From e6380aad7870678bd23a9f4e23beb73c2b20d79c Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 26 Dec 2013 21:53:49 -0400 Subject: default to https mirror for Debian when no gpg verification is available When deboostrapping Debian, and the debian-archive-keyring is not available, switch the default mirror to a https url. This way at least the CA level of security is available even for users who have no way to check gpg keys in the WoT. The https mirror is currently https://mirrors.kernel.org/debian. When the keyring is available, the default mirror remains non-https, for several reasons: a) to avoid overloading mirrors.kernel.org b) because http.us.debian.org lacks https support c) because mirrors.kernel.org is not currently in the http.us.debian.org rotation d) because mirrors.kernel.org lacks IPv6 support --- debian/changelog | 8 ++++++++ debootstrap | 6 ++++-- functions | 16 +++++++++++----- 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/debian/changelog b/debian/changelog index e9a72f9..83a9634 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,18 @@ debootstrap (1.0.56) UNRELEASED; urgency=low + [ Tollef Fog Heen ] * Install base-passwd and base-files in two calls rather than one to avoid problems with home-built media with different ordering in Packages. Thanks to Jo Shields for pointing this out and providing the workaround. Closes: #601670. LP: #1001131. + [ Joey Hess ] + * When deboostrapping Debian, and the debian-archive-keyring is not + available, switch the default mirror to a https url. This way at + least the CA level of security is available even for users who + have no way to check gpg keys in the WoT. The https mirror is + currently https://mirrors.kernel.org/debian. + -- Tollef Fog Heen Thu, 19 Dec 2013 13:41:37 +0100 debootstrap (1.0.55) unstable; urgency=low diff --git a/debootstrap b/debootstrap index dfa0abc..f7ee5d1 100755 --- a/debootstrap +++ b/debootstrap @@ -47,6 +47,7 @@ CHECKCERTIF="" PRIVATEKEY="" DEF_MIRROR="http://ftp.us.debian.org/debian" +DEF_HTTPS_MIRROR="https://mirrors.kernel.org/debian" export LANG USE_COMPONENTS umask 022 @@ -374,6 +375,7 @@ else fi SUITE="$1" TARGET="$2" + USER_MIRROR="$3" TARGET="${TARGET%/}" if [ "${TARGET#/}" = "${TARGET}" ]; then if [ "${TARGET%/*}" = "$TARGET" ] ; then @@ -533,8 +535,8 @@ if [ "$SECOND_STAGE_ONLY" = "true" ]; then MIRRORS=null: else MIRRORS="$DEF_MIRROR" - if [ "$3" != "" ]; then - MIRRORS="$3" + if [ "$USER_MIRROR" != "" ]; then + MIRRORS="$USER_MIRROR" MIRRORS="${MIRRORS%/}" fi fi diff --git a/functions b/functions index a2e1431..572a50d 100644 --- a/functions +++ b/functions @@ -196,9 +196,17 @@ download_style () { } keyring () { - KEYRING_WANTED="$1" - if [ -z "$KEYRING" ] && [ -e "$KEYRING_WANTED" ]; then - KEYRING="$KEYRING_WANTED" + if [ -z "$KEYRING" ]; then + if [ -e "$1" ]; then + KEYRING="$1" + elif [ -z "$DISABLE_KEYRING" ]; then + if [ -n "$DEF_HTTPS_MIRROR" ] && [ -z "$USER_MIRROR" ] ; then + info KEYRING "Keyring file not available at %s; switching to https mirror %s" "$1" "$DEF_HTTPS_MIRROR" + DEF_MIRROR="$DEF_HTTPS_MIRROR" + else + warning KEYRING "Cannot check Release signature; keyring file not available %s" "$1" + fi + fi fi } @@ -520,8 +528,6 @@ download_release_sig () { (gpgv --status-fd 1 --keyring "$KEYRING" --ignore-time-conflict \ "$relsigdest" "$reldest" || true) | read_gpg_status progress 100 100 DOWNRELSIG "Downloading Release file signature" - elif [ -z "$DISABLE_KEYRING" ] && [ -n "$KEYRING_WANTED" ]; then - warning KEYRING "Cannot check Release signature; keyring file not available %s" "$KEYRING_WANTED" fi } -- cgit v0.12