From e0d411bcd2e7985702541aded766876ef463a7a4 Mon Sep 17 00:00:00 2001 From: Flatcar Buildbot Date: Mon, 3 Nov 2025 07:11:10 +0000 Subject: [PATCH] eclass/verify-sig: Sync with Gentoo It's from Gentoo commit b36318ddfa467f2a65f6755bb5490a3f3527d0d3. Signed-off-by: Flatcar Buildbot --- .../portage-stable/eclass/verify-sig.eclass | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/sdk_container/src/third_party/portage-stable/eclass/verify-sig.eclass b/sdk_container/src/third_party/portage-stable/eclass/verify-sig.eclass index 1cd3e1010a..ba1086d664 100644 --- a/sdk_container/src/third_party/portage-stable/eclass/verify-sig.eclass +++ b/sdk_container/src/third_party/portage-stable/eclass/verify-sig.eclass @@ -58,7 +58,7 @@ IUSE="verify-sig" # Signature verification method to use. The allowed value are: # # - minisig -- verify signatures with (base64) Ed25519 public key using app-crypt/minisign -# - openpgp -- verify PGP signatures using app-crypt/gnupg (the default) +# - openpgp -- verify PGP signatures using app-alternatives/gpg (the default) # - sigstore -- verify signatures using dev-python/sigstore # - signify -- verify signatures with Ed25519 public key using app-crypt/signify : "${VERIFY_SIG_METHOD:=openpgp}" @@ -70,7 +70,10 @@ case ${VERIFY_SIG_METHOD} in openpgp) BDEPEND=" verify-sig? ( - app-crypt/gnupg + || ( + app-alternatives/gpg + app-crypt/gnupg[-alternatives(-)] + ) >=app-portage/gemato-20 ) " @@ -276,7 +279,7 @@ verify-sig_verify_message() { # https://bugs.gentoo.org/854492 local -x TMPDIR=/tmp gemato gpg-wrap -K "${key}" "${extra_args[@]}" -- \ - gpg --verify --output="${output_file}" "${file}" || + "${GNUPG:-gpg}" --verify --output="${output_file}" "${file}" || die "PGP signature verification failed" ;; signify) @@ -380,6 +383,7 @@ _gpg_verify_signed_checksums() { verify-sig_verify_unsigned_checksums - "${algo}" "${files}" < <( verify-sig_verify_message "${checksum_file}" - "${key}" + echo ) }