Author: kkolinko
Date: Wed Jun 27 20:26:20 2018
New Revision: 1834542
URL: http://svn.apache.org/viewvc?rev=1834542&view=rev
Log:
Implement checksum checks when downloading dependencies that are used to build
Tomcat.
Also updated WSDL4J 1.6.2 -> 1.6.3, JUnit 4.11 -> 4.12.
Modified:
tomcat/trunk/build.properties.default
tomcat/trunk/build.xml
tomcat/trunk/webapps/docs/changelog.xml
Modified: tomcat/trunk/build.properties.default
URL:
http://svn.apache.org/viewvc/tomcat/trunk/build.properties.default?rev=1834542&r1=1834541&r2=1834542&view=diff
==============================================================================
--- tomcat/trunk/build.properties.default (original)
+++ tomcat/trunk/build.properties.default Wed Jun 27 20:26:20 2018
@@ -105,12 +105,18 @@ base-maven.loc=https://repo.maven.apache
# ----- Webservices - JAX RPC -----
jaxrpc-lib.version=1.1-rc4
+jaxrpc-lib.checksum.enabled=true
+jaxrpc-lib.checksum.algorithm=MD5|SHA-1
+jaxrpc-lib.checksum.value=4bebba22a4cdb9f68e16c45129770333|fe9371d33dc3e1646d4d13bde19614283eb998b1
jaxrpc-lib.home=${base.path}/jaxrpc-${jaxrpc-lib.version}
jaxrpc-lib.jar=${jaxrpc-lib.home}/geronimo-spec-jaxrpc-${jaxrpc-lib.version}.jar
jaxrpc-lib.loc=${base-maven.loc}/geronimo-spec/geronimo-spec-jaxrpc/${jaxrpc-lib.version}/geronimo-spec-jaxrpc-${jaxrpc-lib.version}.jar
# ----- Webservices - WSDL4J -----
-wsdl4j-lib.version=1.6.2
+wsdl4j-lib.version=1.6.3
+wsdl4j-lib.checksum.enabled=true
+wsdl4j-lib.checksum.algorithm=MD5|SHA-1
+wsdl4j-lib.checksum.value=cfc28d89625c5e88589aec7a9aee0208|6d106a6845a3d3477a1560008479312888e94f2f
wsdl4j-lib.home=${base.path}/wsdl4j-${wsdl4j-lib.version}
wsdl4j-lib.jar=${wsdl4j-lib.home}/wsdl4j-${wsdl4j-lib.version}.jar
wsdl4j-lib.loc=${base-maven.loc}/wsdl4j/wsdl4j/${wsdl4j-lib.version}/wsdl4j-${wsdl4j-lib.version}.jar
@@ -119,6 +125,9 @@ wsdl4j-lib.loc=${base-maven.loc}/wsdl4j/
# See https://wiki.apache.org/tomcat/JDTCoreBatchCompiler before updating
jdt.version=4.7.3a
jdt.release=R-4.7.3a-201803300640
+jdt.checksum.enabled=true
+jdt.checksum.algorithm=SHA-512
+jdt.checksum.value=7287b1ea3e18423d027a99ce40ae72e46e1700a65b474d2ec09af6a17b10653b7c2e69e9bb87efe14f4c593dc66b6370ea566fce90edb4b4190a903046817e6f
jdt.home=${base.path}/ecj-${jdt.version}
jdt.jar=${jdt.home}/ecj-${jdt.version}.jar
# The download will be moved to the archive area eventually. We are taking
care of that in advance.
@@ -127,6 +136,12 @@ jdt.loc.2=http://download.eclipse.org/ec
# ----- Tomcat native library -----
tomcat-native.version=1.2.17
+tomcat-native.src.checksum.enabled=true
+tomcat-native.src.checksum.algorithm=SHA-512
+tomcat-native.src.checksum.value=8fa946855fd14525ec0abe7b09975bbd34d6127352e90730a8afb77e16cd91715417e812a40017fee65939a9ce95faf39a9193222f441cda0ad2eb7f690e77b9
+tomcat-native.win.checksum.enabled=true
+tomcat-native.win.checksum.algorithm=SHA-512
+tomcat-native.win.checksum.value=2955209b39707949b080f13c09edcad08a13faf5545f7890e2ac493ccbc66d09e152a39b4fa6ac40fe3de6b209b305608db3db8dcf24dda94567b417f55a5f49
tomcat-native.home=${base.path}/tomcat-native-${tomcat-native.version}
tomcat-native.tar.gz=${tomcat-native.home}/tomcat-native.tar.gz
tomcat-native.loc.1=${base-tomcat.loc.1}/tomcat-connectors/native/${tomcat-native.version}/source/tomcat-native-${tomcat-native.version}-src.tar.gz
@@ -136,6 +151,9 @@ tomcat-native.win.2=${base-tomcat.loc.2}
# ----- NSIS, version 3.0 or later -----
nsis.version=3.03
+nsis.checksum.enabled=true
+nsis.checksum.algorithm=MD5|SHA-1
+nsis.checksum.value=d4919dc089ec256a7264e97ada299b64|ea69aa8d538916c9e8630dfd0106b063f7bb5d46
nsis.home=${base.path}/nsis-${nsis.version}
nsis.exe=${nsis.home}/makensis.exe
nsis.arch.dir=x86-unicode/
@@ -148,6 +166,20 @@ nsis.loc=${base-sf.loc}/nsis/nsis-${nsis
# ----- Commons Daemon, version 1.1.0 or later -----
commons-daemon.version=1.1.0
+
+# checksum for commons-daemon-1.1.0-bin.tar.gz
+commons-daemon.bin.checksum.enabled=true
+commons-daemon.bin.checksum.algorithm=SHA-512
+commons-daemon.bin.checksum.value=43c33e52e0be11e73370083500592ee9df0431c3166dbc7ed95794cabb462ac2a140e3eb4bbe2a0b99882bb93d9244ff534f13e4933c13e7a31a37e58e0c8e1d
+
+# checksums for commons-daemon-1.1.0-native-src.tar.gz,
commons-daemon-1.1.0-bin-windows.zip
+commons-daemon.native.src.checksum.enabled=true
+commons-daemon.native.src.checksum.algorithm=SHA-512
+commons-daemon.native.src.checksum.value=3443f1c95a4b267c4387a9ac7c79315422a51e896c0bcea48fbe959bc301094770aa8065b2388a84760a3e07e5d1753c2b351336fb2d3a8c996ee14d32088f6e
+commons-daemon.native.win.checksum.enabled=true
+commons-daemon.native.win.checksum.algorithm=SHA-512
+commons-daemon.native.win.checksum.value=10cda04d9a44286cb67107fdb9d20958013f075cad4accba048801f3677765c334dc16f6901e1d2e4a9df5a2c702797370de63393568df6fceb9e7902421f9ea
+
commons-daemon.home=${base.path}/commons-daemon-${commons-daemon.version}
commons-daemon.jar=${commons-daemon.home}/commons-daemon-${commons-daemon.version}.jar
commons-daemon.native.win.home=${commons-daemon.home}/windows
@@ -162,49 +194,74 @@ commons-daemon.native.win.loc.1=${base-c
commons-daemon.native.win.loc.2=${base-commons.loc.2}/daemon/binaries/windows/commons-daemon-${commons-daemon.version}-bin-windows.zip
# ----- JUnit Unit Test Suite, version 4.11 or later -----
-junit.version=4.11
+junit.version=4.12
+junit.checksum.enabled=true
+junit.checksum.algorithm=MD5|SHA-1
+junit.checksum.value=5b38c40c97fbd0adee29f91e60405584|2973d150c0dc1fefe998f834810d68f278ea58ec
junit.home=${base.path}/junit-${junit.version}
junit.jar=${junit.home}/junit-${junit.version}.jar
junit.loc=${base-maven.loc}/junit/junit/${junit.version}/junit-${junit.version}.jar
# ----- Hamcrest Library, used by JUnit, version 1.3 or later ----
hamcrest.version=1.3
+hamcrest.checksum.enabled=true
+hamcrest.checksum.algorithm=MD5|SHA-1
+hamcrest.checksum.value=6393363b47ddcbba82321110c3e07519|42a25dc3219429f0e5d060061f71acb49bf010a0
hamcrest.home=${base.path}/hamcrest-${hamcrest.version}
hamcrest.jar=${hamcrest.home}/hamcrest-core-${hamcrest.version}.jar
hamcrest.loc=${base-maven.loc}/org/hamcrest/hamcrest-core/${hamcrest.version}/hamcrest-core-${hamcrest.version}.jar
# ----- EasyMock, version 3.2 or later -----
easymock.version=3.2
+easymock.checksum.enabled=true
+easymock.checksum.algorithm=MD5|SHA-1
+easymock.checksum.value=0da4291328e18798621c36fdf8bc4c3a|00c82f7fa3ef377d8954b1db25123944b5af2ba4
easymock.home=${base.path}/easymock-${easymock.version}
easymock.jar=${easymock.home}/easymock-${easymock.version}.jar
easymock.loc=${base-maven.loc}/org/easymock/easymock/${easymock.version}/easymock-${easymock.version}.jar
# ----- cglib, used by EasyMock, version 2.2 or later -----
cglib.version=2.2.2
+cglib.checksum.enabled=true
+cglib.checksum.algorithm=MD5|SHA-1
+cglib.checksum.value=af93e373d7ddf35db0e9612480d9ed13|00d456bb230c70c0b95c76fb28e429d42f275941
cglib.home=${base.path}/cglib-${cglib.version}
cglib.jar=${cglib.home}/cglib-nodep-${cglib.version}.jar
cglib.loc=${base-maven.loc}/cglib/cglib-nodep/${cglib.version}/cglib-nodep-${cglib.version}.jar
# ----- objenesis, used by EasyMock, version 1.2 or later -----
objenesis.version=1.2
+objenesis.checksum.enabled=true
+objenesis.checksum.algorithm=MD5|SHA-1
+objenesis.checksum.value=bee117291d50b41b8e8cf0ac5435df1d|bfcb0539a071a4c5a30690388903ac48c0667f2a
objenesis.home=${base.path}/objenesis-${objenesis.version}
objenesis.jar=${objenesis.home}/objenesis-${objenesis.version}.jar
objenesis.loc=${base-maven.loc}/org/objenesis/objenesis/${objenesis.version}/objenesis-${objenesis.version}.jar
# ----- Checkstyle, version 6.16 or later -----
+# Checksums are available at
https://sourceforge.net/projects/checkstyle/files/OldFiles/6.17/
checkstyle.version=6.17
+checkstyle.checksum.enabled=true
+checkstyle.checksum.algorithm=MD5|SHA-1
+checkstyle.checksum.value=9180ab8b8219b262bfe88f26fd95d26d|11a02d7b0374f8a82fbd76361a69756faa6aefa0
checkstyle.home=${base.path}/checkstyle-${checkstyle.version}
checkstyle.jar=${checkstyle.home}/checkstyle-${checkstyle.version}-all.jar
checkstyle.loc=${base-sf.loc}/checkstyle/checkstyle/${checkstyle.version}/checkstyle-${checkstyle.version}-all.jar
# ----- Cobertura code coverage tool -----
cobertura.version=2.1.1
+cobertura.checksum.enabled=true
+cobertura.checksum.algorithm=MD5|SHA-1
+cobertura.checksum.value=4f46638aa8e4d89565c038092398ea06|99cb44d36555feedcedc46263c23c2f5394ef342
cobertura.home=${base.path}/cobertura-${cobertura.version}
cobertura.jar=${cobertura.home}/cobertura-${cobertura.version}.jar
cobertura.loc=${base-sf.loc}/cobertura/cobertura-2.1.1-bin.tar.gz
# ----- Findbugs -----
findbugs.version=3.0.1
+findbugs.checksum.enabled=true
+findbugs.checksum.algorithm=MD5|SHA-1
+findbugs.checksum.value=dec8828de8657910fcb258ce5383c168|59a24064ca6869e483ce9a04d3c50d14a227d5e6
findbugs.home=${base.path}/findbugs-${findbugs.version}
findbugs.jar=${findbugs.home}/lib/findbugs-ant.jar
findbugs.loc=${base-sf.loc}/project/findbugs/findbugs/${findbugs.version}/findbugs-${findbugs.version}.tar.gz
@@ -213,6 +270,9 @@ findbugs.loc=${base-sf.loc}/project/find
# ----- No longer part of JRE from Java 11 onwards -----
# ----- CDDL Licensed -----
saaj-api.version=1.3.5
+saaj-api.checksum.enabled=true
+saaj-api.checksum.algorithm=MD5|SHA-1
+saaj-api.checksum.value=caae8b4bf2c551155815331e9e96256f|1c399a7fea4d0262a6a39750e419c24f0c769586
saaj-api.home=${base.path}/saaj-api-${saaj-api.version}
saaj-api.jar=${saaj-api.home}/saaj-api-${saaj-api.version}.jar
saaj-api.loc=${base-maven.loc}/javax/xml/soap/saaj-api/${saaj-api.version}/saaj-api-${saaj-api.version}.jar
@@ -220,6 +280,16 @@ saaj-api.loc=${base-maven.loc}/javax/xml
# ----- bnd & bndlib, version 4.0.0 or later -----
# ----- provides OSGI metadata for JARs -----
bnd.version=4.0.0
+
+# checksums for biz.aQute.bnd-4.0.0.jar, biz.aQute.bndlib-4.0.0.jar
+bnd.checksum.enabled=true
+bnd.checksum.algorithm=MD5|SHA-1
+bnd.checksum.value=ddf578a4413ffa0eb6dc5b9476318fe2|fa7746eb710852498ce1afe5227be3fbfddaf09e
+
+bndlib.checksum.enabled=true
+bndlib.checksum.algorithm=MD5|SHA-1
+bndlib.checksum.value=7aa264bf3b6b32a11eea4a6cf43a9aaa|21e1d6fd1874d9bc201f2de1d0a48e84bff4149d
+
bnd.home=${base.path}/bnd-${bnd.version}
bnd.jar=${bnd.home}/biz.aQute.bnd-${bnd.version}.jar
bnd.loc=${base-maven.loc}/biz/aQute/bnd/biz.aQute.bnd/${bnd.version}/biz.aQute.bnd-${bnd.version}.jar
Modified: tomcat/trunk/build.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/build.xml?rev=1834542&r1=1834541&r2=1834542&view=diff
==============================================================================
--- tomcat/trunk/build.xml (original)
+++ tomcat/trunk/build.xml Wed Jun 27 20:26:20 2018
@@ -15,7 +15,8 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<project name="Tomcat 9.0" default="deploy" basedir=".">
+<project name="Tomcat 9.0" default="deploy" basedir="."
+ xmlns:if="ant:if" xmlns:unless="ant:unless">
<!-- ===================== Initialize Property Values ====================
-->
@@ -1675,12 +1676,18 @@
<param name="sourcefile" value="${jaxrpc-lib.loc}"/>
<param name="destfile" value="${jaxrpc-lib.jar}"/>
<param name="destdir" value="${jaxrpc-lib.home}"/>
+ <param name="checksum.enabled" value="${jaxrpc-lib.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${jaxrpc-lib.checksum.algorithm}"/>
+ <param name="checksum.value" value="${jaxrpc-lib.checksum.value}"/>
</antcall>
<antcall target="downloadfile">
<param name="sourcefile" value="${wsdl4j-lib.loc}"/>
<param name="destfile" value="${wsdl4j-lib.jar}"/>
<param name="destdir" value="${wsdl4j-lib.home}"/>
+ <param name="checksum.enabled" value="${wsdl4j-lib.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${wsdl4j-lib.checksum.algorithm}"/>
+ <param name="checksum.value" value="${wsdl4j-lib.checksum.value}"/>
</antcall>
<copy file="${jaxrpc-lib.jar}"
@@ -2649,6 +2656,9 @@ skip.installer property in build.propert
<param name="sourcefile" value="${checkstyle.loc}"/>
<param name="destfile" value="${checkstyle.jar}"/>
<param name="destdir" value="${base.path}"/>
+ <param name="checksum.enabled" value="${checkstyle.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${checkstyle.checksum.algorithm}"/>
+ <param name="checksum.value" value="${checkstyle.checksum.value}"/>
</antcall>
</target>
@@ -2661,6 +2671,9 @@ skip.installer property in build.propert
<param name="sourcefile.1" value="${commons-daemon.bin.loc.1}"/>
<param name="sourcefile.2" value="${commons-daemon.bin.loc.2}"/>
<param name="destfile" value="${commons-daemon.jar}"/>
+ <param name="checksum.enabled"
value="${commons-daemon.bin.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${commons-daemon.bin.checksum.algorithm}"/>
+ <param name="checksum.value"
value="${commons-daemon.bin.checksum.value}"/>
</antcall>
<!-- Download JDT (Eclipse compiler) -->
@@ -2669,6 +2682,9 @@ skip.installer property in build.propert
<param name="sourcefile.2" value="${jdt.loc.2}"/>
<param name="destfile" value="${jdt.jar}"/>
<param name="destdir" value="${jdt.home}"/>
+ <param name="checksum.enabled" value="${jdt.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${jdt.checksum.algorithm}"/>
+ <param name="checksum.value" value="${jdt.checksum.value}"/>
</antcall>
<!-- Download SAAJ API -->
@@ -2676,6 +2692,9 @@ skip.installer property in build.propert
<param name="sourcefile" value="${saaj-api.loc}"/>
<param name="destfile" value="${saaj-api.jar}"/>
<param name="destdir" value="${saaj-api.home}"/>
+ <param name="checksum.enabled" value="${saaj-api.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${saaj-api.checksum.algorithm}"/>
+ <param name="checksum.value" value="${saaj-api.checksum.value}"/>
</antcall>
</target>
@@ -2687,30 +2706,45 @@ skip.installer property in build.propert
<param name="sourcefile" value="${junit.loc}"/>
<param name="destfile" value="${junit.jar}"/>
<param name="destdir" value="${junit.home}"/>
+ <param name="checksum.enabled" value="${junit.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${junit.checksum.algorithm}"/>
+ <param name="checksum.value" value="${junit.checksum.value}"/>
</antcall>
<antcall target="downloadfile">
<param name="sourcefile" value="${hamcrest.loc}"/>
<param name="destfile" value="${hamcrest.jar}"/>
<param name="destdir" value="${hamcrest.home}"/>
+ <param name="checksum.enabled" value="${hamcrest.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${hamcrest.checksum.algorithm}"/>
+ <param name="checksum.value" value="${hamcrest.checksum.value}"/>
</antcall>
<antcall target="downloadfile">
<param name="sourcefile" value="${easymock.loc}"/>
<param name="destfile" value="${easymock.jar}"/>
<param name="destdir" value="${easymock.home}"/>
+ <param name="checksum.enabled" value="${easymock.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${easymock.checksum.algorithm}"/>
+ <param name="checksum.value" value="${easymock.checksum.value}"/>
</antcall>
<antcall target="downloadfile">
<param name="sourcefile" value="${cglib.loc}"/>
<param name="destfile" value="${cglib.jar}"/>
<param name="destdir" value="${cglib.home}"/>
+ <param name="checksum.enabled" value="${cglib.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${cglib.checksum.algorithm}"/>
+ <param name="checksum.value" value="${cglib.checksum.value}"/>
</antcall>
<antcall target="downloadfile">
<param name="sourcefile" value="${objenesis.loc}"/>
<param name="destfile" value="${objenesis.jar}"/>
<param name="destdir" value="${objenesis.home}"/>
+ <param name="checksum.enabled" value="${objenesis.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${objenesis.checksum.algorithm}"/>
+ <param name="checksum.value" value="${objenesis.checksum.value}"/>
</antcall>
</target>
@@ -2722,6 +2756,9 @@ skip.installer property in build.propert
<antcall target="downloadgz">
<param name="sourcefile" value="${cobertura.loc}"/>
<param name="destfile" value="${cobertura.jar}"/>
+ <param name="checksum.enabled" value="${cobertura.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${cobertura.checksum.algorithm}"/>
+ <param name="checksum.value" value="${cobertura.checksum.value}"/>
</antcall>
</target>
@@ -2733,6 +2770,9 @@ skip.installer property in build.propert
<antcall target="downloadgz">
<param name="sourcefile" value="${findbugs.loc}"/>
<param name="destfile" value="${findbugs.jar}"/>
+ <param name="checksum.enabled" value="${findbugs.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${findbugs.checksum.algorithm}"/>
+ <param name="checksum.value" value="${findbugs.checksum.value}"/>
</antcall>
</target>
@@ -2745,6 +2785,9 @@ skip.installer property in build.propert
<param name="sourcefile.2" value="${tomcat-native.loc.2}"/>
<param name="destfile" value="${tomcat-native.tar.gz}"/>
<param name="destdir" value="${tomcat-native.home}"/>
+ <param name="checksum.enabled"
value="${tomcat-native.src.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${tomcat-native.src.checksum.algorithm}"/>
+ <param name="checksum.value"
value="${tomcat-native.src.checksum.value}"/>
</antcall>
<antcall target="downloadzip-2">
@@ -2752,6 +2795,9 @@ skip.installer property in build.propert
<param name="sourcefile.2" value="${tomcat-native.win.2}"/>
<param name="destfile" value="${tomcat-native.home}/LICENSE"/>
<param name="destdir" value="${tomcat-native.home}"/>
+ <param name="checksum.enabled"
value="${tomcat-native.win.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${tomcat-native.win.checksum.algorithm}"/>
+ <param name="checksum.value"
value="${tomcat-native.win.checksum.value}"/>
</antcall>
<antcall target="downloadfile-2">
@@ -2759,6 +2805,9 @@ skip.installer property in build.propert
<param name="sourcefile.2" value="${commons-daemon.native.src.loc.2}"/>
<param name="destfile" value="${commons-daemon.native.src.tgz}"/>
<param name="destdir" value="${commons-daemon.home}"/>
+ <param name="checksum.enabled"
value="${commons-daemon.native.src.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${commons-daemon.native.src.checksum.algorithm}"/>
+ <param name="checksum.value"
value="${commons-daemon.native.src.checksum.value}"/>
</antcall>
<antcall target="downloadzip-2">
@@ -2766,12 +2815,18 @@ skip.installer property in build.propert
<param name="sourcefile.2" value="${commons-daemon.native.win.loc.2}"/>
<param name="destfile" value="${commons-daemon.native.win.mgr.exe}"/>
<param name="destdir" value="${commons-daemon.native.win.home}"/>
+ <param name="checksum.enabled"
value="${commons-daemon.native.win.checksum.enabled}"/>
+ <param name="checksum.algorithm"
value="${commons-daemon.native.win.checksum.algorithm}"/>
+ <param name="checksum.value"
value="${commons-daemon.native.win.checksum.value}"/>
</antcall>
<antcall target="downloadzip">
<param name="sourcefile" value="${nsis.loc}"/>
<param name="destfile" value="${nsis.exe}"/>
<param name="destdir" value="${nsis.home}/.."/>
+ <param name="checksum.enabled" value="${nsis.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${nsis.checksum.algorithm}"/>
+ <param name="checksum.value" value="${nsis.checksum.value}"/>
</antcall>
</target>
@@ -2789,12 +2844,134 @@ skip.installer property in build.propert
<available file="${destfile}" property="exist"/>
</target>
+ <macrodef name="verifyChecksum">
+ <attribute name="file" />
+ <attribute name="name" default="@{file}"/>
+ <attribute name="enabled" />
+ <attribute name="algorithm" />
+ <attribute name="value" />
+ <sequential>
+ <local name="name" />
+ <basename property="name" file="@{name}" />
+ <sequential if:true="@{enabled}">
+ <local name="check.md5" />
+ <local name="check.sha1" />
+ <local name="check.sha256" />
+ <local name="check.sha384" />
+ <local name="check.sha512" />
+ <local name="value.md5" />
+ <local name="value.sha1" />
+ <local name="value.sha256" />
+ <local name="value.sha384" />
+ <local name="value.sha512" />
+ <local name="check.success" />
+ <condition property="check.md5">
+ <or>
+ <equals arg1="@{algorithm}" arg2="MD5" />
+ <equals arg1="@{algorithm}" arg2="MD5|SHA-1" />
+ </or>
+ </condition>
+ <condition property="check.sha1">
+ <or>
+ <equals arg1="@{algorithm}" arg2="SHA-1" />
+ <equals arg1="@{algorithm}" arg2="MD5|SHA-1" />
+ </or>
+ </condition>
+ <condition property="check.sha256">
+ <equals arg1="@{algorithm}" arg2="SHA-256" />
+ </condition>
+ <condition property="check.sha384">
+ <equals arg1="@{algorithm}" arg2="SHA-384" />
+ </condition>
+ <condition property="check.sha512">
+ <equals arg1="@{algorithm}" arg2="SHA-512" />
+ </condition>
+ <!-- Check that any checksum algorithm is selected -->
+ <fail message="Unknown algorithm: @{algorithm}">
+ <condition>
+ <not>
+ <or>
+ <equals arg1="${check.md5}" arg2="true" />
+ <equals arg1="${check.sha1}" arg2="true" />
+ <equals arg1="${check.sha256}" arg2="true" />
+ <equals arg1="${check.sha384}" arg2="true" />
+ <equals arg1="${check.sha512}" arg2="true" />
+ </or>
+ </not>
+ </condition>
+ </fail>
+ <!-- Calculate requested checksums -->
+ <checksum file="@{file}" if:true="${check.md5}" property="value.md5"
algorithm="MD5" />
+ <checksum file="@{file}" if:true="${check.sha1}" property="value.sha1"
algorithm="SHA-1" />
+ <checksum file="@{file}" if:true="${check.sha256}"
property="value.sha256" algorithm="SHA-256" />
+ <checksum file="@{file}" if:true="${check.sha384}"
property="value.sha384" algorithm="SHA-384" />
+ <checksum file="@{file}" if:true="${check.sha512}"
property="value.sha512" algorithm="SHA-512" />
+ <!-- Check actual checksum value -->
+ <condition property="check.success">
+ <or>
+ <and>
+ <equals arg1="@{algorithm}" arg2="MD5" />
+ <equals arg1="@{value}" arg2="${value.md5}" />
+ </and>
+ <and>
+ <equals arg1="@{algorithm}" arg2="SHA-1" />
+ <equals arg1="@{value}" arg2="${value.sha1}" />
+ </and>
+ <and>
+ <equals arg1="@{algorithm}" arg2="MD5|SHA-1" />
+ <equals arg1="@{value}" arg2="${value.md5}|${value.sha1}" />
+ </and>
+ <and>
+ <equals arg1="@{algorithm}" arg2="SHA-256" />
+ <equals arg1="@{value}" arg2="${value.sha256}" />
+ </and>
+ <and>
+ <equals arg1="@{algorithm}" arg2="SHA-384" />
+ <equals arg1="@{value}" arg2="${value.sha384}" />
+ </and>
+ <and>
+ <equals arg1="@{algorithm}" arg2="SHA-512" />
+ <equals arg1="@{value}" arg2="${value.sha512}" />
+ </and>
+ </or>
+ </condition>
+ <!-- Fail or display a success message -->
+ <sequential unless:true="${check.success}">
+ <!-- Generate checksums for an error message -->
+ <checksum file="@{file}" unless:set="value.md5" property="value.md5"
algorithm="MD5" />
+ <checksum file="@{file}" unless:set="value.sha1"
property="value.sha1" algorithm="SHA-1" />
+ <checksum file="@{file}" unless:set="value.sha256"
property="value.sha256" algorithm="SHA-256" />
+ <checksum file="@{file}" unless:set="value.sha384"
property="value.sha384" algorithm="SHA-384" />
+ <checksum file="@{file}" unless:set="value.sha512"
property="value.sha512" algorithm="SHA-512" />
+ <fail>
+ Checksum check failure for ${name} (@{file}).
+ Algorithm: @{algorithm}
+ Expected value: @{value}
+ Actual values:
+ SHA-512: ${value.sha512}
+ SHA-384: ${value.sha384}
+ SHA-256: ${value.sha256}
+ SHA-1: ${value.sha1}
+ MD5: ${value.md5}
+ </fail>
+ </sequential>
+ <echo level="info" message="Checksum check for ${name}, algorithm
@{algorithm}: OK" />
+ </sequential>
+ <echo unless:true="@{enabled}" message="WARNING: Checksum verification
is disabled for ${name}"/>
+ </sequential>
+ </macrodef>
+
<target name="downloadgz" unless="exist" depends="testexist,setproxy">
<!-- Download and extract the package -->
<local name="temp.file"/>
<mkdir dir="${base.path}"/>
<tempfile property="temp.file" destdir="${base.path}" prefix="download-"/>
<get src="${sourcefile}" httpusecaches="${trydownload.httpusecaches}"
dest="${temp.file}.tar.gz" />
+ <verifyChecksum
+ enabled="${checksum.enabled}"
+ algorithm="${checksum.algorithm}" value="${checksum.value}"
+ file="${temp.file}.tar.gz" name="${sourcefile.1}" />
+
<gunzip src="${temp.file}.tar.gz" dest="${temp.file}.tar"/>
<untar src="${temp.file}.tar" dest="${base.path}"/>
<delete file="${temp.file}.tar"/>
@@ -2814,6 +2991,12 @@ skip.installer property in build.propert
<param name="sourcefile" value="${sourcefile.2}" />
<param name="destfile" value="${temp.file}.tar.gz" />
</antcall>
+
+ <verifyChecksum
+ enabled="${checksum.enabled}"
+ algorithm="${checksum.algorithm}" value="${checksum.value}"
+ file="${temp.file}.tar.gz" name="${sourcefile.1}" />
+
<gunzip src="${temp.file}.tar.gz" dest="${temp.file}.tar"/>
<untar src="${temp.file}.tar" dest="${base.path}"/>
<delete file="${temp.file}.tar"/>
@@ -2826,6 +3009,11 @@ skip.installer property in build.propert
<mkdir dir="${base.path}"/>
<tempfile property="temp.file" destdir="${base.path}" prefix="download-"
suffix=".zip"/>
<get src="${sourcefile}" httpusecaches="${trydownload.httpusecaches}"
dest="${temp.file}"/>
+ <verifyChecksum
+ enabled="${checksum.enabled}"
+ algorithm="${checksum.algorithm}" value="${checksum.value}"
+ file="${temp.file}" name="${sourcefile}" />
+
<mkdir dir="${destdir}"/>
<unzip src="${temp.file}" dest="${destdir}"/>
<delete file="${temp.file}"/>
@@ -2844,6 +3032,12 @@ skip.installer property in build.propert
<param name="sourcefile" value="${sourcefile.2}" />
<param name="destfile" value="${temp.file}" />
</antcall>
+
+ <verifyChecksum
+ enabled="${checksum.enabled}"
+ algorithm="${checksum.algorithm}" value="${checksum.value}"
+ file="${temp.file}" name="${sourcefile.1}" />
+
<mkdir dir="${destdir}" />
<unzip src="${temp.file}" dest="${destdir}"/>
<delete file="${temp.file}"/>
@@ -2855,6 +3049,11 @@ skip.installer property in build.propert
<mkdir dir="${base.path}"/>
<tempfile property="temp.file" destdir="${base.path}" prefix="download-"
suffix=".tmp"/>
<get src="${sourcefile}" httpusecaches="${trydownload.httpusecaches}"
dest="${temp.file}"/>
+ <verifyChecksum
+ enabled="${checksum.enabled}"
+ algorithm="${checksum.algorithm}" value="${checksum.value}"
+ file="${temp.file}" name="${destfile}" />
+
<mkdir dir="${destdir}"/>
<move file="${temp.file}" tofile="${destfile}"/>
</target>
@@ -2878,6 +3077,11 @@ skip.installer property in build.propert
<available file="${temp.file}" property="exist"/>
<fail unless="exist" message="Failed to download [${destfile}]. All
download sources are unavailable." />
+ <verifyChecksum
+ enabled="${checksum.enabled}"
+ algorithm="${checksum.algorithm}" value="${checksum.value}"
+ file="${temp.file}" name="${destfile}" />
+
<mkdir dir="${destdir}"/>
<move file="${temp.file}" tofile="${destfile}"/>
</target>
@@ -2959,12 +3163,15 @@ Read the Building page on the Apache Tom
<!-- ======================= Macros, Taskdefs etc ========================
-->
- <target name="setup-bnd" >
+ <target name="download-bnd" >
<!-- Download bnd -->
<antcall target="downloadfile">
<param name="sourcefile" value="${bnd.loc}"/>
<param name="destfile" value="${bnd.jar}"/>
<param name="destdir" value="${bnd.home}"/>
+ <param name="checksum.enabled" value="${bnd.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${bnd.checksum.algorithm}"/>
+ <param name="checksum.value" value="${bnd.checksum.value}"/>
</antcall>
<!-- Download bndlib -->
@@ -2972,8 +3179,13 @@ Read the Building page on the Apache Tom
<param name="sourcefile" value="${bndlib.loc}"/>
<param name="destfile" value="${bndlib.jar}"/>
<param name="destdir" value="${bndlib.home}"/>
+ <param name="checksum.enabled" value="${bndlib.checksum.enabled}"/>
+ <param name="checksum.algorithm" value="${bndlib.checksum.algorithm}"/>
+ <param name="checksum.value" value="${bndlib.checksum.value}"/>
</antcall>
+ </target>
+ <target name="setup-bnd" depends="download-bnd">
<!-- Add bnd tasks to project -->
<path id="bndlib.classpath">
<fileset file="${bnd.jar}" />
@@ -2981,7 +3193,6 @@ Read the Building page on the Apache Tom
</path>
<taskdef resource="aQute/bnd/ant/taskdef.properties"
classpathref="bndlib.classpath" />
-
</target>
<macrodef name="jarIt" description="utility macro for standard JAR
packaging">
Modified: tomcat/trunk/webapps/docs/changelog.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1834542&r1=1834541&r2=1834542&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 27 20:26:20 2018
@@ -72,6 +72,16 @@
Support building with Java 9+ while preserving the Java 8 compatibility
at runtime (requires Ant 1.9.8 or later). (ebourg)
</update>
+ <update>
+ Update WSDL4J library to version 1.6.3 (from 1.6.2). (kkolinko)
+ </update>
+ <update>
+ Update JUnit library to version 4.12 (from 4.11). (kkolinko)
+ </update>
+ <add>
+ Implement checksum checks when downloading dependencies that are used
+ to build Tomcat. (kkolinko)
+ </add>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
