<vasild>
hebasto: I can't comment on https://github.com/bitcoin-core/gui/issues/567 or https://github.com/bitcoin-core/gui/pull/569 "This conversation has been locked and limited to collaborators", thus commenting here: I can't reproduce the new issue. If I disable "allow incoming" from the GUI, then "listen": false is saved in datadir/settings.json and after restart bitcoin-qt starts ok and there is
<vasild>
InitParameterInteraction: parameter interaction: -listen=0 -> setting -listenonion=0 in debug.log
<hebasto>
re "how to reproduce" -- exactly as it was stated in the top post; (1) disable "Allow incoming connections" in the GUI and (2) set `listenonion=1` in the `bitcoin.conf`
<vasild>
aha, I can reproduce, this requires and explicit listenonion=1 in bitcoin.conf
<vasild>
Do I remember correctly that settings.json is supposed to override bitcoin.conf? That is, for example, if there is listen=1 in bitcoin.conf and "listen": false in settings.json, then bitcoin core should not be listening?
<hebasto>
vasild: `settings.json` values take precedence over `bitcoin.conf` values
<vasild>
right, so with listenonion=1 in bitcoin.conf and "listen": false in settings.json, then it should flip listenonion to 0
<bitcoin-git>
[bitcoin] jessebarton opened pull request #29481: doc: Update OpenBSD build docs to 7.4 and added link to the depends/R… (master...update-openbsd-build-docs) https://github.com/bitcoin/bitcoin/pull/29481
<bitcoin-git>
guix.sigs/main c17130c Oliver Gugger: Add attestations by guggero for 26.1rc1 codesigned
<bitcoin-git>
guix.sigs/main 0779abc fanquake: Merge pull request #1031 from guggero/guggero-26.1rc1-signed
andytoshi has quit [Ping timeout: 268 seconds]
kevkevin has quit [Ping timeout: 246 seconds]
Guest73 has joined #bitcoin-core-dev
Guest73 has quit [Client Quit]
jadi has quit [Ping timeout: 272 seconds]
kevkevin has joined #bitcoin-core-dev
dongcarl1 has joined #bitcoin-core-dev
dongcarl has quit [Ping timeout: 255 seconds]
dongcarl1 is now known as dongcarl
rbatty has joined #bitcoin-core-dev
_andrewtoth_ has quit [Quit: Leaving]
jadi has joined #bitcoin-core-dev
jadi has quit [Ping timeout: 252 seconds]
willcl-ark has joined #bitcoin-core-dev
willcl-ark has quit [Changing host]
willcl-ark has joined #bitcoin-core-dev
andytoshi has joined #bitcoin-core-dev
<bitcoin-git>
[bitcoin] hebasto closed pull request #29196: ci: Do not set inane value for `LD_LIBRARY_PATH` (master...240107-ldlibpath) https://github.com/bitcoin/bitcoin/pull/29196
<Flow>
We had a lengthy discussion in Gentoo about how to verify the bitcoin-core source tarball via OpenPGP. How is it ensured that https://bitcoincore.org/bin/bitcoin-core-26.0/bitcoin-26.0.tar.gz, which get signed as part of SHA256SUM.asc, conforms to the source code tag v26.0?
<Flow>
CC darosior
<achow101>
Flow: it is constructed deterministically using guix, as we do for the binaries too
<Flow>
achow101: you don't happen to have a link to the code deterministically constructing the tarball? I guess I am trying to close the gap between the v26.0 tag and the source tarball under https://bitcoincore.org/bin/
<Flow>
allright, so it's done via git-archive, not unexpected
<achow101>
the way to verify would be to checkout the tag and do the build yourself, and verify you get the same results as published
<Flow>
just to double check if what I think happens is actually what happens: a group of peopole individually runs this guix-build script based on, say, the v26.0 tag and they later compare that their outputs, including the source tarball, are identical
<bitcoin-git>
guix.sigs/main af79aa6 Sjors Provoost: Add sjors attestations for v25.2rc1
<bitcoin-git>
guix.sigs/main 5e488dd fanquake: Merge pull request #1033 from Sjors/25.2rc1-sjors
<achow101>
and then one of the website admins uploads their own results + everyone's signatures over the shasums, whenever that person feels like there were enough people who did the build and signed
<achow101>
the signatures from the repo are the ones that make the final sha256sums.asc
<achow101>
and everyone who adds a signature to that repo must also add their key
<achow101>
oh sorry, I thought you were talking about guix.sigs
<achow101>
trusted-keys is different
<Flow>
right :)
<Flow>
bascially we'd would really like to have trust anchor from tags to the source tarball
<achow101>
it's kind of an accident, the maintainers tend to be the people who are also most involved in doing releases
<achow101>
you can generally depend upon at least one of the people in trusted-keys to have a signature in the release
jadi has quit [Ping timeout: 268 seconds]
realies9 has joined #bitcoin-core-dev
<Flow>
achow101: thanks, that was already very helpful
Anth0mk- has joined #bitcoin-core-dev
rolf has quit [Ping timeout: 240 seconds]
<Flow>
however, I fear we would need a more-or-less stable key signing the tags also signing the source tarball to enable openpgp-based authentication of the source tarball in Gentoo. That said, since Gentoo does pin the source tarballs hash anyways, the additional gain in security wouldn't be that much (although, always nice to have it)
freedomcode has joined #bitcoin-core-dev
rolf has joined #bitcoin-core-dev
<achow101>
the person who signs the git tag is very likely to also sign the source tarball, I don't think there's been an instance where that hasn't been the case
<achow101>
however the person who creates and signs the tag may not be the same for all tags
rolf has quit [Max SendQ exceeded]
<achow101>
we're starting to experiment with having different "release managers"
<Flow>
darosior: even though I could totally understand you not wanting to comment further on the PR, feel free to add the information how the source tarball is authenticated. IMHO this was one of the major pain points people had with the PR, leading to statements like that the source attestation doesn't actually attest that the source tarball conforms to the git tag
<achow101>
yes, the current idea is limited to those people
<achow101>
as it obviously requires pushing a tag, which only those people can do
jadi_ has joined #bitcoin-core-dev
amiti_ has joined #bitcoin-core-dev
fanquake has joined #bitcoin-core-dev
aureleoules has joined #bitcoin-core-dev
Lightsword has joined #bitcoin-core-dev
kvaciral[m] has joined #bitcoin-core-dev
jadi has quit [Ping timeout: 252 seconds]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
jadi has joined #bitcoin-core-dev
rolf1 has joined #bitcoin-core-dev
jadi_ has quit [Ping timeout: 255 seconds]
Talkless has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
bugs_ has joined #bitcoin-core-dev
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
rolf1 has quit [Max SendQ exceeded]
rolf1 has joined #bitcoin-core-dev
mudsip has joined #bitcoin-core-dev
mudsip has quit [Client Quit]
mudsip has joined #bitcoin-core-dev
mudsip has quit [Client Quit]
rolf1 has quit [Ping timeout: 256 seconds]
rolf1 has joined #bitcoin-core-dev
jadi_ has joined #bitcoin-core-dev
jadi has quit [Ping timeout: 255 seconds]
jadi_ has quit [Ping timeout: 240 seconds]
jadi has joined #bitcoin-core-dev
jadi has quit [Ping timeout: 272 seconds]
pablomartin4btc has quit [Ping timeout: 260 seconds]
jadi has joined #bitcoin-core-dev
brunoerg has quit [Remote host closed the connection]
Talkless has quit [Ping timeout: 252 seconds]
brunoerg has joined #bitcoin-core-dev
jadi has quit [Ping timeout: 256 seconds]
brunoerg has quit [Ping timeout: 264 seconds]
jadi has joined #bitcoin-core-dev
jadi has quit [Ping timeout: 264 seconds]
<bitcoin-git>
[bitcoin] mzumsande opened pull request #29483: test, ci: add --v1transport option, add --v2transport to a CI task (master...202402_run_v2_in_ci) https://github.com/bitcoin/bitcoin/pull/29483
brunoerg has joined #bitcoin-core-dev
jadi has joined #bitcoin-core-dev
jadi has quit [Ping timeout: 260 seconds]
<bitcoin-git>
[bitcoin] theuni opened pull request #29484: serialization: replace char-is-int8_t autoconf detection with c++20 concept (master...serialization-concept) https://github.com/bitcoin/bitcoin/pull/29484
<cfields>
^^ anyone happen to know if we've forbidden c++20 concept in our codebase due to compiler/libc constraints?
<cfields>
*concepts
<_aj_>
cfields: serialize.h has some concepts
<cfields>
oh!
<cfields>
huh, it didn't include the header
<_aj_>
they're very simple concepts :)
<cfields>
_aj_: well that answers my question. I was even hacking in the same file and missed it, heh.
<cfields>
thanks!
<_aj_>
cfields: checkout span.h's BasicByte as well, might be related to what you're doing?
<cfields>
_aj_: are you just trying to point out how badly my grepping failed me? :)
jadi has joined #bitcoin-core-dev
<_aj_>
cfields: not deliberately!
<cfields>
hehe
jadi has quit [Read error: Connection reset by peer]