From owner-freebsd-questions@FreeBSD.ORG Thu Sep 29 17:21:15 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D7EF71065674 for ; Thu, 29 Sep 2011 17:21:15 +0000 (UTC) (envelope-from kurt.buff@gmail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 718008FC18 for ; Thu, 29 Sep 2011 17:21:15 +0000 (UTC) Received: by wwe3 with SMTP id 3so1306890wwe.31 for ; Thu, 29 Sep 2011 10:21:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=Ta+JTDuANJ2kcKLmDQDcWZECD1ONrwoxliFY9tx3tJM=; b=Kk+vhhmgzRmPrwMxDKezp1lvbK3G/eX2OglutuUhV2/BzLc+cm61hLdxygdVmHR3C5 82e1BHdjRUFX6GIoRx/w/n80y78yUFstIyZXOoe9+l/R029nZkYcRD6eH7qhkI3kq7Nn syBS00mNGfOmKxHc5oMEDHZh0T7kSk9NVgQ7g= MIME-Version: 1.0 Received: by 10.216.176.14 with SMTP id a14mr12249505wem.6.1317316874267; Thu, 29 Sep 2011 10:21:14 -0700 (PDT) Received: by 10.216.81.144 with HTTP; Thu, 29 Sep 2011 10:21:14 -0700 (PDT) In-Reply-To: References: Date: Thu, 29 Sep 2011 10:21:14 -0700 Message-ID: From: Kurt Buff To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: libgcrypt SHA256 mismatch? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Sep 2011 17:21:16 -0000 On Wed, Sep 28, 2011 at 18:45, Lars Eighner wro= te: > On Wed, 28 Sep 2011, Kurt Buff wrote: > >> All, >> >> I've just spun up a new 8.2-RELEASE VM, and gotten a fresh ports tree. >> I tried to install XFCE4, but it has ended with an error: >> >> =3D=3D=3D> =C2=A0 =C2=A0Verifying install for gcrypt.18 in /usr/ports/se= curity/libgcrypt >> =3D=3D=3D> =C2=A0License GPLv2 LGPL21 accepted by the user >> =3D=3D=3D> =C2=A0Extracting for libgcrypt-1.5.0 >> =3D> SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2. >> =3D=3D=3D> =C2=A0Refetch for 1 more times files: libgcrypt-1.5.0.tar.bz2 >> =3D=3D=3D> =C2=A0License GPLv2 LGPL21 accepted by the user >> =3D> libgcrypt-1.5.0.tar.bz2 doesn't seem to exist in /usr/ports/distfil= es/. >> =3D> Attempting to fetch >> http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2 >> fetch: >> http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2: >> size unknown >> fetch: >> http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2: >> size of remote file is not known >> libgcrypt-1.5.0.tar.bz2 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0= =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 4634 =C2=A0B 5734 = kBps >> =3D=3D=3D> =C2=A0License GPLv2 LGPL21 accepted by the user >> =3D> SHA256 Checksum mismatch for libgcrypt-1.5.0.tar.bz2. >> =3D=3D=3D> =C2=A0Giving up on fetching files: libgcrypt-1.5.0.tar.bz2 >> Make sure the Makefile and distinfo file >> (/usr/ports/security/libgcrypt/distinfo) >> are up to date. =C2=A0If you are absolutely sure you want to override th= is >> check, type "make NO_CHECKSUM=3Dyes [other args]". >> >> >> Anyone else run into this? > > The source file is being truncated because fetch loses its connection for > one reason or another. =C2=A0Many servers now cut you off if you are at d= ial-up > speeds because "net fairness" means broadband users always go to the fron= t > of the line. > > You can make a shell script to fetch the file and keep running it until y= ou > finally get the whole file a piece at a time or you can try ftp. =C2=A0Wh= en you > have the whole source file (check it against distinfo) place it in > /usr/ports/distfiles. Things should go fine. > > "Checksum mismatch" nearly always means a truncated file. =C2=A0I cannot = ever > remember seeing it otherwise. =C2=A0Do not override it with NO_CHECKSUM. = =C2=A0That > will be useless with a truncated file and worse than useless if a securit= y > port really has been tampered with. Interesting. I found out what the problem is, but haven't figured out how to work around it. As a test, I put the URL (http://gnupg.org.favoritelinks.net/libgcrypt/libgcrypt-1.5.0.tar.bz2) into a web browser, and found that it's being blocked by our web filter, because the site is marked as also serving adult content. The supposed tarball in /usr/ports/distfiles is the response from the web filter, so it's junk. After repeated fetches, that is the only site my machine is using to grab the tarball. How to I tell the machine to vary its download sites (if indeed there are alternatives?) In the Makefile I see the line MASTER_SITES=3D ${MASTER_SITE_GNUPG} which I'd bet controls how it finds what sites to visit, but don't know anything beyond that. Thanks, Kurt