| Age | Commit message (Collapse) | Author |
|---|
|
Not necessary for windows or linux, as the intermedate build result
doesn't change.
However for OSX on 0.9 the builds for the intermediates are not
deterministic, so this cannot be assessed. Bump the dep version just in
case.
|
|
|
|
Github-Pull: #5634
Rebased-From: 8dccba6a45db0466370726ed462b9da2eae43bce
|
|
|
|
New versions of OpenSSL will reject non-canonical DER signatures. However,
it'll happily decode them. Decode then re-encode before verification in order
to ensure that it is properly consumed.
Github-Pull: #5634
Rebased-From: 488ed32f2ada1d1dd108fc245d025c4d5f252783
|
|
TLS is subject to downgrade attacks when SSLv3 is available, and
SSLv3 has vulnerabilities.
The popular solution is to disable SSLv3. On the web this breaks
some tiny number of very old clients. While Bitcoin RPC shouldn't
be exposed to the open Internet, it also shouldn't be exposed to
really old SSL implementations, so it shouldn't be a major issue
for us to disable SSLv3.
There is more information on the downgrade attacks and disabling
SSLv3 at https://disablessl3.com/ .
Rebased-From: 683dc4009b2b01699e672f8150c28e2ebe0aae19
|
|
Rebased-From: 12a49cac0a561ada277e93549cae26a3123a6023
|
|
Previously -proxy was not setting the proxy for IsLimited networks, so
if you set your configuration to be onlynet=tor you wouldn't get an
IPv4 proxy set.
The payment protocol gets its proxy configuration from the IPv4 proxy,
and so it would experience a connection leak.
This addresses issue #5355 and also clears up a cosmetic bug where
getinfo proxy output shows nothing when onlynet=tor is set.
Conflicts:
src/init.cpp
Rebased-From: 3c777141349ad82d679a278df0619968af53c23
Github-Issue: #5358
|
|
Refactor common -alertnotify code into static CAlert::Notify method.
|
|
Qt5 is bottled, so configure won't find it without some help. Use
brew to find out its prefix.
Also, qt5 added the host_bins variable to pkg-config, use it.
|
|
Rebased-From: 0dcb0a55782d676798013f20d7e2ab826ad4d96d
|
|
Code signing failed for me on OSX 10.9.5 because the
Versions/Current symbolic links were being replaced
with a duplicate copy of the frameworks' code.
Releases were bigger than they needed to be, for the
same reason.
Rebased-From: 965c306d6d6ee3695dc50615a87e25c248c41a89
|
|
The approach from 65f3fa8d1 worked for signing on 10.9.4, but not newer
versions. 10.9.5 (and up) want each framework to stand alone.
Now in addition to copying the plist's from Qt for each framework, we put them
in per-version dirs and only symlink to the latest, rather than using symlinks
for any contents.
Rebased-From: af0bd5e
|
|
When building from a distdir as gitian does, checking for the .git dir
is not reliable. Instead, ask git if we're in a repo.
Rebase this into 0.9.3 branch after final to make sure that 0.9.4 will
have correct version strings in rcs.
Rebased-From: c65cc8c
|
|
The cdrkit.org domain expired.
Thanks to gdm85 on IRC for reporting this.
Rebased-From: 27fc5277f73e510c2150dc29308fdf2dc6a96053
|
|
Rebased-From: d547ebf
|
|
Starting with 10.9, Framework versions must be signed individually, rather
than as a single bundle version, in order to be properly codesigned. This
change ensures that the proper plist files and symlinks are present prior to
packaging.
Rebased-From: 65f3fa8
|
|
|
|
|
|
There is no reason to store thousands of orphan transactions;
normally an orphan's parents will either be broadcast or
mined reasonably quickly.
This pull drops the maximum number of orphans from 10,000 down
to 100, and adds a command-line option (-maxorphantx) that is
just like -maxorphanblocks to override the default.
|
|
#4253)
Rebased-From: 7b45d943b29a443f1ac808c9ee4eeed6df0db9cc
|
|
Prevent denial-of-service attacks by banning
peers that send us invalid orphan transactions
and only storing orphan transactions given to
us by a peer while the peer is connected.
Rebased-From: c74332c67806ed92e6e18de174671a7c30608780
|
|
reduces time to service requests improving performance
Rebased-From: 9189f5fe4df1ac7ea6ca75ceada867beafda90a9
|
|
found
It's only confusing people into thinking that they should mess with
boost versions, which should not be necessary to get bitcoind to work.
If there is a bug in the build system with autodetecting boost it needs
to be solved not worked around.
Rebased-From: 539abc4729ea16039d148cfa3b771929f7d37584
|
|
Bitcoin core should work with any remotely recent boost version
if a proper build environment is present. Remove a confusing comment
from the build documentation.
Rebased-From: bd45b1a
|
|
Rebased-From: 540ac45
Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
|
|
Tighten resource constraints on CNode.
Rebased-From: d4168c8
Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
|
|
Rebased-From: def2fdb
Rebased-By: Wladimir J. van der Laan
|
|
Rebased-From: 89d91f6
Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
|
|
This does not add any new messages from transifex, it just filters the
current ones.
|
|
- Catch problems such as mismatched formatting characters. Remove
messages that can give problems at runtime.
- Also remove unfinished/untranslated messages, they just take up space
in the ts and waste parsing time.
Fixes #4774.
Rebased-From: da59f28
Rebased-By: Wladimir J. van der Laan
|
|
|
|
|
|
|
|
Also change build system: STATICLIB is now MINIUPNP_STATICLIB.
|
|
The homebrew instructions were outdated - berkeley-db4 hasn't worked for months, based on the questions I'm seeing on Google/SO. So I added a section explaining how to install berkeley-db4 using homebrew and move on with your life. Thanks for the rest of the documentation!
Conflicts:
doc/build-osx.md
Rebased-From: b1ed7c2
|
|
Rebased-From: 565e569
|
|
This probably never worked properly. Confirmed working now with every compiler
I throw at it.
Rebased-From: 8021cf8
|
|
When the libpath doesn't line up with the value from config.sub, we don't find
the correct path to boost's libs. This adds a hack to try another path before
giving up.
Should close #3219.
Rebased-From: 54c7df81
|
|
Conflicts:
src/qt/bitcoin.cpp
Rebased-From: 292cc072
|
|
Upgrade for https://www.openssl.org/news/secadv_20140806.txt
Rebased-From: 074bcdc
Github-Pull: #4648
|
|
The goal is to increase independence and privacy.
Rebased-From: 2e7009d
|
|
|
|
Removes the limits on number of pubkeys for P2SH CHECKMULTISIG outputs.
Previously with the 500 byte scriptSig limit there were odd restrictions
where even a 1-of-12 P2SH could be spent in a standard transaction(1),
yet multisig scriptPubKey's requiring more signatures quickly ran out of
scriptSig space.
From a "stuff-data-in-the-blockchain" point of view not much has changed
as with the prior commit now only allowing the dummy value to be null
the newly allowed scriptSig space can only be used for signatures. In
any case, just using more outputs is trivial and doesn't cost much.
1) See 779b519480d8c5346de6e635119c7ee772e97ec872240c45e558f582a37b4b73
Mined by BTC Guild.
|
|
redeemScripts >520bytes can't be spent due to the
MAX_SCRIPT_ELEMENT_SIZE limit; previously the addmultisigaddress and
createmultisig RPC calls would let you violate that limit unknowingly.
Also made the wallet code itself check the redeemScript prior to adding
it to the wallet, which in the (rare) instance that a user has added an
invalid oversized redeemScript to their wallet causes an error on
startup. The affected key isn't added to the wallet; other keys are
unaffected.
|
|
This avoids that long redeemScripts that were grandfathered in
prevent the wallet from loading.
Fixes #4313.
Rebased-From: 18116b0
|
|
Rebased-From: 88df548
|
|
Previously if bitcoind is linked with an OpenSSL which is compiled
without EC support, this is seen as an assertion failure "pKey !=
NULL" at key.cpp:134, which occurs after several seconds. It is an
esoteric piece of knowledge to interpret this as "oops, I linked
with the wrong OpenSSL", and because of the delay it may not even
be noticed.
The new output is
: OpenSSL appears to lack support for elliptic curve cryptography. For
more information, visit
https://en.bitcoin.it/wiki/OpenSSL_and_EC_Libraries
: Initialization sanity check failed. Bitcoin Core is shutting down.
which occurs immediately after attempted startup.
This also blocks in an InitSanityCheck() function which currently only
checks for EC support but should eventually do more. See #4081.
Rebased-From: 4a09e1d
|
|
Block 295,000 seems to meet the criteria of a reasonable timestamp and
no strange transactions. 295,000 is the current block height in the
bootstrap.dat torrent provided by jgarzik.
Rebased-From: 125fba1
|
|
and use it for most strings being serialized.
Rebased-From: 216e9a4
|
