github port group
Joshua Root
jmr at macports.org
Sun Apr 22 14:21:52 PDT 2012
On 2012-4-23 06:51 , Ryan Schmidt wrote:
> No, I'm trying to protect against the gzip compression of the tar archive varying from generation to generation. gzip compression uses entropy -- random numbers. If you have two identical tar archives, and gzip compress them with the same settings, the resulting gzip files will not be byte for byte identical, and thus they'll have different checksums:
>
> $ sha1sum *.tar
> 92bfe8b02b49b977a18c9f8e8d301a0ef159fe51 1.tar
> 92bfe8b02b49b977a18c9f8e8d301a0ef159fe51 2.tar
> $ gzip 1.tar
> $ gzip 2.tar
> $ sha1sum *.tar.gz
> 39c6beda6851d98295f770a11b8ea122647ae4c8 1.tar.gz
> 7a95ea746e698d367ec155e4387972051e1a2e38 2.tar.gz
> $
Nonsense. The gzip files in the above example differ because they
contain files with different names.
I haven't looked into it in detail, but I would guess the actual reason
the tarballs end up having different checksums when regenerated is
because of the timestamps.
- Josh
More information about the macports-dev
mailing list