Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Corrupt upgrade file or bad hash?

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    3 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      Boolah
      last edited by

      I tried downloading the v2.3.2 full upgrade file (pfSense-CE-Full-Update-2.3.2-RELEASE-amd64.tgz) from four different mirrors and get a hash (SHA-256) of:

      3CC43FBF706E33B25750064C7D1FBBDC77D6675C355D877A4B959CD5D77D9B6E

      from all of them, but the pfSense web site lists the hash as:

      9886d4ce68bf756795085f375e81a51c067297f112502104d382fec0ca0769bc

      Has the file been corrupted on the mirrors, is the listed hash bad or did I screw something up?

      The hashes for the amd64 ISO and memstick check out just fine.

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        The update files' sha256 were originally on the updates prior to being signed. They've been updated to match, and I added a note to the release documentation to ensure the steps are always run in the described order so that doesn't happen in the future. Thanks for the report.

        1 Reply Last reply Reply Quote 0
        • M Offline
          moterpent
          last edited by

          I'm seeing the same thing when trying to go from 2.2.4-RELEASE to 2.3.1.  2.3.1 is what the auto-updater selects even thought 2.3.2 is out there.

          In any case, updater is pulling from the following location:

          http://updates.pfsense.org/_updaters/amd64/latest.tgz

          Manually calculating sha256 on the file gives:

          3cc43fbf706e33b25750064c7d1fbbdc77d6675c355d877a4b959cd5d77d9b6e

          While the latest.tgz.sha256 gives:

          12e1e22262f9424324e86c208d7aa741c90d1c79f6120e1b365aa942faebc247

          I'm assuming it's safe to proceed with latest.tgz, but wanted to check considering the hashes are there for a reason.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.