summaryrefslogtreecommitdiff
path: root/eclass
diff options
context:
space:
mode:
authorMichał Górny <mgorny@gentoo.org>2023-02-13 20:26:19 +0100
committerMichał Górny <mgorny@gentoo.org>2023-02-13 20:27:35 +0100
commit014a26bb2e7e746cbd4a474a3d84075132b6c916 (patch)
tree09cdd03dd4a4666108afc05ed5719ae1b2dcfd24 /eclass
parentverify-sig.eclass: Revert "Accept 1-out-of-n sigs on multisig files" (diff)
downloadgentoo-014a26bb2e7e746cbd4a474a3d84075132b6c916.tar.gz
gentoo-014a26bb2e7e746cbd4a474a3d84075132b6c916.tar.bz2
gentoo-014a26bb2e7e746cbd4a474a3d84075132b6c916.zip
verify-sig.eclass: Revert "Use gemato openpgp-verify-detached"
This is causing verification failures when verifying old signatures made with now-expired keys. Reverts: 75ea89a43b8d3efb6b264296f819d04d3c18c3af Bug: https://bugs.gentoo.org/894164 Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'eclass')
-rw-r--r--eclass/verify-sig.eclass10
1 files changed, 4 insertions, 6 deletions
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass
index a071139daa17..91433bf53453 100644
--- a/eclass/verify-sig.eclass
+++ b/eclass/verify-sig.eclass
@@ -65,9 +65,8 @@ case ${VERIFY_SIG_METHOD} in
BDEPEND="
verify-sig? (
app-crypt/gnupg
- >=app-portage/gemato-18.0
- )
- "
+ >=app-portage/gemato-16
+ )"
;;
signify)
BDEPEND="verify-sig? ( app-crypt/signify )"
@@ -145,9 +144,8 @@ verify-sig_verify_detached() {
# gpg can't handle very long TMPDIR
# https://bugs.gentoo.org/854492
local -x TMPDIR=/tmp
- gemato openpgp-verify-detached -K "${key}" \
- "${extra_args[@]}" \
- "${sig}" "${file}" ||
+ gemato gpg-wrap -K "${key}" "${extra_args[@]}" -- \
+ gpg --verify "${sig}" "${file}" ||
die "PGP signature verification failed"
;;
signify)