Commit Graph

3 Commits

Author SHA1 Message Date
Norman Feske
179f742924 ports/libports: Handle failed integrity checks
This patch makes the handling of failed integrity checks of 3rd-party
packages more robust. Previously, a once failed 'make prepare PKG=curl'
would not leave any trace of the verification state. Hence, a successive
attempt to perform the 'make prepare' step again succeeded even if the
signature check failed.

To solve this problem, the outcome of a successful signature check is
represented by a tag file called 'download/<archive-name>.verified'.
Because the rule for extracting the archive depends on the .verify tag
file, the extraction step is not performed until the signature check
succeeds.

Issue #748
2013-06-10 10:44:10 +02:00
Stephan Mueller
056e0792e5 libports: Verify signatures of 3rd-party code
This patch adds integrity checks for the packages of the libports
repository.

Issue #748
2013-06-10 10:44:09 +02:00
Genode Labs
da4e1feaa5 Imported Genode release 11.11 2011-12-22 16:19:25 +01:00