You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openoffice.apache.org by bu...@apache.org on 2013/08/01 23:25:04 UTC
svn commit: r872358 - in /websites/staging/ooo-site/trunk: cgi-bin/ content/
content/download/checksums.html
Author: buildbot
Date: Thu Aug 1 21:25:04 2013
New Revision: 872358
Log:
Staging update by buildbot for ooo-site
Modified:
websites/staging/ooo-site/trunk/cgi-bin/ (props changed)
websites/staging/ooo-site/trunk/content/ (props changed)
websites/staging/ooo-site/trunk/content/download/checksums.html
Propchange: websites/staging/ooo-site/trunk/cgi-bin/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Thu Aug 1 21:25:04 2013
@@ -1 +1 @@
-1509403
+1509433
Propchange: websites/staging/ooo-site/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Thu Aug 1 21:25:04 2013
@@ -1 +1 @@
-1509403
+1509433
Modified: websites/staging/ooo-site/trunk/content/download/checksums.html
==============================================================================
--- websites/staging/ooo-site/trunk/content/download/checksums.html (original)
+++ websites/staging/ooo-site/trunk/content/download/checksums.html Thu Aug 1 21:25:04 2013
@@ -4,7 +4,7 @@
<link href="/css/ooo.css" rel="stylesheet" type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Apache OpenOffice - How to verify downloads with checksum files?</title>
+ <title>Apache OpenOffice - How to verify the integrity of the downloaded file?</title>
<script type="text/javascript" src="../scripts/entourage.js"></script>
<style type="text/css">
/* <![CDATA[ */
@@ -36,23 +36,26 @@
// -->
</script>
-<h1>Apache OpenOffice - How to verify downloads with checksum files?</h1>
+<h1>Apache OpenOffice - How to verify the integrity of the downloaded file?</h1>
<br />
<ul>
- <li><h3><a href="other.html" title="Get the checksums for all Apache OpenOffice builds and files">
- Get the checksums for all Apache OpenOffice builds and files</a></h3></li>
- <li><h3><a href="#asc_win" title="Verify with ASC and KEYS hashes on Windows">ASC and KEYS - Windows</a></h3></li>
- <li><h3><a href="#asc_linux" title="Verify with ASC and KEYS hashes on Linux">ASC and KEYS - Linux</a></h3></li>
- <li><h3><a href="#asc_macos" title="Verify with ASC and KEYS hashes on Mac OS">ASC and KEYS - Mac OS</a></h3></li>
- <li><h3><a href="#md5_win" title="Verify with MD5 checksums on Windows">MD5 - Windows</a></h3></li>
- <li><h3><a href="#md5_linux" title="Verify with MD5 checksums on Linux">MD5 - Linux</a></h3></li>
- <li><h3><a href="#md5_macos" title="Verify with MD5 checksums on Mac OS">MD5 - Mac OS</a></h3></li>
- <li><h3><a href="#sha256_win" title="Verify with SHA256 checksums on Windows">SHA256 - Windows</a></h3></li>
- <li><h3><a href="#sha256_linux" title="Verify with SHA256 checksums on Linux">SHA256 - Linux</a></h3></li>
- <li><h3><a href="#sha256_macos" title="Verify with SHA256 checksums on Mac OS">SHA256 - Mac OS</a></h3></li>
- <li><h3><a href="#no_match" title="What to do when the checksums do not match?">
- What to do when the checksums do not match?</a></h3></li>
+ <li><h3><a href="other.html" title="Get the signatures and hash values for all Apache OpenOffice builds">
+ Get the signatures and hash values for all Apache OpenOffice builds and files</a></h3></li>
+ <li><h3><a href="#pgp_win" title="Verify with PGP/ASC and KEYS signatures on Windows">
+ PGP and KEYS - Windows</a></h3></li>
+ <li><h3><a href="#pgp_linux" title="Verify with PGP/ASC and KEYS signatures on Linux">
+ PGP and KEYS - Linux</a></h3></li>
+ <li><h3><a href="#pgp_macos" title="Verify with PGP/ASC and KEYS signatures on Mac OS">
+ PGP and KEYS - Mac OS</a></h3></li>
+ <li><h3><a href="#md5_win" title="Verify with MD5 hash values on Windows">MD5 - Windows</a></h3></li>
+ <li><h3><a href="#md5_linux" title="Verify with MD5 hash values on Linux">MD5 - Linux</a></h3></li>
+ <li><h3><a href="#md5_macos" title="Verify with MD5 hash values on Mac OS">MD5 - Mac OS</a></h3></li>
+ <li><h3><a href="#sha256_win" title="Verify with SHA256 hash values on Windows">SHA256 - Windows</a></h3></li>
+ <li><h3><a href="#sha256_linux" title="Verify with SHA256 hash values on Linux">SHA256 - Linux</a></h3></li>
+ <li><h3><a href="#sha256_macos" title="Verify with SHA256 hash values on Mac OS">SHA256 - Mac OS</a></h3></li>
+ <li><h3><a href="#no_match" title="What to do when the values do not match?">
+ What to do when the values do not match?</a></h3></li>
<li><h3><a href="#notes" title="Please read the important notes before downloading and using Apache OpenOffice">
Important Notes</a></h3></li>
</ul>
@@ -60,15 +63,16 @@
<hr style="display: block;"/>
-<h3>How to verify your download with ASC, MD5, SHA256 checksums?</h3>
+<h3>How to verify your download with PGP/ASC signatures and MD5, SHA256 hash values?</h3>
-<p>A checksum and hash prcossed on the files that were downloaded is a way to make sure that the content is authentic and
-was not manipulated by an unauthorized third party, and has not been damaged during the download process.</p>
+<p>A <a href="http://en.wikipedia.org/wiki/Checksum" title="What means to verify the file integrity?">hash value</a>
+processed on the downloaded file is a way to make sure that the content is authentic and was not manipulated by an
+unauthorized third party, and has not been damaged during the download process.</p>
<br />
-<h4>Verify with ASC and KEYS hashes</h4>
+<h4>Verify with PGP/ASC and KEYS signatures</h4>
-<p id="asc_win"><b>This is how you verify with ASC and KEYS hashes on Windows</b></p>
+<p id="pgp_win"><b>This is how you verify with PGP/ASC signatures on Windows</b></p>
<br />
<ul>
@@ -80,33 +84,34 @@ was not manipulated by an unauthorized t
<code>C:\Program Files\Gnu\GnuPg\gpg.exe</code>) until you add it to the <code>$PATH</code> system environment
variable.</li>
<li>Save the following file with your Internet browser to the location where the downloaded AOO file is stored:</li>
- <li><pre>https://people.apache.org/keys/group/openoffice.asc</pre></li>
+ <li><pre>http://www.apache.org/dist/openoffice/KEYS</pre></li>
<li>Open the start menu and enter <code>cmd.exe</code> into the search box.</li>
- <li>Now change to the directory with the downloaded AOO and ASC file, import and verify with the following commands:</li>
+ <li>Now change to the directory with the downloaded AOO and PGP/ASC file, import and verify with the following
+ commands:</li>
<li><pre>cd <path_to_AOO_and_ASC_file></pre></li>
- <li><pre>C:\Program Files\Gnu\GnuPg\gpg.exe --import openoffice.asc</pre></li>
- <li><pre>C:\Program Files\Gnu\GnuPg\gpg.exe --verify <ASC file>.asc <AOO file>.exe</pre></li>
- <li>When both checksums match it is indicated with an "Good signature from <Person who has created the signature>
+ <li><pre>C:\Program Files\Gnu\GnuPg\gpg.exe --import KEYS</pre></li>
+ <li><pre>C:\Program Files\Gnu\GnuPg\gpg.exe --verify <PGP/ASC file>.asc</pre></li>
+ <li>When both signatures match it is indicated with an "Good signature from <Person who has created the signature>
statement. <br /> Otherwise "BAD signature from ...".</li>
</ul>
<br />
-<p id="asc_linux"><b>This is how you verify with ASC and KEYS hashes on Linux</b></p>
+<p id="pgp_linux"><b>This is how you verify with PGP/ASC signatures on Linux</b></p>
<br />
<ul>
- <li>Open a terminal and change to the directory with the downloaded AOO and ASC file.</li>
+ <li>Open a terminal and change to the directory with the downloaded AOO and PGP/ASC file.</li>
<li>Type in the following commands:</li>
<li><pre>cd <path_to_AOO_and_ASC_file></pre></li>
- <li><pre>wget https://people.apache.org/keys/group/openoffice.asc</pre></li>
- <li><pre>gpg --import openoffice.asc</pre></li>
- <li><pre>gpg --verify <ASC file>.asc <AOO file>.tar.gz</pre></li>
- <li>When both checksums match it is indicated with an "Good signature from <Person who has created the signature>
+ <li><pre>wget http://www.apache.org/dist/openoffice/KEYS</pre></li>
+ <li><pre>gpg --import KEYS</pre></li>
+ <li><pre>gpg --verify <PGP/ASC file>.asc</pre></li>
+ <li>When both signatures match it is indicated with an "Good signature from <Person who has created the signature>
statement. <br /> Otherwise "BAD signature from ...".</li>
</ul>
<br />
-<p id="asc_macos"><b>This is how you verify with ASC and KEYS hashes on Mac OS</b></p>
+<p id="pgp_macos"><b>This is how you verify with PGP/ASC signatures on Mac OS</b></p>
<br />
<ul>
@@ -114,17 +119,17 @@ was not manipulated by an unauthorized t
<li>Open a terminal (usually from here: "/Applications/Utilities").</li>
<li>Type in the following commands:</li>
<li><pre>cd <path_to_AOO_and_ASC_file></pre></li>
- <li><pre>curl https://people.apache.org/keys/group/openoffice.asc -o openoffice.asc</pre></li>
- <li><pre>gpg --import openoffice.asc</pre></li>
- <li><pre>gpg --verify <ASC file>.asc <AOO file>.dmg</pre></li>
- <li>When both checksums match it is indicated with an "Good signature from <Person who has created the signature>
+ <li><pre>curl http://www.apache.org/dist/openoffice/KEYS -o KEYS</pre></li>
+ <li><pre>gpg --import KEYS</pre></li>
+ <li><pre>gpg --verify <PGP/ASC file>.asc</pre></li>
+ <li>When both signatures match it is indicated with an "Good signature from <Person who has created the signature>
statement. <br /> Otherwise "BAD signature from ...".</li>
</ul>
<br />
<h4>Verify with MD5 hashes</h4>
-<p id="md5_win"><b>This is how you verify MD5 checksums on Windows</b></p>
+<p id="md5_win"><b>This is how you verify MD5 hash values on Windows</b></p>
<br />
<ul>
@@ -141,12 +146,12 @@ was not manipulated by an unauthorized t
copy the hash value.</li>
<li>Finally, click on [Compare].</li>
<li>When both hash values match a dialogbox shows "Checksums match". Otherwise "Checksums do not match".</li>
- <li>If the checksums do not match, please see the <a href="#checksums-notify"
- title="What to do when the checksums do not match?">section below</a>.</li>
+ <li>If the hash values do not match, please see the <a href="#no_match"
+ title="What to do when the values do not match?">section below</a>.</li>
</ul>
<br />
-<p id="md5_linux"><b>This is how you verify MD5 checksums on Linux</b></p>
+<p id="md5_linux"><b>This is how you verify MD5 hash values on Linux</b></p>
<br />
<ul>
@@ -154,14 +159,14 @@ was not manipulated by an unauthorized t
<li>Type in the following commands:</li>
<li><pre>cd <path_to_AOO_and_MD5_file></pre></li>
<li><pre>md5sum -c <AOO file>.tar.gz.md5</pre></li>
- <li>When both checksums match it is indicated with an "<AOO file>.tar.gz: OK" statement.
+ <li>When both hash values match it is indicated with an "<AOO file>.tar.gz: OK" statement.
<br />Otherwise "md5sum: WARNING: 1 of 1 computed checksum did NOT match".</li>
- <li>If the checksums do not match, please see the <a href="#checksums-notify"
- title="What to do when the checksums do not match?">section below</a>.</li>
+ <li>If the hash values do not match, please see the <a href="#no_match"
+ title="What to do when the values do not match?">section below</a>.</li>
</ul>
<br />
-<p id="md5_macos"><b>This is how you verify MD5 checksums on Mac OS</b></p>
+<p id="md5_macos"><b>This is how you verify MD5 hash values on Mac OS</b></p>
<br />
<ul>
@@ -170,9 +175,9 @@ was not manipulated by an unauthorized t
<li><pre>cd <path_to_AOO_and_MD5_file></pre></li>
<li><pre>openssl dgst -md5 <AOO file>.dmg</pre></li>
<li><pre>cat <MD5 file>.md5</pre></li>
- <li>Now compare both MD5 checksums.</li>
- <li>If the checksums do not match, please see the <a href="#checksums-notify"
- title="What to do when the checksums do not match?">section below</a>.</li>
+ <li>Now compare both MD5 hash values.</li>
+ <li>If the hash values do not match, please see the <a href="#no_match"
+ title="What to do when the values do not match?">section below</a>.</li>
</ul>
<br />
@@ -182,7 +187,7 @@ title="How to use MD5 hashes">how to use
<h4>Verify with SHA256 hashes</h4>
-<p id="sha256_win"><b>This is how you verify SHA256 checksums on Windows</b></p>
+<p id="sha256_win"><b>This is how you verify SHA256 hash values on Windows</b></p>
<br />
<ul>
@@ -199,12 +204,12 @@ title="How to use MD5 hashes">how to use
copy the hash value.</li>
<li>Finally, click on [Compare].</li>
<li>When both hash values match a dialogbox shows "Checksums match". Otherwise "Checksums do not match".</li>
- <li>If the checksums do not match, please see the <a href="#checksums-notify"
- title="What to do when the checksums do not match?">section below</a>.</li>
+ <li>If the hash values do not match, please see the <a href="#no_match"
+ title="What to do when the values do not match?">section below</a>.</li>
</ul>
<br />
-<p id="sha256_linux"><b>This is how you verify SHA256 checksums on Linux</b></p>
+<p id="sha256_linux"><b>This is how you verify SHA256 hash values on Linux</b></p>
<br />
<ul>
@@ -212,14 +217,14 @@ title="How to use MD5 hashes">how to use
<li>Type in the following commands:</li>
<li><pre>cd <path_to_AOO_and_SHA256_file></pre></li>
<li><pre>sha256sum -c <AOO file>.tar.gz.sha256</pre></li>
- <li>When both checksums match it is indicated with an "<AOO file>.tar.gz: OK" statement.
+ <li>When both hash values match it is indicated with an "<AOO file>.tar.gz: OK" statement.
<br />Otherwise "sha256sum: WARNING: 1 of 1 computed checksum did NOT match".</li>
- <li>If the checksums do not match, please see the <a href="#checksums-notify"
- title="What to do when the checksums do not match?">section below</a>.</li>
+ <li>If the hash values do not match, please see the <a href="#no_match"
+ title="What to do when the values do not match?">section below</a>.</li>
</ul>
<br />
-<p id="sha256_macos"><b>This is how you verify SHA256 checksums on Mac OS</b></p>
+<p id="sha256_macos"><b>This is how you verify SHA256 hash values on Mac OS</b></p>
<br />
<ul>
@@ -228,26 +233,30 @@ title="How to use MD5 hashes">how to use
<li><pre>cd <path_to_AOO_and_SHA256_file></pre></li>
<li><pre>openssl dgst -sha256 <AOO file>.dmg</pre></li>
<li><pre>cat <SHA256 file>.sha256</pre></li>
- <li>Now compare both SHA256 checksums.</li>
- <li>If the checksums do not match, please see the <a href="#checksums-notify"
- title="What to do when the checksums do not match?">section below</a>.</li>
+ <li>Now compare both SHA256 hash values.</li>
+ <li>If the hash values do not match, please see the <a href="#no_match"
+ title="What to do when the values do not match?">section below</a>.</li>
</ul>
<br />
-<h3 id="no_match">What to do when the checksums do not match?</h3>
+<h3 id="no_match">What to do when the values do not match?</h3>
<ul>
- <li>If the checksums do not match, your downloaded AOO file is broken. Please try again a download to get a valid
+ <li>If the values do not match, your downloaded AOO file is broken. Please try again a download to get a valid
file.</li>
<li>If you are using a proxy server to get connected to the Internet try to disable this if your Internet Service
Provider is allowing this. Or enable it if it is disabled at the moment. Please consult the respective help topics for
- the used Internet browser where to find this setting.</li>
- <li>If you still get no matching checksum and you are sure it is not caused by an error during downloading, please
- inform the project. Make sure you have the following information at hand: exact file name of the downloaded file and
- checksum file, the processed checksum from your computer, have you used proxy server (yes/no)?, if known from where the
- files were downloaded.</li>
- <li>With this information send a mail to us via the following ways:</li>
- <li><a href="mailto:users%40openoffice.apache.org"
+ the used Internet browser where to find this setting. Then try again to download and verify the file.</li>
+ <li>If you still get no matching values and you are sure it is not caused by an error during downloading, please
+ notify the Apache OpenOffice project. Before doing this, make sure you have the following information at hand:<br />
+ 1) exact file name of the downloaded file<br />
+ 2) the downloaded signature/hash file<br />
+ 3) the processed signature/hash from your computer<br />
+ 4) the exact file size in byte<br />
+ 5) have you used a proxy server (yes/no)?<br />
+ 6) the server or source from where the files was downloaded.</li>
+ <li>With this information send a mail via the following ways:</li>
+ <li><a href="mailto:users@openoffice.apache.org"
title="User's mailing list (to receive answers you need to be subscribed)">User's mailing list</a> <b>*)</b></li>
<li><a href="http://user.services.openoffice.org" title="User forums (different languages)">
User forums (different languages)</a></li>