test/integration/test-ubuntu-bug-346386-apt-get-update-paywall: use downloadfile()
[apt.git] / apt-pkg / acquire-item.cc
index 09ea5da02c667deff6070e884c8fa409715e772c..6cb9b012ac9f331eb7e9664988739bd4c9ed7b79 100644 (file)
    ##################################################################### */
                                                                        /*}}}*/
 // Include Files                                                       /*{{{*/
    ##################################################################### */
                                                                        /*}}}*/
 // Include Files                                                       /*{{{*/
+#include <config.h>
+
 #include <apt-pkg/acquire-item.h>
 #include <apt-pkg/configuration.h>
 #include <apt-pkg/acquire-item.h>
 #include <apt-pkg/configuration.h>
+#include <apt-pkg/aptconfiguration.h>
 #include <apt-pkg/sourcelist.h>
 #include <apt-pkg/sourcelist.h>
-#include <apt-pkg/vendorlist.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/fileutl.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/sha1.h>
 #include <apt-pkg/tagfile.h>
 #include <apt-pkg/sha1.h>
 #include <apt-pkg/tagfile.h>
-
-#include <apti18n.h>
-    
+#include <apt-pkg/indexrecords.h>
+#include <apt-pkg/acquire.h>
+#include <apt-pkg/hashes.h>
+#include <apt-pkg/indexfile.h>
+#include <apt-pkg/pkgcache.h>
+#include <apt-pkg/cacheiterators.h>
+#include <apt-pkg/pkgrecords.h>
+
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+#include <iostream>
+#include <vector>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <errno.h>
 #include <string>
 #include <sstream>
 #include <stdio.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <errno.h>
 #include <string>
 #include <sstream>
 #include <stdio.h>
+#include <ctime>
+
+#include <apti18n.h>
                                                                        /*}}}*/
 
 using namespace std;
                                                                        /*}}}*/
 
 using namespace std;
@@ -63,6 +77,7 @@ void pkgAcquire::Item::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 {
    Status = StatIdle;
    ErrorText = LookupTag(Message,"Message");
 {
    Status = StatIdle;
    ErrorText = LookupTag(Message,"Message");
+   UsedMirror =  LookupTag(Message,"UsedMirror");
    if (QueueCounter <= 1)
    {
       /* This indicates that the file is not available right now but might
    if (QueueCounter <= 1)
    {
       /* This indicates that the file is not available right now but might
@@ -75,17 +90,24 @@ void pkgAcquire::Item::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
         Dequeue();
         return;
       }
         Dequeue();
         return;
       }
-      
+
       Status = StatError;
       Dequeue();
    }   
       Status = StatError;
       Dequeue();
    }   
+
+   // report mirror failure back to LP if we actually use a mirror
+   string FailReason = LookupTag(Message, "FailReason");
+   if(FailReason.size() != 0)
+      ReportMirrorFailure(FailReason);
+   else
+      ReportMirrorFailure(ErrorText);
 }
                                                                        /*}}}*/
 // Acquire::Item::Start - Item has begun to download                   /*{{{*/
 // ---------------------------------------------------------------------
 /* Stash status and the file size. Note that setting Complete means 
    sub-phases of the acquire process such as decompresion are operating */
 }
                                                                        /*}}}*/
 // Acquire::Item::Start - Item has begun to download                   /*{{{*/
 // ---------------------------------------------------------------------
 /* Stash status and the file size. Note that setting Complete means 
    sub-phases of the acquire process such as decompresion are operating */
-void pkgAcquire::Item::Start(string /*Message*/,unsigned long Size)
+void pkgAcquire::Item::Start(string /*Message*/,unsigned long long Size)
 {
    Status = StatFetching;
    if (FileSize == 0 && Complete == false)
 {
    Status = StatFetching;
    if (FileSize == 0 && Complete == false)
@@ -95,12 +117,12 @@ void pkgAcquire::Item::Start(string /*Message*/,unsigned long Size)
 // Acquire::Item::Done - Item downloaded OK                            /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // Acquire::Item::Done - Item downloaded OK                            /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash,
-                           pkgAcquire::MethodConfig *Cnf)
+void pkgAcquire::Item::Done(string Message,unsigned long long Size,string /*Hash*/,
+                           pkgAcquire::MethodConfig * /*Cnf*/)
 {
    // We just downloaded something..
    string FileName = LookupTag(Message,"Filename");
 {
    // We just downloaded something..
    string FileName = LookupTag(Message,"Filename");
-   // we only inform the Log class if it was actually not a local thing
+   UsedMirror =  LookupTag(Message,"UsedMirror");
    if (Complete == false && !Local && FileName == DestFile)
    {
       if (Owner->Log != 0)
    if (Complete == false && !Local && FileName == DestFile)
    {
       if (Owner->Log != 0)
@@ -109,7 +131,6 @@ void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash,
 
    if (FileSize == 0)
       FileSize= Size;
 
    if (FileSize == 0)
       FileSize= Size;
-   
    Status = StatDone;
    ErrorText = string();
    Owner->Dequeue(this);
    Status = StatDone;
    ErrorText = string();
    Owner->Dequeue(this);
@@ -117,7 +138,7 @@ void pkgAcquire::Item::Done(string Message,unsigned long Size,string Hash,
                                                                        /*}}}*/
 // Acquire::Item::Rename - Rename a file                               /*{{{*/
 // ---------------------------------------------------------------------
                                                                        /*}}}*/
 // Acquire::Item::Rename - Rename a file                               /*{{{*/
 // ---------------------------------------------------------------------
-/* This helper function is used by alot of item methods as thier final
+/* This helper function is used by a lot of item methods as their final
    step */
 void pkgAcquire::Item::Rename(string From,string To)
 {
    step */
 void pkgAcquire::Item::Rename(string From,string To)
 {
@@ -131,11 +152,191 @@ void pkgAcquire::Item::Rename(string From,string To)
    }   
 }
                                                                        /*}}}*/
    }   
 }
                                                                        /*}}}*/
+bool pkgAcquire::Item::RenameOnError(pkgAcquire::Item::RenameOnErrorState const error)/*{{{*/
+{
+   if(FileExists(DestFile))
+      Rename(DestFile, DestFile + ".FAILED");
 
 
+   switch (error)
+   {
+      case HashSumMismatch:
+        ErrorText = _("Hash Sum mismatch");
+        Status = StatAuthError;
+        ReportMirrorFailure("HashChecksumFailure");
+        break;
+      case SizeMismatch:
+        ErrorText = _("Size mismatch");
+        Status = StatAuthError;
+        ReportMirrorFailure("SizeFailure");
+        break;
+      case InvalidFormat:
+        ErrorText = _("Invalid file format");
+        Status = StatError;
+        // do not report as usually its not the mirrors fault, but Portal/Proxy
+        break;
+   }
+   return false;
+}
+                                                                       /*}}}*/
+// Acquire::Item::ReportMirrorFailure                                  /*{{{*/
+// ---------------------------------------------------------------------
+void pkgAcquire::Item::ReportMirrorFailure(string FailCode)
+{
+   // we only act if a mirror was used at all
+   if(UsedMirror.empty())
+      return;
+#if 0
+   std::cerr << "\nReportMirrorFailure: " 
+            << UsedMirror
+            << " Uri: " << DescURI()
+            << " FailCode: " 
+            << FailCode << std::endl;
+#endif
+   const char *Args[40];
+   unsigned int i = 0;
+   string report = _config->Find("Methods::Mirror::ProblemReporting", 
+                                "/usr/lib/apt/apt-report-mirror-failure");
+   if(!FileExists(report))
+      return;
+   Args[i++] = report.c_str();
+   Args[i++] = UsedMirror.c_str();
+   Args[i++] = DescURI().c_str();
+   Args[i++] = FailCode.c_str();
+   Args[i++] = NULL;
+   pid_t pid = ExecFork();
+   if(pid < 0) 
+   {
+      _error->Error("ReportMirrorFailure Fork failed");
+      return;
+   }
+   else if(pid == 0) 
+   {
+      execvp(Args[0], (char**)Args);
+      std::cerr << "Could not exec " << Args[0] << std::endl;
+      _exit(100);
+   }
+   if(!ExecWait(pid, "report-mirror-failure")) 
+   {
+      _error->Warning("Couldn't report problem to '%s'",
+                     _config->Find("Methods::Mirror::ProblemReporting").c_str());
+   }
+}
+                                                                       /*}}}*/
+// AcqSubIndex::AcqSubIndex - Constructor                              /*{{{*/
+// ---------------------------------------------------------------------
+/* Get a sub-index file based on checksums from a 'master' file and
+   possibly query additional files */
+pkgAcqSubIndex::pkgAcqSubIndex(pkgAcquire *Owner, string const &URI,
+                                string const &URIDesc, string const &ShortDesc,
+                                HashString const &ExpectedHash)
+   : Item(Owner), ExpectedHash(ExpectedHash)
+{
+   /* XXX: Beware: Currently this class does nothing (of value) anymore ! */
+   Debug = _config->FindB("Debug::pkgAcquire::SubIndex",false);
+
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(URI);
 
 
-// AcqDiffIndex::AcqDiffIndex - Constructor                    
+   Desc.URI = URI;
+   Desc.Description = URIDesc;
+   Desc.Owner = this;
+   Desc.ShortDesc = ShortDesc;
+
+   QueueURI(Desc);
+
+   if(Debug)
+      std::clog << "pkgAcqSubIndex: " << Desc.URI << std::endl;
+}
+                                                                       /*}}}*/
+// AcqSubIndex::Custom600Headers - Insert custom request headers       /*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
-/* Get the DiffIndex file first and see if there are patches availabe 
+/* The only header we use is the last-modified header. */
+string pkgAcqSubIndex::Custom600Headers()
+{
+   string Final = _config->FindDir("Dir::State::lists");
+   Final += URItoFileName(Desc.URI);
+
+   struct stat Buf;
+   if (stat(Final.c_str(),&Buf) != 0)
+      return "\nIndex-File: true\nFail-Ignore: true\n";
+   return "\nIndex-File: true\nFail-Ignore: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
+}
+                                                                       /*}}}*/
+void pkgAcqSubIndex::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
+{
+   if(Debug)
+      std::clog << "pkgAcqSubIndex failed: " << Desc.URI << " with " << Message << std::endl;
+
+   Complete = false;
+   Status = StatDone;
+   Dequeue();
+
+   // No good Index is provided
+}
+                                                                       /*}}}*/
+void pkgAcqSubIndex::Done(string Message,unsigned long long Size,string Md5Hash,       /*{{{*/
+                          pkgAcquire::MethodConfig *Cnf)
+{
+   if(Debug)
+      std::clog << "pkgAcqSubIndex::Done(): " << Desc.URI << std::endl;
+
+   string FileName = LookupTag(Message,"Filename");
+   if (FileName.empty() == true)
+   {
+      Status = StatError;
+      ErrorText = "Method gave a blank filename";
+      return;
+   }
+
+   if (FileName != DestFile)
+   {
+      Local = true;
+      Desc.URI = "copy:" + FileName;
+      QueueURI(Desc);
+      return;
+   }
+
+   Item::Done(Message,Size,Md5Hash,Cnf);
+
+   string FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(Desc.URI);
+
+   /* Downloaded invalid transindex => Error (LP: #346386) (Closes: #627642) */
+   indexRecords SubIndexParser;
+   if (FileExists(DestFile) == true && !SubIndexParser.Load(DestFile)) {
+      Status = StatError;
+      ErrorText = SubIndexParser.ErrorText;
+      return;
+   }
+
+   // success in downloading the index
+   // rename the index
+   if(Debug)
+      std::clog << "Renaming: " << DestFile << " -> " << FinalFile << std::endl;
+   Rename(DestFile,FinalFile);
+   chmod(FinalFile.c_str(),0644);
+   DestFile = FinalFile;
+
+   if(ParseIndex(DestFile) == false)
+      return Failed("", NULL);
+
+   Complete = true;
+   Status = StatDone;
+   Dequeue();
+   return;
+}
+                                                                       /*}}}*/
+bool pkgAcqSubIndex::ParseIndex(string const &IndexFile)               /*{{{*/
+{
+   indexRecords SubIndexParser;
+   if (FileExists(IndexFile) == false || SubIndexParser.Load(IndexFile) == false)
+      return false;
+   // so something with the downloaded index
+   return true;
+}
+                                                                       /*}}}*/
+// AcqDiffIndex::AcqDiffIndex - Constructor                            /*{{{*/
+// ---------------------------------------------------------------------
+/* Get the DiffIndex file first and see if there are patches available
  * If so, create a pkgAcqIndexDiffs fetcher that will get and apply the
  * patches. If anything goes wrong in that process, it will fall back to
  * the original packages file
  * If so, create a pkgAcqIndexDiffs fetcher that will get and apply the
  * patches. If anything goes wrong in that process, it will fall back to
  * the original packages file
@@ -155,7 +356,7 @@ pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
    Desc.URI = URI + ".diff/Index";
 
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    Desc.URI = URI + ".diff/Index";
 
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(URI) + string(".DiffIndex");
+   DestFile += URItoFileName(Desc.URI);
 
    if(Debug)
       std::clog << "pkgAcqDiffIndex: " << Desc.URI << std::endl;
 
    if(Debug)
       std::clog << "pkgAcqDiffIndex: " << Desc.URI << std::endl;
@@ -177,21 +378,21 @@ pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
       return;
    }
 
       return;
    }
 
-   if(Debug) 
-      std::clog << "pkgAcqIndexDiffs::pkgAcqIndexDiffs(): " 
-               << CurrentPackagesFile << std::endl;
-   
+   if(Debug)
+      std::clog << "pkgAcqDiffIndex::pkgAcqDiffIndex(): "
+        << CurrentPackagesFile << std::endl;
+
    QueueURI(Desc);
 
 }
    QueueURI(Desc);
 
 }
-
+                                                                       /*}}}*/
 // AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
 string pkgAcqDiffIndex::Custom600Headers()
 {
    string Final = _config->FindDir("Dir::State::lists");
 // AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
 string pkgAcqDiffIndex::Custom600Headers()
 {
    string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(RealURI) + string(".IndexDiff");
+   Final += URItoFileName(Desc.URI);
    
    if(Debug)
       std::clog << "Custom600Header-IMS: " << Final << std::endl;
    
    if(Debug)
       std::clog << "Custom600Header-IMS: " << Final << std::endl;
@@ -202,13 +403,12 @@ string pkgAcqDiffIndex::Custom600Headers()
    
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
    
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
-
-
-bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)
+                                                                       /*}}}*/
+bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)             /*{{{*/
 {
    if(Debug)
 {
    if(Debug)
-      std::clog << "pkgAcqIndexDiffs::ParseIndexDiff() " << IndexDiffFile 
-               << std::endl;
+      std::clog << "pkgAcqDiffIndex::ParseIndexDiff() " << IndexDiffFile
+        << std::endl;
 
    pkgTagSection Tags;
    string ServerSha1;
 
    pkgTagSection Tags;
    string ServerSha1;
@@ -221,62 +421,123 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)
 
    if(TF.Step(Tags) == true)
    {
 
    if(TF.Step(Tags) == true)
    {
-      string local_sha1;
       bool found = false;
       DiffInfo d;
       string size;
 
       bool found = false;
       DiffInfo d;
       string size;
 
-      string tmp = Tags.FindS("SHA1-Current");
+      string const tmp = Tags.FindS("SHA1-Current");
       std::stringstream ss(tmp);
       std::stringstream ss(tmp);
-      ss >> ServerSha1;
+      ss >> ServerSha1 >> size;
+      unsigned long const ServerSize = atol(size.c_str());
 
       FileFd fd(CurrentPackagesFile, FileFd::ReadOnly);
       SHA1Summation SHA1;
 
       FileFd fd(CurrentPackagesFile, FileFd::ReadOnly);
       SHA1Summation SHA1;
-      SHA1.AddFD(fd.Fd(), fd.Size());
-      local_sha1 = string(SHA1.Result());
+      SHA1.AddFD(fd);
+      string const local_sha1 = SHA1.Result();
 
 
-      if(local_sha1 == ServerSha1) 
+      if(local_sha1 == ServerSha1)
       {
       {
-        // we have the same sha1 as the server
+        // we have the same sha1 as the server so we are done here
         if(Debug)
            std::clog << "Package file is up-to-date" << std::endl;
         if(Debug)
            std::clog << "Package file is up-to-date" << std::endl;
-        // set found to true, this will queue a pkgAcqIndexDiffs with
-        // a empty availabe_patches
-        found = true;
-      } 
-      else 
+        // list cleanup needs to know that this file as well as the already
+        // present index is ours, so we create an empty diff to save it for us
+        new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
+              ExpectedHash, ServerSha1, available_patches);
+        return true;
+      }
+      else
       {
         if(Debug)
       {
         if(Debug)
-           std::clog << "SHA1-Current: " << ServerSha1 << std::endl;
+           std::clog << "SHA1-Current: " << ServerSha1 << " and we start at "<< fd.Name() << " " << fd.Size() << " " << local_sha1 << std::endl;
 
         // check the historie and see what patches we need
 
         // check the historie and see what patches we need
-        string history = Tags.FindS("SHA1-History");     
+        string const history = Tags.FindS("SHA1-History");
         std::stringstream hist(history);
         std::stringstream hist(history);
-        while(hist >> d.sha1 >> size >> d.file) 
+        while(hist >> d.sha1 >> size >> d.file)
         {
         {
-           d.size = atoi(size.c_str());
            // read until the first match is found
            // read until the first match is found
+           // from that point on, we probably need all diffs
            if(d.sha1 == local_sha1) 
               found=true;
            if(d.sha1 == local_sha1) 
               found=true;
-           // from that point on, we probably need all diffs
-           if(found) 
+           else if (found == false)
+              continue;
+
+           if(Debug)
+              std::clog << "Need to get diff: " << d.file << std::endl;
+           available_patches.push_back(d);
+        }
+
+        if (available_patches.empty() == false)
+        {
+           // patching with too many files is rather slow compared to a fast download
+           unsigned long const fileLimit = _config->FindI("Acquire::PDiffs::FileLimit", 0);
+           if (fileLimit != 0 && fileLimit < available_patches.size())
            {
            {
-              if(Debug)
-                 std::clog << "Need to get diff: " << d.file << std::endl;
-              available_patches.push_back(d);
+              if (Debug)
+                 std::clog << "Need " << available_patches.size() << " diffs (Limit is " << fileLimit
+                       << ") so fallback to complete download" << std::endl;
+              return false;
+           }
+
+           // see if the patches are too big
+           found = false; // it was true and it will be true again at the end
+           d = *available_patches.begin();
+           string const firstPatch = d.file;
+           unsigned long patchesSize = 0;
+           std::stringstream patches(Tags.FindS("SHA1-Patches"));
+           while(patches >> d.sha1 >> size >> d.file)
+           {
+              if (firstPatch == d.file)
+                 found = true;
+              else if (found == false)
+                 continue;
+
+              patchesSize += atol(size.c_str());
+           }
+           unsigned long const sizeLimit = ServerSize * _config->FindI("Acquire::PDiffs::SizeLimit", 100);
+           if (sizeLimit > 0 && (sizeLimit/100) < patchesSize)
+           {
+              if (Debug)
+                 std::clog << "Need " << patchesSize << " bytes (Limit is " << sizeLimit/100
+                       << ") so fallback to complete download" << std::endl;
+              return false;
            }
         }
       }
 
       // we have something, queue the next diff
            }
         }
       }
 
       // we have something, queue the next diff
-      if(found) 
+      if(found)
       {
         // queue the diffs
       {
         // queue the diffs
-        string::size_type last_space = Description.rfind(" ");
+        string::size_type const last_space = Description.rfind(" ");
         if(last_space != string::npos)
            Description.erase(last_space, Description.size()-last_space);
         if(last_space != string::npos)
            Description.erase(last_space, Description.size()-last_space);
-        new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
-                             ExpectedHash, available_patches);
+
+        /* decide if we should download patches one by one or in one go:
+           The first is good if the server merges patches, but many don't so client
+           based merging can be attempt in which case the second is better.
+           "bad things" will happen if patches are merged on the server,
+           but client side merging is attempt as well */
+        bool pdiff_merge = _config->FindB("Acquire::PDiffs::Merge", true);
+        if (pdiff_merge == true)
+        {
+           // reprepro adds this flag if it has merged patches on the server
+           std::string const precedence = Tags.FindS("X-Patch-Precedence");
+           pdiff_merge = (precedence != "merged");
+        }
+
+        if (pdiff_merge == false)
+           new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
+                 ExpectedHash, ServerSha1, available_patches);
+        else
+        {
+           std::vector<pkgAcqIndexMergeDiffs*> *diffs = new std::vector<pkgAcqIndexMergeDiffs*>(available_patches.size());
+           for(size_t i = 0; i < available_patches.size(); ++i)
+              (*diffs)[i] = new pkgAcqIndexMergeDiffs(Owner, RealURI, Description, Desc.ShortDesc, ExpectedHash,
+                    available_patches[i], diffs);
+        }
+
         Complete = false;
         Status = StatDone;
         Dequeue();
         Complete = false;
         Status = StatDone;
         Dequeue();
@@ -291,12 +552,12 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)
       std::clog << "Can't find a patch in the index file" << std::endl;
    return false;
 }
       std::clog << "Can't find a patch in the index file" << std::endl;
    return false;
 }
-
-void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+                                                                       /*}}}*/
+void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
 {
    if(Debug)
 {
    if(Debug)
-      std::clog << "pkgAcqDiffIndex failed: " << Desc.URI << std::endl
-               << "Falling back to normal index file aquire" << std::endl;
+      std::clog << "pkgAcqDiffIndex failed: " << Desc.URI << " with " << Message << std::endl
+               << "Falling back to normal index file acquire" << std::endl;
 
    new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc, 
                   ExpectedHash);
 
    new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc, 
                   ExpectedHash);
@@ -305,8 +566,8 @@ void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    Status = StatDone;
    Dequeue();
 }
    Status = StatDone;
    Dequeue();
 }
-
-void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,
+                                                                       /*}}}*/
+void pkgAcqDiffIndex::Done(string Message,unsigned long long Size,string Md5Hash,      /*{{{*/
                           pkgAcquire::MethodConfig *Cnf)
 {
    if(Debug)
                           pkgAcquire::MethodConfig *Cnf)
 {
    if(Debug)
@@ -317,7 +578,7 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,
    string FinalFile;
    FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
 
    string FinalFile;
    FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
 
-   // sucess in downloading the index
+   // success in downloading the index
    // rename the index
    FinalFile += string(".IndexDiff");
    if(Debug)
    // rename the index
    FinalFile += string(".IndexDiff");
    if(Debug)
@@ -335,10 +596,8 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,
    Dequeue();
    return;
 }
    Dequeue();
    return;
 }
-
-
-
-// AcqIndexDiffs::AcqIndexDiffs - Constructor                  
+                                                                       /*}}}*/
+// AcqIndexDiffs::AcqIndexDiffs - Constructor                          /*{{{*/
 // ---------------------------------------------------------------------
 /* The package diff is added to the queue. one object is constructed
  * for each diff and the index
 // ---------------------------------------------------------------------
 /* The package diff is added to the queue. one object is constructed
  * for each diff and the index
@@ -346,9 +605,10 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long Size,string Md5Hash,
 pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
                                   string URI,string URIDesc,string ShortDesc,
                                   HashString ExpectedHash, 
 pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
                                   string URI,string URIDesc,string ShortDesc,
                                   HashString ExpectedHash, 
+                                  string ServerSha1,
                                   vector<DiffInfo> diffs)
    : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash), 
                                   vector<DiffInfo> diffs)
    : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash), 
-     available_patches(diffs)
+     available_patches(diffs), ServerSha1(ServerSha1)
 {
    
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
 {
    
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
@@ -360,7 +620,7 @@ pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
    Desc.Owner = this;
    Desc.ShortDesc = ShortDesc;
 
    Desc.Owner = this;
    Desc.ShortDesc = ShortDesc;
 
-   if(available_patches.size() == 0) 
+   if(available_patches.empty() == true)
    {
       // we are done (yeah!)
       Finish(true);
    {
       // we are done (yeah!)
       Finish(true);
@@ -372,20 +632,18 @@ pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
       QueueNextDiff();
    }
 }
       QueueNextDiff();
    }
 }
-
-
-void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+                                                                       /*}}}*/
+void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
 {
    if(Debug)
 {
    if(Debug)
-      std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl
-               << "Falling back to normal index file aquire" << std::endl;
+      std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << " with " << Message << std::endl
+               << "Falling back to normal index file acquire" << std::endl;
    new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc, 
                   ExpectedHash);
    Finish();
 }
    new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc, 
                   ExpectedHash);
    Finish();
 }
-
-
-// helper that cleans the item out of the fetcher queue
+                                                                       /*}}}*/
+// Finish - helper that cleans the item out of the fetcher queue       /*{{{*/
 void pkgAcqIndexDiffs::Finish(bool allDone)
 {
    // we restore the original name, this is required, otherwise
 void pkgAcqIndexDiffs::Finish(bool allDone)
 {
    // we restore the original name, this is required, otherwise
@@ -397,9 +655,7 @@ void pkgAcqIndexDiffs::Finish(bool allDone)
 
       if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
       {
 
       if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
       {
-        Status = StatAuthError;
-        ErrorText = _("MD5Sum mismatch");
-        Rename(DestFile,DestFile + ".FAILED");
+        RenameOnError(HashSumMismatch);
         Dequeue();
         return;
       }
         Dequeue();
         return;
       }
@@ -420,10 +676,8 @@ void pkgAcqIndexDiffs::Finish(bool allDone)
    Dequeue();
    return;
 }
    Dequeue();
    return;
 }
-
-
-
-bool pkgAcqIndexDiffs::QueueNextDiff()
+                                                                       /*}}}*/
+bool pkgAcqIndexDiffs::QueueNextDiff()                                 /*{{{*/
 {
 
    // calc sha1 of the just patched file
 {
 
    // calc sha1 of the just patched file
@@ -432,32 +686,39 @@ bool pkgAcqIndexDiffs::QueueNextDiff()
 
    FileFd fd(FinalFile, FileFd::ReadOnly);
    SHA1Summation SHA1;
 
    FileFd fd(FinalFile, FileFd::ReadOnly);
    SHA1Summation SHA1;
-   SHA1.AddFD(fd.Fd(), fd.Size());
+   SHA1.AddFD(fd);
    string local_sha1 = string(SHA1.Result());
    if(Debug)
       std::clog << "QueueNextDiff: " 
                << FinalFile << " (" << local_sha1 << ")"<<std::endl;
 
    string local_sha1 = string(SHA1.Result());
    if(Debug)
       std::clog << "QueueNextDiff: " 
                << FinalFile << " (" << local_sha1 << ")"<<std::endl;
 
+   // final file reached before all patches are applied
+   if(local_sha1 == ServerSha1)
+   {
+      Finish(true);
+      return true;
+   }
+
    // remove all patches until the next matching patch is found
    // this requires the Index file to be ordered
    for(vector<DiffInfo>::iterator I=available_patches.begin();
    // remove all patches until the next matching patch is found
    // this requires the Index file to be ordered
    for(vector<DiffInfo>::iterator I=available_patches.begin();
-       available_patches.size() > 0 && 
+       available_patches.empty() == false &&
          I != available_patches.end() &&
          I != available_patches.end() &&
-         (*I).sha1 != local_sha1; 
-       I++) 
+         I->sha1 != local_sha1;
+       ++I)
    {
       available_patches.erase(I);
    }
 
    // error checking and falling back if no patch was found
    {
       available_patches.erase(I);
    }
 
    // error checking and falling back if no patch was found
-   if(available_patches.size() == 0) 
-   { 
+   if(available_patches.empty() == true)
+   {
       Failed("", NULL);
       return false;
    }
 
    // queue the right diff
       Failed("", NULL);
       return false;
    }
 
    // queue the right diff
-   Desc.URI = string(RealURI) + ".diff/" + available_patches[0].file + ".gz";
+   Desc.URI = RealURI + ".diff/" + available_patches[0].file + ".gz";
    Desc.Description = Description + " " + available_patches[0].file + string(".pdiff");
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile += URItoFileName(RealURI + ".diff/" + available_patches[0].file);
    Desc.Description = Description + " " + available_patches[0].file + string(".pdiff");
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile += URItoFileName(RealURI + ".diff/" + available_patches[0].file);
@@ -469,10 +730,8 @@ bool pkgAcqIndexDiffs::QueueNextDiff()
 
    return true;
 }
 
    return true;
 }
-
-
-
-void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
+                                                                       /*}}}*/
+void pkgAcqIndexDiffs::Done(string Message,unsigned long long Size,string Md5Hash,     /*{{{*/
                            pkgAcquire::MethodConfig *Cnf)
 {
    if(Debug)
                            pkgAcquire::MethodConfig *Cnf)
 {
    if(Debug)
@@ -483,25 +742,8 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
    string FinalFile;
    FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
 
    string FinalFile;
    FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
 
-   // sucess in downloading a diff, enter ApplyDiff state
-   if(State == StateFetchDiff) 
-   {
-
-      if(Debug)
-        std::clog << "Sending to gzip method: " << FinalFile << std::endl;
-
-      string FileName = LookupTag(Message,"Filename");
-      State = StateUnzipDiff;
-      Local = true;
-      Desc.URI = "gzip:" + FileName;
-      DestFile += ".decomp";
-      QueueURI(Desc);
-      Mode = "gzip";
-      return;
-   } 
-
-   // sucess in downloading a diff, enter ApplyDiff state
-   if(State == StateUnzipDiff) 
+   // success in downloading a diff, enter ApplyDiff state
+   if(State == StateFetchDiff)
    {
 
       // rred excepts the patch as $FinalFile.ed
    {
 
       // rred excepts the patch as $FinalFile.ed
@@ -524,6 +766,7 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
    {
       // remove the just applied patch
       available_patches.erase(available_patches.begin());
    {
       // remove the just applied patch
       available_patches.erase(available_patches.begin());
+      unlink((FinalFile + ".ed").c_str());
 
       // move into place
       if(Debug) 
 
       // move into place
       if(Debug) 
@@ -535,16 +778,140 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long Size,string Md5Hash,
       chmod(FinalFile.c_str(),0644);
 
       // see if there is more to download
       chmod(FinalFile.c_str(),0644);
 
       // see if there is more to download
-      if(available_patches.size() > 0) {
+      if(available_patches.empty() == false) {
         new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
         new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
-                             ExpectedHash, available_patches);
+                             ExpectedHash, ServerSha1, available_patches);
         return Finish();
       } else 
         return Finish(true);
    }
 }
         return Finish();
       } else 
         return Finish(true);
    }
 }
+                                                                       /*}}}*/
+// AcqIndexMergeDiffs::AcqIndexMergeDiffs - Constructor                        /*{{{*/
+pkgAcqIndexMergeDiffs::pkgAcqIndexMergeDiffs(pkgAcquire *Owner,
+                                  string const &URI, string const &URIDesc,
+                                  string const &ShortDesc, HashString const &ExpectedHash,
+                                  DiffInfo const &patch,
+                                  std::vector<pkgAcqIndexMergeDiffs*> const * const allPatches)
+   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
+     patch(patch),allPatches(allPatches), State(StateFetchDiff)
+{
 
 
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(URI);
 
 
+   Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
+
+   Description = URIDesc;
+   Desc.Owner = this;
+   Desc.ShortDesc = ShortDesc;
+
+   Desc.URI = RealURI + ".diff/" + patch.file + ".gz";
+   Desc.Description = Description + " " + patch.file + string(".pdiff");
+   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(RealURI + ".diff/" + patch.file);
+
+   if(Debug)
+      std::clog << "pkgAcqIndexMergeDiffs: " << Desc.URI << std::endl;
+
+   QueueURI(Desc);
+}
+                                                                       /*}}}*/
+void pkgAcqIndexMergeDiffs::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
+{
+   if(Debug)
+      std::clog << "pkgAcqIndexMergeDiffs failed: " << Desc.URI << " with " << Message << std::endl;
+   Complete = false;
+   Status = StatDone;
+   Dequeue();
+
+   // check if we are the first to fail, otherwise we are done here
+   State = StateDoneDiff;
+   for (std::vector<pkgAcqIndexMergeDiffs *>::const_iterator I = allPatches->begin();
+        I != allPatches->end(); ++I)
+      if ((*I)->State == StateErrorDiff)
+        return;
+
+   // first failure means we should fallback
+   State = StateErrorDiff;
+   std::clog << "Falling back to normal index file acquire" << std::endl;
+   new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc,
+                  ExpectedHash);
+}
+                                                                       /*}}}*/
+void pkgAcqIndexMergeDiffs::Done(string Message,unsigned long long Size,string Md5Hash,        /*{{{*/
+                           pkgAcquire::MethodConfig *Cnf)
+{
+   if(Debug)
+      std::clog << "pkgAcqIndexMergeDiffs::Done(): " << Desc.URI << std::endl;
+
+   Item::Done(Message,Size,Md5Hash,Cnf);
+
+   string const FinalFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+
+   if (State == StateFetchDiff)
+   {
+      // rred expects the patch as $FinalFile.ed.$patchname.gz
+      Rename(DestFile, FinalFile + ".ed." + patch.file + ".gz");
+
+      // check if this is the last completed diff
+      State = StateDoneDiff;
+      for (std::vector<pkgAcqIndexMergeDiffs *>::const_iterator I = allPatches->begin();
+           I != allPatches->end(); ++I)
+        if ((*I)->State != StateDoneDiff)
+        {
+           if(Debug)
+              std::clog << "Not the last done diff in the batch: " << Desc.URI << std::endl;
+           return;
+        }
+
+      // this is the last completed diff, so we are ready to apply now
+      State = StateApplyDiff;
+
+      if(Debug)
+        std::clog << "Sending to rred method: " << FinalFile << std::endl;
+
+      Local = true;
+      Desc.URI = "rred:" + FinalFile;
+      QueueURI(Desc);
+      Mode = "rred";
+      return;
+   }
+   // success in download/apply all diffs, clean up
+   else if (State == StateApplyDiff)
+   {
+      // see if we really got the expected file
+      if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
+      {
+        RenameOnError(HashSumMismatch);
+        return;
+      }
+
+      // move the result into place
+      if(Debug)
+        std::clog << "Moving patched file in place: " << std::endl
+                  << DestFile << " -> " << FinalFile << std::endl;
+      Rename(DestFile, FinalFile);
+      chmod(FinalFile.c_str(), 0644);
+
+      // otherwise lists cleanup will eat the file
+      DestFile = FinalFile;
+
+      // ensure the ed's are gone regardless of list-cleanup
+      for (std::vector<pkgAcqIndexMergeDiffs *>::const_iterator I = allPatches->begin();
+           I != allPatches->end(); ++I)
+      {
+           std::string patch = FinalFile + ".ed." + (*I)->patch.file + ".gz";
+           unlink(patch.c_str());
+      }
+
+      // all set and done
+      Complete = true;
+      if(Debug)
+        std::clog << "allDone: " << DestFile << "\n" << std::endl;
+   }
+}
+                                                                       /*}}}*/
 // AcqIndex::AcqIndex - Constructor                                    /*{{{*/
 // ---------------------------------------------------------------------
 /* The package file is added to the queue and a second class is 
 // AcqIndex::AcqIndex - Constructor                                    /*{{{*/
 // ---------------------------------------------------------------------
 /* The package file is added to the queue and a second class is 
@@ -554,28 +921,61 @@ pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
                         HashString ExpectedHash, string comprExt)
    : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash)
 {
                         HashString ExpectedHash, string comprExt)
    : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash)
 {
+   if(comprExt.empty() == true)
+   {
+      // autoselect the compression method
+      std::vector<std::string> types = APT::Configuration::getCompressionTypes();
+      for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
+        comprExt.append(*t).append(" ");
+      if (comprExt.empty() == false)
+        comprExt.erase(comprExt.end()-1);
+   }
+   CompressionExtension = comprExt;
+
+   Init(URI, URIDesc, ShortDesc);
+}
+pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, IndexTarget const *Target,
+                        HashString const &ExpectedHash, indexRecords const *MetaIndexParser)
+   : Item(Owner), RealURI(Target->URI), ExpectedHash(ExpectedHash)
+{
+   // autoselect the compression method
+   std::vector<std::string> types = APT::Configuration::getCompressionTypes();
+   CompressionExtension = "";
+   if (ExpectedHash.empty() == false)
+   {
+      for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
+        if (*t == "uncompressed" || MetaIndexParser->Exists(string(Target->MetaKey).append(".").append(*t)) == true)
+           CompressionExtension.append(*t).append(" ");
+   }
+   else
+   {
+      for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
+        CompressionExtension.append(*t).append(" ");
+   }
+   if (CompressionExtension.empty() == false)
+      CompressionExtension.erase(CompressionExtension.end()-1);
+
+   Init(Target->URI, Target->Description, Target->ShortDesc);
+}
+                                                                       /*}}}*/
+// AcqIndex::Init - defered Constructor                                        /*{{{*/
+void pkgAcqIndex::Init(string const &URI, string const &URIDesc, string const &ShortDesc) {
    Decompression = false;
    Erase = false;
 
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile += URItoFileName(URI);
 
    Decompression = false;
    Erase = false;
 
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile += URItoFileName(URI);
 
-   if(comprExt.empty()) 
-   {
-      // autoselect the compression method
-      if(FileExists("/bin/bzip2")) 
-        CompressionExtension = ".bz2";
-      else 
-        CompressionExtension = ".gz";
-   } else {
-      CompressionExtension = (comprExt == "plain" ? "" : comprExt);
-   }
-   Desc.URI = URI + CompressionExtension;
+   std::string const comprExt = CompressionExtension.substr(0, CompressionExtension.find(' '));
+   if (comprExt == "uncompressed")
+      Desc.URI = URI;
+   else
+      Desc.URI = URI + '.' + comprExt;
 
    Desc.Description = URIDesc;
    Desc.Owner = this;
    Desc.ShortDesc = ShortDesc;
 
    Desc.Description = URIDesc;
    Desc.Owner = this;
    Desc.ShortDesc = ShortDesc;
-      
+
    QueueURI(Desc);
 }
                                                                        /*}}}*/
    QueueURI(Desc);
 }
                                                                        /*}}}*/
@@ -586,52 +986,41 @@ string pkgAcqIndex::Custom600Headers()
 {
    string Final = _config->FindDir("Dir::State::lists");
    Final += URItoFileName(RealURI);
 {
    string Final = _config->FindDir("Dir::State::lists");
    Final += URItoFileName(RealURI);
+   if (_config->FindB("Acquire::GzipIndexes",false))
+      Final += ".gz";
    
    
+   string msg = "\nIndex-File: true";
+   // FIXME: this really should use "IndexTarget::IsOptional()" but that
+   //        seems to be difficult without breaking ABI
+   if (ShortDesc().find("Translation") != 0)
+      msg += "\nFail-Ignore: true";
    struct stat Buf;
    struct stat Buf;
-   if (stat(Final.c_str(),&Buf) != 0)
-      return "\nIndex-File: true";
-   
-   return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
+   if (stat(Final.c_str(),&Buf) == 0)
+      msg += "\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
+
+   return msg;
 }
                                                                        /*}}}*/
 }
                                                                        /*}}}*/
-
-void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*{{{*/
 {
 {
-   bool descChanged = false;
-   // no .bz2 found, retry with .gz
-   if(Desc.URI.substr(Desc.URI.size()-3) == "bz2") {
-      Desc.URI = Desc.URI.substr(0,Desc.URI.size()-3) + "gz";
-
-      new pkgAcqIndex(Owner, RealURI, Desc.Description,Desc.ShortDesc,
-                     ExpectedHash, string(".gz"));
-         descChanged = true;
-   }
-   // no .gz found, retry with uncompressed
-   else if(Desc.URI.substr(Desc.URI.size()-2) == "gz") {
-      Desc.URI = Desc.URI.substr(0,Desc.URI.size()-2);
-
-      new pkgAcqIndex(Owner, RealURI, Desc.Description,Desc.ShortDesc,
-                     ExpectedHash, string("plain"));
-         descChanged = true;
-   }
-   if (descChanged) {
-      Status = StatDone;
-      Complete = false;
-      Dequeue();
+   size_t const nextExt = CompressionExtension.find(' ');
+   if (nextExt != std::string::npos)
+   {
+      CompressionExtension = CompressionExtension.substr(nextExt+1);
+      Init(RealURI, Desc.Description, Desc.ShortDesc);
       return;
    }
 
    // on decompression failure, remove bad versions in partial/
       return;
    }
 
    // on decompression failure, remove bad versions in partial/
-   if(Decompression && Erase) {
+   if (Decompression && Erase) {
       string s = _config->FindDir("Dir::State::lists") + "partial/";
       string s = _config->FindDir("Dir::State::lists") + "partial/";
-      s += URItoFileName(RealURI);
+      s.append(URItoFileName(RealURI));
       unlink(s.c_str());
    }
 
    Item::Failed(Message,Cnf);
 }
       unlink(s.c_str());
    }
 
    Item::Failed(Message,Cnf);
 }
-
-
+                                                                       /*}}}*/
 // AcqIndex::Done - Finished a fetch                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* This goes through a number of states.. On the initial fetch the
 // AcqIndex::Done - Finished a fetch                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* This goes through a number of states.. On the initial fetch the
@@ -639,7 +1028,7 @@ void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    to the uncompressed version of the file. If this is so the file
    is copied into the partial directory. In all other cases the file
    is decompressed with a gzip uri. */
    to the uncompressed version of the file. If this is so the file
    is copied into the partial directory. In all other cases the file
    is decompressed with a gzip uri. */
-void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
+void pkgAcqIndex::Done(string Message,unsigned long long Size,string Hash,
                       pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,Hash,Cfg);
                       pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,Hash,Cfg);
@@ -654,11 +1043,31 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
 
       if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash)
       {
 
       if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash)
       {
-         Status = StatAuthError;
-         ErrorText = _("Hash Sum mismatch");
-         Rename(DestFile,DestFile + ".FAILED");
+        RenameOnError(HashSumMismatch);
          return;
       }
          return;
       }
+
+      // FIXME: this can go away once we only ever download stuff that
+      //        has a valid hash and we never do GET based probing
+      //
+      /* Always verify the index file for correctness (all indexes must
+       * have a Package field) (LP: #346386) (Closes: #627642) 
+       */
+      FileFd fd(DestFile, FileFd::ReadOnly);
+      // Only test for correctness if the file is not empty (empty is ok)
+      if (fd.FileSize() > 0)
+      {
+         pkgTagSection sec;
+         pkgTagFile tag(&fd);
+         
+         // all our current indexes have a field 'Package' in each section
+         if (_error->PendingError() == true || tag.Step(sec) == false || sec.Exists("Package") == false)
+         {
+            RenameOnError(InvalidFormat);
+            return;
+         }
+      }
+       
       // Done, move it into position
       string FinalFile = _config->FindDir("Dir::State::lists");
       FinalFile += URItoFileName(RealURI);
       // Done, move it into position
       string FinalFile = _config->FindDir("Dir::State::lists");
       FinalFile += URItoFileName(RealURI);
@@ -701,28 +1110,41 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
       Status = StatError;
       ErrorText = "Method gave a blank filename";
    }
       Status = StatError;
       ErrorText = "Method gave a blank filename";
    }
-   
+
+   std::string const compExt = CompressionExtension.substr(0, CompressionExtension.find(' '));
+
    // The files timestamp matches
    // The files timestamp matches
-   if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
+   if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) {
+       if (_config->FindB("Acquire::GzipIndexes",false) && compExt == "gz")
+         // Update DestFile for .gz suffix so that the clean operation keeps it
+         DestFile += ".gz";
       return;
       return;
+    }
 
    if (FileName == DestFile)
       Erase = true;
    else
       Local = true;
    
 
    if (FileName == DestFile)
       Erase = true;
    else
       Local = true;
    
-   string compExt = flExtension(flNotDir(URI(Desc.URI).Path));
-   const char *decompProg;
-   if(compExt == "bz2") 
-      decompProg = "bzip2";
-   else if(compExt == "gz") 
-      decompProg = "gzip";
-   // flExtensions returns the full name if no extension is found
-   // this is why we have this complicated compare operation here
-   // FIMXE: add a new flJustExtension() that return "" if no
-   //        extension is found and use that above so that it can
-   //        be tested against ""
-   else if(compExt == flNotDir(URI(Desc.URI).Path))
+   string decompProg;
+
+   // If we enable compressed indexes and already have gzip, keep it
+   if (_config->FindB("Acquire::GzipIndexes",false) && compExt == "gz" && !Local) {
+      string FinalFile = _config->FindDir("Dir::State::lists");
+      FinalFile += URItoFileName(RealURI) + ".gz";
+      Rename(DestFile,FinalFile);
+      chmod(FinalFile.c_str(),0644);
+      
+      // Update DestFile for .gz suffix so that the clean operation keeps it
+      DestFile = _config->FindDir("Dir::State::lists") + "partial/";
+      DestFile += URItoFileName(RealURI) + ".gz";
+      return;
+    }
+
+   // get the binary name for your used compression type
+   decompProg = _config->Find(string("Acquire::CompressionTypes::").append(compExt),"");
+   if(decompProg.empty() == false);
+   else if(compExt == "uncompressed")
       decompProg = "copy";
    else {
       _error->Error("Unsupported extension: %s", compExt.c_str());
       decompProg = "copy";
    else {
       _error->Error("Unsupported extension: %s", compExt.c_str());
@@ -731,11 +1153,13 @@ void pkgAcqIndex::Done(string Message,unsigned long Size,string Hash,
 
    Decompression = true;
    DestFile += ".decomp";
 
    Decompression = true;
    DestFile += ".decomp";
-   Desc.URI = string(decompProg) + ":" + FileName;
+   Desc.URI = decompProg + ":" + FileName;
    QueueURI(Desc);
    QueueURI(Desc);
-   Mode = decompProg;
-}
 
 
+   // FIXME: this points to a c++ string that goes out of scope
+   Mode = decompProg.c_str();
+}
+                                                                       /*}}}*/
 // AcqIndexTrans::pkgAcqIndexTrans - Constructor                       /*{{{*/
 // ---------------------------------------------------------------------
 /* The Translation file is added to the queue */
 // AcqIndexTrans::pkgAcqIndexTrans - Constructor                       /*{{{*/
 // ---------------------------------------------------------------------
 /* The Translation file is added to the queue */
@@ -744,13 +1168,39 @@ pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner,
   : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "")
 {
 }
   : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "")
 {
 }
+pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner, IndexTarget const *Target,
+                        HashString const &ExpectedHash, indexRecords const *MetaIndexParser)
+  : pkgAcqIndex(Owner, Target, ExpectedHash, MetaIndexParser)
+{
+}
+                                                                       /*}}}*/
+// AcqIndexTrans::Custom600Headers - Insert custom request headers     /*{{{*/
+// ---------------------------------------------------------------------
+string pkgAcqIndexTrans::Custom600Headers()
+{
+   string Final = _config->FindDir("Dir::State::lists");
+   Final += URItoFileName(RealURI);
 
 
+   struct stat Buf;
+   if (stat(Final.c_str(),&Buf) != 0)
+      return "\nFail-Ignore: true\nIndex-File: true";
+   return "\nFail-Ignore: true\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
+}
                                                                        /*}}}*/
 // AcqIndexTrans::Failed - Silence failure messages for missing files  /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 void pkgAcqIndexTrans::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 {
                                                                        /*}}}*/
 // AcqIndexTrans::Failed - Silence failure messages for missing files  /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 void pkgAcqIndexTrans::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 {
+   size_t const nextExt = CompressionExtension.find(' ');
+   if (nextExt != std::string::npos)
+   {
+      CompressionExtension = CompressionExtension.substr(nextExt+1);
+      Init(RealURI, Desc.Description, Desc.ShortDesc);
+      Status = StatIdle;
+      return;
+   }
+
    if (Cnf->LocalOnly == true || 
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
    {      
    if (Cnf->LocalOnly == true || 
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
    {      
@@ -760,12 +1210,11 @@ void pkgAcqIndexTrans::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
       Dequeue();
       return;
    }
       Dequeue();
       return;
    }
-   
+
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
-
-pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
+pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,                                /*{{{*/
                             string URI,string URIDesc,string ShortDesc,
                             string MetaIndexURI, string MetaIndexURIDesc,
                             string MetaIndexShortDesc,
                             string URI,string URIDesc,string ShortDesc,
                             string MetaIndexURI, string MetaIndexURIDesc,
                             string MetaIndexShortDesc,
@@ -791,11 +1240,10 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
       
    string Final = _config->FindDir("Dir::State::lists");
    Final += URItoFileName(RealURI);
       
    string Final = _config->FindDir("Dir::State::lists");
    Final += URItoFileName(RealURI);
-   struct stat Buf;
-   if (stat(Final.c_str(),&Buf) == 0)
+   if (RealFileExists(Final) == true)
    {
       // File was already in place.  It needs to be re-downloaded/verified
    {
       // File was already in place.  It needs to be re-downloaded/verified
-      // because Release might have changed, we do give it a differnt
+      // because Release might have changed, we do give it a different
       // name than DestFile because otherwise the http method will
       // send If-Range requests and there are too many broken servers
       // out there that do not understand them
       // name than DestFile because otherwise the http method will
       // send If-Range requests and there are too many broken servers
       // out there that do not understand them
@@ -804,6 +1252,19 @@ pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
    }
 
    QueueURI(Desc);
    }
 
    QueueURI(Desc);
+}
+                                                                       /*}}}*/
+pkgAcqMetaSig::~pkgAcqMetaSig()                                                /*{{{*/
+{
+   // if the file was never queued undo file-changes done in the constructor
+   if (QueueCounter == 1 && Status == StatIdle && FileSize == 0 && Complete == false &&
+        LastGoodSig.empty() == false)
+   {
+      string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+      if (RealFileExists(Final) == false && RealFileExists(LastGoodSig) == true)
+        Rename(LastGoodSig, Final);
+   }
+
 }
                                                                        /*}}}*/
 // pkgAcqMetaSig::Custom600Headers - Insert custom request headers     /*{{{*/
 }
                                                                        /*}}}*/
 // pkgAcqMetaSig::Custom600Headers - Insert custom request headers     /*{{{*/
@@ -818,7 +1279,7 @@ string pkgAcqMetaSig::Custom600Headers()
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
 
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
 
-void pkgAcqMetaSig::Done(string Message,unsigned long Size,string MD5,
+void pkgAcqMetaSig::Done(string Message,unsigned long long Size,string MD5,
                         pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,MD5,Cfg);
                         pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,MD5,Cfg);
@@ -849,12 +1310,13 @@ void pkgAcqMetaSig::Done(string Message,unsigned long Size,string MD5,
       Rename(LastGoodSig, DestFile);
 
    // queue a pkgAcqMetaIndex to be verified against the sig we just retrieved
       Rename(LastGoodSig, DestFile);
 
    // queue a pkgAcqMetaIndex to be verified against the sig we just retrieved
-   new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
-                      DestFile, IndexTargets, MetaIndexParser);
+   new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, 
+                      MetaIndexShortDesc,  DestFile, IndexTargets, 
+                      MetaIndexParser);
 
 }
                                                                        /*}}}*/
 
 }
                                                                        /*}}}*/
-void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
 {
    string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
 
 {
    string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
 
@@ -863,7 +1325,7 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    {
       Item::Failed(Message,Cnf);
       // move the sigfile back on transient network failures 
    {
       Item::Failed(Message,Cnf);
       // move the sigfile back on transient network failures 
-      if(FileExists(DestFile))
+      if(FileExists(LastGoodSig))
         Rename(LastGoodSig,Final);
 
       // set the status back to , Item::Failed likes to reset it
         Rename(LastGoodSig,Final);
 
       // set the status back to , Item::Failed likes to reset it
@@ -890,8 +1352,8 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    
    Item::Failed(Message,Cnf);
 }
    
    Item::Failed(Message,Cnf);
 }
-
-pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner,
+                                                                       /*}}}*/
+pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner,                    /*{{{*/
                                 string URI,string URIDesc,string ShortDesc,
                                 string SigFile,
                                 const vector<struct IndexTarget*>* IndexTargets,
                                 string URI,string URIDesc,string ShortDesc,
                                 string SigFile,
                                 const vector<struct IndexTarget*>* IndexTargets,
@@ -910,7 +1372,6 @@ pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner,
 
    QueueURI(Desc);
 }
 
    QueueURI(Desc);
 }
-
                                                                        /*}}}*/
 // pkgAcqMetaIndex::Custom600Headers - Insert custom request headers   /*{{{*/
 // ---------------------------------------------------------------------
                                                                        /*}}}*/
 // pkgAcqMetaIndex::Custom600Headers - Insert custom request headers   /*{{{*/
 // ---------------------------------------------------------------------
@@ -926,8 +1387,8 @@ string pkgAcqMetaIndex::Custom600Headers()
    
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
    
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
-
-void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, /*{{{*/
                           pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,Hash,Cfg);
                           pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,Hash,Cfg);
@@ -939,6 +1400,9 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,
    if (AuthPass == true)
    {
       AuthDone(Message);
    if (AuthPass == true)
    {
       AuthDone(Message);
+
+      // all cool, move Release file into place
+      Complete = true;
    }
    else
    {
    }
    else
    {
@@ -950,7 +1414,8 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,
       if (SigFile == "")
       {
          // There was no signature file, so we are finished.  Download
       if (SigFile == "")
       {
          // There was no signature file, so we are finished.  Download
-         // the indexes without verification.
+         // the indexes and do only hashsum verification if possible
+         MetaIndexParser->Load(DestFile);
          QueueIndexes(false);
       }
       else
          QueueIndexes(false);
       }
       else
@@ -965,11 +1430,23 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long Size,string Hash,
          Desc.URI = "gpgv:" + SigFile;
          QueueURI(Desc);
          Mode = "gpgv";
          Desc.URI = "gpgv:" + SigFile;
          QueueURI(Desc);
          Mode = "gpgv";
+        return;
       }
    }
       }
    }
-}
 
 
-void pkgAcqMetaIndex::RetrievalDone(string Message)
+   if (Complete == true)
+   {
+      string FinalFile = _config->FindDir("Dir::State::lists");
+      FinalFile += URItoFileName(RealURI);
+      if (SigFile == DestFile)
+        SigFile = FinalFile;
+      Rename(DestFile,FinalFile);
+      chmod(FinalFile.c_str(),0644);
+      DestFile = FinalFile;
+   }
+}
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::RetrievalDone(string Message)                    /*{{{*/
 {
    // We have just finished downloading a Release file (it is not
    // verified yet)
 {
    // We have just finished downloading a Release file (it is not
    // verified yet)
@@ -990,25 +1467,27 @@ void pkgAcqMetaIndex::RetrievalDone(string Message)
       return;
    }
 
       return;
    }
 
-   // see if the download was a IMSHit
+   // make sure to verify against the right file on I-M-S hit
    IMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false);
    IMSHit = StringToBool(LookupTag(Message,"IMS-Hit"),false);
+   if(IMSHit)
+   {
+      string FinalFile = _config->FindDir("Dir::State::lists");
+      FinalFile += URItoFileName(RealURI);
+      if (SigFile == DestFile)
+      {
+        SigFile = FinalFile;
+        // constructor of pkgAcqMetaClearSig moved it out of the way,
+        // now move it back in on IMS hit for the 'old' file
+        string const OldClearSig = DestFile + ".reverify";
+        if (RealFileExists(OldClearSig) == true)
+           Rename(OldClearSig, FinalFile);
+      }
+      DestFile = FinalFile;
+   }
    Complete = true;
    Complete = true;
-
-   string FinalFile = _config->FindDir("Dir::State::lists");
-   FinalFile += URItoFileName(RealURI);
-
-   // If we get a IMS hit we can remove the empty file in partial
-   // othersie we move the file in place
-   if (IMSHit)
-      unlink(DestFile.c_str());
-   else
-      Rename(DestFile,FinalFile);
-
-   chmod(FinalFile.c_str(),0644);
-   DestFile = FinalFile;
 }
 }
-
-void pkgAcqMetaIndex::AuthDone(string Message)
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::AuthDone(string Message)                         /*{{{*/
 {
    // At this point, the gpgv method has succeeded, so there is a
    // valid signature from a key in the trusted keyring.  We
 {
    // At this point, the gpgv method has succeeded, so there is a
    // valid signature from a key in the trusted keyring.  We
@@ -1034,82 +1513,116 @@ void pkgAcqMetaIndex::AuthDone(string Message)
    // Download further indexes with verification
    QueueIndexes(true);
 
    // Download further indexes with verification
    QueueIndexes(true);
 
-   // Done, move signature file into position
+   // is it a clearsigned MetaIndex file?
+   if (DestFile == SigFile)
+      return;
 
 
+   // Done, move signature file into position
    string VerifiedSigFile = _config->FindDir("Dir::State::lists") +
       URItoFileName(RealURI) + ".gpg";
    Rename(SigFile,VerifiedSigFile);
    chmod(VerifiedSigFile.c_str(),0644);
 }
    string VerifiedSigFile = _config->FindDir("Dir::State::lists") +
       URItoFileName(RealURI) + ".gpg";
    Rename(SigFile,VerifiedSigFile);
    chmod(VerifiedSigFile.c_str(),0644);
 }
-
-void pkgAcqMetaIndex::QueueIndexes(bool verify)
+                                                                       /*}}}*/
+void pkgAcqMetaIndex::QueueIndexes(bool verify)                                /*{{{*/
 {
 {
+#if 0
+   /* Reject invalid, existing Release files (LP: #346386) (Closes: #627642)
+    * FIXME: Disabled; it breaks unsigned repositories without hashes */
+   if (!verify && FileExists(DestFile) && !MetaIndexParser->Load(DestFile))
+   {
+      Status = StatError;
+      ErrorText = MetaIndexParser->ErrorText;
+      return;
+   }
+#endif
+   bool transInRelease = false;
+   {
+      std::vector<std::string> const keys = MetaIndexParser->MetaKeys();
+      for (std::vector<std::string>::const_iterator k = keys.begin(); k != keys.end(); ++k)
+        // FIXME: Feels wrong to check for hardcoded string here, but what should we do else…
+        if (k->find("Translation-") != std::string::npos)
+        {
+           transInRelease = true;
+           break;
+        }
+   }
+
    for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
         Target != IndexTargets->end();
    for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
         Target != IndexTargets->end();
-        Target++)
+        ++Target)
    {
       HashString ExpectedIndexHash;
    {
       HashString ExpectedIndexHash;
-      if (verify)
+      const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
+      bool compressedAvailable = false;
+      if (Record == NULL)
       {
       {
-         const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
-         if (!Record)
-         {
-            Status = StatAuthError;
-            ErrorText = "Unable to find expected entry  "
-               + (*Target)->MetaKey + " in Meta-index file (malformed Release file?)";
-            return;
-         }
-         ExpectedIndexHash = Record->Hash;
-         if (_config->FindB("Debug::pkgAcquire::Auth", false))
-         {
-            std::cerr << "Queueing: " << (*Target)->URI << std::endl;
-            std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
-         }
-         if (ExpectedIndexHash.empty())
-         {
-            Status = StatAuthError;
-            ErrorText = "Unable to find hash sum for "
-               + (*Target)->MetaKey + " in Meta-index file";
-            return;
-         }
+        if ((*Target)->IsOptional() == true)
+        {
+           std::vector<std::string> types = APT::Configuration::getCompressionTypes();
+           for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
+              if (MetaIndexParser->Exists((*Target)->MetaKey + "." + *t) == true)
+              {
+                 compressedAvailable = true;
+                 break;
+              }
+        }
+        else if (verify == true)
+        {
+           Status = StatAuthError;
+           strprintf(ErrorText, _("Unable to find expected entry '%s' in Release file (Wrong sources.list entry or malformed file)"), (*Target)->MetaKey.c_str());
+           return;
+        }
       }
       }
-      
-      // Queue Packages file (either diff or full packages files, depending
-      // on the users option)
-      if(_config->FindB("Acquire::PDiffs",true) == true) 
+      else
+      {
+        ExpectedIndexHash = Record->Hash;
+        if (_config->FindB("Debug::pkgAcquire::Auth", false))
+        {
+           std::cerr << "Queueing: " << (*Target)->URI << std::endl;
+           std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
+           std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
+        }
+        if (verify == true && ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
+        {
+           Status = StatAuthError;
+           strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
+           return;
+        }
+      }
+
+      if ((*Target)->IsOptional() == true)
+      {
+        if ((*Target)->IsSubIndex() == true)
+           new pkgAcqSubIndex(Owner, (*Target)->URI, (*Target)->Description,
+                               (*Target)->ShortDesc, ExpectedIndexHash);
+        else if (transInRelease == false || Record != NULL || compressedAvailable == true)
+        {
+           if (_config->FindB("Acquire::PDiffs",true) == true && transInRelease == true &&
+               MetaIndexParser->Exists((*Target)->MetaKey + ".diff/Index") == true)
+              new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
+                                  (*Target)->ShortDesc, ExpectedIndexHash);
+           else
+              new pkgAcqIndexTrans(Owner, *Target, ExpectedIndexHash, MetaIndexParser);
+        }
+        continue;
+      }
+
+      /* Queue Packages file (either diff or full packages files, depending
+         on the users option) - we also check if the PDiff Index file is listed
+         in the Meta-Index file. Ideal would be if pkgAcqDiffIndex would test this
+         instead, but passing the required info to it is to much hassle */
+      if(_config->FindB("Acquire::PDiffs",true) == true && (verify == false ||
+         MetaIndexParser->Exists((*Target)->MetaKey + ".diff/Index") == true))
         new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
                             (*Target)->ShortDesc, ExpectedIndexHash);
         new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
                             (*Target)->ShortDesc, ExpectedIndexHash);
-      else 
-        new pkgAcqIndex(Owner, (*Target)->URI, (*Target)->Description,
-                           (*Target)->ShortDesc, ExpectedIndexHash);
+      else
+        new pkgAcqIndex(Owner, *Target, ExpectedIndexHash, MetaIndexParser);
    }
 }
    }
 }
-
-bool pkgAcqMetaIndex::VerifyVendor(string Message)
+                                                                       /*}}}*/
+bool pkgAcqMetaIndex::VerifyVendor(string Message)                     /*{{{*/
 {
 {
-//    // Maybe this should be made available from above so we don't have
-//    // to read and parse it every time?
-//    pkgVendorList List;
-//    List.ReadMainList();
-
-//    const Vendor* Vndr = NULL;
-//    for (std::vector<string>::const_iterator I = GPGVOutput.begin(); I != GPGVOutput.end(); I++)
-//    {
-//       string::size_type pos = (*I).find("VALIDSIG ");
-//       if (_config->FindB("Debug::Vendor", false))
-//          std::cerr << "Looking for VALIDSIG in \"" << (*I) << "\": pos " << pos 
-//                    << std::endl;
-//       if (pos != std::string::npos)
-//       {
-//          string Fingerprint = (*I).substr(pos+sizeof("VALIDSIG"));
-//          if (_config->FindB("Debug::Vendor", false))
-//             std::cerr << "Looking for \"" << Fingerprint << "\" in vendor..." <<
-//                std::endl;
-//          Vndr = List.FindVendor(Fingerprint) != "";
-//          if (Vndr != NULL);
-//          break;
-//       }
-//    }
    string::size_type pos;
 
    // check for missing sigs (that where not fatal because otherwise we had
    string::size_type pos;
 
    // check for missing sigs (that where not fatal because otherwise we had
@@ -1125,7 +1638,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)
       missingkeys += (Fingerprint);
    }
    if(!missingkeys.empty())
       missingkeys += (Fingerprint);
    }
    if(!missingkeys.empty())
-      _error->Warning("%s", string(msg+missingkeys).c_str());
+      _error->Warning("%s", (msg + missingkeys).c_str());
 
    string Transformed = MetaIndexParser->GetExpectedDist();
 
 
    string Transformed = MetaIndexParser->GetExpectedDist();
 
@@ -1145,6 +1658,19 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)
       Transformed = "";
    }
 
       Transformed = "";
    }
 
+   if (_config->FindB("Acquire::Check-Valid-Until", true) == true &&
+       MetaIndexParser->GetValidUntil() > 0) {
+      time_t const invalid_since = time(NULL) - MetaIndexParser->GetValidUntil();
+      if (invalid_since > 0)
+        // TRANSLATOR: The first %s is the URL of the bad Release file, the second is
+        // the time since then the file is invalid - formated in the same way as in
+        // the download progress display (e.g. 7d 3h 42min 1s)
+        return _error->Error(
+            _("Release file for %s is expired (invalid since %s). "
+              "Updates for this repository will not be applied."),
+            RealURI.c_str(), TimeToStr(invalid_since).c_str());
+   }
+
    if (_config->FindB("Debug::pkgAcquire::Auth", false)) 
    {
       std::cerr << "Got Codename: " << MetaIndexParser->GetDist() << std::endl;
    if (_config->FindB("Debug::pkgAcquire::Auth", false)) 
    {
       std::cerr << "Got Codename: " << MetaIndexParser->GetDist() << std::endl;
@@ -1162,7 +1688,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)
 //       return false;
       if (!Transformed.empty())
       {
 //       return false;
       if (!Transformed.empty())
       {
-         _error->Warning("Conflicting distribution: %s (expected %s but got %s)",
+         _error->Warning(_("Conflicting distribution: %s (expected %s but got %s)"),
                          Desc.Description.c_str(),
                          Transformed.c_str(),
                          MetaIndexParser->GetDist().c_str());
                          Desc.Description.c_str(),
                          Transformed.c_str(),
                          MetaIndexParser->GetDist().c_str());
@@ -1171,48 +1697,150 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)
 
    return true;
 }
 
    return true;
 }
-                                                                       /*}}}*/
-// pkgAcqMetaIndex::Failed - no Release file present or no signature
-//      file present                                           /*{{{*/
+                                                                       /*}}}*/
+// pkgAcqMetaIndex::Failed - no Release file present or no signature file present      /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)
 {
    if (AuthPass == true)
    {
 {
    if (AuthPass == true)
    {
-      // if we fail the authentication but got the file via a IMS-Hit 
-      // this means that the file wasn't downloaded and that it might be
-      // just stale (server problem, proxy etc). we delete what we have
-      // queue it again without i-m-s 
-      // alternatively we could just unlink the file and let the user try again
-      if (IMSHit)
-      {
-        Complete = false;
-        Local = false;
-        AuthPass = false;
-        unlink(DestFile.c_str());
+      // gpgv method failed, if we have a good signature 
+      string LastGoodSigFile = _config->FindDir("Dir::State::lists").append("partial/").append(URItoFileName(RealURI));
+      if (DestFile != SigFile)
+        LastGoodSigFile.append(".gpg");
+      LastGoodSigFile.append(".reverify");
 
 
-        DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-        DestFile += URItoFileName(RealURI);
-        Desc.URI = RealURI;
-        QueueURI(Desc);
+      if(FileExists(LastGoodSigFile))
+      {
+        string VerifiedSigFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+        if (DestFile != SigFile)
+           VerifiedSigFile.append(".gpg");
+        Rename(LastGoodSigFile, VerifiedSigFile);
+        Status = StatTransientNetworkError;
+        _error->Warning(_("An error occurred during the signature "
+                          "verification. The repository is not updated "
+                          "and the previous index files will be used. "
+                          "GPG error: %s: %s\n"),
+                        Desc.Description.c_str(),
+                        LookupTag(Message,"Message").c_str());
+        RunScripts("APT::Update::Auth-Failure");
         return;
         return;
+      } else if (LookupTag(Message,"Message").find("NODATA") != string::npos) {
+        /* Invalid signature file, reject (LP: #346386) (Closes: #627642) */
+        _error->Error(_("GPG error: %s: %s"),
+                        Desc.Description.c_str(),
+                        LookupTag(Message,"Message").c_str());
+        return;
+      } else {
+        _error->Warning(_("GPG error: %s: %s"),
+                        Desc.Description.c_str(),
+                        LookupTag(Message,"Message").c_str());
       }
       }
-
       // gpgv method failed 
       // gpgv method failed 
-      _error->Warning("GPG error: %s: %s",
-                      Desc.Description.c_str(),
-                      LookupTag(Message,"Message").c_str());
+      ReportMirrorFailure("GPGFailure");
+   }
+
+   /* Always move the meta index, even if gpgv failed. This ensures
+    * that PackageFile objects are correctly filled in */
+   if (FileExists(DestFile)) {
+      string FinalFile = _config->FindDir("Dir::State::lists");
+      FinalFile += URItoFileName(RealURI);
+      /* InRelease files become Release files, otherwise
+       * they would be considered as trusted later on */
+      if (SigFile == DestFile) {
+        RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
+                                      "Release");
+        FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
+                                      "Release");
+        SigFile = FinalFile;
+      }
+      Rename(DestFile,FinalFile);
+      chmod(FinalFile.c_str(),0644);
 
 
+      DestFile = FinalFile;
    }
 
    // No Release file was present, or verification failed, so fall
    // back to queueing Packages files without verification
    QueueIndexes(false);
 }
    }
 
    // No Release file was present, or verification failed, so fall
    // back to queueing Packages files without verification
    QueueIndexes(false);
 }
+                                                                       /*}}}*/
+pkgAcqMetaClearSig::pkgAcqMetaClearSig(pkgAcquire *Owner,              /*{{{*/
+               string const &URI, string const &URIDesc, string const &ShortDesc,
+               string const &MetaIndexURI, string const &MetaIndexURIDesc, string const &MetaIndexShortDesc,
+               string const &MetaSigURI, string const &MetaSigURIDesc, string const &MetaSigShortDesc,
+               const vector<struct IndexTarget*>* IndexTargets,
+               indexRecords* MetaIndexParser) :
+       pkgAcqMetaIndex(Owner, URI, URIDesc, ShortDesc, "", IndexTargets, MetaIndexParser),
+       MetaIndexURI(MetaIndexURI), MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
+       MetaSigURI(MetaSigURI), MetaSigURIDesc(MetaSigURIDesc), MetaSigShortDesc(MetaSigShortDesc)
+{
+   SigFile = DestFile;
+
+   // keep the old InRelease around in case of transistent network errors
+   string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+   if (RealFileExists(Final) == true)
+   {
+      string const LastGoodSig = DestFile + ".reverify";
+      Rename(Final,LastGoodSig);
+   }
+}
+                                                                       /*}}}*/
+pkgAcqMetaClearSig::~pkgAcqMetaClearSig()                              /*{{{*/
+{
+   // if the file was never queued undo file-changes done in the constructor
+   if (QueueCounter == 1 && Status == StatIdle && FileSize == 0 && Complete == false)
+   {
+      string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+      string const LastGoodSig = DestFile + ".reverify";
+      if (RealFileExists(Final) == false && RealFileExists(LastGoodSig) == true)
+        Rename(LastGoodSig, Final);
+   }
+}
+                                                                       /*}}}*/
+// pkgAcqMetaClearSig::Custom600Headers - Insert custom request headers        /*{{{*/
+// ---------------------------------------------------------------------
+// FIXME: this can go away once the InRelease file is used widely
+string pkgAcqMetaClearSig::Custom600Headers()
+{
+   string Final = _config->FindDir("Dir::State::lists");
+   Final += URItoFileName(RealURI);
+
+   struct stat Buf;
+   if (stat(Final.c_str(),&Buf) != 0)
+   {
+      Final = DestFile + ".reverify";
+      if (stat(Final.c_str(),&Buf) != 0)
+        return "\nIndex-File: true\nFail-Ignore: true\n";
+   }
 
 
+   return "\nIndex-File: true\nFail-Ignore: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
+}
                                                                        /*}}}*/
                                                                        /*}}}*/
+void pkgAcqMetaClearSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*{{{*/
+{
+   if (AuthPass == false)
+   {
+      // Remove the 'old' InRelease file if we try Release.gpg now as otherwise
+      // the file will stay around and gives a false-auth impression (CVE-2012-0214)
+      string FinalFile = _config->FindDir("Dir::State::lists");
+      FinalFile.append(URItoFileName(RealURI));
+      if (FileExists(FinalFile))
+        unlink(FinalFile.c_str());
 
 
+      new pkgAcqMetaSig(Owner,
+                       MetaSigURI, MetaSigURIDesc, MetaSigShortDesc,
+                       MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
+                       IndexTargets, MetaIndexParser);
+      if (Cnf->LocalOnly == true ||
+         StringToBool(LookupTag(Message, "Transient-Failure"), false) == false)
+        Dequeue();
+   }
+   else
+      pkgAcqMetaIndex::Failed(Message, Cnf);
+}
+                                                                       /*}}}*/
 // AcqArchive::AcqArchive - Constructor                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* This just sets up the initial fetch environment and queues the first
 // AcqArchive::AcqArchive - Constructor                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* This just sets up the initial fetch environment and queues the first
@@ -1231,7 +1859,7 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
       _error->Error(_("I wasn't able to locate a file for the %s package. "
                      "This might mean you need to manually fix this package. "
                      "(due to missing arch)"),
       _error->Error(_("I wasn't able to locate a file for the %s package. "
                      "This might mean you need to manually fix this package. "
                      "(due to missing arch)"),
-                   Version.ParentPkg().Name());
+                   Version.ParentPkg().FullName().c_str());
       return;
    }
    
       return;
    }
    
@@ -1239,7 +1867,7 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
       assumption here that all the available sources for this version share
       the same extension.. */
    // Skip not source sources, they do not have file fields.
       assumption here that all the available sources for this version share
       the same extension.. */
    // Skip not source sources, they do not have file fields.
-   for (; Vf.end() == false; Vf++)
+   for (; Vf.end() == false; ++Vf)
    {
       if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
         continue;
    {
       if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
         continue;
@@ -1262,34 +1890,40 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
    }
 
    // check if we have one trusted source for the package. if so, switch
    }
 
    // check if we have one trusted source for the package. if so, switch
-   // to "TrustedOnly" mode
-   for (pkgCache::VerFileIterator i = Version.FileList(); i.end() == false; i++)
+   // to "TrustedOnly" mode - but only if not in AllowUnauthenticated mode
+   bool const allowUnauth = _config->FindB("APT::Get::AllowUnauthenticated", false);
+   bool const debugAuth = _config->FindB("Debug::pkgAcquire::Auth", false);
+   bool seenUntrusted = false;
+   for (pkgCache::VerFileIterator i = Version.FileList(); i.end() == false; ++i)
    {
       pkgIndexFile *Index;
       if (Sources->FindIndex(i.File(),Index) == false)
          continue;
    {
       pkgIndexFile *Index;
       if (Sources->FindIndex(i.File(),Index) == false)
          continue;
-      if (_config->FindB("Debug::pkgAcquire::Auth", false))
-      {
+
+      if (debugAuth == true)
          std::cerr << "Checking index: " << Index->Describe()
          std::cerr << "Checking index: " << Index->Describe()
-                   << "(Trusted=" << Index->IsTrusted() << ")\n";
-      }
-      if (Index->IsTrusted()) {
+                   << "(Trusted=" << Index->IsTrusted() << ")" << std::endl;
+
+      if (Index->IsTrusted() == true)
+      {
          Trusted = true;
          Trusted = true;
-        break;
+        if (allowUnauth == false)
+           break;
       }
       }
+      else
+         seenUntrusted = true;
    }
 
    // "allow-unauthenticated" restores apts old fetching behaviour
    // that means that e.g. unauthenticated file:// uris are higher
    // priority than authenticated http:// uris
    }
 
    // "allow-unauthenticated" restores apts old fetching behaviour
    // that means that e.g. unauthenticated file:// uris are higher
    // priority than authenticated http:// uris
-   if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
+   if (allowUnauth == true && seenUntrusted == true)
       Trusted = false;
 
    // Select a source
    if (QueueNext() == false && _error->PendingError() == false)
       Trusted = false;
 
    // Select a source
    if (QueueNext() == false && _error->PendingError() == false)
-      _error->Error(_("I wasn't able to locate file for the %s package. "
-                   "This might mean you need to manually fix this package."),
-                   Version.ParentPkg().Name());
+      _error->Error(_("Can't find a source to download version '%s' of '%s'"),
+                   Version.VerStr(), Version.ParentPkg().FullName(false).c_str());
 }
                                                                        /*}}}*/
 // AcqArchive::QueueNext - Queue the next file source                  /*{{{*/
 }
                                                                        /*}}}*/
 // AcqArchive::QueueNext - Queue the next file source                  /*{{{*/
@@ -1298,8 +1932,9 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
    the archive is already available in the cache and stashs the MD5 for
    checking later. */
 bool pkgAcqArchive::QueueNext()
    the archive is already available in the cache and stashs the MD5 for
    checking later. */
 bool pkgAcqArchive::QueueNext()
-{   
-   for (; Vf.end() == false; Vf++)
+{
+   string const ForceHash = _config->Find("Acquire::ForceHash");
+   for (; Vf.end() == false; ++Vf)
    {
       // Ignore not source sources
       if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
    {
       // Ignore not source sources
       if ((Vf.File()->Flags & pkgCache::Flag::NotSource) != 0)
@@ -1321,12 +1956,29 @@ bool pkgAcqArchive::QueueNext()
         return false;
       
       string PkgFile = Parse.FileName();
         return false;
       
       string PkgFile = Parse.FileName();
-      if(Parse.SHA256Hash() != "")
-        ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
-      else if (Parse.SHA1Hash() != "")
-        ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
-      else 
-        ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
+      if (ForceHash.empty() == false)
+      {
+        if(stringcasecmp(ForceHash, "sha512") == 0)
+           ExpectedHash = HashString("SHA512", Parse.SHA512Hash());
+        else if(stringcasecmp(ForceHash, "sha256") == 0)
+           ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
+        else if (stringcasecmp(ForceHash, "sha1") == 0)
+           ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
+        else
+           ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
+      }
+      else
+      {
+        string Hash;
+        if ((Hash = Parse.SHA512Hash()).empty() == false)
+           ExpectedHash = HashString("SHA512", Hash);
+        else if ((Hash = Parse.SHA256Hash()).empty() == false)
+           ExpectedHash = HashString("SHA256", Hash);
+        else if ((Hash = Parse.SHA1Hash()).empty() == false)
+           ExpectedHash = HashString("SHA1", Hash);
+        else
+           ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
+      }
       if (PkgFile.empty() == true)
         return _error->Error(_("The package index files are corrupted. No Filename: "
                              "field for package %s."),
       if (PkgFile.empty() == true)
         return _error->Error(_("The package index files are corrupted. No Filename: "
                              "field for package %s."),
@@ -1335,7 +1987,7 @@ bool pkgAcqArchive::QueueNext()
       Desc.URI = Index->ArchiveURI(PkgFile);
       Desc.Description = Index->ArchiveInfo(Version);
       Desc.Owner = this;
       Desc.URI = Index->ArchiveURI(PkgFile);
       Desc.Description = Index->ArchiveInfo(Version);
       Desc.Owner = this;
-      Desc.ShortDesc = Version.ParentPkg().Name();
+      Desc.ShortDesc = Version.ParentPkg().FullName(true);
 
       // See if we already have the file. (Legacy filenames)
       FileSize = Version->Size;
 
       // See if we already have the file. (Legacy filenames)
       FileSize = Version->Size;
@@ -1344,7 +1996,7 @@ bool pkgAcqArchive::QueueNext()
       if (stat(FinalFile.c_str(),&Buf) == 0)
       {
         // Make sure the size matches
       if (stat(FinalFile.c_str(),&Buf) == 0)
       {
         // Make sure the size matches
-        if ((unsigned)Buf.st_size == Version->Size)
+        if ((unsigned long long)Buf.st_size == Version->Size)
         {
            Complete = true;
            Local = true;
         {
            Complete = true;
            Local = true;
@@ -1363,7 +2015,7 @@ bool pkgAcqArchive::QueueNext()
       if (stat(FinalFile.c_str(),&Buf) == 0)
       {
         // Make sure the size matches
       if (stat(FinalFile.c_str(),&Buf) == 0)
       {
         // Make sure the size matches
-        if ((unsigned)Buf.st_size == Version->Size)
+        if ((unsigned long long)Buf.st_size == Version->Size)
         {
            Complete = true;
            Local = true;
         {
            Complete = true;
            Local = true;
@@ -1372,7 +2024,7 @@ bool pkgAcqArchive::QueueNext()
            return true;
         }
         
            return true;
         }
         
-        /* Hmm, we have a file and its size does not match, this shouldnt
+        /* Hmm, we have a file and its size does not match, this shouldn't
            happen.. */
         unlink(FinalFile.c_str());
       }
            happen.. */
         unlink(FinalFile.c_str());
       }
@@ -1383,21 +2035,28 @@ bool pkgAcqArchive::QueueNext()
       if (stat(DestFile.c_str(),&Buf) == 0)
       {
         // Hmm, the partial file is too big, erase it
       if (stat(DestFile.c_str(),&Buf) == 0)
       {
         // Hmm, the partial file is too big, erase it
-        if ((unsigned)Buf.st_size > Version->Size)
+        if ((unsigned long long)Buf.st_size > Version->Size)
            unlink(DestFile.c_str());
         else
            PartialSize = Buf.st_size;
       }
            unlink(DestFile.c_str());
         else
            PartialSize = Buf.st_size;
       }
-      
+
+      // Disables download of archives - useful if no real installation follows,
+      // e.g. if we are just interested in proposed installation order
+      if (_config->FindB("Debug::pkgAcqArchive::NoQueue", false) == true)
+      {
+        Complete = true;
+        Local = true;
+        Status = StatDone;
+        StoreFilename = DestFile = FinalFile;
+        return true;
+      }
+
       // Create the item
       Local = false;
       // Create the item
       Local = false;
-      Desc.URI = Index->ArchiveURI(PkgFile);
-      Desc.Description = Index->ArchiveInfo(Version);
-      Desc.Owner = this;
-      Desc.ShortDesc = Version.ParentPkg().Name();
       QueueURI(Desc);
 
       QueueURI(Desc);
 
-      Vf++;
+      ++Vf;
       return true;
    }
    return false;
       return true;
    }
    return false;
@@ -1406,7 +2065,7 @@ bool pkgAcqArchive::QueueNext()
 // AcqArchive::Done - Finished fetching                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // AcqArchive::Done - Finished fetching                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash,
+void pkgAcqArchive::Done(string Message,unsigned long long Size,string CalcHash,
                         pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,CalcHash,Cfg);
                         pkgAcquire::MethodConfig *Cfg)
 {
    Item::Done(Message,Size,CalcHash,Cfg);
@@ -1414,18 +2073,14 @@ void pkgAcqArchive::Done(string Message,unsigned long Size,string CalcHash,
    // Check the size
    if (Size != Version->Size)
    {
    // Check the size
    if (Size != Version->Size)
    {
-      Status = StatError;
-      ErrorText = _("Size mismatch");
+      RenameOnError(SizeMismatch);
       return;
    }
    
    // Check the hash
    if(ExpectedHash.toStr() != CalcHash)
    {
       return;
    }
    
    // Check the hash
    if(ExpectedHash.toStr() != CalcHash)
    {
-      Status = StatError;
-      ErrorText = _("Hash Sum mismatch");
-      if(FileExists(DestFile))
-        Rename(DestFile,DestFile + ".FAILED");
+      RenameOnError(HashSumMismatch);
       return;
    }
 
       return;
    }
 
@@ -1471,7 +2126,7 @@ void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
    {
       // Vf = Version.FileList();
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == true)
    {
       // Vf = Version.FileList();
-      while (Vf.end() == false) Vf++;
+      while (Vf.end() == false) ++Vf;
       StoreFilename = string();
       Item::Failed(Message,Cnf);
       return;
       StoreFilename = string();
       Item::Failed(Message,Cnf);
       return;
@@ -1495,14 +2150,13 @@ void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    }
 }
                                                                        /*}}}*/
    }
 }
                                                                        /*}}}*/
-// AcqArchive::IsTrusted - Determine whether this archive comes from a
-// trusted source                                                      /*{{{*/
+// AcqArchive::IsTrusted - Determine whether this archive comes from a trusted source /*{{{*/
 // ---------------------------------------------------------------------
 // ---------------------------------------------------------------------
-bool pkgAcqArchive::IsTrusted()
+APT_PURE bool pkgAcqArchive::IsTrusted()
 {
    return Trusted;
 }
 {
    return Trusted;
 }
-
+                                                                       /*}}}*/
 // AcqArchive::Finished - Fetching has finished, tidy up               /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // AcqArchive::Finished - Fetching has finished, tidy up               /*{{{*/
 // ---------------------------------------------------------------------
 /* */
@@ -1514,14 +2168,14 @@ void pkgAcqArchive::Finished()
    StoreFilename = string();
 }
                                                                        /*}}}*/
    StoreFilename = string();
 }
                                                                        /*}}}*/
-
 // AcqFile::pkgAcqFile - Constructor                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* The file is added to the queue */
 pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
 // AcqFile::pkgAcqFile - Constructor                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* The file is added to the queue */
 pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
-                      unsigned long Size,string Dsc,string ShortDesc,
-                      const string &DestDir, const string &DestFilename) :
-                       Item(Owner), ExpectedHash(Hash)
+                      unsigned long long Size,string Dsc,string ShortDesc,
+                      const string &DestDir, const string &DestFilename,
+                       bool IsIndexFile) :
+                       Item(Owner), ExpectedHash(Hash), IsIndexFile(IsIndexFile)
 {
    Retries = _config->FindI("Acquire::Retries",0);
    
 {
    Retries = _config->FindI("Acquire::Retries",0);
    
@@ -1546,7 +2200,7 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
    if (stat(DestFile.c_str(),&Buf) == 0)
    {
       // Hmm, the partial file is too big, erase it
    if (stat(DestFile.c_str(),&Buf) == 0)
    {
       // Hmm, the partial file is too big, erase it
-      if ((unsigned)Buf.st_size > Size)
+      if ((Size > 0) && (unsigned long long)Buf.st_size > Size)
         unlink(DestFile.c_str());
       else
         PartialSize = Buf.st_size;
         unlink(DestFile.c_str());
       else
         PartialSize = Buf.st_size;
@@ -1558,7 +2212,7 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
 // AcqFile::Done - Item downloaded OK                                  /*{{{*/
 // ---------------------------------------------------------------------
 /* */
 // AcqFile::Done - Item downloaded OK                                  /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash,
+void pkgAcqFile::Done(string Message,unsigned long long Size,string CalcHash,
                      pkgAcquire::MethodConfig *Cnf)
 {
    Item::Done(Message,Size,CalcHash,Cnf);
                      pkgAcquire::MethodConfig *Cnf)
 {
    Item::Done(Message,Size,CalcHash,Cnf);
@@ -1566,9 +2220,7 @@ void pkgAcqFile::Done(string Message,unsigned long Size,string CalcHash,
    // Check the hash
    if(!ExpectedHash.empty() && ExpectedHash.toStr() != CalcHash)
    {
    // Check the hash
    if(!ExpectedHash.empty() && ExpectedHash.toStr() != CalcHash)
    {
-      Status = StatError;
-      ErrorText = "Hash Sum mismatch";
-      Rename(DestFile,DestFile + ".FAILED");
+      RenameOnError(HashSumMismatch);
       return;
    }
    
       return;
    }
    
@@ -1636,3 +2288,13 @@ void pkgAcqFile::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
+// AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
+// ---------------------------------------------------------------------
+/* The only header we use is the last-modified header. */
+string pkgAcqFile::Custom600Headers()
+{
+   if (IsIndexFile)
+      return "\nIndex-File: true";
+   return "";
+}
+                                                                       /*}}}*/