From 47dbdbaf5ccc0d70bcc75c496f2fbc9c0fa3542c Mon Sep 17 00:00:00 2001 From: Vladimir Diaz Date: Fri, 8 Jun 2018 10:20:34 -0400 Subject: [PATCH] Discuss the special case where metadata is marked obselete and deleted Also document the assumption that the metadata store is the latest and exists in _update_metadata() Signed-off-by: Vladimir Diaz --- tuf/client/updater.py | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/tuf/client/updater.py b/tuf/client/updater.py index a1730a8a..97b94075 100755 --- a/tuf/client/updater.py +++ b/tuf/client/updater.py @@ -1081,16 +1081,19 @@ def refresh(self, unsafely_update_root_if_necessary=True): # do we blindly trust the downloaded root metadata here? self._update_root_metadata(root_metadata) - # Ensure the role and key information of the top-level roles is updated. - # We do this whether or not root needed to be updated, in order to ensure - # that, e.g., the entries in roledb for top-level roles are populated with - # expected keyid info so that roles can be validated. See Issue #736. + # Ensure that the role and key information of the top-level roles is the + # latest. We do this whether or not Root needed to be updated, in order to + # ensure that, e.g., the entries in roledb for top-level roles are + # populated with expected keyid info so that roles can be validated. In + # certain circumstances, top-level metadata might be missing because it was + # marked obsolete and deleted after a failed attempt. See Issue #736. self._rebuild_key_and_role_db() self.consistent_snapshot = self.metadata['current']['root']['consistent_snapshot'] # Use default but sane information for timestamp metadata, and do not # require strict checks on its required length. self._update_metadata('timestamp', DEFAULT_TIMESTAMP_UPPERLENGTH) + # TODO: After fetching snapshot.json, we should either verify the root # fileinfo referenced there matches what was fetched earlier in # _update_root_metadata() or make another attempt to download root.json. @@ -1670,10 +1673,12 @@ def _update_metadata(self, metadata_role, upperbound_filelength, version=None): """ Non-public method that downloads, verifies, and 'installs' the metadata - belonging to 'metadata_role'. Calling this method implies the metadata - has been updated by the repository and thus needs to be re-downloaded. - The current and previous metadata stores are updated if the newly - downloaded metadata is successfully downloaded and verified. + belonging to 'metadata_role'. Calling this method implies that the + 'metadata_role' on the repository is newer than the client's, and thus + needs to be re-downloaded. The current and previous metadata stores are + updated if the newly downloaded metadata is successfully downloaded and + verified. This method also assumes that the store of top-level metadata + is the latest and exists. metadata_role: