What to calculate checksum on?

237 views
Skip to first unread message

Johh

unread,
Dec 20, 2013, 9:17:27 AM12/20/13
to opkg-...@googlegroups.com
Hi I am trying to get checksum for single packages to work.

On packages I have not built myself they work.

I have tried these steps:

md5sum data.tar.gz

result:
6e8d3c655d19f6c55c5657b678011e8e data.tar.gz.
And in the control file:
MD5sum: 6e8d3c655d19f6c55c5657b678011e8e


I have also tried with sha256
sha256sum data.tar.gz

result:
a56d8485eae9cc758bf2ba1d1a20490a79237ff538ebbe561c572073ee3a5485 data.tar.gz
And in control file:
SHA256sum: a56d8485eae9cc758bf2ba1d1a20490a79237ff538ebbe561c572073ee3a5485

the result when I try to install my local package:
sudo opkg-cl -verbosity=4 install mypacktest.opk

result:
Collected errors:
* opkg_install_pkg: Package mypack3 md5sum mismatch. Either the opkg or the package index are corrupt. Try 'opkg update'.
* opkg_install_cmd: Cannot install package mypack3.


Am I calculating the checksum on the wrong file? Thanks for any help!


When signing a package list it is calculated on the Packages file, so I assume it should be on the data file for a package.

Regards

Paul Barker

unread,
Dec 20, 2013, 9:45:22 AM12/20/13
to opkg-devel
On 20 December 2013 14:17, Johh <johan.f...@gmail.com> wrote:
> Hi I am trying to get checksum for single packages to work.
>
> On packages I have not built myself they work.
>
> I have tried these steps:
>
> md5sum data.tar.gz
>

I'm pretty sure you need to put the checksum of the ipk/opk file into
the Packages file. I don't think you need an md5sum in the control
file within the package.

Give that a try and let me know if it works.

--
Paul Barker

Email: pa...@paulbarker.me.uk
http://www.paulbarker.me.uk

johan.f...@gmail.com

unread,
Dec 20, 2013, 11:39:42 AM12/20/13
to opkg-...@googlegroups.com
> > Hi I am trying to get checksum for single packages to work.
>
> >
>
> > On packages I have not built myself they work.
>
> >
>
> > I have tried these steps:
> >
> > md5sum data.tar.gz
>
> I'm pretty sure you need to put the checksum of the ipk/opk file into
>
> the Packages file. I don't think you need an md5sum in the control
>
> file within the package.
>

Thanks for the response Paul,

It works fine for me to have checksums in the package list, but I would like to also manually download them and be able to verify them later. I assume there must be a way to do this(?) since OPKG do react to having a checksum in the control file of a package and tries to compare it somehow.

These packages are tried to be installed without any repos linking and an empty package list is shown when run "opkg-cl list-installed".

Worst case otherwise I will just have to save the checksum separately as well.

>
>
> Give that a try and let me know if it works.
>
>
>
> --
>
> Paul Barker
>
>

Thanks for your attention, if you have any ideas for how to do this I'd appreciate it! Maybe I just remember wrong that other packages could compare a checksum from their control file instead of using a package list.

If I might be wrong I will double check it as soon as christmas is over! :D

Regards

Paul Barker

unread,
Dec 20, 2013, 11:52:03 AM12/20/13
to opkg-devel
On 20 December 2013 16:39, <johan.f...@gmail.com> wrote:
>> > Hi I am trying to get checksum for single packages to work.
>>
>> >
>>
>> > On packages I have not built myself they work.
>>
>> >
>>
>> > I have tried these steps:
>> >
>> > md5sum data.tar.gz
>>
>> I'm pretty sure you need to put the checksum of the ipk/opk file into
>>
>> the Packages file. I don't think you need an md5sum in the control
>>
>> file within the package.
>>
>
> Thanks for the response Paul,
>
> It works fine for me to have checksums in the package list, but I would like to also manually download them and be able to verify them later. I assume there must be a way to do this(?) since OPKG do react to having a checksum in the control file of a package and tries to compare it somehow.
>
> These packages are tried to be installed without any repos linking and an empty package list is shown when run "opkg-cl list-installed".
>
> Worst case otherwise I will just have to save the checksum separately as well.
>

I can't see any way for opkg to do what you want as it checks the
md5sum of the package file. Adding an "MD5Sum:" line to the control
file will change the checksum of the package so you'll never be able
to get them to match.

The best advice I can give is to create a package feed and install
from that. There is an opkg-make-index script in opkg-utils
(http://git.yoctoproject.org/cgit/cgit.cgi/opkg-utils) but it needs
documentation. Or you could just try copying the data from the control
file to a "Packages" file and adding an "MD5Sum" line. I don't know
the exact process for creating a package feed terribly well so it may
take a bit of experimentation. If you figure something out please let
me know.

Hope this helps,
Reply all
Reply to author
Forward
0 new messages