Commit graph

6224 commits

Author SHA1 Message Date
Martin Vrachev
ea20e86380 Make "bind successful" the first server message
The current implementation for server startup in TestServerProcess
relies on the fact that "bind successful..." is the first message
sent by the server process.
Make sure that this is true and leave a comment about this.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-11-13 14:01:57 +02:00
Martin Vrachev
2104dab897 Add tests for tests/utils.py
We want to make sure that server are successfully started in
the common use cases and that the new port generation works.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-11-13 14:01:57 +02:00
Martin Vrachev
6462779230 Remove sleep from test_slow_retrieval_attack.py
Now, after we can use wait_for_server and the retry mechanism
of TestServerProcess in utils.py we no longer need to use
sleep in this test file.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-11-13 14:01:57 +02:00
Martin Vrachev
54c837f654 Remove unused random module imports
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-11-13 14:01:57 +02:00
Martin Vrachev
5d9a6f6598 Tests: Queue replace tmp files, OS port creation
These changes can be summarized with the following bullets:
- Delegate generation of ports used for the tests to the OS
- Use thread-safe Queue for processes communication
instead of temporary files
- Remove all instances of port generation or hardcoded ports
- Make test_slow_retrieval.py fully conform with TestServerProcess

Delegate generation of ports used for the tests to the OS is much
better than if we manually generate them, because there is always
a chance that the port we have randomly pick turns out to be taken.
By giving 0 to the port argument we ask the OS to give us
an arbitrary unused port.

Use thread-safe Queue for processes communication instead of temporary
files became a necessity because of findings made by Jussi Kukkonen.
With the latest changes made in pr 1192 we were rapidly reading
from the temporary files and Jussi found that it happened rarely
the successful message "bind succeded..." to be corrupted.
It seems, this is a thread issue related to the thread redirecting
the subprocess stdout to the temp file and our thread rapidly
reading from the file.
By using a thread-safe Queue we eliminate this possibility.
For reference read:
https://github.com/theupdateframework/tuf/issues/1196

Lastly, test_slow_retrieval.py and slow_retrieval.py were refactored.
Until now, slow_retrieval.py couldn't use the TestServerProcess class
from utils.py for a port generation because of a bug related to
httpd.handle_request().
Now, when we use httpd.serve_forever() we can refactor both of those
files and fully conform with TestServerProcess.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-11-13 14:01:57 +02:00
Martin Vrachev
592a94726d Remove test_slow_retrieval expected failure test
Remove the test with mode 2 ('mode_2': During the download process,
the server blocks the download by sending just several characters
every few seconds.) from test_slow_retrieval.

This test is marked as "expected failure" with the purpose of
rewriting it one day, but slow retrievals have been removed from
the specification and soon it will be removed from the tuf
reference implementation as a whole.
That means that the chances of making this test useful are close
to 0 if not none.

The other test (with mode 1) in test_slow_retrieval is not removed.

For reference:
- https://github.com/theupdateframework/specification/pull/111
- https://github.com/theupdateframework/tuf/pull/1156

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-11-13 14:01:57 +02:00
lukpueh
549b899a85
Merge pull request #1210 from theupdateframework/dependabot/pip/requests-2.25.0
build(deps): bump requests from 2.24.0 to 2.25.0
2020-11-13 12:25:42 +01:00
lukpueh
65d5987fcb
Merge pull request #1212 from theupdateframework/dependabot/pip/urllib3-1.26.2
build(deps): bump urllib3 from 1.25.11 to 1.26.2
2020-11-13 12:25:23 +01:00
dependabot-preview[bot]
d2f51d6cde
build(deps): bump urllib3 from 1.25.11 to 1.26.2
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.11 to 1.26.2.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/1.25.11...1.26.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-11-13 10:23:47 +00:00
lukpueh
af18e75413
Merge pull request #1208 from lukpueh/migrate-travis
Update Travis CI build badge/docs after migration
2020-11-12 15:57:00 +01:00
dependabot-preview[bot]
0c0e1146a3
build(deps): bump requests from 2.24.0 to 2.25.0
Bumps [requests](https://github.com/psf/requests) from 2.24.0 to 2.25.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/master/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.24.0...v2.25.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-11-12 10:22:52 +00:00
Lukas Puehringer
d46ebd016e Update Travis CI build badge/docs after migration
Update badge URL in readme after migrating from travis-ci.org to
travis-ci.com, due to brownout on the former.

Migration was performed via Travis Web UI:
https://docs.travis-ci.com/user/migrate/open-source-repository-migration

NOTE: This is a quick fix to speed up Travis builds until we switch
to GitHub Actions (#1195)

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-11-12 10:07:53 +01:00
Joshua Lock
02416e3376 updater: more optimal file length checking
Rather than read to the end of the file in order to determin its size, use
the whence value of seek() to move the file object's position to the end
of the file, then the tell() method of the file object to read the current
position in bytes.

Co-authored-by: Jussi Kukkonen <jkukkonen@vmware.com>
Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-11-11 15:53:07 +00:00
lukpueh
11e2f4ca48
Merge pull request #1191 from lukpueh/adopt-sslib-interface-changes
Adopt sslib keygen interface encryption changes
2020-11-11 11:31:35 +01:00
Lukas Puehringer
dc20fdbffd Update securesystemslib dependency to 0.18.0
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-11-11 10:28:05 +01:00
Lukas Puehringer
ff8819577b Adopt sslib keygen interface encryption changes
secure-systems-lab/securesystemslib#288 changes the key generation
interface functions in such a way that it is clear if a call opens
a blocking prompt, or writes the key unencrypted. To do this two
functions are added per key type:
 - `generate_and_write_*_keypair_with_prompt`
 - `generate_and_write_unencrypted_*_keypair`

The default `generate_and_write_*_keypair` function now only allows
encrypted keys and only using a passed password. This respects the
principle of secure defaults and least surprise.

sslib#288 furthermore adds a protected
`_generate_and_write_*_keypair`, which is not exposed publicly
because it does not encrypt by default, but is more flexible and
thus convenient e.g. to consume all arguments from a key generation
command line tool such as 'repo.py'.

This commit adds the new public functions to the tuf namespace and
adopts their usage accordingly.

NOTE regarding repo.py:
This commit does not fix any problematic password behavior of
'repo.py' like default passwords, etc. (see #881). It only adopts
the sslib#288 changes to maintain the current behvior, plus
removing one glaringly obsolete password prompt.

NOTE regarding key import:
The securesystemslib private key import functions were also changed
to no longer auto-prompt for decryption passwords , TUF, however,
only exposes custom wrappers (see repository_lib) that do
auto-prompt. sslib#288 changes to the prompt texts are nevertheless
propagated to tuf and reflected in this commit.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-11-11 10:27:56 +01:00
Joshua Lock
ad1335b6ed updater: simplify Updater.download_target() call stack
The call stack and code for download_target() is more complex than
required:
* download_target() : builds target destination filepath, gets length
  and hashes
* _get_target_file() : fixes filenames if consistent snapshots enabled,
  defines verification callback
* _get_file() : iterates mirrors, tries to download files, verifies them

Remove the verification callback and collapse the call stack by a single
level to make the code easier to follow.

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-11-09 15:55:27 +00:00
Joshua Lock
b3ada5bb0b updater: remove unused _soft_check_file_length
This internal method isn't used by any code other than tests.

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-11-09 15:55:27 +00:00
Teodora Sechkova
5bfd9dd94c
Add tests for root and targets metadata
Add test cases for Root(Signed) and Targets(Signed) classes.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2020-11-09 11:38:26 +02:00
Teodora Sechkova
fe439d2014
Fix passing dictionaries by reference in TestMetadata
Use deepcopy to ensure that the dictionaries with expected data
are not referencing the same memory as the tested ones.

Add a check asserting that metadata is not equal prior to its
update.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2020-11-09 11:38:25 +02:00
Teodora Sechkova
82726359da
Add root metadata class
Add root metadata class to tuf.api.metadata module and implement
(de)serialisation and modification methods.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2020-11-09 11:37:55 +02:00
lukpueh
201e07ddca
Merge pull request #1200 from MVrachev/add-python3.9
Add support for python 3.9
2020-11-09 09:44:43 +01:00
Martin Vrachev
d055c4216d Add support for python 3.9
Python 3.9 is released on October 5-th 2020 and it seems
logical to add support for it.

For reference read:
https://docs.python.org/3/whatsnew/3.9.html

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-11-05 19:47:13 +02:00
Joshua Lock
a88a5bd69e
Merge pull request #1187 from MVrachev/change-aggregate-test
Simplify aggregate_tests.py
2020-11-02 21:22:44 +00:00
lukpueh
6cb9d4565d
Merge pull request #1194 from jku/speedup-indefinite-freeze-tests
Speedup indefinite freeze tests
2020-11-02 11:43:58 +01:00
Martin Vrachev
fa899cca20 Simplify aggregate_tests.py
There is a simpler way to skip modules or particular tests
built-in into the unittest module.
That's why it doesn't make sense for us to manually filter
modules based on the python version we are running.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-30 17:16:39 +02:00
lukpueh
cab9738e3c
Merge pull request #1190 from theupdateframework/dependabot/pip/cryptography-3.2.1
build(deps): bump cryptography from 3.2 to 3.2.1
2020-10-30 12:49:48 +01:00
Jussi Kukkonen
05cf09071b tests: Use version specific import for mock
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-30 13:10:06 +02:00
Jussi Kukkonen
ca048a2744 tests: Remove sleeps from indefinite freeze tests
Instead of sleeping, mock time.time() so Updater thinks it lives in the
future.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-29 20:43:36 +02:00
Jussi Kukkonen
e7ce873f12 updater: Add missing Exception documentation
Added ExpiredMetadataError to function documentation where it seems to
be missing.

Corrected the refresh() documentation: ExpiredMetadataError can only
happen when top level metadata does not need to be updated but is
expired. If the metadata gets updated and is expired, the result will
be a NoWorkingMirror with ExpiredMetadata inside it.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-29 20:36:33 +02:00
dependabot-preview[bot]
2f039b6f13
build(deps): bump cryptography from 3.2 to 3.2.1
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.2 to 3.2.1.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.2...3.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-28 10:20:32 +00:00
lukpueh
9908f8eedd
Merge pull request #1182 from joshuagl/joshuagl/adrs
Start to keep Architectural Decision Records (ADRs) for tuf reference implementation
2020-10-27 12:28:58 +01:00
Joshua Lock
1b3f580dc9 ADR0001: clarify when/where Python 3.6+ is expected
Provide additional context to clarify where we expect Python 3.6+ to be used
exclusively (new modules) and link to other discussions around the future of
Python 2.7 supporting code.

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-27 11:25:42 +00:00
Joshua Lock
e34e4b647b
Merge pull request #1189 from theupdateframework/dependabot/pip/cryptography-3.2
build(deps): bump cryptography from 3.1.1 to 3.2
2020-10-26 20:47:08 +00:00
Joshua Lock
71de3f64ef ADR: only use Python 3.6+
Document the decision drop support for EOL Python versions, most notable
Python 2.7

Fixes #1125

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-26 16:26:52 +00:00
Joshua Lock
19b9356598 Teach git to ignore Emacs backup files
Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-26 16:26:52 +00:00
Joshua Lock
e3d84391b4 docs/adr: start to keep ADRs in MADR format
In order to make decisions about the code and the design explicit and easier
to reference in future we want to record significant architectural decisions.

This commit introduces docs/adr with a template Architectural Decision Record
and index using the [MADR](https://adr.github.io/madr/) format.

It also adds ADR 0000 to document the decisions to use MADR.

Fixes #1141

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-26 16:26:52 +00:00
dependabot-preview[bot]
2be339f3a7
build(deps): bump cryptography from 3.1.1 to 3.2
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.1.1 to 3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.1.1...3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-26 10:22:23 +00:00
lukpueh
39341521bf
Merge pull request #1183 from joshuagl/joshuagl/tuf-0.15.0
Prepare 0.15.0 release
2020-10-23 14:53:31 +02:00
Lukas Puehringer
10b9db1e40 Prepare 0.15.0 release (II)
Update docs/CHANGELOG.md to include missing items.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-10-22 15:27:46 +02:00
lukpueh
c67fbb66d2
Merge pull request #1185 from jku/workaround-with-sslib-master-double-dependency
tox: Workaround double dep in with-sslib-master
2020-10-22 12:03:50 +02:00
Jussi Kukkonen
5db7e2d8ca tox: Workaround double dep in with-sslib-master
Commit eb00d14 modified requirements-pinned.txt so that sslib specifiers
are now "[crypto,pynacl]". This happens to match the exact specifiers
used for the sslib git master dependency in tox.ini. This triggers pip
to say:
  ERROR: Double requirement given: securesystemslib[crypto,pynacl]==0.16.0
  (from -r /home/jku/src/tuf/requirements-pinned.txt (line 12)) (already
  in securesystemslib[crypto,pynacl] from
  git+http://github.com/secure-systems-lab/securesystemslib.git@master#egg=securesystemslib[crypto,pynacl],
  name='securesystemslib')

Avoid this by not setting any specifiers for the sslib git master
dependency in tox.ini: This makes pip happy and we get the git master
version installed. pynacl and crypto are still installed because they
are in requirements-pinned.txt.

Fixes #1184.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-22 12:50:41 +03:00
Joshua Lock
d992e8b128 Add python-dateutil to test requirements
tests/test_api.py uses python-dateutil, therefore ensure it is installed
for Travis and AppVeyor.

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-21 18:39:25 +01:00
Joshua Lock
33ac374184 Bump securesystemslib from 0.16.0 to 0.17.0
We just released securesystemslib 0.17.0 and it would be better if tuf did
not pin the prior version.

https://pypi.org/project/securesystemslib/0.17.0/
https://github.com/secure-systems-lab/securesystemslib/releases/tag/v0.17.0

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-21 18:39:25 +01:00
Joshua Lock
8169b00745 Prepare 0.15.0 release
Update docs/CHANGELOG.md and bump version number for a 0.15.0 release

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-21 11:42:21 +01:00
Joshua Lock
bbcff077e4
Merge pull request #1179 from theupdateframework/dependabot/pip/urllib3-1.25.11
build(deps): bump urllib3 from 1.25.10 to 1.25.11
2020-10-21 11:06:31 +01:00
Joshua Lock
b570723d63
Merge pull request #1180 from joshuagl/joshuagl/nocolour
Make colorama dependency optional
2020-10-21 11:06:00 +01:00
Joshua Lock
eb00d14346 Remove colorama from requirements
The repo script was the only user and can now do the right thing when
colorama isn't available in the environment.

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-20 15:23:39 +01:00
Joshua Lock
d4705502fc repo: make colorama a soft dependency
Instead of using colorama directly for terminal colours, use the
constants in securesystemslib.interface which map to colorama colours
IFF colorama is installed.

This change results in a red password prompt when colorama is installed
and a standard terminal output coloured prompt when colorama is not
installed.

Signed-off-by: Joshua Lock <jlock@vmware.com>
2020-10-20 15:23:39 +01:00
Joshua Lock
f2366d5608
Merge pull request #1166 from MVrachev/confined-targets-optional
Make confined_target_dirs optional field
2020-10-20 11:44:08 +01:00