From: Danilo Bargen <mail@dbrgn.ch>
To: buildroot@buildroot.org
Subject: [Buildroot] Hash verification from GitHub
Date: Sun, 16 Jan 2022 23:04:04 +0100 [thread overview]
Message-ID: <20220116230404.71f68dbb@c3po> (raw)
Hello folks
I'm trying to create a new buildroot package (my first one). This is
what the makefile (tealdeer.mk) looks like:
TEALDEER_VERSION = 1.5.0
TEALDEER_SITE = $(call github,dbrgn,tealdeer,v$(TEALDEER_VERSION))
TEALDEER_LICENSE = Apache-2.0 or MIT
TEALDEER_LICENSE_FILES = LICENSE-APACHE LICENSE-MIT
$(eval $(cargo-package))
The URL should expand to
https://github.com/dbrgn/tealdeer/archive/v1.5.0/tealdeer-1.5.0.tar.gz.
To generate the checksum, I ran:
$ sha256sum tealdeer-1.5.0.tar.gz
00902a50373ab75fedec4578c6c2c02523fad435486918ad9a86ed01f804358a tealdeer-1.5.0.tar.gz
I also added a hash file (tealdeer.hash):
# Locally generated
sha256 00902a50373ab75fedec4578c6c2c02523fad435486918ad9a86ed01f804358a tealdeer-1.5.0.tar.gz
sha256 62c7a1e35f56406896d7aa7ca52d0cc0d272ac022b5d2796e7d6905db8a3636a LICENSE-APACHE
sha256 a313b5e62b80a08f3aae0fa62ff3de8482ef55247299eb352ab44f87ef456b1b LICENSE-MIT
When building this package, checksum verification fails every time.
ERROR: tealdeer-1.5.0.tar.gz has wrong sha256 hash:
ERROR: expected: 00902a50373ab75fedec4578c6c2c02523fad435486918ad9a86ed01f804358a
ERROR: got : 42febf9ee84721b9230077d62e2fc51201fd59624d3c776ccc1a634788768a60
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
No matter how I download the file (via wget, through the GitHub web UI,
etc), it always results in the SHA256 checksum starting with 009...,
but buildroot always thinks it should be 42f... I also tried changing
the TEALDEER_SITE variable as follows:
TEALDEER_SITE = https://github.com/dbrgn/tealdeer/archive/v$(TEALDEER_VERSION)
...to ensure that this URL is *really* being downloaded, but it fails
every time.
Full build log can be found here:
https://gist.github.com/dbrgn/cc9e96051a079f5b63c531ca3c195954
Does someone have any pointers why the hash verification would fail in
this case? It must be some obvious mistake I'm making, but I cannot
figure out what it is.
Best regards,
Danilo Bargen
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next reply other threads:[~2022-01-16 22:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-16 22:04 Danilo Bargen [this message]
2022-01-16 22:14 ` [Buildroot] Hash verification from GitHub James Hilliard
2022-01-16 22:37 ` Danilo Bargen
2022-01-16 22:51 ` James Hilliard
2022-01-17 10:17 ` Yann E. MORIN
2022-01-17 10:24 ` Danilo Bargen
2022-01-17 10:32 ` Yann E. MORIN
2022-01-17 15:54 ` Yann E. MORIN
2022-01-17 16:06 ` Yann E. MORIN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220116230404.71f68dbb@c3po \
--to=mail@dbrgn.ch \
--cc=buildroot@buildroot.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox