This is useful if fallback_resolver has been set to random junk, or
to an external resolver, but port 53 is blocked.
At least, it may allow the server to start.
Git has been nagging me about these files that I haven't touched being changed.
The solution was to run `git add --renormalize .`.
Apparently this needs to be done after setting up `.gitattributes`.
According to `git ls-files --eol windows/`, the .bat files were previously stored in the index with CRLF endings and will now be stored with LF endings (with .gitattributes dictating that checked out copies will use CRLF).
Previously when the cache was written to disk, the modification time was unspecified.
At the next prefetch, it was possible for the cache to be expiring very soon (on the order of milliseconds) but still deemed valid.
Now the modification time is explicitly set to when the prefetch run began to make this situation much less likely.
To simulate failures opening a cache file, fixtures are written without the read permission bits.
Since Unix permission bits have no meaning on Windows, a slightly more complicated solution is required to achieve the same permissions.
Thankfully, there's a library to abstract that already.
This way it matches with the "loading from URL" info message and users with that log level aren't left with the false impression that it loaded fine when it really didn't.
Previously, an expired cache would be read before trying each URL until a download completed.
By moving the download loop, the cache can be read once outside the loop.
This allows a large number of tests to be enabled and pass now that the behaviour is expected.
The main fix here is that a download with an invalid signature will always fall back on using a properly signed cache, no matter how old it is.
Additionally, downloads will never be written to the cache unless they are properly signed (both at startup and prefetching).