Checkout my commit. Today I will upload a new version of it. https://review.coreboot.org/#/c/15170/
On 08/03/2016 03:52 PM, Trammell Hudson wrote:
> It looks like the util/crossgcc/buildgcc script disables HTTPS cert
> checks and doesn't have a way to verify the signatures or hashes of the
> files that it receives.
>
> download_showing_percentage() {
> url=$1
> printf " ..${red} 0%%"
> wget --no-check-certificate $url 2>&1 | while read line; do
> printf "${red}"
> echo $line | grep -o "[0-9]\+%" | awk '{printf("\b\b\b\b%4s",
> $1)}'
> printf "${NC}"
> done
> }
>
>
> I'm worried that this introduces a minor, but potential security
> issue for the build process.
>
signature.asc
Description: OpenPGP digital signature
-- coreboot mailing list: [email protected] https://www.coreboot.org/mailman/listinfo/coreboot
