Commit Graph

53 Commits

Author SHA1 Message Date
Wladimir J. van der Laan
bccc3b9053 gitian: Add --disable-bench to config flags for windows
Forgot to do this in #7776.
2016-06-20 12:53:59 +02:00
Cory Fields
464b3cd367 gitian: create debug packages for linux/windows
The -debug tarballs/zips contain detached debugging symbols. To use them, place
in the same dir as the target binary, and invoke gdb as usual.

Also, because the debug symbols add a substantial space requirement, the build
dirs are now deleted when they're no longer needed.
2016-06-20 12:53:45 +02:00
Cory Fields
413a20e12b gitian: use CONFIG_SITE rather than hijacking the prefix 2016-06-20 12:53:30 +02:00
Wladimir J. van der Laan
4abf0bea08 build: Remove unnecessary executables from gitian release
This removes the following executables from the binary gitian release:

- test_bitcoin-qt[.exe]
- bench_bitcoin[.exe]

@jonasschnelli and me discussed this on IRC a few days ago - unlike the
normal `bitcoin_tests` which is useful to see if it is safe to run
bitcoin on a certain OS/environment combination, there is no good reason
to include these. Better to leave them out to reduce the download
size.

Sizes from the 0.12 release:
```
2.4M bitcoin-0.12.0/bin/bench_bitcoin.exe
 22M bitcoin-0.12.0/bin/test_bitcoin-qt.exe
```
2016-06-20 12:52:05 +02:00
Luke Dashjr
aef1009293 Bugfix: gitian: Add curl to packages (now needed for depends)
Github-Pull: #7614
Rebased-From: 5c70a6d6d15cc301b76558f708948c375fe63ccb
2016-03-07 12:18:46 +01:00
UdjinM6
a5ac60b868 Merge remote-tracking branch 'bitcoin/0.12' into HEAD
+ merge fixes
+ keepass on evhttp
2016-02-06 16:48:04 +03:00
Cory Fields
aa26ee0101
release: Add security/export checks to gitian and fix current failures
- fix parsing of BIND_NOW with older readelf
- add _IO_stdin_used to ignored exports

For details see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634261#109

- add check-symbols and check-security make targets

These are not added to the default checks because some of them depend on
release-build configs.

- always link librt for glibc back-compat builds

glibc absorbed clock_gettime in 2.17. librt (its previous location) is safe to
link in anyway for back-compat.

Fixes #7420

- add security/symbol checks to gitian

Github-Pull: #7424
Rebased-From: cd27bf51e06a8d79790a631696355bd05751b0aa 475813ba5b208eb9a5d027eb628a717cc123ef4f f3d3eaf78eb51238d799d8f20a585550d1567719 a8ce872118c4807465629aecb9e4f3d72d999ccb a81c87fafce43e49cc2307947e3951b84be7ca9a
2016-01-27 11:33:33 +01:00
Wladimir J. van der Laan
5bb3e263e2
build: Make networking work inside LXC builder in gitian-building.md
These are changes I needed to get gitian building to work with Debian
8.2, which is the version we tell to use.

- Set up NAT, so that container can access network beyond host
- Remove explicit cgroup setup - these are mounted automatically now
- gitian: Need `ca-certificates` and `python` for LXC builds

Github-Pull: #7060
Rebased-From: 99fda26de0661afcbe43d5e862c382e3c2e3aa5e 3b468a0e609147c7d7afd8ed97bf271f2356daef
2016-01-20 13:26:49 +01:00
MarcoFalke
f6c8c1242b
[gitian] Set reference date to something more recent
Github-Pull: #7251
Rebased-From: fa095622c25492ddc7096c5825f327e4427e7d75
2016-01-04 11:43:06 +01:00
Wladimir J. van der Laan
957c0fd7c0 gitian: make windows build deterministic 2015-11-19 13:01:35 +01:00
Wladimir J. van der Laan
2e31d74b71 gitian: use trusty for building 2015-11-16 16:39:24 +01:00
Wladimir J. van der Laan
21d27ebad5 net: Disable upnp by default
Common sentiment is that the miniupnpc codebase likely contains further
vulnerabilities.

I'd prefer to get rid of the dependency completely, but a compromise for
now is to at least disable it by default.
2015-10-09 21:09:44 +02:00
Cory Fields
a3ba9a553a gitian: make the windows signing process match OSX 2015-06-30 10:57:14 -04:00
Cory Fields
960e99404f gitian: Bump cache dir for current master
Do not backport.
2015-06-02 10:41:56 -04:00
Cory Fields
be656283f9 gitian: bump faketime to something more recent
This helps in file views where binaries are sorted by time
2015-06-02 10:39:34 -04:00
UdjinM6
24309f78ce various (gitian) build fixes 2015-04-29 21:27:52 +03:00
UdjinM6
fabca0a428 more bitcoin->dash fixes 2015-04-06 00:56:58 +03:00
UdjinM6
64eebc3316 0.12 dirty merge'n'fix (bitcoin 0.10) 2015-04-04 19:24:37 +03:00
Evan Duffield
d0e5aa8385 fixed github reference 2015-03-20 09:30:23 -07:00
Evan Duffield
5cb26c5928 Changed darkcoin references to dash
- Changed out logos (just a placeholder)
- DRK -> DASH
- ./darkcoin -> ./dash
2015-03-19 12:03:14 -07:00
crowning2
fd865303f1 Added new resources to QT-Makefile 2015-03-07 01:43:42 +01:00
Cory Fields
06715165f9 build: change reduce exports/static libstdc++ options for gitian and travis
For Gitian releases:
  - Windows builds remain unchanged. libstdc++ was already linked statically.
  - OSX builds remain unchanged. libstdc++ is tied to the SDK and not worth
    messing with.
  - Linux builds now statically link libstdc++.

For Travis:
  - Match the previous behavior by adding --enable-reduce-exports as
  necessary.
  - Use static libstdc++ for the full Linux build.
2015-02-23 18:22:58 -05:00
Cory Fields
047a898317
gitian: don't add . to tar list
Since permissions and timestamps are changed for the sake of determinism,
. must not be added to the archive. Otherwise, tar may try to modify pwd when
extracting.

Rebased-From: 0c6ab676ee
Github-Pull: #5790
2015-02-13 09:55:11 +01:00
Cory Fields
0c6ab676ee gitian: don't add . to tar list
Since permissions and timestamps are changed for the sake of determinism,
. must not be added to the archive. Otherwise, tar may try to modify pwd when
extracting.
2015-02-13 03:08:08 -05:00
vertoe
928613c03c merge branch '0.9' of https://github.com/bitcoin/bitcoin into devel-0.9 2015-01-12 07:42:34 +01:00
Wladimir J. van der Laan
f047dfa7df
gitian: openssl-1.0.1i.tar.gz -> openssl-1.0.1k.tar.gz 2015-01-10 08:57:25 +01:00
Evan Duffield
12bac4a862 gitian changes, tooltips and version bump 2015-01-02 09:54:13 -07:00
Darkcoin
cfba0c88d8 Merge pull request #99 from nightlydarkcoin/v0.11.0.x
fixed gitian builds
2015-01-02 08:55:42 -07:00
Holger Schinzel
a9c8f5f18e fixed gitian build 2015-01-02 16:03:27 +01:00
Holger Schinzel
9fcd256482 fixed gitian builds 2015-01-02 13:42:55 +01:00
Evan Duffield
3a6403ae33 Gitian updates 2015-01-01 13:46:35 -07:00
Evan Duffield
2ad2b57c12 Fix for gitian windows compiling 2015-01-01 09:47:45 -07:00
Evan Duffield
f139b70a28 More gitian updates 2014-12-31 14:06:20 -07:00
Evan Duffield
cbdf23070f update gitian descriptors 2014-12-31 12:03:18 -07:00
Evan Duffield
cf7a304dfd Update gitian descriptors 2014-12-31 09:10:49 -07:00
Cory Fields
b3d67e1c34
gitian: attempt to fix tarball determinisim
Rebased-From: 566c6cb8a2
Github-Pull: #5536
2014-12-27 04:56:14 +01:00
Cory Fields
566c6cb8a2 gitian: attempt to fix tarball determinisim 2014-12-23 19:43:27 -05:00
vertoe
5ba6751be7 Change , .conf and .pid files to darkcoin 2014-11-27 17:26:22 +01:00
Cory Fields
52bb7a7e1b gitian: update descriptors to use a sane uniform output 2014-11-25 18:49:02 -05:00
Cory Fields
246659aff1 gitian: make tarballs deterministic and nuke .la files from build output 2014-11-19 22:49:41 -05:00
Cory Fields
1aead42d41 gitian: descriptors overhaul
Descriptors now make use of the dependencies builder, so results are cached.
A very new version (>= e9741525c) of Gitian should be used in order to take
advantage of caching.
2014-11-19 22:49:41 -05:00
Luke Dashjr
ab72068565 Bugfix: Replace bashisms with standard sh in gitian descriptors 2014-10-03 23:45:26 +00:00
Wladimir J. van der Laan
a9c6eef915 gitian: Bump miniupnp version to 1.9.20140701
Also change build system: STATICLIB is now MINIUPNP_STATICLIB.
2014-08-22 11:29:09 +02:00
Michael Ford
bba0175022 gitian: upgrade OpenSSL to 1.0.1i
Upgrade for https://www.openssl.org/news/secadv_20140806.txt

Rebased-From: 074bcdc
Github-Pull: #4648
2014-08-21 17:35:20 +02:00
Wladimir J. van der Laan
3ae41a64dd
gitian: upgrade OpenSSL to 1.0.1h
Upgrade for https://www.openssl.org/news/secadv_20140605.txt

Just in case - there is no vulnerability that affects ecdsa signing or
verification.

The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.

As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.

The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.

Rebased-By: Wladimir J. van der Laan <laanwj@gmail.com>
Rebased-From: 6e7c4d1
2014-06-06 18:59:56 +02:00
Wladimir J. van der Laan
6e7c4d17d8 gitian: upgrade OpenSSL to 1.0.1h
Upgrade for https://www.openssl.org/news/secadv_20140605.txt

Just in case - there is no vulnerability that affects ecdsa signing or
verification.

The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.

As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.

The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
2014-06-05 17:24:38 +02:00
Wladimir J. van der Laan
25d4911e86 gitian: upgrade miniupnpc input to 1.9
Bumps deps-linux, deps-win dependency versions as well.

qt-win does not need to be bumped, as although it depends on deps-win,
Qt doesn't use miniupnp. I verified this by rebuilding the dependency
and checking the the output is the same. Not having to rebuild Qt is a
good thing as it is huge.
2014-04-09 14:24:17 +02:00
Wladimir J. van der Laan
178825dec3
gitian: Version bump for Qt dependency
Bump Qt dependency version after OpenSSL update.
Very important. Thanks @michagogo for noting.
2014-04-08 11:51:59 +02:00
Wladimir J. van der Laan
4a811b0053
gitian: upgrade openssl to 1.0.1g for both win and linux
OpenSSL 1.0.1g fixes CVE-2014-0160.

Also bump dependency versions.
2014-04-08 08:40:02 +02:00
Wladimir J. van der Laan
93c3e21e92 Re-enable UPnP by default in gitian builds
IIRC this was the case with 0.8.6, so let's keep this to avoid the risk
of losing connectable nodes with 0.9 release.

Also our miniupnpc library was recently updated and I've heard
reports that it works better than before now.
2014-02-27 15:44:00 +01:00