Skip to content

ngclient: use MetaFile/TargetFile verification #1467

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 7, 2021
Merged

ngclient: use MetaFile/TargetFile verification #1467

merged 3 commits into from
Jul 7, 2021

Conversation

sechkova
Copy link
Contributor

Fixes #1410

Description of the changes being introduced by the pull request:

Use the newly added MetaFile/TargetFile.verify_length_and_hashes in the ngclient workflow.

Please verify and check that the pull request fulfills the following
requirements:

  • The code follows the Code Style Guidelines
  • Tests have been added for the bug fix or new feature
  • Docs have been added for the bug fix or new feature

@sechkova
Copy link
Contributor Author

Only the last two commits are new in this PR: 39ebe92 f8ecac8

@sechkova
Use MetaFile.verify_length_and_hashes in ngclient
eafa321 
Use MetaFile.verify_length_and_hashes during snapshot
and targets verification in TrustedMetadataSet.

Remove pylint: disable=too-many-branches.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
@sechkova sechkova force-pushed the use-api-hash-verification branch from f8ecac8 to 3f18151 Compare July 5, 2021 14:58
@sechkova sechkova marked this pull request as ready for review July 5, 2021 15:02
@sechkova
Copy link
Contributor Author

sechkova commented Jul 5, 2021

Rebased on develop

jku
jku reviewed Jul 5, 2021
View reviewed changes
Copy link
Member

@jku jku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good I think. Handling the exception just to raise again is a bit annoying but ... also probably correct:

  • in these cases we do want to raise a RepositoryError -- client has no way to "handle" this error
  • but other cases might be different (like if client itself was testing a cached file)

just on one question: what about the targetfile check in updated_targets()? it's a bit different case but should be able to use the same methods

tuf/ngclient/updater.py Outdated
@@ -205,17 +205,21 @@ def download_target(
else:
target_base_url = _ensure_trailing_slash(target_base_url)

full_url = parse.urljoin(target_base_url, targetinfo["filepath"])
target_filepath = targetinfo["filepath"]
target_fileinfo = targetinfo["fileinfo"]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
target_fileinfo = targetinfo["fileinfo"]
target_fileinfo:TargetFile = targetinfo["fileinfo"]

the real fix would be fixing the targetinfo argument type but this helps typing in the mean time

sechkova added 2 commits July 6, 2021 14:05
@sechkova
Use TargetFile.verify_length_and_hashes in download_target
aeccb05 
Replace Updater._check_file_lenght and Updater._check_hashes_obj
with TargetFile.verify_length_and_hashes.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
@sechkova
Use TargetFile.verify_length_and_hashes in updated_targets
1b28604 
Remove the hash check and call TargetFile.verify_length_and_hashes
instead.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
@sechkova sechkova force-pushed the use-api-hash-verification branch from 3f18151 to 1b28604 Compare July 6, 2021 11:09
@sechkova
Copy link
Contributor Author

sechkova commented Jul 6, 2021

just on one question: what about the targetfile check in updated_targets()? it's a bit different case but should be able to use the same methods

🙄
1b28604 <- I used them now
aeccb05 is the same commit with added TargetFile type

jku
jku approved these changes Jul 6, 2021
View reviewed changes
Copy link
Member

@jku jku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@jku jku merged commit a71ec9d into theupdateframework:develop Jul 7, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jku jku jku approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ngclient: use MetaFile/TargetFile verification API when it exists
2 participants
@sechkova @jku