- this patch enables several new GCC compiler hardening options that
allows us to increase the security of our binaries (see:
https://wiki.debian.org/Hardening)
-D_FORTIFY_SOURCE=2:
Enables compile-time protection against static sized buffer overflows.
-Wl,-z,relro -Wl,-z,now:
Enables full RELRO (RELocation Read-Only), which is a generic mitigation
technique to harden the data sections of an ELF binary/process. See:
http://isisblogs.poly.edu/2011/06/01/relro-relocation-read-only/ for
further details.
This patch currently excludes our Windows executable!
- change to use -fstack-protector-all
- the minimum size of buffers (i.e. arrays) that will receive stack
smashing protection was changed to 1 byte (GCC default: 8)
- warn about functions that will not be protected against stack
smashing by adding -Wstack-protector
- add version information to bitcoin-qt.rc, which is displayed on Windows, when looking in the executable properties and selecting "Details"
- introduce a new clientversion.h (used in bitcoin-qt.rc to generate
version information), which takes only the version defines from
version.h and is included in it (to allow usage with the windres rc-file
compiler)
- move #define STRINGIFY(s) #s into clientversion.h as that is used in
bitcoin-qt.rc and rename to DO_STRINGIZE(X)
- add #define STRINGIZE(X) DO_STRINGIZE(X), which is needed to convert the
version defines into a version string in the rc-file
- this ensures we only need to update 1 file and have bitcoin-qt.exe
version information
- for RC-file documentation see:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa381058%28v=vs.85%29.aspx
- for extra security on Windows: enable ASLR and DEP via GCC linker flags
GCC linker flag description:
--dynamicbase The image base address may be relocated using address space layout randomization (ASLR). This feature was introduced with MS Windows Vista for i386 PE targets.
--nxcompat The image is compatible with the Data Execution Prevention.
This feature was introduced with MS Windows XP SP2 for i386 PE targets.
- add UI-feedback via QValidatedLineEdit
- copy button for generated signature was moved to the signature output field
- add an addressbook button to verify message tab
- input fields are now evenly ordered for sign and verify tabs
- update FIRST_CLASS_MESSAGING support to ensure a good UX
- add a button and context menu entry in addressbook for verify message (to be consistent with sign message)
- focus is now only set/changed, when clearing input fields or adding an address via addressbook
- re-work / update some strings
- ensure model gets initialized in the SignVerifyMessageDialog constructor
- add checks for a valid model to both addressbook buttons
- remove unneeded includes for Qt GUI elements that are listed in ui_signverifymessagedialog.h anyway
Implement listunspent / getrawtransaction / createrawtransaction /
signrawtransaction, to support creation and
signing-on-multiple-device multisignature transactions.
- extend network options with a SOCKS version selection
- changing "Unit to show amounts in:" now also updates the unit used in the transaction fee box
- string updates
- link Apply button and OK button when enabling or disabling them
- use LookupNumeric() from netbase to verify proxy address (via an EventFilter)
- change proxy address field to QValidatedLineEdit and add visual feedback
- add a status label used for displaying a message for invalid proxy addresses
- allow usage of IPv6 address as proxy address
- added warning message when enabling / disabling SOCKS proxy
- Generate *.qm only when needed (and when qmake is run), this avoids a long qrc compile and link step every time
- Generate build.h every time, but only trigger link when it changed (like makefile.unix)
This will make bitcoin relay valid routable IPv6 addresses, and when
USE_IPV6 is enabled, listen on IPv6 interfaces and attempt connections
to IPv6 addresses.
For Qt builds, the build.h file is moved to build/build.h. For regular
builds, it is moved to obj/build.h. This allows the Qt build to be done
in a different directory than the source, and without interfering with
other builds.