Comment 5 for bug 1098738

Revision history for this message
Michael Vogt (mvo) wrote : Re: [Bug 1098738] Re: apt-get source only checks md5 hashes in Sources files

On Thu, Jan 31, 2013 at 02:30:47AM -0000, Daniel Hartwig wrote:
> Integration test.
>
> # pkg-sha256-bad has a bad SHA sum, but good MD5 sum. If apt is
> # checking the best available hash (as it should), this will trigger
> # a hash mismatch.
>
> -- before patch:
> Test for hash ok of apt-get source -d pkg-md5-ok … PASS
> Test for hash ok of apt-get source -d pkg-sha256-ok … PASS
> Test for hash mismatch of apt-get source -d pkg-sha256-bad … FAIL
>
> -- after patch:
> Test for hash ok of apt-get source -d pkg-md5-ok … PASS
> Test for hash ok of apt-get source -d pkg-sha256-ok … PASS
> Test for hash mismatch of apt-get source -d pkg-sha256-bad … PASS

Thanks Daniel! That looks great :)

I added it to my bzr branch for this bug and will merge it to the
debian and ubuntu branches soon. I also cleaned up the FIXMEs and
pushed to lp:~mvo/apt/source-hashes/

Cheers,
 Michael