Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Installing packages from localshop fails with md5 error #28

Closed
armonge opened this Issue · 8 comments

6 participants

@armonge

I have a localshop instance running on http://192.168.1.20/, however when i try to install packages from It i get the following error:

$ pip install -ihttp://192.168.1.20/simple/ coverage
Downloading/unpacking coverage
  Downloading coverage-3.5.2.tar.gz (unknown size): 0bytes downloaded
  MD5 hash of the package http://192.168.1.20/packages/coverage/download/97/coverage-3.5.2.tar.gz#md5=28c43d41b13f8987ea14d7b1d4a4e3ec (from http://192.168.1.20/simple/coverage/) (d41d8cd98f00b204e9800998ecf8427e) doesn't match the expected hash 28c43d41b13f8987ea14d7b1d4a4e3ec!
Bad MD5 hash for package http://192.168.1.20/packages/coverage/download/97/coverage-3.5.2.tar.gz#md5=28c43d41b13f8987ea14d7b1d4a4e3ec (from http://192.168.1.20/simple/coverage/)
Storing complete log in /home/armonge/.pip/pip.log

According to the celery logs the package had previously been successfully downloaded

[2012-08-24 09:01:53,581: INFO/MainProcess] Got task from broker: localshop.apps.packages.tasks.download_file[e854d68d-812a-4172-8783-c6c65844357a]
[2012-08-24 09:01:53,627: DEBUG/MainProcess] Mediator: Running callback for task: localshop.apps.packages.tasks.download_file[e854d68d-812a-4172-8783-c6c65844357a]
[2012-08-24 09:01:53,628: DEBUG/MainProcess] TaskPool: Apply <function execute_and_trace at 0x9be8a3c> (args:('localshop.apps.packages.tasks.download_file', 'e854d68d-812a-4172-8783-c6c65844357
a', [], {'pk': 97}) kwargs:{'hostname': 'localhost.localdomain', 'request': {'retries': 0, 'task': 'localshop.apps.packages.tasks.download_file', 'utc': False, 'loglevel': 10, 'delivery_info': 
{'routing_key': u'celery', 'exchange': u'celery'}, 'args': [], 'expires': None, 'is_eager': False, 'eta': None, 'hostname': 'localhost.localdomain', 'kwargs': {'pk': 97}, 'logfile': None, 'id':
 'e854d68d-812a-4172-8783-c6c65844357a'}})
[2012-08-24 09:01:53,628: DEBUG/MainProcess] Task accepted: localshop.apps.packages.tasks.download_file[e854d68d-812a-4172-8783-c6c65844357a] pid:10546
[2012-08-24 09:01:53,735: INFO/PoolWorker-1] Downloading http://pypi.python.org/packages/source/c/coverage/coverage-3.5.2.tar.gz
[2012-08-24 09:01:53,737: INFO/PoolWorker-1] Starting new HTTP connection (1): pypi.python.org
[2012-08-24 09:01:54,046: DEBUG/PoolWorker-1] "GET /packages/source/c/coverage/coverage-3.5.2.tar.gz HTTP/1.1" 200 115497
[2012-08-24 09:01:57,436: INFO/PoolWorker-1] Complete
[2012-08-24 09:01:57,529: INFO/MainProcess] Task localshop.apps.packages.tasks.download_file[e854d68d-812a-4172-8783-c6c65844357a] succeeded in 3.90104198456s: None

The md5 of the file in cache seems to be:

md5sum .localshop/files/source/c/coverage/coverage-3.5.2.tar.gz 
d41d8cd98f00b204e9800998ecf8427e  .localshop/files/source/c/coverage/coverage-3.5.2.tar.gz

And more interesting is that the file seems to be empy

du -h .localshop/files/source/c/coverage/coverage-3.5.2.tar.gz
0   .localshop/files/source/c/coverage/coverage-3.5.2.tar.gz

For the record I am using the following software versions

Django          - 1.4.1        - active 
Python          - 2.7.3        - active development (/usr/lib/python2.7/lib-dynload)
South           - 0.7.6        - active 
amqplib         - 1.0.2        - active 
anyjson         - 0.3.3        - active 
celery          - 2.5.5        - active 
distribute      - 0.6.24       - active 
django-celery   - 2.4.2        - active 
django-kombu    - 0.9.4        - active 
django-model-utils - 1.1.0        - active 
django-picklefield - 0.2.1        - active 
docutils        - 0.8.1        - active 
gunicorn        - 0.14.6       - active 
kombu           - 2.1.8        - active 
localshop       - 0.3          - active 
lockfile        - 0.9.1        - active 
logan           - 0.3.1        - active 
netaddr         - 0.7.6        - active 
pip             - 1.1          - active 
python-daemon   - 1.6          - active 
python-dateutil - 1.5          - active 
requests        - 0.13.8       - active 
wsgiref         - 0.1.2        - active development (/usr/lib/python2.7)
yolk            - 0.4.3        - active 

Also I'd be willing to lend all the help i can, provided some direction

@ejhayes

I ran into this issue as well. It appears to be fixed in the develop branch.

@mvantellingen

Sorry for the way to late response :(

This seems to be indeed fixed in the develop branch, so i'm closing it :)

@dokipen

That is the md5 of an empty string. I'm getting the same error with a different package. Can we have a release or at least a hint at what commit fixes the problem?

@dokipen

The actual file was empty on the file system, so I'm assuming it has something to do with a failed download.

@dokipen

Manually putting the file in the file system fixes the issue.

@mvantellingen

Oke, well I think the best thing to do is actually check the MD5 hash after mirroring it. Shouldn't be too hard. Will do this for the next version

@mvantellingen mvantellingen reopened this
@victorhooi

Hi,

We seem to be hitting strange MD5 issues as well. E.g.:

pip install -i http://localhost:8000/simple/ Twisted
Downloading/unpacking Twisted
  Downloading Twisted-12.3.0.tar.bz2
  Hash of the package http://localhost:8000/packages/Twisted/download/627/Twisted-12.3.0.tar.bz2#md5=6e289825f3bf5591cfd670874cc0862d (from http://localhost:8000/simple/Twisted/) (<md5 HASH object @ 0x1cf56df8>) doesn't match the expected hash 6e289825f3bf5591cfd670874cc0862d!
Bad md5 hash for package http://localhost:8000/packages/Twisted/download/627/Twisted-12.3.0.tar.bz2#md5=6e289825f3bf5591cfd670874cc0862d (from http://localhost:8000/simple/Twisted/)
Storing complete log in /home/pythonapac/.pip/pip.log

Checking PyPi - the md5sum for Twisted-12.3.0.tar.bz2 is 6e289825f3bf5591cfd670874cc0862d:

https://pypi.python.org/pypi/Twisted

However, in the above, PyPi seems to say that two equal ones are not equal? (Unless that ! is causing issues?).

Cheers,
Victor

@mminten

Hi,

I have exactly the same issue installing jira-python:

pip install jira-python
at 'some stage' an error is returned:

Hash of the package https://pypi.python.org/packages/source/i/ipython/ipython-0.13.1.zip#md5=75ace1afede8fe8cd6143e35ca4418bd (from https://pypi.python.org/simple/ipython/) () doesn't match the expected hash 75ace1afede8fe8cd6143e35ca4418bd!

while the indicated hash is exactly the 'expected' hash !? :-(

How to go foreward ???

Cheers

@cwood cwood referenced this issue from a commit in hzdg/localshop
@mvantellingen Validate the md5 hash of the mirrored releases
This should fix #28
e1b025a
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.