Folks
While trying to automate a download of the ISO files, I ran into
inconsistencies with the method of checksums. I was trying to use
the checksum values to validate my download.
At least in one mirror (mirrors.sonic.net):
Centos 7 uses a file called sha256sum.txt containing:
087a5743dc6fd6706d9b961b8147423ddc029451b938364c760d75440eb7be14
CentOS-7-x86_64-DVD-2003.iso
4120aff542c2f9a30bcf90d4d79e39511e5d9eabdf202566a94ff24ea7f0974c
CentOS-7-x86_64-Everything-2003.iso
659691c28a0e672558b003d223f83938f254b39875ee7559d1a4a14c79173193
CentOS-7-x86_64-Minimal-2003.iso
101bc813d2af9ccf534d112cbe8670e6d900425b297d1a4d2529c5ad5f226372
CentOS-7-x86_64-NetInstall-2003.iso
3febddab1498f940e3127f2f5e1056d6fef57fcd559d5b70ff1bfa55a444f176
CentOS-7-x86_64-LiveGNOME-2003.iso
92be566a5b1d2aa62acf2e4ab01ba91420e7170cdb21e2e190dd1dafcb6a8c94
CentOS-7-x86_64-LiveKDE-2003.iso
Centos 8 uses a file called CHECKSUM containing:
# CentOS-8.1.1911-x86_64-boot.iso: 625999872 bytes
SHA256 (CentOS-8.1.1911-x86_64-boot.iso) =
7fea13202bf2f26989df4175aace8fdc16e1137f7961c33512cbfad844008948
# CentOS-8.1.1911-x86_64-dvd1.iso: 7554990080 bytes
SHA256 (CentOS-8.1.1911-x86_64-dvd1.iso) =
3ee3f4ea1538e026fff763e2b284a6f20b259d91d1ad5688f5783a67d279423b
While these are fairly easy to understand as a human, a script is
burdened with the job of guessing the file name of the checksum file,
and then decoding the format. I don't know if this method is used on
all mirrors. Would it be too much to ask that there be one format
across the distributions. I suspect that SHA256 is going to be an
acceptable digest for a few years.
David
