[gentoo-commits] repo/gentoo:master commit in: net-vpn/tor/

Anthony G. Basile Wed, 16 Feb 2022 11:21:22 -0800

commit:     70c0ad68b27a716ca291f63604a56b227d87ade0
Author:     Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Sun Feb 13 15:22:19 2022 +0000
Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Wed Feb 16 19:19:31 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70c0ad68


net-vpn/tor: Fix checksum + signature verification

Closes: https://bugs.gentoo.org/833303
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>

 net-vpn/tor/Manifest            |  4 ++--
 net-vpn/tor/tor-0.4.6.10.ebuild | 14 +++++++++++++-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/net-vpn/tor/Manifest b/net-vpn/tor/Manifest
index 08a3fd235429..a0223969a30d 100644
--- a/net-vpn/tor/Manifest
+++ b/net-vpn/tor/Manifest
@@ -1,6 +1,6 @@
 DIST tor-0.4.6.10.tar.gz 7811644 BLAKE2B 
4bdf8ab8ac992866ffc18711de0ad9e19b496398dfdace4d3902273822666dcfda3acd825ee22251cd8d671ff563702c6f24fe8670719a2c75d144cfe9219f68
 SHA512 
7d3ca14f260f8d18c020f629fee93a9e941962f99d7b6106d81b1f302152e4be14f5f719c06a34257c2bedf1612c53da21c26750b2608034bd6c6cf0c82192a9
-DIST tor-0.4.6.10.tar.gz.sha256sum 65 BLAKE2B 
59f5111beee2e5b735bea5a5ae8ad66dd359d815ba20638b290f2428c3d5bd9de3c63bb9b6b48f4359577051aa1bdabb5329c98ea80e1b286fa41e118604f18e
 SHA512 
f7a2ea02e54d671e2715adeffc27ad568dd8df4bcda40e6cee694cb64f78bc256893487a90ec6b5545b4d2bb5fc892e3fb168b708e7d3cae94a632db4d554e66
-DIST tor-0.4.6.10.tar.gz.sha256sum.asc 716 BLAKE2B 
64821f64b8903d785f4c4504bff755817877ac496923f704a02b942214a450426c2eca3d0d3ea505f6acb22ecd4e6334b685372a96fca90159604e0811b58b39
 SHA512 
ef54a2a4860cbb9c3939b4b7755185f5345ce9ceb90083458163dfb6f428de20350dd30d06a3034507b8b6f0d2e1faf06b1216049a84eea07ab33fd65f1fbed6
+DIST tor-0.4.6.10.tar.gz.sha256sum 85 BLAKE2B 
1c51a80a0bdc34c31725ba6d632ae16ddec1c4aadd4c5ce8ff5ccd4dc9b051f76ddebbe1f1dc2c6f86194bf6badc95222ae14be100bbc24b75bc53f525cb8378
 SHA512 
97b49664f9f998b00fdd80f956bd5ab9588cd75d09041a0b946fdabd9f10c471eb49aa4bbb4d19bde45a554c1f2ef60d76ff58aa1dc74d4e7d930df77ac68262
+DIST tor-0.4.6.10.tar.gz.sha256sum.asc 488 BLAKE2B 
4f17ba1b555eeaa0aadad9348420979c1c83d3ce3cc4fa7e1cc6f453e75ae0bb43db19b883efcc329de5b52b91cda0f740ed949674f64e8cbfc0eb343ca2819b
 SHA512 
3d814c0b3533cf2b2ff421dc92f254596f2af7206bbefdc15a71a906c667dd3606b2c37ada3d36df6011fd0b4d5fe78860f8845fae9e19bd9e3ba5745f45130b
 DIST tor-0.4.6.7.tar.gz 7790727 BLAKE2B 
da6b0fe0de6a334713cf881dece6ef5a932b0f4374a7dde1e1cb78b4b43944fd6156d84bd98c8be734a7cf81b99cb36187544028c3e4800d38d11d7286d19e12
 SHA512 
e5f9e235fc4b96f5e63e0bfa4ca412d0d11299a31cb77cae1c199b276d0dfbf3656657ddf910b22625dd49eb726d487666e80e8889db78c9edebbab0d80d9e03
 DIST tor-0.4.6.7.tar.gz.asc 833 BLAKE2B 
2054c094cc8ce28bfc8822fa6b0ac5a028b41c96160d135da53112c4fcb7ae048e8d48b58f164dd33c6c7dd851aaa71173b2aa36f70411fc7cc2b67d346ce00b
 SHA512 
d45caaa4795d05f1f1a558192c5eedff608c74be0ef933e0ff7a4f68123a109e38e7fe26222c66dfc8966a07f458eeadf77d7f4731d88389595b59413140e9a3
 DIST tor-0.4.6.8.tar.gz 7796485 BLAKE2B 
3475597c9f46c83c736bf5f3db2a4f44a38c4f4c4998903d1fe89fc75a7090f4eaa8faafbbd44d728d5e8915f195eb3e284141925b16fca9bf6001844f52863d
 SHA512 
ff008ddf10c2a4c9e0d0da28558c7a97a6d42615c8bcad25a74567e3aafaba49df1699e379fd674f93305d222748d16b2f21d0da9a8fd3444b659747e1f1d07b

diff --git a/net-vpn/tor/tor-0.4.6.10.ebuild b/net-vpn/tor/tor-0.4.6.10.ebuild
index e70875bd16ab..799ac3948b7c 100644
--- a/net-vpn/tor/tor-0.4.6.10.ebuild
+++ b/net-vpn/tor/tor-0.4.6.10.ebuild
@@ -26,7 +26,7 @@ fi
 IUSE="caps doc lzma +man scrypt seccomp selinux +server systemd tor-hardening 
test zstd"
 VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/torproject.org.asc
 
-BDEPEND="verify-sig? ( sec-keys/openpgp-keys-tor )"
+BDEPEND="verify-sig? ( >=sec-keys/openpgp-keys-tor-20220216 )"
 DEPEND="
        dev-libs/libevent:=[ssl]
        sys-libs/zlib
@@ -63,6 +63,18 @@ pkg_setup() {
        use test && python-any-r1_pkg_setup
 }
 
+src_unpack() {
+       if use verify-sig; then
+               cd "${DISTDIR}" || die
+               verify-sig_verify_detached ${MY_PF}.tar.gz.sha256sum{,.asc}
+               verify-sig_verify_unsigned_checksums \
+                       ${MY_PF}.tar.gz.sha256sum sha256 ${MY_PF}.tar.gz
+               cd "${WORKDIR}" || die
+       fi
+
+       default
+}
+
 src_configure() {
        use doc && DOCS+=( README ChangeLog ReleaseNotes doc/HACKING )
        export ac_cv_lib_cap_cap_init=$(usex caps)

[gentoo-commits] repo/gentoo:master commit in: net-vpn/tor/

Reply via email to