commit: 7cb402c09a1051e4926e9a273c21971da6357735
Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Sat Jun 11 09:59:24 2022 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sat Jun 11 11:07:01 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7cb402c0
llvm.org.eclass: Verify release signatures
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
eclass/llvm.org.eclass | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/eclass/llvm.org.eclass b/eclass/llvm.org.eclass
index a6f9ca3084e2..abec9b1e060a 100644
--- a/eclass/llvm.org.eclass
+++ b/eclass/llvm.org.eclass
@@ -72,6 +72,10 @@ fi
inherit multiprocessing
+if ver_test -ge 14.0.5; then
+ inherit verify-sig
+fi
+
# == control variables ==
@@ -196,7 +200,16 @@ llvm.org_set_globals() {
if ver_test -ge 14.0.5; then
SRC_URI+="
https://github.com/llvm/llvm-project/releases/download/llvmorg-${PV}/llvm-project-${PV}.src.tar.xz
+ verify-sig? (
+
https://github.com/llvm/llvm-project/releases/download/llvmorg-${PV}/llvm-project-${PV}.src.tar.xz.sig
+ )
+ "
+ BDEPEND+="
+ verify-sig? (
+ sec-keys/openpgp-keys-llvm
+ )
"
+
VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/llvm.asc
else
SRC_URI+="
https://github.com/llvm/llvm-project/archive/llvmorg-${PV/_/-}.tar.gz
@@ -290,6 +303,10 @@ llvm.org_src_unpack() {
local archive=llvmorg-${PV/_/-}.tar.gz
if ver_test -ge 14.0.5; then
archive=llvm-project-${PV/_/-}.src.tar.xz
+ if use verify-sig; then
+ verify-sig_verify_detached \
+ "${DISTDIR}/${archive}"
"${DISTDIR}/${archive}.sig"
+ fi
fi
ebegin "Unpacking from ${archive}"
