bitcoind: v26.0 handle gpg failure

- gpg returns error code 2 for untrusted keys accept it for now
- refresh gpg keys
- directory changes for configure.ac file
Signed-off-by: Lakshya Singh <lakshay.singh1108@gmail.com>

bitcoind/Dockerfile

@@ -25,30 +25,27 @@ RUN mkdir $GNUPGHOME && set -ex \
     152812300785C96444D3334D17565732E08E5E41 \
     0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8 \
     590B7292695AFFA5B672CBB2E13FC145CD3F4304 \
-    28F5900B1BB5D1A4B6B6D1A9ED357015286A333D \
-    637DB1E23370F84AFF88CCE03152347D07DA627C \
     CFB16E21C950F67FA95E558F2EEB9F5CC09526C1 \
     F4FC70F07310028424EFC20A8E4256593F177720 \
     D1DBF2C4B96F2DEBF4C16654410108112E7EA81F \
     287AE4CA1187C68C08B49CB2D11BD4F33F1DB499 \
-    F9A8737BF4FF5C89C903DF31DD78544CF91B1514 \
     9DEAE0DC7063249FB05474681E4AED62986CD25D \
-    E463A93F5F3117EEDE6C7316BD02942421F4889F \
+    3EB0DEE6004A13BE5A0CC758BF2978B068054311 \
-    9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C \
+    ED9BDF7AD6A55E232E84524257FF9BDBCC301009 \
-    4DAF18FE948E7A965B30F9457E296D555E7F63A7 \
     28E72909F1717FE9607754F8A7BEB2621678D37D \
-    74E2DEF5D77260B98BC19438099BAD163C70FBFA \
   ; do \
     gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" || \
     gpg --batch --keyserver keys.openpgp.org --recv-keys "$key" || \
+    gpg --batch --keyserver pgp.mit.edu --recv-keys "$key" || \
     gpg --batch --keyserver keyserver.pgp.com --recv-keys "$key" || \
     gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$key" || \
     gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" ; \
-  done && \
+  done
-  wget -O- https://raw.githubusercontent.com/Kvaciral/kvaciral/main/kvaciral.asc | gpg --import
+RUN gpg --keyserver hkps://keys.openpgp.org --refresh-keys
-
 RUN gpg -kv
 
+COPY verify.sh verify.sh
+
 ARG BITCOIN_VERSION
 ARG BITCOIN_PREFIX=/opt/bitcoin-${BITCOIN_VERSION}
 ARG BITCOIN_SHA256SUMS_HASH
@@ -56,16 +53,16 @@ RUN echo "Building bitcoin core version $BITCOIN_VERSION"
 RUN wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS && \
     wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS.asc && \
     wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/bitcoin-${BITCOIN_VERSION}.tar.gz && \
-    gpg --batch --verify SHA256SUMS.asc SHA256SUMS && \
+    ./verify.sh && \
     echo "${BITCOIN_SHA256SUMS_HASH} SHA256SUMS" | sha256sum -c - && \
     grep " bitcoin-${BITCOIN_VERSION}.tar.gz\$" SHA256SUMS | sha256sum -c - && \
     tar -xzf *.tar.gz
 
 WORKDIR /bitcoin-${BITCOIN_VERSION}
 
-RUN sed -i '/AC_PREREQ/a\AR_FLAGS=cr' src/univalue/configure.ac && \
+RUN sed -i '/AC_PREREQ/a\AR_FLAGS=cr' configure.ac && \
     sed -i '/AX_PROG_CC_FOR_BUILD/a\AR_FLAGS=cr' src/secp256k1/configure.ac && \
-    sed -i s:sys/fcntl.h:fcntl.h: src/compat.h && \
+    sed -i s:sys/fcntl.h:fcntl.h: src/compat/compat.h && \
     ./autogen.sh && \
     ./configure LDFLAGS=-L`ls -d /opt/db*`/lib/ CPPFLAGS=-I`ls -d /opt/db*`/include/ \
     --prefix=${BITCOIN_PREFIX} \

bitcoind/verify.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# verify SHA256SUMS
+gpg --batch --verify SHA256SUMS.asc SHA256SUMS
+ret_val=$?
+
+# allow 2 as well in case of untrusted keys
+if [ $ret_val -eq 0 ] || [ $ret_val -eq 2 ]; then
+  exit 0
+else
+  exit $ret_val
+fi