Age | Commit message (Collapse) | Author |
|
Release version strings were broken in Gitian by 7522. This is a minimal fix
suitable for 0.15.
After this, we should fix up version handling for good so that gitian packages
the correct string in the release tarball, so that git is not required to get
the tag name.
Github-Pull: #11097
Rebased-From: 4452829b104842c547bd100714a241e9f209e1f4
Tree-SHA512: 40071b97b2207b2262aef0b4802cb231ccafbff0ed04b5945a64dceda8bdbb2ea71bf6a546e1d03533612edfdc55dedd413da967cba0b1bbd3f9139ec3572f60
|
|
actually the right one
ed1fcdc Bugfix: Detect genbuild.sh in repo correctly (Luke Dashjr)
e98e3dd Bugfix: Only use git for build info if the repository is actually the right one (Luke Dashjr)
Tree-SHA512: 510d7ec8cfeff4e8e0c7ac53631eb32c7acaada7017e7f8cc2e6f60d86afe1cd131870582e01022f961c85a783a130bcb8fef971f8b110070c9c02afda020726
|
|
09fe2d9 release: update docs to show basic codesigning procedure (Cory Fields)
f642753 release: create a bundle for the new signing script (Cory Fields)
0068361 release: add win detached sig creator and our cert chain (Cory Fields)
Tree-SHA512: 032ad84697c70faaf857b9187f548282722cffca95d658e36413dc048ff02d9183253373254ffcc1158afb71140753f35abfc9fc8781ea5329c04d13c98759c0
|
|
This was skipped for the 0.14 cycle.
|
|
Also change the mac filename to match
The procedure remains the same, but now there's a nifty script to automate
the signing process.
Future steps:
- Build osslsigncode in the gitian-win descriptor so that the signer itself is
deterministic.
- Verify in the gitian-win-signer descriptor that the expected cert chain was
used.
|
|
The consistency is helpful for gauging Gitian build progress. Right now it's necessary to remember which platform builds in which order, which can be confusing if you're attempting to get a quick idea of how far along your builds are.
|
|
|
|
|
|
fa42a67 [gitian] hardcode datetime for depends (MarcoFalke)
fa58c76 [gitian] Default reference_datetime to commit author date (MarcoFalke)
|
|
Forgot to do this in #7776.
|
|
The -debug tarballs/zips contain detached debugging symbols. To use them, place
in the same dir as the target binary, and invoke gdb as usual.
Also, because the debug symbols add a substantial space requirement, the build
dirs are now deleted when they're no longer needed.
|
|
|
|
|
|
This removes the following executables from the binary gitian release:
- test_bitcoin-qt[.exe]
- bench_bitcoin[.exe]
@jonasschnelli and me discussed this on IRC a few days ago - unlike the
normal `bitcoin_tests` which is useful to see if it is safe to run
bitcoin on a certain OS/environment combination, there is no good reason
to include these. Better to leave them out to reduce the download
size.
Sizes from the 0.12 release:
```
2.4M bitcoin-0.12.0/bin/bench_bitcoin.exe
22M bitcoin-0.12.0/bin/test_bitcoin-qt.exe
```
|
|
|
|
|
|
|
|
Also adds ability to disable check with BITCOIN_GENBUILD_NO_GIT=1 in the environment
|
|
|
|
|
|
fa09562 [gitian] Set reference date to something more recent (MarcoFalke)
|
|
|
|
... in preparation for 0.13
|
|
|
|
|
|
Common sentiment is that the miniupnpc codebase likely contains further
vulnerabilities.
I'd prefer to get rid of the dependency completely, but a compromise for
now is to at least disable it by default.
|
|
|
|
Do not backport.
|
|
This helps in file views where binaries are sorted by time
|
|
For Gitian releases:
- Windows builds remain unchanged. libstdc++ was already linked statically.
- OSX builds remain unchanged. libstdc++ is tied to the SDK and not worth
messing with.
- Linux builds now statically link libstdc++.
For Travis:
- Match the previous behavior by adding --enable-reduce-exports as
necessary.
- Use static libstdc++ for the full Linux build.
|
|
Since permissions and timestamps are changed for the sake of determinism,
. must not be added to the archive. Otherwise, tar may try to modify pwd when
extracting.
|
|
|
|
|
|
|
|
Descriptors now make use of the dependencies builder, so results are cached.
A very new version (>= e9741525c) of Gitian should be used in order to take
advantage of caching.
|
|
|
|
Upgrade for https://www.openssl.org/news/secadv_20140605.txt
Just in case - there is no vulnerability that affects ecdsa signing or
verification.
The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.
As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.
The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
|
|
Bumps deps-linux, deps-win dependency versions as well.
qt-win does not need to be bumped, as although it depends on deps-win,
Qt doesn't use miniupnp. I verified this by rebuilding the dependency
and checking the the output is the same. Not having to rebuild Qt is a
good thing as it is huge.
|
|
Bump Qt dependency version after OpenSSL update.
Very important. Thanks @michagogo for noting.
|
|
OpenSSL 1.0.1g fixes CVE-2014-0160.
Also bump dependency versions.
|
|
IIRC this was the case with 0.8.6, so let's keep this to avoid the risk
of losing connectable nodes with 0.9 release.
Also our miniupnpc library was recently updated and I've heard
reports that it works better than before now.
|
|
Make the bitcoin-X.X.X.tar.gz deterministic.
|
|
- Add 'g++' package (virtualbox images don't have this by default)
- Workaround for determinism in Qt5 resources
- Pass --disable-maintainer-mode --disable-dependency-tracking to
configure for libqrencode to avoid random errors about missing m4
directory
- Fix typo -with-pic -> --with-pic
It is not necessary to rebuild dependencies after this commit.
Fixes #3610 and #3612.
|
|
- Build a 64 bit version of all dependencies
- Show 32/64 bit version in "About..." for x86
- Export 64-bit .exes and installer from gitian build
|