From 212bea978d04dcd0ccb48bba3a630afad6d06c50 Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Mon, 3 Oct 2011 01:38:15 -0400
Subject: Use GPG signatures for tarball integrity checks, not just shasums.

---
 SConstruct | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'SConstruct')

diff --git a/SConstruct b/SConstruct
index cfe08f57..b9daae2d 100644
--- a/SConstruct
+++ b/SConstruct
@@ -1498,9 +1498,9 @@ if os.path.exists("gpsd.c") and os.path.exists(".gitignore"):
     # The chmod copes with the fact that scp will give a
     # replacement the files of the *original*...
     upload_release = Utility('upload-release', 'gpsd-${VERSION}.tar.gz', [
-            'shasum gpsd-${VERSION}.tar.gz >gpsd-${VERSION}.sum',
-            'chmod ug=rw,o=r gpsd-${VERSION}.tar.gz gpsd-${VERSION}.sum'
-            'scp $SOURCE gpsd-${VERSION}.sum" ' + scpupload,
+            'gpg -b gpsd-${VERSION}.tar.gz;',
+            'chmod ug=rw,o=r gpsd-${VERSION}.tar.gz gpsd-${VERSION}.tar.gz.sig;',
+            'scp $SOURCE gpsd-${VERSION}.tar.gz.sig ' + scpupload + ';',
             ])
 
 
-- 
cgit v1.2.1