From: Yann E. MORIN <yann.morin.1998@free.fr>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH v3] ca-certificates: new package
Date: Sun, 12 Jan 2014 22:01:12 +0100 [thread overview]
Message-ID: <20140112210111.GD3374@free.fr> (raw)
In-Reply-To: <87lhyl2b5w.fsf@dell.be.48ers.dk>
Peter, All,
On 2014-01-12 21:32 +0100, Peter Korsgaard spake thusly:
> >>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes:
> > An third alternative is to add a package/pkg/pkg.hash file, which
> > contains the list of files, and their hashes; in fact, the output of the
> > hash util we'd use:
> > ABCDEF1234567890 foo-1.2.3.patch
> > ABCDEF1234567890 bla.patch
> > ABCDEF1234567890 file.bin
>
> That sounds good to me, and is easy to handle. Another alternative would
> be to make <pkg>_CHECKSUM a list of hashes, in the same order as the
> files are handled (_SOURCE, _EXTRA_DOWNLOADS, _PATCH).
And how do you suggest we correlate the hash from that list to the file
we're actually just downloaded?
The tarball is in one variable, the patches in a second, and the extra
files in a third.
We'd have to look in each of those variables to find the file, and
derive an offset in the list form that, and then extract the n-th
element of that list.
I guess this is not so easy as you think it is. ;-)
> > Also, we'd have to settle for a hash function.
[--SNIP--]
> Next to their strength is also the issue about how likely it is that
> those tools are available on the build host.
Right, those pesky companies using "Enterprise Editions" and then stuck
back in the 20th century... ;-]
sha1 shall it be, then. ;-)
(Note: sha2 was added to coreutils seven years ago, 2005-10-23)
Regards,
Yann E. MORIN.
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 223 225 172 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
next prev parent reply other threads:[~2014-01-12 21:01 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-10 15:39 [Buildroot] [PATCH v3] ca-certificates: new package Martin Bark
2014-01-11 23:48 ` Yann E. MORIN
2014-01-12 8:38 ` Peter Korsgaard
2014-01-12 11:27 ` Yann E. MORIN
2014-01-12 18:23 ` Peter Korsgaard
2014-01-12 18:34 ` Yann E. MORIN
2014-01-12 19:19 ` Peter Korsgaard
2014-01-12 20:09 ` Yann E. MORIN
2014-01-12 20:32 ` Peter Korsgaard
2014-01-12 21:01 ` Yann E. MORIN [this message]
2014-01-12 21:08 ` Peter Korsgaard
2014-01-12 21:21 ` Bernd Kuhls
2014-01-12 21:38 ` Yann E. MORIN
2014-01-14 7:13 ` Arnout Vandecappelle
2014-01-12 20:09 ` Peter Korsgaard
2014-01-12 20:39 ` Martin Bark
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140112210111.GD3374@free.fr \
--to=yann.morin.1998@free.fr \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.