fetch2: avoid reuse download filenames

When fetch task runs and while running checksum validation
detects that for a source file the checksum mismatches,
instead of aborting, its allowing to move aside and download again.
This might allow users to taint the source files instead of acting
as a safe mechanism to fix some issue occurred on the download stage.

Signed-off-by: Pedro Ferreira <Pedro.MS.Ferreira@ctw.mbwgroup.com>
---
 lib/bb/fetch2/__init__.py | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

On Mon, 2026-03-02 at 15:14 +0000, Pedro Ferreira via lists.openembedded.org wrote:
> When fetch task runs and while running checksum validation
> detects that for a source file the checksum mismatches,
> instead of aborting, its allowing to move aside and download again.
> This might allow users to taint the source files instead of acting
> as a safe mechanism to fix some issue occurred on the download stage.
> 
> Signed-off-by: Pedro Ferreira <Pedro.MS.Ferreira@ctw.mbwgroup.com>
> ---
>  lib/bb/fetch2/__init__.py | 11 ++++-------
>  1 file changed, 4 insertions(+), 7 deletions(-)

Do you have a bit more information about the issue you ran into?

This behaviour was added so that a "bad" mirror with a broken file
wouldn't stop a build when there were mirrors with the correct file
present. That is beneficial for some scenarios.

Cheers,

Richard


> diff --git a/lib/bb/fetch2/__init__.py b/lib/bb/fetch2/__init__.py
> index dcf7adc26..b8d8957b0 100644
> --- a/lib/bb/fetch2/__init__.py
> +++ b/lib/bb/fetch2/__init__.py
> @@ -716,13 +716,10 @@ def verify_donestamp(ud, d, origud=None):
>                  p.dump(checksums)
>          return True
>      except ChecksumError as e:
> -        # Checksums failed to verify, trigger re-download and remove the
> -        # incorrect stamp file.
> -        logger.warning("Checksum mismatch for local file %s\n"
> -                       "Cleaning and trying again." % ud.localpath)
> -        if os.path.exists(ud.localpath):
> -            rename_bad_checksum(ud, e.checksum)
> -        bb.utils.remove(ud.donestamp)
> +        # If there is a checksum mismatch, it is likely because the file
> +        # is being tainted or some corruption is occurring when downloading.
> +        # Download cache should be cleaned up before trying again.
> +        bb.fatal("Checksum mismatch for local file %s\n" % ud.localpath)
>      return False
>  
>  
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#19097): https://lists.openembedded.org/g/bitbake-devel/message/19097
> Mute This Topic: https://lists.openembedded.org/mt/118095154/1686473
> Group Owner: bitbake-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/bitbake-devel/unsub [richard.purdie@linuxfoundation.org]
> -=-=-=-=-=-=-=-=-=-=-=-

Hi Richard,

This was detected internally when users modify source files and update
the hashes inside the recipes to match. Bitbake is allowing this operations
because it identifies a mismatch and renames it to procede with the download.

I tested this locally with:

- Create a source file, for example, test_download.tar.gz
- Create a simple http server (python3 -m http.server 1212 )
- Create a small recipe, local_test.bb
------------------------------------------------------------------------
SUMMARY = "local test recipe"
DESCRIPTION = "Downloads and installs test files"
LICENSE = "CLOSED"

SRC_URI = "http://0.0.0.0:1212/test_download.tar.gz"

S = "${WORKDIR}"

SRC_URI[md5sum] = "12e597833772126eade44740570aab3c"
SRC_URI[sha256sum] = "f03e325aa451beda1b340a7ce0fcfd620b74c86e12b8156a3d4949f7de67fc87"

do_install() {
install -d ${D}/etc/test
install  ${S}/README.md -C ${D}/etc/test
}

FILES:${PN} = "/etc/test/README.md"

------------------------------------------------------------------------
- Run it: bitbake -C fetch local-test
- Modify source file
- Update the hash
- Run it: bitbake -C fetch local-test
- A warning is raised: WARNING: local-test-1.0-r0 do_fetch: Renaming /home/test/yocto-downloads/test_download.tar.gz to /home/test/yocto-downloads/test_download.tar.gz_bad-checksum_f03e325aa451beda1b340a7ce0fcfd620b74c86e12b8156a3d4949f7de67fc87
- Bitbake continues the next steps with this new tarball.

Cheers.

On Mon Mar 2, 2026 at 5:54 PM CET, pedro.ms.ferreira via lists.openembedded.org wrote:
> Hi Richard,
>
> This was detected internally when users modify source files and update
> the hashes inside the recipes to match. Bitbake is allowing this operations
> because it identifies a mismatch and renames it to procede with the download.
>
> I tested this locally with:
>
> - Create a source file, for example, test_download.tar.gz
> - Create a simple http server (python3 -m http.server 1212 )
> - Create a small recipe, local_test.bb
> ------------------------------------------------------------------------
> SUMMARY = "local test recipe"
> DESCRIPTION = "Downloads and installs test files"
> LICENSE = "CLOSED"
>
> SRC_URI = "http://0.0.0.0:1212/test_download.tar.gz"
>
> S = "${WORKDIR}"
>
> SRC_URI[md5sum] = "12e597833772126eade44740570aab3c"
> SRC_URI[sha256sum] = "f03e325aa451beda1b340a7ce0fcfd620b74c86e12b8156a3d4949f7de67fc87"
>
> do_install() {
> install -d ${D}/etc/test
> install  ${S}/README.md -C ${D}/etc/test
> }
>
> FILES:${PN} = "/etc/test/README.md"
>
> ------------------------------------------------------------------------
> - Run it: bitbake -C fetch local-test
> - Modify source file
> - Update the hash
> - Run it: bitbake -C fetch local-test
> - A warning is raised: WARNING: local-test-1.0-r0 do_fetch: Renaming /home/test/yocto-downloads/test_download.tar.gz to /home/test/yocto-downloads/test_download.tar.gz_bad-checksum_f03e325aa451beda1b340a7ce0fcfd620b74c86e12b8156a3d4949f7de67fc87
> - Bitbake continues the next steps with this new tarball.
>
> Cheers.

Note: This is related to 16154 – Mirroring process fails if an archive changes hash without changing name
https://bugzilla.yoctoproject.org/show_bug.cgi?id=16154