diff options
| author | David Kalnischkies <kalnischkies@gmail.com> | 2010-06-08 19:27:49 +0200 |
|---|---|---|
| committer | David Kalnischkies <kalnischkies@gmail.com> | 2010-06-08 19:27:49 +0200 |
| commit | 1ddb859611d2e0f3d9ea12085001810f689e8c99 (patch) | |
| tree | 87399568a61da4d8bdd3b08bdc168462925ee1c4 /apt-pkg/indexrecords.cc | |
| parent | 6dd8400ca787ef832d87121f304f98ad152dc3a6 (diff) | |
* apt-pkg/indexrecords.cc:
- backport forgotten Valid-Until patch from the obsolete experimental
branch to prevent replay attacks better, thanks to Thomas Viehmann
for the initial patch! (Closes: #499897)
Diffstat (limited to 'apt-pkg/indexrecords.cc')
| -rw-r--r-- | apt-pkg/indexrecords.cc | 38 |
1 files changed, 36 insertions, 2 deletions
diff --git a/apt-pkg/indexrecords.cc b/apt-pkg/indexrecords.cc index 1fc27b1a1..24ed02ba5 100644 --- a/apt-pkg/indexrecords.cc +++ b/apt-pkg/indexrecords.cc @@ -7,8 +7,11 @@ #include <apt-pkg/tagfile.h> #include <apt-pkg/error.h> #include <apt-pkg/strutl.h> +#include <apt-pkg/configuration.h> #include <apti18n.h> #include <sys/stat.h> +#include <clocale> + /*}}}*/ string indexRecords::GetDist() const { @@ -26,6 +29,11 @@ string indexRecords::GetExpectedDist() const return this->ExpectedDist; } +time_t indexRecords::GetValidUntil() const +{ + return this->ValidUntil; +} + const indexRecords::checkSum *indexRecords::Lookup(const string MetaKey) { return Entries[MetaKey]; @@ -82,7 +90,33 @@ bool indexRecords::Load(const string Filename) /*{{{*/ return false; } - string Strdate = Section.FindS("Date"); // FIXME: verify this somehow? + string Label = Section.FindS("Label"); + string StrDate = Section.FindS("Date"); + string StrValidUntil = Section.FindS("Valid-Until"); + + // if we have a Valid-Until header, use it + if (!StrValidUntil.empty()) + { + // set ValidUntil based on the information in the Release file + if(!StrToTime(StrValidUntil, ValidUntil)) + { + ErrorText = _(("Invalid 'Valid-Until' entry in Release file " + Filename).c_str()); + return false; + } + } else { + // if we don't have a valid-until string, check if we have a default + if (!Label.empty()) + { + int MaxAge = _config->FindI(string("apt::acquire::max-default-age::"+Label).c_str(),0); + if(MaxAge > 0 && !StrToTime(StrDate, ValidUntil)) + { + ErrorText = _(("Invalid 'Date' entry in Release file " + Filename).c_str()); + return false; + } + ValidUntil += 24*60*60*MaxAge; + } + } + return true; } /*}}}*/ @@ -160,6 +194,6 @@ indexRecords::indexRecords() } indexRecords::indexRecords(const string ExpectedDist) : - ExpectedDist(ExpectedDist) + ExpectedDist(ExpectedDist), ValidUntil(0) { } |