Date: Wed, 28 Sep 2011 20:45:01 -0500 (CDT) From: Lars Eighner <portsuser@larseighner.com> To: Kurt Buff <kurt.buff@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: libgcrypt SHA256 mismatch? Message-ID: <alpine.BSF.2.00.1109282034210.61731@abbf.6qbyyneqvnyhc> In-Reply-To: <CADy1Ce5uZa9O1kTWe1rN0Wo6N1r0kLbdbRXJ=Ntaq8cTN6mXsA@mail.gmail.com> References: <CADy1Ce5uZa9O1kTWe1rN0Wo6N1r0kLbdbRXJ=Ntaq8cTN6mXsA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 28 Sep 2011, Kurt Buff wrote: > All, > > I've just spun up a new 8.2-RELEASE VM, and gotten a fresh ports tree. > I tried to install XFCE4, but it has ended with an error: > > ===> Verifying install for gcrypt.18 in /usr/ports/security/libgcrypt > ===> License GPLv2 LGPL21 accepted by the user > ===> Extracting for libgcrypt-1.5.0 > => SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2. > ===> Refetch for 1 more times files: libgcrypt-1.5.0.tar.bz2 > ===> License GPLv2 LGPL21 accepted by the user > => libgcrypt-1.5.0.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/. > => Attempting to fetch > http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2 > fetch: http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2: > size unknown > fetch: http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2: > size of remote file is not known > libgcrypt-1.5.0.tar.bz2 4634 B 5734 kBps > ===> License GPLv2 LGPL21 accepted by the user > => SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2. > ===> Giving up on fetching files: libgcrypt-1.5.0.tar.bz2 > Make sure the Makefile and distinfo file > (/usr/ports/security/libgcrypt/distinfo) > are up to date. If you are absolutely sure you want to override this > check, type "make NO_CHECKSUM=yes [other args]". > > > Anyone else run into this? The source file is being truncated because fetch loses its connection for one reason or another. Many servers now cut you off if you are at dial-up speeds because "net fairness" means broadband users always go to the front of the line. You can make a shell script to fetch the file and keep running it until you finally get the whole file a piece at a time or you can try ftp. When you have the whole source file (check it against distinfo) place it in /usr/ports/distfiles. Things should go fine. "Checksum mismatch" nearly always means a truncated file. I cannot ever remember seeing it otherwise. Do not override it with NO_CHECKSUM. That will be useless with a truncated file and worse than useless if a security port really has been tampered with. -- Lars Eighner http://www.larseighner.com/index.html 8800 N IH35 APT 1191 AUSTIN TX 78753-5266
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1109282034210.61731>