apt/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum

#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"

setupenvironment
configarchitecture 'native'

cat > aptarchive/Sources <<EOF
Package: pkg-md5-ok
Binary: pkg-md5-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz

Package: pkg-sha1-ok
Binary: pkg-sha1-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz

Package: pkg-sha256-ok
Binary: pkg-sha256-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz

Package: pkg-size-bad
Binary: pkg-size-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 2 pkg-size-bad_1.0.dsc
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 4 pkg-size-bad_1.0.tar.gz

Package: pkg-sha256-bad
Binary: pkg-sha256-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz
Checksums-Sha256:
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz

Package: pkg-md5-bad
Binary: pkg-md5-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz

Package: pkg-no-md5
Binary: pkg-no-md5
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz

Package: pkg-mixed-ok
Binary: pkg-mixed-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc

Package: pkg-mixed-sha1-bad
Binary: pkg-mixed-sha1-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc
Checksums-Sha256:
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz

Package: pkg-mixed-sha2-bad
Binary: pkg-mixed-sha2-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc
Checksums-Sha256:
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz

Package: pkg-md5-disagree
Binary: pkg-md5-disagree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz

Package: pkg-md5-agree
Binary: pkg-md5-agree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc

Package: pkg-sha256-disagree
Binary: pkg-sha256-disagree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz
EOF

# create fetchable files
for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
	 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
	 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
	 'pkg-md5-bad' 'pkg-size-bad'; do
	echo -n 'dsc' > aptarchive/${x}_1.0.dsc
	echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
done

setupaptarchive --no-update
changetowebserver
testsuccess aptget update

cd downloaded

testok() {
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	testsuccessequal "Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source -d "$@"
	msgtest 'Files were successfully downloaded for' "$1"
	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
}

testkeep() {
	echo -n 'dsc' > ${1}_1.0.dsc
	echo -n 'tar' > ${1}_1.0.tar.gz
	testsuccessequal "Reading package lists...
Skipping already downloaded file '${1}_1.0.dsc'
Skipping already downloaded file '${1}_1.0.tar.gz'
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@"
	msgtest 'Files already downloaded are kept for' "$1"
	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
}

testnohash() {
	#FIXME: Maybe we should fail in this case instead of skipping
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	testsuccessequal "Reading package lists...
Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@"
	msgtest 'Files are not downloaded for' "$1"
	testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
}

testmismatch() {
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	local FAILURE
	if [ "$1" = 'pkg-size-bad' ]; then
		FAILURE="Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [2 B]
Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
  File has unexpected size (3 != 2). Mirror sync in progress?
  Hashes of expected file:
   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
   - Filesize:2 [weak]
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [4 B]
Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
  File has unexpected size (3 != 4). Mirror sync in progress?
  Hashes of expected file:
   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
   - Filesize:4 [weak]
E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  File has unexpected size (3 != 2). Mirror sync in progress?
   Hashes of expected file:
    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
    - Filesize:2 [weak]
E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  File has unexpected size (3 != 4). Mirror sync in progress?
   Hashes of expected file:
    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
    - Filesize:4 [weak]
E: Failed to fetch some archives."
	elif [ "$1" = 'pkg-md5-bad' ]; then
		FAILURE="Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
  Hash Sum mismatch
  Hashes of expected file:
   - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak]
   - Filesize:3 [weak]
  Hashes of received file:
   - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a
   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
   - Filesize:3 [weak]
  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
  Hash Sum mismatch
  Hashes of expected file:
   - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak]
   - Filesize:3 [weak]
  Hashes of received file:
   - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0
   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
   - Filesize:3 [weak]
  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Hash Sum mismatch
   Hashes of expected file:
    - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak]
    - Filesize:3 [weak]
   Hashes of received file:
    - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a
    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
    - Filesize:3 [weak]
   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
   Hashes of expected file:
    - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak]
    - Filesize:3 [weak]
   Hashes of received file:
    - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0
    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
    - Filesize:3 [weak]
   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
E: Failed to fetch some archives."
	else
		FAILURE="Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
  Hash Sum mismatch
  Hashes of expected file:
   - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
   - Filesize:3 [weak]
   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
  Hashes of received file:
   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
   - Filesize:3 [weak]
  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
  Hash Sum mismatch
  Hashes of expected file:
   - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
   - Filesize:3 [weak]
   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
  Hashes of received file:
   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
   - Filesize:3 [weak]
  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Hash Sum mismatch
   Hashes of expected file:
    - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
    - Filesize:3 [weak]
    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
   Hashes of received file:
    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
    - Filesize:3 [weak]
   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
   Hashes of expected file:
    - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
    - Filesize:3 [weak]
    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
   Hashes of received file:
    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
    - Filesize:3 [weak]
   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
E: Failed to fetch some archives."
	fi
	testfailureequal "$FAILURE" aptget source -d "$@"
	msgtest 'Files were not download as they have hashsum mismatches for' "$1"
	testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz

	if [ "$2" != '--allow-unauthenticated' ]; then
		rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
		testsuccessequal "Reading package lists...
Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
		msgtest 'Files were not download as hash is unavailable for' "$1"
		testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	fi

	if [ "$1" != 'pkg-size-bad' ]; then
		rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
		testsuccessequal "Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
		msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
		testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	fi
}

testnohash pkg-md5-ok
testnohash pkg-sha1-ok
testok pkg-sha256-ok
testkeep pkg-sha256-ok

# pkg-sha256-bad has a bad SHA sum, but good MD5 sum.  If apt is
# checking the best available hash (as it should), this will trigger
# a hash mismatch.
testmismatch pkg-sha256-bad
testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum

testnohash pkg-md5-bad
testmismatch pkg-md5-bad --allow-unauthenticated

testmismatch pkg-size-bad

# not having MD5 sum doesn't mean the file doesn't exist at all …
testok pkg-no-md5
testok pkg-no-md5 -o Acquire::ForceHash=SHA256
testsuccessequal "Reading package lists...
Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum
msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5'
testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz

# deal with cases in which we haven't for all files the same checksum type
# mostly pathologic as this shouldn't happen, but just to be sure
testsuccessequal "Reading package lists...
Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-ok 1.0 (dsc) [3 B]
Download complete and in download only mode" aptget source -d pkg-mixed-ok

testsuccessequal  "Reading package lists...
Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha1-bad 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad
msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
testfailureequal "Reading package lists...
Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar) [3 B]
Err:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar)
  Hash Sum mismatch
  Hashes of expected file:
   - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
   - Filesize:3 [weak]
  Hashes of received file:
   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
   - Filesize:3 [weak]
  Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz')
E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz  Hash Sum mismatch
   Hashes of expected file:
    - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
    - Filesize:3 [weak]
   Hashes of received file:
    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
    - Filesize:3 [weak]
   Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz')
E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad

# it gets even more pathologic: multiple entries for one file, some even disagreeing!
testnohash pkg-md5-agree
testfailureequal 'Reading package lists...
E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
testfailureequal 'Reading package lists...
E: Error parsing checksum in Checksums-Sha256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree