1 |
On Tue, 2020-10-06 at 13:26 +0200, Ulrich Mueller wrote: |
2 |
> > > > > > On Tue, 06 Oct 2020, Michał Górny wrote: |
3 |
> > Signed-off-by: Michał Górny <mgorny@g.o> |
4 |
> > --- |
5 |
> > app-crypt/openpgp-keys-miniupnp/Manifest | 2 ++ |
6 |
> > app-crypt/openpgp-keys-miniupnp/metadata.xml | 9 ++++++++ |
7 |
> > .../openpgp-keys-miniupnp-20201006.ebuild | 23 +++++++++++++++++++ |
8 |
> > 3 files changed, 34 insertions(+) |
9 |
> > create mode 100644 app-crypt/openpgp-keys-miniupnp/Manifest |
10 |
> > create mode 100644 app-crypt/openpgp-keys-miniupnp/metadata.xml |
11 |
> > create mode 100644 app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild |
12 |
> > diff --git a/app-crypt/openpgp-keys-miniupnp/Manifest b/app-crypt/openpgp-keys-miniupnp/Manifest |
13 |
> > new file mode 100644 |
14 |
> > index 000000000000..c8f82da42fa6 |
15 |
> > --- /dev/null |
16 |
> > +++ b/app-crypt/openpgp-keys-miniupnp/Manifest |
17 |
> > @@ -0,0 +1,2 @@ |
18 |
> > +DIST A31ACAAF.asc 3139 BLAKE2B 4574c3f37965fafa4e2d703276a585d1f17b0da862042620681bac591062b3b70c52cbe5481da543d3c3193a640c06e9d86c3cef1568ae3a3f62901a6ad200ab SHA512 ecad52850fdcc7c21bab81917b3cea85c48b751534427d3db5750c43cbce73916ec4879e4f5535d4b87b7eca927ad249e384c5597702a0052afa89c23c5719b9 |
19 |
> > +DIST A5C0863C.asc 3098 BLAKE2B fdbc8629fd462b9cc72c568b0af5607951055abc03a1e344e4c1b411fb87bfa285c2e29d2781f9e9b02ec0bc63eacf55e5dc19198056a417ba3358dba445cc0c SHA512 adebff655374dbc8a045f9ab148f9fc343b043e80cb7e4e14c66aa56bfb2f0f5521e294c7600ca708893efc84679f788116d82ef5818370f1425f03dea0a77b9 |
20 |
> > diff --git a/app-crypt/openpgp-keys-miniupnp/metadata.xml b/app-crypt/openpgp-keys-miniupnp/metadata.xml |
21 |
> > new file mode 100644 |
22 |
> > index 000000000000..5a5a3aaf4299 |
23 |
> > --- /dev/null |
24 |
> > +++ b/app-crypt/openpgp-keys-miniupnp/metadata.xml |
25 |
> > @@ -0,0 +1,9 @@ |
26 |
> > +<?xml version="1.0" encoding="UTF-8"?> |
27 |
> > +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
28 |
> > +<pkgmetadata> |
29 |
> > + <maintainer type="person"> |
30 |
> > + <email>mgorny@g.o</email> |
31 |
> > + <name>Michał Górny</name> |
32 |
> > + </maintainer> |
33 |
> > + <stabilize-allarches/> |
34 |
> > +</pkgmetadata> |
35 |
> > diff --git a/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild b/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild |
36 |
> > new file mode 100644 |
37 |
> > index 000000000000..4b07eeca6024 |
38 |
> > --- /dev/null |
39 |
> > +++ b/app-crypt/openpgp-keys-miniupnp/openpgp-keys-miniupnp-20201006.ebuild |
40 |
> > @@ -0,0 +1,23 @@ |
41 |
> > +# Copyright 1999-2020 Gentoo Authors |
42 |
> > +# Distributed under the terms of the GNU General Public License v2 |
43 |
> > + |
44 |
> > +EAPI=7 |
45 |
> > + |
46 |
> > +DESCRIPTION="OpenPGP keys used to sign miniupnp* packages" |
47 |
> > +HOMEPAGE="http://miniupnp.free.fr/files/" |
48 |
> > +SRC_URI=" |
49 |
> > + http://miniupnp.free.fr/A31ACAAF.asc |
50 |
> > + http://miniupnp.free.fr/A5C0863C.asc |
51 |
> > +" |
52 |
> > + |
53 |
> > +LICENSE="public-domain" |
54 |
> > +SLOT="0" |
55 |
> > +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86" |
56 |
> > + |
57 |
> > +S=${WORKDIR} |
58 |
> > + |
59 |
> > +src_install() { |
60 |
> > + local files=( ${A} ) |
61 |
> > + insinto /usr/share/openpgp-keys |
62 |
> > + newins - miniupnp.asc < <(cat "${files[@]/#/${DISTDIR}/}") |
63 |
> > +} |
64 |
> > -- |
65 |
> > 2.28.0 |
66 |
> |
67 |
> This relies again on Manifest digests for the integrity of the key |
68 |
> distfiles themselves. What do we gain by this indirection, as compared |
69 |
> to validating the distfiles of the target package by their Manifest? |
70 |
> |
71 |
|
72 |
We gain the ability of verifying it *before* generating Manifest. |
73 |
|
74 |
-- |
75 |
Best regards, |
76 |
Michał Górny |