diff --git a/.version b/.version index 1936918c15b0..85ac303f4aef 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -v26.06.1 +v26.06.2 diff --git a/CHANGELOG.md b/CHANGELOG.md index 50679f0903ed..6d2ca698442e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). -## [26.06.1] - 2026-06-05: "Qantum-Resistant Lightning Channel II" +## [26.06.2] - 2026-06-25: "Quantum-Resistant Lightning Channel II" + +This point release if recommended for all minimal OS setups, including docker images, that have no root certificates for TLS installed. + +### Fixed + + - cln-currencyrate: include root certificates to fix the `builder error` on OS's without root certificates. ([#9252]) + +[#9252]: https://github.com/ElementsProject/lightning/pull/9252 +[26.06.2]: https://github.com/ElementsProject/lightning/releases/tag/v26.06.2 + +## [26.06.1] - 2026-06-05: "Quantum-Resistant Lightning Channel I" This point release is recommended: it fixes the bwatch plugin failure at registration @@ -15,7 +26,6 @@ This point release is recommended: it fixes the bwatch plugin failure at registr [(#9192)]: https://github.com/ElementsProject/lightning/pull/9192 [26.06.1]: https://github.com/ElementsProject/lightning/releases/tag/v26.06.1 - ## [26.06] - 2026-06-01: "Quantum-Resistant Lightning Channel" This release was named by @enaples. @@ -115,7 +125,18 @@ Note: You should always set `allow-deprecated-apis=false` to test for changes. [#9136]: https://github.com/ElementsProject/lightning/pull/9136 [26.06]: https://github.com/ElementsProject/lightning/releases/tag/v26.06 -## [26.04.1] - 2026-04-25: "Negative Routing Fees II" +## [26.04.2] - 2026-06-25: "Negative Routing Fees II" + +This point release if recommended for all minimal OS setups, including docker images, that have no root certificates for TLS installed. + +### Fixed + + - cln-currencyrate: include root certificates to fix the `builder error` on OS's without root certificates. ([9251]) + +[#9251]: https://github.com/ElementsProject/lightning/pull/9251 +[26.04.2]: https://github.com/ElementsProject/lightning/releases/tag/v26.04.2 + +## [26.04.1] - 2026-04-25: "Negative Routing Fees I" This point release is recommended: it fixes a build failure in some environments and a gossip protocol issue. diff --git a/Cargo.lock b/Cargo.lock index 14a10e7a594a..e8ba64dc7cc8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -438,6 +438,7 @@ dependencies = [ "serde", "serde_json", "tokio", + "webpki-roots 1.0.8", ] [[package]] @@ -2185,7 +2186,7 @@ dependencies = [ "wasm-bindgen", "wasm-bindgen-futures", "web-sys", - "webpki-roots", + "webpki-roots 0.25.4", "winreg", ] @@ -2198,6 +2199,7 @@ dependencies = [ "base64 0.22.1", "bytes", "futures-core", + "h2 0.4.14", "http 1.4.1", "http-body 1.0.1", "http-body-util", @@ -3584,6 +3586,15 @@ version = "0.25.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f20c57d8d7db6d3b86154206ae5d8fba62dd39573114de97c2cb0578251f8e1" +[[package]] +name = "webpki-roots" +version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf85cb06032201fa7c6f829d7db5a7e5aa45bcc0655327713065f6f0576731bf" +dependencies = [ + "rustls-pki-types", +] + [[package]] name = "winapi-util" version = "0.1.11" diff --git a/contrib/pyln-client/pyln/client/__init__.py b/contrib/pyln-client/pyln/client/__init__.py index 858a8cf7e1be..096ba0071859 100644 --- a/contrib/pyln-client/pyln/client/__init__.py +++ b/contrib/pyln-client/pyln/client/__init__.py @@ -4,7 +4,7 @@ from .gossmapstats import GossmapStats from .version import NodeVersion -__version__ = "v26.06.1" +__version__ = "v26.06.2" __all__ = [ "LightningRpc", diff --git a/contrib/pyln-client/pyproject.toml b/contrib/pyln-client/pyproject.toml index 89f60a22cccc..115adefee996 100644 --- a/contrib/pyln-client/pyproject.toml +++ b/contrib/pyln-client/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "pyln-client" -version = "v26.06.1" +version = "v26.06.2" description = "Client library and plugin library for Core Lightning" authors = [{ name = "Christian Decker", email = "decker.christian@gmail.com" }] license = { text = "BSD-MIT" } diff --git a/contrib/pyln-proto/pyln/proto/__init__.py b/contrib/pyln-proto/pyln/proto/__init__.py index 749f1fe844ed..376ef611098e 100644 --- a/contrib/pyln-proto/pyln/proto/__init__.py +++ b/contrib/pyln-proto/pyln/proto/__init__.py @@ -4,7 +4,7 @@ from .onion import OnionPayload, TlvPayload, LegacyOnionPayload from .wire import LightningConnection, LightningServerSocket -__version__ = "v26.06.1" +__version__ = "v26.06.2" __all__ = [ "Invoice", diff --git a/contrib/pyln-proto/pyproject.toml b/contrib/pyln-proto/pyproject.toml index 1ff8caa49f6f..e01378a45596 100644 --- a/contrib/pyln-proto/pyproject.toml +++ b/contrib/pyln-proto/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "pyln-proto" -version = "v26.06.1" +version = "v26.06.2" description = "This package implements some of the Lightning Network protocol in pure python. It is intended for protocol testing and some minor tooling only. It is not deemed secure enough to handle any amount of real funds (you have been warned!)." authors = [ {name = "Christian Decker", email = "decker.christian@gmail.com"} diff --git a/contrib/pyln-testing/pyln/testing/__init__.py b/contrib/pyln-testing/pyln/testing/__init__.py index 2b79f8ac868a..b6057636f040 100644 --- a/contrib/pyln-testing/pyln/testing/__init__.py +++ b/contrib/pyln-testing/pyln/testing/__init__.py @@ -1,4 +1,4 @@ -__version__ = "v26.06.1" +__version__ = "v26.06.2" __all__ = [ "__version__", diff --git a/contrib/pyln-testing/pyproject.toml b/contrib/pyln-testing/pyproject.toml index b640a6e618e3..e6b1a0cc71c8 100644 --- a/contrib/pyln-testing/pyproject.toml +++ b/contrib/pyln-testing/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "pyln-testing" -version = "v26.06.1" +version = "v26.06.2" description = "Test your Core Lightning integration, plugins or whatever you want" authors = [{ name = "Christian Decker", email = "decker.christian@gmail.com" }] license = { text = "BSD-MIT" } diff --git a/plugins/currencyrate-plugin/Cargo.toml b/plugins/currencyrate-plugin/Cargo.toml index 974fac7ffd82..29521635c2ee 100644 --- a/plugins/currencyrate-plugin/Cargo.toml +++ b/plugins/currencyrate-plugin/Cargo.toml @@ -22,6 +22,7 @@ reqwest = { version = "0.13", default-features = false, features = [ "rustls-no-provider", "socks", "json", + "http2", ] } rustls = { version = "0.23", default-features = false, features = [ "logging", @@ -29,6 +30,7 @@ rustls = { version = "0.23", default-features = false, features = [ "std", "ring", ] } +webpki-roots = "1" futures = "0.3" diff --git a/plugins/currencyrate-plugin/src/main.rs b/plugins/currencyrate-plugin/src/main.rs index 8057dfd06227..c35c59bb42fe 100644 --- a/plugins/currencyrate-plugin/src/main.rs +++ b/plugins/currencyrate-plugin/src/main.rs @@ -94,17 +94,27 @@ median from currencyrates results", let proxy = match check_proxy_config(&plugin).await { Ok(o) => o, - Err(e) => return plugin.disable(&e.to_string()).await, + Err(e) => { + return plugin.disable(&format!("Error in proxy config: {e}")).await; + } }; let sources = match gather_sources(&plugin, proxy.is_some()) { Ok(o) => o, - Err(e) => return plugin.disable(&e.to_string()).await, + Err(e) => { + return plugin + .disable(&format!("Error in sources config: {e}")) + .await; + } }; let price_oracle = match BtcPriceOracle::new(proxy, sources) { Ok(o) => o, - Err(e) => return plugin.disable(&e.to_string()).await, + Err(e) => { + return plugin + .disable(&format!("Error creating price oracle: {e}")) + .await; + } }; let plugin_state = PluginState { diff --git a/plugins/currencyrate-plugin/src/oracle.rs b/plugins/currencyrate-plugin/src/oracle.rs index 5e53a140df8e..ac98a735cf94 100644 --- a/plugins/currencyrate-plugin/src/oracle.rs +++ b/plugins/currencyrate-plugin/src/oracle.rs @@ -2,6 +2,7 @@ use anyhow::anyhow; use futures::future::join_all; use reqwest::header::{HeaderMap, HeaderValue, USER_AGENT}; use reqwest::{Client, Proxy}; +use rustls::ClientConfig; use serde_json::Value; use std::cmp::Reverse; use std::collections::HashMap; @@ -244,9 +245,17 @@ impl BtcPriceOracle { let mut headers = HeaderMap::new(); headers.insert(USER_AGENT, HeaderValue::from_static("cln-currencyrate")); + let root_store = rustls::RootCertStore { + roots: webpki_roots::TLS_SERVER_ROOTS.to_vec(), + }; + + let tls = ClientConfig::builder() + .with_root_certificates(root_store) + .with_no_client_auth(); + let mut client = Client::builder() .default_headers(headers) - .tls_backend_rustls() + .tls_backend_preconfigured(tls) .timeout(SOURCE_TIMEOUT_SECS) .pool_max_idle_per_host(5); @@ -257,7 +266,9 @@ impl BtcPriceOracle { client = client.proxy(proxy); } - let client = client.build()?; + let client = client + .build() + .map_err(|e| anyhow!("HTTP client failed to build: {:?}", e.source()))?; let mut map = HashMap::new(); for s in sources { diff --git a/tools/reckless b/tools/reckless index 3213f9e19f52..450c2f4b231c 100755 --- a/tools/reckless +++ b/tools/reckless @@ -21,7 +21,7 @@ from urllib.error import HTTPError import venv -__VERSION__ = 'v26.06.1' +__VERSION__ = 'v26.06.2' logging.basicConfig( level=logging.INFO, diff --git a/uv.lock b/uv.lock index f78d8c2081ac..e8a6fc0102fa 100644 --- a/uv.lock +++ b/uv.lock @@ -1392,7 +1392,7 @@ dev = [{ name = "pyln-proto", editable = "contrib/pyln-proto" }] [[package]] name = "pyln-client" -version = "26.6.1" +version = "26.6.2" source = { editable = "contrib/pyln-client" } dependencies = [ { name = "pyln-bolt7" }, @@ -1450,7 +1450,7 @@ dev = [ [[package]] name = "pyln-proto" -version = "26.6.1" +version = "26.6.2" source = { editable = "contrib/pyln-proto" } dependencies = [ { name = "base58" }, @@ -1479,7 +1479,7 @@ dev = [{ name = "pytest", specifier = ">=8.0.0" }] [[package]] name = "pyln-testing" -version = "26.6.1" +version = "26.6.2" source = { editable = "contrib/pyln-testing" } dependencies = [ { name = "cheroot" },