Re: when checksums collide -- the saga of linux-

Paul Eggleton

On Friday 15 July 2011 11:47:44 Robert P. J. Day wrote:
unsurprisingly, the fetch for the linux tarball still failed for the
same reason as before -- incorrect checksums. huh. i typically don't
expect to see that in a simple fetch. so check KERNELORG_MIRROR (http
site), *manually* download that tarball and, sure enough, its md5 and
sha256 sums are the (incorrect) ones that bitbake is reporting, which
don't match what's expected. how odd. (i verified this two
additional times, same result.)

just as a test, i edited the bitbake.conf and changed
KERNELORG_MIRROR to refer to the kernel ftp site, cleared out the
remnants of that fetch, re-ran it and ... success! huh? so the
tarball via http is broken, but the one via ftp is good? but it was
late, so i just threw up my hands and went to bed.

this morning, manually download both tarballs (ftp and http), check
their sums and ... they match! reset everything, go back to the
original http KERNELORG_MIRROR value and it's all good. what the heck
was *that* all about?
Do you still have the tarball with the bad md5sum? Can you diff the contents?
Or was it simply a case of the bad tarball being truncated?



Paul Eggleton
Intel Open Source Technology Centre

Join to automatically receive all group messages.