]> git.saurik.com Git - apt.git/blobdiff - test/integration/test-ubuntu-bug-1098738-apt-get-source-md5sum
create non-existent files in edit-sources with 644 instead of 640
[apt.git] / test / integration / test-ubuntu-bug-1098738-apt-get-source-md5sum
index 8c9c9c767dae71071d3e485056db4d3e71fed72c..a60f0bd3a80ac65c68c98e4200e23ededc6e67ef 100755 (executable)
@@ -1,8 +1,8 @@
 #!/bin/sh
 set -e
 
 #!/bin/sh
 set -e
 
-TESTDIR=$(readlink -f $(dirname $0))
-. $TESTDIR/framework
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
 
 setupenvironment
 configarchitecture 'native'
 
 setupenvironment
 configarchitecture 'native'
@@ -17,6 +17,15 @@ Files:
  9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
  db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz
 
  9604ba9427a280db542279d9ed78400b 3 pkg-md5-ok_1.0.dsc
  db5570bf61464b46e2bde31ed61a7dc6 3 pkg-md5-ok_1.0.tar.gz
 
+Package: pkg-sha1-ok
+Binary: pkg-sha1-ok
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ 324f464e6151a92cf57b26ef95dcfcf2059a8c44 3 pkg-sha1-ok_1.0.dsc
+ 680254bad1d7ca0d65ec46aaa315d363abf6a50a 3 pkg-sha1-ok_1.0.tar.gz
+
 Package: pkg-sha256-ok
 Binary: pkg-sha256-ok
 Version: 1.0
 Package: pkg-sha256-ok
 Binary: pkg-sha256-ok
 Version: 1.0
@@ -32,6 +41,15 @@ Checksums-Sha256:
  943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
  90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz
 
  943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 3 pkg-sha256-ok_1.0.dsc
  90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 3 pkg-sha256-ok_1.0.tar.gz
 
+Package: pkg-size-bad
+Binary: pkg-size-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Checksums-Sha256:
+ 943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a 2 pkg-size-bad_1.0.dsc
+ 90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb 4 pkg-size-bad_1.0.tar.gz
+
 Package: pkg-sha256-bad
 Binary: pkg-sha256-bad
 Version: 1.0
 Package: pkg-sha256-bad
 Binary: pkg-sha256-bad
 Version: 1.0
@@ -47,6 +65,15 @@ Checksums-Sha256:
  aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
  bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
 
  aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-sha256-bad_1.0.dsc
  bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-sha256-bad_1.0.tar.gz
 
+Package: pkg-md5-bad
+Binary: pkg-md5-bad
+Version: 1.0
+Maintainer: Joe Sixpack <joe@example.org>
+Architecture: all
+Files:
+ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 3 pkg-md5-bad_1.0.dsc
+ bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb 3 pkg-md5-bad_1.0.tar.gz
+
 Package: pkg-no-md5
 Binary: pkg-no-md5
 Version: 1.0
 Package: pkg-no-md5
 Binary: pkg-no-md5
 Version: 1.0
@@ -130,24 +157,26 @@ Checksums-Sha256:
 EOF
 
 # create fetchable files
 EOF
 
 # create fetchable files
-for x in 'pkg-md5-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
+for x in 'pkg-md5-ok' 'pkg-sha1-ok' 'pkg-sha256-ok' 'pkg-sha256-bad' 'pkg-no-md5' \
         'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
         'pkg-mixed-ok' 'pkg-mixed-sha1-bad' 'pkg-mixed-sha2-bad' \
-        'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree'; do
+        'pkg-md5-agree' 'pkg-md5-disagree' 'pkg-sha256-disagree' \
+        'pkg-md5-bad' 'pkg-size-bad'; do
        echo -n 'dsc' > aptarchive/${x}_1.0.dsc
        echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
 done
 
        echo -n 'dsc' > aptarchive/${x}_1.0.dsc
        echo -n 'tar' > aptarchive/${x}_1.0.tar.gz
 done
 
-setupaptarchive
+setupaptarchive --no-update
 changetowebserver
 testsuccess aptget update
 
 changetowebserver
 testsuccess aptget update
 
+cd downloaded
+
 testok() {
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
 testok() {
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
+       testsuccessequal "Reading package lists...
 Need to get 6 B of source archives.
 Need to get 6 B of source archives.
-Get:1 http://localhost:8080/  $1 1.0 (dsc) [3 B]
-Get:2 http://localhost:8080/  $1 1.0 (tar) [3 B]
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
 Download complete and in download only mode" aptget source -d "$@"
        msgtest 'Files were successfully downloaded for' "$1"
        testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
 Download complete and in download only mode" aptget source -d "$@"
        msgtest 'Files were successfully downloaded for' "$1"
        testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
@@ -157,8 +186,7 @@ Download complete and in download only mode" aptget source -d "$@"
 testkeep() {
        echo -n 'dsc' > ${1}_1.0.dsc
        echo -n 'tar' > ${1}_1.0.tar.gz
 testkeep() {
        echo -n 'dsc' > ${1}_1.0.dsc
        echo -n 'tar' > ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
+       testsuccessequal "Reading package lists...
 Skipping already downloaded file '${1}_1.0.dsc'
 Skipping already downloaded file '${1}_1.0.tar.gz'
 Need to get 0 B of source archives.
 Skipping already downloaded file '${1}_1.0.dsc'
 Skipping already downloaded file '${1}_1.0.tar.gz'
 Need to get 0 B of source archives.
@@ -168,44 +196,191 @@ Download complete and in download only mode" aptget source -d "$@"
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
 }
 
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
 }
 
+testnohash() {
+       #FIXME: Maybe we should fail in this case instead of skipping
+       rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+       testsuccessequal "Reading package lists...
+Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
+Need to get 0 B of source archives.
+Download complete and in download only mode" aptget source -d "$@"
+       msgtest 'Files are not downloaded for' "$1"
+       testfailure --nomsg test -e ${1}_1.0.dsc -o -e ${1}_1.0.tar.gz
+}
+
 testmismatch() {
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
 testmismatch() {
        rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
+       local FAILURE
+       if [ "$1" = 'pkg-size-bad' ]; then
+               FAILURE="Reading package lists...
 Need to get 6 B of source archives.
 Need to get 6 B of source archives.
-Get:1 http://localhost:8080/  $1 1.0 (dsc) [3 B]
-Get:2 http://localhost:8080/  $1 1.0 (tar) [3 B]
-E: Failed to fetch http://localhost:8080/${1}_1.0.dsc  Hash Sum mismatch
-
-E: Failed to fetch http://localhost:8080/${1}_1.0.tar.gz  Hash Sum mismatch
-
-E: Failed to fetch some archives." aptget source -d "$@"
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [2 B]
+Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
+  Writing more data than expected (3 > 2)
+  Hashes of expected file:
+   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+   - Checksum-FileSize:2 [weak]
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [4 B]
+Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - Checksum-FileSize:4 [weak]
+  Hashes of received file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Writing more data than expected (3 > 2)
+   Hashes of expected file:
+    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+    - Checksum-FileSize:2 [weak]
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - Checksum-FileSize:4 [weak]
+   Hashes of received file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch some archives."
+       elif [ "$1" = 'pkg-md5-bad' ]; then
+               FAILURE="Reading package lists...
+Need to get 6 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak]
+   - Checksum-FileSize:3 [weak]
+  Hashes of received file:
+   - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a
+   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
+Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak]
+   - Checksum-FileSize:3 [weak]
+  Hashes of received file:
+   - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Hash Sum mismatch
+   Hashes of expected file:
+    - MD5Sum:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [weak]
+    - Checksum-FileSize:3 [weak]
+   Hashes of received file:
+    - SHA512:e52b7bb395ea3f46974f1f65b7c5975839aad32d4e2ec0f458f735d5aa24d2bf36d7816ed1e01dc3c493e11879e9a8f66dfca42821608cfe993996929a6be18a
+    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - MD5Sum:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb [weak]
+    - Checksum-FileSize:3 [weak]
+   Hashes of received file:
+    - SHA512:5aa4cad81553320574eb72ee92bd45a1f0575528e257749dff298b2a33df9e7fc7f5c1c87fc1c8fde230f1234cca3a99bf8625a0ff7bb3238eb7e5473f9b43c0
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch some archives."
+       else
+               FAILURE="Reading package lists...
+Need to get 6 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Err:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+   - Checksum-FileSize:3 [weak]
+   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+  Hashes of received file:
+   - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+   - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+   - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
+Err:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+   - Checksum-FileSize:3 [weak]
+   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+  Hashes of received file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+   - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.dsc  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+    - Checksum-FileSize:3 [weak]
+    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+   Hashes of received file:
+    - SHA256:943d3bf22ac661fb0f59bc4ff68cc12b04ff17a838dfcc2537008eb9c7f3770a
+    - SHA1:324f464e6151a92cf57b26ef95dcfcf2059a8c44 [weak]
+    - MD5Sum:9604ba9427a280db542279d9ed78400b [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.dsc")
+E: Failed to fetch http://localhost:${APTHTTPPORT}/${1}_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+    - Checksum-FileSize:3 [weak]
+    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+   Hashes of received file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - SHA1:680254bad1d7ca0d65ec46aaa315d363abf6a50a [weak]
+    - MD5Sum:db5570bf61464b46e2bde31ed61a7dc6 [weak]
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification "aptarchive/${1}_1.0.tar.gz")
+E: Failed to fetch some archives."
+       fi
+       testfailureequal "$FAILURE" aptget source -d "$@"
        msgtest 'Files were not download as they have hashsum mismatches for' "$1"
        testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
 
        msgtest 'Files were not download as they have hashsum mismatches for' "$1"
        testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
 
-       rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
-Skipping download of file 'pkg-sha256-bad_1.0.dsc' as requested hashsum is not available for authentication
-Skipping download of file 'pkg-sha256-bad_1.0.tar.gz' as requested hashsum is not available for authentication
+       if [ "$2" != '--allow-unauthenticated' ]; then
+               rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+               testsuccessequal "Reading package lists...
+Skipping download of file '${1}_1.0.dsc' as requested hashsum is not available for authentication
+Skipping download of file '${1}_1.0.tar.gz' as requested hashsum is not available for authentication
 Need to get 0 B of source archives.
 Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
 Need to get 0 B of source archives.
 Download complete and in download only mode" aptget source -d "$@" -o Acquire::ForceHash=ROT26
-       msgtest 'Files were not download as hash is unavailable for' "$1"
-       testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+               msgtest 'Files were not download as hash is unavailable for' "$1"
+               testfailure --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+       fi
 
 
-       rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
-       testequal "Reading package lists...
-Building dependency tree...
+       if [ "$1" != 'pkg-size-bad' ]; then
+               rm -f ${1}_1.0.dsc ${1}_1.0.tar.gz
+               testsuccessequal "Reading package lists...
 Need to get 6 B of source archives.
 Need to get 6 B of source archives.
-Get:1 http://localhost:8080/  $1 1.0 (dsc) [3 B]
-Get:2 http://localhost:8080/  $1 1.0 (tar) [3 B]
+Get:1 http://localhost:${APTHTTPPORT}  $1 1.0 (dsc) [3 B]
+Get:2 http://localhost:${APTHTTPPORT}  $1 1.0 (tar) [3 B]
 Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
 Download complete and in download only mode" aptget source --allow-unauthenticated -d "$@" -o Acquire::ForceHash=ROT26
-       msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
-       testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+               msgtest 'Files were downloaded unauthenticated as user allowed it' "$1"
+               testsuccess --nomsg test -e ${1}_1.0.dsc -a -e ${1}_1.0.tar.gz
+       fi
 }
 
 }
 
-testok pkg-md5-ok
-testkeep pkg-md5-ok
+testnohash pkg-md5-ok
+testnohash pkg-sha1-ok
 testok pkg-sha256-ok
 testkeep pkg-sha256-ok
 
 testok pkg-sha256-ok
 testkeep pkg-sha256-ok
 
@@ -213,14 +388,17 @@ testkeep pkg-sha256-ok
 # checking the best available hash (as it should), this will trigger
 # a hash mismatch.
 testmismatch pkg-sha256-bad
 # checking the best available hash (as it should), this will trigger
 # a hash mismatch.
 testmismatch pkg-sha256-bad
-testmismatch pkg-sha256-bad
 testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
 
 testok pkg-sha256-bad -o Acquire::ForceHash=MD5Sum
 
+testnohash pkg-md5-bad
+testmismatch pkg-md5-bad --allow-unauthenticated
+
+testmismatch pkg-size-bad
+
 # not having MD5 sum doesn't mean the file doesn't exist at all …
 testok pkg-no-md5
 testok pkg-no-md5 -o Acquire::ForceHash=SHA256
 # not having MD5 sum doesn't mean the file doesn't exist at all …
 testok pkg-no-md5
 testok pkg-no-md5 -o Acquire::ForceHash=SHA256
-testequal "Reading package lists...
-Building dependency tree...
+testsuccessequal "Reading package lists...
 Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
 Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
 Need to get 0 B of source archives.
 Skipping download of file 'pkg-no-md5_1.0.dsc' as requested hashsum is not available for authentication
 Skipping download of file 'pkg-no-md5_1.0.tar.gz' as requested hashsum is not available for authentication
 Need to get 0 B of source archives.
@@ -230,33 +408,45 @@ testfailure --nomsg test -e pkg-no-md5_1.0.dsc -a -e pkg-no-md5_1.0.tar.gz
 
 # deal with cases in which we haven't for all files the same checksum type
 # mostly pathologic as this shouldn't happen, but just to be sure
 
 # deal with cases in which we haven't for all files the same checksum type
 # mostly pathologic as this shouldn't happen, but just to be sure
-testok pkg-mixed-ok
-testequal 'Reading package lists...
-Building dependency tree...
-Need to get 6 B of source archives.
-Get:1 http://localhost:8080/  pkg-mixed-sha1-bad 1.0 (tar) [3 B]
-Get:2 http://localhost:8080/  pkg-mixed-sha1-bad 1.0 (dsc) [3 B]
-E: Failed to fetch http://localhost:8080/pkg-mixed-sha1-bad_1.0.dsc  Hash Sum mismatch
+testsuccessequal "Reading package lists...
+Skipping download of file 'pkg-mixed-ok_1.0.tar.gz' as requested hashsum is not available for authentication
+Need to get 3 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-ok 1.0 (dsc) [3 B]
+Download complete and in download only mode" aptget source -d pkg-mixed-ok
 
 
-E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha1-bad
+testsuccessequal  "Reading package lists...
+Skipping download of file 'pkg-mixed-sha1-bad_1.0.dsc' as requested hashsum is not available for authentication
+Need to get 3 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha1-bad 1.0 (tar) [3 B]
+Download complete and in download only mode" aptget source -d pkg-mixed-sha1-bad
 msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
 testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
 msgtest 'Only tar file is downloaded as the dsc has hashsum mismatch' 'pkg-mixed-sha1-bad'
 testsuccess --nomsg test ! -e pkg-mixed-sha1-bad_1.0.dsc -a -e pkg-mixed-sha1-bad_1.0.tar.gz
-testequal 'Reading package lists...
-Building dependency tree...
-Need to get 6 B of source archives.
-Get:1 http://localhost:8080/  pkg-mixed-sha2-bad 1.0 (tar) [3 B]
-Get:2 http://localhost:8080/  pkg-mixed-sha2-bad 1.0 (dsc) [3 B]
-E: Failed to fetch http://localhost:8080/pkg-mixed-sha2-bad_1.0.tar.gz  Hash Sum mismatch
-
-E: Failed to fetch some archives.' aptget source -d pkg-mixed-sha2-bad
-msgtest 'Only dsc file is downloaded as the tar has hashsum mismatch' 'pkg-mixed-sha2-bad'
-testsuccess --nomsg test -e pkg-mixed-sha2-bad_1.0.dsc -a ! -e pkg-mixed-sha2-bad_1.0.tar.gz
+testfailureequal "Reading package lists...
+Skipping download of file 'pkg-mixed-sha2-bad_1.0.dsc' as requested hashsum is not available for authentication
+Need to get 3 B of source archives.
+Get:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar) [3 B]
+Err:1 http://localhost:${APTHTTPPORT}  pkg-mixed-sha2-bad 1.0 (tar)
+  Hash Sum mismatch
+  Hashes of expected file:
+   - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+   - Checksum-FileSize:3 [weak]
+  Hashes of received file:
+   - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+   - Checksum-FileSize:3 [weak]
+  Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz')
+E: Failed to fetch http://localhost:${APTHTTPPORT}/pkg-mixed-sha2-bad_1.0.tar.gz  Hash Sum mismatch
+   Hashes of expected file:
+    - SHA256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+    - Checksum-FileSize:3 [weak]
+   Hashes of received file:
+    - SHA256:90aebae315675cbf04612de4f7d5874850f48e0b8dd82becbeaa47ca93f5ebfb
+    - Checksum-FileSize:3 [weak]
+   Last modification reported: $(lastmodification 'aptarchive/pkg-mixed-sha2-bad_1.0.tar.gz')
+E: Failed to fetch some archives." aptget source -d pkg-mixed-sha2-bad
 
 # it gets even more pathologic: multiple entries for one file, some even disagreeing!
 
 # it gets even more pathologic: multiple entries for one file, some even disagreeing!
-testok pkg-md5-agree
-testequal 'Reading package lists...
-Building dependency tree...
+testnohash pkg-md5-agree
+testfailureequal 'Reading package lists...
 E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
 E: Error parsing checksum in Files of source package pkg-md5-disagree' aptget source -d pkg-md5-disagree
-testequal 'Reading package lists...
-Building dependency tree...
+testfailureequal 'Reading package lists...
 E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree
 E: Error parsing checksum in Checksums-SHA256 of source package pkg-sha256-disagree' aptget source -d pkg-sha256-disagree