| 1 |
On Tue, 2020-10-06 at 13:26 +0200, Ulrich Mueller wrote: |
| 2 |
> > > > > > On Tue, 06 Oct 2020, Michał Górny wrote: |
| 3 |
> > Signed-off-by: Michał Górny <mgorny@g.o> |
| 4 |
> > --- |
| 5 |
> > app-crypt/openpgp-keys-miniupnp/Manifest | 2 ++ |
| 6 |
> > app-crypt/openpgp-keys-miniupnp/metadata.xml | 9 ++++++++ |
| 7 |
> > .../openpgp-keys-miniupnp-20201006.ebuild | 23 +++++++++++++++++++ |
| 8 |
> > 3 files changed, 34 insertions(+) |
| 9 |
> > create mode 100644 app-crypt/openpgp-keys-miniupnp/Manifest |
| 10 |
> > create mode 100644 app-crypt/openpgp-keys-miniupnp/metadata.xml |
| 11 |
> > create mode 100644 app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild |
| 12 |
> > diff --git a/app-crypt/openpgp-keys-miniupnp/Manifest b/app-crypt/openpgp-keys-miniupnp/Manifest |
| 13 |
> > new file mode 100644 |
| 14 |
> > index 000000000000..c8f82da42fa6 |
| 15 |
> > --- /dev/null |
| 16 |
> > +++ b/app-crypt/openpgp-keys-miniupnp/Manifest |
| 17 |
> > @@ -0,0 +1,2 @@ |
| 18 |
> > +DIST A31ACAAF.asc 3139 BLAKE2B 4574c3f37965fafa4e2d703276a585d1f17b0da862042620681bac591062b3b70c52cbe5481da543d3c3193a640c06e9d86c3cef1568ae3a3f62901a6ad200ab SHA512 ecad52850fdcc7c21bab81917b3cea85c48b751534427d3db5750c43cbce73916ec4879e4f5535d4b87b7eca927ad249e384c5597702a0052afa89c23c5719b9 |
| 19 |
> > +DIST A5C0863C.asc 3098 BLAKE2B fdbc8629fd462b9cc72c568b0af5607951055abc03a1e344e4c1b411fb87bfa285c2e29d2781f9e9b02ec0bc63eacf55e5dc19198056a417ba3358dba445cc0c SHA512 adebff655374dbc8a045f9ab148f9fc343b043e80cb7e4e14c66aa56bfb2f0f5521e294c7600ca708893efc84679f788116d82ef5818370f1425f03dea0a77b9 |
| 20 |
> > diff --git a/app-crypt/openpgp-keys-miniupnp/metadata.xml b/app-crypt/openpgp-keys-miniupnp/metadata.xml |
| 21 |
> > new file mode 100644 |
| 22 |
> > index 000000000000..5a5a3aaf4299 |
| 23 |
> > --- /dev/null |
| 24 |
> > +++ b/app-crypt/openpgp-keys-miniupnp/metadata.xml |
| 25 |
> > @@ -0,0 +1,9 @@ |
| 26 |
> > +<?xml version="1.0" encoding="UTF-8"?> |
| 27 |
> > +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
| 28 |
> > +<pkgmetadata> |
| 29 |
> > + <maintainer type="person"> |
| 30 |
> > + <email>mgorny@g.o</email> |
| 31 |
> > + <name>Michał Górny</name> |
| 32 |
> > + </maintainer> |
| 33 |
> > + <stabilize-allarches/> |
| 34 |
> > +</pkgmetadata> |
| 35 |
> > diff --git a/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild b/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild |
| 36 |
> > new file mode 100644 |
| 37 |
> > index 000000000000..4b07eeca6024 |
| 38 |
> > --- /dev/null |
| 39 |
> > +++ b/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild |
| 40 |
> > @@ -0,0 +1,23 @@ |
| 41 |
> > +# Copyright 1999-2020 Gentoo Authors |
| 42 |
> > +# Distributed under the terms of the GNU General Public License v2 |
| 43 |
> > + |
| 44 |
> > +EAPI=7 |
| 45 |
> > + |
| 46 |
> > +DESCRIPTION="OpenPGP keys used to sign miniupnp* packages" |
| 47 |
> > +HOMEPAGE="http://miniupnp.free.fr/files/" |
| 48 |
> > +SRC_URI=" |
| 49 |
> > + http://miniupnp.free.fr/A31ACAAF.asc |
| 50 |
> > + http://miniupnp.free.fr/A5C0863C.asc |
| 51 |
> > +" |
| 52 |
> > + |
| 53 |
> > +LICENSE="public-domain" |
| 54 |
> > +SLOT="0" |
| 55 |
> > +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86" |
| 56 |
> > + |
| 57 |
> > +S=${WORKDIR} |
| 58 |
> > + |
| 59 |
> > +src_install() { |
| 60 |
> > + local files=( ${A} ) |
| 61 |
> > + insinto /usr/share/openpgp-keys |
| 62 |
> > + newins - miniupnp.asc < <(cat "${files[@]/#/${DISTDIR}/}") |
| 63 |
> > +} |
| 64 |
> > -- |
| 65 |
> > 2.28.0 |
| 66 |
> |
| 67 |
> This relies again on Manifest digests for the integrity of the key |
| 68 |
> distfiles themselves. What do we gain by this indirection, as compared |
| 69 |
> to validating the distfiles of the target package by their Manifest? |
| 70 |
> |
| 71 |
|
| 72 |
We gain the ability of verifying it *before* generating Manifest. |
| 73 |
|
| 74 |
-- |
| 75 |
Best regards, |
| 76 |
Michał Górny |
Archives