From 081fbea14d12f79c8d91ce4fe1f1004c7bc08656 Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Wed, 12 Apr 2017 17:39:06 +0200
Subject: error in update on Release information changes

The value of Origin, Label, Codename and co can be used in user
configuration from apts own pinning to unattended upgrades.
A repository changing this values can therefore have serious effects on
the behaviour of apt and other tools using these values.

In a first step we will generate error messages for these changes now
explaining the need for explicit confirmation and provide config options
and commandline flags to accept them.
---
 doc/examples/configure-index | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

(limited to 'doc/examples')

diff --git a/doc/examples/configure-index b/doc/examples/configure-index
index a48d4cb99..8adef26a9 100644
--- a/doc/examples/configure-index
+++ b/doc/examples/configure-index
@@ -29,10 +29,20 @@
    and the syntax of configuration files and commandline options!
 */
 
-quiet "<INT>";
-quiet::NoUpdate "<BOOL>"; // never update progress information - included in -q=1
-quiet::NoProgress "<BOOL>"; // disables the 0% → 100% progress on cache generation and stuff
-quiet::NoStatistic "<BOOL>"; // no "42 kB downloaded" stats in update
+quiet "<INT>" {
+  NoUpdate "<BOOL>"; // never update progress information - included in -q=1
+  NoProgress "<BOOL>"; // disables the 0% → 100% progress on cache generation and stuff
+  NoStatistic "<BOOL>"; // no "42 kB downloaded" stats in update
+  ReleaseInfoChange "<BOOL>" // don't even print the notices if the info change is allowed
+  {
+    Origin "<BOOL>";
+    Label "<BOOL>";
+    Version "<BOOL>";
+    Codename "<BOOL>";
+    Suite "<BOOL>";
+    DefaultPin "<BOOL>";
+  };
+};
 
 // Options for APT in general
 APT
@@ -221,6 +231,20 @@ Acquire
 
   SameMirrorForAllIndexes "<BOOL>"; // use the mirror serving the Release file for Packages & co
 
+  AllowInsecureRepositories "<BOOL>";
+  AllowWeakRepositories "<BOOL>";
+  AllowDowngradeToInsecureRepositories "<BOOL>";
+  // allow repositories to change information potentally breaking user config like pinning
+  AllowReleaseInfoChange "<BOOL>"
+  {
+    Origin "<BOOL>";
+    Label "<BOOL>";
+    Version "<BOOL>"; // allowed by default
+    Codename "<BOOL>";
+    Suite "<BOOL>";
+    DefaultPin "<BOOL>";
+  };
+
   // HTTP method configuration
   http
   {
@@ -686,9 +710,6 @@ acquire::cdrom::mount "<DIR>";
 acquire::maxreleasefilesize "<INT>";
 acquire::queuehost::limit "<INT>";
 acquire::max-pipeline-depth "<INT>";
-acquire::allowinsecurerepositories "<BOOL>";
-acquire::allowweakrepositories "<BOOL>";
-acquire::allowdowngradetoinsecurerepositories "<BOOL>";
 acquire::progress::diffpercent "<BOOL>";
 acquire::gzipindexes "<BOOL>";
 acquire::indextargets::randomized "<BOOL>";
-- 
cgit v1.2.3