1From 3e8a9e9a1c7eae515eb628778c3c8a04338b3bb3 Mon Sep 17 00:00:00 2001 2From: "Yann E. MORIN" <yann.morin.1998@free.fr> 3Date: Tue, 27 Dec 2016 11:21:09 +0100 4Subject: [PATCH] sounds: do not download and check sha1s 5 6To validate the sound archives, the corresponding sha1s are also 7downloaded from the same location, and that download is done at install 8time. 9 10However, that poses at least two problems: 11 12 - in Buildroot, we already have validated the downloads with the sha1s 13 anyway, and trying to download anything at install time is not 14 always possible (e.g. for off-line builds); 15 16 - since the download scheme is not secured (plain http), a 17 man-in-the-middle for the sounds will also be able to MITM the 18 download of the sha1s, so there is absolutely no additional safety 19 in doing so. 20 21So we just do without the sha1 download and checks. 22 23Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> 24--- 25 sounds/Makefile | 10 ---------- 26 1 file changed, 10 deletions(-) 27 28diff --git a/sounds/Makefile b/sounds/Makefile 29index 84d0f45..7a80d56 100644 30--- a/sounds/Makefile 31+++ b/sounds/Makefile 32@@ -100,17 +100,7 @@ ifneq ($(SOUNDS_CACHE_DIR),) 33 if test ! -f "$$(SOUNDS_CACHE_DIR)/$$@"; then \ 34 (cd "$$(SOUNDS_CACHE_DIR)"; $$(DOWNLOAD) $$(SOUNDS_URL)/$$@); \ 35 fi; \ 36- if test ! -f "$$(SOUNDS_CACHE_DIR)/$$@.sha1"; then \ 37- (cd "$$(SOUNDS_CACHE_DIR)"; $$(DOWNLOAD) $$(SOUNDS_URL)/$$@.sha1); \ 38- fi; \ 39 $$(LN) -sf "$$(SOUNDS_CACHE_DIR)/$$@" .; \ 40- $$(LN) -sf "$$(SOUNDS_CACHE_DIR)/$$@.sha1" .; \ 41- $$(SHA1SUM) -c --status $$@.sha1 || \ 42- ( \ 43- rm -f "$$(SOUNDS_CACHE_DIR)/$$@" "$$(SOUNDS_CACHE_DIR)/$$@.sha1" $$@ $$@.sha1; \ 44- echo "Bad checksum: $$@" 1>&2; \ 45- exit 1; \ 46- ) || exit 1; \ 47 fi 48 else 49 $(CMD_PREFIX) \ 50-- 512.7.4 52 53