From 7a08af2ffa7d7d35d416b7551e2ff26925416150 Mon Sep 17 00:00:00 2001 From: Todd Zullinger Date: Fri, 28 Apr 2023 11:34:22 -0400 Subject: [PATCH] remove %{skip_verify}, brainpool signatures are supported now We needed the %{skip_verify} escape hatch in 9308d65 (verify upstream signatures in %prep, unless bootstrapping, 2022-10-17) because brainpool signatures were not supported at the time. That changed with libgcrypt 9e608ad (enable brainpool curves by default, 2022-11-06). Adjust the remaining bootstrap conditional to read more naturally, using 'if not bootstrap' rather than 'if without bootstrap' while we're here. --- gnupg2.spec | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/gnupg2.spec b/gnupg2.spec index dc0a2e3..ff0d3dd 100644 --- a/gnupg2.spec +++ b/gnupg2.spec @@ -1,14 +1,9 @@ %bcond_with bootstrap -# Releases are occasionally signed with a brainpool key, which we cannot -# (currently) use. In such cases, set skip_verify to 1 and manually verify -# the upstream source. -%global skip_verify 0 - Summary: Utility for secure communication and data storage Name: gnupg2 Version: 2.4.0 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv3+ Source0: https://gnupg.org/ftp/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2 @@ -110,7 +105,7 @@ package adds support for smart cards and S/MIME encryption and signing to the base GnuPG package %prep -%if %{without bootstrap} && ! 0%{?skip_verify} +%if ! %{with bootstrap} %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' %endif %setup -q -n gnupg-%{version} @@ -228,6 +223,9 @@ make -k check %changelog +* Fri Apr 28 2023 Todd Zullinger - 2.4.0-4 +- remove %%skip_verify, brainpool signatures are supported now + * Fri Mar 03 2023 Jakub Jelen - 2.4.0-3 - Revert introduction of the RFC4880bis draft into defaults