1 2020-12-13T00:00:19  *** miketwenty1 <miketwenty1!~miketwent@ec2-18-205-136-236.compute-1.amazonaws.com> has quit IRC (Remote host closed the connection)
  2 2020-12-13T00:00:40  *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Read error: Connection reset by peer)
  3 2020-12-13T00:01:39  <wumpus> achow101: great!
  4 2020-12-13T00:02:43  <wumpus> let's see if python asncrypto.cms can handle this
  5 2020-12-13T00:03:57  <achow101> I got something!
  6 2020-12-13T00:04:23  <achow101> the tool sipa mentioned earlier seems to work if I pass the CMS data through openssl cms first
  7 2020-12-13T00:06:55  *** miketwenty1 <miketwenty1!~miketwent@ec2-34-202-224-110.compute-1.amazonaws.com> has joined #bitcoin-core-dev
  8 2020-12-13T00:08:05  <wumpus> nice
  9 2020-12-13T00:09:39  <achow101> it's hard to tell where the signature is
 10 2020-12-13T00:09:57  *** StopAndDecrypt <StopAndDecrypt!~StopAndDe@unaffiliated/stopanddecrypt> has joined #bitcoin-core-dev
 11 2020-12-13T00:10:30  <wumpus> what *kind* of CMS structure is it?
 12 2020-12-13T00:11:05  <wumpus> trying ContentInfo first as that's appearntly the normal wrapper type
 13 2020-12-13T00:11:23  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
 14 2020-12-13T00:11:27  <achow101> ah openssl pkcs7 -in sig -inform der -print seems to come out with something usable
 15 2020-12-13T00:12:49  <wumpus> bingo content = ContentInfo.load(blob_data) content['content_type']  '1.2.840.113549.1.7.2': 'signed_data',
 16 2020-12-13T00:13:48  <achow101> The signed hash should be 137856b0cd53ec8e9053f3518b4edf864643138ed548ef61c400068756a2fe48
 17 2020-12-13T00:14:22  <wumpus> macho binaries aren't that intimidating to me anymore :p
 18 2020-12-13T00:17:57  *** StopAndDecrypt <StopAndDecrypt!~StopAndDe@unaffiliated/stopanddecrypt> has left #bitcoin-core-dev
 19 2020-12-13T00:18:36  *** mol <mol!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
 20 2020-12-13T00:21:02  *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has joined #bitcoin-core-dev
 21 2020-12-13T00:23:13  <achow101> at least we can probably verify the signatures now
 22 2020-12-13T00:24:37  <wumpus> I get three different certificatechoices
 23 2020-12-13T00:24:56  *** zpao <zpao!~zpao@139.28.218.148> has joined #bitcoin-core-dev
 24 2020-12-13T00:25:19  <achow101> what are they?
 25 2020-12-13T00:31:00  <wumpus> sha256_rsa sha1_rsa, and another sha256_rsa
 26 2020-12-13T00:31:14  <wumpus> this is for 0.20.1 fwiw
 27 2020-12-13T00:31:50  <achow101> should be the same for rc3
 28 2020-12-13T00:32:18  <achow101> I see there are 3 embedded certs: Apple, Devloper ID Certification Authority, and Bitcoin Core Code Signing Association
 29 2020-12-13T00:32:27  <achow101> presumably it's the cert chain
 30 2020-12-13T00:33:13  <wumpus> oh that makes sense i guess, have to agree the nesting on this is crazy
 31 2020-12-13T00:34:50  <achow101> there's also a timestamp token thing which seems to be another CMS sig that apple produces
 32 2020-12-13T00:35:10  <achow101> I wonder if codesign is phoning home for every sig
 33 2020-12-13T00:35:41  <wumpus> yes, it is
 34 2020-12-13T00:35:58  <achow101> not surprising
 35 2020-12-13T00:36:01  <sipa> that sounds annoying to replicate
 36 2020-12-13T00:36:08  <sipa> depending on the protocol
 37 2020-12-13T00:36:12  <wumpus> "Set up to call Timestamp server if requested"
 38 2020-12-13T00:36:27  <wumpus> line 820 in signer.cpp
 39 2020-12-13T00:37:08  <wumpus> it's rfc3161 iir
 40 2020-12-13T00:37:08  *** sr_gi <sr_gi!~sr_gi@80.174.218.168.dyn.user.ono.com> has quit IRC (Read error: Connection reset by peer)
 41 2020-12-13T00:37:28  <achow101> should we disable that?
 42 2020-12-13T00:37:39  *** sr_gi <sr_gi!~sr_gi@80.174.218.168.dyn.user.ono.com> has joined #bitcoin-core-dev
 43 2020-12-13T00:37:46  <wumpus> the timestamp is used for notarization
 44 2020-12-13T00:37:57  <wumpus> so probably not
 45 2020-12-13T00:38:04  <achow101> ugh
 46 2020-12-13T00:38:29  <achow101> but we don't even notarize
 47 2020-12-13T00:40:41  *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Read error: Connection reset by peer)
 48 2020-12-13T00:42:36  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 240 seconds)
 49 2020-12-13T00:43:49  *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
 50 2020-12-13T00:51:33  <wumpus> this looks similar https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
 51 2020-12-13T00:52:09  <achow101> seems so
 52 2020-12-13T00:52:22  <achow101> from what I can tell, iOS binaries are macho as well
 53 2020-12-13T00:53:12  <achow101> wumpus: are you currently writing a verification tool?
 54 2020-12-13T00:53:34  <wumpus> searching for oid 1.2.840.113635.100.9.1 and 1.2.840.113635.100.9.2 (as appear in the CMS OIDs) gives some matches
 55 2020-12-13T00:55:14  <wumpus> nah just trying to see if asn1crypto.cms in python can make sense of it, and it can, actually verifying anything is far away :):
 56 2020-12-13T00:55:36  <achow101> I'll put together something to extract the hashes so we can at least verify those
 57 2020-12-13T00:56:15  <wumpus> which oid has the hashlist/hashdict?
 58 2020-12-13T00:56:39  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Quit: = "")
 59 2020-12-13T00:56:40  <wumpus> or is that those 9.1/9.2
 60 2020-12-13T00:56:48  <achow101> 1.2.840.113635.100.9.2 probably
 61 2020-12-13T00:57:09  <wumpus> they're seperate so it makes sense to be those two
 62 2020-12-13T00:57:30  <achow101> 9.1 is the string for a plist file
 63 2020-12-13T00:57:36  <achow101> it does contain the hashes in there
 64 2020-12-13T00:57:58  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
 65 2020-12-13T00:58:02  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Client Quit)
 66 2020-12-13T00:58:12  <achow101> 9.2 is a sequence containing a single bye string that matches the code directory hash
 67 2020-12-13T00:59:14  <wumpus> yes that makes sense if it's the same data in some legacy format and the new format
 68 2020-12-13T00:59:15  <achow101> the hash in 9.1 is also trunctaed to 20 bytes
 69 2020-12-13T00:59:42  <wumpus> probably fine to ignore the .1 one
 70 2020-12-13T00:59:55  <achow101> yep
 71 2020-12-13T01:00:51  *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has quit IRC (Quit: Leaving)
 72 2020-12-13T01:02:50  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
 73 2020-12-13T01:06:03  <sipa> by tomorrow morning i'm sure you guys have a tough compatible signer
 74 2020-12-13T01:06:22  *** lontivero <lontivero!~lontivero@186.183.48.121> has joined #bitcoin-core-dev
 75 2020-12-13T01:06:24  <sipa> the day after i expect one that doesn't need a private key
 76 2020-12-13T01:08:04  <wumpus> ok, after some more digging: 1.2.840.113635.100.9.1 is appleHashAgility/SEC_OID_APPLE_HASH_AGILITY/kCMSAttrAppleCodesigningHashAgility, .2 is appleHashAgilityV2/SEC_OID_APPLE_HASH_AGILITY_V2/kCMSAttrAppleCodesigningHashAgilityV2, .3 is appleExpirationTime/SEC_OID_APPLE_EXPIRATION_TIME/kCMSAttrAppleExpirationTime
 77 2020-12-13T01:08:08  <wumpus> sipa: haha yesss
 78 2020-12-13T01:09:12  * fanquake is just waiting for the  TLDR
 79 2020-12-13T01:10:22  <achow101> i'm sure that once a compatible signer is written, apple will change codesigning
 80 2020-12-13T01:10:58  <sipa> fanquake: apple opensource codesign_allocate code behaves differently from the used binary; we found a workaround
 81 2020-12-13T01:11:23  <sipa> fanquake: now achow101 and wumpus are trying to reverse engineer the signature format
 82 2020-12-13T01:11:54  <achow101> so that we can implement an independent verifier, and maybe an independent signer
 83 2020-12-13T01:12:20  <fanquake> Sounds like everything is under control
 84 2020-12-13T01:12:43  <fanquake> Apple being a pain in the arse as per usual
 85 2020-12-13T01:13:40  <sipa> https://twitter.com/_jonasschnelli_/status/1337693216167120902
 86 2020-12-13T01:13:51  <sipa> https://twitter.com/pwuille/status/1337829501804265472
 87 2020-12-13T01:14:08  *** miketwenty1 <miketwenty1!~miketwent@ec2-34-202-224-110.compute-1.amazonaws.com> has quit IRC (Remote host closed the connection)
 88 2020-12-13T01:15:33  *** lontivero <lontivero!~lontivero@186.183.48.121> has quit IRC (Quit: WeeChat 2.8)
 89 2020-12-13T01:21:03  <fanquake> is the dmg signature being invalid only an issue when opening the .dmg on macOS Big Sur?
 90 2020-12-13T01:21:14  <achow101> it's invalid everywhere
 91 2020-12-13T01:21:29  <achow101> when the verifier tries to hash the binary, it's literally the wrong hash
 92 2020-12-13T01:21:48  <fanquake> what's meant to happen? The .dmg opens fine here
 93 2020-12-13T01:22:07  <fanquake> or does it just fail silently / log something
 94 2020-12-13T01:22:08  <sipa> the signature is on the binary, not on the dmg i think?
 95 2020-12-13T01:22:08  <achow101> try opening it
 96 2020-12-13T01:22:16  <achow101> the app itself
 97 2020-12-13T01:22:27  <fanquake> right, not the .dmg
 98 2020-12-13T01:22:52  <achow101> if you open the dmg and do the drag into Applications, it should give you the warning
 99 2020-12-13T01:22:57  <fanquake> I can run the app just fine from the cmd  line
100 2020-12-13T01:23:05  <sipa> fanquake: both when doing the actual signing and when attaching the sig to the binary, some changes to the binary need to be made first; the apple tool does this *slightly* differently than their published source code, so the resulting binary after attaching isn't exactly identical to what the codesigning app produced
101 2020-12-13T01:23:34  <achow101> fanquake: do "codesign -v Bitcoin-Qt.app"
102 2020-12-13T01:23:43  <achow101> with rc3 installed
103 2020-12-13T01:25:01  <fanquake> Yea i see the invalid signature warnings.
104 2020-12-13T01:25:28  <fanquake> It seems like macOS will only stop you from opening the .app though. You can still run Bitcoin-Qt with an invalid signature
105 2020-12-13T01:25:51  <fanquake> Although that's not useful for us
106 2020-12-13T01:26:18  <fanquake> By Bitcoin-Qt I mean: Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
107 2020-12-13T01:26:28  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 246 seconds)
108 2020-12-13T01:26:37  <achow101> fanquake: #20638 for your enjoyment
109 2020-12-13T01:26:39  <gribble> https://github.com/bitcoin/bitcoin/issues/20638 | Mac codesign fixed alloc by achow101 · Pull Request #20638 · bitcoin/bitcoin · GitHub
110 2020-12-13T01:27:12  <fanquake> achow101: Nice. I do enjoy a good write-up
111 2020-12-13T01:35:53  *** vasild_ <vasild_!~vd@gateway/tor-sasl/vasild> has joined #bitcoin-core-dev
112 2020-12-13T01:35:54  *** vasild <vasild!~vd@gateway/tor-sasl/vasild> has quit IRC (Disconnected by services)
113 2020-12-13T01:35:55  *** vasild_ is now known as vasild
114 2020-12-13T02:19:38  *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
115 2020-12-13T02:22:12  *** Chlorine_Vapor <Chlorine_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
116 2020-12-13T02:22:16  *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 240 seconds)
117 2020-12-13T02:24:56  *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 258 seconds)
118 2020-12-13T02:37:05  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
119 2020-12-13T02:37:06  <bitcoin-git> [bitcoin] fanquake pushed 3 commits to master: https://github.com/bitcoin/bitcoin/compare/b18978066d87...ade38b6ee8f9
120 2020-12-13T02:37:07  <bitcoin-git> bitcoin/master faac315 MarcoFalke: Remove unused and confusing CTransaction constructor
121 2020-12-13T02:37:07  <bitcoin-git> bitcoin/master fac39c1 MarcoFalke: wallet: document that tx in CreateTransaction is purely an out-param
122 2020-12-13T02:37:08  <bitcoin-git> bitcoin/master ade38b6 fanquake: Merge #20588: Remove unused and confusing CTransaction constructor
123 2020-12-13T02:37:09  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
124 2020-12-13T02:37:25  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
125 2020-12-13T02:37:26  <bitcoin-git> [bitcoin] fanquake merged pull request #20588: Remove unused and confusing CTransaction constructor (master...2012-txConstructor) https://github.com/bitcoin/bitcoin/pull/20588
126 2020-12-13T02:37:27  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
127 2020-12-13T02:41:22  *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
128 2020-12-13T02:44:24  *** Chlorine_Vapor <Chlorine_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 256 seconds)
129 2020-12-13T02:44:29  *** Mercury_Vapor <Mercury_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has joined #bitcoin-core-dev
130 2020-12-13T02:47:03  *** Asbestos_Vapor <Asbestos_Vapor!~Mercury_V@174-082-166-092.res.spectrum.com> has quit IRC (Ping timeout: 260 seconds)
131 2020-12-13T02:56:02  *** EagleTM <EagleTM!~EagleTM@unaffiliated/eagletm> has joined #bitcoin-core-dev
132 2020-12-13T02:56:23  *** Eagle[TM] <Eagle[TM]!~EagleTM@unaffiliated/eagletm> has quit IRC (Ping timeout: 260 seconds)
133 2020-12-13T03:20:59  *** joelklabo <joelklabo!~textual@108-196-216-127.lightspeed.sntcca.sbcglobal.net> has quit IRC (Read error: No route to host)
134 2020-12-13T04:00:43  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
135 2020-12-13T04:03:30  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
136 2020-12-13T04:03:30  <bitcoin-git> [bitcoin] theStack opened pull request #20640: wallet, refactor: return out-params of CreateTransaction() as optional struct (master...202012-refactor-wallet-createtransaction-return_out_params_in_optstruct) https://github.com/bitcoin/bitcoin/pull/20640
137 2020-12-13T04:03:31  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
138 2020-12-13T04:06:12  *** kristapsk_ <kristapsk_!~KK@gateway/tor-sasl/kristapsk> has quit IRC (Remote host closed the connection)
139 2020-12-13T04:17:10  *** proofofkeags <proofofkeags!~proofofke@174-16-212-53.hlrn.qwest.net> has quit IRC (Remote host closed the connection)
140 2020-12-13T04:37:06  *** tryphe_ is now known as tryphe
141 2020-12-13T05:19:29  *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has quit IRC (Quit: pinheadmz)
142 2020-12-13T05:36:20  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has joined #bitcoin-core-dev
143 2020-12-13T06:08:45  *** verybaddad <verybaddad!~thatdad@108-188-072-226.biz.spectrum.com> has joined #bitcoin-core-dev
144 2020-12-13T06:08:56  *** verybaddad <verybaddad!~thatdad@108-188-072-226.biz.spectrum.com> has left #bitcoin-core-dev
145 2020-12-13T06:22:18  *** Emcy <Emcy!~Emcy@unaffiliated/emcy> has quit IRC (Ping timeout: 272 seconds)
146 2020-12-13T06:24:38  *** Emcy <Emcy!~Emcy@unaffiliated/emcy> has joined #bitcoin-core-dev
147 2020-12-13T06:24:52  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
148 2020-12-13T06:24:53  <bitcoin-git> [bitcoin] MarcoFalke closed pull request #20639: doc: fix case of GitHub (master...fix-case-of-github) https://github.com/bitcoin/bitcoin/pull/20639
149 2020-12-13T06:24:54  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
150 2020-12-13T06:50:15  <dhruvm> Networking question: Are legal CIDR netmasks always 1s followed by 0s? i.e. mask=255.96.0.0 is an illegal mask?
151 2020-12-13T06:50:17  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)
152 2020-12-13T06:51:49  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has joined #bitcoin-core-dev
153 2020-12-13T06:56:33  <dhruvm> I am trying to reason whether given two CIDR subnet representations, it is possible to have partial address overlap between them.
154 2020-12-13T06:57:07  <sipa> no, either they don't overlap at all, or one is a subset of the other
155 2020-12-13T06:57:21  <sipa> or identical to it
156 2020-12-13T06:58:53  <dhruvm> I see. So, the mask is always 1s followed by 0s then?
157 2020-12-13T07:00:01  <dhruvm> They seem to be represented as /32 /24 in most places, but some places I've seen 255.255.0.0 etc which has me confused
158 2020-12-13T07:00:47  <sipa> yeah, in CIDR the netmask has to be 1s and then 0s
159 2020-12-13T07:00:59  <sipa> you can have netmask that are not CIDR though
160 2020-12-13T07:01:16  <sipa> those aren't used in practocr afaik though
161 2020-12-13T07:01:23  <sipa> *practice
162 2020-12-13T07:03:35  <dhruvm> thanks sipa
163 2020-12-13T07:10:05  <sipa> yw
164 2020-12-13T07:16:08  *** jeremyrubin <jeremyrubin!~jr@c-73-15-215-148.hsd1.ca.comcast.net> has quit IRC (Ping timeout: 272 seconds)
165 2020-12-13T07:39:16  *** zpao <zpao!~zpao@139.28.218.148> has quit IRC (Remote host closed the connection)
166 2020-12-13T07:52:50  *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has quit IRC (Read error: Connection reset by peer)
167 2020-12-13T07:52:58  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)
168 2020-12-13T07:54:22  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has joined #bitcoin-core-dev
169 2020-12-13T07:59:23  *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has joined #bitcoin-core-dev
170 2020-12-13T08:22:23  *** vasild <vasild!~vd@gateway/tor-sasl/vasild> has quit IRC (Ping timeout: 240 seconds)
171 2020-12-13T08:32:21  *** mrd <mrd!~mrd@185.103.96.147> has joined #bitcoin-core-dev
172 2020-12-13T08:42:26  *** mrd <mrd!~mrd@185.103.96.147> has quit IRC (Remote host closed the connection)
173 2020-12-13T08:42:28  *** mol <mol!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 256 seconds)
174 2020-12-13T08:50:50  <jonasschnelli> I upgraded my system and my gitian LXC console can no longer access the internet (it can fetch via apt-cacher-ng, but not the depends packages). Any idea?
175 2020-12-13T08:51:22  <jonasschnelli> sudo lxc-execute  -n gitian -f var/lxc.config -- sudo -u root -i -- ping 8.8.8.8                  <- times out
176 2020-12-13T08:54:17  <sipa> jonasschnelli: there is that snippet of code you need to run to set up network interfaces
177 2020-12-13T08:54:43  <jonasschnelli> sipa: I guess you'r refering to https://github.com/bitcoin-core/docs/blob/master/gitian-building/gitian-building-setup-gitian-debian.md#setting-up-debian-for-gitian-building
178 2020-12-13T08:54:45  <jonasschnelli> I did that
179 2020-12-13T08:58:02  <sipa> ok
180 2020-12-13T08:58:08  <jonasschnelli> sipa: what do you have in gitian-builder/var/lxc-config for the key lxc.net.0.ipv4.address?
181 2020-12-13T08:58:37  <sipa> i just followed the docs, on a fresh debian install
182 2020-12-13T08:59:12  <jonasschnelli> and my br0 has inet 10.0.2.2?! shouldn't it be 10.0.3.1?!
183 2020-12-13T09:08:35  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@mx-ll-171.5.29-209.dynamic.3bb.co.th> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)
184 2020-12-13T09:09:13  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
185 2020-12-13T09:15:07  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)
186 2020-12-13T09:16:06  *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
187 2020-12-13T09:20:25  *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 240 seconds)
188 2020-12-13T09:42:55  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
189 2020-12-13T09:43:13  *** sdaftuar <sdaftuar!~sdaftuar@gateway/tor-sasl/sdaftuar> has quit IRC (Remote host closed the connection)
190 2020-12-13T09:43:35  *** sdaftuar <sdaftuar!~sdaftuar@gateway/tor-sasl/sdaftuar> has joined #bitcoin-core-dev
191 2020-12-13T10:23:43  *** virtu <virtu!~virtu@gateway/tor-sasl/virtu> has quit IRC (Ping timeout: 240 seconds)
192 2020-12-13T10:25:53  *** virtu <virtu!~virtu@gateway/tor-sasl/virtu> has joined #bitcoin-core-dev
193 2020-12-13T10:29:35  *** Talkless <Talkless!~Talkless@mail.dargis.net> has joined #bitcoin-core-dev
194 2020-12-13T10:31:36  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
195 2020-12-13T10:56:56  *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has quit IRC (Remote host closed the connection)
196 2020-12-13T10:57:56  *** mol <mol!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
197 2020-12-13T11:08:02  *** espadrine <espadrine!~espadrine@s91904426.blix.com> has joined #bitcoin-core-dev
198 2020-12-13T11:08:59  *** gribble <gribble!~gribble@unaffiliated/nanotube/bot/gribble> has joined #bitcoin-core-dev
199 2020-12-13T11:18:49  *** Ole76Christianse <Ole76Christianse!~Ole76Chri@static.57.1.216.95.clients.your-server.de> has joined #bitcoin-core-dev
200 2020-12-13T11:23:34  *** Ole76Christianse <Ole76Christianse!~Ole76Chri@static.57.1.216.95.clients.your-server.de> has quit IRC (Ping timeout: 246 seconds)
201 2020-12-13T11:27:04  <wumpus> on my gitian host the host br0 is 10.0.3.2
202 2020-12-13T11:28:43  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Ping timeout: 240 seconds)
203 2020-12-13T11:28:49  *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has joined #bitcoin-core-dev
204 2020-12-13T11:31:09  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
205 2020-12-13T11:50:26  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)
206 2020-12-13T11:53:15  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
207 2020-12-13T11:53:24  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Client Quit)
208 2020-12-13T11:53:53  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has joined #bitcoin-core-dev
209 2020-12-13T11:57:14  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@171.5.29.209> has quit IRC (Client Quit)
210 2020-12-13T11:57:17  <wumpus> though as long as they're used consistently throughout it doesn't really matter what the exact addresses are
211 2020-12-13T12:05:25  *** mj_node <mj_node!~mj_node@122.0.25.130> has joined #bitcoin-core-dev
212 2020-12-13T12:14:39  *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has quit IRC (Quit: Leaving)
213 2020-12-13T12:30:56  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has joined #bitcoin-core-dev
214 2020-12-13T12:37:41  *** Guyver2 <Guyver2!Guyver@guyver2.xs4all.nl> has joined #bitcoin-core-dev
215 2020-12-13T12:37:59  *** Guyver2_ <Guyver2_!Guyver@guyver2.xs4all.nl> has joined #bitcoin-core-dev
216 2020-12-13T12:52:34  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Quit: Pavlenex)
217 2020-12-13T12:56:28  *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
218 2020-12-13T12:57:58  <wumpus> achow101: phantomcircuit: FWIW here's my (very makeshift) python script from last night that uses macholib and asn1crypto to extract and print the signature information from a macos binary: https://gist.github.com/laanwj/a0e00bcd3fe4cd2aa1c0803e91310495
219 2020-12-13T12:59:07  *** mol <mol!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 246 seconds)
220 2020-12-13T13:03:04  <wumpus> all dependencies are pure python as it is now; but for actual verification it's hard to get around openssl i'm afraid
221 2020-12-13T13:14:53  <Talkless> Anyone using QtCreator to work with bitcoin core? It's code model does not find any of bitcoin core includes, all underlined. I've created project as Autotools.
222 2020-12-13T13:17:45  *** iamgr00t_ <iamgr00t_!~iamgr00t@unaffiliated/iamgr00t> has joined #bitcoin-core-dev
223 2020-12-13T13:17:57  *** iamgr00t <iamgr00t!~iamgr00t@unaffiliated/iamgr00t> has quit IRC (Ping timeout: 260 seconds)
224 2020-12-13T13:18:34  *** kinlo <kinlo!~peter@unaffiliated/kinlo> has quit IRC (Ping timeout: 260 seconds)
225 2020-12-13T13:21:30  *** kinlo <kinlo!~peter@unaffiliated/kinlo> has joined #bitcoin-core-dev
226 2020-12-13T13:37:44  <wumpus> i think you need to manually configure somehow what paths to look in for include files
227 2020-12-13T13:38:31  *** molz_ <molz_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
228 2020-12-13T13:41:37  *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 264 seconds)
229 2020-12-13T13:42:16  *** Guyver2_ <Guyver2_!Guyver@guyver2.xs4all.nl> has quit IRC (Quit: Going offline, see ya! (www.adiirc.com))
230 2020-12-13T13:45:24  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
231 2020-12-13T13:45:26  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Client Quit)
232 2020-12-13T13:47:09  *** mol <mol!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
233 2020-12-13T13:49:45  *** molz_ <molz_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
234 2020-12-13T13:49:59  *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
235 2020-12-13T13:52:57  *** mol <mol!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 260 seconds)
236 2020-12-13T13:53:27  *** espadrine <espadrine!~espadrine@s91904426.blix.com> has quit IRC (Remote host closed the connection)
237 2020-12-13T14:00:49  *** davterra <davterra!~davterra@107.182.237.18> has quit IRC (Quit: Leaving)
238 2020-12-13T14:02:24  <wumpus> https://github.com/wbond/certvalidator "A Python library for validating X.509 certificates or paths" maybe this is useful
239 2020-12-13T14:03:46  *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has joined #bitcoin-core-dev
240 2020-12-13T14:09:29  <wumpus> some examples https://github.com/wbond/certvalidator/blob/master/docs/usage.md, iwonder if the simple example simply works
241 2020-12-13T14:11:26  *** potato <potato!~Thunderbi@240d:1a:3d4:7d00:6195:91a4:15a2:31e8> has quit IRC (Ping timeout: 264 seconds)
242 2020-12-13T14:19:24  *** kabaum <kabaum!~kabaum@h-13-35.A163.priv.bahnhof.se> has quit IRC (Remote host closed the connection)
243 2020-12-13T14:21:41  *** promag_ <promag_!~promag@188.250.84.129> has joined #bitcoin-core-dev
244 2020-12-13T14:21:41  *** promag <promag!~promag@188.250.84.129> has quit IRC (Read error: Connection reset by peer)
245 2020-12-13T14:22:36  <wumpus> oh that only validates the certificates, not the CMS SignerInfo
246 2020-12-13T14:25:17  <wumpus> this handles *some kinds of* SignerINfo, but not the CMS one: https://github.com/ralphje/signify/blob/master/signify/signerinfo.py
247 2020-12-13T14:27:49  <wumpus> though rfc2315 and rfc5652 look very similar
248 2020-12-13T14:28:17  *** alko89 <alko89!~alko89@unaffiliated/alko89> has quit IRC (Quit: ZNC 1.7.5 - https://znc.in)
249 2020-12-13T14:28:45  *** jessepos_ <jessepos_!~jp@2601:643:8980:bfd2:65bd:87f1:eb2b:e04e> has joined #bitcoin-core-dev
250 2020-12-13T14:29:45  <wumpus> wait, CMS is RFC 5652
251 2020-12-13T14:31:50  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
252 2020-12-13T14:31:51  <bitcoin-git> [bitcoin] hebasto opened pull request #20641: depends: Use Qt top-level build facilities (master...201213-top) https://github.com/bitcoin/bitcoin/pull/20641
253 2020-12-13T14:31:51  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
254 2020-12-13T14:32:01  <wumpus> it's just the pyasn naming instead of asn1crypto, because of course, crypto can never be confusing enough
255 2020-12-13T14:32:26  *** jesseposner <jesseposner!~jp@2601:643:8980:bfd2:4ca5:5aef:8068:2da7> has quit IRC (Ping timeout: 264 seconds)
256 2020-12-13T14:33:30  *** alko89 <alko89!~alko89@unaffiliated/alko89> has joined #bitcoin-core-dev
257 2020-12-13T14:33:55  <jamesob> hm, when importing a watch-only wallet, is there any risk to using `scantxoutset` to find the oldest UTXO, and then using that as the base block to pass to `rescanblockchain` for that wallet? you might miss the transactions for some spent coins, but wondering if that even matters.
258 2020-12-13T14:34:26  <wumpus> we'll get there, apparently it is a very similar mechanism as PE authenticode (windows code signing)
259 2020-12-13T14:35:38  <wumpus> jamesob: you'd say the resulting balance and utxo set should be the same, would definitely test though
260 2020-12-13T14:35:54  <jamesob> wumpus: right, that's what I'd think
261 2020-12-13T14:37:40  *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has quit IRC (Quit: pinheadmz)
262 2020-12-13T14:38:11  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
263 2020-12-13T14:40:33  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
264 2020-12-13T14:40:34  <bitcoin-git> [bitcoin] hebasto opened pull request #20642: depends: Drop unneeded patches for qt package (master...201213-patch) https://github.com/bitcoin/bitcoin/pull/20642
265 2020-12-13T14:40:35  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
266 2020-12-13T14:42:47  *** da39a3ee5e6b4b0d <da39a3ee5e6b4b0d!~da39a3ee5@2403:6200:8876:bbcd:2474:9519:9fb5:8678> has quit IRC (Quit: My MacBook has gone to sleep. ZZZzzz…)
267 2020-12-13T14:43:03  *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has joined #bitcoin-core-dev
268 2020-12-13T14:45:11  <harding> jamesob: you'd have to guess the range for scantxoutset, though.  If you guess too low then it'll look like the wallet is empty.
269 2020-12-13T14:46:18  <jamesob> you mean the upper end of the range? I'd just assume go to tip; I'm just thinking you could use `scatxoutset` to truncate the lower bound
270 2020-12-13T14:47:04  <harding> jamesob: sorry, I meant the derived address range, which I think non-Bitcoin Core software usually calls the gap limit.
271 2020-12-13T14:47:36  <jamesob> harding: oh! gotcha; yeah I was talking about the rescan range in height units
272 2020-12-13T14:47:38  <harding> $ bitcoin-cli help scantxoutset | grep '"range"'
273 2020-12-13T14:47:38  <harding>          "range": n or [n,n],    (numeric or array, optional, default=1000) The range of HD chain indexes to explore (either end or [begin,end])
274 2020-12-13T14:48:05  <wumpus> maybe the best way forward is to add apple macho verification support to signify and upstream it; conceptually it's similar and there's bound to be so much shared code, e.g. this is the signature extraction and check for signed PE files: https://github.com/ralphje/signify/blob/master/signify/signed_pe.py
275 2020-12-13T14:48:57  *** molz_ <molz_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
276 2020-12-13T14:51:45  *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
277 2020-12-13T14:59:42  *** davterra <davterra!~davterra@gateway/tor-sasl/tralfaz> has joined #bitcoin-core-dev
278 2020-12-13T15:00:50  *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has quit IRC (Remote host closed the connection)
279 2020-12-13T15:01:44  *** pinheadmz <pinheadmz!~pinheadmz@71.190.30.138> has joined #bitcoin-core-dev
280 2020-12-13T15:10:27  *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has quit IRC (Remote host closed the connection)
281 2020-12-13T15:10:52  *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has joined #bitcoin-core-dev
282 2020-12-13T15:12:35  *** mj_node <mj_node!~mj_node@122.0.25.130> has quit IRC (Quit: Leaving)
283 2020-12-13T15:14:27  *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has quit IRC (Remote host closed the connection)
284 2020-12-13T15:14:53  *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has joined #bitcoin-core-dev
285 2020-12-13T15:32:43  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Ping timeout: 240 seconds)
286 2020-12-13T15:43:56  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
287 2020-12-13T15:57:22  *** belcher_ <belcher_!~belcher@unaffiliated/belcher> has joined #bitcoin-core-dev
288 2020-12-13T16:00:05  *** icota[m] <icota[m]!icotamatri@gateway/shell/matrix.org/x-guhcgzevcwsswvxj> has quit IRC (Quit: Idle for 30+ days)
289 2020-12-13T16:00:13  *** belcher <belcher!~belcher@unaffiliated/belcher> has quit IRC (Ping timeout: 264 seconds)
290 2020-12-13T16:27:55  *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
291 2020-12-13T16:29:06  *** kristapsk <kristapsk!~KK@gateway/tor-sasl/kristapsk> has joined #bitcoin-core-dev
292 2020-12-13T16:32:16  *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 240 seconds)
293 2020-12-13T16:32:48  *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
294 2020-12-13T16:37:34  *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 256 seconds)
295 2020-12-13T16:38:18  *** jonatack <jonatack!~jon@88.124.242.136> has joined #bitcoin-core-dev
296 2020-12-13T16:43:48  *** jonatack <jonatack!~jon@88.124.242.136> has quit IRC (Ping timeout: 256 seconds)
297 2020-12-13T16:44:14  *** jonatack <jonatack!~jon@134.19.179.139> has joined #bitcoin-core-dev
298 2020-12-13T16:45:18  *** jeremyrubin <jeremyrubin!~jr@c-73-15-215-148.hsd1.ca.comcast.net> has joined #bitcoin-core-dev
299 2020-12-13T16:48:24  <wumpus> okay, scrap that, of couuurse pyasn1 (in contrast to asn1crypto) can't parse the signature data, well let's see if i can get it to work with that
300 2020-12-13T16:57:08  *** shesek <shesek!~shesek@unaffiliated/shesek> has joined #bitcoin-core-dev
301 2020-12-13T16:59:30  *** AaronvanW <AaronvanW!~AaronvanW@unaffiliated/aaronvanw> has joined #bitcoin-core-dev
302 2020-12-13T17:07:31  <michaelfolkson> Will we want a BIP 44 coin type index for Signet?
303 2020-12-13T17:07:40  <michaelfolkson> The default Signet
304 2020-12-13T17:08:23  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has quit IRC (Ping timeout: 240 seconds)
305 2020-12-13T17:08:36  <michaelfolkson> Looking at the registered coin types for BIP 44. Sooooo many s***coins https://github.com/satoshilabs/slips/blob/master/slip-0044.md
306 2020-12-13T17:08:52  *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has joined #bitcoin-core-dev
307 2020-12-13T17:09:12  <michaelfolkson> Perhaps too early. Perhaps should only be considered once Signet is more stable/mature
308 2020-12-13T17:10:27  *** bitdex <bitdex!~bitdex@gateway/tor-sasl/bitdex> has joined #bitcoin-core-dev
309 2020-12-13T17:15:53  *** kexkey <kexkey!~kexkey@static-198-54-132-142.cust.tzulo.com> has joined #bitcoin-core-dev
310 2020-12-13T17:18:39  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
311 2020-12-13T17:25:44  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 256 seconds)
312 2020-12-13T17:27:26  <wumpus> wow i got it to validate
313 2020-12-13T17:29:54  <wumpus> michaelfolkson: the consensus seems to be that new testnets will simply use testnet's parameters
314 2020-12-13T17:35:39  <michaelfolkson> wumpus: Are there any parameters (descriptors, HD wallet, network etc) where this could pose problems? I guess it only gets complicated if the user is switching between testnet and signet
315 2020-12-13T17:36:01  <michaelfolkson> And presumably not many will be doing that
316 2020-12-13T17:36:50  <michaelfolkson> (regularly switching back and forth I mean)
317 2020-12-13T17:36:51  <luke-jr> michaelfolkson: signet is for testing only. any problems, you get to pick up pieces ;)
318 2020-12-13T17:37:33  <luke-jr> user is assumed to know what he is doing
319 2020-12-13T17:39:37  <michaelfolkson> luke-jr: I guess... would still be nice to help them avoid unnecessary gotchas perhaps
320 2020-12-13T17:45:08  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has joined #bitcoin-core-dev
321 2020-12-13T17:51:29  *** alko89 <alko89!~alko89@unaffiliated/alko89> has quit IRC (Quit: ZNC 1.7.5 - https://znc.in)
322 2020-12-13T17:51:39  *** alko89 <alko89!~alko89@unaffiliated/alko89> has joined #bitcoin-core-dev
323 2020-12-13T18:01:23  *** tralfaz <tralfaz!~davterra@gateway/tor-sasl/tralfaz> has joined #bitcoin-core-dev
324 2020-12-13T18:02:29  *** davterra <davterra!~davterra@gateway/tor-sasl/tralfaz> has quit IRC (Remote host closed the connection)
325 2020-12-13T18:05:33  <achow101> wumpus: nice! does it rely on openssl for the validation?
326 2020-12-13T18:06:19  <wumpus> achow101: it uses oscrypto.asymmetric, no idea what that uses internally
327 2020-12-13T18:06:38  <achow101> can you update the gist?
328 2020-12-13T18:07:45  <wumpus> sure
329 2020-12-13T18:09:21  *** alko89 <alko89!~alko89@unaffiliated/alko89> has quit IRC (Quit: ZNC 1.7.5 - https://znc.in)
330 2020-12-13T18:10:31  *** alko89 <alko89!~alko89@unaffiliated/alko89> has joined #bitcoin-core-dev
331 2020-12-13T18:12:10  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Remote host closed the connection)
332 2020-12-13T18:12:13  <wumpus> achow101: updated, note that it doesn't verify the intermediate certificate chain yet, only the final signatures on the SignerDatas
333 2020-12-13T18:12:27  <achow101> great
334 2020-12-13T18:14:34  <wumpus> I tried to use certvalidator to do that, but it gets into problems, even when manually providing the sorted certificate chain to the path validator it barks on some apple-specific extension *shrug*
335 2020-12-13T18:16:03  <wumpus> it's cool to find so much code that *almost* does what i want but is just that little bit off
336 2020-12-13T18:17:28  *** justanotheruser <justanotheruser!~justanoth@unaffiliated/justanotheruser> has quit IRC (Ping timeout: 260 seconds)
337 2020-12-13T18:20:01  *** fearbeag <fearbeag!~sseanicid@bras-base-clwdon2201w-grc-18-216-209-44-58.dsl.bell.ca> has quit IRC (Ping timeout: 264 seconds)
338 2020-12-13T18:21:26  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
339 2020-12-13T18:24:13  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Remote host closed the connection)
340 2020-12-13T18:36:06  *** Tennis <Tennis!~Tennis@unaffiliated/tennis> has quit IRC (Quit: Leaving)
341 2020-12-13T18:50:24  <wumpus> ok, updated gist again, it can now optionally validate the certificate chain (however, this required a one-line patch to certvalidator unfortunately)
342 2020-12-13T18:54:30  <sipa> awesome
343 2020-12-13T18:55:17  <jonasschnelli> shall I try to gbuild and detach-sign 20638?
344 2020-12-13T18:56:03  <jonasschnelli> or are you guys in the middle of fixing the internet?
345 2020-12-13T18:57:41  <sipa> #20638
346 2020-12-13T18:57:43  <gribble> https://github.com/bitcoin/bitcoin/issues/20638 | build: Fix macOS code signing by pre-allocating space for the code signature during gitian build by achow101 · Pull Request #20638 · bitcoin/bitcoin · GitHub
347 2020-12-13T18:57:50  <sipa> jonasschnelli: yeah, try please
348 2020-12-13T18:59:14  <wumpus> jonasschnelli: i guess we're working on a tool that checks the signature (i wrote the part that validates the CMS envelope, achow101 the part that checks hashes against the binary), this doesn't replace or delay #20638
349 2020-12-13T18:59:15  <gribble> https://github.com/bitcoin/bitcoin/issues/20638 | build: Fix macOS code signing by pre-allocating space for the code signature during gitian build by achow101 · Pull Request #20638 · bitcoin/bitcoin · GitHub
350 2020-12-13T19:00:24  <achow101> wumpus: are you sure that it's validating the right thing? the data being passed into verify is more than just the hash of the CodeDirectory
351 2020-12-13T19:00:32  <achow101> it also seems like it hashes the data too
352 2020-12-13T19:01:12  <wumpus> I'm pretty sure it validtes the right thing, the SignerInfos contain signed_attrs that has the list of hashes
353 2020-12-13T19:01:50  <wumpus> my script doesn't validate the actual hashes against the binary of course
354 2020-12-13T19:01:59  <achow101> right, that's the part I'm adding to it
355 2020-12-13T19:02:27  <sipa> do you know where to find the page sizes used?
356 2020-12-13T19:02:43  <achow101> i'd be surprised if the verify is able to pull out the hashes from the "signed_attrs" because that seems like some apple specific stuff
357 2020-12-13T19:02:51  <achow101> sipa: it's embedded in CodeDirectory
358 2020-12-13T19:02:57  <achow101> or do you mean in the source?
359 2020-12-13T19:04:10  <sipa> achow101: just wondering if you can account for that (so that it'd keep working if a different page size is used at some point)
360 2020-12-13T19:04:22  <achow101> yep, definitely accounting for that
361 2020-12-13T19:04:48  <sipa> wumpus, achow101: easy to test if it's validating the right thing; if you damage the signature, does it fail?
362 2020-12-13T19:05:08  <sipa> or better, damage the message being signed
363 2020-12-13T19:06:36  <wumpus> to get out your hashes data you need for attr in signerinfo['signed_attrs']: if attr['type'].native == SEC_OID_APPLE_HASH_AGILITY_V2: print(attr['values'][0].contents)
364 2020-12-13T19:07:27  <wumpus> that gets the byte data, which i guess is simply concatenated hashes
365 2020-12-13T19:08:22  <wumpus> it can extract everything, it's of no help parsing it of course
366 2020-12-13T19:10:20  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
367 2020-12-13T19:10:46  <achow101> there's a field named "message_digest" that I'm trying to grab
368 2020-12-13T19:10:55  <achow101> that's not an apple specific thing apparently
369 2020-12-13T19:11:20  <achow101> apparently the hash is in the sig 3 times in 3 different fields
370 2020-12-13T19:12:22  <wumpus> attr['type'].native == 'message_digest'
371 2020-12-13T19:12:40  <achow101> also, oscrypto uses openssl in the backend
372 2020-12-13T19:12:51  <wumpus> yes it seems so, on linux
373 2020-12-13T19:14:03  <jonasschnelli> achow101: 6b2c9ac15da01cc4fa3951059fdf44c4eebd432288af6691ef94604f601b9ab9  bitcoin-6753b74195d8-osx-unsigned.tar.gz
374 2020-12-13T19:14:59  <wumpus> in any case if you can find something else that does the "rsa_pkcs1v15_verify" i guess it'd be straightforward to replace
375 2020-12-13T19:15:57  <wumpus> sipa: yes, damaging either the signature or data makes it fail
376 2020-12-13T19:16:12  <jonasschnelli> bad new
377 2020-12-13T19:16:14  <jonasschnelli> +s
378 2020-12-13T19:16:28  <jonasschnelli> dist/Bitcoin-Qt.app: invalid or unsupported format for signature
379 2020-12-13T19:16:39  *** kexkey <kexkey!~kexkey@static-198-54-132-142.cust.tzulo.com> has quit IRC (Ping timeout: 256 seconds)
380 2020-12-13T19:16:40  <jonasschnelli> when calling ./detached-sig-create.sh -s "Bitcoin"
381 2020-12-13T19:16:43  <jonasschnelli> ^ achow101
382 2020-12-13T19:16:47  <sipa> ugh
383 2020-12-13T19:16:52  <achow101> eh?
384 2020-12-13T19:16:55  <achow101> damnit
385 2020-12-13T19:17:01  <sipa> it detects that too much space was added?
386 2020-12-13T19:17:09  <jonasschnelli> probably
387 2020-12-13T19:17:19  <sipa> or that it has too much space which isn"t 0x2000 aligned?
388 2020-12-13T19:17:20  <achow101> no, it tries to parse existing signatures
389 2020-12-13T19:17:26  <sipa> oh
390 2020-12-13T19:17:28  <achow101> it's all 0's, so obviouslyu it doesn't parse
391 2020-12-13T19:17:46  <achow101> I thought the -f option we give it ignores that
392 2020-12-13T19:19:48  <jonasschnelli> The file has a MP_EMPTY_SPACE of size 8, then MP_CODE_SIG with size 256208
393 2020-12-13T19:19:56  *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has joined #bitcoin-core-dev
394 2020-12-13T19:20:26  <jonasschnelli> achow101: -f option?
395 2020-12-13T19:20:32  *** EagleTM <EagleTM!~EagleTM@unaffiliated/eagletm> has quit IRC (Ping timeout: 265 seconds)
396 2020-12-13T19:20:37  <achow101> --force
397 2020-12-13T19:20:47  <sipa> what binary is called that fails?
398 2020-12-13T19:21:20  <jonasschnelli> sipa: I ran  ./detached-sig-create.sh but I guess the one that matter is the dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
399 2020-12-13T19:21:29  <jonasschnelli> achow101: but your PR doesn't add --force or -f
400 2020-12-13T19:21:37  <achow101> it's already there
401 2020-12-13T19:21:42  <achow101> look at the codesign command in detached-sig-create
402 2020-12-13T19:21:43  <sipa> jonasschnelli: i mean what tool is called that gives that error
403 2020-12-13T19:21:56  <jonasschnelli> let me look...
404 2020-12-13T19:22:08  <sipa> is it codesign or something else
405 2020-12-13T19:22:35  <jonasschnelli> set -x tells me: + codesign -f --file-list sign.temp/signatures.txt -s Bitcoin dist/Bitcoin-Qt.app
406 2020-12-13T19:22:52  <achow101> it's codesign
407 2020-12-13T19:23:40  <jonasschnelli> stupid question: why can't we just use the open source variant of codesign (if that exists)? to match codesign_allocate?
408 2020-12-13T19:23:41  <achow101> mmm, what if we cut off the allocated space?
409 2020-12-13T19:24:16  <achow101> jonasschnelli: there's no open source variant of codesign. codesign also requires codesign_allocate to be signed by apple, so we can't use the open source variant of that either
410 2020-12-13T19:24:24  <sipa> jonasschnelli: codesign only accepts apple-signed versions of codesign_allocate
411 2020-12-13T19:24:39  <achow101> "If the CODESIGN_ALLOCATE environment variable is set, it identifies a substitute codesign_allocate tool used to allocate space for code signatures in Mach-O binaries. This is used by Xcode SDK distributions to provide architectural support for non-native platforms such as iPhones.
412 2020-12-13T19:24:39  <achow101>      The system will not accept such substitutes unless they are specially signed (by Apple)."
413 2020-12-13T19:24:40  <jonasschnelli> hmm.. apple style again
414 2020-12-13T19:25:01  <sipa> we can also try patching our codesign_allocate to roubd to 0x2000
415 2020-12-13T19:25:17  <sipa> it's a bit more brittle, but i don't see how it can fail
416 2020-12-13T19:28:33  <jonasschnelli> should we also file a bug at apples issue tracker for a long term fix of this?
417 2020-12-13T19:29:07  *** belcher_ is now known as belcher
418 2020-12-13T19:29:08  <achow101> they have one?
419 2020-12-13T19:29:57  <achow101> hmm, what if we put in an empty SuperBlob?
420 2020-12-13T19:34:25  *** justanotheruser <justanotheruser!~justanoth@unaffiliated/justanotheruser> has joined #bitcoin-core-dev
421 2020-12-13T19:34:45  *** vasild <vasild!~vd@gateway/tor-sasl/vasild> has joined #bitcoin-core-dev
422 2020-12-13T19:35:15  <achow101> jonasschnelli: if you do "printf "\xfa\xde\x0c\xc0" | dd of=dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt bs=1 seek=26391600 count=4 conv=notrunc" and then try to sign, does it work?
423 2020-12-13T19:35:28  * jonasschnelli doing...
424 2020-12-13T19:36:09  <jonasschnelli> still getting: dist/Bitcoin-Qt.app: invalid or unsupported format for signature
425 2020-12-13T19:36:39  <achow101> darn
426 2020-12-13T19:37:33  <jonasschnelli> what if we overwrite the bytes with an "valid" signature we extract from a successful signing?
427 2020-12-13T19:38:06  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
428 2020-12-13T19:38:06  <bitcoin-git> [bitcoin] sipa opened pull request #20644: Add patch to make codesign_allocate compatible with Apple's (master...202012_codesign_allocate_segalign) https://github.com/bitcoin/bitcoin/pull/20644
429 2020-12-13T19:38:07  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
430 2020-12-13T19:38:25  <sipa> jonasschnelli: can you try that? ^
431 2020-12-13T19:38:30  <sipa> (entirely untested)
432 2020-12-13T19:38:34  <achow101> jonasschnelli: would probably work
433 2020-12-13T19:38:36  <jonasschnelli> okay.. I'll clear the cache and run it
434 2020-12-13T19:39:07  <jonasschnelli> achow101: I mean you could probably replace the zero signature (the allocation) with the largest signature you find in 0.12
435 2020-12-13T19:39:38  <jonasschnelli> maybe the tool only validates the header or so,.. so combining with the allocation hack might work?
436 2020-12-13T19:39:47  <jonasschnelli> trying sipa patch now
437 2020-12-13T19:40:08  <achow101> with the -f option, codesign will only warn if the existing sig is invalid. but I guess it needs to be properly formatted first
438 2020-12-13T19:40:13  <achow101> maybe not even warn
439 2020-12-13T19:40:35  <achow101> so you could try to apply the rc3 sig to the pr's build and then sign that
440 2020-12-13T19:40:47  *** lontivero <lontivero!~lontivero@186.183.48.250> has joined #bitcoin-core-dev
441 2020-12-13T19:41:09  <jonasschnelli> achow101: what does codesign_allocate do with the existing sig? Just expand?
442 2020-12-13T19:41:15  <jonasschnelli> (I mean in your PR)
443 2020-12-13T19:41:19  <achow101> yes
444 2020-12-13T19:41:29  <jonasschnelli> that could work...
445 2020-12-13T19:41:40  <achow101> wumpus: huh, I guess it does sign the whole "signed_attrs" thing and not just the message digest as I previously thought
446 2020-12-13T19:41:41  <jonasschnelli> But how would I apply the sig?
447 2020-12-13T19:42:01  <achow101> run detached-sig-apply.sh locally
448 2020-12-13T19:42:34  <jonasschnelli> yes... I could try that
449 2020-12-13T19:44:44  <sipa> my PR doesn't work
450 2020-12-13T19:44:46  <sipa> fixing
451 2020-12-13T19:46:30  <jonasschnelli> achow101: can I take a unsigned.tar.gz from master,... manually apply the sig (detached-sig-apply.sh) on linux, execute your patch ${CODESIGN_ALLOCATE} -i ${BINARY_RESULT} -a x86_64 ${SIG_SIZE_EST} -o ${BINARY_RESULT} and then try to sign on OSX?
452 2020-12-13T19:46:40  <jonasschnelli> without gitian at all?
453 2020-12-13T19:46:50  <jonasschnelli> I can take the same cc_tools (form the cache)
454 2020-12-13T19:47:13  <achow101> to test, the sig creation, yes
455 2020-12-13T19:47:27  <jonasschnelli> sipa: so 6e9f0fa7f7ce95cc4ddf0e5cc4c49ab75361efe7 is it?
456 2020-12-13T19:48:19  <sipa> jonasschnelli: yup
457 2020-12-13T19:48:43  <sipa> unfortunately, this working isn't a guarantee it will always work
458 2020-12-13T19:48:56  <sipa> because the build may randomly be 0x2000 aligned
459 2020-12-13T19:49:12  <jonasschnelli> sipa: could we detect this easly?
460 2020-12-13T19:49:28  <jonasschnelli> (well,... wumpus verification tool would)
461 2020-12-13T19:49:28  <achow101> jonasschnelli: is there some kind of dev testing code signing cert? I'd like to be able to test this stuff
462 2020-12-13T19:49:50  <jonasschnelli> achow101: sure. I can try to make you one
463 2020-12-13T19:50:04  <achow101> There's no apple default?
464 2020-12-13T19:50:13  <jonasschnelli> I don't know
465 2020-12-13T19:50:31  <achow101> ah, i'll look into it later
466 2020-12-13T19:50:35  <jonasschnelli> I guess if I hand you out a different certificate, end uses would have no plan/idea to differenciate those
467 2020-12-13T19:50:52  <achow101> yeah
468 2020-12-13T19:51:00  <sipa> you won't have a certificate chain leading back to apple
469 2020-12-13T19:51:32  <sipa> or perhaps one which doesn't convey codesigning rights
470 2020-12-13T19:52:25  <achow101> I wouldn't be surprised if apple didn't let you sign with such a cert
471 2020-12-13T19:52:56  <jonasschnelli> sipa: so your cctools patch is only relevant for the signing step? I don't need to rebuild the actual unsigned release build?
472 2020-12-13T19:53:04  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has joined #bitcoin-core-dev
473 2020-12-13T19:53:14  <jonasschnelli> it only affects detached-sig-apply.sh, right?
474 2020-12-13T19:53:18  <achow101> yes
475 2020-12-13T19:54:02  <sipa> jonasschnelli: right
476 2020-12-13T19:54:27  *** EagleTM <EagleTM!~EagleTM@unaffiliated/eagletm> has joined #bitcoin-core-dev
477 2020-12-13T19:54:59  <achow101> ah, there's instructions for a self signed cert. this may work
478 2020-12-13T19:55:55  <jonasschnelli> but! gitian-osx-signer.yml does not build the depends? So I need to clear the cache and do the release build anyways
479 2020-12-13T19:56:11  <sipa> ah right
480 2020-12-13T19:56:29  <sipa> you need it because the signing step uses the binaries produced in the unsigned build step
481 2020-12-13T19:56:38  <jonasschnelli> yes
482 2020-12-13T19:57:42  <sipa> ugh
483 2020-12-13T19:57:44  <sipa> my patch fails
484 2020-12-13T19:58:08  <sipa> sorry i will test this more and get back
485 2020-12-13T19:58:15  <jonasschnelli> sipa: sure. No hurry
486 2020-12-13T19:58:36  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Remote host closed the connection)
487 2020-12-13T20:03:22  *** lontivero <lontivero!~lontivero@186.183.48.250> has quit IRC (Ping timeout: 260 seconds)
488 2020-12-13T20:04:24  <achow101> at this point it feels like the long term solution is to write our own codesigning tool
489 2020-12-13T20:04:58  *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
490 2020-12-13T20:06:07  <sipa> sounds like you're well on the way to do that :)
491 2020-12-13T20:06:18  <sipa> if you have a tool that can verify signatures, signing doesn't sound too far away
492 2020-12-13T20:06:41  <achow101> signing is probably 2 orders of magnitude harder than verification
493 2020-12-13T20:07:00  <achow101> the current unknown things being how to generate Info.plist, CodeResources file, and the internal requirements blob
494 2020-12-13T20:07:56  <jonasschnelli> achow101: fatal error: /home/jonasschnelli/bitcoin-depends2/depends/x86_64-apple-darwin20/native/bin/x86_64-apple-darwin20-codesign_allocate: size for '-a x86_64 258611375' not a multiple of 16
495 2020-12-13T20:08:08  <sipa> round up to a multiple of 16
496 2020-12-13T20:08:19  *** molz_ <molz_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 260 seconds)
497 2020-12-13T20:08:19  <jonasschnelli> stat -c %s signed-app/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
498 2020-12-13T20:08:23  <jonasschnelli> -> 26698160
499 2020-12-13T20:08:27  <achow101> oh, I totally forgot about that didn't I
500 2020-12-13T20:09:02  <jonasschnelli> ((((26698160 / 4096) + 1) * 32) + 50000) == 258611375
501 2020-12-13T20:09:21  <sipa> use 51200 instead of 50000
502 2020-12-13T20:09:26  *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has quit IRC (Ping timeout: 272 seconds)
503 2020-12-13T20:09:27  <sipa> 50*1024
504 2020-12-13T20:09:32  <sipa> or so
505 2020-12-13T20:09:36  <jonasschnelli> can I round up to 258611376?
506 2020-12-13T20:09:48  <jonasschnelli> 26698160 to
507 2020-12-13T20:09:48  <jonasschnelli> 258611376
508 2020-12-13T20:09:52  <jonasschnelli> ahm.. no
509 2020-12-13T20:10:03  <sipa> how do i see files inside lxc?
510 2020-12-13T20:10:10  <jonasschnelli> lxc-attach
511 2020-12-13T20:10:41  <sipa> hmm?
512 2020-12-13T20:11:06  <sipa> my build failed and it created a file with the rejected patch description
513 2020-12-13T20:11:11  <jonasschnelli> sudo lxc-attach -n gitian -f var/lxc.config
514 2020-12-13T20:11:20  <jonasschnelli> (and you should get a shell of your lxc container)
515 2020-12-13T20:11:33  <jonasschnelli> make sure you are in the gitian-builder dir
516 2020-12-13T20:11:52  <sipa> 1095 failed to get init pid
517 2020-12-13T20:12:02  <jonasschnelli> oh.. dunno
518 2020-12-13T20:12:26  <jonasschnelli> sudo lxc-start -n gitian -f var/lxc.config   (maybe that first)
519 2020-12-13T20:12:44  <sipa> thanks, works!
520 2020-12-13T20:13:28  *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has joined #bitcoin-core-dev
521 2020-12-13T20:16:25  <sipa> it just fails to apple the patch
522 2020-12-13T20:16:28  <sipa> that makes no sense
523 2020-12-13T20:16:51  <achow101> seems to be very apple-y
524 2020-12-13T20:17:15  <sipa> lol
525 2020-12-13T20:17:19  <sipa> that was a typo
526 2020-12-13T20:17:23  <jonasschnelli> achow101: still getting dist/Bitcoin-Qt.app: invalid or unsupported format for signature
527 2020-12-13T20:18:00  <jonasschnelli> (when manually apply the signature on linux with /detached-sig-apply.sh, adding the codesign_allocate thing and trying to sign again
528 2020-12-13T20:18:33  <achow101> do codesign_allocate first then detached sig apply?
529 2020-12-13T20:18:47  <jonasschnelli> no.
530 2020-12-13T20:18:51  <achow101> codesign_allocate might be overwriting the sig with 0s
531 2020-12-13T20:23:23  <jonasschnelli> achow101 the other way around work for signing...
532 2020-12-13T20:23:37  <jonasschnelli> (I mean for successful signing on my mac)
533 2020-12-13T20:23:43  <achow101> yay
534 2020-12-13T20:23:50  <jonasschnelli> dist/Bitcoin-Qt.app: replacing existing signature
535 2020-12-13T20:24:00  <achow101> this is such a stupid workaround
536 2020-12-13T20:24:37  <jonasschnelli> shall I try to use this detached signature to build the release?
537 2020-12-13T20:24:38  <achow101> to be clear, you did codesign-allocate with the overestimate, applied some other signature, then signed
538 2020-12-13T20:24:58  <achow101> yes, try that
539 2020-12-13T20:25:12  <jonasschnelli> yes...
540 2020-12-13T20:25:29  <jonasschnelli> I did: /home/jonasschnelli/bitcoin-depends2/depends/x86_64-apple-darwin20/native/bin/x86_64-apple-darwin20-codesign_allocate -i dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt -a x86_64 258611376 -o dist/Bitcoin-Qt.app/Contents/MacOS/Bitcoin-Qt
541 2020-12-13T20:25:46  <jonasschnelli> tar -czf bitcoin-0.21.0rc3-osx-unsigned.tar.gz ./
542 2020-12-13T20:26:04  <jonasschnelli> ./detached-sig-apply.sh bitcoin-0.21.0rc3-osx-unsigned.tar.gz ../bitcoin-detached-sigs/osx (<--- the git repo for the signatures)
543 2020-12-13T20:26:23  <sipa> ok it seems copy-pasting the "git diff" output introduced some space/tab changes...
544 2020-12-13T20:26:29  <achow101> jonasschnelli: awesome
545 2020-12-13T20:26:37  <jonasschnelli> let me 2bl check first
546 2020-12-13T20:27:49  <jonasschnelli> Yes. I think I have done that correctly
547 2020-12-13T20:28:19  <jonasschnelli> I mean I can just try to apply this signature I created on my mac no on linux with  ./detached-sig-apply.sh
548 2020-12-13T20:28:23  <jonasschnelli> right?
549 2020-12-13T20:28:27  <jonasschnelli> no need for gitian
550 2020-12-13T20:28:46  <sipa> i believe so
551 2020-12-13T20:28:55  <achow101> yea
552 2020-12-13T20:29:44  *** Talkless <Talkless!~Talkless@mail.dargis.net> has quit IRC (Quit: Konversation terminated!)
553 2020-12-13T20:32:36  *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has quit IRC (Ping timeout: 240 seconds)
554 2020-12-13T20:34:31  <sipa> jonasschnelli: ok gitian manages to compile native_cctools with my patch now
555 2020-12-13T20:34:48  <jonasschnelli> The dbl-signing approach seems not to work
556 2020-12-13T20:34:59  <sipa> if you want to try (if the other approach works, also fine of course)
557 2020-12-13T20:35:11  <achow101> jonasschnelli: how so?
558 2020-12-13T20:35:22  <jonasschnelli> What I did:
559 2020-12-13T20:35:50  <jonasschnelli> 1. I replace the signature in the detached-signtaure local repo with the one I just successfully did on my mac (after codesign_allocate on linux
560 2020-12-13T20:36:12  <jonasschnelli> 2. on linux, I executed      ./detached-sig-apply.sh bitcoin-0.21.0rc3-osx-unsigned-2.tar.gz ../bitcoin-detached-sigs/osx
561 2020-12-13T20:36:27  <jonasschnelli> (bitcoin-0.21.0rc3-osx-unsigned-2.tar.gz is from the rc3 release, unsigned, untouched)
562 2020-12-13T20:36:42  <jonasschnelli> (../bitcoin-detached-sigs/osx hold the new signature)
563 2020-12-13T20:37:04  <jonasschnelli> then downloaded signed-app/Bitcoin-Qt.app to my mac
564 2020-12-13T20:37:04  <achow101> jonasschnelli: for the final apply, you need to use the one that had the codesign-allocate and bad sig thing
565 2020-12-13T20:37:15  <jonasschnelli> achow101: ah...
566 2020-12-13T20:37:19  <jonasschnelli> okay.. let me try that
567 2020-12-13T20:38:50  <jonasschnelli> achow101: still getting /Users/jonasschnelli/Desktop/Bitcoin-Qt.app: invalid Info.plist (plist or signature have been modified)
568 2020-12-13T20:39:08  <jonasschnelli> Maybe I did something wrong...
569 2020-12-13T20:39:17  <jonasschnelli> let me upload some files so you can test it
570 2020-12-13T20:40:45  <achow101> you started with the original rc3?
571 2020-12-13T20:40:51  <jonasschnelli> https://bitcoin.jonasschnelli.ch/bitcoin-0.21.0rc3-osx-unsigned-dbl-sign.tar.gz   (<--- the 1. codesign_alloc, apply rc3 sig)
572 2020-12-13T20:43:00  <jonasschnelli> https://bitcoin.jonasschnelli.ch/signature-osx-dbl-sign.tar.gz (<--- the output from detach-sig-create on my mac which run successful on the output above)
573 2020-12-13T20:45:57  *** jeremyrubin <jeremyrubin!~jr@c-73-15-215-148.hsd1.ca.comcast.net> has quit IRC (Ping timeout: 260 seconds)
574 2020-12-13T20:46:05  <sipa> jonasschnelli: ok, gitian unsigned build with my patch works (which doesn't mean much, aS the codesign_allocate tool hasn't been invoked)
575 2020-12-13T20:46:32  <achow101> jonasschnelli: somehow the Info.plist hash doesn't match.
576 2020-12-13T20:46:58  <jonasschnelli> sipa: okay... I try that asap
577 2020-12-13T20:47:16  <achow101> jonasschnelli: I'm going to fixup my pr and I think we should try again from scratch
578 2020-12-13T20:47:25  <jonasschnelli> achow101: yes. Lets do that.
579 2020-12-13T20:47:33  *** twistedline <twistedline!~twisted@unaffiliated/twistedline> has joined #bitcoin-core-dev
580 2020-12-13T20:47:38  <jonasschnelli> I think I mixed up your PR with rc3 (different version numbers)
581 2020-12-13T20:47:44  <achow101> possible
582 2020-12-13T20:48:52  <jonasschnelli> okay.. gbuilding a4118c6e200e02e7560f8bc213697aa2909d95b1
583 2020-12-13T20:57:24  <jonasschnelli> I can't use the rc3 sig for the cctool patch test,.. since it's master now and has different version numbers.
584 2020-12-13T20:57:30  <jonasschnelli> So trying to sign independent
585 2020-12-13T20:58:30  <jonasschnelli> I hoped by deleting the cctools only in the cache, I can avoid rebuilding the whole dependencies.... but it looks like it builds everything again
586 2020-12-13T21:02:01  <jonasschnelli> I have to continue tomorrow (10pm here,... will start again in 11h)...
587 2020-12-13T21:26:24  *** ghost43 <ghost43!~daer@gateway/tor-sasl/daer> has joined #bitcoin-core-dev
588 2020-12-13T21:27:03  *** ghost43_ <ghost43_!~daer@gateway/tor-sasl/daer> has quit IRC (Ping timeout: 240 seconds)
589 2020-12-13T21:29:21  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has joined #bitcoin-core-dev
590 2020-12-13T21:32:00  *** Victorsueca <Victorsueca!~Victorsue@unaffiliated/victorsueca> has quit IRC (Ping timeout: 256 seconds)
591 2020-12-13T21:33:42  *** miketwenty1 <miketwenty1!~miketwent@136.55.84.49> has quit IRC (Ping timeout: 256 seconds)
592 2020-12-13T21:40:49  *** Pavlenex <Pavlenex!~Thunderbi@185.245.85.251> has quit IRC (Quit: Pavlenex)
593 2020-12-13T22:01:39  *** jesseposner <jesseposner!~jp@2601:643:8980:bfd2:3c52:ceaf:5e03:1c52> has joined #bitcoin-core-dev
594 2020-12-13T22:04:42  *** jessepos_ <jessepos_!~jp@2601:643:8980:bfd2:65bd:87f1:eb2b:e04e> has quit IRC (Ping timeout: 260 seconds)
595 2020-12-13T22:06:11  <achow101> updated wumpus's script to do hash checking https://gist.github.com/achow101/fef2415d99965de66ac083b54b83df6e
596 2020-12-13T22:14:03  *** k3tan <k3tan!~pi@gateway/tor-sasl/k3tan> has quit IRC (Ping timeout: 240 seconds)
597 2020-12-13T22:16:15  *** k3tan <k3tan!~pi@gateway/tor-sasl/k3tan> has joined #bitcoin-core-dev
598 2020-12-13T22:17:36  *** tripleslash <tripleslash!~triplesla@unaffiliated/imsaguy> has quit IRC (Ping timeout: 240 seconds)
599 2020-12-13T22:18:56  *** tripleslash <tripleslash!~triplesla@unaffiliated/imsaguy> has joined #bitcoin-core-dev
600 2020-12-13T22:24:06  *** molz_ <molz_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
601 2020-12-13T22:26:45  *** mol_ <mol_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
602 2020-12-13T22:37:35  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has joined #bitcoin-core-dev
603 2020-12-13T22:37:35  <bitcoin-git> [bitcoin] jonatack opened pull request #20646: p2p: do not disconnect post-verack sendaddrv2 on signet (master...signet-keep-post-verack-sendaddrv2-peers) https://github.com/bitcoin/bitcoin/pull/20646
604 2020-12-13T22:37:36  *** bitcoin-git <bitcoin-git!~bitcoin-g@x0f.org> has left #bitcoin-core-dev
605 2020-12-13T22:53:02  *** Guyver2 <Guyver2!Guyver@guyver2.xs4all.nl> has quit IRC (Remote host closed the connection)
606 2020-12-13T22:57:57  *** mol_ <mol_!~mol@unaffiliated/molly> has joined #bitcoin-core-dev
607 2020-12-13T23:00:57  *** molz_ <molz_!~mol@unaffiliated/molly> has quit IRC (Ping timeout: 240 seconds)
608 2020-12-13T23:07:14  <achow101> sipa: does your pr gitian build? I have a self signed cert so I can test codesigning now
609 2020-12-13T23:13:37  <sipa> achow101: yes
610 2020-12-13T23:13:56  <sipa> i did a gitian build of the unsigned stage myself