[dak/master] Valid-Until
Add a Valid-Until "header" to the generated Release files.
Meaning "$receiver shouldn't trust this files after that date".
Should be used by apt and similar tools to detect some kind of MITM attacks,
see #499897 for more information.
Currently set to "7 days from now".
Signed-off-by: Joerg Jaspert <joerg@debian.org>
---
ChangeLog | 7 +++++++
dak/generate_releases.py | 1 +
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 163c20e..4877270 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2008-09-23 Joerg Jaspert <joerg@debian.org>
+
+ * dak/generate_releases.py (main): Add a "Valid-Until" line into
+ our release files, meaning "$receiver shouldn't trust this files
+ after that date". Should be used by apt and similar tools to
+ detect some kind of MITM attacks, see #499897
+
2008-09-21 Joerg Jaspert <joerg@debian.org>
* config/debian/cron.hourly: Generate the DEFERRED queue
diff --git a/dak/generate_releases.py b/dak/generate_releases.py
index c9dece8..543532f 100755
--- a/dak/generate_releases.py
+++ b/dak/generate_releases.py
@@ -218,6 +218,7 @@ def main ():
if codename != "":
out.write("Codename: %s\n" % (codename))
out.write("Date: %s\n" % (time.strftime("%a, %d %b %Y %H:%M:%S UTC", time.gmtime(time.time()))))
+ out.write("Valid-Until: %s\n" % (time.strftime("%a, %d %b %Y %H:%M:%S UTC", time.gmtime(time.time()+7*24*60*60))))
if notautomatic != "":
out.write("NotAutomatic: %s\n" % (notautomatic))
out.write("Architectures: %s\n" % (" ".join(filter(utils.real_arch, SuiteBlock.ValueList("Architectures")))))
--
1.5.6.5
Reply to: