From fc8f96114f2bc894d6e1f82df9674dca564730a2 Mon Sep 17 00:00:00 2001 From: Patrick McDermott Date: Sat, 08 Jun 2019 15:31:31 -0400 Subject: source.mk: New maintainer, new (working) key The new maintainer also uses gzip instead of bzip2. --- diff --git a/control b/control index 794fbac..7086b75 100644 --- a/control +++ b/control @@ -1,4 +1,4 @@ Maintainer: "P. J. McDermott" -Build-Depends: opkhelper-3.0, +Build-Depends: gpg, dirmngr, opkhelper-3.0, libreadline-dev, Homepage: https://www.gnu.org/software/bc/ diff --git a/source.mk b/source.mk index 6635ee2..87600da 100644 --- a/source.mk +++ b/source.mk @@ -1,28 +1,25 @@ -upstream_archive = $(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).tar.bz2 -upstream_url = http://alpha.gnu.org/gnu/$(OPK_SOURCE)/$(upstream_archive) -source_archive = ../$(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).orig.tar.bz2 -#keys = D9B7BC63 +upstream_archive = $(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).tar.gz +upstream_url = http://ftp.gnu.org/gnu/$(OPK_SOURCE)/$(upstream_archive) +source_archive = ../$(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).orig.tar.gz + +gpg = GNUPGHOME=gnupghome/ gpg --no-default-keyring --keyring ../keyring.gpg +# Key has no signatures but is in the GNU keyring (as downloaded over HTTPS but +# not otherwise verified). +keys = \ + '00E4 2623 2F38 4BF6 D32D 8B18 81C2 4FF1 2FB7 B14B' $(source_archive): - wget -c '$(upstream_url)' - @# gpg: keyring `../keyring.gpg' created - @# gpg: requesting key D9B7BC63 from hkp server keys.gnupg.net - @# gpg: key 117D49DA: public key "Ken Pizzini " imported - @# gpg: Total number processed: 1 - @# gpg: imported: 1 (RSA: 1) - @# gpg: Signature made 2006-09-04T22:40:41 EDT using RSA key ID D9B7BC63 - @# gpg: WARNING: signing subkey D9B7BC63 is not cross-certified - @# gpg: please see http://www.gnupg.org/faq/subkey-cross-certify.html for more information - @# gpg: Can't check signature: general error - @#set -e; if gpg --version >/dev/null 2>&1; then \ - # wget -c '$(upstream_url).sig'; \ - # [ -e ../keyring.gpg ] || \ - # gpg --keyring ../keyring.gpg --no-default-keyring \ - # --recv-keys $(keys) || true; \ - # rm -f ../keyring.gpg~; \ - # gpg --verify --keyring ../keyring.gpg \ - # '$(upstream_archive).sig'; \ - #fi - mv '$(upstream_archive)' '$(source_archive)' + wget -c '$(upstream_url)' '$(upstream_url).sig' + install -m 0700 -d gnupghome/ + [ -e ../keyring.gpg ] || \ + $(gpg) --keyserver hkp://pool.sks-keyservers.net \ + --recv-keys $(keys); \ + rm -f ../keyring.gpg~; \ + if ! $(gpg) --verify '$(upstream_archive).sig'; then \ + rm -Rf gnupghome/; \ + exit 1; \ + fi + rm -Rf gnupghome/ + mv '$(upstream_archive)' '$@' source: $(source_archive) -- cgit v0.9.1