diff --git a/.gitignore b/.gitignore index 596c6f7..883e903 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,10 @@ +/bitcoin-22.0.tar.gz /SHA256SUMS /SHA256SUMS.asc -/*.tar.gz +/db-4.8.30.NC.tar.gz +/bitcoin-23.0.tar.gz +/bitcoin-24.0.tar.gz +/bitcoin-24.0.1.tar.gz +/bitcoin-24.1.tar.gz +/bitcoin-25.0.tar.gz +/bitcoin-25.1.tar.gz diff --git a/README.md b/README.md index 3915d1c..ff8bb8a 100644 --- a/README.md +++ b/README.md @@ -4,30 +4,33 @@ The bitcoin-core package. ## Preparing a new update -Perform the following steps to prepare the update to a new version. The sample commands below are performed with version 30.0. +Perform the following steps to prepare the update to a new version. The sample commands below are performed with version 25.0. Generic package update steps: ``` -$ rm -f bitcoin-*.tar.gz SHA256SUMS* +$ rm -f bitcoin-core-*.tar.gz SHA256SUMS* -$ rpmdev-bumpspec -D -c "Update to 30.0." -n 30.0 bitcoin-core.spec +$ rpmdev-bumpspec -D -c "Update to 25.0." -n 25.0 bitcoin-core.spec $ spectool -g bitcoin-core.spec -Downloading: https://bitcoincore.org/bin/bitcoin-core-30.0/bitcoin-30.0.tar.gz +Downloading: https://bitcoincore.org/bin/bitcoin-core-25.0/bitcoin-25.0.tar.gz 100% of 10.9 MiB |#######################################################| Elapsed Time: 0:00:01 Time: 0:00:01 -Downloaded: bitcoin-30.0.tar.gz -Downloading: https://bitcoincore.org/bin/bitcoin-core-30.0/SHA256SUMS.asc +Downloaded: bitcoin-25.0.tar.gz +Downloading: https://bitcoincore.org/bin/bitcoin-core-25.0/SHA256SUMS.asc 100% of 10.3 KiB |#######################################################| Elapsed Time: 0:00:00 Time: 0:00:00 Downloaded: SHA256SUMS.asc -Downloading: https://bitcoincore.org/bin/bitcoin-core-30.0/SHA256SUMS +Downloading: https://bitcoincore.org/bin/bitcoin-core-25.0/SHA256SUMS 100% of 2.8 KiB |#######################################################| Elapsed Time: 0:00:00 Time: 0:00:00 Downloaded: SHA256SUMS +Downloading: https://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz +File '/home/slaanesh/workspace/fedora/bitcoin-core/db-4.8.30.NC.tar.gz' already present. ``` -When uploading sources, make sure everything is included even if it has not changed as otherwise will not be available in the Koji build root: +When uploading sources, make sure the DB tarball is included even if it has not changed as otherwise will not be available in the Koji build root: ``` -$ fedpkg new-sources bitcoin-30.0.tar.gz SHA256SUMS SHA256SUMS.asc -Uploading: bitcoin-30.0.tar.gz +$ fedpkg new-sources bitcoin-25.0.tar.gz SHA256SUMS SHA256SUMS.asc db-4.8.30.NC.tar.gz +File already uploaded: db-4.8.30.NC.tar.gz +Uploading: bitcoin-25.0.tar.gz ######################################################################## 100.0% Uploading: SHA256SUMS ######################################################################## 100.0% @@ -39,12 +42,12 @@ After this, based on the list of keys that have signed the release and that are ``` $ ./bitcoin-gpg.sh Prepare official script to verify releases to work offline... done. -Creating GPG keyring with public keys that have signed release 30.0... done. +Creating GPG keyring with public keys that have signed release 25.0... done. ``` After this, it's time to commit and build: ``` -$ git add bitcoin-offline-pubring.gpg -$ git commit -a -m "Update to 30.0" -$ git push +$ git add bitcoin-core-offline-pubring.gpg +$ git commit -a -m "Update to 25.0" + $ fedpkg build --nowait ``` diff --git a/README.server.redhat b/README.server.redhat index 310888f..7169b2e 100644 --- a/README.server.redhat +++ b/README.server.redhat @@ -49,8 +49,18 @@ group, then these commands should be sufficient: chown -R bitcoin.bitcoin /etc/bitcoin chmod -R u+rw,g+r,o= /etc/bitcoin -Legeacy wallets ---------------- +Berkeley DB +----------- + +On all platforms, including RHEL/CentOS/Fedora and the upstream build, bitcoin +uses Berkeley DB 4.8. +Oracle makes clear that binary compatibility is not guaranteed even between minor +releases of Berkeley DB. This has implications if you move your wallet to and +from a system with a different Berkeley DB version. + +It is strongly recommended that if you change Berkeley DB versions you first +dump your wallet from the old system into a text file, and then import the +wallet into the new system. To dump or import a wallet from a Bitcoin daemon, you will need to use the bitcoin-cli utility. diff --git a/bitcoin-core.spec b/bitcoin-core.spec index 3a3ca07..e4a4da3 100644 --- a/bitcoin-core.spec +++ b/bitcoin-core.spec @@ -5,16 +5,16 @@ %bcond_with extended_tests Name: bitcoin-core -Version: 30.2 -Release: %autorelease +Version: 25.1 +Release: 1%{?dist} Summary: Peer to Peer Cryptographic Currency License: MIT URL: https://bitcoincore.org/ # In .gitignore, so no chance to commit to SCM: -Source0: https://bitcoincore.org/bin/%{name}-%{version}/%{project_name}-%{version}.tar.gz -Source1: https://bitcoincore.org/bin/%{name}-%{version}/SHA256SUMS.asc -Source2: https://bitcoincore.org/bin/%{name}-%{version}/SHA256SUMS +Source0: https://bitcoincore.org/bin/bitcoin-core-%{version}/%{project_name}-%{version}.tar.gz +Source1: https://bitcoincore.org/bin/bitcoin-core-%{version}/SHA256SUMS.asc +Source2: https://bitcoincore.org/bin/bitcoin-core-%{version}/SHA256SUMS # Key verificaton process - Make official verify method work offline # - Keys listed to sign the release are listed in SHA256SUMS.asc. @@ -32,13 +32,17 @@ Source7: %{project_name}.service.system Source8: %{project_name}.service.user Source9: %{project_name}-qt.protocol Source10: %{project_name}-qt.desktop -Source11: %{project_name}.sysusers.conf # Documentation -Source12: %{project_name}.conf.example -Source13: README.gui.redhat -Source14: README.utils.redhat -Source15: README.server.redhat +Source11: %{project_name}.conf.example +Source12: README.gui.redhat +Source13: README.utils.redhat +Source14: README.server.redhat + +# Berkeley DB non-strong cryptography variant (NC) +Source15: https://download.oracle.com/berkeley-db/db-4.8.30.NC.tar.gz +Source16: db-4.8.30.NC-format-security.patch +Source17: db-4.8.30.NC-configure-c99.patch # AppStream metadata Source18: %{project_name}-qt.metainfo.xml @@ -46,57 +50,43 @@ Source18: %{project_name}-qt.metainfo.xml # Patch verify script to use local keyring Patch0: %{project_name}-verify-offline.patch -# Patch to set the shared object version to the main version -Patch1: %{project_name}-shared.patch - +BuildRequires: autoconf +BuildRequires: automake BuildRequires: boost-devel >= 1.64.0 -BuildRequires: capnproto -BuildRequires: capnproto-devel BuildRequires: checkpolicy BuildRequires: desktop-file-utils -BuildRequires: doxygen BuildRequires: gnupg2 BuildRequires: libappstream-glib -BuildRequires: cmake > 3.22 +BuildRequires: libnatpmp-devel +BuildRequires: libtool +BuildRequires: miniupnpc-devel BuildRequires: procps-ng +%if 0%{?rhel} == 8 +BuildRequires: python3.11 +%else BuildRequires: python3 +%endif BuildRequires: pkgconfig(libevent) >= 2.1.8 BuildRequires: pkgconfig(libevent_pthreads) >= 2.1.8 BuildRequires: pkgconfig(libqrencode) BuildRequires: pkgconfig(libzmq) >= 4 BuildRequires: pkgconfig(sqlite3) >= 3.7.17 -BuildRequires: qt6-qtbase-devel -BuildRequires: qt6-qttools-devel -BuildRequires: systemd-rpm-macros -BuildRequires: systemtap-sdt-devel - -Requires: %{name}-desktop = %{version}-%{release} -Requires: %{name}-server = %{version}-%{release} -Requires: %{name}-utils = %{version}-%{release} -Requires: lib%{project_name}kernel = %{version}-%{release} +BuildRequires: qt5-linguist +BuildRequires: qt5-qtbase-devel +BuildRequires: systemd %description Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to operate with no central authority or banks; managing transactions and the issuing of bitcoins is carried out collectively by the network. -This package installs the full Bitcoin Core distribution, with utilities, server -and desktop (graphical wallet) components. - -%package -n lib%{project_name}kernel -Summary: Consensus engine and support library - -%description -n lib%{project_name}kernel -Bitcoin Core consensus engine. A stateful library that can spawn threads, do -caching, do I/O, and many other things which one may not normally expect from a -library. - %package desktop Summary: Peer to Peer Cryptographic Currency -Provides: bundled(leveldb) -Provides: bundled(libmultiprocess) -Provides: bundled(secp256k1) -Provides: bundled(univalue) +Conflicts: bitcoin +Provides: bundled(leveldb) = 1.22.0 +Provides: bundled(libdb) = 4.8.30.NC +Provides: bundled(secp256k1) = 0.1 +Provides: bundled(univalue) = 1.1.3 %description desktop Bitcoin is a digital cryptographic currency that uses peer-to-peer technology to @@ -106,17 +96,32 @@ issuing of bitcoins is carried out collectively by the network. This package contains the Qt based graphical client and node. If you are looking to run a Bitcoin wallet, this is probably the package you want. +%package libs +Summary: Peer-to-peer digital currency +Conflicts: bitcoin-libs + +%description libs +This package provides the bitcoinconsensus shared libraries. These libraries +may be used by third party software to provide consensus verification +functionality. + +Unless you know you need this package, you probably do not. + %package devel Summary: Peer-to-peer digital currency -Requires: lib%{project_name}kernel = %{version}-%{release} +Conflicts: bitcoin-devel +Requires: %{name}-libs%{?_isa} = %{version}-%{release} %description devel -This package contains the bitcoin utility tool. +This package contains the header files and static library for the +bitcoinconsensus shared library. If you are developing or compiling software +that wants to link against that library, then you need this package installed. Most people do not need this package installed. %package utils Summary: Peer-to-peer digital currency +Conflicts: bitcoin-utils %description utils Bitcoin is an experimental new digital currency that enables instant payments to @@ -129,21 +134,23 @@ control a Bitcoin server via its RPC protocol, and bitcoin-tx, a utility to create custom Bitcoin transactions. %package server -Summary: Peer-to-peer digital currency -Requires: (%{name}-selinux >= 0.1 if selinux-policy) -Provides: bundled(leveldb) -Provides: bundled(libmultiprocess) -Provides: bundled(secp256k1) -Provides: bundled(univalue) +Summary: Peer-to-peer digital currency +Conflicts: bitcoin-server +Requires(pre): shadow-utils +Requires: (%{name}-selinux if selinux-policy) +Provides: bundled(leveldb) = 1.22.0 +Provides: bundled(libdb) = 4.8.30.NC +Provides: bundled(secp256k1) = 0.1 +Provides: bundled(univalue) = 1.1.3 %description server -This package provides a stand-alone %{name} daemon. For most users, this +This package provides a stand-alone bitcoin-core daemon. For most users, this package is only needed if they need a full-node without the graphical client. Some third party wallet software will want this package to provide the actual -%{name} node they use to connect to the network. +bitcoin-core node they use to connect to the network. -If you use the graphical %{name} client then you almost certainly do not +If you use the graphical bitcoin-core client then you almost certainly do not need this package. %prep @@ -156,37 +163,66 @@ contrib/verify-binaries/verify.py --min-good-sigs 3 bin %{SOURCE2} %{SOURCE0} # Check the hash of the tarball, not in the same folder where we are now: grep -q $(sha256sum %{SOURCE0}) %{SOURCE2} +# No publicly available hash file, check it against what bitcoin-core expects: +export BDB_HASH=$(grep sha256_hash depends/packages/bdb.mk | sed -e "s/.*=//g") +echo $BDB_HASH %{SOURCE15} | sha256sum -c + +# Berkeley DB: +mkdir db4 +tar --strip-components=1 -xzf %{SOURCE15} -C db4 +patch -d db4 -p1 -i ../depends/patches/bdb/clang_cxx_11.patch +patch -d db4 -p1 -i %{SOURCE16} +patch -d db4 -p1 -i %{SOURCE17} +# Avoid any modification timestamp based regeneration of the configure +# script due to patching above: +touch -r db4/dist/configure db4/dist/configure.ac db4/dist/aclocal/*.m4 + # Documentation (sources can not be directly reference with doc) -cp -p %{SOURCE12} %{SOURCE13} %{SOURCE14} %{SOURCE15} . +cp -p %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} . %build +# Build static Berkeley DB reusing all compiler flags / hardening: +pushd db4/build_unix -# Bitcoin kernel library used only as part of the testing for now: -%cmake \ - -DBUILD_CLI=ON \ - -DBUILD_DAEMON=ON \ - -DBUILD_GUI=ON \ - -DBUILD_KERNEL_LIB=ON \ - -DBUILD_TESTS=ON \ - -DBUILD_TX=ON \ - -DBUILD_UTIL=ON \ - -DBUILD_UTIL_CHAINSTATE=ON \ - -DENABLE_IPC=ON \ - -DENABLE_WALLET=ON \ - -DINSTALL_MAN=ON \ - -DWITH_DBUS=ON \ - -DWITH_QRENCODE=ON \ - -DWITH_SQLITE=ON \ - -DWITH_USDT=ON \ - -DWITH_ZMQ=ON +%define _configure ../dist/configure +%configure \ + --disable-shared \ + --enable-cxx \ + --disable-replication +%undefine _configure -%cmake_build +%make_build +make install DESTDIR=%{_builddir}/%{buildsubdir}/db4 +popd + +export BDB_CFLAGS="-I%{_builddir}/%{buildsubdir}/db4%{_includedir}/" +export BDB_LIBS="-L%{_builddir}/%{buildsubdir}/db4%{_libdir}/ -ldb_cxx-4.8" +autoreconf -vif +%configure \ + --disable-bench \ + --disable-silent-rules \ + --disable-static \ + --enable-reduce-exports \ + --enable-threadlocal \ + --with-miniupnpc \ + --with-qrencode \ + --with-utils \ + --with-libs \ + --with-daemon \ + --with-gui=qt5 + +%make_build %install -%cmake_install +%make_install find %{buildroot} -name "*.la" -delete +# TODO: Upstream puts bitcoind in the wrong directory. Need to fix the +# upstream Makefiles to install it in the correct place. +mkdir -p -m 755 %{buildroot}%{_sbindir} +mv %{buildroot}%{_bindir}/bitcoind %{buildroot}%{_sbindir}/bitcoind + # Temporary files mkdir -p %{buildroot}%{_tmpfilesdir} install -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/%{project_name}.conf @@ -210,9 +246,9 @@ done rm -f %{buildroot}%{_datadir}/pixmaps/%{project_name}* # Bash completion -install -D -m644 -p contrib/completions/bash/%{project_name}-cli.bash %{buildroot}%{_compldir}/%{project_name}-cli -install -D -m644 -p contrib/completions/bash/%{project_name}-tx.bash %{buildroot}%{_compldir}/%{project_name}-tx -install -D -m644 -p contrib/completions/bash/%{project_name}d.bash %{buildroot}%{_compldir}/%{project_name}d +install -D -m644 -p contrib/completions/bash/%{project_name}-cli.bash-completion %{buildroot}%{_compldir}/%{project_name}-cli +install -D -m644 -p contrib/completions/bash/%{project_name}-tx.bash-completion %{buildroot}%{_compldir}/%{project_name}-tx +install -D -m644 -p contrib/completions/bash/%{project_name}d.bash-completion %{buildroot}%{_compldir}/%{project_name}d # Server log directory mkdir -p %{buildroot}%{_localstatedir}/log/%{project_name}/ @@ -223,16 +259,21 @@ install -p -m 644 -D %{SOURCE18} %{buildroot}%{_metainfodir}/%{project_name}-qt. # Remove test files so that they aren't shipped. Tests have already been run. rm -f %{buildroot}%{_bindir}/test_* -install -m0644 -D %{SOURCE11} %{buildroot}%{_sysusersdir}/%{name}.conf - %check desktop-file-validate %{buildroot}%{_datadir}/applications/%{project_name}-qt.desktop appstream-util validate-relax --nonet %{buildroot}%{_metainfodir}/%{project_name}-qt.metainfo.xml -%ctest +make check %if %{with extended_tests} test/functional/test_runner.py --tmpdirprefix `pwd` --extended %endif +%pre server +getent group %{project_name} >/dev/null || groupadd -r %{project_name} +getent passwd %{project_name} >/dev/null || + useradd -r -g %{project_name} -d /var/lib/%{project_name} -s /sbin/nologin \ + -c "Bitcoin wallet server" %{project_name} +exit 0 + %post server %systemd_post %{project_name}.service @@ -242,19 +283,6 @@ test/functional/test_runner.py --tmpdirprefix `pwd` --extended %postun server %systemd_postun_with_restart %{project_name}.service -%files -%{_bindir}/%{project_name} -%{_libexecdir}/bitcoin-chainstate -%{_libexecdir}/bitcoin-gui -%{_libexecdir}/bitcoin-node -%{_libexecdir}/test_bitcoin -%{_libexecdir}/test_bitcoin-qt -%{_mandir}/man1/bitcoin.1* - -%files -n libbitcoinkernel -%{_libdir}/lib%{project_name}kernel.so.%(echo %{version} | cut -d. -f 1) -%{_libdir}/lib%{project_name}kernel.so.%{version} - %files desktop %license COPYING %doc %{project_name}.conf.example README.gui.redhat README.md SECURITY.md @@ -266,11 +294,18 @@ test/functional/test_runner.py --tmpdirprefix `pwd` --extended %{_mandir}/man1/%{project_name}-qt.1* %{_metainfodir}/%{project_name}-qt.metainfo.xml +%files libs +%license COPYING +%doc doc/README.md SECURITY.md +%{_libdir}/libbitcoinconsensus.so.0 +%{_libdir}/libbitcoinconsensus.so.0.0.0 + %files devel -%doc doc/developer-notes.md +%doc doc/developer-notes.md doc/shared-libraries.md %{_bindir}/%{project_name}-util -%{_libdir}/pkgconfig/lib%{project_name}kernel.pc -%{_libdir}/lib%{project_name}kernel.so +%{_includedir}/bitcoinconsensus.h +%{_libdir}/libbitcoinconsensus.so +%{_libdir}/pkgconfig/libbitcoinconsensus.pc %{_mandir}/man1/%{project_name}-util.1* %files utils @@ -299,11 +334,174 @@ test/functional/test_runner.py --tmpdirprefix `pwd` --extended %config(noreplace) %attr(644,root,root) %{_sysconfdir}/sysconfig/%{project_name} %{_compldir}/%{project_name}d %{_mandir}/man1/%{project_name}d.1* -%{_bindir}/%{project_name}d +%{_sbindir}/%{project_name}d %{_tmpfilesdir}/%{project_name}.conf %{_unitdir}/%{project_name}.service %{_userunitdir}/%{project_name}.service -%{_sysusersdir}/%{name}.conf %changelog -%autochangelog +* Fri Oct 20 2023 Simone Caronni - 25.1-1 +- Update to 25.1. + +* Fri Aug 11 2023 Simone Caronni - 25.0-2 +- Adjust verify script invocation. +- Fix build on el8. +- Drop unused build requirement. + +* Tue May 30 2023 Simone Caronni - 25.0-1 +- Update to 25.0. +- Update verification of signatures to use the new bundled script. + +* Mon May 22 2023 Simone Caronni - 24.1-1 +- Update to 24.1. + +* Fri Mar 17 2023 Arjun Shankar - 24.0.1-3 +- Port bundled Berkeley DB 4.8 configure script to C99 (#2179373) + +* Fri Mar 17 2023 Arjun Shankar +- Fix build failure due to GCC 13 compile error (#2171449) + +* Wed Jan 18 2023 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Mon Dec 12 2022 Simone Caronni - 24.0.1-1 +- Update to 24.0.1 + +* Mon Nov 21 2022 Simone Caronni - 24.0-1 +- Update to 24.0. + +* Wed Jul 20 2022 Fedora Release Engineering +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue Apr 26 2022 Simone Caronni - 23.0-1 +- Update to 23.0. + +* Thu Apr 07 2022 Simone Caronni - 22.0-7 +- Add AppStream metadata. + +* Tue Apr 05 2022 Simone Caronni - 22.0-6 +- Hide extended tests behind a flag. +- Allow to run the full set of extended tests including network when requested, + they run fine in mock with network enabled. + +* Sun Jan 23 2022 Simone Caronni - 22.0-5 +- Update GPG verification script (thanks Björn Persson). + +* Sun Oct 03 2021 Simone Caronni - 22.0-4 +- Switch to bundled statically linked Berkeley DB 4.8.30 (NC). + +* Sat Sep 25 2021 Simone Caronni - 22.0-3 +- Remove obsolete scriptlets. +- With RHEL/CentOS 7 no longer a target, improve systemd unit security. +- Add systemd user unit to start bitcoind in your user session. +- Move bitcoin-wallet to utils subpackage for offline wallet manipulation. +- Update README files. + +* Sat Sep 25 2021 Simone Caronni - 22.0-2 +- Prepare all keys with a script and verify all keys against the signature file. + Add reasoning on the process in the SPEC file. + +* Wed Sep 22 2021 Simone Caronni - 22.0-1 +- Update to 22.0, versioning convention change. +- Implement signature verification with a public GPG keyring and at least one + valid signature. +- Also the relative selinux package has been renamed to bitcoin-core-selinux. +- Add bitcoin-util to devel subpackage. +- Update docs. +- Add SQLite as dependency for descriptor wallets. +- Drop RHEL/CentOS 7 support. + +* Tue Sep 21 2021 Simone Caronni - 0.21.1-2 +- Rename package to bitcoin-core. +- Conflicts with bitcoin. +- Desktop subpackage renamed from "core" to "desktop". + +* Wed May 12 2021 Simone Caronni - 0.21.1-1 +- Update to 0.21.1. + +* Wed Mar 10 2021 Simone Caronni - 0.21.0-4 +- Fix build on RHEL/CentOS 8. +- Adjust SELinux requirement for server subpackage. + +* Wed Mar 10 2021 Simone Caronni - 0.21.0-3 +- Remove requirements for utils subpackage in server subpackage. +- Separate SELinux package in its own subpackage and use RPM rich booleans on + Fedora and RHEL/CentOS 8+ to install the SELinux package if the base policy is + installed. +- Update server README. + +* Wed Jan 20 2021 Simone Caronni - 0.21.0-2 +- Update to 0.21.0. +- Remove java build requirement. +- Use local folder for test output. + +* Fri Jan 15 2021 Simone Caronni - 0.21.0-1 +- Update to 0.21.0. + +* Thu Nov 19 2020 Simone Caronni - 0.20.1-2 +- Remove openssl/protobuf from build requirements. + +* Wed Oct 21 2020 Simone Caronni - 0.20.1-1 +- Update to 0.20.1. + +* Wed Jul 22 2020 Simone Caronni - 0.20.0-7 +- Use libdb 5.x instead of deprecated 4.x. Fixes build on RHEL/CentOS 8. + +* Tue Jul 21 2020 Simone Caronni - 0.20.0-6 +- Update systemd unit. +- Update configuration options. +- Declared bundled libraries/forks. + +* Tue Jul 21 2020 Simone Caronni - 0.20.0-5 +- Use HTTPS for url tag. +- Reorganize sources. Add cleaned files from the packaging repository directly; + bash completion snippets are now supported in the main sources. +- Move check section after install and include desktop file validating in there. + +* Sun Jul 19 2020 Simone Caronni - 0.20.0-4 +- Fix tests on RHEL/CentOS 7. + +* Sat Jul 18 2020 Simone Caronni - 0.20.0-3 +- Add signature verification. +- Trim changelog. +- Fix typo in the libs description. + +* Tue Jun 30 2020 Simone Caronni - 0.20.0-2 +- Update Source0 URL. +- Do not obsolete "bitcoin", just leave the provider for it. +- Let the build install the man pages. +- Make sure old post scriptlets run only on RHEL/CentOS 7. +- Do not install static library and archive. +- Be explicit with shared object versions. +- Use macros for more directories. +- Use GCC 9 and not 7 to build on RHEL/CentOS 7. + +* Fri Jun 26 2020 Simone Caronni - 0.20.0-1 +- Update to 0.20.0. + +* Mon May 04 2020 Simone Caronni - 0.19.1-1 +- Update to 0.19.1. +- Fix deprecation message with Python tests. +- Trim changelog. + +* Fri Feb 21 2020 Simone Caronni - 0.19.0.1-2 +- Fix dependencies with Python SELinux interfaces. + +* Tue Nov 19 2019 Simone Caronni - 0.19.0.1-1 +- Update to 0.19.0.1. + +* Sun Nov 17 2019 Simone Caronni - 0.19.0-1 +- Update to 0.19.0. + +* Thu Sep 12 2019 Simone Caronni - 0.18.1-1 +- Update to 0.18.1. + +* Tue May 07 2019 Simone Caronni - 0.18.0-2 +- Update systemd unit. + +* Mon May 06 2019 Simone Caronni - 0.18.0-1 +- Update to 0.18.0. +- Force C.UTF-8 for tests on Fedora and disable EPEL 7 test run. + +* Thu Jan 24 2019 Simone Caronni - 0.17.1-1 +- Update to 0.17.1. diff --git a/bitcoin-offline-pubring.gpg b/bitcoin-offline-pubring.gpg index c104426..86370d2 100644 Binary files a/bitcoin-offline-pubring.gpg and b/bitcoin-offline-pubring.gpg differ diff --git a/bitcoin-shared.patch b/bitcoin-shared.patch deleted file mode 100644 index 2d76da2..0000000 --- a/bitcoin-shared.patch +++ /dev/null @@ -1,9 +0,0 @@ -diff -Naur bitcoin-30.0.old/src/kernel/CMakeLists.txt bitcoin-30.0/src/kernel/CMakeLists.txt ---- bitcoin-30.0.old/src/kernel/CMakeLists.txt 2025-10-16 18:35:05.538795833 +0200 -+++ bitcoin-30.0/src/kernel/CMakeLists.txt 2025-10-16 18:37:54.715894722 +0200 -@@ -124,3 +124,5 @@ - DESTINATION ${CMAKE_INSTALL_LIBDIR} - COMPONENT libbitcoinkernel - ) -+ -+set_target_properties(bitcoinkernel PROPERTIES VERSION ${CLIENT_VERSION_MAJOR}.${CLIENT_VERSION_MINOR} SOVERSION ${CLIENT_VERSION_MAJOR}) diff --git a/bitcoin-verify-offline.patch b/bitcoin-verify-offline.patch index f0ccaf2..c4ad7d2 100644 --- a/bitcoin-verify-offline.patch +++ b/bitcoin-verify-offline.patch @@ -1,8 +1,8 @@ -diff -Naur bitcoin-28.0.old/contrib/verify-binaries/verify.py bitcoin-28.0/contrib/verify-binaries/verify.py ---- bitcoin-28.0.old/contrib/verify-binaries/verify.py 2024-10-08 14:52:30.556849257 +0200 -+++ bitcoin-28.0/contrib/verify-binaries/verify.py 2024-10-08 14:52:39.167915828 +0200 -@@ -135,7 +135,7 @@ - ) -> tuple[int, str]: +diff -Naur bitcoin-25.0.old/contrib/verify-binaries/verify.py bitcoin-25.0/contrib/verify-binaries/verify.py +--- bitcoin-25.0.old/contrib/verify-binaries/verify.py 2023-05-30 13:49:06.671705602 +0200 ++++ bitcoin-25.0/contrib/verify-binaries/verify.py 2023-05-30 13:51:21.900790203 +0200 +@@ -141,7 +141,7 @@ + ) -> t.Tuple[int, str]: with tempfile.NamedTemporaryFile() as status_file: args = [ - 'gpg', '--yes', '--verify', '--verify-options', 'show-primary-uid-only', "--status-file", status_file.name, @@ -10,7 +10,7 @@ diff -Naur bitcoin-28.0.old/contrib/verify-binaries/verify.py bitcoin-28.0/contr '--output', output_filename if output_filename else '', signature_filename, filename] env = dict(os.environ, LANGUAGE='en') -@@ -338,7 +338,7 @@ +@@ -344,7 +344,7 @@ for unsig in unknown: if prompt_yn(f" ? Retrieve key {unsig.key} ({unsig.name})? (y/N) "): ran = subprocess.run( diff --git a/bitcoin.service.system b/bitcoin.service.system index 44d109c..003ff32 100644 --- a/bitcoin.service.system +++ b/bitcoin.service.system @@ -4,7 +4,7 @@ Documentation=man:bitcoind(1) After=syslog.target network.target [Service] -ExecStart=/usr/bin/bitcoind -conf=${CONFIG_FILE} -datadir=${DATA_DIR} -pid=${PID_FILE} -debuglogfile=${DEBUG_FILE} $OPTIONS +ExecStart=/usr/sbin/bitcoind -conf=${CONFIG_FILE} -datadir=${DATA_DIR} -pid=${PID_FILE} -debuglogfile=${DEBUG_FILE} $OPTIONS EnvironmentFile=/etc/sysconfig/bitcoin User=bitcoin Group=bitcoin diff --git a/bitcoin.service.user b/bitcoin.service.user index 2abc9fa..4db9378 100644 --- a/bitcoin.service.user +++ b/bitcoin.service.user @@ -3,7 +3,7 @@ Description=Bitcoin daemon Documentation=man:bitcoind(1) [Service] -ExecStart=/usr/bin/bitcoind +ExecStart=/usr/sbin/bitcoind Restart=on-failure TimeoutStopSec=120 diff --git a/bitcoin.sysusers.conf b/bitcoin.sysusers.conf deleted file mode 100644 index 0bd4342..0000000 --- a/bitcoin.sysusers.conf +++ /dev/null @@ -1 +0,0 @@ -u bitcoin - 'Bitcoin wallet server' /var/lib/bitcoin-core - diff --git a/changelog b/changelog deleted file mode 100644 index 62b1a76..0000000 --- a/changelog +++ /dev/null @@ -1,223 +0,0 @@ -* Sun Apr 13 2025 Simone Caronni - 29.0-1 -- Update to 29.0. - -* Tue Feb 11 2025 Zbigniew Jędrzejewski-Szmek - 28.1-6 -- Add sysusers.d config file to allow rpm to create users/groups automatically - -* Fri Feb 07 2025 Simone Caronni - 28.1-5 -- Rebuild for updated dependencies. - -* Tue Jan 28 2025 Simone Caronni - 28.1-4 -- Rebuild for updated dependencies. - -* Tue Jan 28 2025 Simone Caronni - 28.1-3 -- Update for https://fedoraproject.org/wiki/Changes/Unify_bin_and_sbin. - -* Thu Jan 16 2025 Fedora Release Engineering - 28.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild - -* Sat Jan 11 2025 Simone Caronni - 28.1-1 -- Update to 28.1. - -* Sat Jan 11 2025 Simone Caronni - 28.0-4 -- Enable Statically Defined Tracing (USDT). - -* Wed Oct 16 2024 Simone Caronni - 28.0-3 -- Remove leftover of bitcoin-libs being erroneusly required by the devel - subpackage. - -* Tue Oct 08 2024 Simone Caronni - 28.0-2 -- Rebuild for updated miniupnpc 2.2.8. - -* Tue Oct 08 2024 Simone Caronni - 28.0-1 -- Update to 28.0. - -* Wed Jul 17 2024 Fedora Release Engineering - 27.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild - -* Sun Jun 23 2024 Simone Caronni - 27.1-1 -- Update to 27.1. - -* Wed May 22 2024 Simone Caronni - 27.0-1 -- Update to 27.0. - -* Wed Apr 24 2024 Simone Caronni - 26.1-1 -- Update to 26.1. - -* Tue Jan 23 2024 Fedora Release Engineering - 26.0-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Fri Jan 19 2024 Fedora Release Engineering - 26.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Wed Dec 13 2023 Simone Caronni - 26.0-1 -- Update to 26.0. - -* Fri Oct 20 2023 Simone Caronni - 25.1-1 -- Update to 25.1. - -* Fri Aug 11 2023 Simone Caronni - 25.0-3 -- Adjust verify script invocation. -- Fix build on el8. -- Drop unused build requirement. - -* Wed Jul 19 2023 Fedora Release Engineering - 25.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Tue May 30 2023 Simone Caronni - 25.0-1 -- Update to 25.0. -- Update verification of signatures to use the new bundled script. - -* Mon May 22 2023 Simone Caronni - 24.1-1 -- Update to 24.1. - -* Fri Mar 17 2023 Arjun Shankar - 24.0.1-3 -- Port bundled Berkeley DB 4.8 configure script to C99 (#2179373) - -* Fri Mar 17 2023 Arjun Shankar -- Fix build failure due to GCC 13 compile error (#2171449) - -* Wed Jan 18 2023 Fedora Release Engineering -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Mon Dec 12 2022 Simone Caronni - 24.0.1-1 -- Update to 24.0.1 - -* Mon Nov 21 2022 Simone Caronni - 24.0-1 -- Update to 24.0. - -* Wed Jul 20 2022 Fedora Release Engineering -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Tue Apr 26 2022 Simone Caronni - 23.0-1 -- Update to 23.0. - -* Thu Apr 07 2022 Simone Caronni - 22.0-7 -- Add AppStream metadata. - -* Tue Apr 05 2022 Simone Caronni - 22.0-6 -- Hide extended tests behind a flag. -- Allow to run the full set of extended tests including network when requested, - they run fine in mock with network enabled. - -* Sun Jan 23 2022 Simone Caronni - 22.0-5 -- Update GPG verification script (thanks Björn Persson). - -* Sun Oct 03 2021 Simone Caronni - 22.0-4 -- Switch to bundled statically linked Berkeley DB 4.8.30 (NC). - -* Sat Sep 25 2021 Simone Caronni - 22.0-3 -- Remove obsolete scriptlets. -- With RHEL/CentOS 7 no longer a target, improve systemd unit security. -- Add systemd user unit to start bitcoind in your user session. -- Move bitcoin-wallet to utils subpackage for offline wallet manipulation. -- Update README files. - -* Sat Sep 25 2021 Simone Caronni - 22.0-2 -- Prepare all keys with a script and verify all keys against the signature file. - Add reasoning on the process in the SPEC file. - -* Wed Sep 22 2021 Simone Caronni - 22.0-1 -- Update to 22.0, versioning convention change. -- Implement signature verification with a public GPG keyring and at least one - valid signature. -- Also the relative selinux package has been renamed to bitcoin-core-selinux. -- Add bitcoin-util to devel subpackage. -- Update docs. -- Add SQLite as dependency for descriptor wallets. -- Drop RHEL/CentOS 7 support. - -* Tue Sep 21 2021 Simone Caronni - 0.21.1-2 -- Rename package to bitcoin-core. -- Conflicts with bitcoin. -- Desktop subpackage renamed from "core" to "desktop". - -* Wed May 12 2021 Simone Caronni - 0.21.1-1 -- Update to 0.21.1. - -* Wed Mar 10 2021 Simone Caronni - 0.21.0-4 -- Fix build on RHEL/CentOS 8. -- Adjust SELinux requirement for server subpackage. - -* Wed Mar 10 2021 Simone Caronni - 0.21.0-3 -- Remove requirements for utils subpackage in server subpackage. -- Separate SELinux package in its own subpackage and use RPM rich booleans on - Fedora and RHEL/CentOS 8+ to install the SELinux package if the base policy is - installed. -- Update server README. - -* Wed Jan 20 2021 Simone Caronni - 0.21.0-2 -- Update to 0.21.0. -- Remove java build requirement. -- Use local folder for test output. - -* Fri Jan 15 2021 Simone Caronni - 0.21.0-1 -- Update to 0.21.0. - -* Thu Nov 19 2020 Simone Caronni - 0.20.1-2 -- Remove openssl/protobuf from build requirements. - -* Wed Oct 21 2020 Simone Caronni - 0.20.1-1 -- Update to 0.20.1. - -* Wed Jul 22 2020 Simone Caronni - 0.20.0-7 -- Use libdb 5.x instead of deprecated 4.x. Fixes build on RHEL/CentOS 8. - -* Tue Jul 21 2020 Simone Caronni - 0.20.0-6 -- Update systemd unit. -- Update configuration options. -- Declared bundled libraries/forks. - -* Tue Jul 21 2020 Simone Caronni - 0.20.0-5 -- Use HTTPS for url tag. -- Reorganize sources. Add cleaned files from the packaging repository directly; - bash completion snippets are now supported in the main sources. -- Move check section after install and include desktop file validating in there. - -* Sun Jul 19 2020 Simone Caronni - 0.20.0-4 -- Fix tests on RHEL/CentOS 7. - -* Sat Jul 18 2020 Simone Caronni - 0.20.0-3 -- Add signature verification. -- Trim changelog. -- Fix typo in the libs description. - -* Tue Jun 30 2020 Simone Caronni - 0.20.0-2 -- Update Source0 URL. -- Do not obsolete "bitcoin", just leave the provider for it. -- Let the build install the man pages. -- Make sure old post scriptlets run only on RHEL/CentOS 7. -- Do not install static library and archive. -- Be explicit with shared object versions. -- Use macros for more directories. -- Use GCC 9 and not 7 to build on RHEL/CentOS 7. - -* Fri Jun 26 2020 Simone Caronni - 0.20.0-1 -- Update to 0.20.0. - -* Mon May 04 2020 Simone Caronni - 0.19.1-1 -- Update to 0.19.1. -- Fix deprecation message with Python tests. -- Trim changelog. - -* Fri Feb 21 2020 Simone Caronni - 0.19.0.1-2 -- Fix dependencies with Python SELinux interfaces. - -* Tue Nov 19 2019 Simone Caronni - 0.19.0.1-1 -- Update to 0.19.0.1. - -* Sun Nov 17 2019 Simone Caronni - 0.19.0-1 -- Update to 0.19.0. - -* Thu Sep 12 2019 Simone Caronni - 0.18.1-1 -- Update to 0.18.1. - -* Tue May 07 2019 Simone Caronni - 0.18.0-2 -- Update systemd unit. - -* Mon May 06 2019 Simone Caronni - 0.18.0-1 -- Update to 0.18.0. -- Force C.UTF-8 for tests on Fedora and disable EPEL 7 test run. - -* Thu Jan 24 2019 Simone Caronni - 0.17.1-1 -- Update to 0.17.1. diff --git a/db-4.8.30.NC-configure-c99.patch b/db-4.8.30.NC-configure-c99.patch new file mode 100644 index 0000000..1e2ece2 --- /dev/null +++ b/db-4.8.30.NC-configure-c99.patch @@ -0,0 +1,584 @@ +Berkeley DB 4.8 is currently unmaintained. This is a downstream-only patch: +https://bugzilla.redhat.com/show_bug.cgi?id=2179373 + +diff -Naur db-4.8.30.NC.old/dist/aclocal/clock.m4 db-4.8.30.NC/dist/aclocal/clock.m4 +--- db-4.8.30.NC.old/dist/aclocal/clock.m4 2023-03-16 17:29:41.590391954 +0100 ++++ db-4.8.30.NC/dist/aclocal/clock.m4 2023-03-16 20:25:53.746678514 +0100 +@@ -21,6 +21,8 @@ + AC_CACHE_CHECK([for clock_gettime monotonic clock], db_cv_clock_monotonic, [ + AC_TRY_RUN([ + #include ++#include ++int + main() { + struct timespec t; + return (clock_gettime(CLOCK_MONOTONIC, &t) != 0); +diff -Naur db-4.8.30.NC.old/dist/aclocal/mutex.m4 db-4.8.30.NC/dist/aclocal/mutex.m4 +--- db-4.8.30.NC.old/dist/aclocal/mutex.m4 2023-03-16 17:29:41.591391960 +0100 ++++ db-4.8.30.NC/dist/aclocal/mutex.m4 2023-03-16 20:46:57.039502577 +0100 +@@ -4,6 +4,8 @@ + AC_DEFUN(AM_PTHREADS_SHARED, [ + AC_TRY_RUN([ + #include ++#include ++int + main() { + pthread_cond_t cond; + pthread_mutex_t mutex; +@@ -24,7 +26,8 @@ + pthread_mutexattr_destroy(&mutexattr)); + }], [db_cv_mutex="$1"],, + AC_TRY_LINK([ +-#include ],[ ++#include ++#include ],[ + pthread_cond_t cond; + pthread_mutex_t mutex; + pthread_condattr_t condattr; +@@ -46,6 +49,8 @@ + AC_DEFUN(AM_PTHREADS_PRIVATE, [ + AC_TRY_RUN([ + #include ++#include ++int + main() { + pthread_cond_t cond; + pthread_mutex_t mutex; +@@ -64,7 +69,8 @@ + pthread_mutexattr_destroy(&mutexattr)); + }], [db_cv_mutex="$1"],, + AC_TRY_LINK([ +-#include ],[ ++#include ++#include ],[ + pthread_cond_t cond; + pthread_mutex_t mutex; + pthread_condattr_t condattr; +@@ -158,7 +164,8 @@ + # LWP threads: _lwp_XXX + if test "$db_cv_mutex" = no; then + AC_TRY_LINK([ +- #include ],[ ++ #include ++ #include ],[ + static lwp_mutex_t mi = SHAREDMUTEX; + static lwp_cond_t ci = SHAREDCV; + lwp_mutex_t mutex = mi; +@@ -174,7 +181,8 @@ + LIBS="$LIBS -lthread" + AC_TRY_LINK([ + #include +- #include ],[ ++ #include ++ #include ],[ + mutex_t mutex; + cond_t cond; + int type = USYNC_PROCESS; +@@ -189,7 +197,8 @@ + if test "$db_cv_mutex" = no -o "$db_cv_mutex" = ui_only; then + AC_TRY_LINK([ + #include +- #include ],[ ++ #include ++ #include ],[ + mutex_t mutex; + cond_t cond; + int type = USYNC_PROCESS; +@@ -211,7 +220,8 @@ + # anyway. + # + # x86/gcc: FreeBSD, NetBSD, BSD/OS, Linux +- AC_TRY_COMPILE(,[ ++ AC_TRY_COMPILE([ ++ #include ],[ + #if (defined(i386) || defined(__i386__)) && defined(__GNUC__) + exit(0); + #else +@@ -220,7 +230,8 @@ + ], [db_cv_mutex="$db_cv_mutex/x86/gcc-assembly"]) + + # x86_64/gcc: FreeBSD, NetBSD, BSD/OS, Linux +- AC_TRY_COMPILE(,[ ++ AC_TRY_COMPILE([ ++ #include ],[ + #if (defined(x86_64) || defined(__x86_64__)) && defined(__GNUC__) + exit(0); + #else +@@ -242,7 +253,8 @@ + ], [db_cv_mutex="$db_cv_mutex/Solaris/_lock_try/membar"]) + + # Sparc/gcc: SunOS, Solaris, ultrasparc assembler support +- AC_TRY_COMPILE(,[ ++ AC_TRY_COMPILE([ ++ #include ],[ + #if defined(__sparc__) && defined(__GNUC__) + asm volatile ("membar #StoreStore|#StoreLoad|#LoadStore"); + exit(0); +@@ -280,7 +292,8 @@ + # Try HPPA before general msem test, it needs special alignment. + if test "$db_cv_mutex" = no; then + AC_TRY_LINK([ +-#include ],[ ++#include ++#include ],[ + #if defined(__hppa) + typedef msemaphore tsl_t; + msemaphore x; +@@ -298,7 +311,8 @@ + if test "$db_cv_mutex" = no; then + AC_TRY_LINK([ + #include +-#include ],[ ++#include ++#include ],[ + typedef msemaphore tsl_t; + msemaphore x; + msem_init(&x, 0); +@@ -324,7 +338,8 @@ + + # SCO: UnixWare has threads in libthread, but OpenServer doesn't. + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(__USLC__) + exit(0); + #else +@@ -381,7 +396,8 @@ + + # Tru64/cc + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(__alpha) && defined(__DECC) + exit(0); + #else +@@ -392,7 +408,8 @@ + + # Alpha/gcc + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(__alpha) && defined(__GNUC__) + exit(0); + #else +@@ -403,7 +420,8 @@ + + # ARM/gcc: Linux + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(__arm__) && defined(__GNUC__) + exit(0); + #else +@@ -414,7 +432,8 @@ + + # MIPS/gcc: Linux + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if (defined(__mips) || defined(__mips__)) && defined(__GNUC__) + exit(0); + #else +@@ -425,7 +444,8 @@ + + # PaRisc/gcc: HP/UX + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if (defined(__hppa) || defined(__hppa__)) && defined(__GNUC__) + exit(0); + #else +@@ -436,7 +456,8 @@ + + # PPC/gcc: + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if (defined(__powerpc__) || defined(__ppc__)) && defined(__GNUC__) + exit(0); + #else +@@ -447,7 +468,8 @@ + + # 68K/gcc: SunOS + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if (defined(mc68020) || defined(sun3)) && defined(__GNUC__) + exit(0); + #else +@@ -458,7 +480,8 @@ + + # S390/cc: IBM OS/390 Unix + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(__MVS__) && defined(__IBMC__) + exit(0); + #else +@@ -469,7 +492,8 @@ + + # S390/gcc: Linux + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(__s390__) && defined(__GNUC__) + exit(0); + #else +@@ -480,7 +504,8 @@ + + # ia64/gcc: Linux + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(__ia64) && defined(__GNUC__) + exit(0); + #else +@@ -491,7 +516,8 @@ + + # uts/cc: UTS + if test "$db_cv_mutex" = no; then +-AC_TRY_COMPILE(,[ ++AC_TRY_COMPILE([ ++#include ],[ + #if defined(_UTS) + exit(0); + #else +@@ -812,7 +838,8 @@ + fi + + if test "$db_cv_atomic" = no; then +- AC_TRY_COMPILE(,[ ++ AC_TRY_COMPILE([ ++ #include ],[ + #if ((defined(i386) || defined(__i386__)) && defined(__GNUC__)) + exit(0); + #elif ((defined(x86_64) || defined(__x86_64__)) && defined(__GNUC__)) +@@ -825,7 +852,8 @@ + + if test "$db_cv_atomic" = no; then + AC_TRY_LINK([ +-#include ],[ ++#include ++#include ],[ + volatile unsigned val = 1; + exit (atomic_inc_uint_nv(&val) != 2 || + atomic_dec_uint_nv(&val) != 1 || +diff -Naur db-4.8.30.NC.old/dist/aclocal/sequence.m4 db-4.8.30.NC/dist/aclocal/sequence.m4 +--- db-4.8.30.NC.old/dist/aclocal/sequence.m4 2023-03-16 17:29:41.591391960 +0100 ++++ db-4.8.30.NC/dist/aclocal/sequence.m4 2023-03-16 21:47:07.623110108 +0100 +@@ -43,6 +43,9 @@ + # test, which won't test for the appropriate printf format strings. + if test "$db_cv_build_sequence" = "yes"; then + AC_TRY_RUN([ ++ #include ++ #include ++ int + main() { + $db_cv_seq_type l; + unsigned $db_cv_seq_type u; +@@ -59,7 +62,9 @@ + return (1); + return (0); + }],, [db_cv_build_sequence="no"], +- AC_TRY_LINK(,[ ++ AC_TRY_LINK([ ++ #include ++ #include ],[ + $db_cv_seq_type l; + unsigned $db_cv_seq_type u; + char buf@<:@100@:>@; +diff -Naur db-4.8.30.NC.old/dist/configure db-4.8.30.NC/dist/configure +--- db-4.8.30.NC.old/dist/configure 2023-03-16 17:29:41.587391937 +0100 ++++ db-4.8.30.NC/dist/configure 2023-03-17 15:34:52.507864862 +0100 +@@ -3057,7 +3057,7 @@ + + DB_VERSION_PATCH="30" + +-DB_VERSION_STRING='"Berkeley DB 4.8.30: (April 9, 2010)"' ++DB_VERSION_STRING='"Berkeley DB 4.8.30: (March 17, 2023)"' + + + # Process all options before using them. +@@ -18756,6 +18756,7 @@ + /* end confdefs.h. */ + + #include ++#include + int + main () + { +@@ -18792,6 +18793,8 @@ + /* end confdefs.h. */ + + #include ++#include ++int + main() { + pthread_cond_t cond; + pthread_mutex_t mutex; +@@ -18828,6 +18831,7 @@ + /* end confdefs.h. */ + + #include ++#include + int + main () + { +@@ -18864,6 +18868,8 @@ + /* end confdefs.h. */ + + #include ++#include ++int + main() { + pthread_cond_t cond; + pthread_mutex_t mutex; +@@ -18899,6 +18905,7 @@ + /* end confdefs.h. */ + + #include ++#include + int + main () + { +@@ -18933,6 +18940,8 @@ + /* end confdefs.h. */ + + #include ++#include ++int + main() { + pthread_cond_t cond; + pthread_mutex_t mutex; +@@ -18967,6 +18976,7 @@ + /* end confdefs.h. */ + + #include ++#include + int + main () + { +@@ -19001,6 +19011,8 @@ + /* end confdefs.h. */ + + #include ++#include ++int + main() { + pthread_cond_t cond; + pthread_mutex_t mutex; +@@ -19038,6 +19050,7 @@ + /* end confdefs.h. */ + + #include ++ #include + int + main () + { +@@ -19069,6 +19082,7 @@ + + #include + #include ++ #include + int + main () + { +@@ -19099,6 +19113,7 @@ + + #include + #include ++ #include + int + main () + { +@@ -19136,6 +19151,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++ #include + int + main () + { +@@ -19159,6 +19175,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++ #include + int + main () + { +@@ -19210,6 +19227,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++ #include + int + main () + { +@@ -19277,6 +19295,7 @@ + /* end confdefs.h. */ + + #include ++#include + int + main () + { +@@ -19310,6 +19329,7 @@ + + #include + #include ++#include + int + main () + { +@@ -19366,6 +19386,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19497,6 +19518,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19522,6 +19544,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19547,6 +19570,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19572,6 +19596,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19597,6 +19622,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19622,6 +19648,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19647,6 +19674,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19672,6 +19700,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19697,6 +19726,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19722,6 +19752,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -19747,6 +19778,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++#include + int + main () + { +@@ -20198,6 +20230,7 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++ #include + int + main () + { +@@ -20225,6 +20258,7 @@ + /* end confdefs.h. */ + + #include ++#include + int + main () + { +@@ -20743,6 +20777,8 @@ + /* end confdefs.h. */ + + #include ++#include ++int + main() { + struct timespec t; + return (clock_gettime(CLOCK_MONOTONIC, &t) != 0); +@@ -21600,6 +21636,8 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++ #include ++ #include + int + main () + { +@@ -21634,6 +21672,9 @@ + cat confdefs.h - <<_ACEOF >conftest.$ac_ext + /* end confdefs.h. */ + ++ #include ++ #include ++ int + main() { + $db_cv_seq_type l; + unsigned $db_cv_seq_type u; diff --git a/db-4.8.30.NC-format-security.patch b/db-4.8.30.NC-format-security.patch new file mode 100644 index 0000000..0781cbf --- /dev/null +++ b/db-4.8.30.NC-format-security.patch @@ -0,0 +1,42 @@ +diff -Naur db-4.8.30.NC.old/repmgr/repmgr_net.c db-4.8.30.NC/repmgr/repmgr_net.c +--- db-4.8.30.NC.old/repmgr/repmgr_net.c 2021-10-03 10:22:53.391893577 +0200 ++++ db-4.8.30.NC/repmgr/repmgr_net.c 2021-10-03 10:23:03.599070978 +0200 +@@ -1331,7 +1331,7 @@ + } + + ret = net_errno; +- __db_err(env, ret, why); ++ __db_err(env, ret, "%s", why); + clean: if (s != INVALID_SOCKET) + (void)closesocket(s); + return (ret); +diff -Naur db-4.8.30.NC.old/txn/txn.c db-4.8.30.NC/txn/txn.c +--- db-4.8.30.NC.old/txn/txn.c 2021-10-03 10:22:53.445894516 +0200 ++++ db-4.8.30.NC/txn/txn.c 2021-10-03 10:23:03.632071552 +0200 +@@ -113,7 +113,7 @@ + return (ret); + if (parent != NULL && !F_ISSET(parent, TXN_SNAPSHOT) && + LF_ISSET(DB_TXN_SNAPSHOT)) { +- __db_errx(env, ++ __db_errx(env, "%s", + "Child transaction snapshot setting must match parent"); + return (EINVAL); + } +@@ -168,7 +168,7 @@ + + *txnpp = NULL; + if ((ret = __os_calloc(env, 1, sizeof(DB_TXN), &txn)) != 0) { +- __db_errx(env, TxnAlloc); ++ __db_errx(env, "%s", TxnAlloc); + return (ret); + } + +@@ -315,7 +315,7 @@ + int ret; + + if ((ret = __os_calloc(env, 1, sizeof(DB_TXN), &txn)) != 0) { +- __db_errx(env, TxnAlloc); ++ __db_errx(env, "%s", TxnAlloc); + return (ret); + } + diff --git a/sources b/sources index 4680f74..071a0ef 100644 --- a/sources +++ b/sources @@ -1,3 +1,4 @@ -SHA512 (bitcoin-30.2.tar.gz) = 4fcdb70a016f9ad1b44539f19d61d4c9ce06d92f947be156f8d5de29026aa90a17cea8dcd0bd9bf2f7ad959a4b79d851de95a1c0d2ab87862e04c26cf89f493b -SHA512 (SHA256SUMS) = 99df424cfe37197df15c3e12890ba0b3e9fa00d75f4466f36e220d5d9a361c472d140ce9e7e050181e2a41d39f1af6f0c8fe87e1db9bea7a2fc6000b228aed12 -SHA512 (SHA256SUMS.asc) = 1bb28324b7807eaf8bd828039954698cfdbb4ac79ae09a58f84f798ed9da1178ce57459fd7586e51ab514983531045b2a33a28361e4ba302c5527104d0474d53 +SHA512 (bitcoin-25.1.tar.gz) = 310e5d976a062496d2b99d0e64c4d5d2b536a747901e887f85b75151d94237f0de800163b534c812d390eb5e93b3f7284cd7f71843ec35e891f34634b6b142ab +SHA512 (SHA256SUMS) = 193154587f3f12dcc09cf1e0dd43abce8fcc7e0bdb5fc44c45469e6aefa196f3deaa67302f651b68ddabfd5e60e8c73a181cb88c84129dbb8937c2acdc7fbb94 +SHA512 (SHA256SUMS.asc) = 11328411025da2a15b9b758441b12e9b317eb7f8bcd2eb5a172fd56f4f512610fa6cbdac59d5bbe8d4c9253164154241515a9357a47f5239861e1d180fd0a7b5 +SHA512 (db-4.8.30.NC.tar.gz) = 8d313f1f896e0b0c05cc510c0313324743de3fb660a0bd948c957d5a2d50f1625d8a9a36ec4e6fea09daf1d682dbe1ffccd5c3ec5f066eef72f7525343d0194c