Verify package integrity of downloaded prerequisites (partially fixes 61439)

[Moritz Klammler]

Joseph Myers <joseph@codesourcery.com> writes:

> On Sun, 11 Sep 2016, Moritz Klammler wrote:
>
>> gmp='gmp-4.3.2.tar.bz2'
>> mpfr='mpfr-2.4.2.tar.bz2'
>> mpc='mpc-0.8.1.tar.gz'
>> isl='isl-0.15.tar.bz2'
>
> These are not the versions used in the current script (given which,
> presumably you need to check for any other changes to the script since
> you started work on your version that need to be reflected in it).

Thanks for checking, you're right; I should have checked that.  I
couldn't spot any other relevant changes, however.

Attached is the patch for the updated script.  FWIW, I have also tested
bootstrapping the default configuration plus `--disable-multilib` on
x86_64 GNU/Linux.

I have made an actual diff now, containing also the checksum files.  I
can make no guarantees that these are accurate, though.  I've simply
downloaded them over the same insecure FTP connection that is used to
download the archives the signatures are supposed to verify.  Please
somebody with a means of doing so double-check the signature files.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: download_prerequisites.diff
Type: text/x-diff
Size: 17082 bytes
Desc: Diff against current SVN trunk
URL: <http://gcc.gnu.org/pipermail/gcc-patches/attachments/20160913/be14cae4/attachment.bin>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ChangeLog
URL: <http://gcc.gnu.org/pipermail/gcc-patches/attachments/20160913/be14cae4/attachment.ksh>