Commit graph

16 commits

Author SHA1 Message Date
Chun Kuan Lee
1e60713a68 contrib: Fix test-security-check fail in Ubuntu 18.04 2018-07-26 17:10:13 +08:00
Conrado Gouvea
37d363dd4a
Tools: fix BIND_NOW check in security-check.py
Previously, the BIND_NOW check would work only if it was the first value in FLAGS.
2018-07-12 13:16:01 -03:00
John Bampton
0d31ef4762 Enable W191 and W291 flake8 checks.
Remove trailing whitespace from Python files.
Convert tabs to spaces.
2018-05-11 07:59:05 +10:00
John Newbery
5de2b18c67 [contrib] fixup security-check.py Python3 support 2018-03-28 15:46:54 -04:00
John Newbery
bc6fdf2d15 Change all python files to use Python3 2018-03-26 16:49:33 -04:00
Akira Takizawa
595a7bab23 Increment MIT Licence copyright header year on files modified in 2017 2018-01-03 02:26:56 +09:00
practicalswift
25cd520fc4 Use sys.exit(...) instead of exit(...): exit(...) should not be used in programs 2017-08-28 15:18:14 +02:00
Wladimir J. van der Laan
4e1567acff
Merge #8249: Enable (and check for) 64-bit ASLR on Windows
62c2915 build: supply `-Wl,--high-entropy-va` (Wladimir J. van der Laan)
9a75d29 devtools: Check for high-entropy ASLR in 64-bit PE executables (Wladimir J. van der Laan)
2016-09-26 13:34:38 +02:00
Wladimir J. van der Laan
9a75d29b6f devtools: Check for high-entropy ASLR in 64-bit PE executables
check_PE_PIE only checked for DYNAMIC_BASE, this is not enough
for (secure) ASLR on 64-bit.
2016-09-26 12:57:55 +02:00
isle2983
4677b197f7 [copyright] add MIT License copyright header to remaining Python files 2016-09-11 16:21:01 -06:00
Matthew King
7b01ce254c Favour python over python2 as per PR #7723 2016-06-28 12:59:34 +03:00
Matthew King
873e81f89b Use portable #! in python scripts (/usr/bin/env) 2016-06-26 16:47:03 +03:00
Wladimir J. van der Laan
18f05c765c build: python 3 compatibility
Ubuntu 16.04 "xenial xerus" does not come with Python 2.x by default.
It is possible to install a python-2.7 package, but this has its own
problem: no `python` or `python2` symlink (see #7717).

This fixes the following scripts to work with python 3:
- `make check` (bctest,py, bitcoin-util-test.py)
- `make translate` (extract_strings_qt.py)
- `make symbols-check` (symbol-check.py)
- `make security-check` (security-check.py)

Explicitly call the python commands using $(PYTHON) instead
of relying on the interpreter line at the top of the scripts.
2016-03-29 17:20:16 +02:00
Cory Fields
cd27bf51e0 release: fix parsing of BIND_NOW with older readelf 2016-01-26 23:07:04 -05:00
calebogden
0331aa350c Fixing typos on security-check.py and torcontrol.cpp 2016-01-08 13:31:42 -08:00
Wladimir J. van der Laan
579b863cd7 devtools: Add security-check.py
Perform the following ELF security checks:

- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary

Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
2015-10-22 03:35:38 +02:00