Check that Date of Release file is not in the future

By restricting the Date field to be in the past, an attacker cannot
just create a repository from the future that would be accepted as
a valid update for a repository.

This check can be disabled by Acquire::Check-Date set to false. This
will also disable Check-Valid-Until and any future date related checking,
if any - the option means: "my computers date cannot be trusted."

Modify the tests to allow repositories to be up to 10 hours in the
future, so we can keep using hours there to simulate time changes.

1 files changed, 4 insertions, 0 deletions

diff --git a/apt-pkg/deb/debmetaindex.h b/apt-pkg/deb/debmetaindex.h
index 5a97cfc78..864ac3eba 100644
--- a/apt-pkg/deb/debmetaindex.h
+++ b/apt-pkg/deb/debmetaindex.h
@@ -55,6 +55,8 @@ class APT_HIDDEN debReleaseIndex : public metaIndex
    bool SetCheckValidUntil(TriState const Trusted);
    bool SetValidUntilMin(time_t const Valid);
    bool SetValidUntilMax(time_t const Valid);
+   bool SetCheckDate(TriState const CheckDate);
+   bool SetDateMaxFuture(time_t const DateMaxFuture);
    bool SetSignedBy(std::string const &SignedBy);
    std::map<std::string, std::string> GetReleaseOptions();
 
@@ -63,6 +65,8 @@ class APT_HIDDEN debReleaseIndex : public metaIndex
    bool IsArchitectureAllSupportedFor(IndexTarget const &target) const;
    bool HasSupportForComponent(std::string const &component) const;
 
+   APT_PURE time_t GetNotBefore() const;
+
    void AddComponent(std::string const &sourcesEntry,
 	 bool const isSrc, std::string const &Name,
 	 std::vector<std::string> const &Targets,