- fdroid maintainers asked that releases use fixed forks of p4a and buildozer,
so now we use the newly created forks in the spesmilo org. I plan to keep using
my existing contributor-specific repos for development, but whatever we push
to electrum master, should use the new spesmilo/ forks.
see https://gitlab.com/fdroid/fdroiddata/-/merge_requests/15858#note_2136345746
- Also, I added branch protection rules for branches named "electrum_*", so if
we name the branches that are actually used in releases as such, we won't
accidentally force-push them. (ref https://github.com/spesmilo/electrum/issues/8162)
I think we can just create a new branch whenever we would want to force-push
the existing one.
- also factored out some parameters so that it is easier to programmatically
access them from the fdroid build script.
see https://gitlab.com/fdroid/fdroiddata/-/merge_requests/15858#note_2136094409
Looks like upstream key file changed. Still the same crypto key, just updated expiration date.
```
$ sha256sum winehq_20*
78b185fabdb323971d13bd329fefc8038e08559aa51c4996de18db0639a51df6 *winehq_2019.key
d965d646defe94b3dfba6d5b4406900ac6c81065428bf9d9303ad7a72ee8d1b8 *winehq_2024.key
$ gpg winehq_2019.key
gpg: WARNING: no command supplied. Trying to guess what you mean ...
pub rsa3072 2018-12-10 [SC]
D43F640145369C51D786DDEA76F1A20FF987672F
uid WineHQ packages <wine-devel@winehq.org>
sub rsa3072 2018-12-10 [E] [expired: 2020-12-09]
$ gpg winehq_2024.key
gpg: WARNING: no command supplied. Trying to guess what you mean ...
pub rsa3072 2018-12-10 [SC]
D43F640145369C51D786DDEA76F1A20FF987672F
uid WineHQ packages <wine-devel@winehq.org>
sub rsa3072 2018-12-10 [E]
```
Co-authored-by: SomberNight <somber.night@protonmail.com>
Use our own logic to go from ELECTRUM_VERSION to numeric android versionCode,
instead of using the default conversion done by python-for-android.
Even before this, we were already patching p4a to modify their logic (see [0]).
This commit changes that logic again, and moves it into a separate script in our repo.
- calculation change is due to the f-droid maintainers asking for the
arch code to be in the least significant digits (instead of most sig digits) (see [1])
I have pushed and changed to a new p4a branch, which is just a copy of the previous one
with 3 commits related to versionCode calc squashed.
[0]: edb7e4fe6d
[1]: https://github.com/spesmilo/electrum/issues/9210#issuecomment-2380559324
To comply with new google play store requirement:
> Starting August 31 2024:
> - New apps and app updates must target Android 14 (API level 34) or higher to be submitted to Google Play
AFAICS, we do not need to adapt to any of the changes.
https://developer.android.com/about/versions/14/behavior-changes-14
I noticed that when running from source on macOS, the OS menubar has an "About Python" menu item,
instead of an "About Electrum" menu item. I tried to fix that by this, but actually it is not working :P
Nevertheless, this looks useful at least on Linux and Windows. E.g. when instantiating a new dialog
without an explicit title, the qt application name is used as default.
The application name, without this change AFAICS was already "Electrum" when running any of the binaries.
However when running from source, it was in some cases "python" or "run_electrum" or even "electrum-4"
(depending on OS and how the main script is started).
Now it is consistent -- except on macOS it still is not, as there it really wants to look for a .plist...
In some cases this makes it much easier to successfully scan a QR code.
I was trying to scan a PSBT using a laptop camera from my phone screen for 2 minutes, until I realised the screen brightness was the issue. o.O
- between the Back btn and the Next btn, the latter should have priority for focus
- but if the user needs to enter the wallet password, that textedit should have focus
closes https://github.com/spesmilo/electrum/issues/9157
related c6802adbae
The history tab would show an incorrect feerate for partial/unsigned (local) txs,
if they had any p2sh/p2wsh txins. We would just guess the script is p2wpkh, and
use that for the size calc. Now with calling add_info_from_wallet, the correct
size is used to calculate the feerate.
(The gui tx dialogs call add_info_from_wallet independently, so the size/feerate
shown there were already correct.)
The messages are sometimes logged and sometimes shown to the user,
- for logging we might not want to truncate or have higher limits,
- but when shown to the user, we definitely want to truncate the error text.
It is simplest to just do the truncation here, at the lowest level.
Note that we usually prepend the error text with a header e.g. "[DO NOT TRUST THIS MESSAGE]"
and if the error text is too long, this header at the beginning might get "lost" in some way.
Hence we should truncate the error text.
Some functions have an argument named "seed_type" in which it was annoying to call the seed_type() fn.
(especially for functions inside the same module)
```
./tests/test_mnemonic.py:249:9: B017 `assertRaises(Exception)` and `pytest.raises(Exception)` should be considered evil. They can lead to your test passing even if the code being tested is never executed due to a typo. Assert for a more specific exception (builtin or custom), or use `assertRaisesRegex` (if using `assertRaises`), or add the `match` keyword argument (if using `pytest.raises`), or use the context manager form with a target.
with self.assertRaises(Exception):
^
1 B017 `assertRaises(Exception)` and `pytest.raises(Exception)` should be considered evil. They can lead to your test passing even if the code being tested is never executed due to a typo. Assert for a more specific exception (builtin or custom), or use `assertRaisesRegex` (if using `assertRaises`), or add the `match` keyword argument (if using `pytest.raises`), or use the context manager form with a target.
```
Previously when encountering a CA-signed cert that failed verification with "Hostname mismatch",
we would
1. erroneously mark it as self-signed
2. save its cert to pin it
3. when connecting to it later, and being served a CA-signed cert, we would reject the connection
- I think this is because we use the saved cert (the peer cert, just the last cert in the chain) as if it was a root CA,
and then during the connection we try to verify against that root. This fails as we are served a different root then.
Error logged in step(3):
```
3.85 | W | i/interface.[wirg2tsto7rme7n26lkd3ivbvxmjyy2pktlozwjuep22jcsfsghfqbqd.onion:50002] | Cannot connect to main server due to SSL error (maybe cert changed compared to "/home/user/.electrum/testnet/certs/wirg2tsto7rme7n26lkd3ivbvxmjyy2pktlozwjuep22jcsfsghfqbqd.onion"). Exc: ConnectError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1007)'))
```
This commit fixes step(1), we won't mark the cert as self-signed, instead the error is propagated out and the connection closed.
```
35.05 | I | i/interface.[wirg2tsto7rme7n26lkd3ivbvxmjyy2pktlozwjuep22jcsfsghfqbqd.onion:50002] | disconnecting due to: ErrorGettingSSLCertFromServer(ConnectError(SSLCertVerificationError(1, "[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'wirg2tsto7rme7n26lkd3ivbvxmjyy2pktlozwjuep22jcsfsghfqbqd.onion'. (_ssl.c:1007)")))
```
Compare:
- SSLCertVerificationError(1, "[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'wirg2tsto7rme7n26lkd3ivbvxmjyy2pktlozwjuep22jcsfsghfqbqd.onion'. (_ssl.c:1007)")
- verify_code=62
- SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1007)')
- verify_code=18
Note: the verify_code constants look stable, though they might be openssl-specific. I guess that's ok(?)
140540189c/include/openssl/x509_vfy.h.in (L224)
