Remove dependency on gpg-offline as signature checking is implemented in the

source validator. OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/samba?expand=0&rev=440
2014-10-28 16:52:54 +00:00
parent 437027671f
commit 3d62dde8a7
8 changed files with 24 additions and 16 deletions
--- a/samba.spec
+++ b/samba.spec
@@ -118,7 +118,6 @@ BuildRequires:  dbus-1-devel
 BuildRequires:  libxslt-tools
 %endif
 %if 0%{?suse_version} > 1220
-BuildRequires:  gpg-offline
 BuildRequires:  systemd
 BuildRequires:  systemd-devel
 %endif
@@ -146,7 +145,7 @@ BuildRequires:  systemd-devel
 %else
 %define	build_make_smp_mflags %{?jobs:-j%jobs}
 %endif
-%define SOURCE_TIMESTAMP 3312
+%define SOURCE_TIMESTAMP 3313
 %define BRANCH %{version}
 %global with_mitkrb5 1
 %global with_dc 0
@@ -163,9 +162,15 @@ Recommends:     logrotate
 Summary:        A SMB/CIFS File, Print, and Authentication Server
 License:        GPL-3.0+
 Group:          Productivity/Networking/Samba
-Source:         %{samba_source_location}
+# Unfortunately upstream is mindboggingly stupid here by gpg signing the
+# uncompressed tarball, but not publishing the uncompressed tarball but
+# only a compressed one. so we need to unpack it manually so that
+# gpg verification works, but then we can't have download verification
+
+# %{samba_source_location}
+Source:         samba-%{version}%{samba_ver_suffix}.tar
 Source5:        %{samba_source_signature_location}
-Source6:        http://www.samba.org/samba/ftp/samba-pubkey_6568B7EA.asc
+Source6:        samba.keyring
 Source1:        vendor-files.tar.bz2
 Source2:        patches.tar.bz2
 Source4:        baselibs.conf
@@ -1105,11 +1110,6 @@ Branch:         %{BRANCH}


 %prep
-%if 0%{?suse_version} > 1220
-gzip -dc %{SOURCE0} >${RPM_SOURCE_DIR}/%{name}-%{samba_ver_full}.tar
-%{?gpg_verify: %gpg_verify --keyring %{SOURCE6} %{SOURCE5}}
-rm ${RPM_SOURCE_DIR}/%{name}-%{samba_ver_full}.tar
-%endif
 %setup -n samba-%{samba_ver_full} -q
 # patches
 %setup -T -D -a 2 -n samba-%{samba_ver_full} -q