remove %{skip_verify}, brainpool signatures are supported now

We needed the %{skip_verify} escape hatch in 9308d65 (verify upstream signatures in %prep, unless bootstrapping, 2022-10-17) because brainpool signatures were not supported at the time. That changed with libgcrypt 9e608ad (enable brainpool curves by default, 2022-11-06). Adjust the remaining bootstrap conditional to read more naturally, using 'if not bootstrap' rather than 'if without bootstrap' while we're here.
2023-04-28 11:34:22 -04:00 · 2023-04-28 11:34:22 -04:00 · 7a08af2ffa
commit 7a08af2ffa
parent 8c178c60c2
1 changed files with 5 additions and 7 deletions
--- a/gnupg2.spec
+++ b/gnupg2.spec
@ -1,14 +1,9 @@
 %bcond_with bootstrap

-# Releases are occasionally signed with a brainpool key, which we cannot
-# (currently) use.  In such cases, set skip_verify to 1 and manually verify
-# the upstream source.
-%global skip_verify 0
-
 Summary: Utility for secure communication and data storage
 Name:    gnupg2
 Version: 2.4.0
-Release: 3%{?dist}
+Release: 4%{?dist}

 License: GPLv3+
 Source0: https://gnupg.org/ftp/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2
@ -110,7 +105,7 @@ package adds support for smart cards and S/MIME encryption and signing
 to the base GnuPG package

 %prep
-%if %{without bootstrap} && ! 0%{?skip_verify}
+%if ! %{with bootstrap}
 %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
 %endif
 %setup -q -n gnupg-%{version}
@ -228,6 +223,9 @@ make -k check


 %changelog
+* Fri Apr 28 2023 Todd Zullinger <tmz@pobox.com> - 2.4.0-4
+- remove %%skip_verify, brainpool signatures are supported now
+
 * Fri Mar 03 2023 Jakub Jelen <jjelen@redhat.com> - 2.4.0-3
 - Revert introduction of the RFC4880bis draft into defaults