Commit graph

55 commits

Author SHA1 Message Date
Vladimir Diaz
b435618878 Remove extra whitespace around argument 2016-01-27 16:34:13 -05:00
Vladimir Diaz
1c8f41b0c0 Update import statements of unvendored dependencies 2015-06-02 08:29:22 -04:00
Vladimir Diaz
16685d2ff3 Add configuration option for supported URI schemes
Support only 'http' and 'https' by default.  Thanks Marcin W.
2015-05-04 15:34:22 -04:00
Vladimir Diaz
003847e73f Improve code coverage for download.py 2015-04-02 16:37:47 -04:00
Vladimir Diaz
b7cf7e6588 Improve each module's code coverage to at least 90%
Update unit tests for download.py, repository_lib.py, repository_tool.py, and updater.py.
Re-generate repository data so that compressed metadata may be tested.
2015-02-11 13:22:46 -05:00
Vladimir Diaz
49a3a4990b Fix comment / typo in unsafe_download() test condition 2014-06-18 09:06:49 -04:00
Vladimir Diaz
6dafddc10f Add test case for https connection. 2014-06-17 10:28:56 -04:00
Vladimir Diaz
e4c98d38ba Add missing test cases for download.py and and updater.py. 2014-06-12 09:33:12 -04:00
vladdd
15592b2e15 Add missing docstrings. 2014-06-09 12:34:58 -04:00
Vladimir Diaz
797bab5ddc Fix Python 2 + 3 JSON consistency issue and re-generate repository data.
Explicitly specify the JSON separators for Python 2 + 3 consistency.
2014-06-05 11:17:30 -04:00
Vladimir Diaz
dc167e4a27 Address Python 3.2 byte-string compatibility issues. 2014-05-29 12:59:36 -04:00
Vladimir Diaz
71b1d38c1b Update slow retrieval server and fix integration tests.
Update the slow retrieval server, integration tests, and the download module to address issues with unexpected exceptions and bytes.
2014-05-28 12:11:31 -04:00
vladdd
6b8b2399a2 Finish unit tests for Python2 + 3 support.
All unit tests updated / running for Python 2 + 3.
TODO: Fix non-Python 3 issue with util.py.
2014-05-27 13:55:48 -04:00
vladdd
bc99524e2b Finish initial refactor of slow retrieval attack. 2014-05-13 12:53:50 -04:00
vladdd
e4bd9a7ba2 [WIP] Refactor download.py 2014-05-11 22:59:42 -04:00
Vladimir Diaz
8684253675 [WIP] Python 2+3.
Mostly unicode-related changes for crypto modules.
2014-05-06 15:24:39 -04:00
Vladimir Diaz
ab95a4b3aa [WIP] Python 2+3 support.
Python 2+3 unicode.
libraries.
The following modules (and their tests) work in PY2.7+3.3:
keydb, hash, formats, mirrors
2014-04-29 14:27:34 -04:00
Vladimir Diaz
e23b4e5eae Merge branch 'develop' of https://github.com/theupdateframework/tuf into develop
Conflicts:
	tuf/__init__.py
	tuf/client/updater.py
2014-04-29 08:31:29 -04:00
vladdd
1e360846bf Reject expired metadata without loading.
Reject downloaded metadata as early as possible.  The top-level roles were all downloaded as a group and then their
expiration inspected.  All metadata provided by a mirror that has already expired is discarded immediately and the next mirror tried.  The update process stops if a requested role cannot be successfully validated, or one of its parents.

[2014-04-29 02:00:32,308 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/timestamp.json

[2014-04-29 02:00:32,324 UTC] [tuf.download] [INFO] [_check_downloaded_length:676@download.py]
Downloaded 544 bytes out of an upper limit of 16384 bytes.

[2014-04-29 02:00:32,324 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/timestamp.json

[2014-04-29 02:00:32,331 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/snapshot.json

[2014-04-29 02:00:32,333 UTC] [tuf.download] [INFO] [_check_downloaded_length:654@download.py]
Downloaded 1003 bytes out of the expected 1003 bytes.

[2014-04-29 02:00:32,334 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/snapshot.json

[2014-04-29 02:00:32,334 UTC] [tuf.client.updater] [INFO] [_check_hashes:696@updater.py]
The file's sha256 hash is correct: 5b3aec7cf295a25e4b39d875c7474511da9645bc6d27f9e86fb7e439c82e0ec7

[2014-04-29 02:00:32,335 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'snapshot' expired on Tue Apr 29 01:59:01 2014 (UTC).

Do not request, download, and install top-level roles if the root of trust has already expired after the inital load. If requested, update an expired root role:

[2014-04-29 01:18:02,457 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'root' expired on Mon Apr 28 23:23:57 2014 (UTC).

[2014-04-29 01:18:02,458 UTC] [tuf.client.updater] [INFO] [refresh:628@updater.py]
Expired Root metadata was loaded from disk.  Try to update it now.

[2014-04-29 01:18:02,458 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/root.json

[2014-04-29 01:18:02,461 UTC] [tuf.download] [INFO] [_check_downloaded_length:676@download.py]
Downloaded 1198 bytes out of an upper limit of 512000 bytes.

[2014-04-29 01:18:02,461 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/root.json

[2014-04-29 01:18:02,462 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'root' expired on Mon Apr 28 23:23:57 2014 (UTC).

Note: An expired 'root' was provided by the server.  The requested root must also be signed by keys trusted by the client.
2014-04-28 22:31:42 -04:00
Vladimir Diaz
a7f28b9af4 [WIP] Python 2+3 support.
Add six, convert PY <=2.5 exception handling, dictionary iteration, libraries, 1/2 the tests.
2014-04-22 15:03:42 -04:00
vladdd
e0864ee3ab Update slow retrieval server and attack.
Ensure the target file used in the slow retrieval attack is larger than tuf.conf.SLOW_START_GRACE_PERIOD.  The previous size of the test file might have led to inconsistent triggering of a slow retrieval error.
2014-04-21 05:34:16 -04:00
vladdd
08a2bad2c0 Add Travis CI, coveralls, and coverage-related updates. 2014-04-20 16:15:19 -04:00
Vladimir Diaz
5d1906a239 Update issues #151 and #137.
Update docstrings and comments and complete the initial implementation of issue 151.
Adjust logger level for tuf.download._check_downloaded_length().
Initial implementation of issue 137.
2014-01-21 14:42:28 -05:00
vladdd
52fdb2ea5f Adjust logger level for compressed and uncompressed metadata. 2014-01-18 20:45:21 -05:00
vladdd
fbd7b147e8 Address Issues #151 and #156.
Adjust logger messages and levels.
Update use of tuf.conf variable so that it can be updated in code.
Update updater.py comments.
2014-01-18 18:37:27 -05:00
dachshund
9ddd2617f5 Redundantly verify file length in updater.
You may argue that the redundancy is unnecessary (pun intended), but it
is there because redundancy means one safety check will work where
another fails. I introduced this redundant file length check because the
updater unit test is mocking the download functions, which means that
file length checks in the download functions are being bypassed.
Redundancy is a good thing for safety.
2013-09-09 21:21:32 -04:00
dachshund
f90b4b72f9 Accurately account for slow server start grace period. 2013-09-09 13:50:17 -04:00
dachshund
5bc997117f Fix #42. 2013-09-09 11:39:39 -04:00
dachshund
a96169d42a Address comments from 01db53dac6. 2013-09-08 02:14:22 -04:00
dachshund
882bb95646 A way to mitigate #42. 2013-09-08 00:32:09 -04:00
dachshund
53f893781c Fix a couple of bugs.
Read file before it is closed.
Remove incorrect slow retrieval defense.
2013-09-06 14:38:30 -04:00
dachshund
c4557c2a0c WIP on refactoring the updater and downloader. 2013-09-05 15:44:29 -04:00
dachshund
36a11f7f0a Adapt the updater unit test against latest changes. 2013-09-05 00:23:23 -04:00
dachshund
74e5764a53 Merge with updater/download refactoring from @zanefisher.
Update download unit test to work after refactoring, but it is a little
incomplete (in particular, the unsafe_download function needs more testing).
2013-09-04 23:45:08 -04:00
zanefisher
5970ad8c25 Refactor client.updater, removing verification from download.py. 2013-09-04 20:12:51 -04:00
dachshund
3bbe4672d7 Replace generic exception with a specific one. 2013-09-04 17:29:06 -04:00
dachshund
9734b68d15 Merge #99. 2013-09-03 12:52:47 -04:00
zhengyuyu
dcae72c19d delete signal import 2013-08-28 05:53:00 -04:00
zhengyuyu
6638089b99 Fix the slow retrieval attack issue
download.py:Add a timeout and rewrite the _fileobject.read()

test_slow_retrieval_attack.py:Add a new kind of slow retrieval attack

slow_retrieval_server.py:Modification for new kind of slow retrieval attack
2013-08-28 05:43:47 -04:00
dachshund
3c18b58b71 Adapt Zheng Yuyu's changes. 2013-08-06 13:40:24 -04:00
zhengyuyu
0c83799c85 Fix the endless data attack issue
modification of updater.py for download.py

modification of conf.py for fix

modification of test_download.py for download.py

modification of test_updater.py for download.py

add a new test of endless data attack to metadata timestamp.txt

more readable and fix the endless data attack issue.
2013-08-02 16:32:55 -04:00
dachshund
6c2251c0bd Merge code from @zhengyuyu which makes a function more readable.
His code splits tuf.download.download_url_to_tempfileobj into two major
pieces. The first piece opens a connection to a URL, and computes
the required and reported lengths for downloading data from that given
URL. The second piece downloads data from the given URL in such a way
that we can defend against endless data and slow retrieval attacks.
2013-07-22 14:23:29 -04:00
zhengyuyu
20551a7989 Splits the real download procedure from the download_url_to_tempfileobj and put it into a new function. this makes the download_url_to_tempfileobj clearer and more modular 2013-07-22 00:20:12 -04:00
dachshund
83fd9bed24 Merge branch 'master' into interposition 2013-03-19 01:14:15 -04:00
dachshund
384c656ef7 Partial remedy for #26, #33 (expected vs actual data length).
Do not wish to risk breaking tuf.client.updater at this point,
where the fault lies because metadata metadata is not checked.

We are aware of #26 and #33, and actively working to fix them.
2013-03-13 01:05:26 -04:00
Kon
4485b6bfa0 Update download.py
Removed an unnecessary raise in _open_connection().
2013-03-06 08:44:30 -05:00
dachshund
31b97634b4 Allow users to require SSL certificate verification during interposition. 2013-03-04 19:54:41 -05:00
dachshund
d03dd0f2ec Copy SSL certificate verification from pip. 2013-03-04 18:01:15 -05:00
dachshund
b7fb79328f Remove SSL cert verification code until we verify it. 2013-02-28 16:46:04 -05:00
dachshund
d84e68d655 Use file copy instead of a git submodule. 2013-02-22 18:11:36 -05:00