These functions currently only accomplish logging: there are no actual
effects from this code... except for failure to download if the header
happens to be missing:
TypeError: '<' not supported between instances of 'NoneType' and 'int'
Fixes#1068.
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
If we run the tuf unit tests with latest, not yet released,
securesyslib changes we will see that one unit test is failing
because the file_prefix argument should confront the PATH_SCHEMA
(which requires a non-empty string) but an empty string value
is passed to it.
That happens, because in tuf/developer_tool.py create_new_project
function the "location_in_repository" arg has a default value of ''
and if not changed when creating a new object of type Project
on line 650 will cause an exception in the __init__ function
because of the file_prefix argument.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Consistent snapshot handling was being turned for all files after the
root.json file had been processed because the internal state tracking
variable shared the same name as the method argument: consistent_snapshot.
Therefore once the root.json file was met in the file list and the
following condition evaluated to True:
metadata_role.endswith('root.json') or repo_consistent_snapshots == True
the consistent_snapshot variable, both the name of a method argument and
the internal to the loop state tracking variable, was assigned True and
all future condition checks evaluate to True.
Resolve by renaming the loop state tracking variable from
consistent_snapshot to consistent.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Corresponding to the securesyslib changes made in this pr:
https://github.com/secure-systems-lab/securesystemslib/pull/244
which changed the securesyslib.formats.PATH schema to be of type
AnyNonemptystring.
This made the tuf unit tests to fail because there are to places
where functional arguments should comply with the
securesyslib.formats.PATH schema, but have a default value of
an empty string.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Move repository_tool._find_bin_for_hash() and helper functions it uses to
non-protected functions in repository_lib.
_find_bin_for_hash() becomes find_bin_for_target_hash()
These functions will be useful to adopters using the WIP low-level API for
updating metadata files (see #1048)
Signed-off-by: Joshua Lock <jlock@vmware.com>
Rename repository_lib.get_metadata_filenames() and
get_delegations_filenames() to better match their
functionality and tuf terminology.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Use the top-level targets object to reference already loaded
delegated targets instead of storing them in an additional
dictionary in load_repository().
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Replace the list used for the delegations graph traversal with
a deque and use a set to store already loaded roles and avoid
loops in case of cycles in the graph.
Improve comments and readability.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Remove the non-public function _get_hash() from repository_tool in favour
of the public function get_target_hash() in repository_lib
Signed-off-by: Joshua Lock <jlock@vmware.com>
Update load_repository() function to load the delegations metadata
starting from 'targets' and traversing downwards the delegated
roles in order to load correctly the delegations hierarchy.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
* Remove reference to deprecated settings
* Mention that the tutorial expects the dependencies and link to
instructions
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
Lot of changes in 7 lines:
* PyCrypto is no longer an option: remove mention of it
* RSA-PSS wiki page now redirects to a fairly useless stub: replace it
with the RFC (it's not light reading but better than nothing)
* Mention ECDSA
* Remove mention of json for RSA keys: that does not seem to be true
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
Fix load_repository to actually load the full targets file info from
file system for delegated targets.
Update _load_top_level_metadata to load targets and delegated targets
metadata in a consistent way.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
This was erroneously absent in PR 1024, which added support for abstract
files and directories. Resolve by adding a storage_backend argument to
generate_timestamp_metadata() and using it so that the fileinfo (hashes
and length) for the snapshot file can be generated for a snapshot
metadata file on any supported storage.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Add a class implementing StorageBackendInterface for testhing which
mutates filenames on put()/get(), such that trying to read the expected
file paths for TUF metadata from the local filesystem doesn't find the
files.
Use this class when creating a repository and writing metadata to test
abstract files and directories support for metadata writing.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Clarify, through the docstrings and code comments, the expected behaviour
of generate_targets_metadata() and the interactions of the
use_existing_fileinfo and write_consistent_targets parameters.
Signed-off-by: Joshua Lock <jlock@vmware.com>
This makes it easier for consumers of repository_tool to mark the
appropriate delegated bin as dirty when using delegated targets.
Signed-off-by: William Woodruff <william@trailofbits.com>
