commit: 7cb402c09a1051e4926e9a273c21971da6357735 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Sat Jun 11 09:59:24 2022 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Sat Jun 11 11:07:01 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7cb402c0
llvm.org.eclass: Verify release signatures Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> eclass/llvm.org.eclass | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/eclass/llvm.org.eclass b/eclass/llvm.org.eclass index a6f9ca3084e2..abec9b1e060a 100644 --- a/eclass/llvm.org.eclass +++ b/eclass/llvm.org.eclass @@ -72,6 +72,10 @@ fi inherit multiprocessing +if ver_test -ge 14.0.5; then + inherit verify-sig +fi + # == control variables == @@ -196,7 +200,16 @@ llvm.org_set_globals() { if ver_test -ge 14.0.5; then SRC_URI+=" https://github.com/llvm/llvm-project/releases/download/llvmorg-${PV}/llvm-project-${PV}.src.tar.xz + verify-sig? ( + https://github.com/llvm/llvm-project/releases/download/llvmorg-${PV}/llvm-project-${PV}.src.tar.xz.sig + ) + " + BDEPEND+=" + verify-sig? ( + sec-keys/openpgp-keys-llvm + ) " + VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/llvm.asc else SRC_URI+=" https://github.com/llvm/llvm-project/archive/llvmorg-${PV/_/-}.tar.gz @@ -290,6 +303,10 @@ llvm.org_src_unpack() { local archive=llvmorg-${PV/_/-}.tar.gz if ver_test -ge 14.0.5; then archive=llvm-project-${PV/_/-}.src.tar.xz + if use verify-sig; then + verify-sig_verify_detached \ + "${DISTDIR}/${archive}" "${DISTDIR}/${archive}.sig" + fi fi ebegin "Unpacking from ${archive}"