From 519a2ccbe8e24136a2b2a9803a716659fc6acd85 Mon Sep 17 00:00:00 2001 From: David Lawrence Date: Mon, 2 Nov 2015 14:18:30 -0800 Subject: [PATCH] removing all errors that aren't in use, fixing one place in memorystore that was using a different errorcode to all other stores, pushing errors into appropriate packages Signed-off-by: David Lawrence (github: endophage) --- client/client.go | 3 +- tuf/client/errors.go | 70 ---------------------------- tuf/data/roles.go | 19 ++++++-- tuf/errors/errors.go | 98 ---------------------------------------- tuf/keys/db.go | 3 +- tuf/signed/errors.go | 11 +++++ tuf/signed/sign.go | 3 +- tuf/store/memorystore.go | 3 +- tuf/tuf.go | 11 ++--- 9 files changed, 34 insertions(+), 187 deletions(-) delete mode 100644 tuf/errors/errors.go diff --git a/client/client.go b/client/client.go index ec91fbd272..b029e4c569 100644 --- a/client/client.go +++ b/client/client.go @@ -18,7 +18,6 @@ import ( "github.com/docker/notary/tuf" tufclient "github.com/docker/notary/tuf/client" "github.com/docker/notary/tuf/data" - tuferrors "github.com/docker/notary/tuf/errors" "github.com/docker/notary/tuf/keys" "github.com/docker/notary/tuf/signed" "github.com/docker/notary/tuf/store" @@ -174,7 +173,7 @@ func (r *NotaryRepository) Initialize(rootKeyID string) error { if err != nil { logrus.Debug("Error on InitRoot: ", err.Error()) switch err.(type) { - case tuferrors.ErrInsufficientSignatures, trustmanager.ErrPasswordInvalid: + case signed.ErrInsufficientSignatures, trustmanager.ErrPasswordInvalid: default: return err } diff --git a/tuf/client/errors.go b/tuf/client/errors.go index 0fb1a8d00c..037b3df00b 100644 --- a/tuf/client/errors.go +++ b/tuf/client/errors.go @@ -1,16 +1,9 @@ package client import ( - "errors" "fmt" ) -// Simple client errors -var ( - ErrNoRootKeys = errors.New("tuf: no root keys found in local meta store") - ErrInsufficientKeys = errors.New("tuf: insufficient keys to meet threshold") -) - // ErrChecksumMismatch - a checksum failed verification type ErrChecksumMismatch struct { role string @@ -29,69 +22,6 @@ func (e ErrMissingMeta) Error() string { return fmt.Sprintf("tuf: sha256 checksum required for %s", e.role) } -// ErrMissingRemoteMetadata - remote didn't have requested metadata -type ErrMissingRemoteMetadata struct { - Name string -} - -func (e ErrMissingRemoteMetadata) Error() string { - return fmt.Sprintf("tuf: missing remote metadata %s", e.Name) -} - -// ErrDownloadFailed - a download failed -type ErrDownloadFailed struct { - File string - Err error -} - -func (e ErrDownloadFailed) Error() string { - return fmt.Sprintf("tuf: failed to download %s: %s", e.File, e.Err) -} - -// ErrDecodeFailed - couldn't parse a download -type ErrDecodeFailed struct { - File string - Err error -} - -func (e ErrDecodeFailed) Error() string { - return fmt.Sprintf("tuf: failed to decode %s: %s", e.File, e.Err) -} - -func isDecodeFailedWithErr(err, expected error) bool { - e, ok := err.(ErrDecodeFailed) - if !ok { - return false - } - return e.Err == expected -} - -// ErrNotFound - didn't find a file -type ErrNotFound struct { - File string -} - -func (e ErrNotFound) Error() string { - return fmt.Sprintf("tuf: file not found: %s", e.File) -} - -// IsNotFound - check if an error is an ErrNotFound type -func IsNotFound(err error) bool { - _, ok := err.(ErrNotFound) - return ok -} - -// ErrWrongSize - the size is wrong -type ErrWrongSize struct { - File string - Actual int64 - Expected int64 -} - -func (e ErrWrongSize) Error() string { - return fmt.Sprintf("tuf: unexpected file size: %s (expected %d bytes, got %d bytes)", e.File, e.Expected, e.Actual) -} - // ErrCorruptedCache - local data is incorrect type ErrCorruptedCache struct { file string diff --git a/tuf/data/roles.go b/tuf/data/roles.go index d2d0063814..0e6541c978 100644 --- a/tuf/data/roles.go +++ b/tuf/data/roles.go @@ -3,8 +3,6 @@ package data import ( "fmt" "strings" - - "github.com/docker/notary/tuf/errors" ) // Canonical base role names @@ -26,6 +24,17 @@ var ValidRoles = map[string]string{ CanonicalTimestampRole: CanonicalTimestampRole, } +// ErrInvalidRole represents an error regarding a role. Typically +// something like a role for which sone of the public keys were +// not found in the TUF repo. +type ErrInvalidRole struct { + Role string +} + +func (e ErrInvalidRole) Error() string { + return fmt.Sprintf("tuf: invalid role %s", e.Role) +} + // SetValidRoles is a utility function to override some or all of the roles func SetValidRoles(rs map[string]string) { // iterate ValidRoles @@ -106,13 +115,13 @@ type Role struct { // NewRole creates a new Role object from the given parameters func NewRole(name string, threshold int, keyIDs, paths, pathHashPrefixes []string) (*Role, error) { if len(paths) > 0 && len(pathHashPrefixes) > 0 { - return nil, errors.ErrInvalidRole{} + return nil, ErrInvalidRole{Role: name} } if threshold < 1 { - return nil, errors.ErrInvalidRole{} + return nil, ErrInvalidRole{Role: name} } if !ValidRole(name) { - return nil, errors.ErrInvalidRole{} + return nil, ErrInvalidRole{Role: name} } return &Role{ RootRole: RootRole{ diff --git a/tuf/errors/errors.go b/tuf/errors/errors.go deleted file mode 100644 index 763be52fb4..0000000000 --- a/tuf/errors/errors.go +++ /dev/null @@ -1,98 +0,0 @@ -package errors - -import ( - "errors" - "fmt" - "time" -) - -// ErrInitNotAllowed - repo has already been initialized -var ErrInitNotAllowed = errors.New("tuf: repository already initialized") - -// ErrMissingMetadata - cannot find the file meta being requested. -// Specifically, could not find the FileMeta object in the expected -// location. -type ErrMissingMetadata struct { - Name string -} - -func (e ErrMissingMetadata) Error() string { - return fmt.Sprintf("tuf: missing metadata %s", e.Name) -} - -// ErrFileNotFound - could not find a file -type ErrFileNotFound struct { - Path string -} - -func (e ErrFileNotFound) Error() string { - return fmt.Sprintf("tuf: file not found %s", e.Path) -} - -// ErrInsufficientKeys - did not have enough keys to sign when requested -type ErrInsufficientKeys struct { - Name string -} - -func (e ErrInsufficientKeys) Error() string { - return fmt.Sprintf("tuf: insufficient keys to sign %s", e.Name) -} - -// ErrInsufficientSignatures - do not have enough signatures on a piece of -// metadata -type ErrInsufficientSignatures struct { - Name string - Err error -} - -func (e ErrInsufficientSignatures) Error() string { - return fmt.Sprintf("tuf: insufficient signatures for %s: %s", e.Name, e.Err) -} - -// ErrInvalidRole - role is wrong. Typically we're missing the public keys for it -type ErrInvalidRole struct { - Role string -} - -func (e ErrInvalidRole) Error() string { - return fmt.Sprintf("tuf: invalid role %s", e.Role) -} - -// ErrInvalidExpires - the expiry time for a metadata file is invalid -type ErrInvalidExpires struct { - Expires time.Time -} - -func (e ErrInvalidExpires) Error() string { - return fmt.Sprintf("tuf: invalid expires: %s", e.Expires) -} - -// ErrKeyNotFound - could not find a given key on a role -type ErrKeyNotFound struct { - Role string - KeyID string -} - -func (e ErrKeyNotFound) Error() string { - return fmt.Sprintf(`tuf: no key with id "%s" exists for the %s role`, e.KeyID, e.Role) -} - -// ErrNotEnoughKeys - there are not enough keys to ever meet the signature threshold -type ErrNotEnoughKeys struct { - Role string - Keys int - Threshold int -} - -func (e ErrNotEnoughKeys) Error() string { - return fmt.Sprintf("tuf: %s role has insufficient keys for threshold (has %d keys, threshold is %d)", e.Role, e.Keys, e.Threshold) -} - -// ErrPassphraseRequired - a passphrase is needed and wasn't provided -type ErrPassphraseRequired struct { - Role string -} - -func (e ErrPassphraseRequired) Error() string { - return fmt.Sprintf("tuf: a passphrase is required to access the encrypted %s keys file", e.Role) -} diff --git a/tuf/keys/db.go b/tuf/keys/db.go index 30afc8d1dc..2e27d052cd 100644 --- a/tuf/keys/db.go +++ b/tuf/keys/db.go @@ -12,7 +12,6 @@ var ( ErrExists = errors.New("tuf: key already in db") ErrWrongID = errors.New("tuf: key id mismatch") ErrInvalidKey = errors.New("tuf: invalid key") - ErrInvalidRole = errors.New("tuf: invalid role") ErrInvalidKeyID = errors.New("tuf: invalid key id") ErrInvalidThreshold = errors.New("tuf: invalid role threshold") ) @@ -42,7 +41,7 @@ func (db *KeyDB) AddKey(k data.PublicKey) { // role must have already been added. func (db *KeyDB) AddRole(r *data.Role) error { if !data.ValidRole(r.Name) { - return ErrInvalidRole + return data.ErrInvalidRole{Role: r.Name} } if r.Threshold < 1 { return ErrInvalidThreshold diff --git a/tuf/signed/errors.go b/tuf/signed/errors.go index 0c92f3465e..c042e60685 100644 --- a/tuf/signed/errors.go +++ b/tuf/signed/errors.go @@ -4,6 +4,17 @@ import ( "fmt" ) +// ErrInsufficientSignatures - do not have enough signatures on a piece of +// metadata +type ErrInsufficientSignatures struct { + Name string + Err error +} + +func (e ErrInsufficientSignatures) Error() string { + return fmt.Sprintf("tuf: insufficient signatures for %s: %s", e.Name, e.Err) +} + // ErrExpired indicates a piece of metadata has expired type ErrExpired struct { Role string diff --git a/tuf/signed/sign.go b/tuf/signed/sign.go index c33aa075d4..99987a2fb5 100644 --- a/tuf/signed/sign.go +++ b/tuf/signed/sign.go @@ -16,7 +16,6 @@ import ( "github.com/Sirupsen/logrus" "github.com/docker/notary/tuf/data" - "github.com/docker/notary/tuf/errors" "github.com/docker/notary/tuf/utils" ) @@ -68,7 +67,7 @@ func Sign(service CryptoService, s *data.Signed, keys ...data.PublicKey) error { } } if len(signatures) < 1 { - return errors.ErrInsufficientSignatures{ + return ErrInsufficientSignatures{ Name: fmt.Sprintf("Cryptoservice failed to produce any signatures for keys with IDs: %v", keyIDs), Err: nil, } diff --git a/tuf/store/memorystore.go b/tuf/store/memorystore.go index 89284a80f2..0e17889891 100644 --- a/tuf/store/memorystore.go +++ b/tuf/store/memorystore.go @@ -6,7 +6,6 @@ import ( "io" "github.com/docker/notary/tuf/data" - "github.com/docker/notary/tuf/errors" "github.com/docker/notary/tuf/utils" ) @@ -76,7 +75,7 @@ func (m *memoryStore) WalkStagedTargets(paths []string, targetsFn targetsWalkFun for _, path := range paths { dat, ok := m.files[path] if !ok { - return errors.ErrFileNotFound{Path: path} + return ErrMetaNotFound{} } meta, err := data.NewFileMeta(bytes.NewReader(dat), "sha256") if err != nil { diff --git a/tuf/tuf.go b/tuf/tuf.go index 4f7a5ffa59..33dd9448a8 100644 --- a/tuf/tuf.go +++ b/tuf/tuf.go @@ -13,7 +13,6 @@ import ( "github.com/Sirupsen/logrus" "github.com/docker/notary/tuf/data" - "github.com/docker/notary/tuf/errors" "github.com/docker/notary/tuf/keys" "github.com/docker/notary/tuf/signed" "github.com/docker/notary/tuf/utils" @@ -163,12 +162,12 @@ func (tr *Repo) RemoveBaseKeys(role string, keyIDs ...string) error { // A new, empty, targets file will be created for the new role. func (tr *Repo) UpdateDelegations(role *data.Role, keys []data.PublicKey, before string) error { if !role.IsDelegation() || !role.IsValid() { - return errors.ErrInvalidRole{} + return data.ErrInvalidRole{Role: role.Name} } parent := filepath.Dir(role.Name) p, ok := tr.Targets[parent] if !ok { - return errors.ErrInvalidRole{} + return data.ErrInvalidRole{Role: role.Name} } for _, k := range keys { if !utils.StrSliceContains(role.KeyIDs, k.ID()) { @@ -225,7 +224,7 @@ func (tr *Repo) InitRoot(consistent bool) error { for _, r := range data.ValidRoles { role := tr.keysDB.GetRole(r) if role == nil { - return errors.ErrInvalidRole{} + return data.ErrInvalidRole{Role: data.CanonicalRootRole} } rootRoles[r] = &role.RootRole for _, kid := range role.KeyIDs { @@ -404,7 +403,7 @@ func (tr Repo) FindTarget(path string) *data.FileMeta { func (tr *Repo) AddTargets(role string, targets data.Files) (data.Files, error) { t, ok := tr.Targets[role] if !ok { - return targets, errors.ErrInvalidRole{Role: role} + return targets, data.ErrInvalidRole{Role: role} } invalid := make(data.Files) for path, target := range targets { @@ -428,7 +427,7 @@ func (tr *Repo) AddTargets(role string, targets data.Files) (data.Files, error) func (tr *Repo) RemoveTargets(role string, targets ...string) error { t, ok := tr.Targets[role] if !ok { - return errors.ErrInvalidRole{Role: role} + return data.ErrInvalidRole{Role: role} } for _, path := range targets {