mirror of
https://github.com/genodelabs/genode.git
synced 2024-12-28 01:28:53 +00:00
179f742924
This patch makes the handling of failed integrity checks of 3rd-party packages more robust. Previously, a once failed 'make prepare PKG=curl' would not leave any trace of the verification state. Hence, a successive attempt to perform the 'make prepare' step again succeeded even if the signature check failed. To solve this problem, the outcome of a successful signature check is represented by a tag file called 'download/<archive-name>.verified'. Because the rule for extracting the archive depends on the .verify tag file, the extraction step is not performed until the signature check succeeds. Issue #748
39 lines
1.0 KiB
Makefile
39 lines
1.0 KiB
Makefile
ZLIB_VERSION = 1.2.8
|
|
ZLIB = zlib-$(ZLIB_VERSION)
|
|
ZLIB_TGZ = $(ZLIB).tar.gz
|
|
ZLIB_URL = http://downloads.sourceforge.net/project/libpng/zlib/$(ZLIB_VERSION)/$(ZLIB_TGZ)
|
|
ZLIB_MD5 = 44d667c142d7cda120332623eab69f40
|
|
|
|
#
|
|
# Interface to top-level prepare Makefile
|
|
#
|
|
PORTS += $(ZLIB)
|
|
|
|
prepare-zlib: $(CONTRIB_DIR)/$(ZLIB) include/zlib
|
|
|
|
$(CONTRIB_DIR)/$(ZLIB):clean-zlib
|
|
|
|
#
|
|
# Port-specific local rules
|
|
#
|
|
$(DOWNLOAD_DIR)/$(ZLIB_TGZ):
|
|
$(VERBOSE)wget -c -P $(DOWNLOAD_DIR) $(ZLIB_URL) && touch $@
|
|
|
|
$(DOWNLOAD_DIR)/$(ZLIB_TGZ).verified: $(DOWNLOAD_DIR)/$(ZLIB_TGZ)
|
|
$(VERBOSE)$(HASHVERIFIER) $(DOWNLOAD_DIR)/$(ZLIB_TGZ) $(ZLIB_MD5) md5
|
|
$(VERBOSE)touch $@
|
|
|
|
$(CONTRIB_DIR)/$(ZLIB): $(DOWNLOAD_DIR)/$(ZLIB_TGZ).verified
|
|
$(VERBOSE)tar xfz $(<:.verified=) -C $(CONTRIB_DIR) && touch $@
|
|
|
|
ZLIB_INCLUDES = zconf.h zlib.h
|
|
|
|
include/zlib:
|
|
$(VERBOSE)mkdir -p $@
|
|
$(VERBOSE)for i in $(ZLIB_INCLUDES); do \
|
|
ln -sf ../../$(CONTRIB_DIR)/$(ZLIB)/$$i $@; done
|
|
|
|
clean-zlib:
|
|
$(VERBOSE)rm -rf include/zlib
|
|
$(VERBOSE)rm -rf $(CONTRIB_DIR)/$(ZLIB)
|