From 9e5899cac1a6367e3769af52a724821880e538f6 Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <julian.klode@canonical.com>
Date: Mon, 29 Jan 2018 16:15:41 +0100
Subject: Check that Date of Release file is not in the future

By restricting the Date field to be in the past, an attacker cannot
just create a repository from the future that would be accepted as
a valid update for a repository.

This check can be disabled by Acquire::Check-Date set to false. This
will also disable Check-Valid-Until and any future date related checking,
if any - the option means: "my computers date cannot be trusted."

Modify the tests to allow repositories to be up to 10 hours in the
future, so we can keep using hours there to simulate time changes.
---
 doc/examples/configure-index | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'doc/examples/configure-index')

diff --git a/doc/examples/configure-index b/doc/examples/configure-index
index 9088bd844..8a74fde2d 100644
--- a/doc/examples/configure-index
+++ b/doc/examples/configure-index
@@ -234,6 +234,9 @@ Acquire
   Max-ValidTime::* "<INT>"; // repository label specific configuration
   Min-ValidTime "<INT>"; // time in seconds
   Min-ValidTime::* "<INT>"; // repository label specific configuration
+  Check-Date "<BOOL>"; // whether to check the "Date" field
+  Max-FutureTime "<INT>"; // seconds to allow release file's Date field to be in the future (default 10)
+  Max-FutureTime::* "<INT>"; // repository label specific configuration
 
   SameMirrorForAllIndexes "<BOOL>"; // use the mirror serving the Release file for Packages & co
 
-- 
cgit v1.2.3