From cb83f5749c0145c1115b1fb888582da209e68530c041bcc14694b85246a975ae Mon Sep 17 00:00:00 2001 From: Michal Vyskocil Date: Tue, 18 Dec 2012 10:09:31 +0000 Subject: [PATCH] Accepting request 143883 from home:sbrabec:gpg-offline-verify Verify GPG signature: Perform build-time offline GPG verification. Please verify that included keyring matches your needs. For manipulation with the offline keyring, please use gpg-offline tool from openSUSE:Factory, devel-tools-building or Base:System. See the man page and/or /usr/share/doc/packages/gpg-offline/PACKAGING.HOWTO. If you need to build your package for older products and don't want to mess spec file with ifs, please follow PACKAGING.HOWTO: you can link or aggregate gpg-offline from devel:tools:building or use following trick with "osc meta prjconf": --- Cut here ---- %if 0%{?suse_version} <= 1220 Substitute: gpg-offline %endif Macros: %gpg_verify(dnf) \ %if 0%{?suse_version} > 1220\ echo "WARNING: Using %%gpg_verify macro from prjconf, not from gpg-offline package."\ gpg-offline --directory="%{-d:%{-d*}}%{!-d:%{_sourcedir}}" --package="%{-n:%{-n*}}%{!-n:%{name}}""%{-f: %{-f*}}" --verify %{**}\ %else\ echo "WARNING: Dummy prjconf macro. gpg-offline is not available, skipping %{**} GPG signature verification!"\ %endif\ %nil ----------------- OBS-URL: https://build.opensuse.org/request/show/143883 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/curl?expand=0&rev=83 --- curl.changes | 5 +++++ curl.keyring | 28 ++++++++++++++++++++++++++++ curl.spec | 3 +++ 3 files changed, 36 insertions(+) create mode 100644 curl.keyring diff --git a/curl.changes b/curl.changes index 12ddc49..5e69bc3 100644 --- a/curl.changes +++ b/curl.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Nov 27 20:05:00 CET 2012 - sbrabec@suse.cz + +- Verify GPG signature. + ------------------------------------------------------------------- Tue Nov 20 23:43:24 UTC 2012 - crrodriguez@opensuse.org diff --git a/curl.keyring b/curl.keyring new file mode 100644 index 0000000..71ba182 --- /dev/null +++ b/curl.keyring @@ -0,0 +1,28 @@ +pub 1024D/279D5C91 2003-04-28 +uid Daniel Stenberg (Haxx) +sub 1024g/B70B3510 2003-04-28 + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.19 (GNU/Linux) + +mQGiBD6tnnoRBACRPnFBVoapBrTpPrCNZ2rq3DcmW6n/soQJW47+zP+vcrcxQ1WJ +QiWSzLGO+QOIUZSYfnliR22r8HkFX9EUSW3IAcRMJMsaO3wMJ0a+78a9QqWLp6RV +0arcQkuuCvG79h+yJ6NnoAXe1geRt8vNGsaWtsS91CtYlTSs6JVtaRLnYwCg/Ly1 +EFgvNZ6SJRc/8I5rRv0lrz8D/0goih2kZ5z4SI+r2hgABNcN7g565YwGKaQDbIch +soh3OBzgETWc3wuAZqmCzQXPXMpMx+ziqX6XDzDKNiGL1CdrBJQd0II8UutWVDje +f9UxLfo02YQ8diGYeq0u9k1RezC13w4TVUmQfg0Uqn4xM6DNzO1O6yCK8rlNwsvL +gHNJA/9m1pfzjpvdxtmJNKRU3C4cRCjXhxNdM7laSEj0/wOGaR2QWWEge51orWwo +SLQUIe4BDPvtRStQHC+tI7qr7d12rMMEBXviJC5EkGBOzlgWr9virjM/u/pkGMc2 +m5r3pVuWH/JSsHsV952y2kWP64uP4zdLXOpVzX/xs0sYJ9nOPLQnRGFuaWVsIFN0 +ZW5iZXJnIChIYXh4KSA8ZGFuaWVsQGhheHguc2U+iFkEExECABkFAj6tnnoECwcD +AgMVAgMDFgIBAh4BAheAAAoJEHjhHGsnnVyRjngAn1gK6Q0qUTHwYJBAhIDmrRi0 +ebfDAJ4qDSHd6UU2MEkkFCgGfYgEBXKbb7kBDQQ+rZ59EAQAmYsA8gPjJ75gOIPb +XNg9Z31QzIz65qS9XdNsFNAdKxnY4b72nhc0oaS9/7Dcdf2Q+1mDa2p72DWk+9iz +7knmBL++csBP2z9eMe5h8oV53prqNOHDHyL3WLOa25ga9381gZnzWoQME74iSBBM +wDw8vbLEgIZ34JaQ7Oe+9N3+6n8AAwcD/Av+Ms+3gCc5pLp4nx36qqi36fodaG9+ +dwIcMbr9bivEtjmDHeuPsD6X1J9+Y/ikUBIDpMPv33lJxLoubOtpLhEuN2XN/ojT +rueVPDKA1f+GyfHnyfpf/78IgX1hGVqu/3RBWKPpXFwSZA4q8vFR+FaPC5WbU68t +FLJpYuC9ZO/LiEYEGBECAAYFAj6tnn0ACgkQeOEcayedXJGtPQCgxrbd59afemZ9 +OIadZD8kUGC29dUAoJ94aGUkWCwoEiPyEZRGXv9XRlfx +=yTQx +-----END PGP PUBLIC KEY BLOCK----- diff --git a/curl.spec b/curl.spec index 4167b84..4ab5557 100644 --- a/curl.spec +++ b/curl.spec @@ -30,8 +30,10 @@ Url: http://curl.haxx.se/ Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma Source2: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma.asc Source3: baselibs.conf +Source4: %{name}.keyring Patch: libcurl-ocloexec.patch Patch1: dont-mess-with-rpmoptflags.diff +BuildRequires: gpg-offline BuildRequires: libidn-devel BuildRequires: libtool BuildRequires: lzma @@ -87,6 +89,7 @@ DICT, TELNET, LDAP, or FILE). The command is designed to work without user interaction or any kind of interactivity. %prep +%gpg_verify %{S:2} %setup -q %patch %patch1