Description of problem:

When using download on-demand, if an artifact upstream changed between the moment the sync happened and the first time a user requests it, pulpcore-content will download the new file (which won't have the same checksum) and deliver it to the user without verifying if it is a match. While saving the downloaded file, a checksum verification is done and the artifact is not saved (because of mismatching checksum), but for the final user's eyes nothing wrong happened. Regardless of no errors being shown to the user, they receive a bad artifact.

Version-Release number of selected component (if applicable):

Observed in the wild on Satellite 6.11.
Reproduced internally on 6.11 and 6.13 (didn't test 6.12 and 6.14)

(...)

Expected results:

Client would receive an error instead of the bad file that does not match the metadata stored on the DB.

Additional info:

Steps described here are artificial (in order to facilitate reproducing it) but there are real use cases being hit by customers.

I personally observed this behavior on Satellite 6.11 and 6.13 (didn't tested other versions but I suppose they behave the same)

What this does

• Prevents the client from getting the file with wrong digest in the first place.
• Add more meaningful error in the logs for the admin to inspect the remote server causing the digest validation