568aa0cf83 Add OpenSSL termios fix for musl libc (Nathan Marley)
Pull request description:
Currently the version of OpenSSL included in the depends system won't build on musl based systems because `termio.h` does not exist. The proper header named `termios.h` does exist.
This PR adds a patch for OpenSSL to replace the `termio.h` header with `termios.h`, which is the proper POSIX header as I understand it.
This is a known issue as `TERMIOS` (not `TERMIO`) should be the default, and is fixed in later versions of OpenSSL. There is discussion on the OpenSSL repo here: openssl/openssl#163
This has been [fixed in OpenSSL](64e6bf64b3).
This partly fixes#16925 and allows building Bitcoin on Alpine using the depends system.
ACKs for top commit:
laanwj:
ACK 568aa0cf83
Tree-SHA512: d0aac116b7a1133bdecb34a9fb6c63db0336a3547585c07ed31ac9c5edb97e9570dcbf931e7fbc7172ce0735b6bfc11fb204e015532fcd90496a233e8fc17081
f0636d3418 depends: zlib: Move toolchain options to configure (Carl Dong)
Pull request description:
```
zlib has its own custom configure script, see comment in zlib.mk for
more details
```
Performed Guix cross-builds locally and everything worked as expected.
ACKs for top commit:
laanwj:
ACK f0636d3418
Tree-SHA512: 7ff6114e52a9c49941da31cb0ebd8918b056bf23343790d758e107003d856f3b1f16ebf4ce0ce22e1216a37a610b4c106def3f869d128bfffa61280d45ed6b38
QMAKE_LFLAGS was removed from qtbase/mkspecs/win32-g++/qmake.conf in
39fc377bf105ba09e2a8f9acae467dc789b96525. Here, we add it back in with
our LDFLAGS from depends before the first occurance of any
QMAKE_LFLAGS_* variable settings.
0c6054fc9f depends: Bump QT to LTS release 5.9.8 (THETCR)
Pull request description:
This update is only a minor version but in contrary to 5.9.7 it's a LTS release.
It doesn't add any new functionality to Qt but fixes multiple security issues and bugs.
Including some race conditions and annoying bugs on macOS.
ACKs for top commit:
Sjors:
ACK 0c6054fc9f. Lightly tested on macOS 10.14.6. Not really sure what difference would matter on macOS.
Tree-SHA512: f01d947cc0db6d761e32551071fa00fe8014fb7b2ce707271a159bb61c6d60e062ac8f4da5f36bd8fc4736e1e852368a1353ea3f994f61f1d0c76cc7d1664938
c295cba5a2 depends: zeromq: disable draft classes and methods (fanquake)
0072237b9e depends: xproto: configure flags cleanup (fanquake)
6a8ada3a4f depends: qrencode: configure flags cleanup (fanquake)
86beb8cdc4 depends: fontconfig: configure flags cleanup (fanquake)
e656d95ec7 depends: libxcb: configure flags cleanup (fanquake)
e439388b35 depends: libXau: configure flags cleanup (fanquake)
Pull request description:
Related to #16354.
This PR adds additional configure flags to packages in depends to explicitly disable features we aren't using; similar to #16183. It also fixes passing `--without-tools` to `qrencode`.
I've added `--disable-drafts` to `zeromq`:
```bash
Build and install draft classes and methods [default=yes]
```
I'm not entirely sure how far we want to take this. i.e in the `zeromq` package we explicitly pass `--without-libsodium`, even though it's disabled by default.
Do we also want to explicitly pass all the other `--without` flags? :
```bash
--with-libgssapi_krb5 require libzmq build with libgssapi_krb5
[default=no]
--with-libsodium use libsodium instead of built-in tweetnacl
[default=no]
--with-pgm build libzmq with PGM extension. Requires pkg-config
[default=no]
--with-norm build libzmq with NORM protocol extension,
optionally specifying norm path [default=no]
--with-vmci build libzmq with VMCI transport [default=no]
```
ACKs for top commit:
dongcarl:
ACK c295cba5a2
Tree-SHA512: df6d38b863b4008ed2cb06c97eb0e21eaa4b5fde552876065ba7f3c87bf6e372e5b954a51bf3fde2151cfb6d2c022227d34337fc6e50ce0caa1d518abbd2412a
Because we pass -qt-xcb to Qt, it will compile in a set of xcb helper libraries and extensions.
So skip building all of the libxcb extensions when we build libcxb in depends.
More info is available here: https://doc.qt.io/qt-5.9/linux-requirements.html
f509e3b8ce doc: remove line numbers from qt package links (fanquake)
1bb1661a40 doc: fix typo in bitcoin_qt.m4 comment (fanquake)
0aeb98ac1f build: remove jpeg lib check from bitcoin_qt.m4 (fanquake)
98a64bd296 build: disable libjpeg in qt (fanquake)
Pull request description:
When gitian building on Windows I'm seeing:
```bash
checking for Qt 5... yes
checking for > Qt 5.7... yes
checking for main in -limm32... yes
checking for main in -lz ... yes
checking for library containing jpeg_create_decompress ... configure: WARNING: libjpeg not found. Assuming qt has it built-in
no
checking for library containing png_error ... -lqtlibpng
checking for library containing pcre2_match_16... -lqtpcre2
checking for library containing hb_ot_tags_from_script ... -lqtharfbuzz
```
We are passing `-qt-libjpeg` to Qt:
e6e99d4f75/depends/packages/qt.mk (L66)
but I dont think we are doing anything with `jpeg` related regardless?
ACKs for top commit:
laanwj:
ACK f509e3b8ce
promag:
ACK f509e3b8ce.
Tree-SHA512: 61ea20c11df11b9d426644df9a01aac12b76897003121a283fc784a8c30e9b5ad34c9805069fec20926f7aa279e59528e2e13697a944a22760c3acb6366fffbe
libXext was only needed (as a library) by QT when it was using
XLib/libX11 (as a library), now that we're building QT without
XLib/libX11, we can safely remove libXext.
We're no longer building QT with libX11/XLib, however, libX11/XLib
headers are still required for parts of QT. In this commit we add a
minimal configure.ac for libX11/XLib that is headers-only.
This change allows us to remove all of libX11/XLib's dependencies.
Previously, in 683b7d7a3f and
0e752637a2, we accidentally broke QT's
ability to pick up Xlib thru the config.gui.tests.xlib configuration
test, which also means that config.gui.libraries.xcb_xlib wasn't run.
This resulted in a QT build that was implicitly -no-xcb-lib and
-no-feature-xlib.
This is actually a desired behaviour, as it means less required shared
objects for our final bitcoin-qt binary. Specifically, it eliminated the
libX11-xcb.so.1 and libX11.so.6 requirements.
In this commit, we explicitly build without Xlib. We should continue to
track upstream ticket https://bugreports.qt.io/browse/QTBUG-61452 which
talks about adding a -no-xlib (non-hidden) flag instead of the
-no-feature-xlib (hidden) flag.
63d0a079e0 build: dont compile rapidcheck with -Wall (fanquake)
Pull request description:
Fixes#16062.
Remove `-Wall` from the rapidcheck build flags pre compilation.
Discussed briefly with theuni.
ACKs for top commit:
MarcoFalke:
ACK 63d0a079e0 (checked that `RAPIDCHECK=1 make rapidcheck` fails without this)
Tree-SHA512: 6cb3653221c1eadbc8da54812298a061130b4377da6f63dcc2dfb97379d303b4db538e67f4fe3c96a03ee6a1e65840f0def0ac4e862553480c7ac4bdcc77e113
xtrans does not understand the --with-pic and --disable-shared flags we
pass it because it is not a library. Instead, we should pass it flags
that disable features/packages we're not using so they don't get a
chance to sneak in.
2620e24b83 [depends] boost: update to 1.70 (Sjors Provoost)
Pull request description:
Version [1.70](https://www.boost.org/users/history/version_1_70_0.html) is most recent.
Versions needed for:
* 1.66: #12557: fixes the single arm64 configuration ([06ee5b5](06ee5b54ef))
ACKs for commit 2620e2:
Tree-SHA512: 6e0174f1d92c2c24314c0689d4809e048914f8f42d17aa73799f5ee232169e0dd0ed71f5f973903c44c08309f2837c629c493f15e5c31ec6c7bd1daae5f3b25f
8541cbea2 depends: libX*: --disable-malloc0returnsnull in conf (Carl Dong)
0e752637a depends: libXext: Bump to 1.3.3 to fix _XEatDataWords (Carl Dong)
683b7d7a3 depends: Purge libtool archives (Carl Dong)
14209286d depends: Build secondary deps statically. (Carl Dong)
Pull request description:
```
We use pkg-config where we can, which generally replaces libtool at a
higher level and does not have the same downsides as libtool. These
archives sit in our depends tree with no purpose and pollute the final
bitcoin build with massive overlinking.
```
See [here](https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Handling_Libtool_Archives) for an explanation of the various problems libtool archives can cause.
Unrelated in every way except in spirit: `-D__LIBTOOL_IS_A_FOOL__`!!
-----
This PR is based on #16041, and therefore should be merged after #16041.
ACKs for commit 8541cb:
Tree-SHA512: 76030cf32361f0b1cfe14e3827a0cbec99994e7da00a56194ca40cf6cf7d87f78552f49d03d41ce9cf9b642992b90d993578ed1f0ad6bae15cd3f1c88dfaa4b0
We use pkg-config where we can, which generally replaces libtool at a
higher level and does not have the same downsides as libtool. These
archives sit in our depends tree with no purpose and pollute the final
bitcoin build with massive overlinking.
Some dependency sources were downloaded via http, even though https (SSL/TLS) options are available.
Even if we potentially check the integrity of the downloaded files via hash comparison, we should make
use of this additional security layer.
bdb.mk
fontconfig.mk
freetype.mk
libX11.mk
libXau.mk
libXext.mk
libxcb.mk
native_cctools.mk
native_cdrkit.mk
xcb_proto.mk
xextproto.mk
xproto.mk
xtrans.mk
zlib.mk
miniupnp was switched to official project mirror with SSL support
For normal users, --no-same-owner is default, but not so for root, where
it is assumed that root can change ownership willy-nilly. This is not
the case for privilege-limited container environments where we gaslight
the process into thinking it's root.