[LEDE-DEV] [PATCH 2/2] download.mk: introduce a new variable SKIPHASH

Baptiste Jonglez baptiste at bitsofnetworks.org
Wed Nov 8 03:14:35 PST 2017


Hi Stijn,

What is your opinion on this patch?  There has been a bit of feedback, but
you were the one requesting the change in the first place :)

Thanks,
Baptiste

On 26-10-17, Baptiste Jonglez wrote:
> When calling a download target, hash verification is now completely
> skipped if the SKIPHASH variable is set.
> 
> This allows to easily bump package version:
> 
>     # Update PKG_VERSION in the package Makefile
>     $ make package/<mypackage>/download SKIPHASH=1 V=s
>     $ make package/<mypackage>/check FIXUP=1 V=s
> 
> This will download the new version of the package, and then automatically
> update PKG_HASH with the hash of the new version.  Of course, it is still
> the responsibility of the packager to ensure that the new tarball is
> legitimate, because it is downloaded from a possibly untrusted source.
> 
> Fixes: b30ba14e ("scripts/download.pl: fail loudly if provided hash is unsupported")
> Signed-off-by: Baptiste Jonglez <git at bitsofnetworks.org>
> ---
>  include/download.mk | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/include/download.mk b/include/download.mk
> index 0a25641738..a6821b5304 100644
> --- a/include/download.mk
> +++ b/include/download.mk
> @@ -102,12 +102,18 @@ check_md5 = \
>  hash_var = $(if $(filter-out x,$(1)),MD5SUM,HASH)
>  endif
>  
> +ifdef SKIPHASH
> +DOWNLOAD_CMD = $(SCRIPT_DIR)/download.pl --skip-hash
> +else
> +DOWNLOAD_CMD = $(SCRIPT_DIR)/download.pl
> +endif
> +
>  define DownloadMethod/unknown
>  	echo "ERROR: No download method available"; false
>  endef
>  
>  define DownloadMethod/default
> -	$(SCRIPT_DIR)/download.pl "$(DL_DIR)" "$(FILE)" "$(HASH)" "$(URL_FILE)" $(foreach url,$(URL),"$(url)") \
> +	$(DOWNLOAD_CMD) "$(DL_DIR)" "$(FILE)" "$(HASH)" "$(URL_FILE)" $(foreach url,$(URL),"$(url)") \
>  	$(if $(filter check,$(1)), \
>  		$(call check_hash,$(FILE),$(HASH),$(2)$(call hash_var,$(MD5SUM))) \
>  		$(call check_md5,$(MD5SUM),$(2)MD5SUM,$(2)HASH) \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/lede-dev/attachments/20171108/38935c9b/attachment-0001.sig>


More information about the Lede-dev mailing list