From ab2b2a7d6bd2ebf97136f0cc2cb9f815db517418 Mon Sep 17 00:00:00 2001
From: Joerg Jaspert <joerg@debian.org>
Date: Tue, 23 Sep 2008 20:35:11 +0200
Subject: [PATCH] Valid-Until

Add a Valid-Until "header" to the generated Release files.
Meaning "$receiver shouldn't trust this files after that date".
Should be used by apt and similar tools to detect some kind of MITM attacks,
see #499897 for more information.
Currently set to "7 days from now".

Signed-off-by: Joerg Jaspert <joerg@debian.org>
---
 ChangeLog                | 7 +++++++
 dak/generate_releases.py | 1 +
 2 files changed, 8 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 163c20e6..4877270f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2008-09-23  Joerg Jaspert  <joerg@debian.org>
+
+	* dak/generate_releases.py (main): Add a "Valid-Until" line into
+	our release files, meaning "$receiver shouldn't trust this files
+	after that date". Should be used by apt and similar tools to
+	detect some kind of MITM attacks, see #499897
+
 2008-09-21  Joerg Jaspert  <joerg@debian.org>
 
 	* config/debian/cron.hourly: Generate the DEFERRED queue
diff --git a/dak/generate_releases.py b/dak/generate_releases.py
index c9dece83..543532fd 100755
--- a/dak/generate_releases.py
+++ b/dak/generate_releases.py
@@ -218,6 +218,7 @@ def main ():
         if codename != "":
             out.write("Codename: %s\n" % (codename))
         out.write("Date: %s\n" % (time.strftime("%a, %d %b %Y %H:%M:%S UTC", time.gmtime(time.time()))))
+        out.write("Valid-Until: %s\n" % (time.strftime("%a, %d %b %Y %H:%M:%S UTC", time.gmtime(time.time()+7*24*60*60))))
         if notautomatic != "":
             out.write("NotAutomatic: %s\n" % (notautomatic))
         out.write("Architectures: %s\n" % (" ".join(filter(utils.real_arch, SuiteBlock.ValueList("Architectures")))))
-- 
2.39.2