From 71048e1b2b8d43af1c6a3c39eb81e3772b62f852 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@redhat.com>
Date: Fri, 29 Nov 2019 13:03:05 +0100
Subject: [PATCH] Always check the signature of the tarball

---
 .gitignore     |   1 +
 libtalloc.spec |   7 ++++++-
 sources        |   1 +
 talloc.keyring | Bin 0 -> 646 bytes
 4 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 talloc.keyring

diff --git a/.gitignore b/.gitignore
index 153ca47..4a296c0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,3 +20,4 @@
 /talloc-2.1.16.tar.gz
 /talloc-2.2.0.tar.gz
 /talloc-2.3.0.tar.gz
+/talloc-2.3.0.tar.asc
diff --git a/libtalloc.spec b/libtalloc.spec
index e6716c4..61fced2 100644
--- a/libtalloc.spec
+++ b/libtalloc.spec
@@ -8,7 +8,10 @@ Release: 1%{?dist}
 Summary: The talloc library
 License: LGPLv3+
 URL: https://talloc.samba.org/
-Source: https://www.samba.org/ftp/talloc/talloc-%{version}.tar.gz
+
+Source0: https://www.samba.org/ftp/talloc/talloc-%{version}.tar.gz
+Source1: https://www.samba.org/ftp/talloc/talloc-%{version}.tar.asc
+Source2: https://download.samba.org/pub/samba/samba-pubkey.asc#/talloc.keyring
 
 # Patches
 Patch0001: 0003-wafsamba-Fix-few-SyntaxWarnings-caused-by-regular-ex.patch
@@ -21,6 +24,7 @@ BuildRequires: docbook-style-xsl
 BuildRequires: python3-devel
 %endif
 BuildRequires: doxygen
+BuildRequires: gnupg2
 
 Provides: bundled(libreplace)
 Obsoletes: python2-talloc < 2.2.0-1
@@ -55,6 +59,7 @@ Development libraries for python3-talloc
 %endif
 
 %prep
+zcat %{SOURCE0} | gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} -
 %autosetup -n talloc-%{version} -p1
 
 %build
diff --git a/sources b/sources
index f0c05f1..3671290 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
+SHA512 (talloc-2.3.0.tar.asc) = 5d491d22a776dedbd0523c5db5ee7b4f9e90058114a4556a161a9ed1f90086390fd3cdb6515dca60195bc0edf21476fe9c22ae22742bf9956c670539478c5ffe
 SHA512 (talloc-2.3.0.tar.gz) = f0020d83520ea24711040c44600180fabae7b0e0668a961a66f5d4f77d89b09d799ddadf781ee2d044ad059b2d6a2e5232068fd77b300a8366592c0ce2289837
diff --git a/talloc.keyring b/talloc.keyring
new file mode 100644
index 0000000000000000000000000000000000000000..dc6f26b019fe410b6c5defac77034152235732ba
GIT binary patch
literal 646
zcmV;10(t$J0SyFAE(RL`2mr{9si?cad%gVzp7&evm`U$XBwl(R7=3!z7vE`uVB<>H
zhb*Nyd0gR=)pLWg7Qd}o5g;@?fsy37O*;wR>3?t&8wNUO*t3q~RrP)8;g<D<k{g0e
z#z`wtjSzn#5O@ctx8rASDe=q4AhD+$qnH-q(ksh&5va7iKi$C4?o+YD;gGZ~msLcG
z2p^f5`@##Dva`&2em%UXir>_>|B|^IkJho2>rR&uqca9Kqdr$H9F(u^C6PcV=Y|g}
z3E3qk%R$9RIWzbue?^N3-c)^W0VhucKj3l#Gt1f$ia>xw^wntD+(d}F3pWFk=e@Yi
z$@3PO+Cs4^uN;H<f;9jU0RRECHB(`2VqqXmX<~9=a(N&`X>)XPX<~JBX>V>IOJ#W=
zJab`fVqq;}b!T%xb75^_VJ>fSXFiDmJOmQ~0stlg8v_Ol2?z%R0t6KT2m=Hb0s{d8
z9svRufCU0oK%-y<2?_JiqW}sC5J!`dVG{^IC9Hr4|4BlBBXua%lD~3;pCC>380-LG
zNGXZF54zx*u#0oJ|Dpv%nai%9awy0$$~A<6YJY040;u-+MD6$UAwZu|OqOVm*^{U<
zyCMP%D#0H)e!5SQvCrzY<nkAR$RlMRW&-?>dg_w|HHzlVG?M*j$oyWs5j>s@ZE)4z
z_OjaKH$+QqQISDwrE8y&EtzL+$R`UFRu)t^b9R~aW^U5)c9aq{f05w|6*x7CmAv}u
zR7M2gg6_W@IiYwxhe7JIZK4Q7ACtOg#N8xnv6afz$}Xit*G(sZL2UY~={+_yn$MoZ
gdi#Lou=%_`CT?Rog0}PV!6YXF&01#IXWy=(i8FK}1ONa4

literal 0
HcmV?d00001