aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorUlrich Kempken <Uli.Kempken@t-online.de>2019-05-19 19:58:29 +0000
committerUlrich Kempken <Uli.Kempken@t-online.de>2019-05-20 22:25:52 +0000
commitd8bc47fde46ca0711fa54a0d70ff5d066c708e50 (patch)
tree044b6b0bf3752278a83f01fc988ea4bd57aaefa4
parent72634244580dc2e3c630ee27e47587080d064b68 (diff)
depends: switch to secure download of all dependencies
Some dependency sources were downloaded via http, even though https (SSL/TLS) options are available. Even if we potentially check the integrity of the downloaded files via hash comparison, we should make use of this additional security layer. bdb.mk fontconfig.mk freetype.mk libX11.mk libXau.mk libXext.mk libxcb.mk native_cctools.mk native_cdrkit.mk xcb_proto.mk xextproto.mk xproto.mk xtrans.mk zlib.mk miniupnp was switched to official project mirror with SSL support
-rw-r--r--depends/packages.md5
-rw-r--r--depends/packages/bdb.mk2
-rw-r--r--depends/packages/fontconfig.mk2
-rw-r--r--depends/packages/freetype.mk2
-rw-r--r--depends/packages/libX11.mk2
-rw-r--r--depends/packages/libXau.mk2
-rw-r--r--depends/packages/libXext.mk2
-rw-r--r--depends/packages/libxcb.mk2
-rw-r--r--depends/packages/miniupnpc.mk2
-rw-r--r--depends/packages/native_cctools.mk2
-rw-r--r--depends/packages/native_cdrkit.mk2
-rw-r--r--depends/packages/xcb_proto.mk2
-rw-r--r--depends/packages/xextproto.mk2
-rw-r--r--depends/packages/xproto.mk2
-rw-r--r--depends/packages/xtrans.mk2
-rw-r--r--depends/packages/zlib.mk2
16 files changed, 18 insertions, 17 deletions
diff --git a/depends/packages.md b/depends/packages.md
index 7c80362509..7d2bd4670d 100644
--- a/depends/packages.md
+++ b/depends/packages.md
@@ -14,8 +14,9 @@ Each package is required to define at least these variables:
placeholder such as 1.0 can be used.
$(package)_download_path:
- Location of the upstream source, without the file-name. Usually http or
- ftp.
+ Location of the upstream source, without the file-name. Usually http, https
+ or ftp. Secure transmission options like https should be preferred if
+ available.
$(package)_file_name:
The upstream source filename available at the download path.
diff --git a/depends/packages/bdb.mk b/depends/packages/bdb.mk
index 3cd2e28858..6cdb79592b 100644
--- a/depends/packages/bdb.mk
+++ b/depends/packages/bdb.mk
@@ -1,6 +1,6 @@
package=bdb
$(package)_version=4.8.30
-$(package)_download_path=http://download.oracle.com/berkeley-db
+$(package)_download_path=https://download.oracle.com/berkeley-db
$(package)_file_name=db-$($(package)_version).NC.tar.gz
$(package)_sha256_hash=12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef
$(package)_build_subdir=build_unix
diff --git a/depends/packages/fontconfig.mk b/depends/packages/fontconfig.mk
index 12695db4b9..d0996b4534 100644
--- a/depends/packages/fontconfig.mk
+++ b/depends/packages/fontconfig.mk
@@ -1,6 +1,6 @@
package=fontconfig
$(package)_version=2.12.1
-$(package)_download_path=http://www.freedesktop.org/software/fontconfig/release/
+$(package)_download_path=https://www.freedesktop.org/software/fontconfig/release/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=b449a3e10c47e1d1c7a6ec6e2016cca73d3bd68fbbd4f0ae5cc6b573f7d6c7f3
$(package)_dependencies=freetype expat
diff --git a/depends/packages/freetype.mk b/depends/packages/freetype.mk
index 41e02e2030..a98e82ed16 100644
--- a/depends/packages/freetype.mk
+++ b/depends/packages/freetype.mk
@@ -1,6 +1,6 @@
package=freetype
$(package)_version=2.7.1
-$(package)_download_path=http://download.savannah.gnu.org/releases/$(package)
+$(package)_download_path=https://download.savannah.gnu.org/releases/$(package)
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=3a3bb2c4e15ffb433f2032f50a5b5a92558206822e22bfe8cbe339af4aa82f88
diff --git a/depends/packages/libX11.mk b/depends/packages/libX11.mk
index 298616bea4..a013da5192 100644
--- a/depends/packages/libX11.mk
+++ b/depends/packages/libX11.mk
@@ -1,6 +1,6 @@
package=libX11
$(package)_version=1.6.2
-$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
+$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=2aa027e837231d2eeea90f3a4afe19948a6eb4c8b2bec0241eba7dbc8106bd16
$(package)_dependencies=libxcb xtrans xextproto xproto
diff --git a/depends/packages/libXau.mk b/depends/packages/libXau.mk
index 304494e3c5..ce42140689 100644
--- a/depends/packages/libXau.mk
+++ b/depends/packages/libXau.mk
@@ -1,6 +1,6 @@
package=libXau
$(package)_version=1.0.8
-$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
+$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=fdd477320aeb5cdd67272838722d6b7d544887dfe7de46e1e7cc0c27c2bea4f2
$(package)_dependencies=xproto
diff --git a/depends/packages/libXext.mk b/depends/packages/libXext.mk
index c0565dd672..458b967784 100644
--- a/depends/packages/libXext.mk
+++ b/depends/packages/libXext.mk
@@ -1,6 +1,6 @@
package=libXext
$(package)_version=1.3.2
-$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
+$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=f829075bc646cdc085fa25d98d5885d83b1759ceb355933127c257e8e50432e0
$(package)_dependencies=xproto xextproto libX11 libXau
diff --git a/depends/packages/libxcb.mk b/depends/packages/libxcb.mk
index 3f346d9728..3ddd5a7dd9 100644
--- a/depends/packages/libxcb.mk
+++ b/depends/packages/libxcb.mk
@@ -1,6 +1,6 @@
package=libxcb
$(package)_version=1.10
-$(package)_download_path=http://xcb.freedesktop.org/dist
+$(package)_download_path=https://xcb.freedesktop.org/dist
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=98d9ab05b636dd088603b64229dd1ab2d2cc02ab807892e107d674f9c3f2d5b5
$(package)_dependencies=xcb_proto libXau xproto
diff --git a/depends/packages/miniupnpc.mk b/depends/packages/miniupnpc.mk
index 5ad2b580d2..fdbe22cda6 100644
--- a/depends/packages/miniupnpc.mk
+++ b/depends/packages/miniupnpc.mk
@@ -1,6 +1,6 @@
package=miniupnpc
$(package)_version=2.0.20180203
-$(package)_download_path=http://miniupnp.free.fr/files
+$(package)_download_path=https://miniupnp.tuxfamily.org/files/
$(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=90dda8c7563ca6cd4a83e23b3c66dbbea89603a1675bfdb852897c2c9cc220b7
diff --git a/depends/packages/native_cctools.mk b/depends/packages/native_cctools.mk
index ccd72a99bd..a065256c1c 100644
--- a/depends/packages/native_cctools.mk
+++ b/depends/packages/native_cctools.mk
@@ -5,7 +5,7 @@ $(package)_file_name=$($(package)_version).tar.gz
$(package)_sha256_hash=a09c9ba4684670a0375e42d9d67e7f12c1f62581a27f28f7c825d6d7032ccc6a
$(package)_build_subdir=cctools
$(package)_clang_version=3.7.1
-$(package)_clang_download_path=http://llvm.org/releases/$($(package)_clang_version)
+$(package)_clang_download_path=https://llvm.org/releases/$($(package)_clang_version)
$(package)_clang_download_file=clang+llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz
$(package)_clang_file_name=clang-llvm-$($(package)_clang_version)-x86_64-linux-gnu-ubuntu-14.04.tar.xz
$(package)_clang_sha256_hash=99b28a6b48e793705228a390471991386daa33a9717cd9ca007fcdde69608fd9
diff --git a/depends/packages/native_cdrkit.mk b/depends/packages/native_cdrkit.mk
index cf694edb30..8243458ec8 100644
--- a/depends/packages/native_cdrkit.mk
+++ b/depends/packages/native_cdrkit.mk
@@ -1,6 +1,6 @@
package=native_cdrkit
$(package)_version=1.1.11
-$(package)_download_path=http://distro.ibiblio.org/fatdog/source/600/c
+$(package)_download_path=https://distro.ibiblio.org/fatdog/source/600/c
$(package)_file_name=cdrkit-$($(package)_version).tar.bz2
$(package)_sha256_hash=b50d64c214a65b1a79afe3a964c691931a4233e2ba605d793eb85d0ac3652564
$(package)_patches=cdrkit-deterministic.patch
diff --git a/depends/packages/xcb_proto.mk b/depends/packages/xcb_proto.mk
index 0c7c958d62..44110394bd 100644
--- a/depends/packages/xcb_proto.mk
+++ b/depends/packages/xcb_proto.mk
@@ -1,6 +1,6 @@
package=xcb_proto
$(package)_version=1.10
-$(package)_download_path=http://xcb.freedesktop.org/dist
+$(package)_download_path=https://xcb.freedesktop.org/dist
$(package)_file_name=xcb-proto-$($(package)_version).tar.bz2
$(package)_sha256_hash=7ef40ddd855b750bc597d2a435da21e55e502a0fefa85b274f2c922800baaf05
diff --git a/depends/packages/xextproto.mk b/depends/packages/xextproto.mk
index 7065237bd5..157b76edf6 100644
--- a/depends/packages/xextproto.mk
+++ b/depends/packages/xextproto.mk
@@ -1,6 +1,6 @@
package=xextproto
$(package)_version=7.3.0
-$(package)_download_path=http://xorg.freedesktop.org/releases/individual/proto
+$(package)_download_path=https://xorg.freedesktop.org/releases/individual/proto
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=f3f4b23ac8db9c3a9e0d8edb591713f3d70ef9c3b175970dd8823dfc92aa5bb0
diff --git a/depends/packages/xproto.mk b/depends/packages/xproto.mk
index 5328ec8481..23ad5ffa10 100644
--- a/depends/packages/xproto.mk
+++ b/depends/packages/xproto.mk
@@ -1,6 +1,6 @@
package=xproto
$(package)_version=7.0.26
-$(package)_download_path=http://xorg.freedesktop.org/releases/individual/proto
+$(package)_download_path=https://xorg.freedesktop.org/releases/individual/proto
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=636162c1759805a5a0114a369dffdeccb8af8c859ef6e1445f26a4e6e046514f
diff --git a/depends/packages/xtrans.mk b/depends/packages/xtrans.mk
index c313b1f609..67d2d976c4 100644
--- a/depends/packages/xtrans.mk
+++ b/depends/packages/xtrans.mk
@@ -1,6 +1,6 @@
package=xtrans
$(package)_version=1.3.4
-$(package)_download_path=http://xorg.freedesktop.org/releases/individual/lib/
+$(package)_download_path=https://xorg.freedesktop.org/releases/individual/lib/
$(package)_file_name=$(package)-$($(package)_version).tar.bz2
$(package)_sha256_hash=054d4ee3efd52508c753e9f7bc655ef185a29bd2850dd9e2fc2ccc33544f583a
$(package)_dependencies=
diff --git a/depends/packages/zlib.mk b/depends/packages/zlib.mk
index 589490800f..1600b11a01 100644
--- a/depends/packages/zlib.mk
+++ b/depends/packages/zlib.mk
@@ -1,6 +1,6 @@
package=zlib
$(package)_version=1.2.11
-$(package)_download_path=http://www.zlib.net
+$(package)_download_path=https://www.zlib.net
$(package)_file_name=$(package)-$($(package)_version).tar.gz
$(package)_sha256_hash=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1