This is an ideal version of what the release process should look like,
making it more consistent with the OS X process. Some of the changes
described here would need to be made in the descriptors, which is somewhat
beyond what I would feel comfortable doing, not really understanding the signature process in depth.
[skip ci]
Rather than fetching a signature.tar.gz from somewhere on the net, instruct
Gitian to use a signature from a tag in the bitcoin-detached-sigs repository
which corresponds to the tag of the release being built.
This changes detached-sig-apply.sh to take a dirname rather than a tarball as
an argument, though detached-sig-create.sh still outputs a tarball for
convenience.
- Split linux32/linux64 releases
- Split win32/win64 zips
- Post-processing should no longer be required. The deterministic outputs are
ready for consumption.
This is PR #4271, but with the changes to the descriptors, both the names of the
files and the names of the intermediate build artifact archives, removed.
This also closes#3775 if it goes in, because it covers the changes in
that PR.
Upgrade for https://www.openssl.org/news/secadv_20140605.txt
Just in case - there is no vulnerability that affects ecdsa signing or
verification.
The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.
As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.
The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
A qt installation date snuck into the host utils (lrelease etc)
This doesn't affect the end product, so no dependency version bump.
It also doesn't explain why gavin's and mine build is different
Should make it possible to run the resulting GUI executable on
Linux distributions that use Qt 4.6, such as Debian Wheezy and Tails.
Builds a mini-SDK for building against Qt 4.6. This includes the headers
as well as host utilities such as `lrelease`, `qrc` and `moc`.
This speeds up the gitian build a bit - libqt4-dev pulled in a lot of packages,
and is no longer needed as this provides a replacement of our own.
Note: This does not replace the Qt build with at static library. After this
commit we still build dynamically against the system Qt library. The only
difference is that compatibility with an older version is maintained. This
loses minor GUI functionality (such as setPlaceholderText) but still
allows integration into the window management of the host OS, unlike
when statically linking.
Drawback: The version string is no longer a valid git identifier.
For this reason the 'g' short hash prefix has been removed.
Exception: When building directly from a tag this behaves exactly like the previous behavior.
This allows formatting release versions with precision i.e. v0.9.2
This also allows arbitrary topicbranch names i.e. v0.9.1-glibc-compat
Bumps deps-linux, deps-win dependency versions as well.
qt-win does not need to be bumped, as although it depends on deps-win,
Qt doesn't use miniupnp. I verified this by rebuilding the dependency
and checking the the output is the same. Not having to rebuild Qt is a
good thing as it is huge.
The FTP server what we get libpng from only keeps the latest version in its main folder. Older versions are in the "history" folder. Apparently version 1.6.9 has been released, so 1.6.8 has moved to the history folder.
Instead of using the boost provided by Ubuntu 12.04, build our own
dependency like we do for Windows.
This allows using a much newer version (1.55 versus 1.46) as well as
building with `-fPIC` so that `-pie` can be used in the x86-64 build.
0425715 gitian: add explicit dependency build for linux (Wladimir J. van der Laan)
279af1a build: use Ubuntu 12.04 for linux gitian build (Wladimir J. van der Laan)
This commit adds a step, which is to git checkout the version to be
built. This ensures that the gitian-descriptors for said version will be
the correct ones. In addition, it updates the links for several
dependencies, where the previously existing links were dead.
Workaround 1.54.0 build bug, upstream #9156
Workaround 1.51.0+ human bug, upstream #7262
This commit also demonstrates a method to verify the integrity of inputs.