randomize acquire order for same type index files
[apt.git] / test / integration / test-ubuntu-bug-1098738-apt-get-source-md5sum
index 9bdc812647624549274ef23d18a1cb06d2cf5095..a60f0bd3a80ac65c68c98e4200e23ededc6e67ef 100755 (executable)
@@ -1,8 +1,8 @@
 set -e
 set -e
-TESTDIR=$(readlink -f $(dirname $0))
-. $TESTDIR/framework
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
 configarchitecture 'native'
 configarchitecture 'native'
@@ -14,8 +14,17 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-ok_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-ok_1.0.tar.gz
+ 9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz
+Package: pkg-sha1-ok
+Binary: pkg-sha1-ok
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+ 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc
+ 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz
 Package: pkg-sha256-ok
 Binary: pkg-sha256-ok
 Package: pkg-sha256-ok
 Binary: pkg-sha256-ok
@@ -23,14 +32,23 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-ok_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-ok_1.0.tar.gz
9604ba9427a280db542279d9ed78400b 3 pkg-sha256-ok_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-ok_1.0.tar.gz
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-ok_1.0.dsc
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-ok_1.0.tar.gz
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-ok_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-ok_1.0.tar.gz
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-sha256-ok_1.0.dsc
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-sha256-ok_1.0.tar.gz
+ 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
+ 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz
+Package: pkg-size-bad
+Binary: pkg-size-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+ 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 2 pkg-size-bad_1.0.dsc
+ 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 4 pkg-size-bad_1.0.tar.gz
 Package: pkg-sha256-bad
 Binary: pkg-sha256-bad
 Package: pkg-sha256-bad
 Binary: pkg-sha256-bad
@@ -38,14 +56,23 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-bad_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-bad_1.0.tar.gz
9604ba9427a280db542279d9ed78400b 3 pkg-sha256-bad_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-bad_1.0.tar.gz
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-bad_1.0.dsc
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-bad_1.0.tar.gz
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-bad_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-bad_1.0.tar.gz
- aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0 pkg-sha256-bad_1.0.dsc
- bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 0 pkg-sha256-bad_1.0.tar.gz
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
+Package: pkg-md5-bad
+Binary: pkg-md5-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz
 Package: pkg-no-md5
 Binary: pkg-no-md5
 Package: pkg-no-md5
 Binary: pkg-no-md5
@@ -53,11 +80,11 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-no-md5_1.0.dsc
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-no-md5_1.0.tar.gz
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-no-md5_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-no-md5_1.0.tar.gz
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-no-md5_1.0.dsc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-no-md5_1.0.tar.gz
943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-no-md5_1.0.dsc
90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-no-md5_1.0.tar.gz
 Package: pkg-mixed-ok
 Binary: pkg-mixed-ok
 Package: pkg-mixed-ok
 Binary: pkg-mixed-ok
@@ -65,9 +92,9 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-mixed-ok_1.0.tar.gz
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-mixed-ok_1.0.tar.gz
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-mixed-ok_1.0.dsc
943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-mixed-ok_1.0.dsc
 Package: pkg-mixed-sha1-bad
 Binary: pkg-mixed-sha1-bad
 Package: pkg-mixed-sha1-bad
 Binary: pkg-mixed-sha1-bad
@@ -75,9 +102,9 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
- aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0 pkg-mixed-sha1-bad_1.0.dsc
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-mixed-sha1-bad_1.0.dsc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-mixed-sha1-bad_1.0.tar.gz
90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-mixed-sha1-bad_1.0.tar.gz
 Package: pkg-mixed-sha2-bad
 Binary: pkg-mixed-sha2-bad
 Package: pkg-mixed-sha2-bad
 Binary: pkg-mixed-sha2-bad
@@ -85,9 +112,9 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-mixed-sha2-bad_1.0.dsc
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-mixed-sha2-bad_1.0.dsc
- bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 0 pkg-mixed-sha2-bad_1.0.tar.gz
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-mixed-sha2-bad_1.0.tar.gz
 Package: pkg-md5-disagree
 Binary: pkg-md5-disagree
 Package: pkg-md5-disagree
 Binary: pkg-md5-disagree
@@ -95,10 +122,10 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-disagree_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-disagree_1.0.tar.gz
- aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0 pkg-md5-disagree_1.0.dsc
- bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 0 pkg-md5-disagree_1.0.tar.gz
9604ba9427a280db542279d9ed78400b 3 pkg-md5-disagree_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-disagree_1.0.tar.gz
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-disagree_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-disagree_1.0.tar.gz
 Package: pkg-md5-agree
 Binary: pkg-md5-agree
 Package: pkg-md5-agree
 Binary: pkg-md5-agree
@@ -106,10 +133,10 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-agree_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-agree_1.0.tar.gz
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-agree_1.0.tar.gz
d41d8cd98f00b204e9800998ecf8427e 0 pkg-md5-agree_1.0.dsc
9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-agree_1.0.tar.gz
9604ba9427a280db542279d9ed78400b 3 pkg-md5-agree_1.0.dsc
 Package: pkg-sha256-disagree
 Binary: pkg-sha256-disagree
 Package: pkg-sha256-disagree
 Binary: pkg-sha256-disagree
@@ -117,36 +144,39 @@ Version: 1.0
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
 Maintainer: Joe Sixpack <joe@example.org>
 Architecture: all
d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-disagree_1.0.dsc
- d41d8cd98f00b204e9800998ecf8427e 0 pkg-sha256-disagree_1.0.tar.gz
9604ba9427a280db542279d9ed78400b 3 pkg-sha256-disagree_1.0.dsc
+ db5570bf61464b46e2bde31ed61a7dc6 3 pkg-sha256-disagree_1.0.tar.gz
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-disagree_1.0.dsc
da39a3ee5e6b4b0d3255bfef95601890afd80709 0 pkg-sha256-disagree_1.0.tar.gz
324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha256-disagree_1.0.dsc
680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha256-disagree_1.0.tar.gz
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-sha256-disagree_1.0.dsc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 0 pkg-sha256-disagree_1.0.tar.gz
- aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 0 pkg-sha256-disagree_1.0.dsc
- bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 0 pkg-sha256-disagree_1.0.tar.gz
943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-disagree_1.0.dsc
90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-disagree_1.0.tar.gz
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-disagree_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-disagree_1.0.tar.gz
 # create fetchable files
 # create fetchable files
-for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
+for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
         'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
         'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
-        'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree'; do
-       touch aptarchive/${x}_1.0.dsc aptarchive/${x}_1.0.tar.gz
+        'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
+        'pkg-md5-bad' 'pkg-size-bad'; do
+       echo -n 'dsc' > aptarchive/${x}_1.0.dsc
+       echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
+setupaptarchive --no-update
 testsuccess aptget update
 testsuccess aptget update
+cd downloaded
 testok() {
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
 testok() {
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
-Need to get 0 B of source archives.
-Get:1 http://localhost:8080/  $1 1.0 (dsc)
-Get:2 http://localhost:8080/  $1 1.0 (tar)
+       testsuccessequal "Reading package lists...
+Need to get 6 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
 Download complete and in download only mode" aptget source -d "$@"
        msgtest 'Files were successfully downloaded for' "$1"
        testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
 Download complete and in download only mode" aptget source -d "$@"
        msgtest 'Files were successfully downloaded for' "$1"
        testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
@@ -154,9 +184,9 @@ Download complete and in download only mode" aptget source -d "$@"
 testkeep() {
 testkeep() {
-       touch ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
+       echo -n 'dsc' > ${1}_1.0.dsc
+       echo -n 'tar' > ${1}_1.0.tar.gz
+       testsuccessequal "Reading package lists...
 Skipping already downloaded file '${1}_1.0.dsc'
 Skipping already downloaded file '${1}_1.0.tar.gz'
 Need to get 0 B of source archives.
 Skipping already downloaded file '${1}_1.0.dsc'
 Skipping already downloaded file '${1}_1.0.tar.gz'
 Need to get 0 B of source archives.
@@ -166,44 +196,191 @@ Download complete and in download only mode" aptget source -d "$@"
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-testmismatch() {
+testnohash() {
+       #FIXME: Maybe we should fail in this case instead of skipping
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
+       testsuccessequal "Reading package lists...
+Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
 Need to get 0 B of source archives.
 Need to get 0 B of source archives.
-Get:1 http://localhost:8080/  $1 1.0 (dsc)
-Get:2 http://localhost:8080/  $1 1.0 (tar)
-E: Failed to fetch http://localhost:8080/${1}_1.0.dsc  Hash Sum mismatch
-E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz  Hash Sum mismatch
+Download complete and in download only mode" aptget source -d "$@"
+       msgtest 'Files are not downloaded for' "$1"
+       testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
-E: Failed to fetch some archives." aptget source -d "$@"
+testmismatch() {
+       rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+       local FAILURE
+       if [ "$1" = 'pkg-size-bad' ]; then
+               FAILURE="Reading package lists...
+Need to get 6 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [2 B]
+Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
+  Writing more data than expected (3 > 2)
+  Hashes of expected file:
+   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+   - Checksum-FileSize:2 [weak]
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [4 B]
+Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - Checksum-FileSize:4 [weak]
+  Hashes of received file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Writing more data than expected (3 > 2)
+   Hashes of expected file:
+    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+    - Checksum-FileSize:2 [weak]
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - Checksum-FileSize:4 [weak]
+   Hashes of received file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch some archives."
+       elif [ "$1" = 'pkg-md5-bad' ]; then
+               FAILURE="Reading package lists...
+Need to get 6 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak]
+   - Checksum-FileSize:3 [weak]
+  Hashes of received file:
+   - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a
+   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
+Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak]
+   - Checksum-FileSize:3 [weak]
+  Hashes of received file:
+   - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Hash Sum mismatch
+   Hashes of expected file:
+    - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak]
+    - Checksum-FileSize:3 [weak]
+   Hashes of received file:
+    - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a
+    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak]
+    - Checksum-FileSize:3 [weak]
+   Hashes of received file:
+    - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch some archives."
+       else
+               FAILURE="Reading package lists...
+Need to get 6 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+   - Checksum-FileSize:3 [weak]
+   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+  Hashes of received file:
+   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
+Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+   - Checksum-FileSize:3 [weak]
+   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+  Hashes of received file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+    - Checksum-FileSize:3 [weak]
+    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+   Hashes of received file:
+    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+    - Checksum-FileSize:3 [weak]
+    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+   Hashes of received file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch some archives."
+       fi
+       testfailureequal "$FAILURE" aptget source -d "$@"
        msgtest 'Files were not download as they have hashsum mismatches for' "$1"
        testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
        msgtest 'Files were not download as they have hashsum mismatches for' "$1"
        testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
-       rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
-Skipping download of file 'pkg-sha256-bad_1.0.dsc' as requested hashsum is not available for authentication
-Skipping download of file 'pkg-sha256-bad_1.0.tar.gz' as requested hashsum is not available for authentication
+       if [ "$2" != '--allow-unauthenticated' ]; then
+               rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+               testsuccessequal "Reading package lists...
+Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
 Need to get 0 B of source archives.
 Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
 Need to get 0 B of source archives.
 Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
-       msgtest 'Files were not download as hash is unavailable for' "$1"
-       testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+               msgtest 'Files were not download as hash is unavailable for' "$1"
+               testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+       fi
-       rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
-Need to get 0 B of source archives.
-Get:1 http://localhost:8080/  $1 1.0 (dsc)
-Get:2 http://localhost:8080/  $1 1.0 (tar)
+       if [ "$1" != 'pkg-size-bad' ]; then
+               rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+               testsuccessequal "Reading package lists...
+Need to get 6 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
 Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
 Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
-       msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
-       testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+               msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
+               testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+       fi
-testok pkg-md5-ok
-testkeep pkg-md5-ok
+testnohash pkg-md5-ok
+testnohash pkg-sha1-ok
 testok pkg-sha256-ok
 testkeep pkg-sha256-ok
 testok pkg-sha256-ok
 testkeep pkg-sha256-ok
@@ -211,14 +388,17 @@ testkeep pkg-sha256-ok
 # checking the best available hash (as it should), this will trigger
 # a hash mismatch.
 testmismatch pkg-sha256-bad
 # checking the best available hash (as it should), this will trigger
 # a hash mismatch.
 testmismatch pkg-sha256-bad
-testmismatch pkg-sha256-bad
 testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
 testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
+testnohash pkg-md5-bad
+testmismatch pkg-md5-bad --allow-unauthenticated
+testmismatch pkg-size-bad
 # not having MD5 sum doesn't mean the file doesn't exist at all …
 testok pkg-no-md5
 testok pkg-no-md5 -o Acquire::ForceHash=SHA256
 # not having MD5 sum doesn't mean the file doesn't exist at all …
 testok pkg-no-md5
 testok pkg-no-md5 -o Acquire::ForceHash=SHA256
-testequal "Reading package lists...
-Building dependency tree...
+testsuccessequal "Reading package lists...
 Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
 Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
 Need to get 0 B of source archives.
 Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
 Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
 Need to get 0 B of source archives.
@@ -228,33 +408,45 @@ testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz
 # deal with cases in which we haven't for all files the same checksum type
 # mostly pathologic as this shouldn't happen, but just to be sure
 # deal with cases in which we haven't for all files the same checksum type
 # mostly pathologic as this shouldn't happen, but just to be sure
-testok pkg-mixed-ok
-testequal 'Reading package lists...
-Building dependency tree...
-Need to get 0 B of source archives.
-Get:1 http://localhost:8080/  pkg-mixed-sha1-bad 1.0 (tar)
-Get:2 http://localhost:8080/  pkg-mixed-sha1-bad 1.0 (dsc)
-E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc  Hash Sum mismatch
+testsuccessequal "Reading package lists...
+Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication
+Need to get 3 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-ok 1.0 (dsc) [3 B]
+Download complete and in download only mode" aptget source -d pkg-mixed-ok
-E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad
+testsuccessequal  "Reading package lists...
+Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication
+Need to get 3 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha1-bad 1.0 (tar) [3 B]
+Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad
 msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
 testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
 msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
 testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
-testequal 'Reading package lists...
-Building dependency tree...
-Need to get 0 B of source archives.
-Get:1 http://localhost:8080/  pkg-mixed-sha2-bad 1.0 (tar)
-Get:2 http://localhost:8080/  pkg-mixed-sha2-bad 1.0 (dsc)
-E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz  Hash Sum mismatch
-E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad
-msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad'
-testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz
+testfailureequal "Reading package lists...
+Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication
+Need to get 3 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar) [3 B]
+Err:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+   - Checksum-FileSize:3 [weak]
+  Hashes of received file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz')
+E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+    - Checksum-FileSize:3 [weak]
+   Hashes of received file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz')
+E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad
 # it gets even more pathologic: multiple entries for one file, some even disagreeing!
 # it gets even more pathologic: multiple entries for one file, some even disagreeing!
-testok pkg-md5-agree
-testequal 'Reading package lists...
-Building dependency tree...
+testnohash pkg-md5-agree
+testfailureequal 'Reading package lists...
 E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
 E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
-testequal 'Reading package lists...
-Building dependency tree...
+testfailureequal 'Reading package lists...
 E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree
 E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree