Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Add security/export checks to gitian and fix current failures #7424
Fixes #7420. This was discussed and agreed upon a long time ago, but I never got around to actually doing it. Sorry to do this during the rc stage, @laanwj, but at least it was discovered before final release.
Thanks very much to @dlogemann for testing the rcs and reporting the issue.
This fixes glibc back-compat issues with the current toolchain, and adds the checks to gitian so that breakage won't go unnoticed again. With a few more tweaks, it should be safe enough to add to 'make check' so that Travis tests with each build, but not quite yet.
I've verified that Gitian builds for Linux/Win are successful, OSX should be unchanged.
These are not added to the default checks because some of them depend on release-build configs.
…lures a81c87f release: add security/symbol checks to gitian (Cory Fields) a8ce872 release: always link librt for glibc back-compat builds (Cory Fields) f3d3eaf release: add check-symbols and check-security make targets (Cory Fields) 475813b release: add _IO_stdin_used to ignored exports (Cory Fields) cd27bf5 release: fix parsing of BIND_NOW with older readelf (Cory Fields)
- fix parsing of BIND_NOW with older readelf - add _IO_stdin_used to ignored exports For details see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=634261#109 - add check-symbols and check-security make targets These are not added to the default checks because some of them depend on release-build configs. - always link librt for glibc back-compat builds glibc absorbed clock_gettime in 2.17. librt (its previous location) is safe to link in anyway for back-compat. Fixes #7420 - add security/symbol checks to gitian Github-Pull: #7424 Rebased-From: cd27bf5 475813b f3d3eaf a8ce872 a81c87f
Upstream gitian updates This PR pulls in all gitian-related PRs that have been merged upstream since 0.11.2. The only ones I left out were documentation-only PRs, because we removed `doc/gitian-building.md` at some point. Here are the commits applied here, in the order shown in `git log` (ie. last to first): - bitcoin/bitcoin#7283 - fa42a67 - fa58c76 - bitcoin/bitcoin#8175 - 74c1347 - bitcoin/bitcoin#8167 - 7e7eb27 - ad38204 - b676f38 - bitcoin/bitcoin#7776 - f063863 - bitcoin/bitcoin#7424 - a81c87f ~ we already partly applied - a8ce872 - f3d3eaf ~ we already partly applied - 475813b - ~~cd27bf5~~ X we already applied - bitcoin/bitcoin#7060 - 3b468a0 ~ we removed doc/gitian-building.md - ~~99fda26~~ X we removed doc/gitian-building.md - bitcoin/bitcoin#7251 - fa09562 - bitcoin/bitcoin#6900 - ~~2cecb24~~ X we removed doc/gitian-building.md - 957c0fd - 2e31d74 - ~~0b416c6~~ X we removed QT - 9f251b7 - bitcoin/bitcoin#6854 - 579b863 ~ we already partly applied Part of #540