Feature: add commands to verify the integrity of the downloaded file

[wolfg1969]

Such like md5sum, sha1sum, gpg, etc.

[limodou]

Can you provide more details? For example:

zlib = cp('zlib*', BUILD, wget='http://zlib.net/zlib-1.2.8.tar.gz', md5sum='xxxxxxx')

or

wget('http://zlib.net/zlib-1.2.8.tar.gz', md5sum='xxxxxxx')

Something likes these?

[wolfg1969]

Yes. For md5sum or sha1sum, it's simple:

wget('http://zlib.net/zlib-1.2.8.tar.gz', md5sum='44d667c142d7cda120332623eab69f40')

or

wget('http://download.redis.io/releases/redis-2.8.12.tar.gz', sha1sum='56c86a4f9eccaf29f934433c7c67a175e404b2f6')

But for gpg signature, there are more steps to do:

wget http://nginx.org/download/nginx-1.7.2.tar.gz.asc
gpg --import KEYS
gpg --verify nginx-1.7.2.tar.gz.asc

[limodou]

We can leave gpg later, I think the md5 and sha1 are more usage.

[wolfg1969]

Sure.

[wolfg1969]

@limodou I can do something for this feature in next week.

[limodou]

Ok, you are welcome.

[wolfg1969]

Just commit some codes. Pls check it. will update docs later.

[wolfg1969]

@limodou Thanks for the refactor. Do you want to implement the PGP check next?

[limodou]

I don't know how to implement it now. And if there are some requirements, maybe we can implement it. If it does not need so much, maybe we don't need to do it now I think.

[wolfg1969]

ok