On Sunday 01 October 2006 02:23, David Relson wrote: > In the last few days I've been encountering lots of "Digest > verification failed" messages indicating SHA256 verification > problems (see below). > > Searching the web, I've found the "generate your own" digest solution, > i.e. "ebuild ...package...ebuild digest". Since the checksums are > present to ensure integrity, this seems like a bad idea. > > Is it a bad idea to generate my own digest values?
Yes. There is now a section about it in the handbook [1]. > If so, what are the alternatives? [SNIP] > !!! Digest verification failed: > !!! /usr/portage/sys-devel/gettext/files/gettext-0.12.1-without_java.patch > !!! Reason: Failed on SHA256 verification > !!! Got: > 6dfefe191bc9435a957f7f6ff0658a771cf6ccffbaf169cae79ce7017a0421ee > !!! Expected: > c5a6a223c8be6ba11f1c180c7f381914abe127c0dffb0ec91d2e0a8e06892c92 Since the offending file is in the portage tree rather than in distfiles it doesn't make a lot of sense to delete it since only a sync will be able to refetch it anyway. Had it been in distfiles then Dales suggestions are correct. In this case, however, the problem isn't with the file rather it's with dev-util/pycrypto (which calculates the hash) [2]. And wow, that bug is really old by now! ;P The solution: # emerge -va1 =dev-python/pycrypto-2.0.1-r5 [1] http://www.gentoo.org/doc/en/handbook/handbook-amd64.xml?part=2&chap=1#doc_chap4 [2] http://bugs.gentoo.org/show_bug.cgi?id=131293 -- Bo Andresen
pgpNFNyfLTT20.pgp
Description: PGP signature
