diff --git a/.gitignore b/.gitignore index 537398d..af0d4f8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /oath-toolkit-*.tar.gz +/oath-toolkit-*.tar.gz.sig diff --git a/keyring.asc b/keyring.asc new file mode 100644 index 0000000..fcb2e44 --- /dev/null +++ b/keyring.asc @@ -0,0 +1,23 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9fV+QlTmXxo2naObDuGtw5 +8YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9zZWZzc29uLm9yZz6IlgQT +FggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBLHSvRN1vst4TPT4xNc8 +9jjFPAa+BQJl/YgIBQkLehFUAAoJENc89jjFPAa+CboA+wUa06RD5e5VTCxvSWtP +S75Wq2qBeYGZnf0jvUMxa2n4AP4xkUeAPPnNuMsTm2fsFCDIGaEM2Yn6Vb2huzzT +1Fw/BLg4BFySz2oSCisGAQQBl1UBBQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmd +JyYPt3lNHMd6HAMBCAeIfgQYFggAJgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+ +BQJl/YgwBQkLehDGAAoJENc89jjFPAa+phoA/jrDqIrl/55vUMBhIQv+TP635d2i +CTEnyFmbUcP9+gh6APoDsXalVd2cOGxQtSC+TF8PkZMn1TLkJKAjVxr+xx40Argz +BFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAxI2hIX4HK9bQTpNVei708oNr1Klm8 +qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0+MTXPPY4xTwGvgUCZf2IKwUJC3oQ +qgCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9RcisI/kdFogUCXJLPgQAKCRBRcisI +/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE8GZHYNuFHmM9FEQS6AD6A4x5aYvo +Y6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4JENc89jjFPAa+GcYA/26YQY05bLtn +XiIjTiAzrGQrRXxTHPA8Av7TDFHvIetWAP9sHSoU8OfTwmTiEnGwLlsV7QJclZg3 +YNz/Ypcp9TqQBrgzBFySz3UWCSsGAQQB2kcPAQEHQLzCFcHHrKzVSPDDarZPYqn8 +9H5TPaxwcORgRg+4DagEiH4EGBYIACYCGyAWIQSx0r0Tdb7LeEz0+MTXPPY4xTwG +vgUCZf2IJAUJC3oQrwAKCRDXPPY4xTwGvoxCAQCe/iMQZvHZmSQef5RnL1HOWy03 +OHtsZyhGLnQjsx7PhAEA3O2K0dNbPW2iZMcn9MXAOdmff3zkfNrWEWkZR/x5Xgw= +=2aFT +-----END PGP PUBLIC KEY BLOCK----- diff --git a/oath-toolkit.spec b/oath-toolkit.spec index 2b2e9ef..4c73330 100644 --- a/oath-toolkit.spec +++ b/oath-toolkit.spec @@ -1,6 +1,6 @@ Name: oath-toolkit Version: 2.6.11 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv3+ Summary: One-time password components BuildRequires: make @@ -12,7 +12,12 @@ BuildRequires: xmlsec1-devel BuildRequires: xmlsec1-openssl-devel BuildRequires: autoconf BuildRequires: automake +BuildRequires: gnupg2 Source0: https://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz +Source1: https://download.savannah.nongnu.org/releases/%{name}/%{name}-%{version}.tar.gz.sig +# gpg2 --recv-keys EDA21E94B565716F +# gpg2 --armor --export D73CF638C53C06BE > keyring.asc +Source2: keyring.asc URL: https://www.nongnu.org/oath-toolkit/ Patch0: oath-toolkit-2.6.9-lockfile.patch @@ -109,8 +114,8 @@ Requires: pam A PAM module for pluggable login authentication for OATH. %prep -%setup -q -%patch0 -p1 -b .lockfile +%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' +%autosetup -p1 %build autoreconf -fi @@ -182,6 +187,9 @@ mkdir -p -m 0600 %{buildroot}%{_sysconfdir}/liboath %{_libdir}/security/pam_oath.so %changelog +* Thu Apr 11 2024 Jaroslav Škarvada - 2.6.11-4 +- Added gpg2 signature verification + * Thu Jan 25 2024 Fedora Release Engineering - 2.6.11-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild diff --git a/sources b/sources index d4ecc7f..39df953 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ SHA512 (oath-toolkit-2.6.11.tar.gz) = 42df879bebccdde3d38558ba735e09db14d0c916b9f0d3a1842e0ecc80614b7d1ee44db39d3097970a2a7108446da6eefd09bdd32dd2fb81d6aed06dc19552fd +SHA512 (oath-toolkit-2.6.11.tar.gz.sig) = 07126e759ea6688b6964d51769d7414e2568228c6b0c271117e95db1a29b5b6faccff1b2aee8cfe34e8c27309bdbf067b522fc1cd089e864692b92302277bcf5