diff --git a/.version b/.version index e24c0eb9c09d..85ac303f4aef 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -v26.06 +v26.06.2 diff --git a/CHANGELOG.md b/CHANGELOG.md index 50679f0903ed..efdce2feab80 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,17 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## [26.06.2] - 2026-06-24: "Qantum-Resistant Lightning Channel III" + +This point release if recommended for all minimal OS setups, including docker images, that have no root certificates for TLS installed. + +### Fixed + + - cln-currencyrate: include root certificates to fix the `builder error` on OS's without root certificates. ([#9252]) + +[#9252]: https://github.com/ElementsProject/lightning/pull/9252 +[26.06.2]: https://github.com/ElementsProject/lightning/releases/tag/v26.06.2 + ## [26.06.1] - 2026-06-05: "Qantum-Resistant Lightning Channel II" This point release is recommended: it fixes the bwatch plugin failure at registration @@ -115,6 +126,17 @@ Note: You should always set `allow-deprecated-apis=false` to test for changes. [#9136]: https://github.com/ElementsProject/lightning/pull/9136 [26.06]: https://github.com/ElementsProject/lightning/releases/tag/v26.06 +## [26.04.2] - 2026-06-24: "Negative Routing Fees III" + +This point release if recommended for all minimal OS setups, including docker images, that have no root certificates for TLS installed. + +### Fixed + + - cln-currencyrate: include root certificates to fix the `builder error` on OS's without root certificates. ([9251]) + +[#9251]: https://github.com/ElementsProject/lightning/pull/9251 +[26.04.2]: https://github.com/ElementsProject/lightning/releases/tag/v26.04.2 + ## [26.04.1] - 2026-04-25: "Negative Routing Fees II" This point release is recommended: it fixes a build failure in some environments and a gossip protocol issue. diff --git a/Cargo.lock b/Cargo.lock index 1b2f97ede765..8523209bd698 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -438,6 +438,7 @@ dependencies = [ "serde", "serde_json", "tokio", + "webpki-roots 1.0.8", ] [[package]] @@ -2185,7 +2186,7 @@ dependencies = [ "wasm-bindgen", "wasm-bindgen-futures", "web-sys", - "webpki-roots", + "webpki-roots 0.25.4", "winreg", ] @@ -2198,6 +2199,7 @@ dependencies = [ "base64 0.22.1", "bytes", "futures-core", + "h2 0.4.15", "http 1.4.2", "http-body 1.0.1", "http-body-util", @@ -3584,6 +3586,15 @@ version = "0.25.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" +[[package]] +name = "webpki-roots" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf85cb06032201fa7c6f829d7db5a7e5aa45bcc0655327713065f6f0576731bf" +dependencies = [ + "rustls-pki-types", +] + [[package]] name = "winapi-util" version = "0.1.11" diff --git a/contrib/pyln-client/pyln/client/__init__.py b/contrib/pyln-client/pyln/client/__init__.py index c8867f8829fe..096ba0071859 100644 --- a/contrib/pyln-client/pyln/client/__init__.py +++ b/contrib/pyln-client/pyln/client/__init__.py @@ -4,7 +4,7 @@ from .gossmapstats import GossmapStats from .version import NodeVersion -__version__ = "v26.06" +__version__ = "v26.06.2" __all__ = [ "LightningRpc", diff --git a/contrib/pyln-client/pyproject.toml b/contrib/pyln-client/pyproject.toml index 262a46208747..115adefee996 100644 --- a/contrib/pyln-client/pyproject.toml +++ b/contrib/pyln-client/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "pyln-client" -version = "v26.06" +version = "v26.06.2" description = "Client library and plugin library for Core Lightning" authors = [{ name = "Christian Decker", email = "decker.christian@gmail.com" }] license = { text = "BSD-MIT" } diff --git a/contrib/pyln-proto/pyln/proto/__init__.py b/contrib/pyln-proto/pyln/proto/__init__.py index b527f897482b..376ef611098e 100644 --- a/contrib/pyln-proto/pyln/proto/__init__.py +++ b/contrib/pyln-proto/pyln/proto/__init__.py @@ -4,7 +4,7 @@ from .onion import OnionPayload, TlvPayload, LegacyOnionPayload from .wire import LightningConnection, LightningServerSocket -__version__ = "v26.06" +__version__ = "v26.06.2" __all__ = [ "Invoice", diff --git a/contrib/pyln-proto/pyproject.toml b/contrib/pyln-proto/pyproject.toml index 3a68d22dab76..e01378a45596 100644 --- a/contrib/pyln-proto/pyproject.toml +++ b/contrib/pyln-proto/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "pyln-proto" -version = "v26.06" +version = "v26.06.2" description = "This package implements some of the Lightning Network protocol in pure python. It is intended for protocol testing and some minor tooling only. It is not deemed secure enough to handle any amount of real funds (you have been warned!)." authors = [ {name = "Christian Decker", email = "decker.christian@gmail.com"} diff --git a/contrib/pyln-testing/pyln/testing/__init__.py b/contrib/pyln-testing/pyln/testing/__init__.py index 2ce0cfdfa623..b6057636f040 100644 --- a/contrib/pyln-testing/pyln/testing/__init__.py +++ b/contrib/pyln-testing/pyln/testing/__init__.py @@ -1,4 +1,4 @@ -__version__ = "v26.06" +__version__ = "v26.06.2" __all__ = [ "__version__", diff --git a/contrib/pyln-testing/pyproject.toml b/contrib/pyln-testing/pyproject.toml index a3551df71825..e6b1a0cc71c8 100644 --- a/contrib/pyln-testing/pyproject.toml +++ b/contrib/pyln-testing/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "pyln-testing" -version = "v26.06" +version = "v26.06.2" description = "Test your Core Lightning integration, plugins or whatever you want" authors = [{ name = "Christian Decker", email = "decker.christian@gmail.com" }] license = { text = "BSD-MIT" } diff --git a/plugins/currencyrate-plugin/Cargo.toml b/plugins/currencyrate-plugin/Cargo.toml index 974fac7ffd82..29521635c2ee 100644 --- a/plugins/currencyrate-plugin/Cargo.toml +++ b/plugins/currencyrate-plugin/Cargo.toml @@ -22,6 +22,7 @@ reqwest = { version = "0.13", default-features = false, features = [ "rustls-no-provider", "socks", "json", + "http2", ] } rustls = { version = "0.23", default-features = false, features = [ "logging", @@ -29,6 +30,7 @@ rustls = { version = "0.23", default-features = false, features = [ "std", "ring", ] } +webpki-roots = "1" futures = "0.3" diff --git a/plugins/currencyrate-plugin/src/main.rs b/plugins/currencyrate-plugin/src/main.rs index 8057dfd06227..c35c59bb42fe 100644 --- a/plugins/currencyrate-plugin/src/main.rs +++ b/plugins/currencyrate-plugin/src/main.rs @@ -94,17 +94,27 @@ median from currencyrates results", let proxy = match check_proxy_config(&plugin).await { Ok(o) => o, - Err(e) => return plugin.disable(&e.to_string()).await, + Err(e) => { + return plugin.disable(&format!("Error in proxy config: {e}")).await; + } }; let sources = match gather_sources(&plugin, proxy.is_some()) { Ok(o) => o, - Err(e) => return plugin.disable(&e.to_string()).await, + Err(e) => { + return plugin + .disable(&format!("Error in sources config: {e}")) + .await; + } }; let price_oracle = match BtcPriceOracle::new(proxy, sources) { Ok(o) => o, - Err(e) => return plugin.disable(&e.to_string()).await, + Err(e) => { + return plugin + .disable(&format!("Error creating price oracle: {e}")) + .await; + } }; let plugin_state = PluginState { diff --git a/plugins/currencyrate-plugin/src/oracle.rs b/plugins/currencyrate-plugin/src/oracle.rs index c2983deae405..19b36110aca3 100644 --- a/plugins/currencyrate-plugin/src/oracle.rs +++ b/plugins/currencyrate-plugin/src/oracle.rs @@ -2,6 +2,7 @@ use anyhow::anyhow; use futures::future::join_all; use reqwest::header::{HeaderMap, HeaderValue, USER_AGENT}; use reqwest::{Client, Proxy}; +use rustls::ClientConfig; use serde_json::Value; use std::cmp::Reverse; use std::collections::HashMap; @@ -254,9 +255,17 @@ impl BtcPriceOracle { let mut headers = HeaderMap::new(); headers.insert(USER_AGENT, HeaderValue::from_static("cln-currencyrate")); + let root_store = rustls::RootCertStore { + roots: webpki_roots::TLS_SERVER_ROOTS.to_vec(), + }; + + let tls = ClientConfig::builder() + .with_root_certificates(root_store) + .with_no_client_auth(); + let mut client = Client::builder() .default_headers(headers) - .tls_backend_rustls() + .tls_backend_preconfigured(tls) .timeout(SOURCE_TIMEOUT_SECS) .pool_max_idle_per_host(5); @@ -267,7 +276,9 @@ impl BtcPriceOracle { client = client.proxy(proxy); } - let client = client.build()?; + let client = client + .build() + .map_err(|e| anyhow!("HTTP client failed to build: {:?}", e.source()))?; let mut map = HashMap::new(); for s in sources { diff --git a/tools/reckless b/tools/reckless index 529579f3ab92..450c2f4b231c 100755 --- a/tools/reckless +++ b/tools/reckless @@ -21,7 +21,7 @@ from urllib.error import HTTPError import venv -__VERSION__ = 'v26.06' +__VERSION__ = 'v26.06.2' logging.basicConfig( level=logging.INFO, diff --git a/uv.lock b/uv.lock index 73d417384eae..e8a6fc0102fa 100644 --- a/uv.lock +++ b/uv.lock @@ -1392,7 +1392,7 @@ dev = [{ name = "pyln-proto", editable = "contrib/pyln-proto" }] [[package]] name = "pyln-client" -version = "26.6" +version = "26.6.2" source = { editable = "contrib/pyln-client" } dependencies = [ { name = "pyln-bolt7" }, @@ -1450,7 +1450,7 @@ dev = [ [[package]] name = "pyln-proto" -version = "26.6" +version = "26.6.2" source = { editable = "contrib/pyln-proto" } dependencies = [ { name = "base58" }, @@ -1479,7 +1479,7 @@ dev = [{ name = "pytest", specifier = ">=8.0.0" }] [[package]] name = "pyln-testing" -version = "26.6" +version = "26.6.2" source = { editable = "contrib/pyln-testing" } dependencies = [ { name = "cheroot" },