diff options
| author |   Michał Górny <mgorny@gentoo.org> | 2023-02-13 20:26:19 +0100 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2023-02-13 20:27:35 +0100 |
| commit | 014a26bb2e7e746cbd4a474a3d84075132b6c916 (patch) | |
| tree | 09cdd03dd4a4666108afc05ed5719ae1b2dcfd24 /eclass/verify-sig.eclass | |
| parent | verify-sig.eclass: Revert "Accept 1-out-of-n sigs on multisig files" (diff) | |
| download | gentoo-014a26bb2e7e746cbd4a474a3d84075132b6c916.tar.gz gentoo-014a26bb2e7e746cbd4a474a3d84075132b6c916.tar.bz2 gentoo-014a26bb2e7e746cbd4a474a3d84075132b6c916.zip | |
verify-sig.eclass: Revert "Use gemato openpgp-verify-detached"
This is causing verification failures when verifying old signatures
made with now-expired keys.
Reverts: 75ea89a43b8d3efb6b264296f819d04d3c18c3af
Bug: https://bugs.gentoo.org/894164
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'eclass/verify-sig.eclass')
| -rw-r--r-- | eclass/verify-sig.eclass | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/eclass/verify-sig.eclass b/eclass/verify-sig.eclass index a071139daa17..91433bf53453 100644 --- a/eclass/verify-sig.eclass +++ b/eclass/verify-sig.eclass @@ -65,9 +65,8 @@ case ${VERIFY_SIG_METHOD} in BDEPEND=" verify-sig? ( app-crypt/gnupg - >=app-portage/gemato-18.0 - ) - " + >=app-portage/gemato-16 + )" ;; signify) BDEPEND="verify-sig? ( app-crypt/signify )" @@ -145,9 +144,8 @@ verify-sig_verify_detached() { # gpg can't handle very long TMPDIR # https://bugs.gentoo.org/854492 local -x TMPDIR=/tmp - gemato openpgp-verify-detached -K "${key}" \ - "${extra_args[@]}" \ - "${sig}" "${file}" || + gemato gpg-wrap -K "${key}" "${extra_args[@]}" -- \ + gpg --verify "${sig}" "${file}" || die "PGP signature verification failed" ;; signify) |