Commit graph

28 commits

Author SHA1 Message Date
Luke Dashjr
e5daa2e2ae Merge branch 'master' into depends_curl 2016-02-27 06:11:37 +00:00
Luke Dashjr
5c70a6d6d1 Bugfix: gitian: Add curl to packages (now needed for depends) 2016-02-27 06:09:18 +00:00
Cory Fields
a81c87fafc release: add security/symbol checks to gitian 2016-01-26 23:07:04 -05:00
Wladimir J. van der Laan
3b468a0e60 gitian: Need ca-certificates and python for LXC builds 2016-01-18 10:59:14 +01:00
Wladimir J. van der Laan
eb2b74526a
Merge pull request #7251
fa09562 [gitian] Set reference date to something more recent (MarcoFalke)
2016-01-04 09:29:58 +01:00
MarcoFalke
fa095622c2 [gitian] Set reference date to something more recent 2016-01-02 18:11:49 +01:00
Wladimir J. van der Laan
c12ff995f7
Now that 0.12 has been branched, master is 0.12.99
... in preparation for 0.13
2015-12-03 12:07:01 +01:00
Wladimir J. van der Laan
957c0fd7c0 gitian: make windows build deterministic 2015-11-19 13:01:35 +01:00
Wladimir J. van der Laan
2e31d74b71 gitian: use trusty for building 2015-11-16 16:39:24 +01:00
Wladimir J. van der Laan
21d27ebad5 net: Disable upnp by default
Common sentiment is that the miniupnpc codebase likely contains further
vulnerabilities.

I'd prefer to get rid of the dependency completely, but a compromise for
now is to at least disable it by default.
2015-10-09 21:09:44 +02:00
Cory Fields
a3ba9a553a gitian: make the windows signing process match OSX 2015-06-30 10:57:14 -04:00
Cory Fields
960e99404f gitian: Bump cache dir for current master
Do not backport.
2015-06-02 10:41:56 -04:00
Cory Fields
be656283f9 gitian: bump faketime to something more recent
This helps in file views where binaries are sorted by time
2015-06-02 10:39:34 -04:00
Cory Fields
06715165f9 build: change reduce exports/static libstdc++ options for gitian and travis
For Gitian releases:
  - Windows builds remain unchanged. libstdc++ was already linked statically.
  - OSX builds remain unchanged. libstdc++ is tied to the SDK and not worth
    messing with.
  - Linux builds now statically link libstdc++.

For Travis:
  - Match the previous behavior by adding --enable-reduce-exports as
  necessary.
  - Use static libstdc++ for the full Linux build.
2015-02-23 18:22:58 -05:00
Cory Fields
0c6ab676ee gitian: don't add . to tar list
Since permissions and timestamps are changed for the sake of determinism,
. must not be added to the archive. Otherwise, tar may try to modify pwd when
extracting.
2015-02-13 03:08:08 -05:00
Cory Fields
566c6cb8a2 gitian: attempt to fix tarball determinisim 2014-12-23 19:43:27 -05:00
Cory Fields
52bb7a7e1b gitian: update descriptors to use a sane uniform output 2014-11-25 18:49:02 -05:00
Cory Fields
246659aff1 gitian: make tarballs deterministic and nuke .la files from build output 2014-11-19 22:49:41 -05:00
Cory Fields
1aead42d41 gitian: descriptors overhaul
Descriptors now make use of the dependencies builder, so results are cached.
A very new version (>= e9741525c) of Gitian should be used in order to take
advantage of caching.
2014-11-19 22:49:41 -05:00
Luke Dashjr
ab72068565 Bugfix: Replace bashisms with standard sh in gitian descriptors 2014-10-03 23:45:26 +00:00
Wladimir J. van der Laan
6e7c4d17d8 gitian: upgrade OpenSSL to 1.0.1h
Upgrade for https://www.openssl.org/news/secadv_20140605.txt

Just in case - there is no vulnerability that affects ecdsa signing or
verification.

The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.

As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.

The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
2014-06-05 17:24:38 +02:00
Wladimir J. van der Laan
25d4911e86 gitian: upgrade miniupnpc input to 1.9
Bumps deps-linux, deps-win dependency versions as well.

qt-win does not need to be bumped, as although it depends on deps-win,
Qt doesn't use miniupnp. I verified this by rebuilding the dependency
and checking the the output is the same. Not having to rebuild Qt is a
good thing as it is huge.
2014-04-09 14:24:17 +02:00
Wladimir J. van der Laan
178825dec3
gitian: Version bump for Qt dependency
Bump Qt dependency version after OpenSSL update.
Very important. Thanks @michagogo for noting.
2014-04-08 11:51:59 +02:00
Wladimir J. van der Laan
4a811b0053
gitian: upgrade openssl to 1.0.1g for both win and linux
OpenSSL 1.0.1g fixes CVE-2014-0160.

Also bump dependency versions.
2014-04-08 08:40:02 +02:00
Wladimir J. van der Laan
93c3e21e92 Re-enable UPnP by default in gitian builds
IIRC this was the case with 0.8.6, so let's keep this to avoid the risk
of losing connectable nodes with 0.9 release.

Also our miniupnpc library was recently updated and I've heard
reports that it works better than before now.
2014-02-27 15:44:00 +01:00
Wladimir J. van der Laan
4ce9106ff8 gitian: sort generated source distribution archive for windows
Make the bitcoin-X.X.X.tar.gz deterministic.
2014-02-10 17:07:36 +01:00
Wladimir J. van der Laan
65615a3a78 Gitian fixes for 0.9.0rc1 build
- Add 'g++' package (virtualbox images don't have this by default)
- Workaround for determinism in Qt5 resources
- Pass --disable-maintainer-mode --disable-dependency-tracking to
  configure for libqrencode to avoid random errors about missing m4
  directory
- Fix typo -with-pic -> --with-pic

It is not necessary to rebuild dependencies after this commit.
Fixes #3610 and #3612.
2014-02-03 14:43:51 +01:00
Wladimir J. van der Laan
f622232bcf gitian: Windows 64 bit support
- Build a 64 bit version of all dependencies
- Show 32/64 bit version in "About..." for x86
- Export 64-bit .exes and installer from gitian build
2014-01-21 14:02:13 +01:00