From: "Ludovic Courtès" <ludo@gnu.org>
To: Calle Kabo <calle@kabo.nu>
Cc: 35561@debbugs.gnu.org
Subject: bug#35561: Fresh install, guix pull exits with error, hash mismatch
Date: Tue, 07 May 2019 00:33:56 +0200 [thread overview]
Message-ID: <871s1bfc17.fsf@gnu.org> (raw)
In-Reply-To: <Le0n05N--3-1@kabo.nu> (Calle Kabo's message of "Sat, 4 May 2019 09:43:17 +0200 (CEST)")
Hi,
Calle Kabo <calle@kabo.nu> skribis:
> manager@guix ~$ guix pull
[...]
> building /gnu/store/vf1ni4bdwlya3f5ii7wq6agiwdvzapmw-letsencryptauthorityx3.pem.drv...
> downloading from https://letsencrypt.org/certs/letsencryptauthorityx3.pem...
> |sha256 hash mismatch for /gnu/store/bcq7sqhg18b7b1q87j8z60d5hybsdafm-letsencryptauthorityx3.pem:
> expected hash: 0zbamj6c7zqw1j9mbqygc8k1ykgj6xiisp9svmlif5lkbnyjhnkk
> actual hash: 1kvac1dhm1d02bhrfj6l1cz1dpldz6ishb78zzvy8245zgvh7pdn
> hash mismatch for store item '/gnu/store/bcq7sqhg18b7b1q87j8z60d5hybsdafm-letsencryptauthorityx3.pem'
These 3 files are now available from https://ci.guix.gnu.org as
substitutes:
--8<---------------cut here---------------start------------->8---
$ sha1sum *.pem
af259e2e2ebd686861e3f89be6845298bed6c223 isrgrootx1.pem
36205ada14d1cded7e85294762630b6b57088198 letsencryptauthorityx3.pem
59057c31e97d8e10cc52edb389b1e87089a245aa letsencryptauthorityx4.pem
$ for i in *.pem; do echo $(guix hash $i) $i ; done
0zhd1ps7sz4w1x52xk3v7ng6d0rcyi7y7rcrplwkmilnq5hzjv1y isrgrootx1.pem
0zbamj6c7zqw1j9mbqygc8k1ykgj6xiisp9svmlif5lkbnyjhnkk letsencryptauthorityx3.pem
003dc94c8qwj634h0dq743x7hqv9rdcfaisdksprkmi2jd107xq4 letsencryptauthorityx4.pem
--8<---------------cut here---------------end--------------->8---
and the ‘le-certs’ package itself is now available as a substitute from
ci.guix.gnu.org.
For the record, this failure stems from the combination of two issues:
(1) letsencrypt.org modified these PEM files in place, and (2) the old
copies had disappeared from ci.guix.gnu.org. Fortunately they were still
on mirror.hydra.gnu.org, which is where I copied them frmo.
We should also update our ‘le-certs’ package definition to refer to the
new file hashes.
Ludo’.
next prev parent reply other threads:[~2019-05-06 22:35 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-04 7:43 bug#35561: Fresh install, guix pull exits with error, hash mismatch Calle Kabo
2019-05-06 22:33 ` Ludovic Courtès [this message]
2019-05-06 22:59 ` Tobias Geerinckx-Rice
2019-05-06 23:20 ` Calle Kabo
2019-05-07 8:13 ` Ludovic Courtès
2019-05-07 8:39 ` Calle Kabo
2019-05-07 16:13 ` Tobias Geerinckx-Rice
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871s1bfc17.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=35561@debbugs.gnu.org \
--cc=calle@kabo.nu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.