source.mk: New maintainer, new (working) key

The new maintainer also uses gzip instead of bzip2.
author: Patrick McDermott <patrick.mcdermott@libiquity.com> 2019-06-08 15:31:31 (EDT)
committer: Patrick McDermott <patrick.mcdermott@libiquity.com> 2019-06-08 15:31:31 (EDT)
commit: fc8f96114f2bc894d6e1f82df9674dca564730a2 (patch)
tree: 29c6fd37cbc95ed3e39b41a35dc9904f4e91e84f
parent: d22efc228b7e6c1d9ffee730a01b24b0fd16f7ef (diff)
2 files changed, 22 insertions, 25 deletions
diff --git a/control b/control
index 794fbac..7086b75 100644
--- a/control
+++ b/control
@@ -1,4 +1,4 @@
 Maintainer: "P. J. McDermott" <pj@pehjota.net>
-Build-Depends: opkhelper-3.0,
+Build-Depends: gpg, dirmngr, opkhelper-3.0,
  libreadline-dev,
 Homepage: https://www.gnu.org/software/bc/
diff --git a/source.mk b/source.mk
index 6635ee2..87600da 100644
--- a/source.mk
+++ b/source.mk
@@ -1,28 +1,25 @@
-upstream_archive = $(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).tar.bz2
-upstream_url = http://alpha.gnu.org/gnu/$(OPK_SOURCE)/$(upstream_archive)
-source_archive = ../$(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).orig.tar.bz2
-#keys = D9B7BC63
+upstream_archive = $(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).tar.gz
+upstream_url = http://ftp.gnu.org/gnu/$(OPK_SOURCE)/$(upstream_archive)
+source_archive = ../$(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).orig.tar.gz
+
+gpg = GNUPGHOME=gnupghome/ gpg --no-default-keyring --keyring ../keyring.gpg
+# Key has no signatures but is in the GNU keyring (as downloaded over HTTPS but
+# not otherwise verified).
+keys = \
+	'00E4 2623 2F38 4BF6 D32D  8B18 81C2 4FF1 2FB7 B14B'
 
 $(source_archive):
-	wget -c '$(upstream_url)'
-	@# gpg: keyring `../keyring.gpg' created
-	@# gpg: requesting key D9B7BC63 from hkp server keys.gnupg.net
-	@# gpg: key 117D49DA: public key "Ken Pizzini <ken@gnu.org>" imported
-	@# gpg: Total number processed: 1
-	@# gpg:               imported: 1  (RSA: 1)
-	@# gpg: Signature made 2006-09-04T22:40:41 EDT using RSA key ID D9B7BC63
-	@# gpg: WARNING: signing subkey D9B7BC63 is not cross-certified
-	@# gpg: please see http://www.gnupg.org/faq/subkey-cross-certify.html for more information
-	@# gpg: Can't check signature: general error
-	@#set -e; if gpg --version >/dev/null 2>&1; then \
-	#	wget -c '$(upstream_url).sig'; \
-	#	[ -e ../keyring.gpg ] || \
-	#		gpg --keyring ../keyring.gpg --no-default-keyring \
-	#			--recv-keys $(keys) || true; \
-	#	rm -f ../keyring.gpg~; \
-	#	gpg --verify --keyring ../keyring.gpg \
-	#		'$(upstream_archive).sig'; \
-	#fi
-	mv '$(upstream_archive)' '$(source_archive)'
+	wget -c '$(upstream_url)' '$(upstream_url).sig'
+	install -m 0700 -d gnupghome/
+	[ -e ../keyring.gpg ] || \
+		$(gpg) --keyserver hkp://pool.sks-keyservers.net \
+			--recv-keys $(keys); \
+	rm -f ../keyring.gpg~; \
+	if ! $(gpg) --verify '$(upstream_archive).sig'; then \
+		rm -Rf gnupghome/; \
+		exit 1; \
+	fi
+	rm -Rf gnupghome/
+	mv '$(upstream_archive)' '$@'
 
 source: $(source_archive)
author	Patrick McDermott <patrick.mcdermott@libiquity.com>	2019-06-08 15:31:31 (EDT)
committer	Patrick McDermott <patrick.mcdermott@libiquity.com>	2019-06-08 15:31:31 (EDT)
commit	fc8f96114f2bc894d6e1f82df9674dca564730a2 (patch)
tree	29c6fd37cbc95ed3e39b41a35dc9904f4e91e84f
parent	d22efc228b7e6c1d9ffee730a01b24b0fd16f7ef (diff)