Require download policy to be stricter

2025-04-25 11:39:09 +00:00 · 2022-09-28 14:41:27 +02:00 · 2022-09-28 14:41:27 +02:00 · 5accaad794
commit 5accaad794
parent 109f51e834
2 changed files with 10 additions and 4 deletions
--- a/updater/indexes.go
+++ b/updater/indexes.go
@ -67,7 +67,7 @@ func ParseIndexFile(indexData []byte, channel string, lastIndexRelease time.Time
 	}

 	// Fallback to old format if there are no releases and no channel is defined.
-	// TODO: Remove in v0.10
+	// TODO: Remove in v1
 	if len(indexFile.Releases) == 0 && indexFile.Channel == "" {
 		return loadOldIndexFormat(indexData, channel)
 	}
@ -99,8 +99,8 @@ func loadOldIndexFormat(indexData []byte, channel string) (*IndexFile, error) {
 	}

 	return &IndexFile{
-		Channel:   channel,
-		Published: time.Now(),
-		Releases:  releases,
+		Channel: channel,
+		// Do NOT define `Published`, as this would break the "is newer" check.
+		Releases: releases,
 	}, nil
 }
--- a/updater/registry.go
+++ b/updater/registry.go
@ -1,6 +1,7 @@
 package updater

 import (
+	"errors"
 	"fmt"
 	"os"
 	"path/filepath"
@ -103,6 +104,11 @@ func (reg *ResourceRegistry) Initialize(storageDir *utils.DirStructure) error {
 				return fmt.Errorf("verification enabled for prefix %q, but no trust store configured", prefix)
 			}

+			// DownloadPolicy must be equal or stricter than DiskLoadPolicy.
+			if opts.DiskLoadPolicy < opts.DownloadPolicy {
+				return errors.New("verification download policy must be equal or stricter than the disk load policy")
+			}
+
 			// Warn if all policies are disabled.
 			if opts.DownloadPolicy == SignaturePolicyDisable &&
 				opts.DiskLoadPolicy == SignaturePolicyDisable {