Use TUF specific RELPATH[S]_SCHEMA as they are removed from ssl

RELPATH_SCHEMA and RELPATHS_SCHEMA were removed from securesystemslib in commit 0cfe41826683b71733002e15ee25739dd2de2a4f and TUF specific implementations were added. Ensure they are used consistently throughout the codebase and declare them early enough in formats.py to be usable throughout. Signed-off-by: Joshua Lock <jlock@vmware.com>
theupdateframework · Sep 13, 2019 · 17800fd · 17800fd
1 parent 4fb4cb2
commit 17800fd
Show file tree

Hide file tree

Showing 9 changed files with 22 additions and 23 deletions.
diff --git a/tests/test_formats.py b/tests/test_formats.py
@@ -71,9 +71,9 @@ def test_schemas(self):
 
       'SCHEME_SCHEMA': (securesystemslib.formats.SCHEME_SCHEMA, 'rsassa-pss-sha256'),
 
-      'RELPATH_SCHEMA': (securesystemslib.formats.RELPATH_SCHEMA, 'metadata/root/'),
+      'RELPATH_SCHEMA': (tuf.formats.RELPATH_SCHEMA, 'metadata/root/'),
 
-      'RELPATHS_SCHEMA': (securesystemslib.formats.RELPATHS_SCHEMA,
+      'RELPATHS_SCHEMA': (tuf.formats.RELPATHS_SCHEMA,
                           ['targets/role1/', 'targets/role2/']),
 
       'PATH_SCHEMA': (securesystemslib.formats.PATH_SCHEMA, '/home/someuser/'),

diff --git a/tests/test_repository_lib.py b/tests/test_repository_lib.py
@@ -417,7 +417,7 @@ def test_get_target_hash(self):
       '/packages/file2.txt': 'c9c4a5cdd84858dd6a23d98d7e6e6b2aec45034946c16b2200bc317c75415e92'
     }
     for filepath, target_hash in six.iteritems(expected_target_hashes):
-      self.assertTrue(securesystemslib.formats.RELPATH_SCHEMA.matches(filepath))
+      self.assertTrue(tuf.formats.RELPATH_SCHEMA.matches(filepath))
       self.assertTrue(securesystemslib.formats.HASH_SCHEMA.matches(target_hash))
       self.assertEqual(repo_lib.get_target_hash(filepath), target_hash)
 

diff --git a/tests/test_updater.py b/tests/test_updater.py
@@ -1592,7 +1592,7 @@ def test_9__get_target_hash(self):
       '/Jalape\xc3\xb1o': '78bfd5c314680545eb48ecad508aceb861f8d6e680f4fe1b791da45c298cda88'
     }
     for filepath, target_hash in six.iteritems(expected_target_hashes):
-      self.assertTrue(securesystemslib.formats.RELPATH_SCHEMA.matches(filepath))
+      self.assertTrue(tuf.formats.RELPATH_SCHEMA.matches(filepath))
       self.assertTrue(securesystemslib.formats.HASH_SCHEMA.matches(target_hash))
       self.assertEqual(self.repository_updater._get_target_hash(filepath), target_hash)
 

diff --git a/tuf/client/updater.py b/tuf/client/updater.py
@@ -2627,7 +2627,7 @@ def targets_of_role(self, rolename='targets'):
 
     # Does 'rolename' have the correct format?
     # Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
-    securesystemslib.formats.RELPATH_SCHEMA.check_match(rolename)
+    tuf.formats.RELPATH_SCHEMA.check_match(rolename)
 
     # If we've been given a delegated targets role, we don't know how to
     # validate it without knowing what the delegating role is -- there could
@@ -2690,7 +2690,7 @@ def get_one_valid_targetinfo(self, target_filepath):
 
     # Does 'target_filepath' have the correct format?
     # Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
-    securesystemslib.formats.RELPATH_SCHEMA.check_match(target_filepath)
+    tuf.formats.RELPATH_SCHEMA.check_match(target_filepath)
 
     target_filepath = target_filepath.replace('\\', '/')
 

diff --git a/tuf/developer_tool.py b/tuf/developer_tool.py
@@ -694,7 +694,7 @@ def _save_project_configuration(metadata_directory, targets_directory,
   securesystemslib.formats.PATH_SCHEMA.check_match(metadata_directory)
   securesystemslib.formats.PATH_SCHEMA.check_match(prefix)
   securesystemslib.formats.PATH_SCHEMA.check_match(targets_directory)
-  securesystemslib.formats.RELPATH_SCHEMA.check_match(project_name)
+  tuf.formats.RELPATH_SCHEMA.check_match(project_name)
 
   cfg_file_directory = metadata_directory
 

diff --git a/tuf/formats.py b/tuf/formats.py
@@ -89,6 +89,10 @@
 # Must be 1, or greater.
 METADATAVERSION_SCHEMA = SCHEMA.Integer(lo=0)
 
+# A relative file path (e.g., 'metadata/root/').
+RELPATH_SCHEMA = SCHEMA.AnyString()
+RELPATHS_SCHEMA = SCHEMA.ListOf(RELPATH_SCHEMA)
+
 VERSIONINFO_SCHEMA = SCHEMA.Object(
   object_name = 'VERSIONINFO_SCHEMA',
   version = METADATAVERSION_SCHEMA)
@@ -97,7 +101,7 @@
 # role.  The dict keys hold the relative file paths, and the dict values the
 # corresponding version numbers and/or file information.
 FILEINFODICT_SCHEMA = SCHEMA.DictOf(
-  key_schema = securesystemslib.formats.RELPATH_SCHEMA,
+  key_schema = RELPATH_SCHEMA,
   value_schema = SCHEMA.OneOf([VERSIONINFO_SCHEMA,
                               securesystemslib.formats.FILEINFO_SCHEMA]))
 
@@ -114,7 +118,7 @@
   keyids = securesystemslib.formats.KEYIDS_SCHEMA,
   threshold = securesystemslib.formats.THRESHOLD_SCHEMA,
   terminating = SCHEMA.Optional(securesystemslib.formats.BOOLEAN_SCHEMA),
-  paths = SCHEMA.Optional(securesystemslib.formats.RELPATHS_SCHEMA),
+  paths = SCHEMA.Optional(RELPATHS_SCHEMA),
   path_hash_prefixes = SCHEMA.Optional(securesystemslib.formats.PATH_HASH_PREFIXES_SCHEMA))
 
 # A dict of roles where the dict keys are role names and the dict values holding
@@ -208,11 +212,6 @@
   unknown_sigs = KEYIDS_SCHEMA,
   untrusted_sigs = KEYIDS_SCHEMA)
 
-
-# A relative file path (e.g., 'metadata/root/').
-RELPATH_SCHEMA = SCHEMA.AnyString()
-RELPATHS_SCHEMA = SCHEMA.ListOf(RELPATH_SCHEMA)
-
 # A path hash prefix is a hexadecimal string.
 PATH_HASH_PREFIX_SCHEMA = HEX_SCHEMA
 
@@ -395,9 +394,9 @@
 MIRROR_SCHEMA = SCHEMA.Object(
   object_name = 'MIRROR_SCHEMA',
   url_prefix = securesystemslib.formats.URL_SCHEMA,
-  metadata_path = securesystemslib.formats.RELPATH_SCHEMA,
-  targets_path = securesystemslib.formats.RELPATH_SCHEMA,
-  confined_target_dirs = securesystemslib.formats.RELPATHS_SCHEMA,
+  metadata_path = RELPATH_SCHEMA,
+  targets_path = RELPATH_SCHEMA,
+  confined_target_dirs = RELPATHS_SCHEMA,
   custom = SCHEMA.Optional(SCHEMA.Object()))
 
 # A dictionary of mirrors where the dict keys hold the mirror's name and

diff --git a/tuf/mirrors.py b/tuf/mirrors.py
@@ -84,7 +84,7 @@ def get_list_of_mirrors(file_type, file_path, mirrors_dict):
   """
 
   # Checking if all the arguments have appropriate format.
-  securesystemslib.formats.RELPATH_SCHEMA.check_match(file_path)
+  tuf.formats.RELPATH_SCHEMA.check_match(file_path)
   tuf.formats.MIRRORDICT_SCHEMA.check_match(mirrors_dict)
   securesystemslib.formats.NAME_SCHEMA.check_match(file_type)
 

diff --git a/tuf/repository_lib.py b/tuf/repository_lib.py
@@ -1203,7 +1203,7 @@ def get_target_hash(target_filepath):
     The hash of 'target_filepath'.
 
   """
-  securesystemslib.formats.RELPATH_SCHEMA.check_match(target_filepath)
+  tuf.formats.RELPATH_SCHEMA.check_match(target_filepath)
 
   # Calculate the hash of the filepath to determine which bin to find the
   # target.  The client currently assumes the repository uses

diff --git a/tuf/repository_tool.py b/tuf/repository_tool.py
@@ -1983,7 +1983,7 @@ def add_targets(self, list_of_targets):
     # Ensure the arguments have the appropriate number of objects and object
     # types, and that all dict keys are properly named.
     # Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
-    securesystemslib.formats.RELPATHS_SCHEMA.check_match(list_of_targets)
+    tuf.formats.RELPATHS_SCHEMA.check_match(list_of_targets)
 
     # Update the tuf.roledb entry.
     targets_directory_length = len(self._targets_directory)
@@ -2054,7 +2054,7 @@ def remove_target(self, filepath):
     # Ensure the arguments have the appropriate number of objects and object
     # types, and that all dict keys are properly named.  Raise
     # 'securesystemslib.exceptions.FormatError' if there is a mismatch.
-    securesystemslib.formats.RELPATH_SCHEMA.check_match(filepath)
+    tuf.formats.RELPATH_SCHEMA.check_match(filepath)
 
     # Remove 'relative_filepath', if found, and update this Targets roleinfo.
     fileinfo = tuf.roledb.get_roleinfo(self.rolename, self._repository_name)
@@ -2211,12 +2211,12 @@ def delegate(self, rolename, public_keys, paths, threshold=1,
     # Raise 'securesystemslib.exceptions.FormatError' if there is a mismatch.
     tuf.formats.ROLENAME_SCHEMA.check_match(rolename)
     securesystemslib.formats.ANYKEYLIST_SCHEMA.check_match(public_keys)
-    securesystemslib.formats.RELPATHS_SCHEMA.check_match(paths)
+    tuf.formats.RELPATHS_SCHEMA.check_match(paths)
     securesystemslib.formats.THRESHOLD_SCHEMA.check_match(threshold)
     securesystemslib.formats.BOOLEAN_SCHEMA.check_match(terminating)
 
     if list_of_targets is not None:
-      securesystemslib.formats.RELPATHS_SCHEMA.check_match(list_of_targets)
+      tuf.formats.RELPATHS_SCHEMA.check_match(list_of_targets)
 
     if path_hash_prefixes is not None:
       securesystemslib.formats.PATH_HASH_PREFIXES_SCHEMA.check_match(path_hash_prefixes)