From 3ad66224209fd3b664c500267e2e0100fdf34d7d Mon Sep 17 00:00:00 2001 From: Patrick McDermott Date: Wed, 03 Jul 2019 13:27:31 -0400 Subject: source.mk: Rewrite (based on m4's), remove zlib --- diff --git a/control b/control index ac33f5b..eca2bff 100644 --- a/control +++ b/control @@ -1,5 +1,6 @@ Maintainer: Patrick McDermott -Build-Depends: opkhelper-3.0, +Build-Depends: opkbuild (>= 4.0.1), opkhelper-3.0 (>= 3.1.2), + gpg, dirmngr, gpgconf, gpg-agent, libncurses.5-dev, libreadline-dev, libexpat.1-dev, diff --git a/source.mk b/source.mk index f946eea..f22deab 100644 --- a/source.mk +++ b/source.mk @@ -1,33 +1,49 @@ +z = xz +tar_z = J +keys = \ + 'F40A DB90 2B24 264A A42E 50BF 92ED B04B FF32 5CF3' non_free_files = \ gdb/doc/gdb.texinfo \ - gdb/doc/gdb.info* + gdb/doc/gdb.info* \ + zlib/ upstream_version = $$(printf '%s\n' '$(OPK_SOURCE_VERSION_UPSTREAM)' | \ - sed 's/^\([0-9a-z.~-][0-9a-z.~-]*\)+sip[1-9][0-9]*.*$$/\1/') + sed 's/+sip[1-9][0-9]*.*$$//') upstream_name = $(OPK_SOURCE)-$(upstream_version) -upstream_archive = $(upstream_name).tar.bz2 -upstream_url = http://ftp.gnu.org/gnu/$(OPK_SOURCE)/$(upstream_archive) -source_archive = ../$(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).orig.tar.bz2 -keys = FF325CF3 +upstream_archive = $(upstream_name).tar.$(z) +upstream_url = http://ftp.gnu.org/pub/gnu/$(OPK_SOURCE)/$(upstream_archive) +source_archive = ../$(OPK_SOURCE)-$(OPK_SOURCE_VERSION_UPSTREAM).orig.tar.$(z) -$(source_archive): - wget -c "$(upstream_url)" - set -e; if gpg --version >/dev/null 2>&1; then \ - wget -c "$(upstream_url).sig"; \ - [ -e ../keyring.gpg ] || \ - gpg --keyring ../keyring.gpg --no-default-keyring \ - --recv-keys $(keys) || true; \ - rm -f ../keyring.gpg~; \ - gpg --verify --keyring ../keyring.gpg \ - "$(upstream_archive).sig"; \ - rm -f "$(upstream_archive).sig"; \ - fi - tar -xjf "$(upstream_archive)" +GNUPGHOME = gnupghome +# TODO: When GnuPG is built with TLS support, delete the second "keyserver" line +# to switch to a non-SKS keyserver. We can't switch yet, because the Web server +# at keys.openpgp.org redirects (HTTP 301) to HTTPS (and enforces it with HSTS). +keyserver = hkps://keys.openpgp.org +keyserver = hkp://pool.sks-keyservers.net +keyring = ../keyring.gpg +cleanup = gpgconf --kill all; rm -Rf '$(GNUPGHOME)'; sleep 5 + +$(keyring): + gpg --recv-keys $(keys) || { rm -Rf '$@'; exit 1; } + rm -f '$@~' + +$(source_archive): $(keyring) + wget -c "$(upstream_url)" "$(upstream_url).sig" + gpg --verify "$(upstream_archive).sig" + tar -x$(tar_z)f "$(upstream_archive)" rm -f "$(upstream_archive)" cd "$(upstream_name)"; for file in $(non_free_files); do \ - rm -f "$${file}"; \ + rm -R "$${file}"; \ done; cd .. - tar -cjf '$(source_archive)' "$(upstream_name)" + tar -c$(tar_z)f "$(source_archive)" "$(upstream_name)" rm -Rf "$(upstream_name)" -source: $(source_archive) +source: + install -m 0700 -d '$(GNUPGHOME)' + umask 0177; printf 'keyserver $(keyserver)\n' \ + 1>'$(GNUPGHOME)/dirmngr.conf' + umask 0177; printf 'no-default-keyring\nkeyring $(keyring)\nverbose\n' \ + 1>'$(GNUPGHOME)/gpg.conf' + GNUPGHOME='$(GNUPGHOME)' $(MAKE) -f ../source.mk "$(source_archive)" \ + || { $(cleanup); exit 1; } + $(cleanup) -- cgit v0.9.1