Re: [tycho-user] Problems downloading artifact (org.eclipse.equinox.laun

[Jiří Janeček <janecekjiri@xxxxxxxxx>]

Thanks, Tobias, I was not sure where should I look for solution, but know it seems this is not related to tycho.

2013/5/6 Oberlies, Tobias <tobias.oberlies@xxxxxxx>

This seems like the reason, but I don’t know for sure.

 

Tycho relies on p2 to verify the artifact integrity, and AFAIK p2 again delegates this to Equinox. So you may also look for information posted on this in p2 or Equinox.

 

Regards

Tobias

 

From: tycho-user-bounces@xxxxxxxxxxx [mailto:tycho-user-bounces@xxxxxxxxxxx] On Behalf Of Jirí Janecek
Sent: Montag, 6. Mai 2013 14:49
To: Tycho user list
Subject: Re: [tycho-user] Problems downloading artifact (org.eclipse.equinox.launcher.linux_x86_64)

 

Maybe problem solution is at the end of the log, it seems certificate for this jar has expired. Please can smb. confirm?

Thanks

JJ

 

2013/5/5 Jiří Janeček <janecekjiri@xxxxxxxxx>

Update, I tried to verify laucher jar by the help of jarsigner and it seems to be OK.

$ jarsigner -verify -verbose -certs org.eclipse.equinox.launcher.gtk.linux.x86_64_1.1.100.v20110505.jar

         971 Wed Jun 29 09:28:24 CEST 2011 META-INF/MANIFEST.MF
         476 Wed Jun 29 09:28:24 CEST 2011 META-INF/ECLIPSEF.SF
        5639 Wed Jun 29 09:28:24 CEST 2011 META-INF/ECLIPSEF.RSA
           0 Wed Jun 29 08:50:56 CEST 2011 META-INF/
sm        76 Wed Jun 29 09:28:22 CEST 2011 META-INF/eclipse.inf

      [entry was signed on 6/29/11 3:28 PM]
      X.509, CN="Eclipse.org Foundation, Inc", OU=Digital ID Class 3 - Java Object Signing, O="Eclipse.org Foundation, Inc", L=Ottawa, ST=Ontario, C=CA
      [certificate expired on 4/14/12 1:59 AM]
      X.509, CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
      [certificate is valid from 7/16/04 2:00 AM to 7/16/14 1:59 AM]
      [KeyUsage, NetscapeCertType extension does not support code signing]
      X.509, OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
      [certificate is valid from 1/29/96 1:00 AM to 8/2/28 1:59 AM]

sm      1445 Wed Jun 29 08:50:56 CEST 2011 about.html

      [entry was signed on 6/29/11 3:28 PM]
      X.509, CN="Eclipse.org Foundation, Inc", OU=Digital ID Class 3 - Java Object Signing, O="Eclipse.org Foundation, Inc", L=Ottawa, ST=Ontario, C=CA
      [certificate expired on 4/14/12 1:59 AM]
      X.509, CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
      [certificate is valid from 7/16/04 2:00 AM to 7/16/14 1:59 AM]
      [KeyUsage, NetscapeCertType extension does not support code signing]
      X.509, OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
      [certificate is valid from 1/29/96 1:00 AM to 8/2/28 1:59 AM]

sm    187935 Wed Jun 29 08:50:56 CEST 2011 eclipse_1407.so

      [entry was signed on 6/29/11 3:28 PM]
      X.509, CN="Eclipse.org Foundation, Inc", OU=Digital ID Class 3 - Java Object Signing, O="Eclipse.org Foundation, Inc", L=Ottawa, ST=Ontario, C=CA
      [certificate expired on 4/14/12 1:59 AM]
      X.509, CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
      [certificate is valid from 7/16/04 2:00 AM to 7/16/14 1:59 AM]
      [KeyUsage, NetscapeCertType extension does not support code signing]
      X.509, OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
      [certificate is valid from 1/29/96 1:00 AM to 8/2/28 1:59 AM]

sm       620 Wed Jun 29 08:50:56 CEST 2011 launcher.gtk.linux.x86_64.properties

      [entry was signed on 6/29/11 3:28 PM]
      X.509, CN="Eclipse.org Foundation, Inc", OU=Digital ID Class 3 - Java Object Signing, O="Eclipse.org Foundation, Inc", L=Ottawa, ST=Ontario, C=CA
      [certificate expired on 4/14/12 1:59 AM]
      X.509, CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
      [certificate is valid from 7/16/04 2:00 AM to 7/16/14 1:59 AM]
      [KeyUsage, NetscapeCertType extension does not support code signing]
      X.509, OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
      [certificate is valid from 1/29/96 1:00 AM to 8/2/28 1:59 AM]


  s = signature was verified
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  i = at least one certificate was found in identity scope

But still getting error mentioned above.

Jiri

jar verified.

Warning:
This jar contains entries whose signer certificate has expired.

 

2013/5/3 Jiří Janeček <janecekjiri@xxxxxxxxx>

Thanks for your response, Roland. Files listed in manifest are part of jar.

I tried to generate sha1 checksum by the help of sha1sum. Got string different string than
is listed in manifest but maybe I am doing smt. wrong because all sums in manifest end with "=" but

my sums not and are longer than sums in the manifest.

Jiri

 

2013/5/3 Roland Grunberg <rgrunber@xxxxxxxxxx>

> last few days I am facing problem building eclipse product with tycho.
> Building against my own indigo mirror to speed up build process.
>
> I am not able to build linux x86_64 bundle (win x86_(64) and linux x86 OK).
>
> Build process fails with
>
> [ERROR] Internal error: java.lang.RuntimeException: "Messages while trying
> children repositories.": ["": ["Problems downloading artifact:
> osgi.bundle,org.eclipse.equinox.launcher.gtk.linux.x86_64,1.1.100.v20110505.":
> ["File has invalid content:/tmp/signatureFile8479166695145200705.jar":
> ["Invalid content:launcher.gtk.linux.x86_64.properties", "Invalid
> content:META-INF/eclipse.inf", "Invalid content:about.html"]]]] -> [Help 1]
>
> Is there anybody with the same problem?
>
> Note that build against Juno mirror seems to be OK.

I've seen this error in the past. My issue was that the files listed
as having invalid content were unintentionally removed from the jar
but still listed in the manifest, along with checksum. This caused the
verification to fail.

You could try checking the contents of the jar to see whether the
files are there, and that their checksum matches what is listed in the
manifest. I don't know why this would be happening though, unless that
jar is being modified somehow.

Hope this helps,
--
Roland Grunberg
_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user

--
Jiří Janeček

--
Jiří Janeček

--
Jiří Janeček

_______________________________________________
tycho-user mailing list
tycho-user@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/tycho-user

--
Jiří Janeček