completion for bitcoin-tx and bitcoin-qt
* rely on autoloading of completions
1e9aab0 Remove sipa's old revoked key from verify-commits (Peter Todd)
966151e Add README for verify-commits (Peter Todd)
11164ec Remove keys that are no longer used for merging (Peter Todd)
22421fa Remove pointless warning (Peter Todd)
9523e8a Make verify-commits path-independent (Matt Corallo)
f7d4a25 Make verify-commits POSIX-compliant (Matt Corallo)
Now that the trusted root is past all commits signed by that key we don't need
it in the trusted-keys list, nor do we need to whitelist those commits in
allow-revsig-commits
- create a script to handle split debug. This will also eventually need to check
targets, and use dsymutil for osx.
- update config.guess/config.sub for bdb for aarch64.
- temporarily disable symbol checks for arm/aarch64
- quit renaming to linux32/linux64 and use the host directly
This also adds a hack to work around an Ubuntu bug in the gcc-multilib package:
https://bugs.launchpad.net/ubuntu/+source/gcc-defaults-armhf-cross/+bug/1347820
The problem is that gcc-multilib conflicts with the aarch toolchain.
gcc-multilib installs a symlink that points
/usr/include/asm -> /usr/include/x86_64-linux-gnu/asm.
Without this link, gcc -m32 can't find asm/errno.h (and others), since
/usr/include/x86_64-linux-gnu isn't in its default include path. But
/usr/include/i386-linux-gnu is (though it doesn't exist on disk).
So work around the problem by linking
/usr/include/i386-linux-gnu/asm -> /usr/include/x86_64-linux-gnu/asm.
The symlink fix is actually quite reasonable, but echoing the password into
sudo is nasty, and should probably be addressed in gitian itself. It makes more
sense to enable passwordless sudo for the build user by default.
The -debug tarballs/zips contain detached debugging symbols. To use them, place
in the same dir as the target binary, and invoke gdb as usual.
Also, because the debug symbols add a substantial space requirement, the build
dirs are now deleted when they're no longer needed.
Any attacker who managed to make an evil commit that changed something in the
contrib/verify-commits/ directory could just as easily remove the warning
and/or modify it to not display the evil commits; telling the user to check
those commits specifically misleads them into checking just those commits
rather than the script itself.
f154470 [contrib] Remove reference to sf and add doc to verify.sh (MarcoFalke)
182bec4 contrib: remove hardcoded version from verify.sh (Wladimir J. van der Laan)
c907f4d doc: Update release process (Wladimir J. van der Laan)
This removes the following executables from the binary gitian release:
- test_bitcoin-qt[.exe]
- bench_bitcoin[.exe]
@jonasschnelli and me discussed this on IRC a few days ago - unlike the
normal `bitcoin_tests` which is useful to see if it is safe to run
bitcoin on a certain OS/environment combination, there is no good reason
to include these. Better to leave them out to reduce the download
size.
Sizes from the 0.12 release:
```
2.4M bitcoin-0.12.0/bin/bench_bitcoin.exe
22M bitcoin-0.12.0/bin/test_bitcoin-qt.exe
```
As we are already using the API to retrieve the pull request
title, also retrieve the base branch.
This makes sure that pull requests for 0.12 automatically end up in
0.12, and pull requests for master automatically end up in master,
and so on.
It is still possible to override the branch from the command line
or using the `githubmerge.branch` git option.
Ubuntu 16.04 "xenial xerus" does not come with Python 2.x by default.
It is possible to install a python-2.7 package, but this has its own
problem: no `python` or `python2` symlink (see #7717).
This fixes the following scripts to work with python 3:
- `make check` (bctest,py, bitcoin-util-test.py)
- `make translate` (extract_strings_qt.py)
- `make symbols-check` (symbol-check.py)
- `make security-check` (security-check.py)
Explicitly call the python commands using $(PYTHON) instead
of relying on the interpreter line at the top of the scripts.
This makes github-merge.py the first developer tool to go
all Python 3 (for context see #7717).
The changes are straightforward as the script already was
`from __future__ import division,print_function,unicode_literals`.
However urllib2 changed name, and json will only accept unicode data not
bytes.
This retains py2 compatibility for now: not strictly necessary
as it's not used by the build system - but it was easy.
43abb02 [Qt] Add a new chevron/arrow icon for the console prompt line (Jonas Schnelli)
56c9e66 [Qt] keep scroll position in GUI console after changing font size (Jonas Schnelli)
3a3a927 [Qt] Add option to increase/decrease font size in the console window (Jonas Schnelli)
Use 'utf-8' instead of the Python 2 default of 'ascii' to encode/decode
commit messages.
This can be removed when switching to Python 3, as 'utf-8' is the
default there.
Necessary for merging #7422 due to the ฿ in ฿tcDrak.
3b468a0 gitian: Need `ca-certificates` and `python` for LXC builds (Wladimir J. van der Laan)
99fda26 doc: Make networking work inside builder in gitian-building.md (Wladimir J. van der Laan)
This is meant to be a direct translation of the bash script,
with the difference that it retrieves the PR title from github,
thus creating pull messages like:
Merge #12345: Expose transaction temperature over RPC
------------------------------------------------------------------------
r249567 | djasper | 2015-10-07 19:00:20 +0200 (Wed, 07 Oct 2015) | 2 lines
clang-format: Add include sorting capabilities to sublime, emacs and
clang-format-diff.py.
------------------------------------------------------------------------
r231926 | djasper | 2015-03-11 15:58:38 +0100 (Wed, 11 Mar 2015) | 3 lines
clang-format: Recognize the .ts (TypeScript) extension as JavaScript.
Patch by Martin Probst. Thank you.
------------------------------------------------------------------------
r223685 | djasper | 2014-12-08 20:39:03 +0100 (Mon, 08 Dec 2014) | 1 line
clang-format: Make clang-format-diff.py format java files.
------------------------------------------------------------------------
r221990 | djasper | 2014-11-14 14:27:28 +0100 (Fri, 14 Nov 2014) | 4 lines
clang-format: Give clang-format-diff.py a -v option.
With it, it prints the file being formatted. Apparently people are
formatting thousands of files and some progress indication is helpful.
------------------------------------------------------------------------
r216945 | ed | 2014-09-02 22:59:13 +0200 (Tue, 02 Sep 2014) | 6 lines
Use /usr/bin/env python instead of /usr/bin/python.
On operating systems like the BSDs, it is typically the case that
/usr/bin/python does not exist. We should therefore use /usr/bin/env
instead. This is also done in various other scripts in tools/.
------------------------------------------------------------------------
r208766 | djasper | 2014-05-14 11:36:11 +0200 (Wed, 14 May 2014) | 1 line
clang-format: Add clang-format-diff usage examples for SVN.
------------------------------------------------------------------------
r199750 | djasper | 2014-01-21 16:40:01 +0100 (Tue, 21 Jan 2014) | 3 lines
clang-format: Enable formatting for .proto and .protodevel files.
Support for protocol buffer files seems complete enough.
------------------------------------------------------------------------
r197668 | djasper | 2013-12-19 11:21:37 +0100 (Thu, 19 Dec 2013) | 1 line
Fix usage description of clang-format-diff.py.
------------------------------------------------------------------------
r197608 | alp | 2013-12-18 22:34:07 +0100 (Wed, 18 Dec 2013) | 7 lines
clang-format-diff.py: fix -regex/-iregex matching
While debating the finer points of file extension matching, we somehow missed
the bigger problem that the current code will match anything starting with the
default or user-specified pattern (e.g. lit.site.cfg.in).
Fix this by doing what find(1) does, implicitly wrapping the pattern with ^$.
------------------------------------------------------------------------
r197542 | alp | 2013-12-18 01:58:58 +0100 (Wed, 18 Dec 2013) | 3 lines
clang-format-diff.py: add the OpenCL file extension
It's handled correctly as a C-family language.
------------------------------------------------------------------------
r197378 | alexfh | 2013-12-16 11:57:30 +0100 (Mon, 16 Dec 2013) | 14 lines
Added -iregex for case-insensitive regex to filter file names.
Summary:
-regex and -iregex both mimic options of the find utility.
Made the default list of extensions case-insensitive, so that it's not only C
and CPP extensions are accepted in upper case.
Reviewers: djasper
Reviewed By: djasper
CC: cfe-commits
Differential Revision: http://llvm-reviews.chandlerc.com/D2415
------------------------------------------------------------------------
r196917 | alp | 2013-12-10 14:51:53 +0100 (Tue, 10 Dec 2013) | 10 lines
clang-format-diff.py: Support -regex filter and more filename extensions
Add support for more filename extensions based on the list in the clang
plus JavaScript.
Also adds a -regex option so users can override defaults if they have unusual
file extensions or want to format everything in the diff.
Keeping with tradition the flag is modelled on Unix conventions, this time
matching the semantics of find(1).
------------------------------------------------------------------------
r196484 | alp | 2013-12-05 09:14:54 +0100 (Thu, 05 Dec 2013) | 4 lines
clang-format-diff.py: pass through errors to stderr, not stdout
Also use write() for unified diff output to avoid further processing by the
print function (e.g. trailing newline).
------------------------------------------------------------------------
r196336 | alp | 2013-12-04 01:48:22 +0100 (Wed, 04 Dec 2013) | 3 lines
clang-format-diff.py: Fix 'beintroduced' in help output
Also update docs to reflect recently changed -i inplace edit behaviour.
------------------------------------------------------------------------
r192505 | alexfh | 2013-10-11 23:32:01 +0200 (Fri, 11 Oct 2013) | 17 lines
Changed clang-format-diff.py to output diff by default. Added -i option to apply changes to files instead.
Summary:
"svn diff|clang-format-diff.py" will just output the diff.
Now it's possible to use:
svn diff|clang-format-diff.py|patch -p0
as an equivalent to:
svn diff|clang-format-diff.py -i
;)
Reviewers: djasper
Reviewed By: djasper
CC: cfe-commits
Differential Revision: http://llvm-reviews.chandlerc.com/D1840
------------------------------------------------------------------------
r192184 | djasper | 2013-10-08 17:54:36 +0200 (Tue, 08 Oct 2013) | 7 lines
clang-format: Don't exit with failure on empty files.
Also let clang-format-diff.py detect errors based on clang-format's
return code. Otherwise messages like "Can't find usable .clang-format,
falling back to LLVM style" can make it fail, which might be undesired.
Patch by Alp Toker. Thank you!
------------------------------------------------------------------------
r191820 | djasper | 2013-10-02 15:59:03 +0200 (Wed, 02 Oct 2013) | 18 lines
clang-format: Fix clang-format-diff.py according to diff specification.
Patch by Alp Toker. Many thanks!
Original descriptions:
clang-format-diff incorrectly modifies unchanged lines due to an error
in diff parsing.
The unified diff format has a default line change count of 1, and 0 may
be specified to indicate that no lines have been added. This patch
updates the parser to accurately reflect the diff specification.
This also has the benefit of stabilising the operation so it will
produce the same output when run multiple times on the same changeset,
which was previously not the case.
No tests added because this script is not currently tested (though we
should look into that!)
------------------------------------------------------------------------
r191137 | djasper | 2013-09-21 12:05:02 +0200 (Sat, 21 Sep 2013) | 3 lines
Fix clang-format-diff.py to accept -style again.
Copy and paste error in r190935..
------------------------------------------------------------------------
r190935 | djasper | 2013-09-18 14:14:09 +0200 (Wed, 18 Sep 2013) | 3 lines
Simplify clang-format-diff.py using new clang-format options.
clang-format's -lines parameter makes this significantly easier.
------------------------------------------------------------------------
r189765 | alexfh | 2013-09-02 18:39:23 +0200 (Mon, 02 Sep 2013) | 2 lines
Added WebKit style to the BasedOnStyle handling and to the relevant help messages.
------------------------------------------------------------------------
r182923 | djasper | 2013-05-30 13:50:20 +0200 (Thu, 30 May 2013) | 4 lines
Fix default value of clang-format-diff's -p option.
This way, it has the same default as 'patch' and also the example in the
code makes more sense as it is explicitly setting -p 1.
------------------------------------------------------------------------
r179676 | djasper | 2013-04-17 09:55:02 +0200 (Wed, 17 Apr 2013) | 2 lines
Small improvements to clang-format documentation and integration
scripts.
------------------------------------------------------------------------
r179377 | djasper | 2013-04-12 15:42:36 +0200 (Fri, 12 Apr 2013) | 1 line
Fix clang-format-diff.py script.
------------------------------------------------------------------------
r179098 | djasper | 2013-04-09 17:23:04 +0200 (Tue, 09 Apr 2013) | 5 lines
Improvements to clang-format integrations.
This adds an emacs editor integration (thanks to Ami Fischman). Also
pulls out the style into a variable for the vi integration and just
uses clang-formats defaults style in clang-format-diff.py.
------------------------------------------------------------------------
r177506 | djasper | 2013-03-20 10:53:23 +0100 (Wed, 20 Mar 2013) | 1 line
Add clang-format binary to cfe.
------------------------------------------------------------------------
s
- Add new translations (finally, after a long time)
- update-translation script was not considering new translations - oops
- fixed this, also remove (nearly) empty translations
- Update translation process, it was still describing the old repository
structure
2cecb24 doc: change suite to trusty in gitian-building.md (Wladimir J. van der Laan)
957c0fd gitian: make windows build deterministic (Wladimir J. van der Laan)
2e31d74 gitian: use trusty for building (Wladimir J. van der Laan)
0b416c6 depends: qt PIDLIST_ABSOLUTE patch (Wladimir J. van der Laan)
9f251b7 devtools: add libraries for bitcoin-qt to symbol check (Wladimir J. van der Laan)
Perform the following ELF security checks:
- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary
Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This message is to inform you that I, Paul Rabahy have rolled over GPG
keys.
My old key = EA695E0CE2D0DCB0D65167A8D1CBA2A21BCD88F6
My new key = D62A803E27E7F43486035ADBBCD04D8E9CCCAC2A
My new key now has an offline primary key with an online subkey that I
will be
using for normal communications.
I have signed this message with both the old and new key so it should show
up
as validly signed. Please add my new key to your keyring so that future
communication will be properly verified.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWB3/LAAoJENHLoqIbzYj2LBwQAMgH5u2KDuxK2gmpRjEpVXe8
XPOon+SRL5zXfu1dFInXCg8APJEVaXhSeY+/s0GmUq0INRpK4r0tvZVN84X2UoHz
y88P6BeHzQI7dsCStINhW4Hb7DVpFvkHAxsRhy05/geD56/IOXnsG+5SvsH3essJ
O6DuRQOipDWkZ9NQuQPrqzlkcBErMbL4Cs0ED5DOOYccntnt5HM909KDHfKcG8iJ
/qNTVzVFYMGbLn6MVq89reatmIOxuVBkbixsqad5M4P9rQ3iGPnUzIEp4wn7/Ssd
XDiCZypzlHkcs1GKBLtWnYWahlWHItcd/Yz3AiHLfUehcZb52p0mvIaTf4lyAR5p
kQFTXZwrrzJDaomSE2Y2IeMIATZE7/7RInkHD6okUTFSoCFgxOeAxLBI6sxLH5x5
xLIdv45iiv3P5fz1gungfzn2OYy+dHgT74bJ32N18hs+xwZM2G6AYYvVvkTSDqC0
c3AopnjEV4i+4Aq0QfDD9fXpBc0QuDN7c5GkcFCiFlhN+gffjT8hkFliiW3e2X5K
Vsycv1sYXFSS/YYZ7RCixWgTkpi18ABaLu/N1ses7hLNMxx9ovjrMIJ5gC6Nyga9
2BiumvNMh0iE9yhPiN0a4YsZZnW/tc5K1+OJxnKZvxWrXqOgIhnKZA1U1Y83COgA
6pI5uKrggGQWgQFJxTmciQEcBAEBCAAGBQJWB3/LAAoJEDJeXsBcJ6amLBwH/ib+
wiD3wDy+VeTDFvh4AgQqDRCk+CvGEKJlcoBLm3ZDwzi+/26XB/BCFoopW9h67ZmC
yMFhgvCJ3RwPcVGgZBOZ//88E2symcYRBSZJVwMN/n3McmEKBmmEH6/tTqhLeBal
2pynse7qgfZV7P/rSMcqFdhzMYq6Jt25obTl3IqTo939G1oOxRK8ORNT3Hs4/uiF
7xsx+nUBe/L6dvw2Rxr8bWm7WKi/LF7fKN/HZuBfK2qH0S4ctG49fiBw3DTV+erO
lYHdOMA9sjk90Le5sNBw75Hyr4WMLUkGFkh9SvDK1Xe3bUCfCpBTpcPnRUqnHL32
9GbqORFiaUGPRCnaWKQ=
=JR4m
-----END PGP SIGNATURE-----
Common sentiment is that the miniupnpc codebase likely contains further
vulnerabilities.
I'd prefer to get rid of the dependency completely, but a compromise for
now is to at least disable it by default.
b0beae8 Drop "with minimal dependencies" from description (Zak Wilcox)
5e5e00b Split bitcoin-tx into its own package (Zak Wilcox)
05179f7 Include bitcoin-tx binary on Debian/Ubuntu (Zak Wilcox)
ddf98d1 Make RPC tests cope with server-side timeout between requests (Wladimir J. van der Laan)
2190ea6 rpc: Split option -rpctimeout into -rpcservertimeout and -rpcclienttimeout (Wladimir J. van der Laan)
8b2d6ed http: Disable libevent debug logging, if not explicitly enabled (Wladimir J. van der Laan)
5ce43da init: Ignore SIGPIPE (Wladimir J. van der Laan)
The two timeouts for the server and client, are essentially different:
- In the case of the server it should be a lower value to avoid clients
clogging up connection slots
- In the case of the client it should be a high value to accomedate slow
responses from the server, for example for slow queries or when the
lock is contended
Split the options into `-rpcservertimeout` and `-rpcclienttimeout` with
respective defaults of 30 and 900.
Continues Johnathan Corgan's work.
Publishing multipart messages
Bugfix: Add missing zmq header includes
Bugfix: Adjust build system to link ZeroMQ code for Qt binaries
This allows users to specify, e.g. raise, the default timeout of 60
seconds. Some bitcoind instances, especially long running ones on slow
hardware, require a higher timeout for a clean shut down.
Also add a comment to bitcoind.openrc's 'retry=', since it is not
obvious from the variable name what it does.
Allow for non-8333 nodes to appear in the internal seeds. This will
allow bitcoind to bypas a filter on 8333. This also makes it possible to
use the same tool for e.g. testnet.
As hosts with multiple nodes per IP are likely abusive, add a filter to
remove these (the ASN check will take care of them for IPv4, but not
IPv6 or onion).
- Moved all seed related scripts to contrib/seeds for consistency
- Updated `makeseeds.py` to handle IPv6 and onions, fix regular
expression for recent Bitcoin Core versions
- Fixed a bug in `generate-seeds.py` with regard to IPv6 parsing
Rather than fetching a signature.tar.gz from somewhere on the net, instruct
Gitian to use a signature from a tag in the bitcoin-detached-sigs repository
which corresponds to the tag of the release being built.
This changes detached-sig-apply.sh to take a dirname rather than a tarball as
an argument, though detached-sig-create.sh still outputs a tarball for
convenience.
960e994 gitian: Bump cache dir for current master (Cory Fields)
be65628 gitian: bump faketime to something more recent (Cory Fields)
c3cdd7b osx: set min version to 10.7 for 0.11+ (Cory Fields)
For Gitian releases:
- Windows builds remain unchanged. libstdc++ was already linked statically.
- OSX builds remain unchanged. libstdc++ is tied to the SDK and not worth
messing with.
- Linux builds now statically link libstdc++.
For Travis:
- Match the previous behavior by adding --enable-reduce-exports as
necessary.
- Use static libstdc++ for the full Linux build.
This reverts commit 1078fb0885 (and thus
pull #5623). It has various issues:
- Pull request names get cut off at ", see e.g. a026a56
- Merge script no longer copes with pulls that have a milestone
attached, due to a duplicate 'title' in JSON that is not handled by the
ad-hoc parsing.
Since permissions and timestamps are changed for the sake of determinism,
. must not be added to the archive. Otherwise, tar may try to modify pwd when
extracting.
- Check that image contents match pre- and post- crushing.
- Also remove use of external tool to compute sha256 in favor of hashlib.
- contrib: remove all use of shell=True in strip_pngs.py
Using `shell=True` can be a security hazard. See e.g.
https://docs.python.org/2/library/subprocess.html#subprocess.check_output
- Add a space after the fixed string prepended to file names when input or
output file changes
- Clarify the error message when the genesis block is not found in the
hash list (...why do we have this at all?)
Descriptors now make use of the dependencies builder, so results are cached.
A very new version (>= e9741525c) of Gitian should be used in order to take
advantage of caching.
* Support new rpc commands.
* Several commands now take an optional boolean includeWatchonly argument.
* "help" now has section headers, ignore them when compiling list of commands.
Make it possible to read blocks in any order. This will be required
after headers-first (#4468), so should be merged before that.
- Read block header. For expected blocks, continue, else skip.
- For in-order blocks: copy block contents directly. Write prior
out-of-order blocks if this connects a consecutive span.
- For out-of-order blocks, store extents of block data for later
retrieval. Cache out-of-order blocks in memory up to 100MB
(configurable).
Code signing failed for me on OSX 10.9.5 because the
Versions/Current symbolic links were being replaced
with a duplicate copy of the frameworks' code.
Releases were bigger than they needed to be, for the
same reason.
The approach from 65f3fa8d1 worked for signing on 10.9.4, but not newer
versions. 10.9.5 (and up) want each framework to stand alone.
Now in addition to copying the plist's from Qt for each framework, we put them
in per-version dirs and only symlink to the latest, rather than using symlinks
for any contents.
399cdbc contrib/linearize: Add feature to set file's timestamp based on block header time. (Jeff Garzik)
8f5a423 contrib/linearize: split block files based on year-month, not just year (Jeff Garzik)
75400a2 contrib/linearize: Guarantee that output is generated in-order (Jeff Garzik)
- Catch problems such as mismatched formatting characters. Remove
messages that can give problems at runtime.
- Also remove unfinished/untranslated messages, they just take up space
in the ts and waste parsing time.
Fixes#4774.
This was typically ensured implicitly by virtue of normal bitcoind
operation. Adding an explicit check provides a stronger guarantee, and
it is cheap to add.
Break into two steps:
* Generate hash list
* Build data file(s) from local bitcoind blocks/ directory.
This supports building one large bootstrap.dat, or multiple
smaller blocks/blkNNNNN.dat files.
Starting with 10.9, Framework versions must be signed individually, rather
than as a single bundle version, in order to be properly codesigned. This
change ensures that the proper plist files and symlinks are present prior to
packaging.
Running git version 2.1.0 on OSX (homebrew), I get
fatal: '1q': not a non-negative integer
I'm guessing git command-line parsing got more strict recently?
When QT is linked statically, macdeploy can't infer its paths. While plugins
and frameworks don't need to be packaged, translations still do (for now).
As the `getwork` API doesn't exist anymore, currently this script is useless.
It would be nice to have a `getblocktemplate`-based Python example of a
miner, but there is no point in keeping this one around except to
confuse people.
-respendnotify=<cmd> Execute command when a network tx respends wallet
tx input (%s=respend TxID, %t=wallet TxID)
Add respendsobserved array to gettransaction, listtransactions, and
listsinceblock RPCs. This omits the malleated clones that are included
in the walletconflicts array.
Add RPC help for respendsobserved and walletconflicts (help was missing
for the latter).
Upgrade for https://www.openssl.org/news/secadv_20140605.txt
Just in case - there is no vulnerability that affects ecdsa signing or
verification.
The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.
As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.
The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
A qt installation date snuck into the host utils (lrelease etc)
This doesn't affect the end product, so no dependency version bump.
It also doesn't explain why gavin's and mine build is different
If the `libqt4-dev` package is installed it picks the moc executable
from the system instead of our custom-built one. This results in
compatibility errors.
This commit convinces configure to pick the right one.
3a54ad9 Full translation update (Wladimir J. van der Laan)
9dd5d79 devtools: add a script to fetch and postprocess translations (Wladimir J. van der Laan)
58c01a3 qt: add transifex configuration file (Wladimir J. van der Laan)
Run this script from the root of the repository to update all translations from transifex.
It will do the following automatically:
- create a transifex configuration file
- fetch all translations
- post-process them into valid and committable format
This avoids conflicts between the libraries statically linked into bitcoin and any
libraries we may link dynamically (such as Qt and OpenSSL, see issue #4094).
It also avoids start-up overhead to not export any unnecessary symbols.
To do this, build a linker script that marks all symbols as local.
Should make it possible to run the resulting GUI executable on
Linux distributions that use Qt 4.6, such as Debian Wheezy and Tails.
Builds a mini-SDK for building against Qt 4.6. This includes the headers
as well as host utilities such as `lrelease`, `qrc` and `moc`.
This speeds up the gitian build a bit - libqt4-dev pulled in a lot of packages,
and is no longer needed as this provides a replacement of our own.
Note: This does not replace the Qt build with at static library. After this
commit we still build dynamically against the system Qt library. The only
difference is that compatibility with an older version is maintained. This
loses minor GUI functionality (such as setPlaceholderText) but still
allows integration into the window management of the host OS, unlike
when statically linking.
Add a script to check that the (Linux) executables produced by gitian
only contain allowed gcc, glibc and libstdc++ version symbols. This
makes sure they are still compatible with the minimum supported Linux
distribution versions.
0f63504 Changed bitrpc.py's raw_input to getpass for passwords to conceal characters during command line input. Getpass is in Python stdlib so no additional dependencies required. (Eric S. Bullington)
Bumps deps-linux, deps-win dependency versions as well.
qt-win does not need to be bumped, as although it depends on deps-win,
Qt doesn't use miniupnp. I verified this by rebuilding the dependency
and checking the the output is the same. Not having to rebuild Qt is a
good thing as it is huge.
For qt5.2 on osx, the qcocoa plugin is mandatory. However, it fails to load
when qt.conf specifies the "plugin" path instead of the expected "Plugin". This
is in line with the documentation:
https://qt-project.org/doc/qt-5.0/qtdoc/qt-conf.html
I'm not sure how the plugins were loading before, unless the case-sensitivity
for OSX is new.
IIRC this was the case with 0.8.6, so let's keep this to avoid the risk
of losing connectable nodes with 0.9 release.
Also our miniupnpc library was recently updated and I've heard
reports that it works better than before now.
While building protobuf in different environments we noticed that
the host tool protoc was slightly different between builds (a symbol table
sorting issue).
Add a deterministic seed as well as disable zlib support.
Exected output is now:
e2e403e1a08869c7eed4d4293bce13d51ec6a63592918b90ae215a0eceb44cb4 protobuf-win32-2.5.0-gitian-r4.zip
a0999037e8b0ef9ade13efd88fee261ba401f5ca910068b7e0cd3262ba667db0 protobuf-win64-2.5.0-gitian-r4.zip
No effect on final executables so no version bump.
Boost iostreams was picking up libz-dev in VirtualBox, as the recommended
way to build is now to make a VM with all dependency packages installed.
This caused a divergence between KVM/LXC build and VirtualBox
build results.
Fix this in the simplest possible way: add the libz-dev package.
5770254 Copyright header updates s/2013/2014 on files whose last git commit was done in 2014. contrib/devtools/fix-copyright-headers.py script to be able to perform this maintenance task with ease during the rest of the year, every year. Modifications to contrib/devtools/README.md to document what fix-copyright-headers.py does. (gubatron)
c13a13e gitian: add -D flag to ar for deterministic output for linux deps (Wladimir J. van der Laan)
1552145 gitian: Sort generated source distribution archive (Wladimir J. van der Laan)
aabcd11 gitian: Make linux boost dependency completely deterministic (Wladimir J. van der Laan)
aa93485 gitian: Make linux build of OpenSSL deterministic (Wladimir J. van der Laan)
ar -D: Operate in deterministic mode. When adding files and the archive
index use zero for UIDs, GIDs, timestamps, and use consistent file modes
for all files. When this option is used, if ar is used with identical
options and identical input files, multiple runs will create identical
output files regardless of the input files' owners, groups, file modes,
or modification times.
contrib/devtools/fix-copyright-headers.py script to be able to perform this maintenance task with ease during the rest of the year, every year. Modifications to contrib/devtools/README.md to document what fix-copyright-headers.py does.
It appears that the output was different every time.
This doesn't affect the final bitcoind/bitcoin-qt, but is confusing
nevertheless.
Fix it by using FAKETIME and zipping files in deterministic order.
OpenSSL was embedding a timestamp causing its build to be
non-deterministic.
Change deps-linux to be deterministic by using FAKETIME
as needed and disabling it when it gets in the way.
- Add 'g++' package (virtualbox images don't have this by default)
- Workaround for determinism in Qt5 resources
- Pass --disable-maintainer-mode --disable-dependency-tracking to
configure for libqrencode to avoid random errors about missing m4
directory
- Fix typo -with-pic -> --with-pic
It is not necessary to rebuild dependencies after this commit.
Fixes#3610 and #3612.
- adds a nice and well formated dialog, which displays our -? help message
(all options/paramaters)
- moves aboutdialog.cpp/h to the new utilitydialog
- move GUI shutdown window to utilitydialog
1cbbeb6 gitian: Add openssl to linux deps (Wladimir J. van der Laan)
64be7f7 gitian: Build boost dependency for linux (Wladimir J. van der Laan)
7eb99a8 gitian: Reduce build time for boost windows dependency (Wladimir J. van der Laan)
714cdec build: Pass BOOST_CPPFLAGS to sleep implementation test (Wladimir J. van der Laan)
0d40f5a build: Allow providing extra libs for Boost Chrono (Wladimir J. van der Laan)
e4b991e build: Auto-detect whether -DBOOST_TEST_DYN_LINK is needed (Wladimir J. van der Laan)
Instead of using the boost provided by Ubuntu 12.04, build our own
dependency like we do for Windows.
This allows using a much newer version (1.55 versus 1.46) as well as
building with `-fPIC` so that `-pie` can be used in the x86-64 build.
Build only the mt-s (multithreaded, static runtime link)
variant of the library.
This cuts the build time in half.
Also prevent unpacked boost from ending up in output directory,
checking and hashing all the source files as output files this
takes a lot of time and is pointless.
0425715 gitian: add explicit dependency build for linux (Wladimir J. van der Laan)
279af1a build: use Ubuntu 12.04 for linux gitian build (Wladimir J. van der Laan)
Use a series of .png frames for the spinner instead of a .mng.
`mng` is an obscure image format and is not built by default into Qt5.
This appears to improve the crispness of the spinner as well.
Does not noticably increase the size (still ~27k) and the code
is not more complicated either.
In the win32 gitian descriptor the C*FLAGS are being overridden on
`configure`, which causes the built-in optimization flags to be removed.
Add `-O2` manually (but not `-g` as we're not doing anything with the
debug information).
Improves performance of win32 gitian builds.
As a bonus, fixes issue #3497.
- remove unused and unmentioned file notsynced.png (we use an animation
for this)
- add missing coincontroldialog.ui to bitcoin-qt.pro
- also unify formating in assets-attribution.md
We already have the exact same funtionality in /contrib/bitrpc/bitrpc.py
If we really do need standalone scripts, then I'll write something to
pull it from that file, rather than having duplicate code.
Forgot to remove wallet tools from index.
Wallet Tools Follow Up Info
- changes some strings that were forgotton or made no sense in the conext
they are used
- remove an orphan file from the qt project file
- revert a small change in signverifymessagedialog.ui
- guard #include "bitcoin-config.h" with #if defined(HAVE_CONFIG_H)
- remove windowTitle from addressbookpage.ui
Credit: sipa, cfields, Luke-Jr and michagogo contributed to this fix.
Removing wine as a win32 build dep is beneficial to fixing Gitian LXC,
which would enable many more people to join in the gitian.sigs process
by being able to build with a linux VM instead of a virt capable host.
The final revision of PR 3029 incorporated a review suggestion of replacing
i686-w64-mingw32 with $HOST. But we forgot that $HOST is not expanded when
within single quotes so it actually broke qt-win32.yml build. This is the
minimal changes necessary to fix the qt-win32.yml build.
Workaround 1.54.0 build bug, upstream #9156
Workaround 1.51.0+ human bug, upstream #7262
This commit also demonstrates a method to verify the integrity of inputs.
mingw upgrade allows more hardening, compiler bug fixes and possibily win64 later.
Rename deps .zip files to be more consistent in revision format.
Boost #4258 build fix for mingw32
- rename URL into URI in paymentserver where correct
- add some missing Qt-coding-stuff in paymentserver
- change QSpinBox to QLineEdit as base for BitcoinAmountField in .ui files
(as this is the result when converting the BAF back into base)
- remove some c_str() and replace with QString::fromStdString()
- remove several new-lines
- remove unneeded spaces
- indentation fixes
Add support for a Payment Protocol to Bitcoin-Qt.
Payment messages are protocol-buffer encoded and communicated over
http(s), so this adds a dependency on the Google protocol buffer
library, and requires Qt with OpenSSL support.
The new class is accessed via the Params() method and holds
most things that vary between main, test and regtest networks.
The regtest mode has two purposes, one is to run the
bitcoind/bitcoinj comparison tool which compares two separate
implementations of the Bitcoin protocol looking for divergence.
The other is that when run, you get a local node which can mine
a single block instantly, which is highly convenient for testing
apps during development as there's no need to wait 10 minutes for
a block on the testnet.
This commit adds a Linux script that uses tc and iptables to
limit outgoing bandwidth to Bitcoin nodes. All tcp connections with
a source or destination port of 8333 are limited to the chosen rate.
It does not alter the incoming bandwidth. Additionally, outgoing
bandwidth to a host on a local LAN (defined by the LOCALNET variable)
is not limited.
- new xpm resources for different linux window managers
- new png files for autoresizing on different linux window managers
- favicon with new logo
- window .ico with new logo
- updated debian package script
- updated changelog
Remove the pnext pointer in CBlockIndex, and replace it with a
vBlockIndexByHeight vector (no effect on memory usage). pnext can
now be replaced by vBlockIndexByHeight[nHeight+1], but
FindBlockByHeight becomes constant-time.
This also means the entire mapBlockIndex structure and the block
index entries in it become purely blocktree-related data, and
independent from the currently active chain, potentially allowing
them to be protected by separate mutexes in the future.
Every block index entry currently requires a separately-allocated
CBigNum. By replacing them with uint256, it's just 32 bytes extra
in CBlockIndex itself.
This should save us a few megabytes in RAM, and less allocation
overhead.
* reformatted the entire document to look pretty in both standard text and
Markdown
* incorporated [my OS X 10.8 build instructions with Homebrew as the package
manager](http://bitcoin.stackexchange.com/questions/3672/trouble-compiling-bitcoind-on-osx-with-homebrew/5253#5253)
* incorporated @gavinandresen's MacPorts and release build instructions based on
an earlier revision of this commit
* added makefile patch necessary for Homebrew compilation to `contrib`
Two changes: make some linux-specific linker options linux and linker specific.
And in the cross-compile environment, prefer the $HOME/qt/bin tools to
whatever might be somewhere else in the path.
The current default URL doesn't seem to exist.
Unsure wether this should be updated to point to 0.7.2 now or wether
just to wait untill 0.8.0 is out and point there?
Commit also fixes a minor typo in the macdeploy notes.txt
Version numbers changed from 0.7.99 to 0.8.0
Set CLIENT_VERSION_IS_RELEASE to remove pre-release warning
Updated copyright in COPYING and doc/READMEs to 2013
Updated doc/release-notes.txt
Use 'osascript' to run AppleScript, instead of using (broken-in-10.8)
python appscript package.
And added support for code-signing the .app bundle, to make OSX's
GateKeeper happy.
