]> git.saurik.com Git - apt.git/blobdiff - apt-pkg/acquire-item.cc
really do not download Release if InRelease does not verify
[apt.git] / apt-pkg / acquire-item.cc
index de03011bffaac409d0f3da988141a44d8e759a2d..3c66369cf8bcbbbecd5176360ef79645ef9f380e 100644 (file)
 #include <apt-pkg/error.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/fileutl.h>
-#include <apt-pkg/md5.h>
 #include <apt-pkg/sha1.h>
 #include <apt-pkg/tagfile.h>
 #include <apt-pkg/indexrecords.h>
-#include <apt-pkg/metaindex.h>
-
+#include <apt-pkg/acquire.h>
+#include <apt-pkg/hashes.h>
+#include <apt-pkg/indexfile.h>
+#include <apt-pkg/pkgcache.h>
+#include <apt-pkg/cacheiterators.h>
+#include <apt-pkg/pkgrecords.h>
+
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+#include <iostream>
+#include <vector>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <errno.h>
 
 using namespace std;
 
+static void printHashSumComparision(std::string const &URI, HashStringList const &Expected, HashStringList const &Actual) /*{{{*/
+{
+   if (_config->FindB("Debug::Acquire::HashSumMismatch", false) == false)
+      return;
+   std::cerr << std::endl << URI << ":" << std::endl << " Expected Hash: " << std::endl;
+   for (HashStringList::const_iterator hs = Expected.begin(); hs != Expected.end(); ++hs)
+      std::cerr <<  "\t- " << hs->toStr() << std::endl;
+   std::cerr << " Actual Hash: " << std::endl;
+   for (HashStringList::const_iterator hs = Actual.begin(); hs != Actual.end(); ++hs)
+      std::cerr <<  "\t- " << hs->toStr() << std::endl;
+}
+                                                                       /*}}}*/
+
 // Acquire::Item::Item - Constructor                                   /*{{{*/
-// ---------------------------------------------------------------------
-/* */
-pkgAcquire::Item::Item(pkgAcquire *Owner) : Owner(Owner), FileSize(0),
-                       PartialSize(0), Mode(0), ID(0), Complete(false), 
-                       Local(false), QueueCounter(0)
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic push
+       #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+pkgAcquire::Item::Item(pkgAcquire *Owner,
+                       HashStringList const &ExpectedHashes,
+                       pkgAcqMetaBase *TransactionManager)
+   : Owner(Owner), FileSize(0), PartialSize(0), Mode(0), ID(0), Complete(false),
+     Local(false), QueueCounter(0), TransactionManager(TransactionManager),
+     ExpectedAdditionalItems(0), ExpectedHashes(ExpectedHashes)
 {
    Owner->Add(this);
    Status = StatIdle;
+   if(TransactionManager != NULL)
+      TransactionManager->Add(this);
 }
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic pop
+#endif
                                                                        /*}}}*/
 // Acquire::Item::~Item - Destructor                                   /*{{{*/
 // ---------------------------------------------------------------------
@@ -67,7 +99,8 @@ pkgAcquire::Item::~Item()
 void pkgAcquire::Item::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 {
    Status = StatIdle;
-   ErrorText = LookupTag(Message,"Message");
+   if(ErrorText == "")
+      ErrorText = LookupTag(Message,"Message");
    UsedMirror =  LookupTag(Message,"UsedMirror");
    if (QueueCounter <= 1)
    {
@@ -108,12 +141,12 @@ void pkgAcquire::Item::Start(string /*Message*/,unsigned long long Size)
 // Acquire::Item::Done - Item downloaded OK                            /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcquire::Item::Done(string Message,unsigned long long Size,string Hash,
-                           pkgAcquire::MethodConfig *Cnf)
+void pkgAcquire::Item::Done(string Message,unsigned long long Size,HashStringList const &/*Hash*/,
+                           pkgAcquire::MethodConfig * /*Cnf*/)
 {
    // We just downloaded something..
    string FileName = LookupTag(Message,"Filename");
-   UsedMirror =  LookupTag(Message,"UsedMirror");
+   UsedMirror = LookupTag(Message,"UsedMirror");
    if (Complete == false && !Local && FileName == DestFile)
    {
       if (Owner->Log != 0)
@@ -131,7 +164,7 @@ void pkgAcquire::Item::Done(string Message,unsigned long long Size,string Hash,
 // ---------------------------------------------------------------------
 /* This helper function is used by a lot of item methods as their final
    step */
-void pkgAcquire::Item::Rename(string From,string To)
+bool pkgAcquire::Item::Rename(string From,string To)
 {
    if (rename(From.c_str(),To.c_str()) != 0)
    {
@@ -139,8 +172,10 @@ void pkgAcquire::Item::Rename(string From,string To)
       snprintf(S,sizeof(S),_("rename failed, %s (%s -> %s)."),strerror(errno),
              From.c_str(),To.c_str());
       Status = StatError;
-      ErrorText = S;
+      ErrorText += S;
+      return false;
    }   
+   return true;
 }
                                                                        /*}}}*/
 bool pkgAcquire::Item::RenameOnError(pkgAcquire::Item::RenameOnErrorState const error)/*{{{*/
@@ -165,6 +200,14 @@ bool pkgAcquire::Item::RenameOnError(pkgAcquire::Item::RenameOnErrorState const
         Status = StatError;
         // do not report as usually its not the mirrors fault, but Portal/Proxy
         break;
+      case SignatureError:
+        ErrorText = _("Signature error");
+        Status = StatError;
+        break;
+      case NotClearsigned:
+         ErrorText = _("Does not start with a cleartext signature");
+        Status = StatError;
+        break;
    }
    return false;
 }
@@ -213,118 +256,6 @@ void pkgAcquire::Item::ReportMirrorFailure(string FailCode)
    }
 }
                                                                        /*}}}*/
-// AcqSubIndex::AcqSubIndex - Constructor                              /*{{{*/
-// ---------------------------------------------------------------------
-/* Get a sub-index file based on checksums from a 'master' file and
-   possibly query additional files */
-pkgAcqSubIndex::pkgAcqSubIndex(pkgAcquire *Owner, string const &URI,
-                                string const &URIDesc, string const &ShortDesc,
-                                HashString const &ExpectedHash)
-   : Item(Owner), ExpectedHash(ExpectedHash)
-{
-   /* XXX: Beware: Currently this class does nothing (of value) anymore ! */
-   Debug = _config->FindB("Debug::pkgAcquire::SubIndex",false);
-
-   DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(URI);
-
-   Desc.URI = URI;
-   Desc.Description = URIDesc;
-   Desc.Owner = this;
-   Desc.ShortDesc = ShortDesc;
-
-   QueueURI(Desc);
-
-   if(Debug)
-      std::clog << "pkgAcqSubIndex: " << Desc.URI << std::endl;
-}
-                                                                       /*}}}*/
-// AcqSubIndex::Custom600Headers - Insert custom request headers       /*{{{*/
-// ---------------------------------------------------------------------
-/* The only header we use is the last-modified header. */
-string pkgAcqSubIndex::Custom600Headers()
-{
-   string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(Desc.URI);
-
-   struct stat Buf;
-   if (stat(Final.c_str(),&Buf) != 0)
-      return "\nIndex-File: true\nFail-Ignore: true\n";
-   return "\nIndex-File: true\nFail-Ignore: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
-}
-                                                                       /*}}}*/
-void pkgAcqSubIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)      /*{{{*/
-{
-   if(Debug)
-      std::clog << "pkgAcqSubIndex failed: " << Desc.URI << std::endl;
-
-   Complete = false;
-   Status = StatDone;
-   Dequeue();
-
-   // No good Index is provided
-}
-                                                                       /*}}}*/
-void pkgAcqSubIndex::Done(string Message,unsigned long long Size,string Md5Hash,       /*{{{*/
-                          pkgAcquire::MethodConfig *Cnf)
-{
-   if(Debug)
-      std::clog << "pkgAcqSubIndex::Done(): " << Desc.URI << std::endl;
-
-   string FileName = LookupTag(Message,"Filename");
-   if (FileName.empty() == true)
-   {
-      Status = StatError;
-      ErrorText = "Method gave a blank filename";
-      return;
-   }
-
-   if (FileName != DestFile)
-   {
-      Local = true;
-      Desc.URI = "copy:" + FileName;
-      QueueURI(Desc);
-      return;
-   }
-
-   Item::Done(Message,Size,Md5Hash,Cnf);
-
-   string FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(Desc.URI);
-
-   /* Downloaded invalid transindex => Error (LP: #346386) (Closes: #627642) */
-   indexRecords SubIndexParser;
-   if (FileExists(DestFile) == true && !SubIndexParser.Load(DestFile)) {
-      Status = StatError;
-      ErrorText = SubIndexParser.ErrorText;
-      return;
-   }
-
-   // success in downloading the index
-   // rename the index
-   if(Debug)
-      std::clog << "Renaming: " << DestFile << " -> " << FinalFile << std::endl;
-   Rename(DestFile,FinalFile);
-   chmod(FinalFile.c_str(),0644);
-   DestFile = FinalFile;
-
-   if(ParseIndex(DestFile) == false)
-      return Failed("", NULL);
-
-   Complete = true;
-   Status = StatDone;
-   Dequeue();
-   return;
-}
-                                                                       /*}}}*/
-bool pkgAcqSubIndex::ParseIndex(string const &IndexFile)               /*{{{*/
-{
-   indexRecords SubIndexParser;
-   if (FileExists(IndexFile) == false || SubIndexParser.Load(IndexFile) == false)
-      return false;
-   // so something with the downloaded index
-   return true;
-}
-                                                                       /*}}}*/
 // AcqDiffIndex::AcqDiffIndex - Constructor                            /*{{{*/
 // ---------------------------------------------------------------------
 /* Get the DiffIndex file first and see if there are patches available
@@ -333,21 +264,24 @@ bool pkgAcqSubIndex::ParseIndex(string const &IndexFile)          /*{{{*/
  * the original packages file
  */
 pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
-                                string URI,string URIDesc,string ShortDesc,
-                                HashString ExpectedHash)
-   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
-     Description(URIDesc)
+                                 pkgAcqMetaBase *TransactionManager,
+                                 IndexTarget const * const Target,
+                                HashStringList const &ExpectedHashes,
+                                 indexRecords *MetaIndexParser)
+   : pkgAcqBaseIndex(Owner, TransactionManager, Target, ExpectedHashes, 
+                     MetaIndexParser), PackagesFileReadyInPartial(false)
 {
    
    Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
 
-   Desc.Description = URIDesc + "/DiffIndex";
+   RealURI = Target->URI;
    Desc.Owner = this;
-   Desc.ShortDesc = ShortDesc;
-   Desc.URI = URI + ".diff/Index";
+   Desc.Description = Target->Description + "/DiffIndex";
+   Desc.ShortDesc = Target->ShortDesc;
+   Desc.URI = Target->URI + ".diff/Index";
 
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(URI) + string(".DiffIndex");
+   DestFile += URItoFileName(Desc.URI);
 
    if(Debug)
       std::clog << "pkgAcqDiffIndex: " << Desc.URI << std::endl;
@@ -380,10 +314,10 @@ pkgAcqDiffIndex::pkgAcqDiffIndex(pkgAcquire *Owner,
 // AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
-string pkgAcqDiffIndex::Custom600Headers()
+string pkgAcqDiffIndex::Custom600Headers() const
 {
    string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(RealURI) + string(".IndexDiff");
+   Final += URItoFileName(Desc.URI);
    
    if(Debug)
       std::clog << "Custom600Header-IMS: " << Final << std::endl;
@@ -431,10 +365,15 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)                /*{{{*/
         // we have the same sha1 as the server so we are done here
         if(Debug)
            std::clog << "Package file is up-to-date" << std::endl;
+         // ensure we have no leftovers from previous runs
+         std::string Partial = _config->FindDir("Dir::State::lists");
+         Partial += "partial/" + URItoFileName(RealURI);
+         unlink(Partial.c_str());
         // list cleanup needs to know that this file as well as the already
         // present index is ours, so we create an empty diff to save it for us
-        new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
-              ExpectedHash, ServerSha1, available_patches);
+        new pkgAcqIndexDiffs(Owner, TransactionManager, Target, 
+                              ExpectedHashes, MetaIndexParser, 
+                              ServerSha1, available_patches);
         return true;
       }
       else
@@ -500,6 +439,21 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)         /*{{{*/
       // we have something, queue the next diff
       if(found)
       {
+         // FIXME: make this use the method
+         PackagesFileReadyInPartial = true;
+         std::string Partial = _config->FindDir("Dir::State::lists");
+         Partial += "partial/" + URItoFileName(RealURI);
+
+         FileFd From(CurrentPackagesFile, FileFd::ReadOnly);
+         FileFd To(Partial, FileFd::WriteEmpty);
+         if(CopyFile(From, To) == false)
+            return _error->Errno("CopyFile", "failed to copy");
+
+         if(Debug)
+            std::cerr << "Done copying " << CurrentPackagesFile
+                      << " -> " << Partial
+                      << std::endl;
+
         // queue the diffs
         string::size_type const last_space = Description.rfind(" ");
         if(last_space != string::npos)
@@ -519,20 +473,28 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)                /*{{{*/
         }
 
         if (pdiff_merge == false)
-           new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
-                 ExpectedHash, ServerSha1, available_patches);
-        else
+         {
+           new pkgAcqIndexDiffs(Owner, TransactionManager, Target, ExpectedHashes, 
+                                 MetaIndexParser,
+                                 ServerSha1, available_patches);
+         }
+         else
         {
            std::vector<pkgAcqIndexMergeDiffs*> *diffs = new std::vector<pkgAcqIndexMergeDiffs*>(available_patches.size());
            for(size_t i = 0; i < available_patches.size(); ++i)
-              (*diffs)[i] = new pkgAcqIndexMergeDiffs(Owner, RealURI, Description, Desc.ShortDesc, ExpectedHash,
-                    available_patches[i], diffs);
+              (*diffs)[i] = new pkgAcqIndexMergeDiffs(Owner,
+                                                       TransactionManager,
+                                                       Target,
+                                                       ExpectedHashes,
+                                                       MetaIndexParser,
+                                                       available_patches[i],
+                                                       diffs);
         }
 
-        Complete = false;
-        Status = StatDone;
-        Dequeue();
-        return true;
+         Complete = false;
+         Status = StatDone;
+         Dequeue();
+         return true;
       }
    }
    
@@ -544,27 +506,41 @@ bool pkgAcqDiffIndex::ParseDiffIndex(string IndexDiffFile)                /*{{{*/
    return false;
 }
                                                                        /*}}}*/
-void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)     /*{{{*/
+void pkgAcqDiffIndex::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
 {
    if(Debug)
-      std::clog << "pkgAcqDiffIndex failed: " << Desc.URI << std::endl
+      std::clog << "pkgAcqDiffIndex failed: " << Desc.URI << " with " << Message << std::endl
                << "Falling back to normal index file acquire" << std::endl;
 
-   new pkgAcqIndex(Owner, RealURI, Description, Desc.ShortDesc, 
-                  ExpectedHash);
+   new pkgAcqIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser);
 
    Complete = false;
    Status = StatDone;
    Dequeue();
 }
                                                                        /*}}}*/
-void pkgAcqDiffIndex::Done(string Message,unsigned long long Size,string Md5Hash,      /*{{{*/
+void pkgAcqDiffIndex::Done(string Message,unsigned long long Size,HashStringList const &Hashes,        /*{{{*/
                           pkgAcquire::MethodConfig *Cnf)
 {
    if(Debug)
       std::clog << "pkgAcqDiffIndex::Done(): " << Desc.URI << std::endl;
 
-   Item::Done(Message,Size,Md5Hash,Cnf);
+   Item::Done(Message, Size, Hashes, Cnf);
+
+   // verify the index target
+   if(Target && Target->MetaKey != "" && MetaIndexParser && Hashes.usable())
+   {
+      std::string IndexMetaKey  = Target->MetaKey + ".diff/Index";
+      indexRecords::checkSum *Record = MetaIndexParser->Lookup(IndexMetaKey);
+      if(Record && Record->Hashes.usable() && Hashes != Record->Hashes)
+      {
+         RenameOnError(HashSumMismatch);
+         printHashSumComparision(RealURI, Record->Hashes, Hashes);
+         Failed(Message, Cnf);
+         return;
+      }
+
+   }
 
    string FinalFile;
    FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
@@ -594,26 +570,31 @@ void pkgAcqDiffIndex::Done(string Message,unsigned long long Size,string Md5Hash
  * for each diff and the index
  */
 pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
-                                  string URI,string URIDesc,string ShortDesc,
-                                  HashString ExpectedHash, 
+                                   pkgAcqMetaBase *TransactionManager,
+                                   struct IndexTarget const * const Target,
+                                   HashStringList const &ExpectedHashes,
+                                   indexRecords *MetaIndexParser,
                                   string ServerSha1,
                                   vector<DiffInfo> diffs)
-   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash), 
+   : pkgAcqBaseIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser),
      available_patches(diffs), ServerSha1(ServerSha1)
 {
    
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(URI);
+   DestFile += URItoFileName(Target->URI);
 
    Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
 
-   Description = URIDesc;
+   RealURI = Target->URI;
    Desc.Owner = this;
-   Desc.ShortDesc = ShortDesc;
+   Description = Target->Description;
+   Desc.ShortDesc = Target->ShortDesc;
 
    if(available_patches.empty() == true)
    {
-      // we are done (yeah!)
+      // we are done (yeah!), check hashes against the final file
+      DestFile = _config->FindDir("Dir::State::lists");
+      DestFile += URItoFileName(Target->URI);
       Finish(true);
    }
    else
@@ -624,33 +605,46 @@ pkgAcqIndexDiffs::pkgAcqIndexDiffs(pkgAcquire *Owner,
    }
 }
                                                                        /*}}}*/
-void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)    /*{{{*/
+void pkgAcqIndexDiffs::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
 {
    if(Debug)
-      std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << std::endl
+      std::clog << "pkgAcqIndexDiffs failed: " << Desc.URI << " with " << Message << std::endl
                << "Falling back to normal index file acquire" << std::endl;
-   new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc, 
-                  ExpectedHash);
+   new pkgAcqIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser);
    Finish();
 }
                                                                        /*}}}*/
 // Finish - helper that cleans the item out of the fetcher queue       /*{{{*/
 void pkgAcqIndexDiffs::Finish(bool allDone)
 {
+   if(Debug)
+      std::clog << "pkgAcqIndexDiffs::Finish(): " 
+                << allDone << " "
+                << Desc.URI << std::endl;
+
    // we restore the original name, this is required, otherwise
    // the file will be cleaned
    if(allDone) 
    {
-      DestFile = _config->FindDir("Dir::State::lists");
-      DestFile += URItoFileName(RealURI);
-
-      if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
+      if(HashSums().usable() && !HashSums().VerifyFile(DestFile))
       {
         RenameOnError(HashSumMismatch);
         Dequeue();
         return;
       }
 
+      // queue for copy
+      PartialFile = _config->FindDir("Dir::State::lists")+"partial/"+URItoFileName(RealURI);
+
+      DestFile = _config->FindDir("Dir::State::lists");
+      DestFile += URItoFileName(RealURI);
+
+      // this happens if we have a up-to-date indexfile
+      if(!FileExists(PartialFile))
+         PartialFile = DestFile;
+
+      TransactionManager->TransactionStageCopy(this, PartialFile, DestFile);
+
       // this is for the "real" finish
       Complete = true;
       Status = StatDone;
@@ -670,10 +664,15 @@ void pkgAcqIndexDiffs::Finish(bool allDone)
                                                                        /*}}}*/
 bool pkgAcqIndexDiffs::QueueNextDiff()                                 /*{{{*/
 {
-
    // calc sha1 of the just patched file
    string FinalFile = _config->FindDir("Dir::State::lists");
-   FinalFile += URItoFileName(RealURI);
+   FinalFile += "partial/" + URItoFileName(RealURI);
+
+   if(!FileExists(FinalFile))
+   {
+      Failed("No FinalFile " + FinalFile + " available", NULL);
+      return false;
+   }
 
    FileFd fd(FinalFile, FileFd::ReadOnly);
    SHA1Summation SHA1;
@@ -683,6 +682,7 @@ bool pkgAcqIndexDiffs::QueueNextDiff()                                      /*{{{*/
       std::clog << "QueueNextDiff: " 
                << FinalFile << " (" << local_sha1 << ")"<<std::endl;
 
+
    // final file reached before all patches are applied
    if(local_sha1 == ServerSha1)
    {
@@ -704,12 +704,12 @@ bool pkgAcqIndexDiffs::QueueNextDiff()                                    /*{{{*/
    // error checking and falling back if no patch was found
    if(available_patches.empty() == true)
    {
-      Failed("", NULL);
+      Failed("No patches available", NULL);
       return false;
    }
 
    // queue the right diff
-   Desc.URI = string(RealURI) + ".diff/" + available_patches[0].file + ".gz";
+   Desc.URI = RealURI + ".diff/" + available_patches[0].file + ".gz";
    Desc.Description = Description + " " + available_patches[0].file + string(".pdiff");
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile += URItoFileName(RealURI + ".diff/" + available_patches[0].file);
@@ -722,16 +722,18 @@ bool pkgAcqIndexDiffs::QueueNextDiff()                                    /*{{{*/
    return true;
 }
                                                                        /*}}}*/
-void pkgAcqIndexDiffs::Done(string Message,unsigned long long Size,string Md5Hash,     /*{{{*/
+void pkgAcqIndexDiffs::Done(string Message,unsigned long long Size, HashStringList const &Hashes,      /*{{{*/
                            pkgAcquire::MethodConfig *Cnf)
 {
    if(Debug)
       std::clog << "pkgAcqIndexDiffs::Done(): " << Desc.URI << std::endl;
 
-   Item::Done(Message,Size,Md5Hash,Cnf);
+   Item::Done(Message, Size, Hashes, Cnf);
+
+   // FIXME: verify this download too before feeding it to rred
 
    string FinalFile;
-   FinalFile = _config->FindDir("Dir::State::lists")+URItoFileName(RealURI);
+   FinalFile = _config->FindDir("Dir::State::lists")+"partial/"+URItoFileName(RealURI);
 
    // success in downloading a diff, enter ApplyDiff state
    if(State == StateFetchDiff)
@@ -747,7 +749,15 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long long Size,string Md5Has
       Local = true;
       Desc.URI = "rred:" + FinalFile;
       QueueURI(Desc);
+      ActiveSubprocess = "rred";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic push
+       #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
       Mode = "rred";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic pop
+#endif
       return;
    } 
 
@@ -770,34 +780,40 @@ void pkgAcqIndexDiffs::Done(string Message,unsigned long long Size,string Md5Has
 
       // see if there is more to download
       if(available_patches.empty() == false) {
-        new pkgAcqIndexDiffs(Owner, RealURI, Description, Desc.ShortDesc,
-                             ExpectedHash, ServerSha1, available_patches);
+        new pkgAcqIndexDiffs(Owner, TransactionManager, Target,
+                             ExpectedHashes, MetaIndexParser,
+                              ServerSha1, available_patches);
         return Finish();
       } else 
+         // update
+         DestFile = FinalFile;
         return Finish(true);
    }
 }
                                                                        /*}}}*/
 // AcqIndexMergeDiffs::AcqIndexMergeDiffs - Constructor                        /*{{{*/
 pkgAcqIndexMergeDiffs::pkgAcqIndexMergeDiffs(pkgAcquire *Owner,
-                                  string const &URI, string const &URIDesc,
-                                  string const &ShortDesc, HashString const &ExpectedHash,
-                                  DiffInfo const &patch,
-                                  std::vector<pkgAcqIndexMergeDiffs*> const * const allPatches)
-   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash),
-     patch(patch),allPatches(allPatches), State(StateFetchDiff)
+                                             pkgAcqMetaBase *TransactionManager,
+                                             struct IndexTarget const * const Target,
+                                             HashStringList const &ExpectedHashes,
+                                             indexRecords *MetaIndexParser,
+                                             DiffInfo const &patch,
+                                             std::vector<pkgAcqIndexMergeDiffs*> const * const allPatches)
+  : pkgAcqBaseIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser),
+     patch(patch), allPatches(allPatches), State(StateFetchDiff)
 {
 
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(URI);
+   DestFile += URItoFileName(Target->URI);
 
    Debug = _config->FindB("Debug::pkgAcquire::Diffs",false);
 
-   Description = URIDesc;
+   RealURI = Target->URI;
    Desc.Owner = this;
-   Desc.ShortDesc = ShortDesc;
+   Description = Target->Description;
+   Desc.ShortDesc = Target->ShortDesc;
 
-   Desc.URI = string(RealURI) + ".diff/" + patch.file + ".gz";
+   Desc.URI = RealURI + ".diff/" + patch.file + ".gz";
    Desc.Description = Description + " " + patch.file + string(".pdiff");
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile += URItoFileName(RealURI + ".diff/" + patch.file);
@@ -808,7 +824,7 @@ pkgAcqIndexMergeDiffs::pkgAcqIndexMergeDiffs(pkgAcquire *Owner,
    QueueURI(Desc);
 }
                                                                        /*}}}*/
-void pkgAcqIndexMergeDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
+void pkgAcqIndexMergeDiffs::Failed(string Message,pkgAcquire::MethodConfig * /*Cnf*/)/*{{{*/
 {
    if(Debug)
       std::clog << "pkgAcqIndexMergeDiffs failed: " << Desc.URI << " with " << Message << std::endl;
@@ -826,19 +842,20 @@ void pkgAcqIndexMergeDiffs::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    // first failure means we should fallback
    State = StateErrorDiff;
    std::clog << "Falling back to normal index file acquire" << std::endl;
-   new pkgAcqIndex(Owner, RealURI, Description,Desc.ShortDesc,
-                  ExpectedHash);
+   new pkgAcqIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser);
 }
                                                                        /*}}}*/
-void pkgAcqIndexMergeDiffs::Done(string Message,unsigned long long Size,string Md5Hash,        /*{{{*/
+void pkgAcqIndexMergeDiffs::Done(string Message,unsigned long long Size,HashStringList const &Hashes,  /*{{{*/
                            pkgAcquire::MethodConfig *Cnf)
 {
    if(Debug)
       std::clog << "pkgAcqIndexMergeDiffs::Done(): " << Desc.URI << std::endl;
 
-   Item::Done(Message,Size,Md5Hash,Cnf);
+   Item::Done(Message,Size,Hashes,Cnf);
 
-   string const FinalFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+   // FIXME: verify download before feeding it to rred
+
+   string const FinalFile = _config->FindDir("Dir::State::lists") + "partial/" + URItoFileName(RealURI);
 
    if (State == StateFetchDiff)
    {
@@ -865,34 +882,47 @@ void pkgAcqIndexMergeDiffs::Done(string Message,unsigned long long Size,string M
       Local = true;
       Desc.URI = "rred:" + FinalFile;
       QueueURI(Desc);
+      ActiveSubprocess = "rred";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic push
+       #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
       Mode = "rred";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic pop
+#endif
       return;
    }
    // success in download/apply all diffs, clean up
    else if (State == StateApplyDiff)
    {
       // see if we really got the expected file
-      if(!ExpectedHash.empty() && !ExpectedHash.VerifyFile(DestFile))
+      if(ExpectedHashes.usable() && !ExpectedHashes.VerifyFile(DestFile))
       {
         RenameOnError(HashSumMismatch);
         return;
       }
 
+
+      std::string FinalFile = _config->FindDir("Dir::State::lists");
+      FinalFile += URItoFileName(RealURI);
+
       // move the result into place
       if(Debug)
-        std::clog << "Moving patched file in place: " << std::endl
+        std::clog << "Queue patched file in place: " << std::endl
                   << DestFile << " -> " << FinalFile << std::endl;
-      Rename(DestFile, FinalFile);
-      chmod(FinalFile.c_str(), 0644);
 
-      // otherwise lists cleanup will eat the file
-      DestFile = FinalFile;
+      // queue for copy by the transaction manager
+      TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
 
       // ensure the ed's are gone regardless of list-cleanup
       for (std::vector<pkgAcqIndexMergeDiffs *>::const_iterator I = allPatches->begin();
            I != allPatches->end(); ++I)
       {
-           std::string patch = FinalFile + ".ed." + (*I)->patch.file + ".gz";
+            std::string PartialFile = _config->FindDir("Dir::State::lists");
+            PartialFile += "partial/" + URItoFileName(RealURI);
+           std::string patch = PartialFile + ".ed." + (*I)->patch.file + ".gz";
+            std::cerr << patch << std::endl;
            unlink(patch.c_str());
       }
 
@@ -903,72 +933,122 @@ void pkgAcqIndexMergeDiffs::Done(string Message,unsigned long long Size,string M
    }
 }
                                                                        /*}}}*/
+
+// AcqBaseIndex::VerifyHashByMetaKey - verify hash for the given metakey /*{{{*/
+bool pkgAcqBaseIndex::VerifyHashByMetaKey(HashStringList const &Hashes)
+{
+   if(MetaKey != "" && Hashes.usable())
+   {
+      indexRecords::checkSum *Record = MetaIndexParser->Lookup(MetaKey);
+      if(Record && Record->Hashes.usable() && Hashes != Record->Hashes)
+      {
+         printHashSumComparision(RealURI, Record->Hashes, Hashes);
+         return false;
+      }
+   }
+   return true;
+}
+
+
 // AcqIndex::AcqIndex - Constructor                                    /*{{{*/
 // ---------------------------------------------------------------------
 /* The package file is added to the queue and a second class is 
    instantiated to fetch the revision file */   
 pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
                         string URI,string URIDesc,string ShortDesc,
-                        HashString ExpectedHash, string comprExt)
-   : Item(Owner), RealURI(URI), ExpectedHash(ExpectedHash)
+                        HashStringList const  &ExpectedHash)
+   : pkgAcqBaseIndex(Owner, 0, NULL, ExpectedHash, NULL)
 {
-   if(comprExt.empty() == true)
-   {
-      // autoselect the compression method
-      std::vector<std::string> types = APT::Configuration::getCompressionTypes();
-      for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
-        comprExt.append(*t).append(" ");
-      if (comprExt.empty() == false)
-        comprExt.erase(comprExt.end()-1);
-   }
-   CompressionExtension = comprExt;
+   RealURI = URI;
 
+   AutoSelectCompression();
    Init(URI, URIDesc, ShortDesc);
+
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "New pkgIndex with TransactionManager "
+                << TransactionManager << std::endl;
 }
-pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner, IndexTarget const *Target,
-                        HashString const &ExpectedHash, indexRecords const *MetaIndexParser)
-   : Item(Owner), RealURI(Target->URI), ExpectedHash(ExpectedHash)
+                                                                       /*}}}*/
+// AcqIndex::AcqIndex - Constructor                                    /*{{{*/
+// ---------------------------------------------------------------------
+pkgAcqIndex::pkgAcqIndex(pkgAcquire *Owner,
+                         pkgAcqMetaBase *TransactionManager,
+                         IndexTarget const *Target,
+                        HashStringList const &ExpectedHash, 
+                         indexRecords *MetaIndexParser)
+   : pkgAcqBaseIndex(Owner, TransactionManager, Target, ExpectedHash, 
+                     MetaIndexParser)
 {
+   RealURI = Target->URI;
+
    // autoselect the compression method
+   AutoSelectCompression();
+   Init(Target->URI, Target->Description, Target->ShortDesc);
+
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "New pkgIndex with TransactionManager "
+                << TransactionManager << std::endl;
+}
+                                                                       /*}}}*/
+// AcqIndex::AutoSelectCompression - Select compression                        /*{{{*/
+// ---------------------------------------------------------------------
+void pkgAcqIndex::AutoSelectCompression()
+{
    std::vector<std::string> types = APT::Configuration::getCompressionTypes();
-   CompressionExtension = "";
-   if (ExpectedHash.empty() == false)
+   CompressionExtensions = "";
+   if (ExpectedHashes.usable())
    {
-      for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
-        if (*t == "uncompressed" || MetaIndexParser->Exists(string(Target->MetaKey).append(".").append(*t)) == true)
-           CompressionExtension.append(*t).append(" ");
+      for (std::vector<std::string>::const_iterator t = types.begin();
+           t != types.end(); ++t)
+      {
+         std::string CompressedMetaKey = string(Target->MetaKey).append(".").append(*t);
+         if (*t == "uncompressed" || 
+             MetaIndexParser->Exists(CompressedMetaKey) == true)
+            CompressionExtensions.append(*t).append(" ");
+      }
    }
    else
    {
       for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
-        CompressionExtension.append(*t).append(" ");
+        CompressionExtensions.append(*t).append(" ");
    }
-   if (CompressionExtension.empty() == false)
-      CompressionExtension.erase(CompressionExtension.end()-1);
-
-   // only verify non-optional targets, see acquire-item.h for a FIXME
-   // to make this more flexible
-   if (Target->IsOptional())
-     Verify = false;
-   else
-     Verify = true;
-
-   Init(Target->URI, Target->Description, Target->ShortDesc);
+   if (CompressionExtensions.empty() == false)
+      CompressionExtensions.erase(CompressionExtensions.end()-1);
 }
-                                                                       /*}}}*/
 // AcqIndex::Init - defered Constructor                                        /*{{{*/
-void pkgAcqIndex::Init(string const &URI, string const &URIDesc, string const &ShortDesc) {
-   Decompression = false;
-   Erase = false;
+// ---------------------------------------------------------------------
+void pkgAcqIndex::Init(string const &URI, string const &URIDesc, 
+                       string const &ShortDesc)
+{
+   Stage = STAGE_DOWNLOAD;
 
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
    DestFile += URItoFileName(URI);
 
-   std::string const comprExt = CompressionExtension.substr(0, CompressionExtension.find(' '));
-   if (comprExt == "uncompressed")
+   CurrentCompressionExtension = CompressionExtensions.substr(0, CompressionExtensions.find(' '));
+   if (CurrentCompressionExtension == "uncompressed")
+   {
       Desc.URI = URI;
+      if(Target)
+         MetaKey = string(Target->MetaKey);
+   }
    else
-      Desc.URI = URI + '.' + comprExt;
+   {
+      Desc.URI = URI + '.' + CurrentCompressionExtension;
+      DestFile = DestFile + '.' + CurrentCompressionExtension;
+      if(Target)
+         MetaKey = string(Target->MetaKey) + '.' + CurrentCompressionExtension;
+   }
+
+   // load the filesize
+   if(MetaIndexParser)
+   {
+      indexRecords::checkSum *Record = MetaIndexParser->Lookup(MetaKey);
+      if(Record)
+         FileSize = Record->Size;
+      
+      InitByHashIfNeeded(MetaKey);
+   }
 
    Desc.Description = URIDesc;
    Desc.Owner = this;
@@ -977,21 +1057,46 @@ void pkgAcqIndex::Init(string const &URI, string const &URIDesc, string const &S
    QueueURI(Desc);
 }
                                                                        /*}}}*/
+// AcqIndex::AdjustForByHash - modify URI for by-hash support          /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqIndex::InitByHashIfNeeded(const std::string MetaKey)
+{
+   // TODO:
+   //  - (maybe?) add support for by-hash into the sources.list as flag
+   //  - make apt-ftparchive generate the hashes (and expire?)
+   std::string HostKnob = "APT::Acquire::" + ::URI(Desc.URI).Host + "::By-Hash";
+   if(_config->FindB("APT::Acquire::By-Hash", false) == true ||
+      _config->FindB(HostKnob, false) == true ||
+      MetaIndexParser->GetSupportsAcquireByHash())
+   {
+      indexRecords::checkSum *Record = MetaIndexParser->Lookup(MetaKey);
+      if(Record)
+      {
+         // FIXME: should we really use the best hash here? or a fixed one?
+         const HashString *TargetHash = Record->Hashes.find("");
+         std::string ByHash = "/by-hash/" + TargetHash->HashType() + "/" + TargetHash->HashValue();
+         size_t trailing_slash = Desc.URI.find_last_of("/");
+         Desc.URI = Desc.URI.replace(
+            trailing_slash,
+            Desc.URI.substr(trailing_slash+1).size()+1,
+            ByHash);
+      } else {
+         _error->Warning(
+            "Fetching ByHash requested but can not find record for %s",
+            MetaKey.c_str());
+      }
+   }
+}
+                                                                       /*}}}*/
 // AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
-string pkgAcqIndex::Custom600Headers()
+string pkgAcqIndex::Custom600Headers() const
 {
-   string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(RealURI);
-   if (_config->FindB("Acquire::GzipIndexes",false))
-      Final += ".gz";
+   string Final = GetFinalFilename();
    
    string msg = "\nIndex-File: true";
-   // FIXME: this really should use "IndexTarget::IsOptional()" but that
-   //        seems to be difficult without breaking ABI
-   if (ShortDesc().find("Translation") != 0)
-      msg += "\nFail-Ignore: true";
    struct stat Buf;
    if (stat(Final.c_str(),&Buf) == 0)
       msg += "\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
@@ -999,105 +1104,152 @@ string pkgAcqIndex::Custom600Headers()
    return msg;
 }
                                                                        /*}}}*/
+// pkgAcqIndex::Failed - getting the indexfile failed                  /*{{{*/
+// ---------------------------------------------------------------------
+/* */
 void pkgAcqIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*{{{*/
 {
-   size_t const nextExt = CompressionExtension.find(' ');
+   size_t const nextExt = CompressionExtensions.find(' ');
    if (nextExt != std::string::npos)
    {
-      CompressionExtension = CompressionExtension.substr(nextExt+1);
+      CompressionExtensions = CompressionExtensions.substr(nextExt+1);
       Init(RealURI, Desc.Description, Desc.ShortDesc);
       return;
    }
 
    // on decompression failure, remove bad versions in partial/
-   if (Decompression && Erase) {
-      string s = _config->FindDir("Dir::State::lists") + "partial/";
-      s.append(URItoFileName(RealURI));
-      unlink(s.c_str());
+   if (Stage == STAGE_DECOMPRESS_AND_VERIFY)
+   {
+      unlink(EraseFileName.c_str());
    }
 
    Item::Failed(Message,Cnf);
+
+   /// cancel the entire transaction
+   TransactionManager->AbortTransaction();
 }
                                                                        /*}}}*/
+// pkgAcqIndex::GetFinalFilename - Return the full final file path      /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+std::string pkgAcqIndex::GetFinalFilename() const
+{
+   std::string FinalFile = _config->FindDir("Dir::State::lists");
+   FinalFile += URItoFileName(RealURI);
+   if (_config->FindB("Acquire::GzipIndexes",false) == true)
+      FinalFile += '.' + CurrentCompressionExtension;
+   return FinalFile;
+}
+                                                                       /*}}}*/
+// AcqIndex::ReverifyAfterIMS - Reverify index after an ims-hit        /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqIndex::ReverifyAfterIMS()
+{
+   // update destfile to *not* include the compression extension when doing
+   // a reverify (as its uncompressed on disk already)
+   DestFile =  _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(RealURI);
+
+   // adjust DestFile if its compressed on disk
+   if (_config->FindB("Acquire::GzipIndexes",false) == true)
+      DestFile += '.' + CurrentCompressionExtension;
+
+   // copy FinalFile into partial/ so that we check the hash again
+   string FinalFile = GetFinalFilename();
+   Stage = STAGE_DECOMPRESS_AND_VERIFY;
+   Desc.URI = "copy:" + FinalFile;
+   QueueURI(Desc);
+}
+                                                                       /*}}}*/
+
+// AcqIndex::ValidateFile - Validate the content of the downloaded file  /*{{{*/
+// --------------------------------------------------------------------------
+bool pkgAcqIndex::ValidateFile(const std::string &FileName)
+{
+   // FIXME: this can go away once we only ever download stuff that
+   //        has a valid hash and we never do GET based probing
+   // FIXME2: this also leaks debian-isms into the code and should go therefore
+
+   /* Always validate the index file for correctness (all indexes must
+    * have a Package field) (LP: #346386) (Closes: #627642) 
+    */
+   FileFd fd(FileName, FileFd::ReadOnly, FileFd::Extension);
+   // Only test for correctness if the content of the file is not empty
+   // (empty is ok)
+   if (fd.Size() > 0)
+   {
+      pkgTagSection sec;
+      pkgTagFile tag(&fd);
+      
+      // all our current indexes have a field 'Package' in each section
+      if (_error->PendingError() == true ||
+          tag.Step(sec) == false ||
+          sec.Exists("Package") == false)
+         return false;
+   }
+   return true;
+}
+                                                                        /*}}}*/
 // AcqIndex::Done - Finished a fetch                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* This goes through a number of states.. On the initial fetch the
    method could possibly return an alternate filename which points
    to the uncompressed version of the file. If this is so the file
    is copied into the partial directory. In all other cases the file
-   is decompressed with a gzip uri. */
-void pkgAcqIndex::Done(string Message,unsigned long long Size,string Hash,
+   is decompressed with a compressed uri. */
+void pkgAcqIndex::Done(string Message,
+                       unsigned long long Size,
+                       HashStringList const &Hashes,
                       pkgAcquire::MethodConfig *Cfg)
 {
-   Item::Done(Message,Size,Hash,Cfg);
+   Item::Done(Message,Size,Hashes,Cfg);
 
-   if (Decompression == true)
+   switch(Stage) 
    {
-      if (_config->FindB("Debug::pkgAcquire::Auth", false))
-      {
-         std::cerr << std::endl << RealURI << ": Computed Hash: " << Hash;
-         std::cerr << "  Expected Hash: " << ExpectedHash.toStr() << std::endl;
-      }
-
-      if (!ExpectedHash.empty() && ExpectedHash.toStr() != Hash)
-      {
-        RenameOnError(HashSumMismatch);
-         return;
-      }
+      case STAGE_DOWNLOAD:
+         StageDownloadDone(Message, Hashes, Cfg);
+         break;
+      case STAGE_DECOMPRESS_AND_VERIFY:
+         StageDecompressDone(Message, Hashes, Cfg);
+         break;
+   }
+}
 
-      /* Verify the index file for correctness (all indexes must
-       * have a Package field) (LP: #346386) (Closes: #627642) */
-      if (Verify == true)
-      {
-        FileFd fd(DestFile, FileFd::ReadOnly);
-        // Only test for correctness if the file is not empty (empty is ok)
-        if (fd.FileSize() > 0)
-        {
-           pkgTagSection sec;
-           pkgTagFile tag(&fd);
+// AcqIndex::StageDownloadDone - Queue for decompress and verify        /*{{{*/
+void pkgAcqIndex::StageDownloadDone(string Message,
+                                    HashStringList const &Hashes,
+                                    pkgAcquire::MethodConfig *Cfg)
+{
+   // First check if the calculcated Hash of the (compressed) downloaded
+   // file matches the hash we have in the MetaIndexRecords for this file
+   if(VerifyHashByMetaKey(Hashes) == false)
+   {
+      RenameOnError(HashSumMismatch);
+      Failed(Message, Cfg);
+      return;
+   }
 
-           // all our current indexes have a field 'Package' in each section
-           if (_error->PendingError() == true || tag.Step(sec) == false || sec.Exists("Package") == false)
-           {
-              RenameOnError(InvalidFormat);
-              return;
-           }
-         }
-      }
-       
-      // Done, move it into position
-      string FinalFile = _config->FindDir("Dir::State::lists");
-      FinalFile += URItoFileName(RealURI);
-      Rename(DestFile,FinalFile);
-      chmod(FinalFile.c_str(),0644);
-      
-      /* We restore the original name to DestFile so that the clean operation
-         will work OK */
-      DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-      DestFile += URItoFileName(RealURI);
-      
-      // Remove the compressed version.
-      if (Erase == true)
-        unlink(DestFile.c_str());
-      return;
-   }
-
-   Erase = false;
    Complete = true;
    
    // Handle the unzipd case
    string FileName = LookupTag(Message,"Alt-Filename");
    if (FileName.empty() == false)
    {
-      // The files timestamp matches
-      if (StringToBool(LookupTag(Message,"Alt-IMS-Hit"),false) == true)
-        return;
-      Decompression = true;
+      Stage = STAGE_DECOMPRESS_AND_VERIFY;
       Local = true;
       DestFile += ".decomp";
       Desc.URI = "copy:" + FileName;
       QueueURI(Desc);
+      ActiveSubprocess = "copy";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic push
+       #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
       Mode = "copy";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic pop
+#endif
       return;
    }
 
@@ -1108,75 +1260,128 @@ void pkgAcqIndex::Done(string Message,unsigned long long Size,string Hash,
       ErrorText = "Method gave a blank filename";
    }
 
-   std::string const compExt = CompressionExtension.substr(0, CompressionExtension.find(' '));
+   // Methods like e.g. "file:" will give us a (compressed) FileName that is
+   // not the "DestFile" we set, in this case we uncompress from the local file
+   if (FileName != DestFile)
+      Local = true;
+   else
+      EraseFileName = FileName;
 
-   // The files timestamp matches
-   if (StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) {
-       if (_config->FindB("Acquire::GzipIndexes",false) && compExt == "gz")
-         // Update DestFile for .gz suffix so that the clean operation keeps it
-         DestFile += ".gz";
-      return;
-    }
+   // we need to verify the file against the current Release file again
+   // on if-modfied-since hit to avoid a stale attack against us
+   if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
+   {
+      // do not reverify cdrom sources as apt-cdrom may rewrite the Packages
+      // file when its doing the indexcopy
+      if (RealURI.substr(0,6) == "cdrom:")
+         return;
 
-   if (FileName == DestFile)
-      Erase = true;
-   else
-      Local = true;
-   
-   string decompProg;
+      // The files timestamp matches, reverify by copy into partial/
+      EraseFileName = "";
+      ReverifyAfterIMS();
+      return;
+   }
 
-   // If we enable compressed indexes and already have gzip, keep it
-   if (_config->FindB("Acquire::GzipIndexes",false) && compExt == "gz" && !Local) {
-      string FinalFile = _config->FindDir("Dir::State::lists");
-      FinalFile += URItoFileName(RealURI) + ".gz";
-      Rename(DestFile,FinalFile);
-      chmod(FinalFile.c_str(),0644);
-      
-      // Update DestFile for .gz suffix so that the clean operation keeps it
+   // If we have compressed indexes enabled, queue for hash verification
+   if (_config->FindB("Acquire::GzipIndexes",false))
+   {
       DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-      DestFile += URItoFileName(RealURI) + ".gz";
+      DestFile += URItoFileName(RealURI) + '.' + CurrentCompressionExtension;
+      EraseFileName = "";
+      Stage = STAGE_DECOMPRESS_AND_VERIFY;
+      Desc.URI = "copy:" + FileName;
+      QueueURI(Desc);
+
       return;
     }
 
    // get the binary name for your used compression type
-   decompProg = _config->Find(string("Acquire::CompressionTypes::").append(compExt),"");
-   if(decompProg.empty() == false);
-   else if(compExt == "uncompressed")
+   string decompProg;
+   if(CurrentCompressionExtension == "uncompressed")
       decompProg = "copy";
-   else {
-      _error->Error("Unsupported extension: %s", compExt.c_str());
+   else
+      decompProg = _config->Find(string("Acquire::CompressionTypes::").append(CurrentCompressionExtension),"");
+   if(decompProg.empty() == true)
+   {
+      _error->Error("Unsupported extension: %s", CurrentCompressionExtension.c_str());
       return;
    }
 
-   Decompression = true;
+   // queue uri for the next stage
+   Stage = STAGE_DECOMPRESS_AND_VERIFY;
    DestFile += ".decomp";
    Desc.URI = decompProg + ":" + FileName;
    QueueURI(Desc);
 
-   // FIXME: this points to a c++ string that goes out of scope
-   Mode = decompProg.c_str();
+   ActiveSubprocess = decompProg;
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic push
+       #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+      Mode = ActiveSubprocess.c_str();
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic pop
+#endif
+}
+                                                                        /*}}}*/
+// pkgAcqIndex::StageDecompressDone - Final verification               /*{{{*/
+void pkgAcqIndex::StageDecompressDone(string Message,
+                                      HashStringList const &Hashes,
+                                      pkgAcquire::MethodConfig *Cfg)
+{
+   if (ExpectedHashes.usable() && ExpectedHashes != Hashes)
+   {
+      Desc.URI = RealURI;
+      RenameOnError(HashSumMismatch);
+      printHashSumComparision(RealURI, ExpectedHashes, Hashes);
+      Failed(Message, Cfg);
+      return;
+   }
+
+   if(!ValidateFile(DestFile))
+   {
+      RenameOnError(InvalidFormat);
+      Failed(Message, Cfg);
+      return;
+   }
+   
+   // remove the compressed version of the file
+   unlink(EraseFileName.c_str());
+   
+   // Done, queue for rename on transaction finished
+   TransactionManager->TransactionStageCopy(this, DestFile, GetFinalFilename());
+   
+   return;
 }
+                                                                        /*}}}*/
                                                                        /*}}}*/
 // AcqIndexTrans::pkgAcqIndexTrans - Constructor                       /*{{{*/
 // ---------------------------------------------------------------------
 /* The Translation file is added to the queue */
 pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner,
                            string URI,string URIDesc,string ShortDesc) 
-  : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashString(), "")
+  : pkgAcqIndex(Owner, URI, URIDesc, ShortDesc, HashStringList())
 {
 }
-pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner, IndexTarget const *Target,
-                        HashString const &ExpectedHash, indexRecords const *MetaIndexParser)
-  : pkgAcqIndex(Owner, Target, ExpectedHash, MetaIndexParser)
+                                                                       /*}}}*/
+pkgAcqIndexTrans::pkgAcqIndexTrans(pkgAcquire *Owner, 
+                                   pkgAcqMetaBase *TransactionManager, 
+                                   IndexTarget const * const Target,
+                                   HashStringList const &ExpectedHashes, 
+                                   indexRecords *MetaIndexParser)
+   : pkgAcqIndex(Owner, TransactionManager, Target, ExpectedHashes, MetaIndexParser)
 {
+   // load the filesize
+   indexRecords::checkSum *Record = MetaIndexParser->Lookup(string(Target->MetaKey));
+   if(Record)
+      FileSize = Record->Size;
 }
                                                                        /*}}}*/
 // AcqIndexTrans::Custom600Headers - Insert custom request headers     /*{{{*/
 // ---------------------------------------------------------------------
-string pkgAcqIndexTrans::Custom600Headers()
+string pkgAcqIndexTrans::Custom600Headers() const
 {
-   string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(RealURI);
+   string Final = GetFinalFilename();
 
    struct stat Buf;
    if (stat(Final.c_str(),&Buf) != 0)
@@ -1189,15 +1394,16 @@ string pkgAcqIndexTrans::Custom600Headers()
 /* */
 void pkgAcqIndexTrans::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 {
-   size_t const nextExt = CompressionExtension.find(' ');
+   size_t const nextExt = CompressionExtensions.find(' ');
    if (nextExt != std::string::npos)
    {
-      CompressionExtension = CompressionExtension.substr(nextExt+1);
+      CompressionExtensions = CompressionExtensions.substr(nextExt+1);
       Init(RealURI, Desc.Description, Desc.ShortDesc);
       Status = StatIdle;
       return;
    }
 
+   // FIXME: this is used often (e.g. in pkgAcqIndexTrans) so refactor
    if (Cnf->LocalOnly == true || 
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
    {      
@@ -1211,132 +1417,335 @@ void pkgAcqIndexTrans::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
-pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,                                /*{{{*/
+// AcqMetaBase::Add - Add a item to the current Transaction            /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqMetaBase::Add(Item *I)
+{
+   Transaction.push_back(I);
+}
+                                                                       /*}}}*/
+// AcqMetaBase::AbortTransaction - Abort the current Transaction       /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqMetaBase::AbortTransaction()
+{
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "AbortTransaction: " << TransactionManager << std::endl;
+
+   // ensure the toplevel is in error state too
+   for (std::vector<Item*>::iterator I = Transaction.begin();
+        I != Transaction.end(); ++I)
+   {
+      if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+         std::clog << "  Cancel: " << (*I)->DestFile << std::endl;
+      // the transaction will abort, so stop anything that is idle
+      if ((*I)->Status == pkgAcquire::Item::StatIdle)
+         (*I)->Status = pkgAcquire::Item::StatDone;
+
+      // kill files in partial
+      string PartialFile = _config->FindDir("Dir::State::lists");
+      PartialFile += "partial/";
+      PartialFile += flNotDir((*I)->DestFile);
+      if(FileExists(PartialFile))
+         Rename(PartialFile, PartialFile + ".FAILED");
+   }
+}
+                                                                       /*}}}*/
+// AcqMetaBase::TransactionHasError - Check for errors in Transaction          /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+bool pkgAcqMetaBase::TransactionHasError()
+{
+   for (pkgAcquire::ItemIterator I = Transaction.begin();
+        I != Transaction.end(); ++I)
+      if((*I)->Status != pkgAcquire::Item::StatDone &&
+         (*I)->Status != pkgAcquire::Item::StatIdle)
+         return true;
+
+   return false;
+}
+                                                                       /*}}}*/
+// AcqMetaBase::CommitTransaction - Commit a transaction               /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqMetaBase::CommitTransaction()
+{
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "CommitTransaction: " << this << std::endl;
+
+   // move new files into place *and* remove files that are not
+   // part of the transaction but are still on disk
+   for (std::vector<Item*>::iterator I = Transaction.begin();
+        I != Transaction.end(); ++I)
+   {
+      if((*I)->PartialFile != "")
+      {
+         if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+            std::clog << "mv " 
+                      << (*I)->PartialFile << " -> " 
+                      <<  (*I)->DestFile << " " 
+                      << (*I)->DescURI()
+                      << std::endl;
+         Rename((*I)->PartialFile, (*I)->DestFile);
+         chmod((*I)->DestFile.c_str(),0644);
+      } else {
+         if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+            std::clog << "rm " 
+                      <<  (*I)->DestFile
+                      << " " 
+                      << (*I)->DescURI()
+                      << std::endl;
+         unlink((*I)->DestFile.c_str());
+      }
+      // mark that this transaction is finished
+      (*I)->TransactionManager = 0;
+   }
+}
+                                                                       /*}}}*/
+// AcqMetaBase::CommitTransaction - Commit a transaction               /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqMetaBase::TransactionStageCopy(Item *I,
+                                          const std::string &From,
+                                          const std::string &To)
+{
+   I->PartialFile = From;
+   I->DestFile = To;
+}
+                                                                       /*}}}*/
+// AcqMetaBase::CommitTransaction - Commit a transaction               /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+void pkgAcqMetaBase::TransactionStageRemoval(Item *I,
+                                             const std::string &FinalFile)
+{
+   I->PartialFile = "";
+   I->DestFile = FinalFile; 
+}
+                                                                       /*}}}*/
+                                                                       /*{{{*/
+// AcqMetaBase::GenerateAuthWarning - Check gpg authentication error   /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+bool pkgAcqMetaBase::GenerateAuthWarning(const std::string &RealURI,
+                                         const std::string &Message)
+{
+   string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+   
+   if(FileExists(Final))
+   {
+      Status = StatTransientNetworkError;
+      _error->Warning(_("An error occurred during the signature "
+                        "verification. The repository is not updated "
+                        "and the previous index files will be used. "
+                        "GPG error: %s: %s\n"),
+                      Desc.Description.c_str(),
+                      LookupTag(Message,"Message").c_str());
+      RunScripts("APT::Update::Auth-Failure");
+      return true;
+   } else if (LookupTag(Message,"Message").find("NODATA") != string::npos) {
+      /* Invalid signature file, reject (LP: #346386) (Closes: #627642) */
+      _error->Error(_("GPG error: %s: %s"),
+                    Desc.Description.c_str(),
+                    LookupTag(Message,"Message").c_str());
+      Status = StatError;
+      return true;
+   } else {
+      _error->Warning(_("GPG error: %s: %s"),
+                      Desc.Description.c_str(),
+                      LookupTag(Message,"Message").c_str());
+   }
+   // gpgv method failed 
+   ReportMirrorFailure("GPGFailure");
+   return false;
+}
+                                                                       /*}}}*/
+// AcqMetaSig::AcqMetaSig - Constructor                                /*{{{*/
+// ---------------------------------------------------------------------
+/* */
+pkgAcqMetaSig::pkgAcqMetaSig(pkgAcquire *Owner,
+                             pkgAcqMetaBase *TransactionManager,
                             string URI,string URIDesc,string ShortDesc,
-                            string MetaIndexURI, string MetaIndexURIDesc,
-                            string MetaIndexShortDesc,
+                             string MetaIndexFile,
                             const vector<IndexTarget*>* IndexTargets,
                             indexRecords* MetaIndexParser) :
-   Item(Owner), RealURI(URI), MetaIndexURI(MetaIndexURI),
-   MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
-   MetaIndexParser(MetaIndexParser), IndexTargets(IndexTargets)
+   pkgAcqMetaBase(Owner, IndexTargets, MetaIndexParser, 
+                  HashStringList(), TransactionManager),
+   RealURI(URI), MetaIndexFile(MetaIndexFile), URIDesc(URIDesc),
+   ShortDesc(ShortDesc)
 {
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(URI);
+   DestFile += URItoFileName(RealURI);
 
    // remove any partial downloaded sig-file in partial/. 
    // it may confuse proxies and is too small to warrant a 
    // partial download anyway
    unlink(DestFile.c_str());
 
+   // set the TransactionManager
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "New pkgAcqMetaSig with TransactionManager "
+                << TransactionManager << std::endl;
+
    // Create the item
    Desc.Description = URIDesc;
    Desc.Owner = this;
    Desc.ShortDesc = ShortDesc;
    Desc.URI = URI;
-      
-   string Final = _config->FindDir("Dir::State::lists");
-   Final += URItoFileName(RealURI);
-   if (RealFileExists(Final) == true)
-   {
-      // File was already in place.  It needs to be re-downloaded/verified
-      // because Release might have changed, we do give it a different
-      // name than DestFile because otherwise the http method will
-      // send If-Range requests and there are too many broken servers
-      // out there that do not understand them
-      LastGoodSig = DestFile+".reverify";
-      Rename(Final,LastGoodSig);
-   }
 
    QueueURI(Desc);
 }
                                                                        /*}}}*/
 pkgAcqMetaSig::~pkgAcqMetaSig()                                                /*{{{*/
 {
-   // if the file was never queued undo file-changes done in the constructor
-   if (QueueCounter == 1 && Status == StatIdle && FileSize == 0 && Complete == false &&
-        LastGoodSig.empty() == false)
-   {
-      string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
-      if (RealFileExists(Final) == false && RealFileExists(LastGoodSig) == true)
-        Rename(LastGoodSig, Final);
-   }
-
 }
                                                                        /*}}}*/
 // pkgAcqMetaSig::Custom600Headers - Insert custom request headers     /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
-string pkgAcqMetaSig::Custom600Headers()
+string pkgAcqMetaSig::Custom600Headers() const
 {
+   string FinalFile = _config->FindDir("Dir::State::lists");
+   FinalFile += URItoFileName(RealURI);
+
    struct stat Buf;
-   if (stat(LastGoodSig.c_str(),&Buf) != 0)
+   if (stat(FinalFile.c_str(),&Buf) != 0)
       return "\nIndex-File: true";
 
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
-
-void pkgAcqMetaSig::Done(string Message,unsigned long long Size,string MD5,
+                                                                       /*}}}*/
+// pkgAcqMetaSig::Done - The signature was downloaded/verified         /*{{{*/
+// ---------------------------------------------------------------------
+/* The only header we use is the last-modified header. */
+void pkgAcqMetaSig::Done(string Message,unsigned long long Size,
+                         HashStringList const &Hashes,
                         pkgAcquire::MethodConfig *Cfg)
 {
-   Item::Done(Message,Size,MD5,Cfg);
+   Item::Done(Message, Size, Hashes, Cfg);
 
-   string FileName = LookupTag(Message,"Filename");
-   if (FileName.empty() == true)
+   if(AuthPass == false)
    {
-      Status = StatError;
-      ErrorText = "Method gave a blank filename";
-      return;
-   }
+      // queue for verify, note that we change DestFile here to point to
+      // the file we want to verify (needed to make gpgv work)
 
-   if (FileName != DestFile)
-   {
-      // We have to copy it into place
-      Local = true;
-      Desc.URI = "copy:" + FileName;
+      string FileName = LookupTag(Message,"Filename");
+      if (FileName.empty() == true)
+      {
+         Status = StatError;
+         ErrorText = "Method gave a blank filename";
+         return;
+      }
+
+      if (FileName != DestFile)
+      {
+         // We have to copy it into place
+         Local = true;
+         Desc.URI = "copy:" + FileName;
+         QueueURI(Desc);
+         return;
+      }
+
+      if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
+      {
+         IMSHit = true;
+         // adjust DestFile on i-m-s hit to the one we already have on disk
+         DestFile = _config->FindDir("Dir::State::lists");
+         DestFile += URItoFileName(RealURI);
+      }
+
+      // this is the file we verify from
+      MetaIndexFileSignature = DestFile;
+
+      AuthPass = true;
+      Desc.URI = "gpgv:" + MetaIndexFileSignature;
+      DestFile = MetaIndexFile;
       QueueURI(Desc);
+      ActiveSubprocess = "gpgv";
       return;
    }
+   else 
+   {
+      // verify was successful
 
-   Complete = true;
+      // we parse the MetaIndexFile here (and not right after getting 
+      // the pkgAcqMetaIndex) because at this point we can trust the data
+      //
+      // load indexes and queue further downloads
+      MetaIndexParser->Load(MetaIndexFile);
+      QueueIndexes(true);
 
-   // put the last known good file back on i-m-s hit (it will
-   // be re-verified again)
-   // Else do nothing, we have the new file in DestFile then
-   if(StringToBool(LookupTag(Message,"IMS-Hit"),false) == true)
-      Rename(LastGoodSig, DestFile);
-
-   // queue a pkgAcqMetaIndex to be verified against the sig we just retrieved
-   new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, 
-                      MetaIndexShortDesc,  DestFile, IndexTargets, 
-                      MetaIndexParser);
+      // DestFile points to the the MetaIndeFile at this point, make it
+      // point back to the Release.gpg file
+      std::string FinalFile = _config->FindDir("Dir::State::lists");
+      FinalFile += URItoFileName(RealURI);
+      TransactionManager->TransactionStageCopy(this, MetaIndexFileSignature, FinalFile);
 
+      Complete = true;
+   }
 }
                                                                        /*}}}*/
 void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
 {
    string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
 
-   // if we get a network error we fail gracefully
-   if(Status == StatTransientNetworkError)
+   // FIXME: duplicated code from pkgAcqMetaIndex
+   if (AuthPass == true)
    {
-      Item::Failed(Message,Cnf);
-      // move the sigfile back on transient network failures 
-      if(FileExists(LastGoodSig))
-        Rename(LastGoodSig,Final);
+      bool Stop = GenerateAuthWarning(RealURI, Message);
+      if(Stop)
+         return;
+   }
 
-      // set the status back to , Item::Failed likes to reset it
-      Status = pkgAcquire::Item::StatTransientNetworkError;
-      return;
+   // FIXME: meh, this is not really elegant
+   string InReleaseURI = RealURI.replace(RealURI.rfind("Release.gpg"), 12,
+                                         "InRelease");
+   string FinalInRelease = _config->FindDir("Dir::State::lists") + URItoFileName(InReleaseURI);
+
+   if (RealFileExists(Final) || RealFileExists(FinalInRelease))
+   {
+      std::string downgrade_msg;
+      strprintf(downgrade_msg, _("The repository '%s' is no longer signed."),
+                URIDesc.c_str());
+      if(_config->FindB("Acquire::AllowDowngradeToInsecureRepositories"))
+      {
+         // meh, the users wants to take risks (we still mark the packages
+         // from this repository as unauthenticated)
+         _error->Warning("%s", downgrade_msg.c_str());
+         _error->Warning(_("This is normally not allowed, but the option "
+                           "Acquire::AllowDowngradeToInsecureRepositories was "
+                           "given to override it."));
+         
+      } else {
+         _error->Error("%s", downgrade_msg.c_str());
+         Rename(MetaIndexFile, MetaIndexFile+".FAILED");
+         Status = pkgAcquire::Item::StatError;
+         TransactionManager->AbortTransaction();
+         return;
+      }
    }
 
-   // Delete any existing sigfile when the acquire failed
-   unlink(Final.c_str());
+   // this ensures that any file in the lists/ dir is removed by the
+   // transaction
+   DestFile =  _config->FindDir("Dir::State::lists") + "partial/";
+   DestFile += URItoFileName(RealURI);
+   TransactionManager->TransactionStageRemoval(this, DestFile);
 
-   // queue a pkgAcqMetaIndex with no sigfile
-   new pkgAcqMetaIndex(Owner, MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
-                      "", IndexTargets, MetaIndexParser);
+   // only allow going further if the users explicitely wants it
+   if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
+   {
+      // we parse the indexes here because at this point the user wanted
+      // a repository that may potentially harm him
+      MetaIndexParser->Load(MetaIndexFile);
+      QueueIndexes(true);
+   } 
+   else 
+   {
+      _error->Warning("Use --allow-insecure-repositories to force the update");
+   }
 
+   // FIXME: this is used often (e.g. in pkgAcqIndexTrans) so refactor
    if (Cnf->LocalOnly == true || 
        StringToBool(LookupTag(Message,"Transient-Failure"),false) == false)
    {      
@@ -1346,34 +1755,55 @@ void pkgAcqMetaSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf)/*{{{*/
       Dequeue();
       return;
    }
-   
    Item::Failed(Message,Cnf);
 }
                                                                        /*}}}*/
 pkgAcqMetaIndex::pkgAcqMetaIndex(pkgAcquire *Owner,                    /*{{{*/
+                                 pkgAcqMetaBase *TransactionManager,
                                 string URI,string URIDesc,string ShortDesc,
-                                string SigFile,
-                                const vector<struct IndexTarget*>* IndexTargets,
+                                 string MetaIndexSigURI,string MetaIndexSigURIDesc, string MetaIndexSigShortDesc,
+                                const vector<IndexTarget*>* IndexTargets,
                                 indexRecords* MetaIndexParser) :
-   Item(Owner), RealURI(URI), SigFile(SigFile), IndexTargets(IndexTargets),
-   MetaIndexParser(MetaIndexParser), AuthPass(false), IMSHit(false)
+   pkgAcqMetaBase(Owner, IndexTargets, MetaIndexParser, HashStringList(),
+                  TransactionManager), 
+   RealURI(URI), URIDesc(URIDesc), ShortDesc(ShortDesc),
+   MetaIndexSigURI(MetaIndexSigURI), MetaIndexSigURIDesc(MetaIndexSigURIDesc),
+   MetaIndexSigShortDesc(MetaIndexSigShortDesc)
+{
+   if(TransactionManager == NULL)
+   {
+      this->TransactionManager = this;
+      this->TransactionManager->Add(this);
+   }
+
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "New pkgAcqMetaIndex with TransactionManager "
+                << this->TransactionManager << std::endl;
+
+
+   Init(URIDesc, ShortDesc);
+}
+                                                                       /*}}}*/
+// pkgAcqMetaIndex::Init - Delayed constructor                         /*{{{*/
+void pkgAcqMetaIndex::Init(std::string URIDesc, std::string ShortDesc)
 {
    DestFile = _config->FindDir("Dir::State::lists") + "partial/";
-   DestFile += URItoFileName(URI);
+   DestFile += URItoFileName(RealURI);
 
    // Create the item
    Desc.Description = URIDesc;
    Desc.Owner = this;
    Desc.ShortDesc = ShortDesc;
-   Desc.URI = URI;
+   Desc.URI = RealURI;
 
+   // we expect more item
+   ExpectedAdditionalItems = IndexTargets->size();
    QueueURI(Desc);
 }
-                                                                       /*}}}*/
 // pkgAcqMetaIndex::Custom600Headers - Insert custom request headers   /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
-string pkgAcqMetaIndex::Custom600Headers()
+string pkgAcqMetaIndex::Custom600Headers() const
 {
    string Final = _config->FindDir("Dir::State::lists");
    Final += URItoFileName(RealURI);
@@ -1385,10 +1815,10 @@ string pkgAcqMetaIndex::Custom600Headers()
    return "\nIndex-File: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
                                                                        /*}}}*/
-void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash, /*{{{*/
+void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,HashStringList const &Hashes,        /*{{{*/
                           pkgAcquire::MethodConfig *Cfg)
 {
-   Item::Done(Message,Size,Hash,Cfg);
+   Item::Done(Message,Size,Hashes,Cfg);
 
    // MetaIndexes are done in two passes: one to download the
    // metaindex with an appropriate method, and a second to verify it
@@ -1408,25 +1838,25 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash,  /
          // Still more retrieving to do
          return;
 
-      if (SigFile == "")
-      {
-         // There was no signature file, so we are finished.  Download
-         // the indexes and do only hashsum verification if possible
-         MetaIndexParser->Load(DestFile);
-         QueueIndexes(false);
-      }
-      else
+      if (SigFile != "")
       {
          // There was a signature file, so pass it to gpgv for
          // verification
-
          if (_config->FindB("Debug::pkgAcquire::Auth", false))
             std::cerr << "Metaindex acquired, queueing gpg verification ("
                       << SigFile << "," << DestFile << ")\n";
          AuthPass = true;
          Desc.URI = "gpgv:" + SigFile;
          QueueURI(Desc);
-         Mode = "gpgv";
+        ActiveSubprocess = "gpgv";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic push
+       #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+        Mode = "gpgv";
+#if __GNUC__ >= 4
+       #pragma GCC diagnostic pop
+#endif
         return;
       }
    }
@@ -1437,9 +1867,9 @@ void pkgAcqMetaIndex::Done(string Message,unsigned long long Size,string Hash,    /
       FinalFile += URItoFileName(RealURI);
       if (SigFile == DestFile)
         SigFile = FinalFile;
-      Rename(DestFile,FinalFile);
-      chmod(FinalFile.c_str(),0644);
-      DestFile = FinalFile;
+
+      // queue for copy in place
+      TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
    }
 }
                                                                        /*}}}*/
@@ -1473,14 +1903,24 @@ void pkgAcqMetaIndex::RetrievalDone(string Message)                     /*{{{*/
       if (SigFile == DestFile)
       {
         SigFile = FinalFile;
+#if 0
         // constructor of pkgAcqMetaClearSig moved it out of the way,
         // now move it back in on IMS hit for the 'old' file
         string const OldClearSig = DestFile + ".reverify";
         if (RealFileExists(OldClearSig) == true)
            Rename(OldClearSig, FinalFile);
+#endif
       }
       DestFile = FinalFile;
    }
+
+   // queue a signature
+   if(SigFile != DestFile)
+      new pkgAcqMetaSig(Owner, TransactionManager, 
+                        MetaIndexSigURI, MetaIndexSigURIDesc,
+                        MetaIndexSigShortDesc, DestFile, IndexTargets, 
+                        MetaIndexParser);
+
    Complete = true;
 }
                                                                        /*}}}*/
@@ -1507,9 +1947,44 @@ void pkgAcqMetaIndex::AuthDone(string Message)                           /*{{{*/
       std::cerr << "Signature verification succeeded: "
                 << DestFile << std::endl;
 
-   // Download further indexes with verification
+// we ensure this by other means
+#if 0 
+   // do not trust any previously unverified content that we may have
+   string LastGoodSigFile = _config->FindDir("Dir::State::lists").append("partial/").append(URItoFileName(RealURI));
+   if (DestFile != SigFile)
+      LastGoodSigFile.append(".gpg");
+   LastGoodSigFile.append(".reverify");
+   if(IMSHit == false && RealFileExists(LastGoodSigFile) == false)
+   {
+      for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
+           Target != IndexTargets->end();
+           ++Target)
+      {
+         // remove old indexes
+         std::string index = _config->FindDir("Dir::State::lists") +
+            URItoFileName((*Target)->URI);
+         unlink(index.c_str());
+         // and also old gzipindexes
+         std::vector<std::string> types = APT::Configuration::getCompressionTypes();
+         for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
+         {
+            index += '.' + (*t);
+            unlink(index.c_str());
+         }
+      }
+   }
+#endif
+
+   // Download further indexes with verification 
+   //
+   // it would be really nice if we could simply do
+   //    if (IMSHit == false) QueueIndexes(true)
+   // and skip the download if the Release file has not changed
+   // - but right now the list cleaner will needs to be tricked
+   //   to not delete all our packages/source indexes in this case
    QueueIndexes(true);
 
+#if 0
    // is it a clearsigned MetaIndex file?
    if (DestFile == SigFile)
       return;
@@ -1519,20 +1994,11 @@ void pkgAcqMetaIndex::AuthDone(string Message)                          /*{{{*/
       URItoFileName(RealURI) + ".gpg";
    Rename(SigFile,VerifiedSigFile);
    chmod(VerifiedSigFile.c_str(),0644);
+#endif
 }
                                                                        /*}}}*/
-void pkgAcqMetaIndex::QueueIndexes(bool verify)                                /*{{{*/
+void pkgAcqMetaBase::QueueIndexes(bool verify)                         /*{{{*/
 {
-#if 0
-   /* Reject invalid, existing Release files (LP: #346386) (Closes: #627642)
-    * FIXME: Disabled; it breaks unsigned repositories without hashes */
-   if (!verify && FileExists(DestFile) && !MetaIndexParser->Load(DestFile))
-   {
-      Status = StatError;
-      ErrorText = MetaIndexParser->ErrorText;
-      return;
-   }
-#endif
    bool transInRelease = false;
    {
       std::vector<std::string> const keys = MetaIndexParser->MetaKeys();
@@ -1545,11 +2011,13 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)                         /*{{{*/
         }
    }
 
-   for (vector <struct IndexTarget*>::const_iterator Target = IndexTargets->begin();
+   // at this point the real Items are loaded in the fetcher
+   ExpectedAdditionalItems = 0;
+   for (vector <IndexTarget*>::const_iterator Target = IndexTargets->begin();
         Target != IndexTargets->end();
         ++Target)
    {
-      HashString ExpectedIndexHash;
+      HashStringList ExpectedIndexHashes;
       const indexRecords::checkSum *Record = MetaIndexParser->Lookup((*Target)->MetaKey);
       bool compressedAvailable = false;
       if (Record == NULL)
@@ -1558,7 +2026,7 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)                           /*{{{*/
         {
            std::vector<std::string> types = APT::Configuration::getCompressionTypes();
            for (std::vector<std::string>::const_iterator t = types.begin(); t != types.end(); ++t)
-              if (MetaIndexParser->Exists(string((*Target)->MetaKey).append(".").append(*t)) == true)
+              if (MetaIndexParser->Exists((*Target)->MetaKey + "." + *t) == true)
               {
                  compressedAvailable = true;
                  break;
@@ -1573,14 +2041,16 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)                         /*{{{*/
       }
       else
       {
-        ExpectedIndexHash = Record->Hash;
+        ExpectedIndexHashes = Record->Hashes;
         if (_config->FindB("Debug::pkgAcquire::Auth", false))
         {
-           std::cerr << "Queueing: " << (*Target)->URI << std::endl;
-           std::cerr << "Expected Hash: " << ExpectedIndexHash.toStr() << std::endl;
+           std::cerr << "Queueing: " << (*Target)->URI << std::endl
+              << "Expected Hash:" << std::endl;
+           for (HashStringList::const_iterator hs = ExpectedIndexHashes.begin(); hs != ExpectedIndexHashes.end(); ++hs)
+              std::cerr <<  "\t- " << hs->toStr() << std::endl;
            std::cerr << "For: " << Record->MetaKeyFilename << std::endl;
         }
-        if (verify == true && ExpectedIndexHash.empty() == true && (*Target)->IsOptional() == false)
+        if (verify == true && ExpectedIndexHashes.empty() == true && (*Target)->IsOptional() == false)
         {
            Status = StatAuthError;
            strprintf(ErrorText, _("Unable to find hash sum for '%s' in Release file"), (*Target)->MetaKey.c_str());
@@ -1590,17 +2060,13 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)                         /*{{{*/
 
       if ((*Target)->IsOptional() == true)
       {
-        if ((*Target)->IsSubIndex() == true)
-           new pkgAcqSubIndex(Owner, (*Target)->URI, (*Target)->Description,
-                               (*Target)->ShortDesc, ExpectedIndexHash);
-        else if (transInRelease == false || Record != NULL || compressedAvailable == true)
+        if (transInRelease == false || Record != NULL || compressedAvailable == true)
         {
            if (_config->FindB("Acquire::PDiffs",true) == true && transInRelease == true &&
-               MetaIndexParser->Exists(string((*Target)->MetaKey).append(".diff/Index")) == true)
-              new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
-                                  (*Target)->ShortDesc, ExpectedIndexHash);
+               MetaIndexParser->Exists((*Target)->MetaKey + ".diff/Index") == true)
+              new pkgAcqDiffIndex(Owner, TransactionManager, *Target, ExpectedIndexHashes, MetaIndexParser);
            else
-              new pkgAcqIndexTrans(Owner, *Target, ExpectedIndexHash, MetaIndexParser);
+              new pkgAcqIndexTrans(Owner, TransactionManager, *Target, ExpectedIndexHashes, MetaIndexParser);
         }
         continue;
       }
@@ -1610,11 +2076,10 @@ void pkgAcqMetaIndex::QueueIndexes(bool verify)                         /*{{{*/
          in the Meta-Index file. Ideal would be if pkgAcqDiffIndex would test this
          instead, but passing the required info to it is to much hassle */
       if(_config->FindB("Acquire::PDiffs",true) == true && (verify == false ||
-         MetaIndexParser->Exists(string((*Target)->MetaKey).append(".diff/Index")) == true))
-        new pkgAcqDiffIndex(Owner, (*Target)->URI, (*Target)->Description,
-                            (*Target)->ShortDesc, ExpectedIndexHash);
+         MetaIndexParser->Exists((*Target)->MetaKey + ".diff/Index") == true))
+        new pkgAcqDiffIndex(Owner, TransactionManager, *Target, ExpectedIndexHashes, MetaIndexParser);
       else
-        new pkgAcqIndex(Owner, *Target, ExpectedIndexHash, MetaIndexParser);
+        new pkgAcqIndex(Owner, TransactionManager, *Target, ExpectedIndexHashes, MetaIndexParser);
    }
 }
                                                                        /*}}}*/
@@ -1635,7 +2100,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)                        /*{{{*/
       missingkeys += (Fingerprint);
    }
    if(!missingkeys.empty())
-      _error->Warning("%s", string(msg+missingkeys).c_str());
+      _error->Warning("%s", (msg + missingkeys).c_str());
 
    string Transformed = MetaIndexParser->GetExpectedDist();
 
@@ -1698,83 +2163,85 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message)                      /*{{{*/
 // pkgAcqMetaIndex::Failed - no Release file present or no signature file present      /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqMetaIndex::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
+void pkgAcqMetaIndex::Failed(string Message,
+                             pkgAcquire::MethodConfig * /*Cnf*/)
 {
+   string Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
+
    if (AuthPass == true)
    {
-      // gpgv method failed, if we have a good signature 
-      string LastGoodSigFile = _config->FindDir("Dir::State::lists").append("partial/").append(URItoFileName(RealURI));
-      if (DestFile != SigFile)
-        LastGoodSigFile.append(".gpg");
-      LastGoodSigFile.append(".reverify");
+      bool Stop = GenerateAuthWarning(RealURI, Message);
+      if(Stop)
+         return;
+   }
 
-      if(FileExists(LastGoodSigFile))
+   _error->Warning(_("The data from '%s' is not signed. Packages "
+                     "from that repository can not be authenticated."),
+                   URIDesc.c_str());
+
+   // No Release file was present, or verification failed, so fall
+   // back to queueing Packages files without verification
+   // only allow going further if the users explicitely wants it
+   if(_config->FindB("Acquire::AllowInsecureRepositories") == true)
+   {
+      /* Always move the meta index, even if gpgv failed. This ensures
+       * that PackageFile objects are correctly filled in */
+      if (FileExists(DestFile)) 
       {
-        string VerifiedSigFile = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
-        if (DestFile != SigFile)
-           VerifiedSigFile.append(".gpg");
-        Rename(LastGoodSigFile, VerifiedSigFile);
-        Status = StatTransientNetworkError;
-        _error->Warning(_("An error occurred during the signature "
-                          "verification. The repository is not updated "
-                          "and the previous index files will be used. "
-                          "GPG error: %s: %s\n"),
-                        Desc.Description.c_str(),
-                        LookupTag(Message,"Message").c_str());
-        RunScripts("APT::Update::Auth-Failure");
-        return;
-      } else if (LookupTag(Message,"Message").find("NODATA") != string::npos) {
-        /* Invalid signature file, reject (LP: #346386) (Closes: #627642) */
-        _error->Error(_("GPG error: %s: %s"),
-                        Desc.Description.c_str(),
-                        LookupTag(Message,"Message").c_str());
-        return;
-      } else {
-        _error->Warning(_("GPG error: %s: %s"),
-                        Desc.Description.c_str(),
-                        LookupTag(Message,"Message").c_str());
-      }
-      // gpgv method failed 
-      ReportMirrorFailure("GPGFailure");
-   }
+         string FinalFile = _config->FindDir("Dir::State::lists");
+         FinalFile += URItoFileName(RealURI);
+         /* InRelease files become Release files, otherwise
+          * they would be considered as trusted later on */
+         if (SigFile == DestFile) {
+            RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
+                                      "Release");
+            FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
+                                          "Release");
+            SigFile = FinalFile;
+         }
 
-   /* Always move the meta index, even if gpgv failed. This ensures
-    * that PackageFile objects are correctly filled in */
-   if (FileExists(DestFile)) {
-      string FinalFile = _config->FindDir("Dir::State::lists");
-      FinalFile += URItoFileName(RealURI);
-      /* InRelease files become Release files, otherwise
-       * they would be considered as trusted later on */
-      if (SigFile == DestFile) {
-        RealURI = RealURI.replace(RealURI.rfind("InRelease"), 9,
-                                      "Release");
-        FinalFile = FinalFile.replace(FinalFile.rfind("InRelease"), 9,
-                                      "Release");
-        SigFile = FinalFile;
+         // Done, queue for rename on transaction finished
+         TransactionManager->TransactionStageCopy(this, DestFile, FinalFile);
       }
-      Rename(DestFile,FinalFile);
-      chmod(FinalFile.c_str(),0644);
 
-      DestFile = FinalFile;
-   }
+      QueueIndexes(false);
+   } else {
+      // warn if the repository is unsinged
+      _error->Warning("Use --allow-insecure-repositories to force the update");
+      TransactionManager->AbortTransaction();
+      Status = StatError;
+      return;
+   } 
 
-   // No Release file was present, or verification failed, so fall
-   // back to queueing Packages files without verification
-   QueueIndexes(false);
 }
                                                                        /*}}}*/
+
+void pkgAcqMetaIndex::Finished()
+{
+   if(_config->FindB("Debug::Acquire::Transaction", false) == true)
+      std::clog << "Finished: " << DestFile <<std::endl;
+   if(TransactionManager != NULL &&
+      TransactionManager->TransactionHasError() == false)
+      TransactionManager->CommitTransaction();
+}
+
+
 pkgAcqMetaClearSig::pkgAcqMetaClearSig(pkgAcquire *Owner,              /*{{{*/
                string const &URI, string const &URIDesc, string const &ShortDesc,
                string const &MetaIndexURI, string const &MetaIndexURIDesc, string const &MetaIndexShortDesc,
                string const &MetaSigURI, string const &MetaSigURIDesc, string const &MetaSigShortDesc,
-               const vector<struct IndexTarget*>* IndexTargets,
+               const vector<IndexTarget*>* IndexTargets,
                indexRecords* MetaIndexParser) :
-       pkgAcqMetaIndex(Owner, URI, URIDesc, ShortDesc, "", IndexTargets, MetaIndexParser),
-       MetaIndexURI(MetaIndexURI), MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
-       MetaSigURI(MetaSigURI), MetaSigURIDesc(MetaSigURIDesc), MetaSigShortDesc(MetaSigShortDesc)
+   pkgAcqMetaIndex(Owner, NULL, URI, URIDesc, ShortDesc, MetaSigURI, MetaSigURIDesc,MetaSigShortDesc, IndexTargets, MetaIndexParser),
+       MetaIndexURI(MetaIndexURI), MetaIndexURIDesc(MetaIndexURIDesc), MetaIndexShortDesc(MetaIndexShortDesc),
+       MetaSigURI(MetaSigURI), MetaSigURIDesc(MetaSigURIDesc), MetaSigShortDesc(MetaSigShortDesc)
 {
    SigFile = DestFile;
 
+   // index targets + (worst case:) Release/Release.gpg
+   ExpectedAdditionalItems = IndexTargets->size() + 2;
+
+#if 0
    // keep the old InRelease around in case of transistent network errors
    string const Final = _config->FindDir("Dir::State::lists") + URItoFileName(RealURI);
    if (RealFileExists(Final) == true)
@@ -1782,10 +2249,12 @@ pkgAcqMetaClearSig::pkgAcqMetaClearSig(pkgAcquire *Owner,               /*{{{*/
       string const LastGoodSig = DestFile + ".reverify";
       Rename(Final,LastGoodSig);
    }
+#endif
 }
                                                                        /*}}}*/
 pkgAcqMetaClearSig::~pkgAcqMetaClearSig()                              /*{{{*/
 {
+#if 0
    // if the file was never queued undo file-changes done in the constructor
    if (QueueCounter == 1 && Status == StatIdle && FileSize == 0 && Complete == false)
    {
@@ -1794,12 +2263,13 @@ pkgAcqMetaClearSig::~pkgAcqMetaClearSig()                               /*{{{*/
       if (RealFileExists(Final) == false && RealFileExists(LastGoodSig) == true)
         Rename(LastGoodSig, Final);
    }
+#endif
 }
                                                                        /*}}}*/
 // pkgAcqMetaClearSig::Custom600Headers - Insert custom request headers        /*{{{*/
 // ---------------------------------------------------------------------
 // FIXME: this can go away once the InRelease file is used widely
-string pkgAcqMetaClearSig::Custom600Headers()
+string pkgAcqMetaClearSig::Custom600Headers() const
 {
    string Final = _config->FindDir("Dir::State::lists");
    Final += URItoFileName(RealURI);
@@ -1807,7 +2277,6 @@ string pkgAcqMetaClearSig::Custom600Headers()
    struct stat Buf;
    if (stat(Final.c_str(),&Buf) != 0)
    {
-      Final = DestFile + ".reverify";
       if (stat(Final.c_str(),&Buf) != 0)
         return "\nIndex-File: true\nFail-Ignore: true\n";
    }
@@ -1815,20 +2284,42 @@ string pkgAcqMetaClearSig::Custom600Headers()
    return "\nIndex-File: true\nFail-Ignore: true\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
 }
                                                                        /*}}}*/
+// pkgAcqMetaClearSig::Done - We got a file                            /*{{{*/
+// ---------------------------------------------------------------------
+void pkgAcqMetaClearSig::Done(std::string Message,unsigned long long Size, 
+                              HashStringList const &Hashes,
+                              pkgAcquire::MethodConfig *Cnf)
+{
+   // if we expect a ClearTextSignature (InRelase), ensure that
+   // this is what we get and if not fail to queue a 
+   // Release/Release.gpg, see #346386
+   if (FileExists(DestFile) && !StartsWithGPGClearTextSignature(DestFile))
+   {
+      pkgAcquire::Item::Failed(Message, Cnf);
+      RenameOnError(NotClearsigned);
+      TransactionManager->AbortTransaction();
+      return;
+   }
+   pkgAcqMetaIndex::Done(Message, Size, Hashes, Cnf);
+}
+                                                                       /*}}}*/
 void pkgAcqMetaClearSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*{{{*/
 {
+   // we failed, we will not get additional items from this method
+   ExpectedAdditionalItems = 0;
+
    if (AuthPass == false)
    {
-      // Remove the 'old' InRelease file if we try Release.gpg now as otherwise
-      // the file will stay around and gives a false-auth impression (CVE-2012-0214)
+      // Queue the 'old' InRelease file for removal if we try Release.gpg
+      // as otherwise the file will stay around and gives a false-auth
+      // impression (CVE-2012-0214)
       string FinalFile = _config->FindDir("Dir::State::lists");
       FinalFile.append(URItoFileName(RealURI));
-      if (FileExists(FinalFile))
-        unlink(FinalFile.c_str());
+      TransactionManager->TransactionStageRemoval(this, FinalFile);
 
-      new pkgAcqMetaSig(Owner,
-                       MetaSigURI, MetaSigURIDesc, MetaSigShortDesc,
+      new pkgAcqMetaIndex(Owner, TransactionManager,
                        MetaIndexURI, MetaIndexURIDesc, MetaIndexShortDesc,
+                       MetaSigURI, MetaSigURIDesc, MetaSigShortDesc,
                        IndexTargets, MetaIndexParser);
       if (Cnf->LocalOnly == true ||
          StringToBool(LookupTag(Message, "Transient-Failure"), false) == false)
@@ -1845,7 +2336,7 @@ void pkgAcqMetaClearSig::Failed(string Message,pkgAcquire::MethodConfig *Cnf) /*
 pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
                             pkgRecords *Recs,pkgCache::VerIterator const &Version,
                             string &StoreFilename) :
-               Item(Owner), Version(Version), Sources(Sources), Recs(Recs), 
+               Item(Owner, HashStringList()), Version(Version), Sources(Sources), Recs(Recs), 
                StoreFilename(StoreFilename), Vf(Version.FileList()), 
               Trusted(false)
 {
@@ -1856,7 +2347,7 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
       _error->Error(_("I wasn't able to locate a file for the %s package. "
                      "This might mean you need to manually fix this package. "
                      "(due to missing arch)"),
-                   Version.ParentPkg().Name());
+                   Version.ParentPkg().FullName().c_str());
       return;
    }
    
@@ -1930,7 +2421,6 @@ pkgAcqArchive::pkgAcqArchive(pkgAcquire *Owner,pkgSourceList *Sources,
    checking later. */
 bool pkgAcqArchive::QueueNext()
 {
-   string const ForceHash = _config->Find("Acquire::ForceHash");
    for (; Vf.end() == false; ++Vf)
    {
       // Ignore not source sources
@@ -1951,31 +2441,10 @@ bool pkgAcqArchive::QueueNext()
       pkgRecords::Parser &Parse = Recs->Lookup(Vf);
       if (_error->PendingError() == true)
         return false;
-      
+
       string PkgFile = Parse.FileName();
-      if (ForceHash.empty() == false)
-      {
-        if(stringcasecmp(ForceHash, "sha512") == 0)
-           ExpectedHash = HashString("SHA512", Parse.SHA512Hash());
-        else if(stringcasecmp(ForceHash, "sha256") == 0)
-           ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
-        else if (stringcasecmp(ForceHash, "sha1") == 0)
-           ExpectedHash = HashString("SHA1", Parse.SHA1Hash());
-        else
-           ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
-      }
-      else
-      {
-        string Hash;
-        if ((Hash = Parse.SHA512Hash()).empty() == false)
-           ExpectedHash = HashString("SHA512", Hash);
-        else if ((Hash = Parse.SHA256Hash()).empty() == false)
-           ExpectedHash = HashString("SHA256", Hash);
-        else if ((Hash = Parse.SHA1Hash()).empty() == false)
-           ExpectedHash = HashString("SHA1", Hash);
-        else
-           ExpectedHash = HashString("MD5Sum", Parse.MD5Hash());
-      }
+      ExpectedHashes = Parse.Hashes();
+
       if (PkgFile.empty() == true)
         return _error->Error(_("The package index files are corrupted. No Filename: "
                              "field for package %s."),
@@ -1984,7 +2453,7 @@ bool pkgAcqArchive::QueueNext()
       Desc.URI = Index->ArchiveURI(PkgFile);
       Desc.Description = Index->ArchiveInfo(Version);
       Desc.Owner = this;
-      Desc.ShortDesc = Version.ParentPkg().Name();
+      Desc.ShortDesc = Version.ParentPkg().FullName(true);
 
       // See if we already have the file. (Legacy filenames)
       FileSize = Version->Size;
@@ -2051,10 +2520,6 @@ bool pkgAcqArchive::QueueNext()
 
       // Create the item
       Local = false;
-      Desc.URI = Index->ArchiveURI(PkgFile);
-      Desc.Description = Index->ArchiveInfo(Version);
-      Desc.Owner = this;
-      Desc.ShortDesc = Version.ParentPkg().Name();
       QueueURI(Desc);
 
       ++Vf;
@@ -2066,10 +2531,10 @@ bool pkgAcqArchive::QueueNext()
 // AcqArchive::Done - Finished fetching                                        /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqArchive::Done(string Message,unsigned long long Size,string CalcHash,
+void pkgAcqArchive::Done(string Message,unsigned long long Size, HashStringList const &CalcHashes,
                         pkgAcquire::MethodConfig *Cfg)
 {
-   Item::Done(Message,Size,CalcHash,Cfg);
+   Item::Done(Message, Size, CalcHashes, Cfg);
    
    // Check the size
    if (Size != Version->Size)
@@ -2077,11 +2542,12 @@ void pkgAcqArchive::Done(string Message,unsigned long long Size,string CalcHash,
       RenameOnError(SizeMismatch);
       return;
    }
-   
-   // Check the hash
-   if(ExpectedHash.toStr() != CalcHash)
+
+   // FIXME: could this empty() check impose *any* sort of security issue?
+   if(ExpectedHashes.usable() && ExpectedHashes != CalcHashes)
    {
       RenameOnError(HashSumMismatch);
+      printHashSumComparision(DestFile, ExpectedHashes, CalcHashes);
       return;
    }
 
@@ -2153,7 +2619,7 @@ void pkgAcqArchive::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
                                                                        /*}}}*/
 // AcqArchive::IsTrusted - Determine whether this archive comes from a trusted source /*{{{*/
 // ---------------------------------------------------------------------
-bool pkgAcqArchive::IsTrusted()
+APT_PURE bool pkgAcqArchive::IsTrusted() const
 {
    return Trusted;
 }
@@ -2172,11 +2638,11 @@ void pkgAcqArchive::Finished()
 // AcqFile::pkgAcqFile - Constructor                                   /*{{{*/
 // ---------------------------------------------------------------------
 /* The file is added to the queue */
-pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
+pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI, HashStringList const &Hashes,
                       unsigned long long Size,string Dsc,string ShortDesc,
                       const string &DestDir, const string &DestFilename,
                        bool IsIndexFile) :
-                       Item(Owner), ExpectedHash(Hash), IsIndexFile(IsIndexFile)
+                       Item(Owner, Hashes), IsIndexFile(IsIndexFile)
 {
    Retries = _config->FindI("Acquire::Retries",0);
    
@@ -2213,15 +2679,16 @@ pkgAcqFile::pkgAcqFile(pkgAcquire *Owner,string URI,string Hash,
 // AcqFile::Done - Item downloaded OK                                  /*{{{*/
 // ---------------------------------------------------------------------
 /* */
-void pkgAcqFile::Done(string Message,unsigned long long Size,string CalcHash,
+void pkgAcqFile::Done(string Message,unsigned long long Size,HashStringList const &CalcHashes,
                      pkgAcquire::MethodConfig *Cnf)
 {
-   Item::Done(Message,Size,CalcHash,Cnf);
+   Item::Done(Message,Size,CalcHashes,Cnf);
 
    // Check the hash
-   if(!ExpectedHash.empty() && ExpectedHash.toStr() != CalcHash)
+   if(ExpectedHashes.usable() && ExpectedHashes != CalcHashes)
    {
       RenameOnError(HashSumMismatch);
+      printHashSumComparision(DestFile, ExpectedHashes, CalcHashes);
       return;
    }
    
@@ -2292,7 +2759,7 @@ void pkgAcqFile::Failed(string Message,pkgAcquire::MethodConfig *Cnf)
 // AcqIndex::Custom600Headers - Insert custom request headers          /*{{{*/
 // ---------------------------------------------------------------------
 /* The only header we use is the last-modified header. */
-string pkgAcqFile::Custom600Headers()
+string pkgAcqFile::Custom600Headers() const
 {
    if (IsIndexFile)
       return "\nIndex-File: true";