From c034d33a2ebf94731f63e22e62bc5806da7b491d Mon Sep 17 00:00:00 2001 From: dachshund Date: Mon, 4 Mar 2013 01:04:25 -0500 Subject: [PATCH] Avoid interposition cycles with a simple restriction. --- tuf/interposition/updater.py | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/tuf/interposition/updater.py b/tuf/interposition/updater.py index 20550191..a330ca6e 100644 --- a/tuf/interposition/updater.py +++ b/tuf/interposition/updater.py @@ -42,10 +42,12 @@ def __init__( self, configuration ): @staticmethod def build_updater( configuration ): assert isinstance( configuration, Configuration ) - assert configuration.network_location not in Updater.__updaters - Updater.__updaters[ configuration.network_location ] = \ - Updater( configuration ) + # Restrict each hostname to correspond to a single updater; + # this prevents interposition cycles, amongst other things. + assert configuration.hostname not in Updater.__updaters + + Updater.__updaters[ configuration.hostname ] = Updater( configuration ) def download_target( self, target_filepath ): """Downloads target with TUF as a side effect.""" @@ -132,14 +134,13 @@ def get_updater( url ): parsed_url = urlparse.urlparse( url ) hostname = parsed_url.hostname port = parsed_url.port or 80 - network_location = \ - "{hostname}:{port}".format( hostname = hostname, port = port ) + updater = Updater.__updaters.get( hostname ) - updater = Updater.__updaters.get( network_location ) - # This will raise an exception in case we do not recognize - # how to transform this URL for TUF. In that case, there will be - # no updater for this URL. - if updater is not None: + # Ensure that the updater is meant for this (hostname, port). + if updater is not None and updater.configuration.port == port: + # Raises an exception in case we do not recognize how to + # transform this URL for TUF. In that case, there will be no + # updater for this URL. target_filepath = updater.get_target_filepath( url ) except: Logger.warn( WARNING_MESSAGE.format( url = url ) )