5f06e6ab9c
Upgrade for https://www.openssl.org/news/secadv_20140605.txt Just in case - there is no vulnerability that affects ecdsa signing or verification. The MITM attack vulnerability (CVE-2014-0224) may have some effect on our usage of SSL/TLS. As long as payment requests are signed (which is the common case), usage of the payment protocol should also not be affected. The TLS usage in RPC may be at risk for MITM attacks. If you have `-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
131 lines
4.6 KiB
YAML
131 lines
4.6 KiB
YAML
---
|
|
name: "dogecoin-deps"
|
|
suites:
|
|
- "precise"
|
|
architectures:
|
|
- "amd64"
|
|
packages:
|
|
- "mingw-w64"
|
|
- "g++-mingw-w64"
|
|
- "git-core"
|
|
- "zip"
|
|
- "faketime"
|
|
- "psmisc"
|
|
reference_datetime: "2011-01-30 00:00:00"
|
|
remotes: []
|
|
files:
|
|
- "openssl-1.0.1h.tar.gz"
|
|
- "db-5.1.29.NC.tar.gz"
|
|
- "miniupnpc-1.8.tar.gz"
|
|
- "zlib-1.2.8.tar.gz"
|
|
- "libpng-1.6.8.tar.gz"
|
|
- "qrencode-3.4.3.tar.bz2"
|
|
script: |
|
|
#
|
|
export LD_PRELOAD=/usr/lib/faketime/libfaketime.so.1
|
|
export FAKETIME=$REFERENCE_DATETIME
|
|
export TZ=UTC
|
|
INDIR=$HOME/build
|
|
TEMPDIR=$HOME/tmp
|
|
# Input Integrity Check
|
|
echo "9d1c8a9836aa63e2c6adb684186cbd4371c9e9dcc01d6e3bb447abf2d4d3d093 openssl-1.0.1h.tar.gz" | sha256sum -c
|
|
echo "08238e59736d1aacdd47cfb8e68684c695516c37f4fbe1b8267dde58dc3a576c db-5.1.29.NC.tar.gz" | sha256sum -c
|
|
echo "bc5f73c7b0056252c1888a80e6075787a1e1e9112b808f863a245483ff79859c miniupnpc-1.8.tar.gz" | sha256sum -c
|
|
echo "36658cb768a54c1d4dec43c3116c27ed893e88b02ecfcb44f2166f9c0b7f2a0d zlib-1.2.8.tar.gz" | sha256sum -c
|
|
echo "32c7acf1608b9c8b71b743b9780adb7a7b347563dbfb4a5263761056da44cc96 libpng-1.6.8.tar.gz" | sha256sum -c
|
|
echo "dfd71487513c871bad485806bfd1fdb304dedc84d2b01a8fb8e0940b50597a98 qrencode-3.4.3.tar.bz2" | sha256sum -c
|
|
|
|
for BITS in 32 64; do # for architectures
|
|
#
|
|
INSTALLPREFIX=$HOME/staging${BITS}
|
|
BUILDDIR=$HOME/build${BITS}
|
|
if [ "$BITS" == "32" ]; then
|
|
HOST=i686-w64-mingw32
|
|
else
|
|
HOST=x86_64-w64-mingw32
|
|
fi
|
|
#
|
|
mkdir -p $INSTALLPREFIX $BUILDDIR
|
|
cd $BUILDDIR
|
|
#
|
|
tar xzf $INDIR/openssl-1.0.1h.tar.gz
|
|
cd openssl-1.0.1h
|
|
if [ "$BITS" == "32" ]; then
|
|
OPENSSL_TGT=mingw
|
|
else
|
|
OPENSSL_TGT=mingw64
|
|
fi
|
|
./Configure --cross-compile-prefix=$HOST- ${OPENSSL_TGT} no-shared no-dso --openssldir=$INSTALLPREFIX
|
|
make
|
|
make install_sw
|
|
cd ..
|
|
#
|
|
tar xzf $INDIR/db-5.1.29.NC.tar.gz
|
|
# Workaround for case differences between Berkeley DB and MinGW
|
|
sed -i 's/WinIoCtl\.h/winioctl\.h/g' db-5.1.29.NC/src/dbinc/win_db.h
|
|
cd db-5.1.29.NC/build_unix
|
|
../dist/configure --prefix=$INSTALLPREFIX --enable-mingw --enable-cxx --host=$HOST --disable-shared
|
|
make $MAKEOPTS library_build
|
|
make install_lib install_include
|
|
cd ../..
|
|
#
|
|
tar xzf $INDIR/miniupnpc-1.8.tar.gz
|
|
cd miniupnpc-1.8
|
|
echo "
|
|
--- miniupnpc-1.8/Makefile.mingw.orig 2013-09-29 18:52:51.014087958 -1000
|
|
+++ miniupnpc-1.8/Makefile.mingw 2013-09-29 19:09:29.663318691 -1000
|
|
@@ -67,8 +67,8 @@
|
|
|
|
wingenminiupnpcstrings.o: wingenminiupnpcstrings.c
|
|
|
|
-miniupnpcstrings.h: miniupnpcstrings.h.in wingenminiupnpcstrings
|
|
- wingenminiupnpcstrings \$< \$@
|
|
+miniupnpcstrings.h: miniupnpcstrings.h.in
|
|
+ sed -e 's|OS/version|MSWindows/5.1.2600|' -e 's|MINIUPNPC_VERSION_STRING \"version\"|MINIUPNPC_VERSION_STRING \"VERSIONHERE\"|' \$< > \$@
|
|
|
|
minixml.o: minixml.c minixml.h miniupnpcstrings.h
|
|
|
|
" | sed "s/VERSIONHERE/$(cat VERSION)/" | patch -p1
|
|
mkdir -p dll
|
|
make -f Makefile.mingw CC=$HOST-gcc AR=$HOST-ar libminiupnpc.a
|
|
install -d $INSTALLPREFIX/include/miniupnpc
|
|
install *.h $INSTALLPREFIX/include/miniupnpc
|
|
install libminiupnpc.a $INSTALLPREFIX/lib
|
|
cd ..
|
|
#
|
|
tar xzf $INDIR/zlib-1.2.8.tar.gz
|
|
cd zlib-1.2.8
|
|
CROSS_PREFIX=$HOST- ./configure --prefix=$INSTALLPREFIX --static
|
|
make
|
|
make install
|
|
cd ..
|
|
#
|
|
tar xzf $INDIR/libpng-1.6.8.tar.gz
|
|
cd libpng-1.6.8
|
|
OPT="-O2"
|
|
CPPFLAGS="${OPT} -I$INSTALLPREFIX/include" CFLAGS="${OPT} -I$INSTALLPREFIX/include" LDFLAGS="${OPT} -L$INSTALLPREFIX/lib" ./configure --disable-shared --prefix=$INSTALLPREFIX --host=$HOST
|
|
make $MAKEOPTS
|
|
make install
|
|
cd ..
|
|
#
|
|
tar xjf $INDIR/qrencode-3.4.3.tar.bz2
|
|
cd qrencode-3.4.3
|
|
png_CFLAGS="-I$INSTALLPREFIX/include" png_LIBS="-L$INSTALLPREFIX/lib -lpng" ./configure --prefix=$INSTALLPREFIX --host=$HOST --enable-static --disable-shared --without-tools --disable-dependency-tracking
|
|
# Workaround to prevent re-configuring by make (resulting in missing m4 error); make all files have a date in the past
|
|
find . -print0 | xargs -r0 touch -t 200001010000
|
|
make
|
|
make install
|
|
cd ..
|
|
# post-process all generated libraries to be deterministic
|
|
# extract them to a temporary directory then re-build them deterministically
|
|
for LIB in $(find $INSTALLPREFIX -name \*.a); do
|
|
rm -rf $TEMPDIR && mkdir $TEMPDIR && cd $TEMPDIR
|
|
$HOST-ar xv $LIB | cut -b5- > /tmp/list.txt
|
|
rm $LIB
|
|
$HOST-ar crsD $LIB $(cat /tmp/list.txt)
|
|
done
|
|
#
|
|
cd $INSTALLPREFIX
|
|
find include lib | sort | zip -X@ $OUTDIR/dogecoin-deps-win$BITS-gitian-r11a.zip
|
|
done # for BITS in
|