diff options
Diffstat (limited to 'contrib/gitian-descriptors/gitian-win.yml')
| -rw-r--r-- | contrib/gitian-descriptors/gitian-win.yml | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/contrib/gitian-descriptors/gitian-win.yml b/contrib/gitian-descriptors/gitian-win.yml index 9364db4ef7..6e43c21823 100644 --- a/contrib/gitian-descriptors/gitian-win.yml +++ b/contrib/gitian-descriptors/gitian-win.yml @@ -22,8 +22,8 @@ remotes: - "url": "https://github.com/bitcoin/bitcoin.git" "dir": "bitcoin" files: -- "qt-win32-5.2.0-gitian-r1.zip" -- "qt-win64-5.2.0-gitian-r1.zip" +- "qt-win32-5.2.0-gitian-r2.zip" +- "qt-win64-5.2.0-gitian-r2.zip" - "boost-win32-1.55.0-gitian-r6.zip" - "boost-win64-1.55.0-gitian-r6.zip" - "bitcoin-deps-win32-gitian-r10.zip" @@ -35,7 +35,16 @@ script: | export TZ=UTC INDIR=$HOME/build OPTFLAGS='-O2' + TEMPDIR="$HOME/tempdir" NEEDDIST=1 + # Qt: workaround for determinism in resource ordering + # Qt5's rcc uses a QHash to store the files for the resource. + # A security fix in QHash makes the ordering of keys to be different on every run + # (https://qt.gitorious.org/qt/qtbase/commit/c01eaa438200edc9a3bbcd8ae1e8ded058bea268). + # This is good in general but qrc shouldn't be doing a traversal over a randomized container. + # The thorough solution would be to use QMap instead of QHash, but this requires patching Qt. + # For now luckily there is a test mode that forces a fixed seed. + export QT_RCC_TEST=1 for BITS in 32 64; do # for architectures # STAGING=$HOME/staging${BITS} @@ -46,31 +55,28 @@ script: | else HOST=x86_64-w64-mingw32 fi + export PATH=$STAGING/host/bin:$PATH mkdir -p $STAGING $BUILDDIR $BINDIR # cd $STAGING - unzip $INDIR/qt-win${BITS}-5.2.0-gitian-r1.zip + unzip $INDIR/qt-win${BITS}-5.2.0-gitian-r2.zip unzip $INDIR/boost-win${BITS}-1.55.0-gitian-r6.zip unzip $INDIR/bitcoin-deps-win${BITS}-gitian-r10.zip unzip $INDIR/protobuf-win${BITS}-2.5.0-gitian-r4.zip if [ "$NEEDDIST" == "1" ]; then # Make source code archive which is architecture independent so it only needs to be done once - cd $HOME/build/ - cd bitcoin - export PATH=$STAGING/host/bin:$PATH - export TAR_OPTIONS=--mtime=`echo $REFERENCE_DATETIME | awk '{ print $1 }'` + cd $HOME/build/bitcoin ./autogen.sh ./configure --bindir=$OUTDIR --prefix=$STAGING --host=$HOST --with-qt-plugindir=$STAGING/plugins --with-qt-incdir=$STAGING/include --with-qt-bindir=$STAGING/host/bin --with-boost=$STAGING --disable-maintainer-mode --with-protoc-bindir=$STAGING/host/bin --disable-dependency-tracking CPPFLAGS="-I$STAGING/include ${OPTFLAGS}" LDFLAGS="-L$STAGING/lib ${OPTFLAGS}" CXXFLAGS="-frandom-seed=bitcoin ${OPTFLAGS}" make dist - mkdir -p $OUTDIR/src - cp -f bitcoin-*.tar.* $OUTDIR/src + DISTNAME=`echo bitcoin-*.tar.gz` NEEDDIST=0 fi # Build platform-dependent executables from source archive cd $BUILDDIR mkdir -p distsrc cd distsrc - tar --strip-components=1 -xf $HOME/build/bitcoin/bitcoin-*.tar.* + tar --strip-components=1 -xf $HOME/build/bitcoin/$DISTNAME ./configure --bindir=$BINDIR --prefix=$STAGING --host=$HOST --with-qt-plugindir=$STAGING/plugins --with-qt-incdir=$STAGING/include --with-qt-bindir=$STAGING/host/bin --with-boost=$STAGING --disable-maintainer-mode --with-protoc-bindir=$STAGING/host/bin --disable-dependency-tracking CPPFLAGS="-I$STAGING/include ${OPTFLAGS}" LDFLAGS="-L$STAGING/lib ${OPTFLAGS}" CXXFLAGS="-frandom-seed=bitcoin ${OPTFLAGS}" export LD_PRELOAD=/usr/lib/faketime/libfaketime.so.1 export FAKETIME=$REFERENCE_DATETIME @@ -82,3 +88,10 @@ script: | unset FAKETIME done # for BITS in + # sort distribution tar file and normalize user/group/mtime information for deterministic output + mkdir -p $OUTDIR/src + rm -rf $TEMPDIR + mkdir -p $TEMPDIR + cd $TEMPDIR + tar -xvf $HOME/build/bitcoin/$DISTNAME | sort | tar --no-recursion -cT /dev/stdin --mode='u+rw,go+r-w,a+X' --owner=0 --group=0 --mtime="$REFERENCE_DATETIME" | gzip -n > $OUTDIR/src/$DISTNAME + |