From 4666247fc5620cc964422f4e6c3568af47dc1ca1 Mon Sep 17 00:00:00 2001 From: Stefan Bodewig Date: Wed, 26 Aug 2009 10:04:31 +0000 Subject: [PATCH] show how to combine checksum and get to achieve PR 44662 git-svn-id: https://svn.apache.org/repos/asf/ant/core/trunk@807950 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/CoreTasks/get.html | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/docs/manual/CoreTasks/get.html b/docs/manual/CoreTasks/get.html index dc1a8c28a..bc89e225b 100644 --- a/docs/manual/CoreTasks/get.html +++ b/docs/manual/CoreTasks/get.html @@ -141,6 +141,31 @@ ignore the fact that it is part of your build file which may be readable by third parties. If you need more security, consider using the input task to query for a password.

+

Using a macro like the following

+ +
+  <macrodef name="get-and-checksum">
+    <attribute name="url"/>
+    <attribute name="dest"/>
+    <sequential>
+      <get src="@{url}" dest="@{dest}"/>
+      <get src="@{url}.sha1" dest="@{dest}.sha"/>
+      <local name="checksum.matches"/>
+      <local name="checksum.matches.fail"/>
+      <checksum file="@{dest}" algorithm="sha" fileext=".sha"
+                verifyproperty="checksum.matches"/>
+      <condition property="checksum.matches.fail">
+        <equals arg1="${checksum.matches}" arg2="false"/>
+      </condition>
+      <fail if="checksum.matches.fail">Checksum error</fail>
+    </sequential>
+  </macrodef>
+
+ +

it is possible to download an artifacts together with its SHA1 + checksum (assuming a certain naming convention for the checksum + file, of course) and validate the checksum on the fly.

+