On Thu, Apr 05, 2007 at 03:20:11AM +0800, Rong-En Fan wrote: > On Wed, Apr 04, 2007 at 03:10:38PM -0400, Jason Harris wrote:
> > Rather than invoke dozens of needless processes, I simply pass > > MD5_FILE=/dev/null to the "make fetch" in the makesum target. > > (Note that this also removes the need to set NO_CHECKSUM=yes and > > DISABLE_SIZE=yes in the same target, further simplfying things.) > > Note that it does not solve 'make fetch' when there is no MD5_FILE > (this is another regression with latest bsd.port.mk). DISTINFO_DATA > still needs to check existence of MD5_FILE. Remember, this is the "make makesum" step we're all (supposed to be) talking about. That is, MD5_FILE is truncated to 0 bytes and is added to in several steps. The regression, AFAICT, is that awk is run when MD5_FILE doesn't exist (rather than empty/truncated), returns non-zero, and kills the make. On Wed, Apr 04, 2007 at 09:23:19PM +0200, Gabor Kovesdan wrote: > >Rather than invoke dozens of needless processes, I simply pass > >MD5_FILE=/dev/null to the "make fetch" in the makesum target. > even officially supported. You claimed that I don't respect the users' > need for higher security. Saying that, how can you go such an insecure > way now, then? > (I don't want to throw another flamebait, I just don't see the whole > situation.) Indeed. To reiterate, this is the "make makesum" step, where MD5_FILE is [re]created, not consulted. -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? [EMAIL PROTECTED] _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004
pgp8WrjMVIhpo.pgp
Description: PGP signature
