Hello Folks 
I’m building SlicerOpenCV. And I’m getting an error that says that the MD5 hash of SlicerOpenCV-build/OpenCV-prefix/src/3.1.0.tar.gz does not match expected value.
expected: '70e1dd07f0aa06606f1bc0e3fa15abd3'
actual: 'a0669e22172dfc3225835b180744c9f0'
So it can’t download OpenCV.
And I think this is why my nightly build is failing. I’m not sure what to do… should I be contacting the OpenCV folks?
Thanks!
Most probably it was a interrupted or corrupted download. Deleting the corrupted file should fix the problem.
Andras, I did that twice yesterday. Tried again today, and still no luck.
Checked Google. Seems to be a recurring issue. Thanks for your response.
What’s in your .tar.gz file? Is it a truncated version of the file that you can download from https://github.com/Itseez/opencv/archive/3.1.0.tar.gz? Or does it contain an error message (maybe your firewall blocks it…)?
Hi guys,
SlicerPathology depends on SlicerOpenCV… I hope you can help me out.
Here’s the build error.
And it says:
-- MD5 hash of
/.../SlicerOpenCV-build/OpenCV-prefix/src/3.1.0.tar.gz
does not match expected value
expected: '70e1dd07f0aa06606f1bc0e3fa15abd3'
actual: 'a0669e22172dfc3225835b180744c9f0'
Each download failed!
Google search indicates a recurring issue that could possibly be resolved with a different CMake version.
Can you guys please help?
Thanks!
I’ve downloaded the file manually from https://github.com/Itseez/opencv/archive/3.1.0.tar.gz and the file’s MD5 sum is in fact ‘a0669e22172dfc3225835b180744c9f0’. So, it seems that the package has actually changed. It is not likely that the change is malicious or introduces errors, but it’s quite unusual that a release package is changed many months after it was released.
@tidiprima Could you check if you can find another trustworthy source for OpenCV 3.1.0 source code and compare them to make sure the package we use (https://github.com/Itseez/opencv/archive/3.1.0.tar.gz) is valid?
Nope. The problem is in SlicerOpenCV code. Hard-coded MD5. https://github.com/SBU-BMI/SlicerOpenCV/blob/master/SuperBuild/External_OpenCV.cmake#L33
The value is supposed to be hardcoded (a release package is never supposed to be changed. I would suggest to have a look what is the new content, but ultimately it’s up to the maintainers of that extension to decide if they accept the new version as is or want to do some digging. I saw that you’ve already submitted an issue (https://github.com/SBU-BMI/SlicerOpenCV/issues/41), so that should be enough - maintainers will make the necessary fix soon.
In conversations with Francois Budin the other day, he noted that the hashes on files hosted on GitHub had the property of not being consistent.
Hosting the data on Midas or Girder may address the issue.
md5 hash may only differ if the file content is changed. It would be really odd if GitHub would arbitrarily change release files.
Line endings of text files may be translated differently depending on git settings, so maybe that is what you are referring to?
No, this was for release files instead of Git repository files, which have natural hash checks due to the way Git works.