1 2020-12-13T00:00:19 *** miketwenty1 <miketwenty1!~miketwent@ec2-18-205-136-236.compute-1.amazonaws.com> has quit IRC (Remote host closed the connection)
2 2020-12-13T00:00:40 *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Read error: Connection reset by peer)
3 2020-12-13T00:01:39 <wumpus> achow101: great!
4 2020-12-13T00:02:43 <wumpus> let's see if python asncrypto.cms can handle this
5 2020-12-13T00:03:57 <achow101> I got something!
6 2020-12-13T00:04:23 <achow101> the tool sipa mentioned earlier seems to work if I pass the CMS data through openssl cms first
7 2020-12-13T00:06:55 *** miketwenty1 <miketwenty1!~miketwent@ec2-34-202-224-110.compute-1.amazonaws.com> has joined #bitcoin-core-dev
8 2020-12-13T00:08:05 <wumpus> nice
9 2020-12-13T00:09:39 <achow101> it's hard to tell where the signature is
10 2020-12-13T00:09:57 *** StopAndDecrypt <StopAndDecrypt!~StopAndDe@unaffiliated/stopanddecrypt> has joined #bitcoin-core-dev
11 2020-12-13T00:10:30 <wumpus> what *kind* of CMS structure is it?
12 2020-12-13T00:11:05 <wumpus> trying ContentInfo first as that's appearntly the normal wrapper type
13 2020-12-13T00:11:23 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
14 2020-12-13T00:11:27 <achow101> ah openssl pkcs7 -in sig -inform der -print seems to come out with something usable
15 2020-12-13T00:12:49 <wumpus> bingo content = ContentInfo.load(blob_data) content['content_type'] '1.2.840.113549.1.7.2': 'signed_data',
16 2020-12-13T00:13:48 <achow101> The signed hash should be 137856b0cd53ec8e9053f3518b4edf864643138ed548ef61c400068756a2fe48
17 2020-12-13T00:14:22 <wumpus> macho binaries aren't that intimidating to me anymore :p
18 2020-12-13T00:17:57 *** StopAndDecrypt <StopAndDecrypt!~StopAndDe@unaffiliated/stopanddecrypt> has left #bitcoin-core-dev
19 2020-12-13T00:18:36 *** mol <mol!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
20 2020-12-13T00:21:02 *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has joined #bitcoin-core-dev
21 2020-12-13T00:23:13 <achow101> at least we can probably verify the signatures now
22 2020-12-13T00:24:37 <wumpus> I get three different certificatechoices
23 2020-12-13T00:24:56 *** zpao <zpao!~zpao@139.28.218.148> has joined #bitcoin-core-dev
24 2020-12-13T00:25:19 <achow101> what are they?
25 2020-12-13T00:31:00 <wumpus> sha256_rsa sha1_rsa, and another sha256_rsa
26 2020-12-13T00:31:14 <wumpus> this is for 0.20.1 fwiw
27 2020-12-13T00:31:50 <achow101> should be the same for rc3
28 2020-12-13T00:32:18 <achow101> I see there are 3 embedded certs: Apple, Devloper ID Certification Authority, and Bitcoin Core Code Signing Association
29 2020-12-13T00:32:27 <achow101> presumably it's the cert chain
30 2020-12-13T00:33:13 <wumpus> oh that makes sense i guess, have to agree the nesting on this is crazy
31 2020-12-13T00:34:50 <achow101> there's also a timestamp token thing which seems to be another CMS sig that apple produces
32 2020-12-13T00:35:10 <achow101> I wonder if codesign is phoning home for every sig
33 2020-12-13T00:35:41 <wumpus> yes, it is
34 2020-12-13T00:35:58 <achow101> not surprising
35 2020-12-13T00:36:01 <sipa> that sounds annoying to replicate
36 2020-12-13T00:36:08 <sipa> depending on the protocol
37 2020-12-13T00:36:12 <wumpus> "Set up to call Timestamp server if requested"
38 2020-12-13T00:36:27 <wumpus> line 820 in signer.cpp
39 2020-12-13T00:37:08 <wumpus> it's rfc3161 iir
40 2020-12-13T00:37:08 *** sr_gi <sr_gi!~sr_gi@80.174.218.168.dyn.user.ono.com> has quit IRC (Read error: Connection reset by peer)
41 2020-12-13T00:37:28 <achow101> should we disable that?
42 2020-12-13T00:37:39 *** sr_gi <sr_gi!~sr_gi@80.174.218.168.dyn.user.ono.com> has joined #bitcoin-core-dev
43 2020-12-13T00:37:46 <wumpus> the timestamp is used for notarization
44 2020-12-13T00:37:57 <wumpus> so probably not
45 2020-12-13T00:38:04 <achow101> ugh
46 2020-12-13T00:38:29 <achow101> but we don't even notarize
47 2020-12-13T00:40:41 *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Read error: Connection reset by peer)
48 2020-12-13T00:42:36 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 240 seconds)
49 2020-12-13T00:43:49 *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
50 2020-12-13T00:51:33 <wumpus> this looks similar https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
51 2020-12-13T00:52:09 <achow101> seems so
52 2020-12-13T00:52:22 <achow101> from what I can tell, iOS binaries are macho as well
53 2020-12-13T00:53:12 <achow101> wumpus: are you currently writing a verification tool?
54 2020-12-13T00:53:34 <wumpus> searching for oid 1.2.840.113635.100.9.1 and 1.2.840.113635.100.9.2 (as appear in the CMS OIDs) gives some matches
55 2020-12-13T00:55:14 <wumpus> nah just trying to see if asn1crypto.cms in python can make sense of it, and it can, actually verifying anything is far away :):
56 2020-12-13T00:55:36 <achow101> I'll put together something to extract the hashes so we can at least verify those
57 2020-12-13T00:56:15 <wumpus> which oid has the hashlist/hashdict?
58 2020-12-13T00:56:39 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Quit: = "")
59 2020-12-13T00:56:40 <wumpus> or is that those 9.1/9.2
60 2020-12-13T00:56:48 <achow101> 1.2.840.113635.100.9.2 probably
61 2020-12-13T00:57:09 <wumpus> they're seperate so it makes sense to be those two
62 2020-12-13T00:57:30 <achow101> 9.1 is the string for a plist file
63 2020-12-13T00:57:36 <achow101> it does contain the hashes in there
64 2020-12-13T00:57:58 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
65 2020-12-13T00:58:02 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Client Quit)
66 2020-12-13T00:58:12 <achow101> 9.2 is a sequence containing a single bye string that matches the code directory hash
67 2020-12-13T00:59:14 <wumpus> yes that makes sense if it's the same data in some legacy format and the new format
68 2020-12-13T00:59:15 <achow101> the hash in 9.1 is also trunctaed to 20 bytes
69 2020-12-13T00:59:42 <wumpus> probably fine to ignore the .1 one
70 2020-12-13T00:59:55 <achow101> yep
71 2020-12-13T01:00:51 *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has quit IRC (Quit: Leaving)
72 2020-12-13T01:02:50 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
73 2020-12-13T01:06:03 <sipa> by tomorrow morning i'm sure you guys have a tough compatible signer
74 2020-12-13T01:06:22 *** lontivero <lontivero!~lontivero@186.183.48.121> has joined #bitcoin-core-dev
75 2020-12-13T01:06:24 <sipa> the day after i expect one that doesn't need a private key
76 2020-12-13T01:08:04 <wumpus> ok, after some more digging: 1.2.840.113635.100.9.1 is appleHashAgility/SEC_OID_APPLE_HASH_AGILITY/kCMSAttrAppleCodesigningHashAgility, .2 is appleHashAgilityV2/SEC_OID_APPLE_HASH_AGILITY_V2/kCMSAttrAppleCodesigningHashAgilityV2, .3 is appleExpirationTime/SEC_OID_APPLE_EXPIRATION_TIME/kCMSAttrAppleExpirationTime
77 2020-12-13T01:08:08 <wumpus> sipa: haha yesss
78 2020-12-13T01:09:12 * fanquake is just waiting for the TLDR
79 2020-12-13T01:10:22 <achow101> i'm sure that once a compatible signer is written, apple will change codesigning
80 2020-12-13T01:10:58 <sipa> fanquake: apple opensource codesign_allocate code behaves differently from the used binary; we found a workaround
81 2020-12-13T01:11:23 <sipa> fanquake: now achow101 and wumpus are trying to reverse engineer the signature format
82 2020-12-13T01:11:54 <achow101> so that we can implement an independent verifier, and maybe an independent signer
83 2020-12-13T01:12:20 <fanquake> Sounds like everything is under control
84 2020-12-13T01:12:43 <fanquake> Apple being a pain in the arse as per usual
85 2020-12-13T01:13:40 <sipa> https://twitter.com/_jonasschnelli_/status/1337693216167120902
86 2020-12-13T01:13:51 <sipa> https://twitter.com/pwuille/status/1337829501804265472
87 2020-12-13T01:14:08 *** miketwenty1 <miketwenty1!~miketwent@ec2-34-202-224-110.compute-1.amazonaws.com> has quit IRC (Remote host closed the connection)
88 2020-12-13T01:15:33 *** lontivero <lontivero!~lontivero@186.183.48.121> has quit IRC (Quit: WeeChat 2.8)
89 2020-12-13T01:21:03 <fanquake> is the dmg signature being invalid only an issue when opening the .dmg on macOS Big Sur?
90 2020-12-13T01:21:14 <achow101> it's invalid everywhere
91 2020-12-13T01:21:29 <achow101> when the verifier tries to hash the binary, it's literally the wrong hash
92 2020-12-13T01:21:48 <fanquake> what's meant to happen? The .dmg opens fine here
93 2020-12-13T01:22:07 <fanquake> or does it just fail silently / log something
94 2020-12-13T01:22:08 <sipa> the signature is on the binary, not on the dmg i think?
95 2020-12-13T01:22:08 <achow101> try opening it
96 2020-12-13T01:22:16 <achow101> the app itself
97 2020-12-13T01:22:27 <fanquake> right, not the .dmg
98 2020-12-13T01:22:52 <achow101> if you open the dmg and do the drag into Applications, it should give you the warning
99 2020-12-13T01:22:57 <fanquake> I can run the app just fine from the cmd line
100 2020-12-13T01:23:05 <sipa> fanquake: both when doing the actual signing and when attaching the sig to the binary, some changes to the binary need to be made first; the apple tool does this *slightly* differently than their published source code, so the resulting binary after attaching isn't exactly identical to what the codesigning app produced
101 2020-12-13T01:23:34 <achow101> fanquake: do "codesign -v Bitcoin-Qt.app"
102 2020-12-13T01:23:43 <achow101> with rc3 installed
103 2020-12-13T01:25:01 <fanquake> Yea i see the invalid signature warnings.
104 2020-12-13T01:25:28 <fanquake> It seems like macOS will only stop you from opening the .app though. You can still run Bitcoin-Qt with an invalid signature
105 2020-12-13T01:25:51 <fanquake> Although that's not useful for us
106 2020-12-13T01:26:18 <fanquake> By Bitcoin-Qt I mean: Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
107 2020-12-13T01:26:28 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 246 seconds)
108 2020-12-13T01:26:37 <achow101> fanquake: #20638 for your enjoyment
109 2020-12-13T01:26:39 <gribble> https://github.com/bitcoin/bitcoin/issues/20638 | Mac codesign fixed alloc by achow101 · Pull Request #20638 · bitcoin/bitcoin · GitHub
110 2020-12-13T01:27:12 <fanquake> achow101: Nice. I do enjoy a good write-up
111 2020-12-13T01:35:53 *** vasild_ <vasild_!~vd@gateway/tor-sasl/vasild> has joined #bitcoin-core-dev
112 2020-12-13T01:35:54 *** vasild <vasild!~vd@gateway/tor-sasl/vasild> has quit IRC (Disconnected by services)
113 2020-12-13T01:35:55 *** vasild_ is now known as vasild
114 2020-12-13T02:19:38 *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
115 2020-12-13T02:22:12 *** Chlorine_Vapor <Chlorine_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
116 2020-12-13T02:22:16 *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 240 seconds)
117 2020-12-13T02:24:56 *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 258 seconds)
118 2020-12-13T02:37:05 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
119 2020-12-13T02:37:06 <bitcoin-git> [bitcoin] fanquake pushed 3 commits to master: https://github.com/bitcoin/bitcoin/compare/b18978066d87...ade38b6ee8f9
120 2020-12-13T02:37:07 <bitcoin-git> bitcoin/master faac315 MarcoFalke: Remove unused and confusing CTransaction constructor
121 2020-12-13T02:37:07 <bitcoin-git> bitcoin/master fac39c1 MarcoFalke: wallet: document that tx in CreateTransaction is purely an out-param
122 2020-12-13T02:37:08 <bitcoin-git> bitcoin/master ade38b6 fanquake: Merge #20588: Remove unused and confusing CTransaction constructor
123 2020-12-13T02:37:09 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
124 2020-12-13T02:37:25 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
125 2020-12-13T02:37:26 <bitcoin-git> [bitcoin] fanquake merged pull request #20588: Remove unused and confusing CTransaction constructor (master...2012-txConstructor) https://github.com/bitcoin/bitcoin/pull/20588
126 2020-12-13T02:37:27 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
127 2020-12-13T02:41:22 *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
128 2020-12-13T02:44:24 *** Chlorine_Vapor <Chlorine_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 256 seconds)
129 2020-12-13T02:44:29 *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
130 2020-12-13T02:47:03 *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 260 seconds)
131 2020-12-13T02:56:02 *** EagleTM <EagleTM!~EagleTM@unaffiliated/eagletm> has joined #bitcoin-core-dev
132 2020-12-13T02:56:23 *** Eagle[TM] <Eagle[TM]!~EagleTM@unaffiliated/eagletm> has quit IRC (Ping timeout: 260 seconds)
133 2020-12-13T03:20:59 *** joelklabo <joelklabo!~textual@108-196-216-127.lightspeed.sntcca.sbcglobal.net> has quit IRC (Read error: No route to host)
134 2020-12-13T04:00:43 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
135 2020-12-13T04:03:30 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
136 2020-12-13T04:03:30 <bitcoin-git> [bitcoin] theStack opened pull request #20640: wallet, refactor: return out-params of CreateTransaction() as optional struct (master...202012-refactor-wallet-createtransaction-return_out_params_in_optstruct) https://github.com/bitcoin/bitcoin/pull/20640
137 2020-12-13T04:03:31 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
138 2020-12-13T04:06:12 *** kristapsk_ <kristapsk_!~KK@gateway/tor-sasl/kristapsk> has quit IRC (Remote host closed the connection)
139 2020-12-13T04:17:10 *** proofofkeags <proofofkeags!~proofofke@174-16-212-53.hlrn.qwest.net> has quit IRC (Remote host closed the connection)
140 2020-12-13T04:37:06 *** tryphe_ is now known as tryphe
141 2020-12-13T05:19:29 *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has quit IRC (Quit: pinheadmz)
142 2020-12-13T05:36:20 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has joined #bitcoin-core-dev
143 2020-12-13T06:08:45 *** verybaddad <verybaddad!~thatdad@108-188-072-226.biz.spectrum.com> has joined #bitcoin-core-dev
144 2020-12-13T06:08:56 *** verybaddad <verybaddad!~thatdad@108-188-072-226.biz.spectrum.com> has left #bitcoin-core-dev
145 2020-12-13T06:22:18 *** Emcy <Emcy!~Emcy@unaffiliated/emcy> has quit IRC (Ping timeout: 272 seconds)
146 2020-12-13T06:24:38 *** Emcy <Emcy!~Emcy@unaffiliated/emcy> has joined #bitcoin-core-dev
147 2020-12-13T06:24:52 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
148 2020-12-13T06:24:53 <bitcoin-git> [bitcoin] MarcoFalke closed pull request #20639: doc: fix case of GitHub (master...fix-case-of-github) https://github.com/bitcoin/bitcoin/pull/20639
149 2020-12-13T06:24:54 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
150 2020-12-13T06:50:15 <dhruvm> Networking question: Are legal CIDR netmasks always 1s followed by 0s? i.e. mask=255.96.0.0 is an illegal mask?
151 2020-12-13T06:50:17 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzâ¦)
152 2020-12-13T06:51:49 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has joined #bitcoin-core-dev
153 2020-12-13T06:56:33 <dhruvm> I am trying to reason whether given two CIDR subnet representations, it is possible to have partial address overlap between them.
154 2020-12-13T06:57:07 <sipa> no, either they don't overlap at all, or one is a subset of the other
155 2020-12-13T06:57:21 <sipa> or identical to it
156 2020-12-13T06:58:53 <dhruvm> I see. So, the mask is always 1s followed by 0s then?
157 2020-12-13T07:00:01 <dhruvm> They seem to be represented as /32 /24 in most places, but some places I've seen 255.255.0.0 etc which has me confused
158 2020-12-13T07:00:47 <sipa> yeah, in CIDR the netmask has to be 1s and then 0s
159 2020-12-13T07:00:59 <sipa> you can have netmask that are not CIDR though
160 2020-12-13T07:01:16 <sipa> those aren't used in practocr afaik though
161 2020-12-13T07:01:23 <sipa> *practice
162 2020-12-13T07:03:35 <dhruvm> thanks sipa
163 2020-12-13T07:10:05 <sipa> yw
164 2020-12-13T07:16:08 *** jeremyrubin <jeremyrubin!~jr@c-73-15-215-148.hsd1.ca.comcast.net> has quit IRC (Ping timeout: 272 seconds)
165 2020-12-13T07:39:16 *** zpao <zpao!~zpao@139.28.218.148> has quit IRC (Remote host closed the connection)
166 2020-12-13T07:52:50 *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has quit IRC (Read error: Connection reset by peer)
167 2020-12-13T07:52:58 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzâ¦)
168 2020-12-13T07:54:22 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has joined #bitcoin-core-dev
169 2020-12-13T07:59:23 *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has joined #bitcoin-core-dev
170 2020-12-13T08:22:23 *** vasild <vasild!~vd@gateway/tor-sasl/vasild> has quit IRC (Ping timeout: 240 seconds)
171 2020-12-13T08:32:21 *** mrd <mrd!~mrd@185.103.96.147> has joined #bitcoin-core-dev
172 2020-12-13T08:42:26 *** mrd <mrd!~mrd@185.103.96.147> has quit IRC (Remote host closed the connection)
173 2020-12-13T08:42:28 *** mol <mol!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 256 seconds)
174 2020-12-13T08:50:50 <jonasschnelli> I upgraded my system and my gitian LXC console can no longer access the internet (it can fetch via apt-cacher-ng, but not the depends packages). Any idea?
175 2020-12-13T08:51:22 <jonasschnelli> sudo lxc-execute -n gitian -f var/lxc.config -- sudo -u root -i -- ping 8.8.8.8 <- times out
176 2020-12-13T08:54:17 <sipa> jonasschnelli: there is that snippet of code you need to run to set up network interfaces
177 2020-12-13T08:54:43 <jonasschnelli> sipa: I guess you'r refering to https://github.com/bitcoin-core/docs/blob/master/gitian-building/gitian-building-setup-gitian-debian.md#setting-up-debian-for-gitian-building
178 2020-12-13T08:54:45 <jonasschnelli> I did that
179 2020-12-13T08:58:02 <sipa> ok
180 2020-12-13T08:58:08 <jonasschnelli> sipa: what do you have in gitian-builder/var/lxc-config for the key lxc.net.0.ipv4.address?
181 2020-12-13T08:58:37 <sipa> i just followed the docs, on a fresh debian install
182 2020-12-13T08:59:12 <jonasschnelli> and my br0 has inet 10.0.2.2?! shouldn't it be 10.0.3.1?!
183 2020-12-13T09:08:35 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzâ¦)
184 2020-12-13T09:09:13 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
185 2020-12-13T09:15:07 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzâ¦)
186 2020-12-13T09:16:06 *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
187 2020-12-13T09:20:25 *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 240 seconds)
188 2020-12-13T09:42:55 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
189 2020-12-13T09:43:13 *** sdaftuar <sdaftuar!~sdaftuar@gateway/tor-sasl/sdaftuar> has quit IRC (Remote host closed the connection)
190 2020-12-13T09:43:35 *** sdaftuar <sdaftuar!~sdaftuar@gateway/tor-sasl/sdaftuar> has joined #bitcoin-core-dev
191 2020-12-13T10:23:43 *** virtu <virtu!~virtu@gateway/tor-sasl/virtu> has quit IRC (Ping timeout: 240 seconds)
192 2020-12-13T10:25:53 *** virtu <virtu!~virtu@gateway/tor-sasl/virtu> has joined #bitcoin-core-dev
193 2020-12-13T10:29:35 *** Talkless <Talkless!~Talkless@mail.dargis.net> has joined #bitcoin-core-dev
194 2020-12-13T10:31:36 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
195 2020-12-13T10:56:56 *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has quit IRC (Remote host closed the connection)
196 2020-12-13T10:57:56 *** mol <mol!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
197 2020-12-13T11:08:02 *** espadrine <espadrine!~espadrine@s91904426.blix.com> has joined #bitcoin-core-dev
198 2020-12-13T11:08:59 *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has joined #bitcoin-core-dev
199 2020-12-13T11:18:49 *** Ole76Christianse <Ole76Christianse!~Ole76Chri@static.57.1.216.95.clients.your-server.de> has joined #bitcoin-core-dev
200 2020-12-13T11:23:34 *** Ole76Christianse <Ole76Christianse!~Ole76Chri@static.57.1.216.95.clients.your-server.de> has quit IRC (Ping timeout: 246 seconds)
201 2020-12-13T11:27:04 <wumpus> on my gitian host the host br0 is 10.0.3.2
202 2020-12-13T11:28:43 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Ping timeout: 240 seconds)
203 2020-12-13T11:28:49 *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has joined #bitcoin-core-dev
204 2020-12-13T11:31:09 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
205 2020-12-13T11:50:26 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzâ¦)
206 2020-12-13T11:53:15 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
207 2020-12-13T11:53:24 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Client Quit)
208 2020-12-13T11:53:53 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
209 2020-12-13T11:57:14 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Client Quit)
210 2020-12-13T11:57:17 <wumpus> though as long as they're used consistently throughout it doesn't really matter what the exact addresses are
211 2020-12-13T12:05:25 *** mj_node <mj_node!~mj_node@122.0.25.130> has joined #bitcoin-core-dev
212 2020-12-13T12:14:39 *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has quit IRC (Quit: Leaving)
213 2020-12-13T12:30:56 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has joined #bitcoin-core-dev
214 2020-12-13T12:37:41 *** Guyver2 <Guyver2!Guyver@guyver2.xs4all.nl> has joined #bitcoin-core-dev
215 2020-12-13T12:37:59 *** Guyver2_ <Guyver2_!Guyver@guyver2.xs4all.nl> has joined #bitcoin-core-dev
216 2020-12-13T12:52:34 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Quit: Pavlenex)
217 2020-12-13T12:56:28 *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
218 2020-12-13T12:57:58 <wumpus> achow101: phantomcircuit: FWIW here's my (very makeshift) python script from last night that uses macholib and asn1crypto to extract and print the signature information from a macos binary: https://gist.github.com/laanwj/a0e00bcd3fe4cd2aa1c0803e91310495
219 2020-12-13T12:59:07 *** mol <mol!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 246 seconds)
220 2020-12-13T13:03:04 <wumpus> all dependencies are pure python as it is now; but for actual verification it's hard to get around openssl i'm afraid
221 2020-12-13T13:14:53 <Talkless> Anyone using QtCreator to work with bitcoin core? It's code model does not find any of bitcoin core includes, all underlined. I've created project as Autotools.
222 2020-12-13T13:17:45 *** iamgr00t_ <iamgr00t_!~iamgr00t@unaffiliated/iamgr00t> has joined #bitcoin-core-dev
223 2020-12-13T13:17:57 *** iamgr00t <iamgr00t!~iamgr00t@unaffiliated/iamgr00t> has quit IRC (Ping timeout: 260 seconds)
224 2020-12-13T13:18:34 *** kinlo <kinlo!~peter@unaffiliated/kinlo> has quit IRC (Ping timeout: 260 seconds)
225 2020-12-13T13:21:30 *** kinlo <kinlo!~peter@unaffiliated/kinlo> has joined #bitcoin-core-dev
226 2020-12-13T13:37:44 <wumpus> i think you need to manually configure somehow what paths to look in for include files
227 2020-12-13T13:38:31 *** molz_ <molz_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
228 2020-12-13T13:41:37 *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 264 seconds)
229 2020-12-13T13:42:16 *** Guyver2_ <Guyver2_!Guyver@guyver2.xs4all.nl> has quit IRC (Quit: Going offline, see ya! (www.adiirc.com))
230 2020-12-13T13:45:24 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
231 2020-12-13T13:45:26 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Client Quit)
232 2020-12-13T13:47:09 *** mol <mol!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
233 2020-12-13T13:49:45 *** molz_ <molz_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
234 2020-12-13T13:49:59 *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
235 2020-12-13T13:52:57 *** mol <mol!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 260 seconds)
236 2020-12-13T13:53:27 *** espadrine <espadrine!~espadrine@s91904426.blix.com> has quit IRC (Remote host closed the connection)
237 2020-12-13T14:00:49 *** davterra <davterra!~davterra@107.182.237.18> has quit IRC (Quit: Leaving)
238 2020-12-13T14:02:24 <wumpus> https://github.com/wbond/certvalidator "A Python library for validating X.509 certificates or paths" maybe this is useful
239 2020-12-13T14:03:46 *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has joined #bitcoin-core-dev
240 2020-12-13T14:09:29 <wumpus> some examples https://github.com/wbond/certvalidator/blob/master/docs/usage.md, iwonder if the simple example simply works
241 2020-12-13T14:11:26 *** potato <potato!~Thunderbi@240d:1a:3d4:7d00:6195:91a4:15a2:31e8> has quit IRC (Ping timeout: 264 seconds)
242 2020-12-13T14:19:24 *** kabaum <kabaum!~kabaum@h-13-35.A163.priv.bahnhof.se> has quit IRC (Remote host closed the connection)
243 2020-12-13T14:21:41 *** promag_ <promag_!~promag@188.250.84.129> has joined #bitcoin-core-dev
244 2020-12-13T14:21:41 *** promag <promag!~promag@188.250.84.129> has quit IRC (Read error: Connection reset by peer)
245 2020-12-13T14:22:36 <wumpus> oh that only validates the certificates, not the CMS SignerInfo
246 2020-12-13T14:25:17 <wumpus> this handles *some kinds of* SignerINfo, but not the CMS one: https://github.com/ralphje/signify/blob/master/signify/signerinfo.py
247 2020-12-13T14:27:49 <wumpus> though rfc2315 and rfc5652 look very similar
248 2020-12-13T14:28:17 *** alko89 <alko89!~alko89@unaffiliated/alko89> has quit IRC (Quit: ZNC 1.7.5 - https://znc.in)
249 2020-12-13T14:28:45 *** jessepos_ <jessepos_!~jp@2601:643:8980:bfd2:65bd:87f1:eb2b:e04e> has joined #bitcoin-core-dev
250 2020-12-13T14:29:45 <wumpus> wait, CMS is RFC 5652
251 2020-12-13T14:31:50 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
252 2020-12-13T14:31:51 <bitcoin-git> [bitcoin] hebasto opened pull request #20641: depends: Use Qt top-level build facilities (master...201213-top) https://github.com/bitcoin/bitcoin/pull/20641
253 2020-12-13T14:31:51 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
254 2020-12-13T14:32:01 <wumpus> it's just the pyasn naming instead of asn1crypto, because of course, crypto can never be confusing enough
255 2020-12-13T14:32:26 *** jesseposner <jesseposner!~jp@2601:643:8980:bfd2:4ca5:5aef:8068:2da7> has quit IRC (Ping timeout: 264 seconds)
256 2020-12-13T14:33:30 *** alko89 <alko89!~alko89@unaffiliated/alko89> has joined #bitcoin-core-dev
257 2020-12-13T14:33:55 <jamesob> hm, when importing a watch-only wallet, is there any risk to using `scantxoutset` to find the oldest UTXO, and then using that as the base block to pass to `rescanblockchain` for that wallet? you might miss the transactions for some spent coins, but wondering if that even matters.
258 2020-12-13T14:34:26 <wumpus> we'll get there, apparently it is a very similar mechanism as PE authenticode (windows code signing)
259 2020-12-13T14:35:38 <wumpus> jamesob: you'd say the resulting balance and utxo set should be the same, would definitely test though
260 2020-12-13T14:35:54 <jamesob> wumpus: right, that's what I'd think
261 2020-12-13T14:37:40 *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has quit IRC (Quit: pinheadmz)
262 2020-12-13T14:38:11 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
263 2020-12-13T14:40:33 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
264 2020-12-13T14:40:34 <bitcoin-git> [bitcoin] hebasto opened pull request #20642: depends: Drop unneeded patches for qt package (master...201213-patch) https://github.com/bitcoin/bitcoin/pull/20642
265 2020-12-13T14:40:35 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
266 2020-12-13T14:42:47 *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzzâ¦)
267 2020-12-13T14:43:03 *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has joined #bitcoin-core-dev
268 2020-12-13T14:45:11 <harding> jamesob: you'd have to guess the range for scantxoutset, though. If you guess too low then it'll look like the wallet is empty.
269 2020-12-13T14:46:18 <jamesob> you mean the upper end of the range? I'd just assume go to tip; I'm just thinking you could use `scatxoutset` to truncate the lower bound
270 2020-12-13T14:47:04 <harding> jamesob: sorry, I meant the derived address range, which I think non-Bitcoin Core software usually calls the gap limit.
271 2020-12-13T14:47:36 <jamesob> harding: oh! gotcha; yeah I was talking about the rescan range in height units
272 2020-12-13T14:47:38 <harding> $ bitcoin-cli help scantxoutset | grep '"range"'
273 2020-12-13T14:47:38 <harding> "range": n or [n,n], (numeric or array, optional, default=1000) The range of HD chain indexes to explore (either end or [begin,end])
274 2020-12-13T14:48:05 <wumpus> maybe the best way forward is to add apple macho verification support to signify and upstream it; conceptually it's similar and there's bound to be so much shared code, e.g. this is the signature extraction and check for signed PE files: https://github.com/ralphje/signify/blob/master/signify/signed_pe.py
275 2020-12-13T14:48:57 *** molz_ <molz_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
276 2020-12-13T14:51:45 *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
277 2020-12-13T14:59:42 *** davterra <davterra!~davterra@gateway/tor-sasl/tralfaz> has joined #bitcoin-core-dev
278 2020-12-13T15:00:50 *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has quit IRC (Remote host closed the connection)
279 2020-12-13T15:01:44 *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has joined #bitcoin-core-dev
280 2020-12-13T15:10:27 *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has quit IRC (Remote host closed the connection)
281 2020-12-13T15:10:52 *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has joined #bitcoin-core-dev
282 2020-12-13T15:12:35 *** mj_node <mj_node!~mj_node@122.0.25.130> has quit IRC (Quit: Leaving)
283 2020-12-13T15:14:27 *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has quit IRC (Remote host closed the connection)
284 2020-12-13T15:14:53 *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has joined #bitcoin-core-dev
285 2020-12-13T15:32:43 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Ping timeout: 240 seconds)
286 2020-12-13T15:43:56 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
287 2020-12-13T15:57:22 *** belcher_ <belcher_!~belcher@unaffiliated/belcher> has joined #bitcoin-core-dev
288 2020-12-13T16:00:05 *** icota[m] <icota[m]!icotamatri@gateway/shell/matrix.org/x-guhcgzevcwsswvxj> has quit IRC (Quit: Idle for 30+ days)
289 2020-12-13T16:00:13 *** belcher <belcher!~belcher@unaffiliated/belcher> has quit IRC (Ping timeout: 264 seconds)
290 2020-12-13T16:27:55 *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
291 2020-12-13T16:29:06 *** kristapsk <kristapsk!~KK@gateway/tor-sasl/kristapsk> has joined #bitcoin-core-dev
292 2020-12-13T16:32:16 *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 240 seconds)
293 2020-12-13T16:32:48 *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
294 2020-12-13T16:37:34 *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 256 seconds)
295 2020-12-13T16:38:18 *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
296 2020-12-13T16:43:48 *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 256 seconds)
297 2020-12-13T16:44:14 *** jonatack <jonatack!~jon@134.19.179.139> has joined #bitcoin-core-dev
298 2020-12-13T16:45:18 *** jeremyrubin <jeremyrubin!~jr@c-73-15-215-148.hsd1.ca.comcast.net> has joined #bitcoin-core-dev
299 2020-12-13T16:48:24 <wumpus> okay, scrap that, of couuurse pyasn1 (in contrast to asn1crypto) can't parse the signature data, well let's see if i can get it to work with that
300 2020-12-13T16:57:08 *** shesek <shesek!~shesek@unaffiliated/shesek> has joined #bitcoin-core-dev
301 2020-12-13T16:59:30 *** AaronvanW <AaronvanW!~AaronvanW@unaffiliated/aaronvanw> has joined #bitcoin-core-dev
302 2020-12-13T17:07:31 <michaelfolkson> Will we want a BIP 44 coin type index for Signet?
303 2020-12-13T17:07:40 <michaelfolkson> The default Signet
304 2020-12-13T17:08:23 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Ping timeout: 240 seconds)
305 2020-12-13T17:08:36 <michaelfolkson> Looking at the registered coin types for BIP 44. Sooooo many s***coins https://github.com/satoshilabs/slips/blob/master/slip-0044.md
306 2020-12-13T17:08:52 *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has joined #bitcoin-core-dev
307 2020-12-13T17:09:12 <michaelfolkson> Perhaps too early. Perhaps should only be considered once Signet is more stable/mature
308 2020-12-13T17:10:27 *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
309 2020-12-13T17:15:53 *** kexkey <kexkey!~kexkey@static-198-54-132-142.cust.tzulo.com> has joined #bitcoin-core-dev
310 2020-12-13T17:18:39 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
311 2020-12-13T17:25:44 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 256 seconds)
312 2020-12-13T17:27:26 <wumpus> wow i got it to validate
313 2020-12-13T17:29:54 <wumpus> michaelfolkson: the consensus seems to be that new testnets will simply use testnet's parameters
314 2020-12-13T17:35:39 <michaelfolkson> wumpus: Are there any parameters (descriptors, HD wallet, network etc) where this could pose problems? I guess it only gets complicated if the user is switching between testnet and signet
315 2020-12-13T17:36:01 <michaelfolkson> And presumably not many will be doing that
316 2020-12-13T17:36:50 <michaelfolkson> (regularly switching back and forth I mean)
317 2020-12-13T17:36:51 <luke-jr> michaelfolkson: signet is for testing only. any problems, you get to pick up pieces ;)
318 2020-12-13T17:37:33 <luke-jr> user is assumed to know what he is doing
319 2020-12-13T17:39:37 <michaelfolkson> luke-jr: I guess... would still be nice to help them avoid unnecessary gotchas perhaps
320 2020-12-13T17:45:08 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
321 2020-12-13T17:51:29 *** alko89 <alko89!~alko89@unaffiliated/alko89> has quit IRC (Quit: ZNC 1.7.5 - https://znc.in)
322 2020-12-13T17:51:39 *** alko89 <alko89!~alko89@unaffiliated/alko89> has joined #bitcoin-core-dev
323 2020-12-13T18:01:23 *** tralfaz <tralfaz!~davterra@gateway/tor-sasl/tralfaz> has joined #bitcoin-core-dev
324 2020-12-13T18:02:29 *** davterra <davterra!~davterra@gateway/tor-sasl/tralfaz> has quit IRC (Remote host closed the connection)
325 2020-12-13T18:05:33 <achow101> wumpus: nice! does it rely on openssl for the validation?
326 2020-12-13T18:06:19 <wumpus> achow101: it uses oscrypto.asymmetric, no idea what that uses internally
327 2020-12-13T18:06:38 <achow101> can you update the gist?
328 2020-12-13T18:07:45 <wumpus> sure
329 2020-12-13T18:09:21 *** alko89 <alko89!~alko89@unaffiliated/alko89> has quit IRC (Quit: ZNC 1.7.5 - https://znc.in)
330 2020-12-13T18:10:31 *** alko89 <alko89!~alko89@unaffiliated/alko89> has joined #bitcoin-core-dev
331 2020-12-13T18:12:10 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Remote host closed the connection)
332 2020-12-13T18:12:13 <wumpus> achow101: updated, note that it doesn't verify the intermediate certificate chain yet, only the final signatures on the SignerDatas
333 2020-12-13T18:12:27 <achow101> great
334 2020-12-13T18:14:34 <wumpus> I tried to use certvalidator to do that, but it gets into problems, even when manually providing the sorted certificate chain to the path validator it barks on some apple-specific extension *shrug*
335 2020-12-13T18:16:03 <wumpus> it's cool to find so much code that *almost* does what i want but is just that little bit off
336 2020-12-13T18:17:28 *** justanotheruser <justanotheruser!~justanoth@unaffiliated/justanotheruser> has quit IRC (Ping timeout: 260 seconds)
337 2020-12-13T18:20:01 *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 264 seconds)
338 2020-12-13T18:21:26 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
339 2020-12-13T18:24:13 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Remote host closed the connection)
340 2020-12-13T18:36:06 *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has quit IRC (Quit: Leaving)
341 2020-12-13T18:50:24 <wumpus> ok, updated gist again, it can now optionally validate the certificate chain (however, this required a one-line patch to certvalidator unfortunately)
342 2020-12-13T18:54:30 <sipa> awesome
343 2020-12-13T18:55:17 <jonasschnelli> shall I try to gbuild and detach-sign 20638?
344 2020-12-13T18:56:03 <jonasschnelli> or are you guys in the middle of fixing the internet?
345 2020-12-13T18:57:41 <sipa> #20638
346 2020-12-13T18:57:43 <gribble> https://github.com/bitcoin/bitcoin/issues/20638 | build: Fix macOS code signing by pre-allocating space for the code signature during gitian build by achow101 · Pull Request #20638 · bitcoin/bitcoin · GitHub
347 2020-12-13T18:57:50 <sipa> jonasschnelli: yeah, try please
348 2020-12-13T18:59:14 <wumpus> jonasschnelli: i guess we're working on a tool that checks the signature (i wrote the part that validates the CMS envelope, achow101 the part that checks hashes against the binary), this doesn't replace or delay #20638
349 2020-12-13T18:59:15 <gribble> https://github.com/bitcoin/bitcoin/issues/20638 | build: Fix macOS code signing by pre-allocating space for the code signature during gitian build by achow101 · Pull Request #20638 · bitcoin/bitcoin · GitHub
350 2020-12-13T19:00:24 <achow101> wumpus: are you sure that it's validating the right thing? the data being passed into verify is more than just the hash of the CodeDirectory
351 2020-12-13T19:00:32 <achow101> it also seems like it hashes the data too
352 2020-12-13T19:01:12 <wumpus> I'm pretty sure it validtes the right thing, the SignerInfos contain signed_attrs that has the list of hashes
353 2020-12-13T19:01:50 <wumpus> my script doesn't validate the actual hashes against the binary of course
354 2020-12-13T19:01:59 <achow101> right, that's the part I'm adding to it
355 2020-12-13T19:02:27 <sipa> do you know where to find the page sizes used?
356 2020-12-13T19:02:43 <achow101> i'd be surprised if the verify is able to pull out the hashes from the "signed_attrs" because that seems like some apple specific stuff
357 2020-12-13T19:02:51 <achow101> sipa: it's embedded in CodeDirectory
358 2020-12-13T19:02:57 <achow101> or do you mean in the source?
359 2020-12-13T19:04:10 <sipa> achow101: just wondering if you can account for that (so that it'd keep working if a different page size is used at some point)
360 2020-12-13T19:04:22 <achow101> yep, definitely accounting for that
361 2020-12-13T19:04:48 <sipa> wumpus, achow101: easy to test if it's validating the right thing; if you damage the signature, does it fail?
362 2020-12-13T19:05:08 <sipa> or better, damage the message being signed
363 2020-12-13T19:06:36 <wumpus> to get out your hashes data you need for attr in signerinfo['signed_attrs']: if attr['type'].native == SEC_OID_APPLE_HASH_AGILITY_V2: print(attr['values'][0].contents)
364 2020-12-13T19:07:27 <wumpus> that gets the byte data, which i guess is simply concatenated hashes
365 2020-12-13T19:08:22 <wumpus> it can extract everything, it's of no help parsing it of course
366 2020-12-13T19:10:20 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
367 2020-12-13T19:10:46 <achow101> there's a field named "message_digest" that I'm trying to grab
368 2020-12-13T19:10:55 <achow101> that's not an apple specific thing apparently
369 2020-12-13T19:11:20 <achow101> apparently the hash is in the sig 3 times in 3 different fields
370 2020-12-13T19:12:22 <wumpus> attr['type'].native == 'message_digest'
371 2020-12-13T19:12:40 <achow101> also, oscrypto uses openssl in the backend
372 2020-12-13T19:12:51 <wumpus> yes it seems so, on linux
373 2020-12-13T19:14:03 <jonasschnelli> achow101: 6b2c9ac15da01cc4fa3951059fdf44c4eebd432288af6691ef94604f601b9ab9 bitcoin-6753b74195d8-osx-unsigned.tar.gz
374 2020-12-13T19:14:59 <wumpus> in any case if you can find something else that does the "rsa_pkcs1v15_verify" i guess it'd be straightforward to replace
375 2020-12-13T19:15:57 <wumpus> sipa: yes, damaging either the signature or data makes it fail
376 2020-12-13T19:16:12 <jonasschnelli> bad new
377 2020-12-13T19:16:14 <jonasschnelli> +s
378 2020-12-13T19:16:28 <jonasschnelli> dist/Bitcoin-Qt.app: invalid or unsupported format for signature
379 2020-12-13T19:16:39 *** kexkey <kexkey!~kexkey@static-198-54-132-142.cust.tzulo.com> has quit IRC (Ping timeout: 256 seconds)
380 2020-12-13T19:16:40 <jonasschnelli> when calling ./detached-sig-create.sh -s "Bitcoin"
381 2020-12-13T19:16:43 <jonasschnelli> ^ achow101
382 2020-12-13T19:16:47 <sipa> ugh
383 2020-12-13T19:16:52 <achow101> eh?
384 2020-12-13T19:16:55 <achow101> damnit
385 2020-12-13T19:17:01 <sipa> it detects that too much space was added?
386 2020-12-13T19:17:09 <jonasschnelli> probably
387 2020-12-13T19:17:19 <sipa> or that it has too much space which isn"t 0x2000 aligned?
388 2020-12-13T19:17:20 <achow101> no, it tries to parse existing signatures
389 2020-12-13T19:17:26 <sipa> oh
390 2020-12-13T19:17:28 <achow101> it's all 0's, so obviouslyu it doesn't parse
391 2020-12-13T19:17:46 <achow101> I thought the -f option we give it ignores that
392 2020-12-13T19:19:48 <jonasschnelli> The file has a MP_EMPTY_SPACE of size 8, then MP_CODE_SIG with size 256208
393 2020-12-13T19:19:56 *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has joined #bitcoin-core-dev
394 2020-12-13T19:20:26 <jonasschnelli> achow101: -f option?
395 2020-12-13T19:20:32 *** EagleTM <EagleTM!~EagleTM@unaffiliated/eagletm> has quit IRC (Ping timeout: 265 seconds)
396 2020-12-13T19:20:37 <achow101> --force
397 2020-12-13T19:20:47 <sipa> what binary is called that fails?
398 2020-12-13T19:21:20 <jonasschnelli> sipa: I ran ./detached-sig-create.sh but I guess the one that matter is the dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
399 2020-12-13T19:21:29 <jonasschnelli> achow101: but your PR doesn't add --force or -f
400 2020-12-13T19:21:37 <achow101> it's already there
401 2020-12-13T19:21:42 <achow101> look at the codesign command in detached-sig-create
402 2020-12-13T19:21:43 <sipa> jonasschnelli: i mean what tool is called that gives that error
403 2020-12-13T19:21:56 <jonasschnelli> let me look...
404 2020-12-13T19:22:08 <sipa> is it codesign or something else
405 2020-12-13T19:22:35 <jonasschnelli> set -x tells me: + codesign -f --file-list sign.temp/signatures.txt -s Bitcoin dist/Bitcoin-Qt.app
406 2020-12-13T19:22:52 <achow101> it's codesign
407 2020-12-13T19:23:40 <jonasschnelli> stupid question: why can't we just use the open source variant of codesign (if that exists)? to match codesign_allocate?
408 2020-12-13T19:23:41 <achow101> mmm, what if we cut off the allocated space?
409 2020-12-13T19:24:16 <achow101> jonasschnelli: there's no open source variant of codesign. codesign also requires codesign_allocate to be signed by apple, so we can't use the open source variant of that either
410 2020-12-13T19:24:24 <sipa> jonasschnelli: codesign only accepts apple-signed versions of codesign_allocate
411 2020-12-13T19:24:39 <achow101> "If the CODESIGN_ALLOCATE environment variable is set, it identifies a substitute codesign_allocate tool used to allocate space for code signatures in Mach-O binaries. This is used by Xcode SDK distributions to provide architectural support for non-native platforms such as iPhones.
412 2020-12-13T19:24:39 <achow101> The system will not accept such substitutes unless they are specially signed (by Apple)."
413 2020-12-13T19:24:40 <jonasschnelli> hmm.. apple style again
414 2020-12-13T19:25:01 <sipa> we can also try patching our codesign_allocate to roubd to 0x2000
415 2020-12-13T19:25:17 <sipa> it's a bit more brittle, but i don't see how it can fail
416 2020-12-13T19:28:33 <jonasschnelli> should we also file a bug at apples issue tracker for a long term fix of this?
417 2020-12-13T19:29:07 *** belcher_ is now known as belcher
418 2020-12-13T19:29:08 <achow101> they have one?
419 2020-12-13T19:29:57 <achow101> hmm, what if we put in an empty SuperBlob?
420 2020-12-13T19:34:25 *** justanotheruser <justanotheruser!~justanoth@unaffiliated/justanotheruser> has joined #bitcoin-core-dev
421 2020-12-13T19:34:45 *** vasild <vasild!~vd@gateway/tor-sasl/vasild> has joined #bitcoin-core-dev
422 2020-12-13T19:35:15 <achow101> jonasschnelli: if you do "printf "\xfa\xde\x0c\xc0" | dd of=dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt bs=1 seek=26391600 count=4 conv=notrunc" and then try to sign, does it work?
423 2020-12-13T19:35:28 * jonasschnelli doing...
424 2020-12-13T19:36:09 <jonasschnelli> still getting: dist/Bitcoin-Qt.app: invalid or unsupported format for signature
425 2020-12-13T19:36:39 <achow101> darn
426 2020-12-13T19:37:33 <jonasschnelli> what if we overwrite the bytes with an "valid" signature we extract from a successful signing?
427 2020-12-13T19:38:06 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
428 2020-12-13T19:38:06 <bitcoin-git> [bitcoin] sipa opened pull request #20644: Add patch to make codesign_allocate compatible with Apple's (master...202012_codesign_allocate_segalign) https://github.com/bitcoin/bitcoin/pull/20644
429 2020-12-13T19:38:07 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
430 2020-12-13T19:38:25 <sipa> jonasschnelli: can you try that? ^
431 2020-12-13T19:38:30 <sipa> (entirely untested)
432 2020-12-13T19:38:34 <achow101> jonasschnelli: would probably work
433 2020-12-13T19:38:36 <jonasschnelli> okay.. I'll clear the cache and run it
434 2020-12-13T19:39:07 <jonasschnelli> achow101: I mean you could probably replace the zero signature (the allocation) with the largest signature you find in 0.12
435 2020-12-13T19:39:38 <jonasschnelli> maybe the tool only validates the header or so,.. so combining with the allocation hack might work?
436 2020-12-13T19:39:47 <jonasschnelli> trying sipa patch now
437 2020-12-13T19:40:08 <achow101> with the -f option, codesign will only warn if the existing sig is invalid. but I guess it needs to be properly formatted first
438 2020-12-13T19:40:13 <achow101> maybe not even warn
439 2020-12-13T19:40:35 <achow101> so you could try to apply the rc3 sig to the pr's build and then sign that
440 2020-12-13T19:40:47 *** lontivero <lontivero!~lontivero@186.183.48.250> has joined #bitcoin-core-dev
441 2020-12-13T19:41:09 <jonasschnelli> achow101: what does codesign_allocate do with the existing sig? Just expand?
442 2020-12-13T19:41:15 <jonasschnelli> (I mean in your PR)
443 2020-12-13T19:41:19 <achow101> yes
444 2020-12-13T19:41:29 <jonasschnelli> that could work...
445 2020-12-13T19:41:40 <achow101> wumpus: huh, I guess it does sign the whole "signed_attrs" thing and not just the message digest as I previously thought
446 2020-12-13T19:41:41 <jonasschnelli> But how would I apply the sig?
447 2020-12-13T19:42:01 <achow101> run detached-sig-apply.sh locally
448 2020-12-13T19:42:34 <jonasschnelli> yes... I could try that
449 2020-12-13T19:44:44 <sipa> my PR doesn't work
450 2020-12-13T19:44:46 <sipa> fixing
451 2020-12-13T19:46:30 <jonasschnelli> achow101: can I take a unsigned.tar.gz from master,... manually apply the sig (detached-sig-apply.sh) on linux, execute your patch ${CODESIGN_ALLOCATE} -i ${BINARY_RESULT} -a x86_64 ${SIG_SIZE_EST} -o ${BINARY_RESULT} and then try to sign on OSX?
452 2020-12-13T19:46:40 <jonasschnelli> without gitian at all?
453 2020-12-13T19:46:50 <jonasschnelli> I can take the same cc_tools (form the cache)
454 2020-12-13T19:47:13 <achow101> to test, the sig creation, yes
455 2020-12-13T19:47:27 <jonasschnelli> sipa: so 6e9f0fa7f7ce95cc4ddf0e5cc4c49ab75361efe7 is it?
456 2020-12-13T19:48:19 <sipa> jonasschnelli: yup
457 2020-12-13T19:48:43 <sipa> unfortunately, this working isn't a guarantee it will always work
458 2020-12-13T19:48:56 <sipa> because the build may randomly be 0x2000 aligned
459 2020-12-13T19:49:12 <jonasschnelli> sipa: could we detect this easly?
460 2020-12-13T19:49:28 <jonasschnelli> (well,... wumpus verification tool would)
461 2020-12-13T19:49:28 <achow101> jonasschnelli: is there some kind of dev testing code signing cert? I'd like to be able to test this stuff
462 2020-12-13T19:49:50 <jonasschnelli> achow101: sure. I can try to make you one
463 2020-12-13T19:50:04 <achow101> There's no apple default?
464 2020-12-13T19:50:13 <jonasschnelli> I don't know
465 2020-12-13T19:50:31 <achow101> ah, i'll look into it later
466 2020-12-13T19:50:35 <jonasschnelli> I guess if I hand you out a different certificate, end uses would have no plan/idea to differenciate those
467 2020-12-13T19:50:52 <achow101> yeah
468 2020-12-13T19:51:00 <sipa> you won't have a certificate chain leading back to apple
469 2020-12-13T19:51:32 <sipa> or perhaps one which doesn't convey codesigning rights
470 2020-12-13T19:52:25 <achow101> I wouldn't be surprised if apple didn't let you sign with such a cert
471 2020-12-13T19:52:56 <jonasschnelli> sipa: so your cctools patch is only relevant for the signing step? I don't need to rebuild the actual unsigned release build?
472 2020-12-13T19:53:04 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
473 2020-12-13T19:53:14 <jonasschnelli> it only affects detached-sig-apply.sh, right?
474 2020-12-13T19:53:18 <achow101> yes
475 2020-12-13T19:54:02 <sipa> jonasschnelli: right
476 2020-12-13T19:54:27 *** EagleTM <EagleTM!~EagleTM@unaffiliated/eagletm> has joined #bitcoin-core-dev
477 2020-12-13T19:54:59 <achow101> ah, there's instructions for a self signed cert. this may work
478 2020-12-13T19:55:55 <jonasschnelli> but! gitian-osx-signer.yml does not build the depends? So I need to clear the cache and do the release build anyways
479 2020-12-13T19:56:11 <sipa> ah right
480 2020-12-13T19:56:29 <sipa> you need it because the signing step uses the binaries produced in the unsigned build step
481 2020-12-13T19:56:38 <jonasschnelli> yes
482 2020-12-13T19:57:42 <sipa> ugh
483 2020-12-13T19:57:44 <sipa> my patch fails
484 2020-12-13T19:58:08 <sipa> sorry i will test this more and get back
485 2020-12-13T19:58:15 <jonasschnelli> sipa: sure. No hurry
486 2020-12-13T19:58:36 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Remote host closed the connection)
487 2020-12-13T20:03:22 *** lontivero <lontivero!~lontivero@186.183.48.250> has quit IRC (Ping timeout: 260 seconds)
488 2020-12-13T20:04:24 <achow101> at this point it feels like the long term solution is to write our own codesigning tool
489 2020-12-13T20:04:58 *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
490 2020-12-13T20:06:07 <sipa> sounds like you're well on the way to do that :)
491 2020-12-13T20:06:18 <sipa> if you have a tool that can verify signatures, signing doesn't sound too far away
492 2020-12-13T20:06:41 <achow101> signing is probably 2 orders of magnitude harder than verification
493 2020-12-13T20:07:00 <achow101> the current unknown things being how to generate Info.plist, CodeResources file, and the internal requirements blob
494 2020-12-13T20:07:56 <jonasschnelli> achow101: fatal error: /home/jonasschnelli/bitcoin-depends2/depends/x86_64-apple-darwin20/native/bin/x86_64-apple-darwin20-codesign_allocate: size for '-a x86_64 258611375' not a multiple of 16
495 2020-12-13T20:08:08 <sipa> round up to a multiple of 16
496 2020-12-13T20:08:19 *** molz_ <molz_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 260 seconds)
497 2020-12-13T20:08:19 <jonasschnelli> stat -c %s signed-app/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
498 2020-12-13T20:08:23 <jonasschnelli> -> 26698160
499 2020-12-13T20:08:27 <achow101> oh, I totally forgot about that didn't I
500 2020-12-13T20:09:02 <jonasschnelli> ((((26698160 / 4096) + 1) * 32) + 50000) == 258611375
501 2020-12-13T20:09:21 <sipa> use 51200 instead of 50000
502 2020-12-13T20:09:26 *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has quit IRC (Ping timeout: 272 seconds)
503 2020-12-13T20:09:27 <sipa> 50*1024
504 2020-12-13T20:09:32 <sipa> or so
505 2020-12-13T20:09:36 <jonasschnelli> can I round up to 258611376?
506 2020-12-13T20:09:48 <jonasschnelli> 26698160 to
507 2020-12-13T20:09:48 <jonasschnelli> 258611376
508 2020-12-13T20:09:52 <jonasschnelli> ahm.. no
509 2020-12-13T20:10:03 <sipa> how do i see files inside lxc?
510 2020-12-13T20:10:10 <jonasschnelli> lxc-attach
511 2020-12-13T20:10:41 <sipa> hmm?
512 2020-12-13T20:11:06 <sipa> my build failed and it created a file with the rejected patch description
513 2020-12-13T20:11:11 <jonasschnelli> sudo lxc-attach -n gitian -f var/lxc.config
514 2020-12-13T20:11:20 <jonasschnelli> (and you should get a shell of your lxc container)
515 2020-12-13T20:11:33 <jonasschnelli> make sure you are in the gitian-builder dir
516 2020-12-13T20:11:52 <sipa> 1095 failed to get init pid
517 2020-12-13T20:12:02 <jonasschnelli> oh.. dunno
518 2020-12-13T20:12:26 <jonasschnelli> sudo lxc-start -n gitian -f var/lxc.config (maybe that first)
519 2020-12-13T20:12:44 <sipa> thanks, works!
520 2020-12-13T20:13:28 *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has joined #bitcoin-core-dev
521 2020-12-13T20:16:25 <sipa> it just fails to apple the patch
522 2020-12-13T20:16:28 <sipa> that makes no sense
523 2020-12-13T20:16:51 <achow101> seems to be very apple-y
524 2020-12-13T20:17:15 <sipa> lol
525 2020-12-13T20:17:19 <sipa> that was a typo
526 2020-12-13T20:17:23 <jonasschnelli> achow101: still getting dist/Bitcoin-Qt.app: invalid or unsupported format for signature
527 2020-12-13T20:18:00 <jonasschnelli> (when manually apply the signature on linux with /detached-sig-apply.sh, adding the codesign_allocate thing and trying to sign again
528 2020-12-13T20:18:33 <achow101> do codesign_allocate first then detached sig apply?
529 2020-12-13T20:18:47 <jonasschnelli> no.
530 2020-12-13T20:18:51 <achow101> codesign_allocate might be overwriting the sig with 0s
531 2020-12-13T20:23:23 <jonasschnelli> achow101 the other way around work for signing...
532 2020-12-13T20:23:37 <jonasschnelli> (I mean for successful signing on my mac)
533 2020-12-13T20:23:43 <achow101> yay
534 2020-12-13T20:23:50 <jonasschnelli> dist/Bitcoin-Qt.app: replacing existing signature
535 2020-12-13T20:24:00 <achow101> this is such a stupid workaround
536 2020-12-13T20:24:37 <jonasschnelli> shall I try to use this detached signature to build the release?
537 2020-12-13T20:24:38 <achow101> to be clear, you did codesign-allocate with the overestimate, applied some other signature, then signed
538 2020-12-13T20:24:58 <achow101> yes, try that
539 2020-12-13T20:25:12 <jonasschnelli> yes...
540 2020-12-13T20:25:29 <jonasschnelli> I did: /home/jonasschnelli/bitcoin-depends2/depends/x86_64-apple-darwin20/native/bin/x86_64-apple-darwin20-codesign_allocate -i dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt -a x86_64 258611376 -o dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
541 2020-12-13T20:25:46 <jonasschnelli> tar -czf bitcoin-0.21.0rc3-osx-unsigned.tar.gz ./
542 2020-12-13T20:26:04 <jonasschnelli> ./detached-sig-apply.sh bitcoin-0.21.0rc3-osx-unsigned.tar.gz ../bitcoin-detached-sigs/osx (<--- the git repo for the signatures)
543 2020-12-13T20:26:23 <sipa> ok it seems copy-pasting the "git diff" output introduced some space/tab changes...
544 2020-12-13T20:26:29 <achow101> jonasschnelli: awesome
545 2020-12-13T20:26:37 <jonasschnelli> let me 2bl check first
546 2020-12-13T20:27:49 <jonasschnelli> Yes. I think I have done that correctly
547 2020-12-13T20:28:19 <jonasschnelli> I mean I can just try to apply this signature I created on my mac no on linux with ./detached-sig-apply.sh
548 2020-12-13T20:28:23 <jonasschnelli> right?
549 2020-12-13T20:28:27 <jonasschnelli> no need for gitian
550 2020-12-13T20:28:46 <sipa> i believe so
551 2020-12-13T20:28:55 <achow101> yea
552 2020-12-13T20:29:44 *** Talkless <Talkless!~Talkless@mail.dargis.net> has quit IRC (Quit: Konversation terminated!)
553 2020-12-13T20:32:36 *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has quit IRC (Ping timeout: 240 seconds)
554 2020-12-13T20:34:31 <sipa> jonasschnelli: ok gitian manages to compile native_cctools with my patch now
555 2020-12-13T20:34:48 <jonasschnelli> The dbl-signing approach seems not to work
556 2020-12-13T20:34:59 <sipa> if you want to try (if the other approach works, also fine of course)
557 2020-12-13T20:35:11 <achow101> jonasschnelli: how so?
558 2020-12-13T20:35:22 <jonasschnelli> What I did:
559 2020-12-13T20:35:50 <jonasschnelli> 1. I replace the signature in the detached-signtaure local repo with the one I just successfully did on my mac (after codesign_allocate on linux
560 2020-12-13T20:36:12 <jonasschnelli> 2. on linux, I executed ./detached-sig-apply.sh bitcoin-0.21.0rc3-osx-unsigned-2.tar.gz ../bitcoin-detached-sigs/osx
561 2020-12-13T20:36:27 <jonasschnelli> (bitcoin-0.21.0rc3-osx-unsigned-2.tar.gz is from the rc3 release, unsigned, untouched)
562 2020-12-13T20:36:42 <jonasschnelli> (../bitcoin-detached-sigs/osx hold the new signature)
563 2020-12-13T20:37:04 <jonasschnelli> then downloaded signed-app/Bitcoin-Qt.app to my mac
564 2020-12-13T20:37:04 <achow101> jonasschnelli: for the final apply, you need to use the one that had the codesign-allocate and bad sig thing
565 2020-12-13T20:37:15 <jonasschnelli> achow101: ah...
566 2020-12-13T20:37:19 <jonasschnelli> okay.. let me try that
567 2020-12-13T20:38:50 <jonasschnelli> achow101: still getting /Users/jonasschnelli/Desktop/Bitcoin-Qt.app: invalid Info.plist (plist or signature have been modified)
568 2020-12-13T20:39:08 <jonasschnelli> Maybe I did something wrong...
569 2020-12-13T20:39:17 <jonasschnelli> let me upload some files so you can test it
570 2020-12-13T20:40:45 <achow101> you started with the original rc3?
571 2020-12-13T20:40:51 <jonasschnelli> https://bitcoin.jonasschnelli.ch/bitcoin-0.21.0rc3-osx-unsigned-dbl-sign.tar.gz (<--- the 1. codesign_alloc, apply rc3 sig)
572 2020-12-13T20:43:00 <jonasschnelli> https://bitcoin.jonasschnelli.ch/signature-osx-dbl-sign.tar.gz (<--- the output from detach-sig-create on my mac which run successful on the output above)
573 2020-12-13T20:45:57 *** jeremyrubin <jeremyrubin!~jr@c-73-15-215-148.hsd1.ca.comcast.net> has quit IRC (Ping timeout: 260 seconds)
574 2020-12-13T20:46:05 <sipa> jonasschnelli: ok, gitian unsigned build with my patch works (which doesn't mean much, aS the codesign_allocate tool hasn't been invoked)
575 2020-12-13T20:46:32 <achow101> jonasschnelli: somehow the Info.plist hash doesn't match.
576 2020-12-13T20:46:58 <jonasschnelli> sipa: okay... I try that asap
577 2020-12-13T20:47:16 <achow101> jonasschnelli: I'm going to fixup my pr and I think we should try again from scratch
578 2020-12-13T20:47:25 <jonasschnelli> achow101: yes. Lets do that.
579 2020-12-13T20:47:33 *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has joined #bitcoin-core-dev
580 2020-12-13T20:47:38 <jonasschnelli> I think I mixed up your PR with rc3 (different version numbers)
581 2020-12-13T20:47:44 <achow101> possible
582 2020-12-13T20:48:52 <jonasschnelli> okay.. gbuilding a4118c6e200e02e7560f8bc213697aa2909d95b1
583 2020-12-13T20:57:24 <jonasschnelli> I can't use the rc3 sig for the cctool patch test,.. since it's master now and has different version numbers.
584 2020-12-13T20:57:30 <jonasschnelli> So trying to sign independent
585 2020-12-13T20:58:30 <jonasschnelli> I hoped by deleting the cctools only in the cache, I can avoid rebuilding the whole dependencies.... but it looks like it builds everything again
586 2020-12-13T21:02:01 <jonasschnelli> I have to continue tomorrow (10pm here,... will start again in 11h)...
587 2020-12-13T21:26:24 *** ghost43 <ghost43!~daer@gateway/tor-sasl/daer> has joined #bitcoin-core-dev
588 2020-12-13T21:27:03 *** ghost43_ <ghost43_!~daer@gateway/tor-sasl/daer> has quit IRC (Ping timeout: 240 seconds)
589 2020-12-13T21:29:21 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
590 2020-12-13T21:32:00 *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has quit IRC (Ping timeout: 256 seconds)
591 2020-12-13T21:33:42 *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Ping timeout: 256 seconds)
592 2020-12-13T21:40:49 *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Quit: Pavlenex)
593 2020-12-13T22:01:39 *** jesseposner <jesseposner!~jp@2601:643:8980:bfd2:3c52:ceaf:5e03:1c52> has joined #bitcoin-core-dev
594 2020-12-13T22:04:42 *** jessepos_ <jessepos_!~jp@2601:643:8980:bfd2:65bd:87f1:eb2b:e04e> has quit IRC (Ping timeout: 260 seconds)
595 2020-12-13T22:06:11 <achow101> updated wumpus's script to do hash checking https://gist.github.com/achow101/fef2415d99965de66ac083b54b83df6e
596 2020-12-13T22:14:03 *** k3tan <k3tan!~pi@gateway/tor-sasl/k3tan> has quit IRC (Ping timeout: 240 seconds)
597 2020-12-13T22:16:15 *** k3tan <k3tan!~pi@gateway/tor-sasl/k3tan> has joined #bitcoin-core-dev
598 2020-12-13T22:17:36 *** tripleslash <tripleslash!~triplesla@unaffiliated/imsaguy> has quit IRC (Ping timeout: 240 seconds)
599 2020-12-13T22:18:56 *** tripleslash <tripleslash!~triplesla@unaffiliated/imsaguy> has joined #bitcoin-core-dev
600 2020-12-13T22:24:06 *** molz_ <molz_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
601 2020-12-13T22:26:45 *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
602 2020-12-13T22:37:35 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
603 2020-12-13T22:37:35 <bitcoin-git> [bitcoin] jonatack opened pull request #20646: p2p: do not disconnect post-verack sendaddrv2 on signet (master...signet-keep-post-verack-sendaddrv2-peers) https://github.com/bitcoin/bitcoin/pull/20646
604 2020-12-13T22:37:36 *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
605 2020-12-13T22:53:02 *** Guyver2 <Guyver2!Guyver@guyver2.xs4all.nl> has quit IRC (Remote host closed the connection)
606 2020-12-13T22:57:57 *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
607 2020-12-13T23:00:57 *** molz_ <molz_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
608 2020-12-13T23:07:14 <achow101> sipa: does your pr gitian build? I have a self signed cert so I can test codesigning now
609 2020-12-13T23:13:37 <sipa> achow101: yes
610 2020-12-13T23:13:56 <sipa> i did a gitian build of the unsigned stage myself