Bug#837075: debootstrap: does not validate `suite` parameter against Release file

To: 837075@bugs.debian.org
Subject: Bug#837075: debootstrap: does not validate `suite` parameter against Release file
From: Ansgar Burchardt <ansgar@debian.org>
Date: Thu, 08 Sep 2016 17:49:54 +0200
Message-id: <[🔎] 1473349794.1200.4.camel@43-1.org>
Reply-to: Ansgar Burchardt <ansgar@debian.org>, 837075@bugs.debian.org
In-reply-to: <[🔎] 147334379542.9854.94363277443744309.reportbug@benzaiten>
References: <[🔎] 147334379542.9854.94363277443744309.reportbug@benzaiten>

On Thu, 2016-09-08 at 16:09 +0200, Ansgar Burchardt wrote:
> 
> debootstrap should validate that ${suite} is listed in the Release
> file in either the Suite: or Codename: fields.  Additionally storing
> the codename in a variable would also be useful for suite-specific
> workarounds, such as [1].
> 
>   [1] <https://bugs.debian.org/810301#69>
> 

I've attached a patch that implements this.

Ansgar

From 81ebc7df61e8a80915126351e01e016f6a57a52a Mon Sep 17 00:00:00 2001
From: Ansgar Burchardt <ansgar@debian.org>
Date: Thu, 8 Sep 2016 17:28:19 +0200
Subject: [PATCH 1/6] Validate SUITE against Release's Suite or Codename

Bug: https://bugs.debian.org/837075
---
 debian/changelog |  7 +++++++
 functions        | 14 ++++++++++++++
 2 files changed, 21 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 9a6412b..96a1dc9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+debootstrap (1.0.83) UNRELEASED; urgency=medium
+
+  * functions: Validate that the requested suite is listed in the
+    Release file's Suite or Codename field. (Closes: #837075)
+
+ -- Ansgar Burchardt <ansgar@debian.org>  Thu, 08 Sep 2016 17:26:53 +0200
+
 debootstrap (1.0.82) unstable; urgency=medium
 
   [ Alex Bennée ]
diff --git a/functions b/functions
index 67701ee..336f220 100644
--- a/functions
+++ b/functions
@@ -512,6 +512,18 @@ extract_release_components () {
 	fi
 }
 
+CODENAME=""
+validate_suite () {
+	local reldest="$1"
+
+	CODENAME=$(sed -n "s/^Codename: *//p" "$reldest")
+	local suite=$(sed -n "s/^Suite: *//p" "$reldest")
+
+	if [ "$SUITE" != "$suite" ] && [ "$SUITE" != "$CODENAME" ]; then
+		error 1 WRONGSUITE "Asked to install suite %s, but got %s (codename: %s) from mirror" "$SUITE" "$suite" "$CODENAME"
+	fi
+}
+
 download_release_sig () {
 	local m1="$1"
 	local reldest="$2"
@@ -547,6 +559,8 @@ download_release_indices () {
 
 	download_release_sig "$m1" "$reldest" "$relsigdest"
 
+	validate_suite "$reldest"
+
 	extract_release_components $reldest
 
 	local totalpkgs=0
-- 
2.9.3

Reply to:

References:
- Bug#837075: debootstrap: does not validate `suite` parameter against Release file
  - From: Ansgar Burchardt <ansgar@debian.org>

Prev by Date: Bug#810301: merged /usr support for debootstrap
Next by Date: Bug#837060: debootstrap: Do not install packages of Priority:required for buildd variant
Previous by thread: Bug#837075: debootstrap: does not validate `suite` parameter against Release file
Next by thread: Bug#837075: marked as done (debootstrap: does not validate `suite` parameter against Release file)
Index(es):
- Date
- Thread