Commit Graph

5 Commits

Author SHA1 Message Date
Norman Feske
9d778a658d ports/libports: Avoid multi-target rules
This patch splits the download of signatures from the download of the
archive to improve robustness. This way, signature files will be
downloaded even if the corresponding archive is already in place.

Issue #748
2013-06-12 11:35:13 +02:00
Norman Feske
179f742924 ports/libports: Handle failed integrity checks
This patch makes the handling of failed integrity checks of 3rd-party
packages more robust. Previously, a once failed 'make prepare PKG=curl'
would not leave any trace of the verification state. Hence, a successive
attempt to perform the 'make prepare' step again succeeded even if the
signature check failed.

To solve this problem, the outcome of a successful signature check is
represented by a tag file called 'download/<archive-name>.verified'.
Because the rule for extracting the archive depends on the .verify tag
file, the extraction step is not performed until the signature check
succeeds.

Issue #748
2013-06-10 10:44:10 +02:00
Stephan Mueller
056e0792e5 libports: Verify signatures of 3rd-party code
This patch adds integrity checks for the packages of the libports
repository.

Issue #748
2013-06-10 10:44:09 +02:00
Josef Söntgen
abf0563815 libports: workaround for downloading libssh
Since checking if the certificate is valid is not that important
(we currently do not check the signature of the archive which is the
bigger issue) we disable the checking to prevent certain wget version
from refusing to download the archive.

Fixes #681
2013-03-08 12:07:31 +01:00
Josef Söntgen
814c6fc9d5 libports: add libssh-0.5.4
Fixes #669
2013-02-25 22:14:21 +01:00