Merge pull request #842 from theupdateframework/improve_spec_version_…

…handling Improve the way specification version is checked in metadata
theupdateframework · Mar 28, 2019 · 2d2e401 · 2d2e401
2 parents a4cf9c9 + 18ef3b4
commit 2d2e401
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 12 deletions.
diff --git a/tests/test_updater.py b/tests/test_updater.py
@@ -739,8 +739,13 @@ def test_3__update_metadata(self):
 
   def test_3__get_metadata_file(self):
 
+    '''
+    This test focuses on making sure that the updater rejects unknown or
+    badly-formatted TUF specification version numbers....
+    '''
+
     valid_tuf_version = tuf.formats.TUF_VERSION_NUMBER
-    tuf.formats.TUF_VERSION_NUMBER = '2'
+    tuf.formats.TUF_VERSION_NUMBER = '9.0'
 
     repository = repo_tool.load_repository(self.repository_directory)
     repository.timestamp.load_signing_key(self.role_keys['timestamp']['private'])
@@ -757,8 +762,18 @@ def test_3__get_metadata_file(self):
       upperbound_filelength, 1)
 
     except tuf.exceptions.NoWorkingMirrorError as e:
+      # Note that this test provides a piece of metadata which would fail to
+      # be accepted -- with a different error -- if the specification version
+      # number were not a problem.
       for mirror_error in six.itervalues(e.mirror_errors):
-        assert isinstance(mirror_error, securesystemslib.exceptions.BadVersionNumberError)
+        assert isinstance(
+            mirror_error, tuf.exceptions.UnsupportedSpecificationError)
+
+    else:
+      self.fail(
+          'Expected a failure to verify metadata when the metadata had a '
+          'specification version number that was unexpected.  '
+          'No error was raised.')
 
     # Test for an improperly formatted TUF version number.
     tuf.formats.TUF_VERSION_NUMBER = 'BAD'
@@ -779,6 +794,12 @@ def test_3__get_metadata_file(self):
       for mirror_error in six.itervalues(e.mirror_errors):
         assert isinstance(mirror_error, securesystemslib.exceptions.FormatError)
 
+    else:
+      self.fail(
+          'Expected a failure to verify metadata when the metadata had a '
+          'specification version number that was not in the correct format.  '
+          'No error was raised.')
+
     # Reset the TUF_VERSION_NUMBER so that subsequent unit tests use the
     # expected value.
     tuf.formats.TUF_VERSION_NUMBER = valid_tuf_version

diff --git a/tuf/client/updater.py b/tuf/client/updater.py
@@ -166,11 +166,6 @@
 iso8601_logger = logging.getLogger('iso8601')
 iso8601_logger.disabled = True
 
-# Metadata includes the specification version number that it follows.
-# All downloaded metadata must be equal to our supported major version of 1.
-# For example, "1.4.3" and "1.0.0" are supported.  "2.0.0" is not supported.
-SUPPORTED_MAJOR_VERSION = 1
-
 
 class MultiRepoUpdater(object):
   """
@@ -1497,11 +1492,15 @@ def _get_metadata_file(self, metadata_role, remote_filename,
         # version number of new metadata equals our expected major version
         # number, the new metadata is safe to parse.
         try:
-          spec_version_parsed = metadata_signable['signed']['spec_version'].split('.')
-          if int(spec_version_parsed[0]) != SUPPORTED_MAJOR_VERSION:
-            raise securesystemslib.exceptions.BadVersionNumberError('Downloaded'
-              ' metadata that specifies an unsupported spec_version.  Supported'
-              ' major version number: ' + repr(SUPPORTED_MAJOR_VERSION))
+          metadata_spec_version = metadata_signable['signed']['spec_version']
+          spec_major_version = int(metadata_spec_version.split('.')[0])
+          if spec_major_version != tuf.formats.SUPPORTED_MAJOR_VERSION:
+            raise tuf.exceptions.UnsupportedSpecificationError(
+                'Downloaded metadata that specifies an unsupported '
+                'spec_version.  This code supports major version number: ' +
+                repr(tuf.formats.SUPPORTED_MAJOR_VERSION) + '; however, the '
+                'obtained metadata lists version number: ' +
+                str(metadata_spec_version))
 
         except (ValueError, TypeError):
           raise securesystemslib.exceptions.FormatError('Improperly'

diff --git a/tuf/exceptions.py b/tuf/exceptions.py
@@ -40,6 +40,12 @@ class Error(Exception):
   """Indicate a generic error."""
 
 
+class UnsupportedSpecificationError(Error):
+  """
+  Metadata received claims to conform to a version of the specification that is
+  not supported by this client.
+  """
+
 class FormatError(Error):
   """Indicate an error while validating an object's format."""
 

diff --git a/tuf/formats.py b/tuf/formats.py
@@ -90,7 +90,12 @@
 # TUF specification version.  The constant should be updated when the version
 # number of the specification changes.  All metadata should list this version
 # number.
+# Metadata includes the specification version number that it follows.
+# All downloaded metadata must be equal to our supported major version of 1.
+# For example, "1.4.3" and "1.0.0" are supported.  "2.0.0" is not supported.
 TUF_VERSION_NUMBER = '1.0'
+SUPPORTED_MAJOR_VERSION = int(TUF_VERSION_NUMBER.split('.')[0])
+
 SPECIFICATION_VERSION_SCHEMA = SCHEMA.AnyString()
 
 # A datetime in 'YYYY-MM-DDTHH:MM:SSZ' ISO 8601 format.  The "Z" zone designator