PR#1: Add source file verification, and convert URLs from HTTP to HTTPS - rpms/libss7

rpms / libss7

#1 Add source file verification, and convert URLs from HTTP to HTTPS

Closed 3 years ago by music. Opened 3 years ago by music.

Unknown source master into rawhide

Add source file verification, and convert URLs from HTTP to HTTPS

Benjamin Beasley • 3 years ago

405f279

.gitignore

file modified

		`@@ -1,2 +1,3 @@`
		`libss7-1.0.2.tar.gz`
		`/libss7-2.0.0.tar.gz`
		`+ /libss7-2.0.0.tar.gz.asc`

libss7.gpg

file added

empty or binary file added

libss7.spec

file modified

+26 -5

		`@@ -1,16 +1,32 @@`
		`Name: libss7`
		`Version: 2.0.0`
		`- Release: 3%{?dist}`
		`+ Release: 4%{?dist}`
		`Summary: SS7 protocol services to applications`


		`License: GPLv2`

		`- URL: http://www.asterisk.org/`
		`- Source0: http://downloads.digium.com/pub/telephony/libss7/releases/libss7-%{version}.tar.gz`
		`-`
		`-`
		`+ URL: https://www.asterisk.org/`
		`+ %global src_base https://downloads.asterisk.org/pub/telephony/%{name}/releases`
		`+ Source0: %{src_base}/%{name}-%{version}.tar.gz`
		`+ Source1: %{src_base}/%{name}-%{version}.tar.gz.asc`
		`+ # Keyring with developer signatures created on 2020-12-04 with:`
		`+ #`
		`+ # gpg --with-fingerprint libss7-2.0.0.tar.gz.asc 2>&1 \|`
		`+ # awk '$2 == "using" { print "0x" $NF }' \|`
		`+ # xargs gpg2 --no-default-keyring --keyring ./libss7-tmp.gpg \`
		`+ # --keyserver=hkp://pool.sks-keyservers.net --recv-keys`
		`+ # gpg2 --export --export-options export-minimal --keyring ./libss7-tmp.gpg \`
		`+ # > libss7.gpg`
		`+ # rm -f ./libss7-tmp.gpg`
		`+ #`
		`+ # Inspect keys using: gpg --list-keys --keyring ./libss7.gpg`
		`+ Source2: %{name}.gpg`
		`+`
		`+`
		`+ BuildRequires: gnupg2`
		`BuildRequires: gcc`
		`+`
		`%description`
		`libss7 is a userspace library that is used for providing SS7 protocol`
		`services to applications. It has a working MTP2, MTP3, and ISUP for`
		`@@ -27,6 +43,7 @@`
		`developing applications that use %{name}.`

		`%prep`
		`+ %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'`
		`%setup0 -q`

		`%build`
		`@@ -50,6 +67,10 @@`
		`%{_libdir}/*.so`

		`%changelog`
		`+ * Fri Dec 4 2020 Benjamin A. Beasley <code@musicinmybrain.net> - 2.0.0-4`
		`+ - Add source file verification`
		`+ - Convert URLs from HTTP to HTTPS`
		`+`
		`* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-3`
		`- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild`

sources

file modified

		`@@ -1,1 +1,2 @@`
		`SHA512 (libss7-2.0.0.tar.gz) = 4caa14070000d55c55addf63d60cb2c6113d177f98f8168a1ff2b42c0941bbc5f892cf170fbf73de5069de5185b4bd64e50645385b3c39e00bc16bded7782858`
		`+ SHA512 (libss7-2.0.0.tar.gz.asc) = ac72c34df1e10539a5fb8744c6e006cad2e8981c3efe45be1f36cbcb6c2bbd87a32a651d364cde5c48cbde0a341f29ce67c472f4215b00b17fcb05a57fcd50d1`