From owner-freebsd-questions@FreeBSD.ORG Thu Sep 29 01:45:25 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9C14B106566C for ; Thu, 29 Sep 2011 01:45:25 +0000 (UTC) (envelope-from lars@larseighner.com) Received: from mail.team1internet.com (mail.team1internet.com [216.110.13.10]) by mx1.freebsd.org (Postfix) with ESMTP id 721FC8FC0A for ; Thu, 29 Sep 2011 01:45:25 +0000 (UTC) Received: from larseighner.com (unknown [216.110.13.101]) by mail.team1internet.com (Postfix) with SMTP id 22D2316B4A9; Wed, 28 Sep 2011 20:45:20 -0500 (CDT) Received: by larseighner.com (nbSMTP-1.00) for uid 1001 lars@larseighner.com; Wed, 28 Sep 2011 20:45:03 -0500 (CDT) Date: Wed, 28 Sep 2011 20:45:01 -0500 (CDT) From: Lars Eighner X-X-Sender: lars@noos.6dollardialup To: Kurt Buff In-Reply-To: Message-ID: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-questions@freebsd.org Subject: Re: libgcrypt SHA256 mismatch? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Sep 2011 01:45:25 -0000 On Wed, 28 Sep 2011, Kurt Buff wrote: > All, > > I've just spun up a new 8.2-RELEASE VM, and gotten a fresh ports tree. > I tried to install XFCE4, but it has ended with an error: > > ===> Verifying install for gcrypt.18 in /usr/ports/security/libgcrypt > ===> License GPLv2 LGPL21 accepted by the user > ===> Extracting for libgcrypt-1.5.0 > => SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2. > ===> Refetch for 1 more times files: libgcrypt-1.5.0.tar.bz2 > ===> License GPLv2 LGPL21 accepted by the user > => libgcrypt-1.5.0.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/. > => Attempting to fetch > http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2 > fetch: http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2: > size unknown > fetch: http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2: > size of remote file is not known > libgcrypt-1.5.0.tar.bz2 4634 B 5734 kBps > ===> License GPLv2 LGPL21 accepted by the user > => SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2. > ===> Giving up on fetching files: libgcrypt-1.5.0.tar.bz2 > Make sure the Makefile and distinfo file > (/usr/ports/security/libgcrypt/distinfo) > are up to date. If you are absolutely sure you want to override this > check, type "make NO_CHECKSUM=yes [other args]". > > > Anyone else run into this? The source file is being truncated because fetch loses its connection for one reason or another. Many servers now cut you off if you are at dial-up speeds because "net fairness" means broadband users always go to the front of the line. You can make a shell script to fetch the file and keep running it until you finally get the whole file a piece at a time or you can try ftp. When you have the whole source file (check it against distinfo) place it in /usr/ports/distfiles. Things should go fine. "Checksum mismatch" nearly always means a truncated file. I cannot ever remember seeing it otherwise. Do not override it with NO_CHECKSUM. That will be useless with a truncated file and worse than useless if a security port really has been tampered with. -- Lars Eighner http://www.larseighner.com/index.html 8800 N IH35 APT 1191 AUSTIN TX 78753-5266