From bcfde367abadc6c154d2452ba916cae2bf73f194 Mon Sep 17 00:00:00 2001
From: Matt Jolly <kangie@gentoo.org>
Date: Wed, 4 Jun 2025 09:55:42 +1000
Subject: dev-lang/rust: fix verify-sig

When the patch tarballs were added the ebuilds were not updated to
ensure that only upstream-signed files are verified.

Signed-off-by: Matt Jolly <kangie@gentoo.org>
---
 dev-lang/rust/rust-1.84.1-r2.ebuild | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'dev-lang/rust/rust-1.84.1-r2.ebuild')

diff --git a/dev-lang/rust/rust-1.84.1-r2.ebuild b/dev-lang/rust/rust-1.84.1-r2.ebuild
index 688d74e1f8ce..24b11fadae0c 100644
--- a/dev-lang/rust/rust-1.84.1-r2.ebuild
+++ b/dev-lang/rust/rust-1.84.1-r2.ebuild
@@ -238,6 +238,15 @@ pkg_setup() {
 	fi
 }
 
+src_unpack() {
+	if use verify-sig ; then
+		# Patch tarballs are not signed (but we trust Gentoo infra)
+		verify-sig_verify_detached "${DISTDIR}"/rustc-${PV}-src.tar.xz{,.asc}
+	else
+		default
+	fi
+}
+
 src_prepare() {
 	PATCHES=(
 		"${WORKDIR}/rust-patches-${RUST_PATCH_VER}/"
-- 
cgit v1.2.3