Merge branch 'separate-conda-package-metadata-2' into separate-conda-…

…package-metadata
alexhall · May 13, 2019 · daa9cac · daa9cac
2 parents 8690b55 + e6562af
commit daa9cac
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 13 deletions.
diff --git a/conda/gateways/connection/download.py b/conda/gateways/connection/download.py
@@ -47,10 +47,9 @@ def download(
         resp.raise_for_status()
 
         content_length = int(resp.headers.get('Content-Length', 0))
-        checksum_builder = None
-        checksum_type = None
 
         # prefer sha256 over md5 when both are available
+        checksum_builder = checksum_type = checksum = None
         if sha256:
             checksum_builder = hashlib.new("sha256")
             checksum_type = "sha256"
@@ -101,17 +100,14 @@ def download(
                 log.debug("%s, trying again" % e)
             raise
 
-        if md5:
-            actual_md5 = md5_builder.hexdigest()
-            if actual_md5 != md5:
-                log.debug("md5 sums mismatch for download: %s (%s != %s)", url, actual_md5, md5)
-                raise ChecksumMismatchError(url, target_full_path, "md5", md5, actual_md5)
-        if sha256:
-            actual_sha256 = sha256_builder.hexdigest()
-            if actual_sha256 != sha256:
-                log.debug("sha256 sums mismatch for download: %s (%s != %s)",
-                          url, actual_sha256, sha256)
-                raise ChecksumMismatchError(url, target_full_path, "sha256", sha256, actual_sha256)
+        if checksum:
+            actual_checksum = checksum_builder.hexdigest()
+            if actual_checksum != checksum:
+                log.debug("%s mismatch for download: %s (%s != %s)",
+                          checksum_type, url, actual_checksum, checksum)
+                raise ChecksumMismatchError(
+                    url, target_full_path, checksum_type, checksum, actual_checksum
+                )
         if size is not None:
             actual_size = size_builder
             if actual_size != size:

diff --git a/tests/core/test_package_cache_data.py b/tests/core/test_package_cache_data.py
@@ -239,6 +239,26 @@ def test_bad_sha256_enforcement():
         assert "expected sha256: 0000000000" in repr(exc.value.errors[0])
 
 
+def test_bad_sha256_enforcement():
+    with make_temp_package_cache() as pkgs_dir:
+        zlib_conda_prec_bad = PackageRecord.from_objects(zlib_conda_prec, sha256="0" * 10)
+        assert zlib_conda_prec_bad.sha256 == "0" * 10
+        pfe = ProgressiveFetchExtract((zlib_conda_prec_bad,))
+        pfe.prepare()
+        assert len(pfe.cache_actions) == 1
+        assert len(pfe.extract_actions) == 1
+        cache_action = pfe.cache_actions[0]
+        extact_action = pfe.extract_actions[0]
+        assert basename(cache_action.target_full_path) == zlib_conda_fn
+        assert cache_action.target_full_path == extact_action.source_full_path
+        assert basename(extact_action.target_full_path) == zlib_base_fn
+        with pytest.raises(CondaMultiError) as exc:
+            pfe.execute()
+        assert len(exc.value.errors) == 1
+        assert isinstance(exc.value.errors[0], ChecksumMismatchError)
+        assert "expected sha256: 0000000000" in repr(exc.value.errors[0])
+
+
 def test_tar_bz2_in_cache_not_extracted():
     """
     Test that if a .tar.bz2 exists in the package cache (not extracted), and the complementary