NetBSD Problem Report #49220
From kre@munnari.OZ.AU Fri Sep 19 10:45:55 2014
Return-Path: <kre@munnari.OZ.AU>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id 1675FA656A
for <gnats-bugs@gnats.NetBSD.org>; Fri, 19 Sep 2014 10:45:55 +0000 (UTC)
Message-Id: <201409191043.s8JAhtj9015031@munnari.OZ.AU>
Date: Fri, 19 Sep 2014 17:43:55 +0700 (ICT)
From: kre@munnari.OZ.AU
To: gnats-bugs@gnats.NetBSD.org
Subject: devel/deforaos-libsystem distfile checksum error
X-Send-Pr-Version: 3.95
>Number: 49220
>Category: pkg
>Synopsis: devel/deforaos-libsystem distfile checksum error
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: khorben
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Sep 19 10:50:00 +0000 2014
>Closed-Date: Mon Mar 28 22:00:44 +0000 2016
>Last-Modified: Mon Mar 28 22:00:44 +0000 2016
>Originator: Robert Elz
>Release: NetBSD 6.99.30 (irrelevant) (pkgsrc current (HEAD) 2014-09-19)
>Organization:
Prince of Songkla University
>Environment:
System: NetBSD munnari.OZ.AU 6.99.30 NetBSD 6.99.30 (MUNNARI-DomU) #0: Mon Feb 3 19:19:20 ICT 2014 kre@onyx.coe.psu.ac.th:/usr/obj/current/kernels/amd64/MUNNARI-DomU amd64
Architecture: x86_64
Machine: amd64
>Description:
The distinfo file for devel/deforaos-libsystem expects the
distfile to be 60538 - the file fetched is actually 60539
bytes ... needless to say the checksums do not match.
>How-To-Repeat:
mv ..../distfiles/libSystem-0.2.0.tar.gz /somewhere/safe/.
cd ..../pkgsrc/devel/deforaos-libsystem
make checksum
>Fix:
Find out what changed in the distfile from the version that was
used to build the package, to the version that is being
distributed now, and assuming the change is benign, update
the distinfo file (given the timing of this problem compared
with the package update, I doubt anyone but the updater has the
original distfile, so neither a DIST_SUBDIR nor a revbump
should be needed). Certainly f.n.o didn't manage to fetch the
original distfile, which suggests that it changed on the master
site before the update to the package was actually committed.
Should it appear that the distfile has been hacked (or similar)
report it upstream, and put the original on f.n.o
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->khorben
Responsible-Changed-By: ryoon@NetBSD.org
Responsible-Changed-When: Tue, 23 Sep 2014 07:02:34 +0000
Responsible-Changed-Why:
Over to maintainer
From: Pierre Pronchery <khorben@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: ryoon@NetBSD.org, pkg-manager@netbsd.org, pkgsrc-bugs@netbsd.org,
gnats-admin@netbsd.org, kre@munnari.OZ.AU
Subject: Re: pkg/49220 (devel/deforaos-libsystem distfile checksum error)
Date: Tue, 23 Sep 2014 18:58:26 +0200
On 23/09/2014 09:02, ryoon@NetBSD.org wrote:
> Synopsis: devel/deforaos-libsystem distfile checksum error
>
> Responsible-Changed-From-To: pkg-manager->khorben
> Responsible-Changed-By: ryoon@NetBSD.org
> Responsible-Changed-When: Tue, 23 Sep 2014 07:02:34 +0000
> Responsible-Changed-Why:
> Over to maintainer
Thanks for the report, I'm having a look...
--
khorben
From: Pierre Pronchery <khorben@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org, kre@munnari.OZ.AU
Subject: Re: pkg/49220 (devel/deforaos-libsystem distfile checksum error)
Date: Tue, 23 Sep 2014 19:10:56 +0200
On 23/09/2014 19:05, Pierre Pronchery wrote:
> The following reply was made to PR pkg/49220; it has been noted by GNATS.
>
> From: Pierre Pronchery <khorben@netbsd.org>
> To: gnats-bugs@NetBSD.org
> Cc: ryoon@NetBSD.org, pkg-manager@netbsd.org, pkgsrc-bugs@netbsd.org,
> gnats-admin@netbsd.org, kre@munnari.OZ.AU
> Subject: Re: pkg/49220 (devel/deforaos-libsystem distfile checksum error)
> Date: Tue, 23 Sep 2014 18:58:26 +0200
>
> On 23/09/2014 09:02, ryoon@NetBSD.org wrote:
> > Synopsis: devel/deforaos-libsystem distfile checksum error
> >
> > Responsible-Changed-From-To: pkg-manager->khorben
> > Responsible-Changed-By: ryoon@NetBSD.org
> > Responsible-Changed-When: Tue, 23 Sep 2014 07:02:34 +0000
> > Responsible-Changed-Why:
> > Over to maintainer
>
> Thanks for the report, I'm having a look...
The original size on the server is 60538 bytes, while the SHA1 sum is
c264070ff4034fbdc97aae3f7e694f84e7898365 as found in the distinfo file.
The distinfo file is therefore correct.
However, there seems to be a problem with the server-side code serving
this file with some clients in particular. Mozilla Firefox 24 issues me
a doubly gzip-encoded file, which is obviously wrong.
I am therefore keeping this bug report open while I try to fix the issue
with the server.
Sorry for the inconvenience,
--
khorben
From: Robert Elz <kre@munnari.OZ.AU>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/49220 (devel/deforaos-libsystem distfile checksum error)
Date: Wed, 24 Sep 2014 10:24:54 +0700
Date: Tue, 23 Sep 2014 17:15:01 +0000 (UTC)
From: Pierre Pronchery <khorben@netbsd.org>
Message-ID: <20140923171501.29E8BA655F@mollari.NetBSD.org>
| I am therefore keeping this bug report open while I try to fix the issue
| with the server.
That's fine - if it matters, my client was the normal pkgsrc ftp (from
6.99.something). There is no urgency about fixing this for me, I just
fetch every distfile there is to fetch (kind of like f.n.o does, except
I also fetch the non-redistributable ones).
kre
From: Robert Elz <kre@munnari.OZ.AU>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: pkg/49220 (devel/deforaos-libsystem distfile checksum error)
Date: Wed, 24 Sep 2014 21:44:05 +0700
Date: Tue, 23 Sep 2014 17:15:01 +0000 (UTC)
From: Pierre Pronchery <khorben@netbsd.org>
Message-ID: <20140923171501.29E8BA655F@mollari.NetBSD.org>
| However, there seems to be a problem with the server-side code serving
| this file with some clients in particular. Mozilla Firefox 24 issues me
| a doubly gzip-encoded file, which is obviously wrong.
I did a little more investigating too ... if I use wget to fetch it
comes correctly - with whatever pkgsrc uses by default (either the
standard ftp client, or something using libfetch - whatever it is) the
sole difference (that makes the sizes different, and alters the checksum)
is that a '1' (0x31) is appended to the file. gzip just says
trailing garbage ignored
and otherwise unpacks the file (seemingly) fine (I have not tried to
untar it to verify, but it is likely to be OK).
Maybe someone might recognise what might be appending a '1' at the end of
a file fetched using ftp (or whatever) using HTTP (port 80) - or what the
server might be doing, which apparently depends upon the client, that would
cause the file to get sent differently.
kre
State-Changed-From-To: open->closed
State-Changed-By: khorben@NetBSD.org
State-Changed-When: Mon, 28 Mar 2016 22:00:44 +0000
State-Changed-Why:
I believe this is fixed by now.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.