* Zmq sequence (#1)
* Fixes ZMQ startup with bad arguments.
pr 7621
* [ZMQ] append a message sequence number to every ZMQ notification
- pr 7762
- contrib/zmq/zmq_sub.py to python 3 compatible
* typo in MSG_RAWTXLOCK
MMSG_RAWTXLOCK to MSG_RAWTXLOCK
* s/Bitcoind/dashd/
15a6a16 Implement transaction lock zmq notifications
3bc86a6 always push zmqpubhashtxlock even if tx is not from/to our wallet
568315b fix typo
b6d41d2 fix data size for notification name
339be11 implement zmqpubrawtxlock
70f44f9 update zmq_sub.py with hashtxlock and rawtxlock
1ca59fe update contrib/debian
7ad1ea8 fix some nits
05e0a12 updated pixmap references to dash
da7ef9c rename
- bitcoin*.png to dash*.png
- bitcoin*.xpm to dash*.xpm
d0d2f05 Update Dash description in Debian control to match the description in the main README.md file
3dc2bab Update Dash description in Debian control to match the description in the main README.md file
- this merges the latest Bitcoin changes and should enable us to provide Dash PPAs via https://launchpad.net/~dash.org/+archive/ubuntu/dashCloses#880
The -debug tarballs/zips contain detached debugging symbols. To use them, place
in the same dir as the target binary, and invoke gdb as usual.
Also, because the debug symbols add a substantial space requirement, the build
dirs are now deleted when they're no longer needed.
This removes the following executables from the binary gitian release:
- test_bitcoin-qt[.exe]
- bench_bitcoin[.exe]
@jonasschnelli and me discussed this on IRC a few days ago - unlike the
normal `bitcoin_tests` which is useful to see if it is safe to run
bitcoin on a certain OS/environment combination, there is no good reason
to include these. Better to leave them out to reduce the download
size.
Sizes from the 0.12 release:
```
2.4M bitcoin-0.12.0/bin/bench_bitcoin.exe
22M bitcoin-0.12.0/bin/test_bitcoin-qt.exe
```
This removes the following executables from the binary gitian release:
- test_bitcoin-qt[.exe]
- bench_bitcoin[.exe]
@jonasschnelli and me discussed this on IRC a few days ago - unlike the
normal `bitcoin_tests` which is useful to see if it is safe to run
bitcoin on a certain OS/environment combination, there is no good reason
to include these. Better to leave them out to reduce the download
size.
Sizes from the 0.12 release:
```
2.4M bitcoin-0.12.0/bin/bench_bitcoin.exe
22M bitcoin-0.12.0/bin/test_bitcoin-qt.exe
```
Github-Pull: #7776
Rebased-From: f063863d1f
- fix parsing of BIND_NOW with older readelf
- add _IO_stdin_used to ignored exports
For details see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634261#109
- add check-symbols and check-security make targets
These are not added to the default checks because some of them depend on
release-build configs.
- always link librt for glibc back-compat builds
glibc absorbed clock_gettime in 2.17. librt (its previous location) is safe to
link in anyway for back-compat.
Fixes#7420
- add security/symbol checks to gitian
Github-Pull: #7424
Rebased-From: cd27bf51e0475813ba5bf3d3eaf78ea8ce872118a81c87fafc
These are changes I needed to get gitian building to work with Debian
8.2, which is the version we tell to use.
- Set up NAT, so that container can access network beyond host
- Remove explicit cgroup setup - these are mounted automatically now
- gitian: Need `ca-certificates` and `python` for LXC builds
Github-Pull: #7060
Rebased-From: 99fda26de03b468a0e60
- Add new translations (finally, after a long time)
- update-translation script was not considering new translations - oops
- fixed this, also remove (nearly) empty translations
- Update translation process, it was still describing the old repository
structure
2cecb24 doc: change suite to trusty in gitian-building.md (Wladimir J. van der Laan)
957c0fd gitian: make windows build deterministic (Wladimir J. van der Laan)
2e31d74 gitian: use trusty for building (Wladimir J. van der Laan)
0b416c6 depends: qt PIDLIST_ABSOLUTE patch (Wladimir J. van der Laan)
9f251b7 devtools: add libraries for bitcoin-qt to symbol check (Wladimir J. van der Laan)
Perform the following ELF security checks:
- PIE: Check for position independent executable (PIE), allowing for address space randomization
- NX: Check that no sections are writable and executable (including the stack)
- RELRO: Check for read-only relocations, binding at startup
- Canary: Check for use of stack canary
Also add a check to symbol-check.py that checks that only the subset of
allowed libraries is imported (to avoid incompatibilities).
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This message is to inform you that I, Paul Rabahy have rolled over GPG
keys.
My old key = EA695E0CE2D0DCB0D65167A8D1CBA2A21BCD88F6
My new key = D62A803E27E7F43486035ADBBCD04D8E9CCCAC2A
My new key now has an offline primary key with an online subkey that I
will be
using for normal communications.
I have signed this message with both the old and new key so it should show
up
as validly signed. Please add my new key to your keyring so that future
communication will be properly verified.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWB3/LAAoJENHLoqIbzYj2LBwQAMgH5u2KDuxK2gmpRjEpVXe8
XPOon+SRL5zXfu1dFInXCg8APJEVaXhSeY+/s0GmUq0INRpK4r0tvZVN84X2UoHz
y88P6BeHzQI7dsCStINhW4Hb7DVpFvkHAxsRhy05/geD56/IOXnsG+5SvsH3essJ
O6DuRQOipDWkZ9NQuQPrqzlkcBErMbL4Cs0ED5DOOYccntnt5HM909KDHfKcG8iJ
/qNTVzVFYMGbLn6MVq89reatmIOxuVBkbixsqad5M4P9rQ3iGPnUzIEp4wn7/Ssd
XDiCZypzlHkcs1GKBLtWnYWahlWHItcd/Yz3AiHLfUehcZb52p0mvIaTf4lyAR5p
kQFTXZwrrzJDaomSE2Y2IeMIATZE7/7RInkHD6okUTFSoCFgxOeAxLBI6sxLH5x5
xLIdv45iiv3P5fz1gungfzn2OYy+dHgT74bJ32N18hs+xwZM2G6AYYvVvkTSDqC0
c3AopnjEV4i+4Aq0QfDD9fXpBc0QuDN7c5GkcFCiFlhN+gffjT8hkFliiW3e2X5K
Vsycv1sYXFSS/YYZ7RCixWgTkpi18ABaLu/N1ses7hLNMxx9ovjrMIJ5gC6Nyga9
2BiumvNMh0iE9yhPiN0a4YsZZnW/tc5K1+OJxnKZvxWrXqOgIhnKZA1U1Y83COgA
6pI5uKrggGQWgQFJxTmciQEcBAEBCAAGBQJWB3/LAAoJEDJeXsBcJ6amLBwH/ib+
wiD3wDy+VeTDFvh4AgQqDRCk+CvGEKJlcoBLm3ZDwzi+/26XB/BCFoopW9h67ZmC
yMFhgvCJ3RwPcVGgZBOZ//88E2symcYRBSZJVwMN/n3McmEKBmmEH6/tTqhLeBal
2pynse7qgfZV7P/rSMcqFdhzMYq6Jt25obTl3IqTo939G1oOxRK8ORNT3Hs4/uiF
7xsx+nUBe/L6dvw2Rxr8bWm7WKi/LF7fKN/HZuBfK2qH0S4ctG49fiBw3DTV+erO
lYHdOMA9sjk90Le5sNBw75Hyr4WMLUkGFkh9SvDK1Xe3bUCfCpBTpcPnRUqnHL32
9GbqORFiaUGPRCnaWKQ=
=JR4m
-----END PGP SIGNATURE-----
Common sentiment is that the miniupnpc codebase likely contains further
vulnerabilities.
I'd prefer to get rid of the dependency completely, but a compromise for
now is to at least disable it by default.
b0beae8 Drop "with minimal dependencies" from description (Zak Wilcox)
5e5e00b Split bitcoin-tx into its own package (Zak Wilcox)
05179f7 Include bitcoin-tx binary on Debian/Ubuntu (Zak Wilcox)
ddf98d1 Make RPC tests cope with server-side timeout between requests (Wladimir J. van der Laan)
2190ea6 rpc: Split option -rpctimeout into -rpcservertimeout and -rpcclienttimeout (Wladimir J. van der Laan)
8b2d6ed http: Disable libevent debug logging, if not explicitly enabled (Wladimir J. van der Laan)
5ce43da init: Ignore SIGPIPE (Wladimir J. van der Laan)
The two timeouts for the server and client, are essentially different:
- In the case of the server it should be a lower value to avoid clients
clogging up connection slots
- In the case of the client it should be a high value to accomedate slow
responses from the server, for example for slow queries or when the
lock is contended
Split the options into `-rpcservertimeout` and `-rpcclienttimeout` with
respective defaults of 30 and 900.
Continues Johnathan Corgan's work.
Publishing multipart messages
Bugfix: Add missing zmq header includes
Bugfix: Adjust build system to link ZeroMQ code for Qt binaries
This allows users to specify, e.g. raise, the default timeout of 60
seconds. Some bitcoind instances, especially long running ones on slow
hardware, require a higher timeout for a clean shut down.
Also add a comment to bitcoind.openrc's 'retry=', since it is not
obvious from the variable name what it does.
Allow for non-8333 nodes to appear in the internal seeds. This will
allow bitcoind to bypas a filter on 8333. This also makes it possible to
use the same tool for e.g. testnet.
As hosts with multiple nodes per IP are likely abusive, add a filter to
remove these (the ASN check will take care of them for IPv4, but not
IPv6 or onion).
- Moved all seed related scripts to contrib/seeds for consistency
- Updated `makeseeds.py` to handle IPv6 and onions, fix regular
expression for recent Bitcoin Core versions
- Fixed a bug in `generate-seeds.py` with regard to IPv6 parsing
- With nodes coming and going on the network, the network could come to different opinions about who should get paid next in line due to some nodes being flagged as failing a PoSe check. This will have to be fixed by introducing a blockchain based PoSe system, but that's out of the scope of this release. To fix the issues in the interrim, I'm removing PoSe checks for the time being.
Rather than fetching a signature.tar.gz from somewhere on the net, instruct
Gitian to use a signature from a tag in the bitcoin-detached-sigs repository
which corresponds to the tag of the release being built.
This changes detached-sig-apply.sh to take a dirname rather than a tarball as
an argument, though detached-sig-create.sh still outputs a tarball for
convenience.
960e994 gitian: Bump cache dir for current master (Cory Fields)
be65628 gitian: bump faketime to something more recent (Cory Fields)
c3cdd7b osx: set min version to 10.7 for 0.11+ (Cory Fields)
- Removed of reference node and replaced with decentralized quorums that pick the masternodes who get paid each block.
- Made a budgeting system, where masternodes can vote on individual budgets and the data is stored perminently on each clients computer
For Gitian releases:
- Windows builds remain unchanged. libstdc++ was already linked statically.
- OSX builds remain unchanged. libstdc++ is tied to the SDK and not worth
messing with.
- Linux builds now statically link libstdc++.
For Travis:
- Match the previous behavior by adding --enable-reduce-exports as
necessary.
- Use static libstdc++ for the full Linux build.
This reverts commit 1078fb0885 (and thus
pull #5623). It has various issues:
- Pull request names get cut off at ", see e.g. a026a56
- Merge script no longer copes with pulls that have a milestone
attached, due to a duplicate 'title' in JSON that is not handled by the
ad-hoc parsing.
Since permissions and timestamps are changed for the sake of determinism,
. must not be added to the archive. Otherwise, tar may try to modify pwd when
extracting.
Rebased-From: 0c6ab676ee
Github-Pull: #5790
Since permissions and timestamps are changed for the sake of determinism,
. must not be added to the archive. Otherwise, tar may try to modify pwd when
extracting.
- Check that image contents match pre- and post- crushing.
- Also remove use of external tool to compute sha256 in favor of hashlib.
- contrib: remove all use of shell=True in strip_pngs.py
Using `shell=True` can be a security hazard. See e.g.
https://docs.python.org/2/library/subprocess.html#subprocess.check_output
Not necessary for windows or linux, as the intermedate build result
doesn't change.
However for OSX on 0.9 the builds for the intermediates are not
deterministic, so this cannot be assessed. Bump the dep version just in
case.
- Add a space after the fixed string prepended to file names when input or
output file changes
- Clarify the error message when the genesis block is not found in the
hash list (...why do we have this at all?)
Descriptors now make use of the dependencies builder, so results are cached.
A very new version (>= e9741525c) of Gitian should be used in order to take
advantage of caching.
* Support new rpc commands.
* Several commands now take an optional boolean includeWatchonly argument.
* "help" now has section headers, ignore them when compiling list of commands.