Comment 1 Harald van Dijk (RETIRED) 2004-09-15 03:47:36 UTC

Strange:

% wget http://mysql.mirror.ok.ee/Downloads/MySQL-4.0/mysql-4.0.20.tar.gz
--14:41:34--  http://mysql.mirror.ok.ee/Downloads/MySQL-4.0/mysql-4.0.20.tar.gz
           => `mysql-4.0.20.tar.gz'
Resolving mysql.mirror.ok.ee... 195.222.16.153
Connecting to mysql.mirror.ok.ee[195.222.16.153]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 13,807,983 [application/x-tar]

100%[===========================================================================================================>] 13,807,983   494.70K/s    ETA 00:00

14:42:03 (465.24 KB/s) - `mysql-4.0.20.tar.gz' saved [13807983/13807983]

% md5sum mysql-4.0.20.tar.gz
7c75ac74e23396bd228dbc2c2d1131df  mysql-4.0.20.tar.gz
%

Could your download somehow have been corrupted? Does it work if you delete the file and retry?

Comment 2 Daniel Black (RETIRED) 2004-09-15 05:33:26 UTC

md5sum  /usr/portage/distfiles/mysql-4.0.20.tar.gz
7c75ac74e23396bd228dbc2c2d1131df  /usr/portage/distfiles/mysql-4.0.20.tar.gz


I agree - delete file and download again.

I am sorry to have to reject your suggestions (regarding a corrupted download), the reason being that I could proceed with the installation after having changed the md5 sum for this file in the portage tree to the value I reported earlier. Plus, MySQL compiled and installed perfectly. So, I cannot believe that a corrupted *.tar.bz-file decompresses, untars, compiles *and* installs just as the real thing.

Any other suggestions?

Thanks!
Martin

This is just plain stupid. It's PERFECTLY normal if "corrupted" *.tar.bz-file decompresses, untars, compiles *and* installs just as the real thing. If you'll untar file and create new tar then in 9 out of 10 files you'll get DIFFERENT file with DIFFERENT md5sum. Why ? Different file order, different metadata (user Id in tar), different compression, etc, etc. So even if tar contents is the same md5sum CAN BE different. Easily. What's so abnormal about it ?

Since I've downloaded and installed MySQL 4.0.20 just a few minutes ago and it had correct digest (7c75ac74e23396bd228dbc2c2d1131df) I suspect you just stumbled upon broken file on some mirror (may be even purposefully changed with added troyan), that's all - nothing to fix. Really.

Comment 5 Robin Johnson 2004-09-16 00:08:03 UTC

Martin: 
if you have the broken mysql download still, please make a backup copy of it.
then go to mysql's website, and download the 4.0.20 source tarball manually
compare the md5sums of the two
i've double checked that the correct md5sum is 7c75ac74e23396bd228dbc2c2d1131df

if they don't match extract them to parallel directories and run:
diff -Nuar correct.dir bad.dir >diff
and post up that diff here.

Hi Robin,

unfortunately, I do not have the file in question. I really do believe that you have checked the file from its source at mysql.com so the error has to be on my side. Nevertheless, this is rather strange and I am not quite sure what happened.

Just in case something similar happens again: how should I proceed?

(Please note: I did emerge -f mysql twice because at first I too believed to have made an error. So this error was reproducible - at least for a certain period of time and with my set of download mirrors.)

Kindest regards
Martin

Comment 7 Robin Johnson 2004-09-16 10:51:22 UTC

if you're paranoid when this happens in future, do:
cp badfile /tmp/badfile.bad
GENTOO_MIRRORS="" emerge -f package (or find the master src yourself)
compare badfile and known good source for differences.
report any deliberate malicous changes you see (but beware the some package authors do occasionally change things and not change versions, particullarly with unversioned files).

I'm closing as invalid since you got a bad mirror.