Software: Apache. PHP/5.4.45 

uname -a: Linux webm056.cluster010.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue
Sep 17 08:14:20 UTC 2024 x86_64 

uid=243112(mycochar) gid=100(users) groups=100(users)  

Safe-mode: OFF (not secure)

/home/mycochar/www/image/photo/go/src/cmd/go/testdata/script/   drwxr-xr-x
Free 0 B of 0 B (0%)
Your ip: 216.73.216.77 - Server ip: 213.186.33.19
                            

Viewing file:     mod_sumdb.txt (1.21 KB)      -rw-r--r--

env GO111MODULE=on
env sumdb=$GOSUMDB
env proxy=$GOPROXY
env GOPROXY GONOPROXY GOSUMDB GONOSUMDB
env dbname=localhost.localdev/sumdb

# disagreeing with the sumdb produces security errors
# (this also populates tiles on the sumdb server).
cp go.mod.orig go.mod
env GOSUMDB=$sumdb' '$proxy/sumdb-wrong
! go get rsc.io/quote
stderr 'go: rsc.io/quote@v1.5.2: verifying module: checksum mismatch'
stderr 'downloaded: h1:3fEy'
stderr 'localhost.localdev/sumdb: h1:wrong'
stderr 'SECURITY ERROR\nThis download does NOT match the one reported by the checksum server.'
! go get rsc.io/sampler
! go get golang.org/x/text

go mod edit -require rsc.io/quote@v1.5.2
! go mod tidy
stderr 'go: rsc.io/quote@v1.5.2: verifying go.mod: checksum mismatch'
stderr 'SECURITY ERROR\n'

rm go.sum

# switching to truthful sumdb detects timeline inconsistency
cp go.mod.orig go.mod
env GOSUMDB=$sumdb
! go get rsc.io/fortune
stderr 'SECURITY ERROR\ngo.sum database server misbehavior detected!'
stderr 'proof of misbehavior:'

# removing the cached wrong tree head and cached tiles clears the bad data
rm $GOPATH/pkg/sumdb/$dbname/latest
go clean -modcache
go get rsc.io/fortune

-- go.mod.orig --
module m

go 1.16
-- m.go --
package m

import _ "rsc.io/quote"