Bug 500697 - Error Checksumming during bigger amount of packages
Error Checksumming during bigger amount of packages
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: yum (Show other bugs)
5.4
All Linux
high Severity high
: rc
: ---
Assigned To: James Antill
BaseOS QE Security Team
: Regression
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-05-13 14:05 EDT by Petr Sklenar
Modified: 2014-01-21 01:13 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
When yum installed local packages, it defaulted to expecting SHA-256 checksums. Because packages for Red Hat Enterprise Linux 5 use MD5 checksums, the installation would fail with a bad checksum type error. Now, when yum encounters a bad SHA-256 checksum, it attempts to verify the package with a SHA-1 checksum instead, which will sucessfully verify the MD5 checksums used for Red Hat Enterprise Linux 5 packages.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-02 03:33:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
log, bad checksum type sha256 (55.11 KB, text/plain)
2009-05-13 14:05 EDT, Petr Sklenar
no flags Details
installed set of packages on system (14.16 KB, text/plain)
2009-05-13 15:28 EDT, Petr Sklenar
no flags Details

  None (edit)
Description Petr Sklenar 2009-05-13 14:05:04 EDT
Created attachment 343835 [details]
log, bad checksum type sha256

Description of problem:
yum cannot install bigger amount of packages. There is checksum error during installation of satellite which uses yum.

Version-Release number of selected component (if applicable):
# rpm -q yum rpm
yum-3.2.22-10.el5
rpm-4.4.2.3-9.el5

How reproducible:
always with installation of Satellite

Steps to Reproduce:
1. find installation tree with Satellite-5.3.0-RHEL5-re20090507.1-x86_64
2. ./install.pl  #
3. Error Checksumming, bad checksum type sha256
# there smth like 700Mb of packages
  
Actual results:
I tried i386 and x86_64 with errors:

.
.#see attachment
.
--> Processing Dependency: jakarta-commons-discovery for package: axis
--> Running transaction check
---> Package jakarta-commons-discovery.x86_64 1:0.3-4jpp.1 set to be updated
---> Package wsdl4j.x86_64 0:1.5.2-4jpp.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

Error Checksumming, bad checksum type sha256


Expected results:

It can be installed

Additional info:
it works with yum-3.2.19-18.el5 from RHEL5U3
Comment 2 seth vidal 2009-05-13 14:20:19 EDT
Is rhel5 supporting sha256 checksums?
Comment 3 Petr Sklenar 2009-05-13 14:22:44 EDT
How could I find it?
Comment 4 seth vidal 2009-05-13 14:36:06 EDT
okay, I need some info:

1. can you provide a link to the repodata where these pkgs came from?
2. can you provide the  set of pkgs installed on the system(s) where you were running this?

thanks
Comment 5 James Antill 2009-05-13 15:25:19 EDT
 I'm also reming the Regression keyword, until we get more info. ... as I _highly_ doubt that this is true (that it works on 5.3, that is).
Comment 6 Petr Sklenar 2009-05-13 15:28:13 EDT
Created attachment 343853 [details]
installed set of packages on system
Comment 7 Petr Sklenar 2009-05-13 15:33:36 EDT
system points to rhn.webqa.redhat.com and packages are downloading from channel "rhn satellite"

you can try it on rhts machine:
amd-toonie2-01.rhts.bos.redhat.com
folder: /mnt/hostel/local/Satellite-5.3.0-RHEL5-re20090507.1-i386
./install.pl

then see log with yum:
tail -f /var/log/rhn/rhn-installation.log
Comment 8 James Antill 2009-05-13 16:16:30 EDT
 Ok, I lied ... it's localinstall defaulting to sha256. This patch fixes it:

diff --git a/yum/packages.py b/yum/packages.py
index 3dc7a15..48cee27 100644
--- a/yum/packages.py
+++ b/yum/packages.py
@@ -1580,7 +1580,9 @@ class YumLocalPackage(YumHeaderPackage):
     def localPkg(self):
         return self.localpath
     
-    def _do_checksum(self, checksum_type='sha256'):
+    def _do_checksum(self, checksum_type=None):
+        if checksum_type is None:
+            checksum_type = misc._default_checksums[0]
         if not self._checksum:
             self._checksum = misc.checksum(checksum_type, self.localpath)
             self._checksums = [(checksum_type, self._checksum, 1)]
Comment 14 Ruediger Landmann 2009-09-01 15:46:57 EDT
Release note added. If any revisions are required, please set the 
"requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.

New Contents:
When yum installed local packages, it defaulted to expecting SHA-256 checksums. Because packages for Red Hat Enterprise Linux 5 use MD5 checksums, the installation would fail with a bad checksum type error. Now, when yum encounters a bad SHA-256 checksum, it attempts to verify the package with a SHA-1 checksum instead, which will sucessfully verify the MD5 checksums used for Red Hat Enterprise Linux 5 packages.
Comment 15 errata-xmlrpc 2009-09-02 03:33:16 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-1419.html

Note You need to log in before you can comment on or make changes to this bug.