[apt.git] / test / integration / test-ubuntu-bug-1098738-apt-get-source-md5sum

#!/bin/sh
set -e

TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"

setupenvironment
configarchitecture 'native'

cat > aptarchive/Sources <<EOF
Package: pkg-md5-ok
Binary: pkg-md5-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz

Package: pkg-sha1-ok
Binary: pkg-sha1-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz

Package: pkg-sha256-ok
Binary: pkg-sha256-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz

Package: pkg-sha256-bad
Binary: pkg-sha256-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz
Checksums-Sha256:
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz

Package: pkg-md5-bad
Binary: pkg-md5-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz

Package: pkg-no-md5
Binary: pkg-no-md5
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz

Package: pkg-mixed-ok
Binary: pkg-mixed-ok
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc

Package: pkg-mixed-sha1-bad
Binary: pkg-mixed-sha1-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc
Checksums-Sha256:
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz

Package: pkg-mixed-sha2-bad
Binary: pkg-mixed-sha2-bad
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc
Checksums-Sha256:
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz

Package: pkg-md5-disagree
Binary: pkg-md5-disagree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz

Package: pkg-md5-agree
Binary: pkg-md5-agree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
 9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc

Package: pkg-sha256-disagree
Binary: pkg-sha256-disagree
Version: 1.0
Maintainer: Joe Sixpack <joe@example.org>
Architecture: all
Files:
 9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc
 db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz
Checksums-Sha1:
 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc
 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz
Checksums-Sha256:
 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc
 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz
 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc
 bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz
EOF

# create fetchable files
for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
	 'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
	 'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
	 'pkg-md5-bad'; do
	echo -n 'dsc' > aptarchive/${x}_1.0.dsc
	echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
done

setupaptarchive --no-update
changetowebserver
testsuccess aptget update

cd downloaded

testok() {
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	testsuccessequal "Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source -d "$@"
	msgtest 'Files were successfully downloaded for' "$1"
	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
}

testkeep() {
	echo -n 'dsc' > ${1}_1.0.dsc
	echo -n 'tar' > ${1}_1.0.tar.gz
	testsuccessequal "Reading package lists...
Skipping already downloaded file '${1}_1.0.dsc'
Skipping already downloaded file '${1}_1.0.tar.gz'
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@"
	msgtest 'Files already downloaded are kept for' "$1"
	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
}

testnohash() {
	#FIXME: Maybe we should fail in this case instead of skipping
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	testsuccessequal "Reading package lists...
Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@"
	msgtest 'Files are not downloaded for' "$1"
	testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
}

testmismatch() {
	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	testfailureequal "Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
  Hash Sum mismatch
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
  Hash Sum mismatch
E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Hash Sum mismatch

E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch

E: Failed to fetch some archives." aptget source -d "$@"
	msgtest 'Files were not download as they have hashsum mismatches for' "$1"
	testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz

	if [ "$2" != '--allow-unauthenticated' ]; then
		rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
		testsuccessequal "Reading package lists...
Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
		msgtest 'Files were not download as hash is unavailable for' "$1"
		testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	fi

	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	testsuccessequal "Reading package lists...
Need to get 6 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
	msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
}

testnohash pkg-md5-ok
testnohash pkg-sha1-ok
testok pkg-sha256-ok
testkeep pkg-sha256-ok

# pkg-sha256-bad has a bad SHA sum, but good MD5 sum.  If apt is
# checking the best available hash (as it should), this will trigger
# a hash mismatch.
testmismatch pkg-sha256-bad
testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum

testnohash pkg-md5-bad
testmismatch pkg-md5-bad --allow-unauthenticated

# not having MD5 sum doesn't mean the file doesn't exist at all …
testok pkg-no-md5
testok pkg-no-md5 -o Acquire::ForceHash=SHA256
testsuccessequal "Reading package lists...
Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 0 B of source archives.
Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum
msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5'
testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz

# deal with cases in which we haven't for all files the same checksum type
# mostly pathologic as this shouldn't happen, but just to be sure
testsuccessequal "Reading package lists...
Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-ok 1.0 (dsc) [3 B]
Download complete and in download only mode" aptget source -d pkg-mixed-ok

testsuccessequal  "Reading package lists...
Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha1-bad 1.0 (tar) [3 B]
Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad
msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
testfailureequal "Reading package lists...
Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication
Need to get 3 B of source archives.
Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar) [3 B]
Err:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar)
  Hash Sum mismatch
E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz  Hash Sum mismatch

E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad

# it gets even more pathologic: multiple entries for one file, some even disagreeing!
testnohash pkg-md5-agree
testfailureequal 'Reading package lists...
E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
testfailureequal 'Reading package lists...
E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree
Commit	Line	Data
1262d358 DK	1	#!/bin/sh
	2	set -e
	3
3abb6a6a DK	4	TESTDIR="$(readlink -f "$(dirname "$0")")"
3abb6a6a DK	5	. "$TESTDIR/framework"
1262d358 DK	6
	7	setupenvironment
	8	configarchitecture 'native'
	9
	10	cat > aptarchive/Sources <<EOF
	11	Package: pkg-md5-ok
	12	Binary: pkg-md5-ok
	13	Version: 1.0
	14	Maintainer: Joe Sixpack <joe@example.org>
	15	Architecture: all
	16	Files:
895417ef DK	17	9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
895417ef DK	18	db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz
1262d358	19
51c04562 JAK	20	Package: pkg-sha1-ok
	21	Binary: pkg-sha1-ok
	22	Version: 1.0
	23	Maintainer: Joe Sixpack <joe@example.org>
	24	Architecture: all
	25	Files:
	26	324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc
	27	680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz
	28
1262d358 DK	29	Package: pkg-sha256-ok
	30	Binary: pkg-sha256-ok
	31	Version: 1.0
	32	Maintainer: Joe Sixpack <joe@example.org>
	33	Architecture: all
	34	Files:
895417ef DK	35	9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc
895417ef DK	36	db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz
1262d358	37	Checksums-Sha1:
895417ef DK	38	324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc
895417ef DK	39	680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz
1262d358	40	Checksums-Sha256:
895417ef DK	41	943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
895417ef DK	42	90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz
1262d358 DK	43
	44	Package: pkg-sha256-bad
	45	Binary: pkg-sha256-bad
	46	Version: 1.0
	47	Maintainer: Joe Sixpack <joe@example.org>
	48	Architecture: all
	49	Files:
895417ef DK	50	9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc
895417ef DK	51	db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz
1262d358	52	Checksums-Sha1:
895417ef DK	53	324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc
895417ef DK	54	680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz
1262d358	55	Checksums-Sha256:
895417ef DK	56	aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
895417ef DK	57	bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
1262d358	58
63d60998 DK	59	Package: pkg-md5-bad
	60	Binary: pkg-md5-bad
	61	Version: 1.0
	62	Maintainer: Joe Sixpack <joe@example.org>
	63	Architecture: all
	64	Files:
	65	aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
	66	bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz
	67
1262d358 DK	68	Package: pkg-no-md5
	69	Binary: pkg-no-md5
	70	Version: 1.0
	71	Maintainer: Joe Sixpack <joe@example.org>
	72	Architecture: all
	73	Checksums-Sha1:
895417ef DK	74	324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc
895417ef DK	75	680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz
1262d358	76	Checksums-Sha256:
895417ef DK	77	943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc
895417ef DK	78	90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz
1262d358 DK	79
	80	Package: pkg-mixed-ok
	81	Binary: pkg-mixed-ok
	82	Version: 1.0
	83	Maintainer: Joe Sixpack <joe@example.org>
	84	Architecture: all
	85	Checksums-Sha1:
895417ef	86	680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz
1262d358	87	Checksums-Sha256:
895417ef	88	943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc
1262d358 DK	89
	90	Package: pkg-mixed-sha1-bad
	91	Binary: pkg-mixed-sha1-bad
	92	Version: 1.0
	93	Maintainer: Joe Sixpack <joe@example.org>
	94	Architecture: all
	95	Checksums-Sha1:
895417ef	96	aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc
1262d358	97	Checksums-Sha256:
895417ef	98	90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz
1262d358 DK	99
	100	Package: pkg-mixed-sha2-bad
	101	Binary: pkg-mixed-sha2-bad
	102	Version: 1.0
	103	Maintainer: Joe Sixpack <joe@example.org>
	104	Architecture: all
	105	Checksums-Sha1:
895417ef	106	324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc
1262d358	107	Checksums-Sha256:
895417ef	108	bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz
1262d358 DK	109
	110	Package: pkg-md5-disagree
	111	Binary: pkg-md5-disagree
	112	Version: 1.0
	113	Maintainer: Joe Sixpack <joe@example.org>
	114	Architecture: all
	115	Files:
895417ef DK	116	9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc
	117	db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz
	118	aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc
	119	bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz
1262d358 DK	120
	121	Package: pkg-md5-agree
	122	Binary: pkg-md5-agree
	123	Version: 1.0
	124	Maintainer: Joe Sixpack <joe@example.org>
	125	Architecture: all
	126	Files:
895417ef DK	127	9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
	128	db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
	129	db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
	130	9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
1262d358 DK	131
	132	Package: pkg-sha256-disagree
	133	Binary: pkg-sha256-disagree
	134	Version: 1.0
	135	Maintainer: Joe Sixpack <joe@example.org>
	136	Architecture: all
	137	Files:
895417ef DK	138	9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc
895417ef DK	139	db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz
1262d358	140	Checksums-Sha1:
895417ef DK	141	324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc
895417ef DK	142	680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz
1262d358	143	Checksums-Sha256:
895417ef DK	144	943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc
	145	90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz
	146	aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc
	147	bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz
1262d358 DK	148	EOF
	149
	150	# create fetchable files
51c04562	151	for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
1262d358	152	'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
63d60998 DK	153	'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
63d60998 DK	154	'pkg-md5-bad'; do
895417ef DK	155	echo -n 'dsc' > aptarchive/${x}_1.0.dsc
895417ef DK	156	echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
1262d358 DK	157	done
1262d358 DK	158
63d60998	159	setupaptarchive --no-update
1262d358 DK	160	changetowebserver
	161	testsuccess aptget update
	162
03aa0847 DK	163	cd downloaded
03aa0847 DK	164
1262d358 DK	165	testok() {
1262d358 DK	166	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
25b86db1	167	testsuccessequal "Reading package lists...
895417ef	168	Need to get 6 B of source archives.
6c0765c0 DK	169	Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B]
6c0765c0 DK	170	Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B]
1262d358 DK	171	Download complete and in download only mode" aptget source -d "$@"
	172	msgtest 'Files were successfully downloaded for' "$1"
	173	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	174	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	175	}
	176
	177	testkeep() {
895417ef DK	178	echo -n 'dsc' > ${1}_1.0.dsc
895417ef DK	179	echo -n 'tar' > ${1}_1.0.tar.gz
25b86db1	180	testsuccessequal "Reading package lists...
1262d358 DK	181	Skipping already downloaded file '${1}_1.0.dsc'
	182	Skipping already downloaded file '${1}_1.0.tar.gz'
	183	Need to get 0 B of source archives.
	184	Download complete and in download only mode" aptget source -d "$@"
	185	msgtest 'Files already downloaded are kept for' "$1"
	186	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	187	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	188	}
	189
63d60998 DK	190	testnohash() {
	191	#FIXME: Maybe we should fail in this case instead of skipping
	192	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	193	testsuccessequal "Reading package lists...
63d60998 DK	194	Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
	195	Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
	196	Need to get 0 B of source archives.
	197	Download complete and in download only mode" aptget source -d "$@"
	198	msgtest 'Files are not downloaded for' "$1"
	199	testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
	200	}
	201
1262d358 DK	202	testmismatch() {
1262d358 DK	203	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
25b86db1	204	testfailureequal "Reading package lists...
895417ef	205	Need to get 6 B of source archives.
6c0765c0 DK	206	Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B]
6c0765c0 DK	207	Err:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc)
448c38bd	208	Hash Sum mismatch
6c0765c0 DK	209	Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B]
6c0765c0 DK	210	Err:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar)
448c38bd	211	Hash Sum mismatch
6c0765c0	212	E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc Hash Sum mismatch
1262d358	213
6c0765c0	214	E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz Hash Sum mismatch
1262d358 DK	215
	216	E: Failed to fetch some archives." aptget source -d "$@"
	217	msgtest 'Files were not download as they have hashsum mismatches for' "$1"
	218	testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	219
63d60998 DK	220	if [ "$2" != '--allow-unauthenticated' ]; then
	221	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
	222	testsuccessequal "Reading package lists...
63d60998 DK	223	Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
63d60998 DK	224	Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
1262d358 DK	225	Need to get 0 B of source archives.
1262d358 DK	226	Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
63d60998 DK	227	msgtest 'Files were not download as hash is unavailable for' "$1"
	228	testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	229	fi
1262d358 DK	230
1262d358 DK	231	rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
25b86db1	232	testsuccessequal "Reading package lists...
895417ef	233	Need to get 6 B of source archives.
6c0765c0 DK	234	Get:1 http://localhost:${APTHTTPPORT} $1 1.0 (dsc) [3 B]
6c0765c0 DK	235	Get:2 http://localhost:${APTHTTPPORT} $1 1.0 (tar) [3 B]
1262d358 DK	236	Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
	237	msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
	238	testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
	239	}
	240
63d60998	241	testnohash pkg-md5-ok
51c04562	242	testnohash pkg-sha1-ok
1262d358 DK	243	testok pkg-sha256-ok
	244	testkeep pkg-sha256-ok
	245
	246	# pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is
	247	# checking the best available hash (as it should), this will trigger
	248	# a hash mismatch.
	249	testmismatch pkg-sha256-bad
1262d358 DK	250	testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
1262d358 DK	251
63d60998 DK	252	testnohash pkg-md5-bad
	253	testmismatch pkg-md5-bad --allow-unauthenticated
	254
1262d358	255	# not having MD5 sum doesn't mean the file doesn't exist at all …
63d60998	256	testok pkg-no-md5
1262d358	257	testok pkg-no-md5 -o Acquire::ForceHash=SHA256
25b86db1	258	testsuccessequal "Reading package lists...
1262d358 DK	259	Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
	260	Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
	261	Need to get 0 B of source archives.
	262	Download complete and in download only mode" aptget source -d pkg-no-md5 -o Acquire::ForceHash=MD5Sum
	263	msgtest 'Files were not download as MD5 is not available for this package' 'pkg-no-md5'
	264	testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz
	265
	266	# deal with cases in which we haven't for all files the same checksum type
	267	# mostly pathologic as this shouldn't happen, but just to be sure
51c04562 JAK	268	testsuccessequal "Reading package lists...
	269	Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication
	270	Need to get 3 B of source archives.
	271	Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-ok 1.0 (dsc) [3 B]
	272	Download complete and in download only mode" aptget source -d pkg-mixed-ok
	273
	274	testsuccessequal "Reading package lists...
	275	Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication
	276	Need to get 3 B of source archives.
6c0765c0	277	Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha1-bad 1.0 (tar) [3 B]
51c04562	278	Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad
1262d358 DK	279	msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
1262d358 DK	280	testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
6c0765c0	281	testfailureequal "Reading package lists...
51c04562 JAK	282	Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication
51c04562 JAK	283	Need to get 3 B of source archives.
6c0765c0 DK	284	Get:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar) [3 B]
6c0765c0 DK	285	Err:1 http://localhost:${APTHTTPPORT} pkg-mixed-sha2-bad 1.0 (tar)
448c38bd	286	Hash Sum mismatch
6c0765c0	287	E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz Hash Sum mismatch
1262d358	288
6c0765c0	289	E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad
1262d358 DK	290
1262d358 DK	291	# it gets even more pathologic: multiple entries for one file, some even disagreeing!
63d60998	292	testnohash pkg-md5-agree
25b86db1	293	testfailureequal 'Reading package lists...
1262d358	294	E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
25b86db1	295	testfailureequal 'Reading package lists...
1262d358	296	E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree