From 851b6a097165af4d51c0db01b5e05256e5006896 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 11:00:48 +0200 Subject: Adding upstream version 2.6.1. Signed-off-by: Daniel Baumann --- .../test-ubuntu-bug-1098738-apt-get-source-md5sum | 444 +++++++++++++++++++++ 1 file changed, 444 insertions(+) create mode 100755 test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum (limited to 'test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum') diff --git a/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum new file mode 100755 index 0000000..6a66094 --- /dev/null +++ b/test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum @@ -0,0 +1,444 @@ +#!/bin/sh +set -e + +TESTDIR="$(readlink -f "$(dirname "$0")")" +. "$TESTDIR/framework" + +setupenvironment +configarchitecture 'native' + +cat > aptarchive/Sources < +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz + +Package: pkg-sha1-ok +Binary: pkg-sha1-ok +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz + +Package: pkg-sha256-ok +Binary: pkg-sha256-ok +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz + +Package: pkg-size-bad +Binary: pkg-size-bad +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 2 pkg-size-bad_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 4 pkg-size-bad_1.0.tar.gz + +Package: pkg-sha256-bad +Binary: pkg-sha256-bad +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz +Checksums-Sha256: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz + +Package: pkg-md5-bad +Binary: pkg-md5-bad +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz + +Package: pkg-no-md5 +Binary: pkg-no-md5 +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz + +Package: pkg-mixed-ok +Binary: pkg-mixed-ok +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Checksums-Sha1: + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc + +Package: pkg-mixed-sha1-bad +Binary: pkg-mixed-sha1-bad +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Checksums-Sha1: + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc +Checksums-Sha256: + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz + +Package: pkg-mixed-sha2-bad +Binary: pkg-mixed-sha2-bad +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc +Checksums-Sha256: + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz + +Package: pkg-md5-disagree +Binary: pkg-md5-disagree +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz + +Package: pkg-md5-agree +Binary: pkg-md5-agree +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz + 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc + +Package: pkg-sha256-disagree +Binary: pkg-sha256-disagree +Version: 1.0 +Maintainer: Joe Sixpack +Architecture: all +Files: + 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc + db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz +Checksums-Sha1: + 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc + 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz +Checksums-Sha256: + 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc + 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz + aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc + bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz +EOF + +# create fetchable files +for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \ + 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \ + 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \ + 'pkg-md5-bad' 'pkg-size-bad'; do + echo -n 'dsc' > aptarchive/${x}_1.0.dsc + echo -n 'tar' > aptarchive/${x}_1.0.tar.gz +done + +setupaptarchive --no-update +changetowebserver +testsuccess aptget update + +cd downloaded + +testok() { + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testsuccessequal "Reading package lists... +Need to get 6 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files were successfully downloaded for' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz +} + +testkeep() { + echo -n 'dsc' > ${1}_1.0.dsc + echo -n 'tar' > ${1}_1.0.tar.gz + testsuccessequal "Reading package lists... +Skipping already downloaded file '${1}_1.0.dsc' +Skipping already downloaded file '${1}_1.0.tar.gz' +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files already downloaded are kept for' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz +} + +testnohash() { + #FIXME: Maybe we should fail in this case instead of skipping + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testsuccessequal "Reading package lists... +Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" + msgtest 'Files are not downloaded for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz +} + +testmismatch() { + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + local FAILURE + if [ "$1" = 'pkg-size-bad' ]; then + FAILURE="Reading package lists... +Need to get 6 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [2 B] +Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) + File has unexpected size (3 != 2). Mirror sync in progress? + Hashes of expected file: + - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a + - Filesize:2 [weak] +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [4 B] +Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) + File has unexpected size (3 != 4). Mirror sync in progress? + Hashes of expected file: + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - Filesize:4 [weak] +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc File has unexpected size (3 != 2). Mirror sync in progress? + Hashes of expected file: + - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a + - Filesize:2 [weak] +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz File has unexpected size (3 != 4). Mirror sync in progress? + Hashes of expected file: + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - Filesize:4 [weak] +E: Failed to fetch some archives." + elif [ "$1" = 'pkg-md5-bad' ]; then + FAILURE="Reading package lists... +Need to get 6 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] +Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) + Hash Sum mismatch + Hashes of expected file: + - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak] + - Filesize:3 [weak] + Hashes of received file: + - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a + - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] +Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) + Hash Sum mismatch + Hashes of expected file: + - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak] + - Filesize:3 [weak] + Hashes of received file: + - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0 + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Hash Sum mismatch + Hashes of expected file: + - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak] + - Filesize:3 [weak] + Hashes of received file: + - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a + - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch + Hashes of expected file: + - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak] + - Filesize:3 [weak] + Hashes of received file: + - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0 + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") +E: Failed to fetch some archives." + else + FAILURE="Reading package lists... +Need to get 6 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] +Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) + Hash Sum mismatch + Hashes of expected file: + - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + - Filesize:3 [weak] + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + Hashes of received file: + - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] +Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) + Hash Sum mismatch + Hashes of expected file: + - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb + - Filesize:3 [weak] + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + Hashes of received file: + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Hash Sum mismatch + Hashes of expected file: + - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + - Filesize:3 [weak] + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + Hashes of received file: + - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a + - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak] + - MD5Sum:9604ba9427a280db542279d9ed78400b [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc") +E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch + Hashes of expected file: + - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb + - Filesize:3 [weak] + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + Hashes of received file: + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak] + - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak] + - Filesize:3 [weak] + Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz") +E: Failed to fetch some archives." + fi + testfailureequal "$FAILURE" aptget source -d "$@" + msgtest 'Files were not download as they have hashsum mismatches for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + + if [ "$2" != '--allow-unauthenticated' ]; then + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testsuccessequal "Reading package lists... +Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26 + msgtest 'Files were not download as hash is unavailable for' "$1" + testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + fi + + if [ "$1" != 'pkg-size-bad' ]; then + rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz + testsuccessequal "Reading package lists... +Need to get 6 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B] +Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B] +Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26 + msgtest 'Files were downloaded unauthenticated as user allowed it' "$1" + testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz + fi +} + +testnohash pkg-md5-ok +testnohash pkg-sha1-ok +testok pkg-sha256-ok +testkeep pkg-sha256-ok + +# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is +# checking the best available hash (as it should), this will trigger +# a hash mismatch. +testmismatch pkg-sha256-bad +testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum + +testnohash pkg-md5-bad +testmismatch pkg-md5-bad --allow-unauthenticated + +testmismatch pkg-size-bad + +# not having MD5 sum doesn't mean the file doesn't exist at all … +testok pkg-no-md5 +testok pkg-no-md5 -o Acquire::ForceHash=SHA256 +testsuccessequal "Reading package lists... +Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication +Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 0 B of source archives. +Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum +msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5' +testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz + +# deal with cases in which we haven't for all files the same checksum type +# mostly pathologic as this shouldn't happen, but just to be sure +testsuccessequal "Reading package lists... +Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication +Need to get 3 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-ok 1.0 (dsc) [3 B] +Download complete and in download only mode" aptget source -d pkg-mixed-ok + +testsuccessequal "Reading package lists... +Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication +Need to get 3 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (tar) [3 B] +Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad +msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad' +testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz +testfailureequal "Reading package lists... +Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication +Need to get 3 B of source archives. +Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) [3 B] +Err:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) + Hash Sum mismatch + Hashes of expected file: + - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb + - Filesize:3 [weak] + Hashes of received file: + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - Filesize:3 [weak] + Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz') +E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch + Hashes of expected file: + - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb + - Filesize:3 [weak] + Hashes of received file: + - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb + - Filesize:3 [weak] + Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz') +E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad + +# it gets even more pathologic: multiple entries for one file, some even disagreeing! +testnohash pkg-md5-agree +testfailureequal 'Reading package lists... +E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree +testfailureequal 'Reading package lists... +E: Error parsing checksum in Checksums-Sha256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree -- cgit v1.2.3