merged lp:~mvo/apt/hash-order

diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index a30e98858adf645763408442fc185ade9a1413e7..a71886a8759dca2c4141e45f7d75c71347872be3 100644 (file)
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -1730,7 +1730,7 @@ bool pkgAcqArchive::QueueNext()
       {
         if(stringcasecmp(ForceHash, "sha512") == 0)
            ExpectedHash = HashString("SHA512", Parse.SHA512Hash());
-        if(stringcasecmp(ForceHash, "sha256") == 0)
+        else if(stringcasecmp(ForceHash, "sha256") == 0)
            ExpectedHash = HashString("SHA256", Parse.SHA256Hash());
         else if (stringcasecmp(ForceHash, "sha1") == 0)
            ExpectedHash = HashString("SHA1", Parse.SHA1Hash());

diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc
index 1bb981b20566624355eebc21d6e95158ee1f37e4..e3c74a0994dd5a720eae1570bfc121699f418db8 100644 (file)
--- a/cmdline/apt-get.cc
+++ b/cmdline/apt-get.cc
@@ -2395,7 +2395,7 @@ bool DoDownload(CommandLine &CmdL)
       HashString hash;
       if (rec.SHA512Hash() != "")
          hash = HashString("sha512", rec.SHA512Hash());
-      if (rec.SHA256Hash() != "")
+      else if (rec.SHA256Hash() != "")
          hash = HashString("sha256", rec.SHA256Hash());
       else if (rec.SHA1Hash() != "")
          hash = HashString("sha1", rec.SHA1Hash());

diff --git a/debian/changelog b/debian/changelog
index ff4988d63e8b40ef0144dfcc591493dbcfb6e530..b22712a4f3c0d72fbf0513062a39382ae49e2135 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,8 @@ apt (0.9.7.8~exp2) UNRELEASEDexperimental; urgency=low
 
   * include two missing patches to really fix bug #696225, thanks to
     Guillem Jover 
+  * ensure sha512 is really used when available, thanks to Tyler Hicks
+   (LP: #1098752)
 
  -- Michael Vogt <michael.vogt@ubuntu.com>  Fri, 01 Mar 2013 18:50:17 +0100