The digest verification fails for file-4.20.tar.gz, neither redownload, manual download (different mirror) nor resyncing helped. So I guess the checksums in the tree are wrong. My md5: 402bdb26356791bd5d277099adacc006 digest-file-4.20: 709cfeea8b802f80d21da915658cd9fe
$ md5sum /usr/portage/distfiles/file-4.20.tar.gz 709cfeea8b802f80d21da915658cd9fe /usr/portage/distfiles/file-4.20.tar.gz You apparently have faulty download.
Yes, and that's the wrong md5... I downloaded the file from 3 different locations, and all have 402bdb26356791bd5d277099adacc006. (if you don't believe me: http://www.linuxfromscratch.org/lfs/view/development/chapter03/packages.html, just another example) This is definitely the wrong md5 (and when you get this wrong md5, one faulty mirror).
no, upstream file decided to change the tarball and release it again without changing the name ... they tweaked the perl magic file slightly