This patch makes the handling of failed integrity checks of 3rd-party
packages more robust. Previously, a once failed 'make prepare PKG=curl'
would not leave any trace of the verification state. Hence, a successive
attempt to perform the 'make prepare' step again succeeded even if the
signature check failed.
To solve this problem, the outcome of a successful signature check is
represented by a tag file called 'download/<archive-name>.verified'.
Because the rule for extracting the archive depends on the .verify tag
file, the extraction step is not performed until the signature check
succeeds.
Issue #748
The Lua runtime library is built in two variants: ANSI C and C++. The
C++ provides all Lua API function with C++ linkage and uses C++
exceptions instead of setjmp/longjmp for protected execution of Lua
chunks.
The ported version of Lua is 5.1.5.
