From 3a018ee72c2180a31b3033462e240386db18856e Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 11 Sep 2019 10:41:37 +0200
Subject: add tarball signature check

---
 php.spec | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'php.spec')

diff --git a/php.spec b/php.spec
index f95e9ac..abd024e 100644
--- a/php.spec
+++ b/php.spec
@@ -135,6 +135,9 @@ Source8: php-fpm.sysconfig
 Source9: php.modconf
 Source10: php.conf2
 Source12: php-fpm.wants
+# See https://secure.php.net/gpg-keys.php
+Source20: https://www.php.net/distributions/php-keyring.gpg
+Source21: https://www.php.net/distributions/php-%{upver}%{?rcver}.tar.xz.asc
 # Configuration files for some extensions
 Source50: 10-opcache.ini
 Source51: opcache-default.blacklist
@@ -172,6 +175,7 @@ Patch300: php-7.0.10-datetests.patch
 
 # WIP
 
+BuildRequires: gnupg2
 BuildRequires: bzip2-devel
 BuildRequires: pkgconfig(libcurl)  >= 7.15.5
 BuildRequires: libdb-devel
@@ -688,7 +692,7 @@ License: PHP and LGPLv2 and BSD and OpenLDAP
 # ensure we have soname 5
 BuildRequires: pkgconfig(oniguruma) >= 6.8
 %else
-Provides: bundled(oniguruma) = 6.9.0
+Provides: bundled(oniguruma) = 6.9.3
 %endif
 Provides: bundled(libmbfl) = 1.3.2
 Requires: %{?scl_prefix}php-common%{?_isa} = %{version}-%{release}
@@ -903,6 +907,8 @@ in pure PHP.
 
 
 %prep
+%{?gpgverify:%{gpgverify} --keyring='%{SOURCE20}' --signature='%{SOURCE21}' --data='%{SOURCE0}'}
+
 : Building %{name}-%{version}-%{release} with imap=%{with_imap} freetds=%{with_freetds} sqlite3=%{with_sqlite3} tidy=%{with_tidy} zip=%{with_zip}
 %if 0%{?gh_date}
 %setup -q -n %{gh_project}-%{gh_commit}
-- 
cgit