Date: Thu, 5 Jan 2012 20:13:28 GMT From: Derek Schrock <dereks@lifeofadishwasher.com> To: freebsd-gnats-submit@FreeBSD.org Subject: i386/163837: i386 lastest.ssl freebsd-update file is invalid Message-ID: <201201052013.q05KDSK6066551@red.freebsd.org> Resent-Message-ID: <201201052020.q05KKBGI097128@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 163837 >Category: i386 >Synopsis: i386 lastest.ssl freebsd-update file is invalid >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 05 20:20:11 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Derek Schrock >Release: 8.2-p6 >Organization: >Environment: FreeBSD ircbsd.lifeofadishwasher.com 8.2-RELEASE-p3 FreeBSD 8.2-RELEASE-p3 #0: Tue Sep 27 18:07:27 UTC 2011 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 >Description: When trying to use freebsd-update to perform a binary update to 9.0-RELEASE I get the following message: Fetching metadata signature for 9.0-RELEASE from update4.FreeBSD.org... invalid signature. Fetching metadata signature for 9.0-RELEASE from update2.FreeBSD.org... invalid signature. Fetching metadata signature for 9.0-RELEASE from update5.FreeBSD.org... invalid signature. Fetching metadata signature for 9.0-RELEASE from update3.FreeBSD.org... invalid signature. No mirrors remaining, giving up. It appears the latest.ssl file on the update servers is bad: #fetch http://update5.freebsd.org/9.0-RELEASE/i386/latest.ssl latest.ssl 100% of 512 B 4064 kBps # openssl rsautl -pubin -inkey pub.ssl -verify < latest.ssl freebsd-update|i386|9.0-RELEASE|0|e2e72ff9a28072e9c3f1b5deb00fa3761ef259246bc7f5b38326bdddad4cd04c|EOL=1359676800 Last field: EOL=1359676800 regex used to validate tag.new file: "^freebsd-update\|${ARCH}\|${RELNUM}\|[0-9]+\|[0-9a-f]{64}\|[0-9]{10}" example of the amd64 version with a valid last field: ]# fetch http://update5.freebsd.org/9.0-RELEASE/amd64/latest.ssl latest.ssl 100% of 512 B 4032 kBps # openssl rsautl -pubin -inkey pub.ssl -verify < latest.ssl freebsd-update|amd64|9.0-RELEASE|0|603c211a27349064fad20ee6dfc6ea75e8e04504bbe48107f9e328d9b6ff9a77|1359676800 >How-To-Repeat: # freebsd-update -r 9.0-RELEASE upgrade >Fix: # openssl rsautl -pubin -inkey pub.ssl -verify < latest.ssl Remove the EOL= from the last field in the tag.new file >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201201052013.q05KDSK6066551>