projects / librecmc / open-ath9k-htc-firmware.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cca769e) | patch
add cryptographic assurances when fetching the toolchain 94/head
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>
Tue, 20 Sep 2016 17:38:03 +0000 (19:38 +0200)
committerOleksij Rempel <linux@rempel-privat.de>
Tue, 20 Sep 2016 18:04:20 +0000 (20:04 +0200)
commit90a7b1626a3a73b3646888062b9dbccc3c9d1530
treeb9bf56bbd8fac072a6674d060a122d330c70cd7etree | snapshot
parentcca769ebf9a967ac03211799610f1e1ba3ba9ba9commit | diff
add cryptographic assurances when fetching the toolchain

Previously, anyone tampering with the network could have modified the
toolchain source code in transit and the build would have proceeded as
expected.

With this patch, we can ensure that we're getting the expected
tarballs from upstream.

If the required toolchain packages change in the future, the sha256
digests of the new packages should be updated in Makefile as well.

Updated-by: Oleksij Rempel <linux@rempel-privat.de>
Makefile diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.