Update to 30.2

- Drop version for bundles, it contains snapshots for most libraries.
- Drop removed BDB bits, adjust docs and information.
- Add new metapackage with multiprocess bitcoin programs and new meta command
  "bitcoin".
- Package a standalone libbitcoinkernel, which is used by the new IPC programs.
- Set a shared object version on libbitcoinkernel that matches with the major
  release.

.gitignore

@@ -1,5 +1,3 @@
-/bitcoin-22.0.tar.gz
 /SHA256SUMS
 /SHA256SUMS.asc
-/db-4.8.30.NC.tar.gz
-/bitcoin-23.0.tar.gz
+/*.tar.gz

README.md

@@ -1,3 +1,50 @@
 # bitcoin-core
 
-The bitcoin-core package
+The bitcoin-core package.
+
+## Preparing a new update
+
+Perform the following steps to prepare the update to a new version. The sample commands below are performed with version 30.0.
+
+Generic package update steps:
+
+```
+$ rm -f bitcoin-*.tar.gz SHA256SUMS*
+
+$ rpmdev-bumpspec -D -c "Update to 30.0." -n 30.0 bitcoin-core.spec
+
+$ spectool -g bitcoin-core.spec
+Downloading: https://bitcoincore.org/bin/bitcoin-core-30.0/bitcoin-30.0.tar.gz
+100% of  10.9 MiB |#######################################################| Elapsed Time: 0:00:01 Time:  0:00:01
+Downloaded: bitcoin-30.0.tar.gz
+Downloading: https://bitcoincore.org/bin/bitcoin-core-30.0/SHA256SUMS.asc
+100% of  10.3 KiB |#######################################################| Elapsed Time: 0:00:00 Time:  0:00:00
+Downloaded: SHA256SUMS.asc
+Downloading: https://bitcoincore.org/bin/bitcoin-core-30.0/SHA256SUMS
+100% of   2.8 KiB |#######################################################| Elapsed Time: 0:00:00 Time:  0:00:00
+Downloaded: SHA256SUMS
+```
+When uploading sources, make sure everything is included even if it has not changed as otherwise will not be available in the Koji build root:
+```
+$ fedpkg new-sources bitcoin-30.0.tar.gz SHA256SUMS SHA256SUMS.asc
+Uploading: bitcoin-30.0.tar.gz
+######################################################################## 100.0%
+Uploading: SHA256SUMS
+######################################################################## 100.0%
+Uploading: SHA256SUMS.asc
+######################################################################## 100.0%
+Source upload succeeded. Don't forget to commit the sources file
+```
+After this, based on the list of keys that have signed the release and that are listed in SHA25SUM.asc, download the available ones and assemble an offline GPG keyring:
+```
+$ ./bitcoin-gpg.sh
+Prepare official script to verify releases to work offline... done.
+Creating GPG keyring with public keys that have signed release 30.0... done.
+```
+After this, it's time to commit and build:
+```
+$ git add bitcoin-offline-pubring.gpg
+$ git commit -a -m "Update to 30.0"
+$ git push
+$ fedpkg build --nowait
+```

README.server.redhat

@@ -49,18 +49,8 @@ group, then these commands should be sufficient:
 chown -R bitcoin.bitcoin /etc/bitcoin
 chmod -R u+rw,g+r,o= /etc/bitcoin
 
-Berkeley DB
------------
-
-On all platforms, including RHEL/CentOS/Fedora and the upstream build, bitcoin
-uses Berkeley DB 4.8.
-Oracle makes clear that binary compatibility is not guaranteed even between minor
-releases of Berkeley DB. This has implications if you move your wallet to and
-from a system with a different Berkeley DB version.
-
-It is strongly recommended that if you change Berkeley DB versions you first
-dump your wallet from the old system into a text file, and then import the
-wallet into the new system.
+Legeacy wallets
+---------------
 
 To dump or import a wallet from a Bitcoin daemon, you will need to use the
 bitcoin-cli utility.

bitcoin-core.spec

@@ -5,28 +5,26 @@
 %bcond_with extended_tests
 
 Name:       bitcoin-core
-Version:    23.0
-Release:    1%{?dist}
+Version:    30.2
+Release:    %autorelease
 Summary:    Peer to Peer Cryptographic Currency
 License:    MIT
 URL:        https://bitcoincore.org/
 
 # In .gitignore, so no chance to commit to SCM:
-Source0:    https://bitcoincore.org/bin/bitcoin-core-%{version}/%{project_name}-%{version}.tar.gz
-Source1:    https://bitcoincore.org/bin/bitcoin-core-%{version}/SHA256SUMS.asc
-Source2:    https://bitcoincore.org/bin/bitcoin-core-%{version}/SHA256SUMS
+Source0:    https://bitcoincore.org/bin/%{name}-%{version}/%{project_name}-%{version}.tar.gz
+Source1:    https://bitcoincore.org/bin/%{name}-%{version}/SHA256SUMS.asc
+Source2:    https://bitcoincore.org/bin/%{name}-%{version}/SHA256SUMS
 
-# Key verificaton process - why a script that generates a list of GPG keys in public ring format?
-# - Keys listed to sign the release are listed inside the tarball.
+# Key verificaton process - Make official verify method work offline
+# - Keys listed to sign the release are listed in SHA256SUMS.asc.
 # - Keys can be hosted on different key servers.
-# - A subset of the keys listed is actually used to sign.
 # - Keys used to sign the release might have been revoked or removed.
-# - One or more keys is enough to validate the release, but there is no preferred key.
+# - Three or more keys is enough to validate the release, but there is no preferred key.
 # - Verification needs to happen offline.
 # - We don't want to touch the original SHA256SUM.asc file.
-# - We clearly want to see in git which keys have changed across time.
 Source3:    %{project_name}-gpg.sh
-Source4:    %{project_name}-gpg.inc
+Source4:    %{project_name}-offline-pubring.gpg
 
 Source5:    %{project_name}-tmpfiles.conf
 Source6:    %{project_name}.sysconfig
@@ -34,56 +32,71 @@ Source7:    %{project_name}.service.system
 Source8:    %{project_name}.service.user
 Source9:    %{project_name}-qt.protocol
 Source10:   %{project_name}-qt.desktop
+Source11:   %{project_name}.sysusers.conf
 
 # Documentation
-Source11:   %{project_name}.conf.example
-Source12:   README.gui.redhat
-Source13:   README.utils.redhat
-Source14:   README.server.redhat
-
-# Berkeley DB non-strong cryptography variant (NC):
-Source15:   https://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz
-Source16:   db-4.8.30.NC-format-security.patch
+Source12:   %{project_name}.conf.example
+Source13:   README.gui.redhat
+Source14:   README.utils.redhat
+Source15:   README.server.redhat
 
 # AppStream metadata
-Source17:   %{project_name}-qt.metainfo.xml
+Source18:   %{project_name}-qt.metainfo.xml
 
-# All valid GPG keys that have signed the release in pubring format:
-%include %{SOURCE4}
+# Patch verify script to use local keyring
+Patch0:     %{project_name}-verify-offline.patch
+
+# Patch to set the shared object version to the main version
+Patch1:     %{project_name}-shared.patch
 
-BuildRequires:  autoconf
-BuildRequires:  automake
 BuildRequires:  boost-devel >= 1.64.0
+BuildRequires:  capnproto
+BuildRequires:  capnproto-devel
 BuildRequires:  checkpolicy
 BuildRequires:  desktop-file-utils
+BuildRequires:  doxygen
 BuildRequires:  gnupg2
 BuildRequires:  libappstream-glib
-BuildRequires:  libtool
-BuildRequires:  miniupnpc-devel
+BuildRequires:  cmake > 3.22
 BuildRequires:  procps-ng
 BuildRequires:  python3
-BuildRequires:  python3-zmq
-BuildRequires:  pkgconfig(libevent) >= 2.0.21
-BuildRequires:  pkgconfig(libevent_pthreads) >= 2.0.21
+BuildRequires:  pkgconfig(libevent) >= 2.1.8
+BuildRequires:  pkgconfig(libevent_pthreads) >= 2.1.8
 BuildRequires:  pkgconfig(libqrencode)
 BuildRequires:  pkgconfig(libzmq) >= 4
 BuildRequires:  pkgconfig(sqlite3) >= 3.7.17
-BuildRequires:  qt5-linguist
-BuildRequires:  qt5-qtbase-devel
-BuildRequires:  systemd
+BuildRequires:  qt6-qtbase-devel
+BuildRequires:  qt6-qttools-devel
+BuildRequires:  systemd-rpm-macros
+BuildRequires:  systemtap-sdt-devel
+
+Requires:   %{name}-desktop = %{version}-%{release}
+Requires:   %{name}-server = %{version}-%{release}
+Requires:   %{name}-utils = %{version}-%{release}
+Requires:   lib%{project_name}kernel = %{version}-%{release}
 
 %description
 Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to
 operate with no central authority or banks; managing transactions and the
 issuing of bitcoins is carried out collectively by the network.
 
+This package installs the full Bitcoin Core distribution, with utilities, server
+and desktop (graphical wallet) components.
+
+%package -n lib%{project_name}kernel
+Summary:    Consensus engine and support library
+
+%description -n lib%{project_name}kernel
+Bitcoin Core consensus engine. A stateful library that can spawn threads, do
+caching, do I/O, and many other things which one may not normally expect from a
+library.
+
 %package desktop
 Summary:    Peer to Peer Cryptographic Currency
-Conflicts:  bitcoin
-Provides:   bundled(leveldb) = 1.22.0
-Provides:   bundled(libdb) = 4.8.30.NC
-Provides:   bundled(secp256k1) = 0.1
-Provides:   bundled(univalue) = 1.1.3
+Provides:   bundled(leveldb)
+Provides:   bundled(libmultiprocess)
+Provides:   bundled(secp256k1)
+Provides:   bundled(univalue)
 
 %description desktop
 Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to
@@ -93,32 +106,17 @@ issuing of bitcoins is carried out collectively by the network.
 This package contains the Qt based graphical client and node. If you are looking
 to run a Bitcoin wallet, this is probably the package you want.
 
-%package libs
-Summary:    Peer-to-peer digital currency
-Conflicts:  bitcoin-libs
-
-%description libs
-This package provides the bitcoinconsensus shared libraries. These libraries
-may be used by third party software to provide consensus verification
-functionality.
-
-Unless you know you need this package, you probably do not.
-
 %package devel
 Summary:    Peer-to-peer digital currency
-Conflicts:  bitcoin-devel
-Requires:   %{name}-libs%{?_isa} = %{version}-%{release}
+Requires:   lib%{project_name}kernel = %{version}-%{release}
 
 %description devel
-This package contains the header files and static library for the
-bitcoinconsensus shared library. If you are developing or compiling software
-that wants to link against that library, then you need this package installed.
+This package contains the bitcoin utility tool.
 
 Most people do not need this package installed.
 
 %package utils
 Summary:    Peer-to-peer digital currency
-Conflicts:  bitcoin-utils
 
 %description utils 
 Bitcoin is an experimental new digital currency that enables instant payments to
@@ -131,94 +129,64 @@ control a Bitcoin server via its RPC protocol, and bitcoin-tx, a utility
 to create custom Bitcoin transactions.
 
 %package server
-Summary:        Peer-to-peer digital currency
-Conflicts:      bitcoin-server
-Requires(pre):  shadow-utils
-Requires:       (%{name}-selinux if selinux-policy)
-Provides:       bundled(leveldb) = 1.22.0
-Provides:       bundled(libdb) = 4.8.30.NC
-Provides:       bundled(secp256k1) = 0.1
-Provides:       bundled(univalue) = 1.1.3
+Summary:    Peer-to-peer digital currency
+Requires:   (%{name}-selinux >= 0.1 if selinux-policy)
+Provides:   bundled(leveldb)
+Provides:   bundled(libmultiprocess)
+Provides:   bundled(secp256k1)
+Provides:   bundled(univalue)
 
 %description server
-This package provides a stand-alone bitcoin-core daemon. For most users, this
+This package provides a stand-alone %{name} daemon. For most users, this
 package is only needed if they need a full-node without the graphical client.
 
 Some third party wallet software will want this package to provide the actual
-bitcoin-core node they use to connect to the network.
+%{name} node they use to connect to the network.
 
-If you use the graphical bitcoin-core client then you almost certainly do not
+If you use the graphical %{name} client then you almost certainly do not
 need this package.
 
 %prep
-# Verify that each GPG key listed as source has signed the release:
-for filename in %{sources}; do
-  case "${filename}" in (*/bitcoin-*-pubring.gpg)
-    gpgv2 --keyring=${filename} %{SOURCE1} %{SOURCE2} 2>&1 | grep "Good signature"
-  esac
-done
+%autosetup -p1 -n %{project_name}-%{version}
+
+# Bundled script to verify release signatures using offline pubring:
+cp %{SOURCE4} .
+contrib/verify-binaries/verify.py --min-good-sigs 3 bin %{SOURCE2} %{SOURCE0}
 
 # Check the hash of the tarball, not in the same folder where we are now:
 grep -q $(sha256sum %{SOURCE0}) %{SOURCE2}
 
-%autosetup -p1 -n %{project_name}-%{version}
-
-# No publicly available hash file, check it against what bitcoin-core expects:
-export $(grep ^BDB_HASH contrib/install_db4.sh | sed -e "s/'//g")
-echo $BDB_HASH %{SOURCE15} | sha256sum -c
-
-# Berkeley DB:
-mkdir db4
-tar --strip-components=1 -xzf %{SOURCE15} -C db4
-patch -d db4 -p1 -i ../depends/patches/bdb/clang_cxx_11.patch
-patch -d db4 -p1 -i %{SOURCE16}
-
 # Documentation (sources can not be directly reference with doc)
-cp -p %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} .
+cp -p %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15} .
 
 %build
-# Build static Berkeley DB reusing all compiler flags / hardening:
-pushd db4/build_unix
 
-%define _configure ../dist/configure
-%configure \
-    --disable-shared \
-    --enable-cxx \
-    --disable-replication
-%undefine _configure
+# Bitcoin kernel library used only as part of the testing for now:
+%cmake \
+    -DBUILD_CLI=ON \
+    -DBUILD_DAEMON=ON \
+    -DBUILD_GUI=ON \
+    -DBUILD_KERNEL_LIB=ON \
+    -DBUILD_TESTS=ON \
+    -DBUILD_TX=ON \
+    -DBUILD_UTIL=ON \
+    -DBUILD_UTIL_CHAINSTATE=ON \
+    -DENABLE_IPC=ON \
+    -DENABLE_WALLET=ON \
+    -DINSTALL_MAN=ON \
+    -DWITH_DBUS=ON \
+    -DWITH_QRENCODE=ON \
+    -DWITH_SQLITE=ON \
+    -DWITH_USDT=ON \
+    -DWITH_ZMQ=ON
 
-%make_build
-make install DESTDIR=%{_builddir}/%{buildsubdir}/db4
-popd
-
-export BDB_CFLAGS="-I%{_builddir}/%{buildsubdir}/db4%{_includedir}/"
-export BDB_LIBS="-L%{_builddir}/%{buildsubdir}/db4%{_libdir}/ -ldb_cxx-4.8"
-autoreconf -vif
-%configure \
-    --disable-bench \
-    --disable-silent-rules \
-    --disable-static \
-    --enable-reduce-exports \
-    --enable-threadlocal \
-    --with-miniupnpc \
-    --with-qrencode \
-    --with-utils \
-    --with-libs \
-    --with-daemon \
-    --with-gui=qt5
-
-%make_build
+%cmake_build
 
 %install
-%make_install
+%cmake_install
 
 find %{buildroot} -name "*.la" -delete
 
-# TODO: Upstream puts bitcoind in the wrong directory. Need to fix the
-# upstream Makefiles to install it in the correct place.
-mkdir -p -m 755 %{buildroot}%{_sbindir}
-mv %{buildroot}%{_bindir}/bitcoind %{buildroot}%{_sbindir}/bitcoind
-
 # Temporary files
 mkdir -p %{buildroot}%{_tmpfilesdir}
 install -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/%{project_name}.conf
@@ -242,34 +210,29 @@ done
 rm -f %{buildroot}%{_datadir}/pixmaps/%{project_name}*
 
 # Bash completion
-install -D -m644 -p contrib/%{project_name}-cli.bash-completion %{buildroot}%{_compldir}/%{project_name}-cli
-install -D -m644 -p contrib/%{project_name}-tx.bash-completion %{buildroot}%{_compldir}/%{project_name}-tx
-install -D -m644 -p contrib/%{project_name}d.bash-completion %{buildroot}%{_compldir}/%{project_name}d
+install -D -m644 -p contrib/completions/bash/%{project_name}-cli.bash %{buildroot}%{_compldir}/%{project_name}-cli
+install -D -m644 -p contrib/completions/bash/%{project_name}-tx.bash %{buildroot}%{_compldir}/%{project_name}-tx
+install -D -m644 -p contrib/completions/bash/%{project_name}d.bash %{buildroot}%{_compldir}/%{project_name}d
 
 # Server log directory
 mkdir -p %{buildroot}%{_localstatedir}/log/%{project_name}/
 
 # AppStream metadata
-install -p -m 644 -D %{SOURCE17} %{buildroot}%{_metainfodir}/%{project_name}-qt.metainfo.xml
+install -p -m 644 -D %{SOURCE18} %{buildroot}%{_metainfodir}/%{project_name}-qt.metainfo.xml
 
 # Remove test files so that they aren't shipped. Tests have already been run.
 rm -f %{buildroot}%{_bindir}/test_*
 
+install -m0644 -D %{SOURCE11} %{buildroot}%{_sysusersdir}/%{name}.conf
+
 %check
 desktop-file-validate %{buildroot}%{_datadir}/applications/%{project_name}-qt.desktop
 appstream-util validate-relax --nonet %{buildroot}%{_metainfodir}/%{project_name}-qt.metainfo.xml
-make check
+%ctest
 %if %{with extended_tests}
 test/functional/test_runner.py --tmpdirprefix `pwd` --extended
 %endif
 
-%pre server
-getent group %{project_name} >/dev/null || groupadd -r %{project_name}
-getent passwd %{project_name} >/dev/null ||
-    useradd -r -g %{project_name} -d /var/lib/%{project_name} -s /sbin/nologin \
-    -c "Bitcoin wallet server" %{project_name}
-exit 0
-
 %post server
 %systemd_post %{project_name}.service
 
@@ -279,6 +242,19 @@ exit 0
 %postun server
 %systemd_postun_with_restart %{project_name}.service
 
+%files
+%{_bindir}/%{project_name}
+%{_libexecdir}/bitcoin-chainstate
+%{_libexecdir}/bitcoin-gui
+%{_libexecdir}/bitcoin-node
+%{_libexecdir}/test_bitcoin
+%{_libexecdir}/test_bitcoin-qt
+%{_mandir}/man1/bitcoin.1*
+
+%files -n libbitcoinkernel
+%{_libdir}/lib%{project_name}kernel.so.%(echo %{version} | cut -d. -f 1)
+%{_libdir}/lib%{project_name}kernel.so.%{version}
+
 %files desktop
 %license COPYING
 %doc %{project_name}.conf.example README.gui.redhat README.md SECURITY.md
@@ -290,18 +266,11 @@ exit 0
 %{_mandir}/man1/%{project_name}-qt.1*
 %{_metainfodir}/%{project_name}-qt.metainfo.xml
 
-%files libs
-%license COPYING
-%doc doc/README.md SECURITY.md
-%{_libdir}/libbitcoinconsensus.so.0
-%{_libdir}/libbitcoinconsensus.so.0.0.0
-
 %files devel
-%doc doc/developer-notes.md doc/shared-libraries.md
+%doc doc/developer-notes.md
 %{_bindir}/%{project_name}-util
-%{_includedir}/bitcoinconsensus.h
-%{_libdir}/libbitcoinconsensus.so
-%{_libdir}/pkgconfig/libbitcoinconsensus.pc
+%{_libdir}/pkgconfig/lib%{project_name}kernel.pc
+%{_libdir}/lib%{project_name}kernel.so
 %{_mandir}/man1/%{project_name}-util.1*
 
 %files utils
@@ -330,141 +299,11 @@ exit 0
 %config(noreplace) %attr(644,root,root) %{_sysconfdir}/sysconfig/%{project_name}
 %{_compldir}/%{project_name}d
 %{_mandir}/man1/%{project_name}d.1*
-%{_sbindir}/%{project_name}d
+%{_bindir}/%{project_name}d
 %{_tmpfilesdir}/%{project_name}.conf
 %{_unitdir}/%{project_name}.service
 %{_userunitdir}/%{project_name}.service
+%{_sysusersdir}/%{name}.conf
 
 %changelog
-* Tue Apr 26 2022 Simone Caronni <negativo17@gmail.com> - 23.0-1
-- Update to 23.0.
-
-* Thu Apr 07 2022 Simone Caronni <negativo17@gmail.com> - 22.0-7
-- Add AppStream metadata.
-
-* Tue Apr 05 2022 Simone Caronni <negativo17@gmail.com> - 22.0-6
-- Hide extended tests behind a flag.
-- Allow to run the full set of extended tests including network when requested,
-  they run fine in mock with network enabled.
-
-* Sun Jan 23 2022 Simone Caronni <negativo17@gmail.com> - 22.0-5
-- Update GPG verification script (thanks Björn Persson).
-
-* Sun Oct 03 2021 Simone Caronni <negativo17@gmail.com> - 22.0-4
-- Switch to bundled statically linked Berkeley DB 4.8.30 (NC).
-
-* Sat Sep 25 2021 Simone Caronni <negativo17@gmail.com> - 22.0-3
-- Remove obsolete scriptlets.
-- With RHEL/CentOS 7 no longer a target, improve systemd unit security.
-- Add systemd user unit to start bitcoind in your user session.
-- Move bitcoin-wallet to utils subpackage for offline wallet manipulation.
-- Update README files.
-
-* Sat Sep 25 2021 Simone Caronni <negativo17@gmail.com> - 22.0-2
-- Prepare all keys with a script and verify all keys against the signature file.
-  Add reasoning on the process in the SPEC file.
-
-* Wed Sep 22 2021 Simone Caronni <negativo17@gmail.com> - 22.0-1
-- Update to 22.0, versioning convention change.
-- Implement signature verification with a public GPG keyring and at least one
-  valid signature.
-- Also the relative selinux package has been renamed to bitcoin-core-selinux.
-- Add bitcoin-util to devel subpackage.
-- Update docs.
-- Add SQLite as dependency for descriptor wallets.
-- Drop RHEL/CentOS 7 support.
-
-* Tue Sep 21 2021 Simone Caronni <negativo17@gmail.com> - 0.21.1-2
-- Rename package to bitcoin-core.
-- Conflicts with bitcoin.
-- Desktop subpackage renamed from "core" to "desktop".
-
-* Wed May 12 2021 Simone Caronni <negativo17@gmail.com> - 0.21.1-1
-- Update to 0.21.1.
-
-* Wed Mar 10 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-4
-- Fix build on RHEL/CentOS 8.
-- Adjust SELinux requirement for server subpackage.
-
-* Wed Mar 10 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-3
-- Remove requirements for utils subpackage in server subpackage.
-- Separate SELinux package in its own subpackage and use RPM rich booleans on
-  Fedora and RHEL/CentOS 8+ to install the SELinux package if the base policy is
-  installed.
-- Update server README.
-
-* Wed Jan 20 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-2
-- Update to 0.21.0.
-- Remove java build requirement.
-- Use local folder for test output.
-
-* Fri Jan 15 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-1
-- Update to 0.21.0.
-
-* Thu Nov 19 2020 Simone Caronni <negativo17@gmail.com> - 0.20.1-2
-- Remove openssl/protobuf from build requirements.
-
-* Wed Oct 21 2020 Simone Caronni <negativo17@gmail.com> - 0.20.1-1
-- Update to 0.20.1.
-
-* Wed Jul 22 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-7
-- Use libdb 5.x instead of deprecated 4.x. Fixes build on RHEL/CentOS 8.
-
-* Tue Jul 21 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-6
-- Update systemd unit.
-- Update configuration options.
-- Declared bundled libraries/forks.
-
-* Tue Jul 21 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-5
-- Use HTTPS for url tag.
-- Reorganize sources. Add cleaned files from the packaging repository directly;
-  bash completion snippets are now supported in the main sources.
-- Move check section after install and include desktop file validating in there.
-
-* Sun Jul 19 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-4
-- Fix tests on RHEL/CentOS 7.
-
-* Sat Jul 18 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-3
-- Add signature verification.
-- Trim changelog.
-- Fix typo in the libs description.
-
-* Tue Jun 30 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-2
-- Update Source0 URL.
-- Do not obsolete "bitcoin", just leave the provider for it.
-- Let the build install the man pages.
-- Make sure old post scriptlets run only on RHEL/CentOS 7.
-- Do not install static library and archive.
-- Be explicit with shared object versions.
-- Use macros for more directories.
-- Use GCC 9 and not 7 to build on RHEL/CentOS 7.
-
-* Fri Jun 26 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-1
-- Update to 0.20.0.
-
-* Mon May 04 2020 Simone Caronni <negativo17@gmail.com> - 0.19.1-1
-- Update to 0.19.1.
-- Fix deprecation message with Python tests.
-- Trim changelog.
-
-* Fri Feb 21 2020 Simone Caronni <negativo17@gmail.com> - 0.19.0.1-2
-- Fix dependencies with Python SELinux interfaces.
-
-* Tue Nov 19 2019 Simone Caronni <negativo17@gmail.com> - 0.19.0.1-1
-- Update to 0.19.0.1.
-
-* Sun Nov 17 2019 Simone Caronni <negativo17@gmail.com> - 0.19.0-1
-- Update to 0.19.0.
-
-* Thu Sep 12 2019 Simone Caronni <negativo17@gmail.com> - 0.18.1-1
-- Update to 0.18.1.
-
-* Tue May 07 2019 Simone Caronni <negativo17@gmail.com> - 0.18.0-2
-- Update systemd unit.
-
-* Mon May 06 2019 Simone Caronni <negativo17@gmail.com> - 0.18.0-1
-- Update to 0.18.0.
-- Force C.UTF-8 for tests on Fedora and disable EPEL 7 test run.
-
-* Thu Jan 24 2019 Simone Caronni <negativo17@gmail.com> - 0.17.1-1
-- Update to 0.17.1.
+%autochangelog

bitcoin-gpg.inc

@@ -1,18 +0,0 @@
-# 152812300785C96444D3334D17565732E08E5E41 - Andrew Chow (achow101)
-Source21: bitcoin-152812300785C96444D3334D17565732E08E5E41-pubring.gpg
-# 590B7292695AFFA5B672CBB2E13FC145CD3F4304 - Antoine Poinsot (darosior)
-Source22: bitcoin-590B7292695AFFA5B672CBB2E13FC145CD3F4304-pubring.gpg
-# 0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8 - Ben Carman (benthecarman)
-Source23: bitcoin-0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8-pubring.gpg
-# D1DBF2C4B96F2DEBF4C16654410108112E7EA81F - Hennadii Stepanov (hebasto)
-Source24: bitcoin-D1DBF2C4B96F2DEBF4C16654410108112E7EA81F-pubring.gpg
-# E463A93F5F3117EEDE6C7316BD02942421F4889F - Luke Dashjr (luke-jr)
-Source25: bitcoin-E463A93F5F3117EEDE6C7316BD02942421F4889F-pubring.gpg
-# E777299FC265DD04793070EB944D35F9AC3DB76A - Michael Ford (fanquake)
-Source26: bitcoin-E777299FC265DD04793070EB944D35F9AC3DB76A-pubring.gpg
-# F4FC70F07310028424EFC20A8E4256593F177720 - Oliver Gugger (guggero, Oliver Gugger)
-Source27: bitcoin-F4FC70F07310028424EFC20A8E4256593F177720-pubring.gpg
-# 9EDAFF80E080659604F4A76B2EBB056FD847F8A7 - Stephan Oeste (Emzy)
-Source28: bitcoin-9EDAFF80E080659604F4A76B2EBB056FD847F8A7-pubring.gpg
-# 71A3B16735405025D447E8F274810B012346C9A6 - Wladimir J. van der Laan (laanwj)
-Source29: bitcoin-71A3B16735405025D447E8F274810B012346C9A6-pubring.gpg

bitcoin-gpg.sh

@@ -1,56 +1,21 @@
 #!/bin/sh
 
-if [[ -z "$1" ]]; then
-    echo "Usage: $0 <version>" 2>&1
-    exit 1
-fi
+VERSION=$(grep Version bitcoin-core.spec | sed -e 's/.* //')
 
-VERSION=$1
+printf "Prepare official script to use a local keyring... "
 
-printf "\nPrepare directory and list of GPG keys used to sign the release... "
+rm -f bitcoin-offline-pubring.gpg* .#lk* verify.py
 
-rm -f keys.txt *keyring.gpg* *pubring.gpg bitcoin-gpg.inc
-tar -xzf bitcoin-${VERSION}.tar.gz --strip-components=3 bitcoin-${VERSION}/contrib/builder-keys/keys.txt
+tar -xzf bitcoin-${VERSION}.tar.gz --strip-components=3 bitcoin-${VERSION}/contrib/verify-binaries/verify.py
+patch -p3 -s -i bitcoin-verify-offline.patch
 
 printf "done.\n"
 
-printf "Attempting to download all listed GPG keys for release ${VERSION}... "
+printf "Creating GPG keyring with public keys that have signed release ${VERSION}... "
 
-source=20
+yes | ./verify.py --import-keys bin SHA256SUMS > /dev/null 2>&1
 
-printf "" > bitcoin-gpg.inc
-
-while read fingerprint keyholder_name; do
-
-    # Download each key in its separate GPG keyring, 2 attempts with different key servers:
-    gpg2 -q --logger-fd=1 --no-default-keyring --keyring ./bitcoin-${fingerprint}-keyring.gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys ${fingerprint} > /dev/null
-    gpg2 -q --logger-fd=1 --no-default-keyring --keyring ./bitcoin-${fingerprint}-keyring.gpg --keyserver hkps://keys.openpgp.org --recv-keys ${fingerprint} > /dev/null
-
-    # If the GPG keyring is not empty, export the key in pubring format and check if it has been used for signing the release:
-    if [ -s ./bitcoin-${fingerprint}-keyring.gpg ]; then
-
-        gpg2 -q --logger-fd=1 --no-default-keyring --keyring ./bitcoin-${fingerprint}-keyring.gpg --export --export-options export-minimal ${fingerprint} > bitcoin-${fingerprint}-pubring.gpg
-
-        # Verify the specific key in the signature file:
-        gpg2 --no-options --no-default-keyring --keyring ./bitcoin-${fingerprint}-pubring.gpg --status-fd=1 --verify SHA256SUMS.asc SHA256SUMS 2>/dev/null | grep --quiet "^\[GNUPG:\] GOODSIG "
-
-        if [ $? == 0 ]; then
-            echo "# ${fingerprint} - ${keyholder_name}" >> bitcoin-gpg.inc
-            ((source=source+1))
-            echo "Source${source}: bitcoin-${fingerprint}-pubring.gpg" >> bitcoin-gpg.inc
-        else
-            rm -f bitcoin-${fingerprint}-pubring.gpg
-        fi
-
-        rm -f bitcoin-${fingerprint}-keyring.gpg*
-    fi
-
-done < keys.txt
-
-# Cleanup:
-rm -f keys.txt
+# Cleanup
+rm -f bitcoin-offline-pubring.gpg~ .#lk* verify.py
 
 printf "done.\n"
-
-printf "List of valid keys used to sign the release:\n"
-cat bitcoin-gpg.inc

bitcoin-shared.patch

@@ -0,0 +1,9 @@
+diff -Naur bitcoin-30.0.old/src/kernel/CMakeLists.txt bitcoin-30.0/src/kernel/CMakeLists.txt
+--- bitcoin-30.0.old/src/kernel/CMakeLists.txt	2025-10-16 18:35:05.538795833 +0200
++++ bitcoin-30.0/src/kernel/CMakeLists.txt	2025-10-16 18:37:54.715894722 +0200
+@@ -124,3 +124,5 @@
+     DESTINATION ${CMAKE_INSTALL_LIBDIR}
+     COMPONENT libbitcoinkernel
+ )
++
++set_target_properties(bitcoinkernel PROPERTIES VERSION ${CLIENT_VERSION_MAJOR}.${CLIENT_VERSION_MINOR} SOVERSION ${CLIENT_VERSION_MAJOR})

bitcoin-verify-offline.patch

@@ -0,0 +1,21 @@
+diff -Naur bitcoin-28.0.old/contrib/verify-binaries/verify.py bitcoin-28.0/contrib/verify-binaries/verify.py
+--- bitcoin-28.0.old/contrib/verify-binaries/verify.py	2024-10-08 14:52:30.556849257 +0200
++++ bitcoin-28.0/contrib/verify-binaries/verify.py	2024-10-08 14:52:39.167915828 +0200
+@@ -135,7 +135,7 @@
+ ) -> tuple[int, str]:
+     with tempfile.NamedTemporaryFile() as status_file:
+         args = [
+-            'gpg', '--yes', '--verify', '--verify-options', 'show-primary-uid-only', "--status-file", status_file.name,
++            'gpg', '--no-default-keyring', '--keyring', './bitcoin-offline-pubring.gpg', '--yes', '--verify', '--verify-options', 'show-primary-uid-only', "--status-file", status_file.name,
+             '--output', output_filename if output_filename else '', signature_filename, filename]
+ 
+         env = dict(os.environ, LANGUAGE='en')
+@@ -338,7 +338,7 @@
+         for unsig in unknown:
+             if prompt_yn(f" ? Retrieve key {unsig.key} ({unsig.name})? (y/N) "):
+                 ran = subprocess.run(
+-                    ["gpg", "--keyserver", args.keyserver, "--recv-keys", unsig.key])
++                    ["gpg", "--no-default-keyring", "--keyring", "./bitcoin-offline-pubring.gpg", "--keyserver", args.keyserver, "--recv-keys", unsig.key])
+ 
+                 if ran.returncode != 0:
+                     log.warning(f"failed to retrieve key {unsig.key}")

bitcoin.service.system

@@ -4,7 +4,7 @@ Documentation=man:bitcoind(1)
 After=syslog.target network.target
 
 [Service]
-ExecStart=/usr/sbin/bitcoind -conf=${CONFIG_FILE} -datadir=${DATA_DIR} -pid=${PID_FILE} -debuglogfile=${DEBUG_FILE} $OPTIONS
+ExecStart=/usr/bin/bitcoind -conf=${CONFIG_FILE} -datadir=${DATA_DIR} -pid=${PID_FILE} -debuglogfile=${DEBUG_FILE} $OPTIONS
 EnvironmentFile=/etc/sysconfig/bitcoin
 User=bitcoin
 Group=bitcoin

bitcoin.service.user

@@ -3,7 +3,7 @@ Description=Bitcoin daemon
 Documentation=man:bitcoind(1)
 
 [Service]
-ExecStart=/usr/sbin/bitcoind
+ExecStart=/usr/bin/bitcoind
 
 Restart=on-failure
 TimeoutStopSec=120

bitcoin.sysusers.conf

@@ -0,0 +1 @@
+u bitcoin - 'Bitcoin wallet server' /var/lib/bitcoin-core -

changelog

@@ -0,0 +1,223 @@
+* Sun Apr 13 2025 Simone Caronni <negativo17@gmail.com> - 29.0-1
+- Update to 29.0.
+
+* Tue Feb 11 2025 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 28.1-6
+- Add sysusers.d config file to allow rpm to create users/groups automatically
+
+* Fri Feb 07 2025 Simone Caronni <negativo17@gmail.com> - 28.1-5
+- Rebuild for updated dependencies.
+
+* Tue Jan 28 2025 Simone Caronni <negativo17@gmail.com> - 28.1-4
+- Rebuild for updated dependencies.
+
+* Tue Jan 28 2025 Simone Caronni <negativo17@gmail.com> - 28.1-3
+- Update for https://fedoraproject.org/wiki/Changes/Unify_bin_and_sbin.
+
+* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 28.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
+
+* Sat Jan 11 2025 Simone Caronni <negativo17@gmail.com> - 28.1-1
+- Update to 28.1.
+
+* Sat Jan 11 2025 Simone Caronni <negativo17@gmail.com> - 28.0-4
+- Enable Statically Defined Tracing (USDT).
+
+* Wed Oct 16 2024 Simone Caronni <negativo17@gmail.com> - 28.0-3
+- Remove leftover of bitcoin-libs being erroneusly required by the devel
+  subpackage.
+
+* Tue Oct 08 2024 Simone Caronni <negativo17@gmail.com> - 28.0-2
+- Rebuild for updated miniupnpc 2.2.8.
+
+* Tue Oct 08 2024 Simone Caronni <negativo17@gmail.com> - 28.0-1
+- Update to 28.0.
+
+* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 27.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Sun Jun 23 2024 Simone Caronni <negativo17@gmail.com> - 27.1-1
+- Update to 27.1.
+
+* Wed May 22 2024 Simone Caronni <negativo17@gmail.com> - 27.0-1
+- Update to 27.0.
+
+* Wed Apr 24 2024 Simone Caronni <negativo17@gmail.com> - 26.1-1
+- Update to 26.1.
+
+* Tue Jan 23 2024 Fedora Release Engineering <releng@fedoraproject.org> - 26.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 26.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Wed Dec 13 2023 Simone Caronni <negativo17@gmail.com> - 26.0-1
+- Update to 26.0.
+
+* Fri Oct 20 2023 Simone Caronni <negativo17@gmail.com> - 25.1-1
+- Update to 25.1.
+
+* Fri Aug 11 2023 Simone Caronni <negativo17@gmail.com> - 25.0-3
+- Adjust verify script invocation.
+- Fix build on el8.
+- Drop unused build requirement.
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 25.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Tue May 30 2023 Simone Caronni <negativo17@gmail.com> - 25.0-1
+- Update to 25.0.
+- Update verification of signatures to use the new bundled script.
+
+* Mon May 22 2023 Simone Caronni <negativo17@gmail.com> - 24.1-1
+- Update to 24.1.
+
+* Fri Mar 17 2023 Arjun Shankar <arjun@redhat.com> - 24.0.1-3
+- Port bundled Berkeley DB 4.8 configure script to C99 (#2179373)
+
+* Fri Mar 17 2023 Arjun Shankar <arjun@redhat.com>
+- Fix build failure due to GCC 13 compile error (#2171449)
+
+* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org>
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Mon Dec 12 2022 Simone Caronni <negativo17@gmail.com> - 24.0.1-1
+- Update to 24.0.1
+
+* Mon Nov 21 2022 Simone Caronni <negativo17@gmail.com> - 24.0-1
+- Update to 24.0.
+
+* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org>
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Tue Apr 26 2022 Simone Caronni <negativo17@gmail.com> - 23.0-1
+- Update to 23.0.
+
+* Thu Apr 07 2022 Simone Caronni <negativo17@gmail.com> - 22.0-7
+- Add AppStream metadata.
+
+* Tue Apr 05 2022 Simone Caronni <negativo17@gmail.com> - 22.0-6
+- Hide extended tests behind a flag.
+- Allow to run the full set of extended tests including network when requested,
+  they run fine in mock with network enabled.
+
+* Sun Jan 23 2022 Simone Caronni <negativo17@gmail.com> - 22.0-5
+- Update GPG verification script (thanks Björn Persson).
+
+* Sun Oct 03 2021 Simone Caronni <negativo17@gmail.com> - 22.0-4
+- Switch to bundled statically linked Berkeley DB 4.8.30 (NC).
+
+* Sat Sep 25 2021 Simone Caronni <negativo17@gmail.com> - 22.0-3
+- Remove obsolete scriptlets.
+- With RHEL/CentOS 7 no longer a target, improve systemd unit security.
+- Add systemd user unit to start bitcoind in your user session.
+- Move bitcoin-wallet to utils subpackage for offline wallet manipulation.
+- Update README files.
+
+* Sat Sep 25 2021 Simone Caronni <negativo17@gmail.com> - 22.0-2
+- Prepare all keys with a script and verify all keys against the signature file.
+  Add reasoning on the process in the SPEC file.
+
+* Wed Sep 22 2021 Simone Caronni <negativo17@gmail.com> - 22.0-1
+- Update to 22.0, versioning convention change.
+- Implement signature verification with a public GPG keyring and at least one
+  valid signature.
+- Also the relative selinux package has been renamed to bitcoin-core-selinux.
+- Add bitcoin-util to devel subpackage.
+- Update docs.
+- Add SQLite as dependency for descriptor wallets.
+- Drop RHEL/CentOS 7 support.
+
+* Tue Sep 21 2021 Simone Caronni <negativo17@gmail.com> - 0.21.1-2
+- Rename package to bitcoin-core.
+- Conflicts with bitcoin.
+- Desktop subpackage renamed from "core" to "desktop".
+
+* Wed May 12 2021 Simone Caronni <negativo17@gmail.com> - 0.21.1-1
+- Update to 0.21.1.
+
+* Wed Mar 10 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-4
+- Fix build on RHEL/CentOS 8.
+- Adjust SELinux requirement for server subpackage.
+
+* Wed Mar 10 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-3
+- Remove requirements for utils subpackage in server subpackage.
+- Separate SELinux package in its own subpackage and use RPM rich booleans on
+  Fedora and RHEL/CentOS 8+ to install the SELinux package if the base policy is
+  installed.
+- Update server README.
+
+* Wed Jan 20 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-2
+- Update to 0.21.0.
+- Remove java build requirement.
+- Use local folder for test output.
+
+* Fri Jan 15 2021 Simone Caronni <negativo17@gmail.com> - 0.21.0-1
+- Update to 0.21.0.
+
+* Thu Nov 19 2020 Simone Caronni <negativo17@gmail.com> - 0.20.1-2
+- Remove openssl/protobuf from build requirements.
+
+* Wed Oct 21 2020 Simone Caronni <negativo17@gmail.com> - 0.20.1-1
+- Update to 0.20.1.
+
+* Wed Jul 22 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-7
+- Use libdb 5.x instead of deprecated 4.x. Fixes build on RHEL/CentOS 8.
+
+* Tue Jul 21 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-6
+- Update systemd unit.
+- Update configuration options.
+- Declared bundled libraries/forks.
+
+* Tue Jul 21 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-5
+- Use HTTPS for url tag.
+- Reorganize sources. Add cleaned files from the packaging repository directly;
+  bash completion snippets are now supported in the main sources.
+- Move check section after install and include desktop file validating in there.
+
+* Sun Jul 19 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-4
+- Fix tests on RHEL/CentOS 7.
+
+* Sat Jul 18 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-3
+- Add signature verification.
+- Trim changelog.
+- Fix typo in the libs description.
+
+* Tue Jun 30 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-2
+- Update Source0 URL.
+- Do not obsolete "bitcoin", just leave the provider for it.
+- Let the build install the man pages.
+- Make sure old post scriptlets run only on RHEL/CentOS 7.
+- Do not install static library and archive.
+- Be explicit with shared object versions.
+- Use macros for more directories.
+- Use GCC 9 and not 7 to build on RHEL/CentOS 7.
+
+* Fri Jun 26 2020 Simone Caronni <negativo17@gmail.com> - 0.20.0-1
+- Update to 0.20.0.
+
+* Mon May 04 2020 Simone Caronni <negativo17@gmail.com> - 0.19.1-1
+- Update to 0.19.1.
+- Fix deprecation message with Python tests.
+- Trim changelog.
+
+* Fri Feb 21 2020 Simone Caronni <negativo17@gmail.com> - 0.19.0.1-2
+- Fix dependencies with Python SELinux interfaces.
+
+* Tue Nov 19 2019 Simone Caronni <negativo17@gmail.com> - 0.19.0.1-1
+- Update to 0.19.0.1.
+
+* Sun Nov 17 2019 Simone Caronni <negativo17@gmail.com> - 0.19.0-1
+- Update to 0.19.0.
+
+* Thu Sep 12 2019 Simone Caronni <negativo17@gmail.com> - 0.18.1-1
+- Update to 0.18.1.
+
+* Tue May 07 2019 Simone Caronni <negativo17@gmail.com> - 0.18.0-2
+- Update systemd unit.
+
+* Mon May 06 2019 Simone Caronni <negativo17@gmail.com> - 0.18.0-1
+- Update to 0.18.0.
+- Force C.UTF-8 for tests on Fedora and disable EPEL 7 test run.
+
+* Thu Jan 24 2019 Simone Caronni <negativo17@gmail.com> - 0.17.1-1
+- Update to 0.17.1.

db-4.8.30.NC-format-security.patch

@@ -1,42 +0,0 @@
-diff -Naur db-4.8.30.NC.old/repmgr/repmgr_net.c db-4.8.30.NC/repmgr/repmgr_net.c
---- db-4.8.30.NC.old/repmgr/repmgr_net.c	2021-10-03 10:22:53.391893577 +0200
-+++ db-4.8.30.NC/repmgr/repmgr_net.c	2021-10-03 10:23:03.599070978 +0200
-@@ -1331,7 +1331,7 @@
- 	}
- 
- 	ret = net_errno;
--	__db_err(env, ret, why);
-+	__db_err(env, ret, "%s", why);
- clean:	if (s != INVALID_SOCKET)
- 		(void)closesocket(s);
- 	return (ret);
-diff -Naur db-4.8.30.NC.old/txn/txn.c db-4.8.30.NC/txn/txn.c
---- db-4.8.30.NC.old/txn/txn.c	2021-10-03 10:22:53.445894516 +0200
-+++ db-4.8.30.NC/txn/txn.c	2021-10-03 10:23:03.632071552 +0200
-@@ -113,7 +113,7 @@
- 		return (ret);
- 	if (parent != NULL && !F_ISSET(parent, TXN_SNAPSHOT) &&
- 	    LF_ISSET(DB_TXN_SNAPSHOT)) {
--		__db_errx(env,
-+		__db_errx(env, "%s",
- 		    "Child transaction snapshot setting must match parent");
- 		return (EINVAL);
- 	}
-@@ -168,7 +168,7 @@
- 
- 	*txnpp = NULL;
- 	if ((ret = __os_calloc(env, 1, sizeof(DB_TXN), &txn)) != 0) {
--		__db_errx(env, TxnAlloc);
-+		__db_errx(env, "%s", TxnAlloc);
- 		return (ret);
- 	}
- 
-@@ -315,7 +315,7 @@
- 	int ret;
- 
- 	if ((ret = __os_calloc(env, 1, sizeof(DB_TXN), &txn)) != 0) {
--		__db_errx(env, TxnAlloc);
-+		__db_errx(env, "%s", TxnAlloc);
- 		return (ret);
- 	}
- 

sources

@@ -1,4 +1,3 @@
-SHA512 (db-4.8.30.NC.tar.gz) = 8d313f1f896e0b0c05cc510c0313324743de3fb660a0bd948c957d5a2d50f1625d8a9a36ec4e6fea09daf1d682dbe1ffccd5c3ec5f066eef72f7525343d0194c
-SHA512 (bitcoin-23.0.tar.gz) = c76defcb54618ac46ab9cc92e6df40d9a3d0e387bf9c2f253c5b66052c2ad449c533a9bf823f54a1a1c2e63c3ef0aa04d3146d686f6859c1b6a0e5aa39d75904
-SHA512 (SHA256SUMS) = 7f26733e4f3fdade34f2ac4d824aee3bae26e7bad7338af34f399660dcdd5c468f9b8ce7068b047ddbc40dc036a201cfb528f71a572794b4178a686e9a37921a
-SHA512 (SHA256SUMS.asc) = 8f04fbc050ceed1d2c7510bd5c9e38fb6974280dbbae730e1d45e187586f5fec5ae1ccdd66085cf8c8b9af90740413a5079a15c25a3595d362fe90cb674458c0
+SHA512 (bitcoin-30.2.tar.gz) = 4fcdb70a016f9ad1b44539f19d61d4c9ce06d92f947be156f8d5de29026aa90a17cea8dcd0bd9bf2f7ad959a4b79d851de95a1c0d2ab87862e04c26cf89f493b
+SHA512 (SHA256SUMS) = 99df424cfe37197df15c3e12890ba0b3e9fa00d75f4466f36e220d5d9a361c472d140ce9e7e050181e2a41d39f1af6f0c8fe87e1db9bea7a2fc6000b228aed12
+SHA512 (SHA256SUMS.asc) = 1bb28324b7807eaf8bd828039954698cfdbb4ac79ae09a58f84f798ed9da1178ce57459fd7586e51ab514983531045b2a33a28361e4ba302c5527104d0474d53