From 322f60b1ba168c0efb65795f6e7da1af7ad87cfb Mon Sep 17 00:00:00 2001 From: David Lawrence Date: Wed, 17 Jun 2015 22:09:56 -0700 Subject: [PATCH] tuf push working --- Godeps/Godeps.json | 2 +- .../github.com/endophage/gotuf/utils/utils.go | 7 ++++++- cmd/notary/tuf.go | 6 +++--- cmd/vetinari-server/config.json | 4 ++-- server/handlers/default.go | 18 ++++++++++++++++-- server/server.go | 3 +-- server/version/database.go | 6 +++--- 7 files changed, 32 insertions(+), 14 deletions(-) diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index a8efb45e77..05fe50758a 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -47,7 +47,7 @@ }, { "ImportPath": "github.com/endophage/gotuf", - "Rev": "e9e8b03dd7102520b09dd4c856ad4eab211fea3d" + "Rev": "4e1cdf8615f2039032f44b575cb48842a523919f" }, { "ImportPath": "github.com/go-sql-driver/mysql", diff --git a/Godeps/_workspace/src/github.com/endophage/gotuf/utils/utils.go b/Godeps/_workspace/src/github.com/endophage/gotuf/utils/utils.go index 15fbf8baf4..baab13218b 100644 --- a/Godeps/_workspace/src/github.com/endophage/gotuf/utils/utils.go +++ b/Godeps/_workspace/src/github.com/endophage/gotuf/utils/utils.go @@ -3,6 +3,7 @@ package utils import ( "bytes" "crypto/sha256" + "crypto/tls" "fmt" "io" "net/http" @@ -18,7 +19,11 @@ func Download(url url.URL) (*http.Response, error) { } func Upload(url string, body io.Reader) (*http.Response, error) { - return http.Post(url, "application/json", body) + tr := &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + client := &http.Client{Transport: tr} + return client.Post(url, "application/json", body) } func ValidateTarget(r io.Reader, m *data.FileMeta) error { diff --git a/cmd/notary/tuf.go b/cmd/notary/tuf.go index 607c879c5c..7247a9d474 100644 --- a/cmd/notary/tuf.go +++ b/cmd/notary/tuf.go @@ -265,16 +265,16 @@ func tufPush(cmd *cobra.Command, args []string) { fatalf("must specify a QDN") } - qdn := args[0] + gun := args[0] remote, err := store.NewHTTPStore( - "https://localhost:4443/v2"+qdn+"/_trust/tuf/", + "https://vetinari:4443/v2/"+gun+"/_trust/tuf/", "", "json", "", ) filestore, err := store.NewFilesystemStore( - "", // TODO: base trust dir from config + path.Join(viper.GetString("tufDir"), gun), "metadata", "json", "targets", diff --git a/cmd/vetinari-server/config.json b/cmd/vetinari-server/config.json index 2c6264624f..4f1dcf21d4 100644 --- a/cmd/vetinari-server/config.json +++ b/cmd/vetinari-server/config.json @@ -1,8 +1,8 @@ { "server": { "addr": ":4443", - "tls_cert_file": "../../fixtures/vetinari.pem", - "tls_key_file": "../../fixtures/vetinari.key" + "tls_cert_file": "./fixtures/vetinari.pem", + "tls_key_file": "./fixtures/vetinari.key" }, "trust_service":{ "type": "local", diff --git a/server/handlers/default.go b/server/handlers/default.go index 0fcea6f65c..26b64239e6 100644 --- a/server/handlers/default.go +++ b/server/handlers/default.go @@ -36,6 +36,13 @@ func MainHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *e func UpdateHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { defer r.Body.Close() s := ctx.Value("versionStore") + if s == nil { + return &errors.HTTPError{ + HTTPStatus: http.StatusInternalServerError, + Code: 9999, + Err: fmt.Errorf("Version store is nil"), + } + } store, ok := s.(*version.VersionDB) if !ok { return &errors.HTTPError{ @@ -65,13 +72,20 @@ func UpdateHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) } } version := meta.Signed.Version - store.UpdateCurrent(qdn, tufRole, version, input) + err = store.UpdateCurrent(qdn, tufRole, version, input) + if err != nil { + return &errors.HTTPError{ + HTTPStatus: http.StatusInternalServerError, + Code: 9999, + Err: err, + } + } return nil } // GetHandler accepts urls in the form //.json func GetHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { - s := ctx.Value("vesionStore") + s := ctx.Value("versionStore") store, ok := s.(*version.VersionDB) if !ok { return &errors.HTTPError{ diff --git a/server/server.go b/server/server.go index c0ca98a2df..c0adc87a1f 100644 --- a/server/server.go +++ b/server/server.go @@ -58,7 +58,6 @@ func (svr *HTTPServer) TimeoutConnections() { func Run(ctx context.Context, conf config.ServerConf, trust signed.CryptoService) error { // TODO: check validity of config - return run(ctx, conf.Addr, conf.TLSCertFile, conf.TLSKeyFile, trust) } @@ -102,7 +101,7 @@ func run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed //if err != nil { // return err //} - hand := utils.RootHandlerFactory(ac, context.Background(), trust) + hand := utils.RootHandlerFactory(ac, ctx, trust) r := mux.NewRouter() // TODO (endophage): use correct regexes for image and tag names diff --git a/server/version/database.go b/server/version/database.go index 693386a07f..8cff205900 100644 --- a/server/version/database.go +++ b/server/version/database.go @@ -30,17 +30,17 @@ func NewVersionDB(db *sql.DB) *VersionDB { // Update multiple TUF records in a single transaction. // Always insert a new row. The unique constraint will ensure there is only ever func (vdb *VersionDB) UpdateCurrent(qdn, role string, version int, data []byte) error { - checkStmt := "SELECT 1 FROM `tuf_files` WHERE `qdn`=? AND `role`=? AND `version`=?;" + checkStmt := "SELECT count(*) FROM `tuf_files` WHERE `qdn`=? AND `role`=? AND `version`=?;" insertStmt := "INSERT INTO `tuf_files` (`qdn`, `role`, `version`, `data`) VALUES (?,?,?,?) ;" // ensure immediately previous version exists row := vdb.QueryRow(checkStmt, qdn, role, version-1) - var exists bool + var exists int err := row.Scan(&exists) if err != nil { return err } - if !exists { + if exists == 0 && version > 0 { return fmt.Errorf("Attempting to increment version by more than 1 for QDN: %s, role: %s, version: %d", qdn, role, version) }