-
Notifications
You must be signed in to change notification settings - Fork 271
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(WIP/Collaboration) rewrites for delegation graph issues #846
Commits on Apr 3, 2019
-
Add helper funcs for roledb: get_delegation, _is_top_level_role
These aid in the roledb rewrite to start to address Issue #660. Also add two minor TODOs. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for fc7308a - Browse repository at this point
Copy the full SHA fc7308aView commit details -
WIP: in roledb, remove intermediate data format; #660
- Rename and alter some schemas that really address delegations, to make that clear. - Do away with the ROLEDB_SCHEMA, an intermediate metadata format that is not necessary and which incorrectly flattens the delegation graph, and similar schemas. - Rewrite getters/setters in roledb to respect the delegation graph rather than assuming that delegated targets roles have only one delegation pointing to them (see Issue #660). - Add a variety of TODOs for later. - Clarify docstrings as a result of the above. reinterpreting metadata Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for fd86d04 - Browse repository at this point
Copy the full SHA fd86d04View commit details -
WIP, DO NOT MERGE -- quick sketch of new schemas in formats.py
This is mid-development, but I'm pushing it so that Aditya can see where things are and the general shape of things. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 6464f7a - Browse repository at this point
Copy the full SHA 6464f7aView commit details -
DOC: improve formats.py module explanation/docstring
Warn folks about the larger structures being near the end, make description a bit more readable, highlight matches() and check_match() funcs, emphasize that this module defines the data structures / formats used. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for af271dc - Browse repository at this point
Copy the full SHA af271dcView commit details -
Revise formats.py: version numbers, paths, minor misses
- remove re-definition of rolename_schema - use securesystemslib.formats.PATH_SCHEMA for all paths, rather than using RELPATH_SCHEMA, which implies a distinction that we do not actually make, and checks we do not actually perform. - use INTEGER_NATURAL_SCHEMA for lengths and metadata versions Excludes fileinfo-related adjustments of the above, as those will follow in a separate fileinfo-specific commit. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 2705b1e - Browse repository at this point
Copy the full SHA 2705b1eView commit details -
PR revision: SIGNING_SCHEMA -> SIGNERS_SCHEMA
The misleadingly-named ROLE_SCHEMA was renamed to SIGNING_SCHEMA, but I'm now making it SIGNERS_SCHEMA, which I think is clearer. I also added an example. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 0aad781 - Browse repository at this point
Copy the full SHA 0aad781View commit details -
PR revision: minor bugfix in ROLES_SCHEMA definition
Failed to include key and value definitions. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 42b14ef - Browse repository at this point
Copy the full SHA 42b14efView commit details -
Rewrite FILEINFO schemas for clarity, and add comments
In TUF, we store information about files in a variety of ways. Sometimes, versions are used, and sometimes length and hashes are required. So FILEINFO_SCHEMA will match any of these three new schemas: FILEINFO_IN_TIMESTAMP_SCHEMA, FILEINFO_IN_SNAPSHOT_SCHEMA, and FILEINFO_IN_TARGETS_SCHEMA. This should be more intuitive than the former mess, I think. I also renamed TARGETINFO to LABELED_FILEINFO_SCHEMA, with an explanation. I hope that proves more intuitive as well. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 4998117 - Browse repository at this point
Copy the full SHA 4998117View commit details -
DO NOT MERGE -- adds a TODO to roledb
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for a64fe91 - Browse repository at this point
Copy the full SHA a64fe91View commit details
Commits on Apr 15, 2019
-
PR revision: bugfix and rename roledb._is_top_level_role
It'll now be a public function used by other modules (tuf.sig), so make it public and improve the name (takes a rolename, not a role): roledb.is_top_level_rolename(). Also bugfix it to handle casing issues. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 0c7c64e - Browse repository at this point
Copy the full SHA 0c7c64eView commit details -
DOC: Simplify module docstring for tuf.sig
It previously included information that wasn't really appropriate at this level of the code (about the project as a whole). Add short summary and list the two public functions with short explanations. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 9a578f8 - Browse repository at this point
Copy the full SHA 9a578f8View commit details -
Refactor and correct tuf.sig for Issue #660:
- get_signature_status() and verify() will expect EITHER: - keyids AND threshold - a rolename never both. A rolename can be used in place of keyids and threshold only for top-level roles, and keyids and threshold will then be drawn from currently trusted Root metadata. See comments in the code for more. This includes making rolename an optional argument. Now uses tuf.roledb.is_top_level_rolename. - renamed "role" argument to "rolename", which is more correct (since the actual role metadata is another argument...) - Pulled the elaborate argument validation and the retrieval of keyids and threshold from Root metadata into a separate function: _determine_keyids_and_threshold_to_use - perform retrieval of keyids and threshold only from Root metadata, for top-level roles (part of #660) - removed unused generate_rsa_signature - cleaned up the structure of get_signature_status() a bit Tests will break and require fixes. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 1fcc652 - Browse repository at this point
Copy the full SHA 1fcc652View commit details
Commits on Apr 16, 2019
-
PR revision: remove leftover code in get_signature_status:
The keyids and threshold retrieval are already performed above now, so this lingering threshold retrieval is no longer needed. Move the comment about errors it would raise to where that actually would happen now (and refine comment given new functionality). Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for cd3d470 - Browse repository at this point
Copy the full SHA cd3d470View commit details -
Remove tests for deleted functions in tuf.sig
tuf.sig.generate_rsa_signature and tuf.sig.may_need_new_keys were not necessary and were deleted. This commit removes their tests. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 43750ba - Browse repository at this point
Copy the full SHA 43750baView commit details -
minor: DOC: clarify comment in test_sig
Explain the test conditions. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for cdae6b3 - Browse repository at this point
Copy the full SHA cdae6b3View commit details -
DO NOT MERGE: add TODOs to test_sig for after roledb changes
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for e6660cb - Browse repository at this point
Copy the full SHA e6660cbView commit details
Commits on Apr 19, 2019
-
Configuration menu - View commit details
-
Copy full SHA for fe8530f - Browse repository at this point
Copy the full SHA fe8530fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7e5e90a - Browse repository at this point
Copy the full SHA 7e5e90aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3e3a94b - Browse repository at this point
Copy the full SHA 3e3a94bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 46b6d6e - Browse repository at this point
Copy the full SHA 46b6d6eView commit details -
Configuration menu - View commit details
-
Copy full SHA for ed2a486 - Browse repository at this point
Copy the full SHA ed2a486View commit details -
Configuration menu - View commit details
-
Copy full SHA for d11ec7a - Browse repository at this point
Copy the full SHA d11ec7aView commit details -
Configuration menu - View commit details
-
Copy full SHA for b710a18 - Browse repository at this point
Copy the full SHA b710a18View commit details -
Configuration menu - View commit details
-
Copy full SHA for c3f473f - Browse repository at this point
Copy the full SHA c3f473fView commit details -
Configuration menu - View commit details
-
Copy full SHA for b93122c - Browse repository at this point
Copy the full SHA b93122cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 914c93b - Browse repository at this point
Copy the full SHA 914c93bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0212f32 - Browse repository at this point
Copy the full SHA 0212f32View commit details
Commits on Apr 23, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 339f7c4 - Browse repository at this point
Copy the full SHA 339f7c4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 773e7f6 - Browse repository at this point
Copy the full SHA 773e7f6View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8a86da9 - Browse repository at this point
Copy the full SHA 8a86da9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0809280 - Browse repository at this point
Copy the full SHA 0809280View commit details -
Configuration menu - View commit details
-
Copy full SHA for e9b23eb - Browse repository at this point
Copy the full SHA e9b23ebView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9398209 - Browse repository at this point
Copy the full SHA 9398209View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9569246 - Browse repository at this point
Copy the full SHA 9569246View commit details -
Configuration menu - View commit details
-
Copy full SHA for bb3bc15 - Browse repository at this point
Copy the full SHA bb3bc15View commit details -
Configuration menu - View commit details
-
Copy full SHA for d893b65 - Browse repository at this point
Copy the full SHA d893b65View commit details -
Configuration menu - View commit details
-
Copy full SHA for e9bd455 - Browse repository at this point
Copy the full SHA e9bd455View commit details -
Configuration menu - View commit details
-
Copy full SHA for 844a2ce - Browse repository at this point
Copy the full SHA 844a2ceView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4e1f89a - Browse repository at this point
Copy the full SHA 4e1f89aView commit details -
Configuration menu - View commit details
-
Copy full SHA for b2d36c5 - Browse repository at this point
Copy the full SHA b2d36c5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 24daeaf - Browse repository at this point
Copy the full SHA 24daeafView commit details
Commits on Apr 24, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 19ef4b9 - Browse repository at this point
Copy the full SHA 19ef4b9View commit details -
Configuration menu - View commit details
-
Copy full SHA for ab6df47 - Browse repository at this point
Copy the full SHA ab6df47View commit details
Commits on Apr 26, 2019
-
Configuration menu - View commit details
-
Copy full SHA for cf8f93e - Browse repository at this point
Copy the full SHA cf8f93eView commit details
Commits on Apr 30, 2019
-
Configuration menu - View commit details
-
Copy full SHA for 52d4923 - Browse repository at this point
Copy the full SHA 52d4923View commit details -
Configuration menu - View commit details
-
Copy full SHA for f9c351a - Browse repository at this point
Copy the full SHA f9c351aView commit details -
PR Revision: Fix misleading error msg, roledb.get_delegation
An error that is raised if someone tries to query a delegation that shouldn't exist (root to a delegated targets role or a delegated targets role to root, say) previously only described one direction, leading to misleading error messages. It now explains both possible causes of the error. Also removes a pdb.set_trace() left over from prior revisions. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for ea3c4a9 - Browse repository at this point
Copy the full SHA ea3c4a9View commit details -
Fix remaining test_roledb tests, reorganize arg tests
Two functions now exist to replace _test_rolename (which was a bit of a misleading name), and these are now used to perform argument testing for roledb functions that query a single role or query information about a delegation from one role to another role. In addition, tests for roledb.get_delegated_paths were also updated, duplicating some of the above for reasons explained in code comments. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for fdcf829 - Browse repository at this point
Copy the full SHA fdcf829View commit details -
Configuration menu - View commit details
-
Copy full SHA for 131afb8 - Browse repository at this point
Copy the full SHA 131afb8View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0c7f8a1 - Browse repository at this point
Copy the full SHA 0c7f8a1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3c5d182 - Browse repository at this point
Copy the full SHA 3c5d182View commit details
Commits on May 1, 2019
-
Merge branch '660_fix_roledb_tests' into 660_respect_delegation_graph
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for fc872d7 - Browse repository at this point
Copy the full SHA fc872d7View commit details