* [gentoo-commits] repo/proj/guru:dev commit in: net-p2p/p2pool/, sec-keys/openpgp-keys-schernykh/
@ 2024-08-02 23:59 Adam Pimentel
0 siblings, 0 replies; only message in thread
From: Adam Pimentel @ 2024-08-02 23:59 UTC (permalink / raw
To: gentoo-commits
commit: 4c2441b92e050bf1de11b4ac34877525eeb4943c
Author: Adam Pimentel <adam.pimentel <AT> protonmail <DOT> com>
AuthorDate: Fri Aug 2 23:59:14 2024 +0000
Commit: Adam Pimentel <adam.pimentel <AT> protonmail <DOT> com>
CommitDate: Fri Aug 2 23:59:14 2024 +0000
URL: https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=4c2441b9
net-p2p/p2pool: Add signature verification script for sources
Signed-off-by: Adam Pimentel <adam.pimentel <AT> protonmail.com>
net-p2p/p2pool/Manifest | 3 +-
net-p2p/p2pool/p2pool-4.0.ebuild | 51 ++++++++++++++++++++--
sec-keys/openpgp-keys-schernykh/Manifest | 1 +
sec-keys/openpgp-keys-schernykh/metadata.xml | 8 ++++
.../openpgp-keys-schernykh-20210409.ebuild | 19 ++++++++
5 files changed, 78 insertions(+), 4 deletions(-)
diff --git a/net-p2p/p2pool/Manifest b/net-p2p/p2pool/Manifest
index 42c22fbcc..0e40af431 100644
--- a/net-p2p/p2pool/Manifest
+++ b/net-p2p/p2pool/Manifest
@@ -1 +1,2 @@
-DIST p2pool-4.0.tar.xz 127772256 BLAKE2B 77de14bd19f43483fa7da0e65f8a27d5f6cf8c2daf5d8d5e07be373c752794bd35c421fd812b65328acd22004766ff235e9ad6e7e613d08ca3c27ac95153cbc3 SHA512 ea37993d13342b303902e6aa6acb090a908ba99ae304d9415480ff39a3647c84a963ab80b317c9c78a9f11631e0ca9547a08c6e0c23b83892037b63d4beef7a2
+DIST p2pool-4.0_shasums.asc 2038 BLAKE2B f8f20875a9fa4771753b1eade7c609be761f007ac32a0641109d87890bdd7f2123f11a203d56ffcca5b74b16667e0d8288479688938935434b86875c6c72959c SHA512 bf4a933a81ce9bd48bf293a26d3e4e75b82c67fcfd48d79c57dd86aaac2c2cd54def43b47b05222e0b93fd61623d2c116c403531500a93d45059bca4a0dd3cb4
+DIST p2pool-4.0_source.tar.xz 127772256 BLAKE2B 77de14bd19f43483fa7da0e65f8a27d5f6cf8c2daf5d8d5e07be373c752794bd35c421fd812b65328acd22004766ff235e9ad6e7e613d08ca3c27ac95153cbc3 SHA512 ea37993d13342b303902e6aa6acb090a908ba99ae304d9415480ff39a3647c84a963ab80b317c9c78a9f11631e0ca9547a08c6e0c23b83892037b63d4beef7a2
diff --git a/net-p2p/p2pool/p2pool-4.0.ebuild b/net-p2p/p2pool/p2pool-4.0.ebuild
index 57ceb6d33..5168a4e13 100644
--- a/net-p2p/p2pool/p2pool-4.0.ebuild
+++ b/net-p2p/p2pool/p2pool-4.0.ebuild
@@ -1,13 +1,19 @@
# Copyright 2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
+#TODO: verify hell script is safe
+#TODO: enable/fix GRPC dependency and add it as USE flag (https://github.com/SChernykh/p2pool/issues/313)
+
EAPI=8
-inherit cmake
+inherit cmake verify-sig
DESCRIPTION="Decentralized pool for Monero mining"
HOMEPAGE="https://p2pool.io"
-SRC_URI=" https://github.com/SChernykh/p2pool/releases/download/v${PV}/p2pool_source.tar.xz -> ${P}.tar.xz"
+SRC_URI="
+ https://github.com/SChernykh/p2pool/releases/download/v${PV}/p2pool_source.tar.xz -> ${P}_source.tar.xz
+ verify-sig? ( https://github.com/SChernykh/p2pool/releases/download/v${PV}/sha256sums.txt.asc -> ${P}_shasums.asc )
+"
LICENSE="BSD GPL-3+ ISC LGPL-3+ MIT"
SLOT="0"
@@ -17,9 +23,48 @@ DEPEND="
dev-libs/libsodium
net-libs/czmq
"
+BDEPEND="
+ verify-sig? ( sec-keys/openpgp-keys-schernykh )
+"
+
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/SChernykh.asc
src_unpack() {
- unpack ${P}.tar.xz
+ if use verify-sig; then
+ #what we want to do is `verify-sig_verify_signed_checksums ${P}_shasums.asc sha512 p2pool_source.tar.xz`
+ verify-sig_verify_message "${DISTDIR}/${P}_shasums.asc" "${WORKDIR}/p2pool_shasums.txt"
+
+ #start of hell script
+ hellscript_stage=0
+ tr -d '\r' < p2pool_shasums.txt | while IFS='' read -r LINE; do
+ if [ "$hellscript_stage" -eq 0 ] && [ "$LINE" = "Name: p2pool_source.tar.xz" ]; then
+ hellscript_stage=1
+ continue
+ fi
+ if [ "$hellscript_stage" -eq 1 ]; then
+ hellscript_sizestring="Size: $(cat ${DISTDIR}/${P}_source.tar.xz | wc -c) bytes"
+ if [ "${LINE:0:"${#hellscript_sizestring}"}" = "$hellscript_sizestring" ]; then
+ hellscript_stage=2
+ continue
+ else
+ die
+ fi
+ fi
+ if [ "$hellscript_stage" -eq 2 ]; then
+ hellscript_shaprefix="SHA256: "
+ if [ "${LINE:0:"${#hellscript_shaprefix}"}" = "$hellscript_shaprefix" ]; then
+ echo "$(echo "${LINE:"${#hellscript_shaprefix}"}" | tr '[:upper:]' '[:lower:]') ${DISTDIR}/${P}_source.tar.xz" \
+ > "${WORKDIR}/src_shasum.txt"
+ else
+ die
+ fi
+ break
+ fi
+ done
+ verify-sig_verify_unsigned_checksums "${WORKDIR}/src_shasum.txt" sha256 "${DISTDIR}/${P}_source.tar.xz"
+ #end of hell script
+ fi
+ unpack ${P}_source.tar.xz
mv -T "${WORKDIR}"/${PN} "${WORKDIR}"/${P} || die
}
diff --git a/sec-keys/openpgp-keys-schernykh/Manifest b/sec-keys/openpgp-keys-schernykh/Manifest
new file mode 100644
index 000000000..7a1406539
--- /dev/null
+++ b/sec-keys/openpgp-keys-schernykh/Manifest
@@ -0,0 +1 @@
+DIST SChernykh.asc 3139 BLAKE2B 97d27eea4ae8a7822acbf0b5c1470dc711d66c461a35b4d6ea7737cb173d706466e75262c97581222bbb218838070f048840274dd4dfdb400b64a7be45429855 SHA512 d7674c286dd628e0f4a3146cd2b16dab690752db89713630dd1be43febca159be18623b25cdef15273de4c8c0eb16b289203c0130ef7ac03f0371b3767bcd121
diff --git a/sec-keys/openpgp-keys-schernykh/metadata.xml b/sec-keys/openpgp-keys-schernykh/metadata.xml
new file mode 100644
index 000000000..b9a17c96c
--- /dev/null
+++ b/sec-keys/openpgp-keys-schernykh/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>adam.pimentel46@gmail.com</email>
+ <name>Adam Pimentel</name>
+ </maintainer>
+</pkgmetadata>
diff --git a/sec-keys/openpgp-keys-schernykh/openpgp-keys-schernykh-20210409.ebuild b/sec-keys/openpgp-keys-schernykh/openpgp-keys-schernykh-20210409.ebuild
new file mode 100644
index 000000000..6decd5f85
--- /dev/null
+++ b/sec-keys/openpgp-keys-schernykh/openpgp-keys-schernykh-20210409.ebuild
@@ -0,0 +1,19 @@
+# Copyright 2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="OpenPGP keys used to sign P2Pool releases"
+HOMEPAGE="https://p2pool.io/"
+SRC_URI="https://p2pool.io/SChernykh.asc"
+S="${WORKDIR}"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+
+src_install() {
+ local files=( ${A} )
+ insinto /usr/share/openpgp-keys
+ newins - SChernykh.asc < <(cat "${files[@]/#/${DISTDIR}/}")
+}
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2024-08-03 0:00 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-08-02 23:59 [gentoo-commits] repo/proj/guru:dev commit in: net-p2p/p2pool/, sec-keys/openpgp-keys-schernykh/ Adam Pimentel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox