[MacPorts] #62869: sparskit @2: checksum mismatch

MacPorts noreply at macports.org
Tue May 11 15:20:31 UTC 2021 

#62869: sparskit @2: checksum mismatch
------------------------+----------------------
 Reporter:  ryandesign  |      Owner:  dstrubbe
     Type:  defect      |     Status:  assigned
 Priority:  Normal      |  Milestone:
Component:  ports       |    Version:  2.6.4
 Keywords:              |       Port:  sparskit
------------------------+----------------------
 We last mirrored distfiles for sparskit back in 2015:

 {{{
 $ curl -IL https://distfiles.macports.org/sparskit/SPARSKIT2.tar.gz
 HTTP/1.1 200 OK
 Connection: keep-alive
 Content-Length: 1172672
 Server: Apache/2.4
 Last-Modified: Sun, 30 Aug 2015 14:33:02 GMT
 ETag: "11e4c0-51e8831b6c380"
 Cache-Control: max-age=2592000, public
 Content-Type: application/x-gzip
 Via: 1.1 varnish, 1.1 varnish
 Accept-Ranges: bytes
 Date: Tue, 11 May 2021 15:12:50 GMT
 Age: 29512
 X-Served-By: cache-fra19123-FRA, cache-dfw18626-DFW
 X-Cache: HIT, HIT
 X-Cache-Hits: 1, 1
 X-Timer: S1620745970.150409,VS0,VE2
 }}}

 But the upstream file is unversioned and was last updated in 2019:

 {{{
 $ curl -IL https://www-
 users.cs.umn.edu/~saad/software/SPARSKIT/SPARSKIT2.tar.gz
 HTTP/1.1 200 OK
 Date: Tue, 11 May 2021 15:12:30 GMT
 Server: Apache
 Last-Modified: Mon, 10 Jun 2019 16:17:08 GMT
 ETag: "13a511-58afa8311a1b1"
 Accept-Ranges: bytes
 Content-Length: 1287441
 Content-Type: application/x-gzip
 }}}

 Therefore, if the user happens to fetch from upstream instead of our
 mirror, [https://build.macports.org/builders/ports-
 11_arm64-builder/builds/20230/steps/install-port/logs/stdio a checksum
 mismatch occurs]:

 {{{
 --->  Checksumming SPARSKIT2.tar.gz
 DEBUG: Calculated (rmd160) is 77a75cd20678b190814084c28e4b72533210e9cd
 Error: Checksum (rmd160) mismatch for SPARSKIT2.tar.gz
 Portfile checksum: SPARSKIT2.tar.gz rmd160
 95554593896300d7823f40956a428e8e7c57bb78
 Distfile checksum: SPARSKIT2.tar.gz rmd160
 77a75cd20678b190814084c28e4b72533210e9cd
 DEBUG: Calculated (sha256) is
 ecdd0a9968d6b45153a328710a42fe87600f0bba0e3c53896090b8ae1c113b7a
 Error: Checksum (sha256) mismatch for SPARSKIT2.tar.gz
 Portfile checksum: SPARSKIT2.tar.gz sha256
 b355ab934860d345a60d9961e456b0fc2e7681ba9a8c7c3b42c7bf6ff28e34af
 Distfile checksum: SPARSKIT2.tar.gz sha256
 ecdd0a9968d6b45153a328710a42fe87600f0bba0e3c53896090b8ae1c113b7a
 DEBUG: Calculated (size) is 1287441
 Error: Checksum (size) mismatch for SPARSKIT2.tar.gz
 Portfile checksum: SPARSKIT2.tar.gz size 1172672
 Distfile checksum: SPARSKIT2.tar.gz size 1287441
 The correct checksum line may be:
 checksums           rmd160  77a75cd20678b190814084c28e4b72533210e9cd \
                     sha256
 ecdd0a9968d6b45153a328710a42fe87600f0bba0e3c53896090b8ae1c113b7a \
                     size    1287441
 }}}

 The port should presumably be updated to the latest upstream version. The
 [wiki:PortfileRecipes#unversioned-distfiles unversioned distfile recipe]
 should be followed. The version number of the port should be amended
 accordingly.

 The upstream web site enforces https so the homepage in the portfile
 should be updated to match.

 On High Sierra I am unable to connect to their web server with macOS curl:

 {{{
 $ /usr/bin/curl -I https://www-users.cs.umn.edu/~saad/software/SPARSKIT/
 curl: (60) SSL certificate problem: certificate has expired
 More details here: https://curl.haxx.se/docs/sslcerts.html

 curl performs SSL certificate verification by default, using a "bundle"
  of Certificate Authority (CA) public keys (CA certs). If the default
  bundle file isn't adequate, you can specify an alternate file
  using the --cacert option.
 If this HTTPS server uses a certificate signed by a CA represented in
  the bundle, the certificate verification probably failed due to a
  problem with the certificate (it might be expired, or the name might
  not match the domain name in the URL).
 If you'd like to turn off curl's verification of the certificate, use
  the -k (or --insecure) option.
 HTTPS-proxy has similar options --proxy-cacert and --proxy-insecure.
 }}}

 It works fine with MacPorts curl:

 {{{
 $ /opt/local/bin/curl -I https://www-
 users.cs.umn.edu/~saad/software/SPARSKIT/
 HTTP/1.1 200 OK
 Date: Tue, 11 May 2021 15:17:14 GMT
 Server: Apache
 Last-Modified: Mon, 10 Jun 2019 16:17:08 GMT
 ETag: "679-58afa83085518"
 Accept-Ranges: bytes
 Content-Length: 1657
 Vary: Accept-Encoding
 Content-Type: text/html
 }}}

 Still, this probably means there is a mistake in their TSL configuration
 that they will need to resolve if we are to be able to mirror the new
 distfile after you update the port

-- 
Ticket URL: <https://trac.macports.org/ticket/62869>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list