foster/bitcoin-core
0
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-03-05 14:06:27 -05:00
Code Issues Activity

depends: switch to secure download of all dependencies

Browse source 
Some dependency sources were downloaded via http, even though https (SSL/TLS) options are available.
Even if we potentially check the integrity of the downloaded files via hash comparison, we should make
use of this additional security layer.

bdb.mk
fontconfig.mk
freetype.mk
libX11.mk
libXau.mk
libXext.mk
libxcb.mk
native_cctools.mk
native_cdrkit.mk
xcb_proto.mk
xextproto.mk
xproto.mk
xtrans.mk
zlib.mk

miniupnp was switched to official project mirror with SSL support
This commit is contained in:
Ulrich Kempken 2019-05-19 19:58:29 +00:00
parent 7263424458
commit d8bc47fde4
16 changed files with 18 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
depends/packages.md
View file

@ -14,8 +14,9 @@ Each package is required to define at least these variables:
placeholder such as 1.0 can be used. placeholder such as 1.0 can be used.
$(package)_download_path: $(package)_download_path:
Location of the upstream source, without the file-name. Usually http or Location of the upstream source, without the file-name. Usually http, https
ftp. or ftp. Secure transmission options like https should be preferred if
available.
$(package)_file_name: $(package)_file_name:
The upstream source filename available at the download path. The upstream source filename available at the download path.

2
depends/packages/bdb.mk
View file

@ -1,6 +1,6 @@
package=bdb package=bdb
$(package)_version=4.8.30 $(package)_version=4.8.30
$(package)_download_path=http://download.oracle.com/berkeley-db $(package)_download_path=https://download.oracle.com/berkeley-db
$(package)_file_name=db-$($(package)_version).NC.tar.gz $(package)_file_name=db-$($(package)_version).NC.tar.gz
$(package)_sha256_hash=12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef $(package)_sha256_hash=12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef
$(package)_build_subdir=build_unix $(package)_build_subdir=build_unix

2
depends/packages/fontconfig.mk
View file

@ -1,6 +1,6 @@
package=fontconfig package=fontconfig
$(package)_version=2.12.1 $(package)_version=2.12.1
$(package)_download_path=http://www.freedesktop.org/software/fontconfig/release/ $(package)_download_path=https://www.freedesktop.org/software/fontconfig/release/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=b449a3e10c47e1d1c7a6ec6e2016cca73d3bd68fbbd4f0ae5cc6b573f7d6c7f3 $(package)_sha256_hash=b449a3e10c47e1d1c7a6ec6e2016cca73d3bd68fbbd4f0ae5cc6b573f7d6c7f3
$(package)_dependencies=freetype expat $(package)_dependencies=freetype expat

2
depends/packages/freetype.mk
View file

@ -1,6 +1,6 @@
package=freetype package=freetype
$(package)_version=2.7.1 $(package)_version=2.7.1
$(package)_download_path=http://download.savannah.gnu.org/releases/$(package) $(package)_download_path=https://download.savannah.gnu.org/releases/$(package)
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=3a3bb2c4e15ffb433f2032f50a5b5a92558206822e22bfe8cbe339af4aa82f88 $(package)_sha256_hash=3a3bb2c4e15ffb433f2032f50a5b5a92558206822e22bfe8cbe339af4aa82f88

2
depends/packages/libX11.mk
View file

@ -1,6 +1,6 @@
package=libX11 package=libX11
$(package)_version=1.6.2 $(package)_version=1.6.2
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/ $(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=2aa027e837231d2eeea90f3a4afe19948a6eb4c8b2bec0241eba7dbc8106bd16 $(package)_sha256_hash=2aa027e837231d2eeea90f3a4afe19948a6eb4c8b2bec0241eba7dbc8106bd16
$(package)_dependencies=libxcb xtrans xextproto xproto $(package)_dependencies=libxcb xtrans xextproto xproto

2
depends/packages/libXau.mk
View file

@ -1,6 +1,6 @@
package=libXau package=libXau
$(package)_version=1.0.8 $(package)_version=1.0.8
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/ $(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=fdd477320aeb5cdd67272838722d6b7d544887dfe7de46e1e7cc0c27c2bea4f2 $(package)_sha256_hash=fdd477320aeb5cdd67272838722d6b7d544887dfe7de46e1e7cc0c27c2bea4f2
$(package)_dependencies=xproto $(package)_dependencies=xproto

2
depends/packages/libXext.mk
View file

@ -1,6 +1,6 @@
package=libXext package=libXext
$(package)_version=1.3.2 $(package)_version=1.3.2
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/ $(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=f829075bc646cdc085fa25d98d5885d83b1759ceb355933127c257e8e50432e0 $(package)_sha256_hash=f829075bc646cdc085fa25d98d5885d83b1759ceb355933127c257e8e50432e0
$(package)_dependencies=xproto xextproto libX11 libXau $(package)_dependencies=xproto xextproto libX11 libXau

2
depends/packages/libxcb.mk
View file

@ -1,6 +1,6 @@
package=libxcb package=libxcb
$(package)_version=1.10 $(package)_version=1.10
$(package)_download_path=http://xcb.freedesktop.org/dist $(package)_download_path=https://xcb.freedesktop.org/dist
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=98d9ab05b636dd088603b64229dd1ab2d2cc02ab807892e107d674f9c3f2d5b5 $(package)_sha256_hash=98d9ab05b636dd088603b64229dd1ab2d2cc02ab807892e107d674f9c3f2d5b5
$(package)_dependencies=xcb_proto libXau xproto $(package)_dependencies=xcb_proto libXau xproto

2
depends/packages/miniupnpc.mk
View file

@ -1,6 +1,6 @@
package=miniupnpc package=miniupnpc
$(package)_version=2.0.20180203 $(package)_version=2.0.20180203
$(package)_download_path=http://miniupnp.free.fr/files $(package)_download_path=https://miniupnp.tuxfamily.org/files/
$(package)_file_name=$(package)-$($(package)_version).tar.gz $(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=90dda8c7563ca6cd4a83e23b3c66dbbea89603a1675bfdb852897c2c9cc220b7 $(package)_sha256_hash=90dda8c7563ca6cd4a83e23b3c66dbbea89603a1675bfdb852897c2c9cc220b7

2
depends/packages/native_cctools.mk
View file

@ -5,7 +5,7 @@ $(package)_file_name=$($(package)_version).tar.gz
$(package)_sha256_hash=a09c9ba4684670a0375e42d9d67e7f12c1f62581a27f28f7c825d6d7032ccc6a $(package)_sha256_hash=a09c9ba4684670a0375e42d9d67e7f12c1f62581a27f28f7c825d6d7032ccc6a
$(package)_build_subdir=cctools $(package)_build_subdir=cctools
$(package)_clang_version=3.7.1 $(package)_clang_version=3.7.1
$(package)_clang_download_path=http://llvm.org/releases/$($(package)_clang_version) $(package)_clang_download_path=https://llvm.org/releases/$($(package)_clang_version)
$(package)_clang_download_file=clang+llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz $(package)_clang_download_file=clang+llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz
$(package)_clang_file_name=clang-llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz $(package)_clang_file_name=clang-llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz
$(package)_clang_sha256_hash=99b28a6b48e793705228a390471991386daa33a9717cd9ca007fcdde69608fd9 $(package)_clang_sha256_hash=99b28a6b48e793705228a390471991386daa33a9717cd9ca007fcdde69608fd9

2
depends/packages/native_cdrkit.mk
View file

@ -1,6 +1,6 @@
package=native_cdrkit package=native_cdrkit
$(package)_version=1.1.11 $(package)_version=1.1.11
$(package)_download_path=http://distro.ibiblio.org/fatdog/source/600/c $(package)_download_path=https://distro.ibiblio.org/fatdog/source/600/c
$(package)_file_name=cdrkit-$($(package)_version).tar.bz2 $(package)_file_name=cdrkit-$($(package)_version).tar.bz2
$(package)_sha256_hash=b50d64c214a65b1a79afe3a964c691931a4233e2ba605d793eb85d0ac3652564 $(package)_sha256_hash=b50d64c214a65b1a79afe3a964c691931a4233e2ba605d793eb85d0ac3652564
$(package)_patches=cdrkit-deterministic.patch $(package)_patches=cdrkit-deterministic.patch

2
depends/packages/xcb_proto.mk
View file

@ -1,6 +1,6 @@
package=xcb_proto package=xcb_proto
$(package)_version=1.10 $(package)_version=1.10
$(package)_download_path=http://xcb.freedesktop.org/dist $(package)_download_path=https://xcb.freedesktop.org/dist
$(package)_file_name=xcb-proto-$($(package)_version).tar.bz2 $(package)_file_name=xcb-proto-$($(package)_version).tar.bz2
$(package)_sha256_hash=7ef40ddd855b750bc597d2a435da21e55e502a0fefa85b274f2c922800baaf05 $(package)_sha256_hash=7ef40ddd855b750bc597d2a435da21e55e502a0fefa85b274f2c922800baaf05

2
depends/packages/xextproto.mk
View file

@ -1,6 +1,6 @@
package=xextproto package=xextproto
$(package)_version=7.3.0 $(package)_version=7.3.0
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/proto $(package)_download_path=https://xorg.freedesktop.org/releases/individual/proto
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=f3f4b23ac8db9c3a9e0d8edb591713f3d70ef9c3b175970dd8823dfc92aa5bb0 $(package)_sha256_hash=f3f4b23ac8db9c3a9e0d8edb591713f3d70ef9c3b175970dd8823dfc92aa5bb0

2
depends/packages/xproto.mk
View file

@ -1,6 +1,6 @@
package=xproto package=xproto
$(package)_version=7.0.26 $(package)_version=7.0.26
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/proto $(package)_download_path=https://xorg.freedesktop.org/releases/individual/proto
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=636162c1759805a5a0114a369dffdeccb8af8c859ef6e1445f26a4e6e046514f $(package)_sha256_hash=636162c1759805a5a0114a369dffdeccb8af8c859ef6e1445f26a4e6e046514f

2
depends/packages/xtrans.mk
View file

@ -1,6 +1,6 @@
package=xtrans package=xtrans
$(package)_version=1.3.4 $(package)_version=1.3.4
$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/ $(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2 $(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=054d4ee3efd52508c753e9f7bc655ef185a29bd2850dd9e2fc2ccc33544f583a $(package)_sha256_hash=054d4ee3efd52508c753e9f7bc655ef185a29bd2850dd9e2fc2ccc33544f583a
$(package)_dependencies= $(package)_dependencies=

2
depends/packages/zlib.mk
View file

@ -1,6 +1,6 @@
package=zlib package=zlib
$(package)_version=1.2.11 $(package)_version=1.2.11
$(package)_download_path=http://www.zlib.net $(package)_download_path=https://www.zlib.net
$(package)_file_name=$(package)-$($(package)_version).tar.gz $(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1 $(package)_sha256_hash=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1