signature verification finally working. not sure why it was pgp
exclusive though it seems this logic is nearly
20 years old and likely needs an update
--- /dev/null
+--- poldek-0.42.2/pm/rpmorg/signature.c.orig 2021-04-17 12:56:41.167478071 +0200
++++ poldek-0.42.2/pm/rpmorg/signature.c 2021-04-17 12:56:12.007632757 +0200
+@@ -99,6 +99,9 @@
+
+ switch (td.tag) {
+ case RPMSIGTAG_RSA:
++ flags |= PKGVERIFY_PGP;
++ flags |= PKGVERIFY_GPG;
++ break;
+ case RPMSIGTAG_PGP5: /* XXX legacy */
+ case RPMSIGTAG_PGP:
+ flags |= PKGVERIFY_PGP;
Patch14: rpm4-script-req-workaround.patch
Patch15: skip-buildid-obsoletes.patch
Patch16: verify-signature.patch
+Patch17: %{name}-rsa_sig_rpmorg.patch
URL: http://poldek.pld-linux.org/
BuildRequires: %{db_pkg}-devel >= %{ver_db}
BuildRequires: autoconf >= 2.63
%patch14 -p1
%patch15 -p1
%patch16 -p1
+%patch17 -p1
%{__rm} doc/poldek.info
%{__rm} m4/libtool.m4 m4/lt*.m4