suspicious ntpleapfetch checksum error

Steven Dodd ntpsec at
Wed May 6 10:18:12 UTC 2020

Hi Martin,

On 05/05/2020 20:14, Martin Boissonneault via users wrote:
> Hi!
> It's time for a new leap-second update (no new leap second), and I get this error in my cron job (reproduced here out of CRON):
>> root at rPi:~#  CRONJOB=1 /usr/local/bin/ntpleapfetch -e "60 days"
>> /usr/local/bin/ntpleapfetch: 1: printf: a1c168ae: expected numeric value
>> <27>May  5 14:57:05 ntpleapfetch[19554]: Checksum of /tmp/leap-seconds.19554.tmp is invalid:
>> <27>May  5 14:57:05 ntpleapfetch[19554]: EXPECTED: 0000000027c79a7d9dddcfc3bcfe616b2e2c44ea
>> <27>May  5 14:57:05 ntpleapfetch[19554]: COMPUTED: a1c168ae27c79a7d9dddcfc3bcfe616b2e2c44ea
>> <28>May  5 14:57:05 ntpleapfetch[19554]: Downloaded file /tmp/leap-seconds.19554.tmp rejected -- saved for diagnosis
>> --2020-05-05 14:57:04--
>> Resolving (,, 2606:4700:10::6814:155, ...
>> Connecting to (||:443... connected.
>> HTTP request sent, awaiting response... 200 OK
>> Length: unspecified [text/plain]
>> Saving to: ‘/tmp/leap-seconds.19554.tmp’
>>       0K ..........                                             2.70M=0.004s
>> 2020-05-05 14:57:05 (2.70 MB/s) - ‘/tmp/leap-seconds.19554.tmp’ saved [10665]

I get the same (even with the script from master).

This line in the ntpleapfetch script:

local FSHA1="`grep '^#h' $1 | tr -d '[:cntrl:]' | sed -e's/^#h//' -e's/ / 0x/g'`"

Doesn't prepend the first segment of the provided hash with 0x hence the error:

> The odd part is the //usr/local/bin/ntpleapfetch: 1: printf: a1c168ae: expected numeric value/ part, and the /a1c168ae/ part is the part later shown as zeroes in the expected checksum part. The checksum, with that part substituted, is what is computed.
> Any idea? I'm using NTPsec 1.1.8 compiled from the release tarball on the current Raspbian Buster for the Raspberry Pi 3B+.


local FSHA1="`grep '^#h' $1 | tr -d '[:cntrl:]' | sed -e's/^#h/0x/' -e's/ / 0x/g'`"

(so substituting the #h with 0x instead of just removing it) fixes it for me.

This may or may not be the right answer.

I opened a gitlab issue with this information.


More information about the users mailing list