Binary Distributions
++ + Downloading Antlibs +
+Use the links below to download a binary distribution of Antlibs from +one of our mirrors. It is good practice to +verify the integrity +of the distribution files, especially if you are using one of our +mirror sites. In order to do this you must use the signatures from +our main distribution +directory.
+Antlibs are distributed as zip
, tar.gz
and
+tar.bz2
archives - the contents are the same. Please
+note that the tar.*
archives contain file names longer
+than 100 characters and have been created using GNU tar extensions.
+Thus they must be untarred with a GNU compatible version of
+tar
.
If you do not see the file you need in the links below, please see +the master distribution +directory or, preferably, its mirror.
++ + Verify Releases +
+It is essential that you verify the integrity of the downloaded +files using the PGP signature or the SHA1 or MD5 checksums. The +checksums are not as strong indicators as the PGP signature.
+The PGP signatures can be verified using PGP or GPG. First
+download the KEYS
+as well as the asc
signature file for the particular
+distribution. Make sure you get these files from the main distribution
+directory, rather than from a mirror. Then verify the signatures
+using
+% pgpk -a KEYS
+or
+% pgpv apache-ant-1.6.5-bin.tar.gz.asc
+
+
+% pgp -ka KEYS
+or
+% pgp apache-ant-1.6.5-bin.tar.gz.asc
+
+
+% gpg --import KEYS
+% gpg --verify apache-ant-1.6.5-bin.tar.gz.asc
+
Alternatively, you can verify the checksums on the files. Unix
+programs called md5
/sha1
or
+md5sum
/sha1sum
are included in many unix
+distributions. *sum
is also available as part of GNU
+Textutils. Windows users can get binary md5 programs from here, here. fsum supports MD5 and
+SHA1.
We highly recommend to verify the PGP signature, though.
+ +