On Thu, Dec 16, 2010 at 21:21, Denis Roy <
denis.roy@xxxxxxxxxxx> wrote:
> Our servers cache the checksums for optimal performance. Checksums are
> queued for computation after the first ever download of any given file. I
> have cleared them for this file, waited a bit, and they were recreated. The
> retrieved checksums are now correct.
>
> This means that, at some point, the file on disk was altered.
>
> Is this a glitch? I don't know. In a security mindset, I can see how this
> can be a feature. In my unqualified opinion, once a file is on
>
download.eclipse.org it should never be altered, but instead replaced with a
> new version.
>
> Denis
>
>
>
> On 16/12/2010 7:17 PM, Konstantin Komissarchik wrote:
>
> The build system we use for Sapphire verifies downloads of various
> dependencies by checking published md5 checksums. We’ve been having trouble
> today moving to Indigo M4 because for at least one of the files,
eclipse.org
> download server is consistently reporting the wrong checksum.
>
>
>
> This is the file in question:
>
>
>
>
http://www.eclipse.org/downloads/download.php?file=/modeling/emf/emf/downloads/drops/2.7.0/S201012150940/emf-xsd-Update-2.7.0M4a.zip
>
> Actual Checksum: 353f7c08746bcd6ab336c2ca9b3e7556
>
>
>
> This is the how we fetch the checksum:
>
>
>
>
http://www.eclipse.org/downloads/sums.php?file=/modeling/emf/emf/downloads/drops/2.7.0/S201012150940/emf-xsd-Update-2.7.0M4a.zip&type=md5
>
> Retrieved Checksum: aca8645f904c11ee2ba4cfe84f5253c4
>
>
>
> Curiously, if I go to EMF download site directly and hit their link for md5
> checksum, I get the checksum that actually matches the downloaded file. Here
> is that URL:
>
>
>
>
http://download.eclipse.org/modeling/emf/emf/downloads/drops/2.7.0/S201012150940/emf-xsd-Update-2.7.0M4a.zip.md5
>
>
>
> This appears to be a case of a glitch in
eclipse.org infrastructure. Yes?
> Can this be fixed?
>
>
>
> - Konstantin
>
> _______________________________________________
> cross-project-issues-dev mailing list
>
cross-project-issues-dev@xxxxxxxxxxx
>
https://dev.eclipse.org/mailman/listinfo/cross-project-issues-dev
>
>
> _______________________________________________
> cross-project-issues-dev mailing list
>
cross-project-issues-dev@xxxxxxxxxxx
>
https://dev.eclipse.org/mailman/listinfo/cross-project-issues-dev
>
>
_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/cross-project-issues-dev