diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/apt-ftparchive.1.xml | 3 | ||||
| -rw-r--r-- | doc/apt.conf.5.xml | 24 | ||||
| -rw-r--r-- | doc/examples/configure-index | 4 |
3 files changed, 30 insertions, 1 deletions
diff --git a/doc/apt-ftparchive.1.xml b/doc/apt-ftparchive.1.xml index a3ac45bd3..549aa6a34 100644 --- a/doc/apt-ftparchive.1.xml +++ b/doc/apt-ftparchive.1.xml @@ -122,7 +122,8 @@ e.g. <literal>APT::FTPArchive::Release::Origin</literal>. The supported fields are: <literal>Origin</literal>, <literal>Label</literal>, <literal>Suite</literal>, <literal>Version</literal>, <literal>Codename</literal>, <literal>Date</literal>, - <literal>Architectures</literal>, <literal>Components</literal>, <literal>Description</literal>.</para></listitem> + <literal>Valid-Until</literal>, <literal>Architectures</literal>, + <literal>Components</literal>, <literal>Description</literal>.</para></listitem> </varlistentry> diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml index fe005e0f1..0cf4bb663 100644 --- a/doc/apt.conf.5.xml +++ b/doc/apt.conf.5.xml @@ -230,6 +230,30 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";}; and the URI handlers. <variablelist> + <varlistentry><term>Check-Valid-Until</term> + <listitem><para>Security related option defaulting to true as an + expiring validation for a Release file prevents longtime replay attacks + and can e.g. also help users to identify no longer updated mirrors - + but the feature depends on the correctness of the time on the user system. + Archive maintainers are encouraged to create Release files with the + <literal>Valid-Until</literal> header, but if they don't or a stricter value + is volitional the following <literal>Max-ValidTime</literal> option can be used. + </para></listitem> + </varlistentry> + + <varlistentry><term>Max-ValidTime</term> + <listitem><para>Seconds the Release file should be considered valid after + it was created. The default is "for ever" (0) if the Release file of the + archive doesn't include a <literal>Valid-Until</literal> header. + If it does then this date is the default. The date from the Release file or + the date specified by the creation time of the Release file + (<literal>Date</literal> header) plus the seconds specified with this + options are used to check if the validation of a file has expired by using + the earlier date of the two. Archive specific settings can be made by + appending the label of the archive to the option name. + </para></listitem> + </varlistentry> + <varlistentry><term>PDiffs</term> <listitem><para>Try to download deltas called <literal>PDiffs</literal> for Packages or Sources files instead of downloading whole ones. True diff --git a/doc/examples/configure-index b/doc/examples/configure-index index 487c09acb..fdec32c2c 100644 --- a/doc/examples/configure-index +++ b/doc/examples/configure-index @@ -176,6 +176,10 @@ Acquire PDiffs::SizeLimit "50"; // don't use diffs if size of all patches excess // 50% of the size of the original file + Check-Valid-Until "true"; + Max-ValidTime "864000"; // 10 days + Max-ValidTime::Debian-Security "604800"; // 7 days, label specific configuration + // HTTP method configuration http { |