mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-01-12 04:42:36 -03:00
6fde676f64
feb5075777build: use osslsigncode 2.0 in gitian (fanquake) Pull request description: The original osslsigncode project, https://sourceforge.net/projects/osslsigncode, has been marked as abandonware: > This is now - and has been for a long while - abandonware. Feel free to create your own forks etc.". However, a fork has emerged, https://github.com/mtrojnar/osslsigncode, that has incorporated theuni's patches ([add the -pem option in extract-signature mode ](36715c1183) & [add the attach-signature command](3be7eb1676)) as well as updated the tool to work with OpenSSL 1.1 and other improvements. This commit switches the windows signer descriptor to use this new version of `osslsigncode`. I've tested using this new version of `osslsigncode` while doing a 0.18.1 gitian build, and it "seems" to work. However this needs a look over from Cory, to check if the tool is still compatible with his usage in the [`detached-sig-create.sh`](https://github.com/bitcoin/bitcoin/blob/master/contrib/windeploy/detached-sig-create.sh) script, as well as some review of the changes to `osslsigncode` itself. Hence WIP and chasing Concept ACKs / NACKs. ACKs for top commit: MarcoFalke: Concept ACKfeb5075777given that this upstream is now used in Ubuntu and Debian laanwj: ACKfeb5075777Tree-SHA512: c48de6dc32751d96dd04b920bfacca40af47a2883330ba0700371d56c580a7e45cedd8d8a913709d56be036762b63cb1825a98cff7aa77b6d7804fab11220850
41 lines
1 KiB
YAML
41 lines
1 KiB
YAML
---
|
|
name: "bitcoin-win-signer"
|
|
distro: "ubuntu"
|
|
suites:
|
|
- "bionic"
|
|
architectures:
|
|
- "linux64"
|
|
packages:
|
|
- "libssl-dev"
|
|
- "autoconf"
|
|
- "libtool"
|
|
- "pkg-config"
|
|
remotes:
|
|
- "url": "https://github.com/bitcoin-core/bitcoin-detached-sigs.git"
|
|
"dir": "signature"
|
|
files:
|
|
- "osslsigncode-2.0.tar.gz"
|
|
- "bitcoin-win-unsigned.tar.gz"
|
|
script: |
|
|
set -e -o pipefail
|
|
|
|
BUILD_DIR=`pwd`
|
|
SIGDIR=${BUILD_DIR}/signature/win
|
|
UNSIGNED_DIR=${BUILD_DIR}/unsigned
|
|
|
|
echo "5a60e0a4b3e0b4d655317b2f12a810211c50242138322b16e7e01c6fbb89d92f osslsigncode-2.0.tar.gz" | sha256sum -c
|
|
|
|
mkdir -p ${UNSIGNED_DIR}
|
|
tar -C ${UNSIGNED_DIR} -xf bitcoin-win-unsigned.tar.gz
|
|
|
|
tar xf osslsigncode-2.0.tar.gz
|
|
cd osslsigncode-2.0
|
|
|
|
./autogen.sh
|
|
./configure --without-gsf --without-curl --disable-dependency-tracking
|
|
make
|
|
find ${UNSIGNED_DIR} -name "*-unsigned.exe" | while read i; do
|
|
INFILE="`basename "${i}"`"
|
|
OUTFILE="`echo "${INFILE}" | sed s/-unsigned//`"
|
|
./osslsigncode attach-signature -in "${i}" -out "${OUTDIR}/${OUTFILE}" -sigin "${SIGDIR}/${INFILE}.pem"
|
|
done
|