From: bugzilla at busybox.net <bugzilla@busybox.net>
To: buildroot@busybox.net
Subject: [Buildroot] [Bug 10511] Packages get downloaded uncompressed with wget
Date: Mon, 18 Dec 2017 14:03:35 +0000 [thread overview]
Message-ID: <bug-10511-163-9BUf82Jty2@https.bugs.busybox.net/> (raw)
In-Reply-To: <bug-10511-163@https.bugs.busybox.net/>
https://bugs.busybox.net/show_bug.cgi?id=10511
--- Comment #2 from Frank Hunleth <fhunleth@troodon-software.com> ---
(In reply to Thomas Petazzoni from comment #1)
This is due to a change in behavior with wget 1.19.2. This discussion describes
the issue: http://lists.gnu.org/archive/html/bug-wget/2017-11/msg00000.html. To
reproduce, I installed wget 1.19.2 on my system and added the following line to
qemu_arm_versatile_defconfig:
BR2_PACKAGE_ERLANG=y
Here's the result of running "make source". You can see the MD5 mismatch from
the erlang.org copy. That's because it was automatically decompressed by wget.
umask 0022 && make -C /home/fhunleth/buildroot.upstream
O=/home/fhunleth/buildroot.upstream/o/wgettest/. source
>>> erlang 20.0 Downloading
--2017-12-18 08:46:07-- http://www.erlang.org/download/otp_src_20.0.tar.gz
Resolving www.erlang.org... 31.172.186.60
Connecting to www.erlang.org|31.172.186.60|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://erlang.org/download/otp_src_20.0.tar.gz [following]
--2017-12-18 08:46:08-- http://erlang.org/download/otp_src_20.0.tar.gz
Resolving erlang.org... 192.121.151.106
Connecting to erlang.org|192.121.151.106|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 87346046 (83M) [application/x-tar]
Saving to:
?/home/fhunleth/buildroot.upstream/o/wgettest/build/.otp_src_20.0.tar.gz.5GQ6qy/output?
/home/fhunleth/buildroot.upstream/o/
100%[======================================================================>]
83.30M 582KB/s in 2m 27s
2017-12-18 08:48:35 (582 KB/s) -
?/home/fhunleth/buildroot.upstream/o/wgettest/build/.otp_src_20.0.tar.gz.5GQ6qy/output?
saved [237383680]
ERROR: otp_src_20.0.tar.gz has wrong md5 hash:
ERROR: expected: 2faed2c3519353e6bc2501ed4d8e6ae7
ERROR: got : 6d1210c2a3a9b178a751809016ef51d2
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
--2017-12-18 08:48:35-- http://sources.buildroot.net/otp_src_20.0.tar.gz
Resolving sources.buildroot.net... 176.9.16.109
Connecting to sources.buildroot.net|176.9.16.109|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 87346046 (83M) [application/x-gzip]
Saving to:
?/home/fhunleth/buildroot.upstream/o/wgettest/build/.otp_src_20.0.tar.gz.hY7Oae/output?
/home/fhunleth/buildroot.upstream/o/
100%[======================================================================>]
83.30M 3.56MB/s in 23s
2017-12-18 08:48:59 (3.59 MB/s) -
?/home/fhunleth/buildroot.upstream/o/wgettest/build/.otp_src_20.0.tar.gz.hY7Oae/output?
saved [87346046/87346046]
otp_src_20.0.tar.gz: OK (md5: 2faed2c3519353e6bc2501ed4d8e6ae7)
otp_src_20.0.tar.gz: OK (sha256:
fe80e1e14a2772901be717694bb30ac4e9a07eee0cc7a28988724cbd21476811)
otp_src_20.0.tar.gz: OK (md5: 2faed2c3519353e6bc2501ed4d8e6ae7)
otp_src_20.0.tar.gz: OK (sha256:
fe80e1e14a2772901be717694bb30ac4e9a07eee0cc7a28988724cbd21476811)
Verify that the invalidate MD5 was done on the uncompressed file:
$ gunzip otp_src_20.0.tar.gz
$ md5sum otp_src_20.0.tar
6d1210c2a3a9b178a751809016ef51d2 otp_src_20.0.tar
It seems like a configuration change on erlang.org could fix the problem as
well, but I'm not sure that's the right answer for Buildroot.
--
You are receiving this mail because:
You are on the CC list for the bug.
next prev parent reply other threads:[~2017-12-18 14:03 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-21 14:37 [Buildroot] [Bug 10511] New: Packages get downloaded uncompressed with wget bugzilla at busybox.net
2017-11-21 20:12 ` [Buildroot] [Bug 10511] " bugzilla at busybox.net
2017-12-18 14:03 ` bugzilla at busybox.net [this message]
2018-01-10 20:57 ` bugzilla at busybox.net
2018-01-10 21:17 ` bugzilla at busybox.net
2018-04-02 15:39 ` bugzilla at busybox.net
2018-04-02 16:17 ` bugzilla at busybox.net
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-10511-163-9BUf82Jty2@https.bugs.busybox.net/ \
--to=bugzilla@busybox.net \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.