mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-12-01 08:24:21 +01:00
6e21dedbf2
40e5f26a3fmapport: remove dead code in DispatchMapPort (Antoine Poinsot)38fdf7c1fbmapport: drop outdated comments (Antoine Poinsot)b7b2435290doc: add release note for #31130 (Antoine Poinsot)1b6dec98dadepends: drop miniupnpc (Antoine Poinsot)953533d021doc: remove mentions of UPnP (Antoine Poinsot)94ad614482ci: remove UPnP options (Antoine Poinsot)a9598e5eaabuild: drop miniupnpc dependency (Antoine Poinsot)a5fcfb7385interfaces: remove now unused 'use_upnp' arg from 'mapPort' (Antoine Poinsot)038bbe7b20daemon: remove UPnP support (Antoine Poinsot)844770b05eqt: remove UPnP settings (Antoine Poinsot) Pull request description: This PR removes UPnP IGD support and drops our [miniupnp](https://github.com/miniupnp/miniupnp) dependency. Miniupnpc is a C library (somewhat) maintained by a single person which had several vulnerabilities in the past (a couple dozens are listed [here](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=miniupnp)), some of which directly affected our software ([RCE in 2015](https://bitcoincore.org/en/2024/07/03/disclose_upnp_rce/), [OOM in 2020](https://bitcoincore.org/en/2024/07/31/disclose-upnp-oom/)). The main purpose of this functionality is to have more (non-data-center) reachable nodes on the network. For a non-technical user running Bitcoin Core at home, the software would automatically open a port on their router to receive incoming connections. This way, users not able to manually open a port on their router would still provide the network with more resources and enhance its diversity. However, due to past vulnerabilities (and a worry about unknown future ones) in miniupnpc this feature was disabled by default in https://github.com/bitcoin/bitcoin/pull/6795. Having it disabled by default kills (most of?) the purpose of having this functionality in the first place: someone technical enough to understand the `-upnp` startup option or the "enable UPnP" setting is most likely able to open a port on his box in the first place. In addition, laanwj implemented PCP with a NAT-PMP fallback directly in Bitcoin Core in https://github.com/bitcoin/bitcoin/pull/30043. If we ever want to re-enable automatic NAT traversal by default in Bitcoin Core, this is the best option (and in my opinion the only sane one). The NAT-PMP fallback makes it so compatibility shouldn't be (much of) an issue. On balance, i believe that keeping this functionality and this barely maintained C dependency has higher costs than benefits. Therefore i propose that we get rid of it. ACKs for top commit: jarolrod: ACK40e5f26a3f1440000bytes: Code Review ACK40e5f26a3flaanwj: Code review ACK40e5f26a3fi-am-yuvi: Tested ACK40e5f26a3fTree-SHA512: 9ea48662775510f5ec6de7af65790f7c8d211603398e9d8c634a86387be81b28081419a95b4d6680d3d7fe6a9f16cec99f16516548201dc7e49781909899a657
Usage
To build dependencies for the current arch+OS:
make
To build for another arch/OS:
make HOST=host-platform-triplet
For example:
make HOST=x86_64-w64-mingw32 -j4
When configuring Bitcoin Core, CMake by default will ignore the depends output. In
order for it to pick up libraries, tools, and settings from the depends build,
you must specify the toolchain file.
In the above example, a file named depends/x86_64-w64-mingw32/toolchain.cmake will be
created. To use it during configuring Bitcoin Core:
cmake -B build --toolchain depends/x86_64-w64-mingw32/toolchain.cmake
Common host-platform-triplets for cross compilation are:
i686-pc-linux-gnufor Linux x86 32 bitx86_64-pc-linux-gnufor Linux x86 64 bitx86_64-w64-mingw32for Win64x86_64-apple-darwinfor macOSarm64-apple-darwinfor ARM macOSarm-linux-gnueabihffor Linux ARM 32 bitaarch64-linux-gnufor Linux ARM 64 bitpowerpc64-linux-gnufor Linux POWER 64 bit (big endian)powerpc64le-linux-gnufor Linux POWER 64 bit (little endian)riscv32-linux-gnufor Linux RISC-V 32 bitriscv64-linux-gnufor Linux RISC-V 64 bits390x-linux-gnufor Linux S390X
The paths are automatically configured and no other options are needed.
Install the required dependencies: Ubuntu & Debian
Common
apt install bison cmake curl make patch pkg-config python3 xz-utils
For macOS cross compilation
apt install clang lld llvm g++ zip
Clang 18 or later is required. You must also obtain the macOS SDK before
proceeding with a cross-compile. Under the depends directory, create a
subdirectory named SDKs. Then, place the extracted SDK under this new directory.
For more information, see SDK Extraction.
For Win64 cross compilation
apt install g++-mingw-w64-x86-64-posix
For linux (including i386, ARM) cross compilation
Common linux dependencies:
sudo apt-get install g++-multilib binutils
For linux ARM cross compilation:
sudo apt-get install g++-arm-linux-gnueabihf binutils-arm-linux-gnueabihf
For linux AARCH64 cross compilation:
sudo apt-get install g++-aarch64-linux-gnu binutils-aarch64-linux-gnu
For linux POWER 64-bit cross compilation (there are no packages for 32-bit):
sudo apt-get install g++-powerpc64-linux-gnu binutils-powerpc64-linux-gnu g++-powerpc64le-linux-gnu binutils-powerpc64le-linux-gnu
For linux RISC-V 64-bit cross compilation (there are no packages for 32-bit):
sudo apt-get install g++-riscv64-linux-gnu binutils-riscv64-linux-gnu
For linux S390X cross compilation:
sudo apt-get install g++-s390x-linux-gnu binutils-s390x-linux-gnu
Install the required dependencies: FreeBSD
pkg install bash
Install the required dependencies: NetBSD
pkgin install bash gmake
Install the required dependencies: OpenBSD
pkg_add bash gmake gtar
Dependency Options
The following can be set when running make: make FOO=bar
SOURCES_PATH: Downloaded sources will be placed hereBASE_CACHE: Built packages will be placed hereSDK_PATH: Path where SDKs can be found (used by macOS)FALLBACK_DOWNLOAD_PATH: If a source file can't be fetched, try here before giving upC_STANDARD: Set the C standard version used. Defaults toc11.CXX_STANDARD: Set the C++ standard version used. Defaults toc++20.NO_BOOST: Don't download/build/cache BoostNO_LIBEVENT: Don't download/build/cache LibeventNO_QT: Don't download/build/cache Qt and its dependenciesNO_QR: Don't download/build/cache packages needed for enabling qrencodeNO_ZMQ: Don't download/build/cache packages needed for enabling ZeroMQNO_WALLET: Don't download/build/cache libs needed to enable the walletNO_BDB: Don't download/build/cache BerkeleyDBNO_SQLITE: Don't download/build/cache SQLiteNO_USDT: Don't download/build/cache packages needed for enabling USDT tracepointsMULTIPROCESS: Build libmultiprocess (experimental)DEBUG: Disable some optimizations and enable more runtime checkingHOST_ID_SALT: Optional salt to use when generating host package idsBUILD_ID_SALT: Optional salt to use when generating build package idsLOG: Use file-based logging for individual packages. During a package build its log file resides in thedependsdirectory, and the log file is printed out automatically in case of build error. After successful build log files are moved along with package archivesLTO: Enable options needed for LTO. Does not add-fltorelated options to *FLAGS.NO_HARDEN=1: Don't use hardening options when building packages
If some packages are not built, for example make NO_WALLET=1, the appropriate CMake cache
variables will be set when generating the Bitcoin Core buildsystem. In this case, -DENABLE_WALLET=OFF.
Additional targets
download: run 'make download' to fetch all sources without building them
download-osx: run 'make download-osx' to fetch all sources needed for macOS builds
download-win: run 'make download-win' to fetch all sources needed for win builds
download-linux: run 'make download-linux' to fetch all sources needed for linux builds
Other documentation
- description.md: General description of the depends system
- packages.md: Steps for adding packages