[Replicant] Draft patch for "F-Droid signed Repwifi" issue
Joonas Kylmälä
joonas.kylmala at iki.fi
Mon Sep 3 15:21:00 UTC 2018
Denis 'GNUtoo' Carikli:
> On Tue, 28 Aug 2018 18:53:00 +0000
> Joonas Kylmälä <joonas.kylmala at iki.fi> wrote:
>
>> Hi,
>>
>> I tried to draft patches for the RepWifi ticket over here:
>> https://redmine.replicant.us/issues/1887. Please see them as
>> attachments.
> Thanks a lot for working on that. I've some comments below on the patch.
>
>> gpg --armor --verify
>> $BASEDIR/prebuilt/common/apps/fil.libre.repwifiapp_9.apk.asc
>> $BASEDIR/prebuilt/common/apps/fil.libre.repwifiapp_9.apk
> This will need to be made automatic, else users will have a build
> failure if they don't have the public key used to sign the apk in their
> keyring. If making it automatic is too much time consuming, we could
> also add some instructions to fetch that key as part of the wiki pages
> on how to build Replicant.
It's already in the build instructions at
https://redmine.replicant.us/projects/replicant/wiki/ReplicantSourceCode.
I don't like that we would add automatically anything to users GPG
keyring. But we could maybe include our own keyring to the source code
and do something like here in the answer:
https://stackoverflow.com/questions/19011093/how-do-i-verify-a-gpg-signature-matches-a-public-key-file
At the time I prepared this patch I didn't know about the freedom issues
with F-Droid, and those issues seem to block this patch right now and we
should focus on fixing the freedom issues.
Joonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20180903/a1eab1c1/attachment.asc>
More information about the Replicant
mailing list