예제 #1
0
def update():
  # Set the local repository directory containing the metadata files.
  tuf.conf.repository_directory = 'C:\Users\Sarah\Documents\GitHub\TUFeverywhere\Project'


  repository_mirrors = {'mirror1': {'url_prefix': 'http://172.16.42.2:8001',
                                    'metadata_path': 'metadata',
                                    'targets_path': 'targets',
                                    'confined_target_dirs': ['']}}

  # Create the Upater object using the updater name 'tuf-example'
  # and the repository mirrors defined above.
  updater = tuf.client.updater.Updater('tuf-example', repository_mirrors)

  # Set the local destination directory to save the target files.
  destination_directory = './targets'

  # Refresh the repository's top-level roles, store the target information for
  # all the targets tracked, and determine which of these targets have been
  # updated.
  updater.refresh()
  all_targets = updater.all_targets()
  updated_targets = updater.updated_targets(all_targets, destination_directory)

  # Download each of these updated targets and save them locally.
  for target in updated_targets:
    try:
      updater.download_target(target, destination_directory)
    except tuf.DownloadError, e:
      pass
def update_conf(filename, host):
    """
         <Purpose>
           Downloads the FILENAME file from the localhost http server
         <Arguments>

         <Exceptions>

         <Side Effects>
           None.
         <Returns>
           None.
         """
    # conf = cc.load_conf(os.path.join(os.getcwd(),'Configuration/conf.json'))
    # Set the local repositories directory containing all of the metadata files.
    tuf.settings.repositories_directory = 'tufclient'

    # Set the repository mirrors.  This dictionary is needed by the Updater
    # class of updater.py.getupdates.pygetupdates.py
    repository_mirrors = {'mirror': {'url_prefix': host,
                                     'metadata_path': 'metadata', 'targets_path': 'targets',
                                     'confined_target_dirs': ['']}}

    # Create the repository object using the repository name 'repository'
    # and the repository mirrors defined above.
    updater = tuf.client.updater.Updater('tufrepo', repository_mirrors)

    # The local destination directory to save the target files.
    destination_directory = './tufclient/tuftargets'

    logging.info("TUF is updating...")
    # Refresh the repository's top-level roles...
    updater.refresh(unsafely_update_root_if_necessary=False)

    # ... and store the target information for the target file specified on the
    # command line, and determine which of these targets have been updated.
    target_fileinfo = []
    target_fileinfo.append(updater.get_one_valid_targetinfo(
        filename))

    updated_targets = updater.updated_targets(target_fileinfo, destination_directory)

    # Retrieve each of these updated targets and save them to the destination
    # directory.
    for target in updated_targets:
        try:
            updater.download_target(target, destination_directory)
            logging.info("TUF  updating  %s", target)

        except tuf.exceptions.DownloadError:
            logging.error("TUF update failed %s", target)

    # Remove any files from the destination directory that are no longer being
    # tracked.
    updater.remove_obsolete_targets(destination_directory)
    if len(updated_targets) > 0:
        return True
    return False
예제 #3
0
def fetch(component):
    directory = 'updater-tmp' + "/"
    try:
        os.mkdir(directory)
    except:
        pass # likely the directory already exists
    targets = updater.targets_of_role('targets/' + component)
    updated_targets = updater.updated_targets(targets, directory)

    for target in updated_targets:
        updater.download_target(target, directory)

    updater.remove_obsolete_targets(directory)
예제 #4
0
    def run(self):
        """
        Check for updates
        """
        if not self.mirrors:
            return

        while True:
            try:
                tuf.conf.repository_directory = os.path.join(self.bundle_path,
                                                             'repo')

                updater = tuf.client.updater.Updater('leap-updater',
                                                     self.mirrors)
                updater.refresh()

                targets = updater.all_targets()
                updated_targets = updater.updated_targets(targets,
                                                          self.source_path)
                if updated_targets:
                    logger.info("There is updates needed. Start downloading "
                                "updates.")
                for target in updated_targets:
                    updater.download_target(target, self.dest_path)
                    self._set_permissions(target)
                if os.path.isdir(self.dest_path):
                    if os.path.isdir(self.update_path):
                        shutil.rmtree(self.update_path)
                    shutil.move(self.dest_path, self.update_path)
                    filepath = sorted([f['filepath'] for f in updated_targets])
                    emit(catalog.UPDATER_NEW_UPDATES,
                         ", ".join(filepath))
                    logger.info("Updates ready: %s" % (filepath,))
                    return
            except NotImplemented as e:
                logger.error("NotImplemented: %s" % (e,))
                return
            except Exception as e:
                logger.error("An unexpected error has occurred while "
                             "updating: %s" % (e,))
            finally:
                time.sleep(self.delay)
예제 #5
0
    def run(self):
        """
        Check for updates periodically
        """
        if not self.mirrors:
            return

        while True:
            try:
                tuf.conf.repository_directory = os.path.join(
                    self.bundle_path, 'repo')

                updater = tuf.client.updater.Updater('leap-updater',
                                                     self.mirrors)
                updater.refresh()

                targets = updater.all_targets()
                updated_targets = updater.updated_targets(
                    targets, self.source_path)
                if updated_targets:
                    print "There is updates needed. Start downloading updates."
                for target in updated_targets:
                    updater.download_target(target, self.dest_path)
                    self._set_permissions(target)
                if os.path.isdir(self.dest_path):
                    if os.path.isdir(self.update_path):
                        shutil.rmtree(self.update_path)
                    shutil.move(self.dest_path, self.update_path)
                    filepath = sorted([f['filepath'] for f in updated_targets])
                    signal(proto.UPDATER_NEW_UPDATES,
                           content=", ".join(filepath))
                    print "Updates ready: ", filepath
                    return
            except NotImplemented as e:
                print "NotImplemented: ", e
                return
            except Exception as e:
                print "ERROR:", e
            finally:
                time.sleep(self.delay)
예제 #6
0
파일: basic_client.py 프로젝트: 1-Hash/tuf
def update_client(repository_mirror):
  """
  <Purpose>
    Perform an update of the metadata and target files located at
    'repository_mirror'.  Target files are saved to the 'targets' directory
    in the current working directory.  The current directory must already
    include a 'metadata' directory, which in turn must contain the 'current'
    and 'previous' directories.  At a minimum, these two directories require
    the 'root.json' metadata file.

  <Arguments>
    repository_mirror:
      The URL to the repository mirror hosting the metadata and target
      files.  E.g., 'http://localhost:8001'

  <Exceptions>
    tuf.RepositoryError, if 'repository_mirror' is improperly formatted.

  <Side Effects>
    Connects to a repository mirror and updates the metadata files and
    any target files.  Obsolete targets are also removed locally.

  <Returns>
    None.
  """

  # Does 'repository_mirror' have the correct format?
  try:
    tuf.formats.URL_SCHEMA.check_match(repository_mirror)
  except tuf.FormatError as e:
    message = 'The repository mirror supplied is invalid.' 
    raise tuf.RepositoryError(message)
  
  # Set the local repository directory containing all of the metadata files.
  tuf.conf.repository_directory = '.'

  # Set the repository mirrors.  This dictionary is needed by the Updater
  # class of updater.py.
  repository_mirrors = {'mirror': {'url_prefix': repository_mirror,
                                  'metadata_path': 'metadata',
                                  'targets_path': 'targets',
                                  'confined_target_dirs': ['']}}

  # Create the repository object using the repository name 'repository'
  # and the repository mirrors defined above.
  updater = tuf.client.updater.Updater('repository', repository_mirrors)

  # The local destination directory to save the target files.
  destination_directory = './targets'

  # Refresh the repository's top-level roles, store the target information for
  # all the targets tracked, and determine which of these targets have been
  # updated.
  updater.refresh()
  all_targets = updater.all_targets()
  updated_targets = updater.updated_targets(all_targets, destination_directory)

  # Download each of these updated targets and save them locally.
  for target in updated_targets:
    try: 
      updater.download_target(target, destination_directory)
    except tuf.DownloadError as e:
      pass

  # Remove any files from the destination directory that are no longer being
  # tracked.
  updater.remove_obsolete_targets(destination_directory)
예제 #7
0
                                  'targets_path': 'targets',
                                  'confined_target_dirs': ['']}}

# Create the Upater object using the updater name 'tuf-example'
# and the repository mirrors defined above.
updater = tuf.client.updater.Updater('tuf-example', repository_mirrors)

# Set the local destination directory to save the target files.
destination_directory = './targets'

# Refresh the repository's top-level roles, store the target information for
# all the targets tracked, and determine which of these targets have been
# updated.
updater.refresh()
all_targets = updater.all_targets()
updated_targets = updater.updated_targets(all_targets, destination_directory)

# Download each of these updated targets and save them locally.
for target in updated_targets:
  try:
    updater.download_target(target, destination_directory)
  except tuf.DownloadError, e:
    pass

# Remove any files from the destination directory that are no longer being
# tracked.
updater.remove_obsolete_targets(destination_directory)


"""
# Example demonstrating an update that only downloads the targets of
예제 #8
0
def update_client(parsed_arguments):
    """
  <Purpose>
    Perform an update of the metadata and target files located at
    'repository_mirror'.  Target files are saved to the 'targets' directory
    in the current working directory.  The current directory must already
    include a 'metadata' directory, which in turn must contain the 'current'
    and 'previous' directories.  At a minimum, these two directories require
    the 'root.json' metadata file.

  <Arguments>
    parsed_arguments:
      An argparse Namespace object, containing the parsed arguments.

  <Exceptions>
    tuf.exceptions.Error, if 'parsed_arguments' is not a Namespace object.

  <Side Effects>
    Connects to a repository mirror and updates the local metadata files and
    any target files.  Obsolete, local targets are also removed.

  <Returns>
    None.
  """

    if not isinstance(parsed_arguments, argparse.Namespace):
        raise tuf.exceptions.Error('Invalid namespace object.')

    else:
        logger.debug('We have a valid argparse Namespace object.')

    # Set the local repositories directory containing all of the metadata files.
    tuf.settings.repositories_directory = '.'

    # Set the repository mirrors.  This dictionary is needed by the Updater
    # class of updater.py.
    repository_mirrors = {
        'mirror': {
            'url_prefix': parsed_arguments.repo,
            'metadata_path': 'metadata',
            'targets_path': 'targets'
        }
    }

    # Create the repository object using the repository name 'repository'
    # and the repository mirrors defined above.
    updater = tuf.client.updater.Updater('tufrepo', repository_mirrors)

    # The local destination directory to save the target files.
    destination_directory = './tuftargets'

    # Refresh the repository's top-level roles...
    updater.refresh(unsafely_update_root_if_necessary=False)

    # ... and store the target information for the target file specified on the
    # command line, and determine which of these targets have been updated.
    target_fileinfo = []
    for target in parsed_arguments.targets:
        target_fileinfo.append(updater.get_one_valid_targetinfo(target))

    updated_targets = updater.updated_targets(target_fileinfo,
                                              destination_directory)

    # Retrieve each of these updated targets and save them to the destination
    # directory.
    for target in updated_targets:
        try:
            updater.download_target(target, destination_directory)

        except tuf.exceptions.DownloadError:
            pass

    # Remove any files from the destination directory that are no longer being
    # tracked.
    updater.remove_obsolete_targets(destination_directory)
# Set the local repository directory containing the metadata files.
tuf.conf.repository_directory = "."

# Set the repository mirrors.  This dictionary is needed by the Updater
# class of updater.py.  The client will download metadata and target
# files from any one of these mirrors.
repository_mirrors = {
    "mirror1": {
        "url_prefix": "http://localhost:8001",
        "metadata_path": "metadata",
        "targets_path": "targets",
        "confined_target_dirs": [""],
    }
}

# Create the Upater object using the updater name 'tuf-example'
# and the repository mirrors defined above.
updater = tuf.client.updater.Updater("tuf-example", repository_mirrors)

# Set the local destination directory to save the target files.
destination_directory = "./targets"

# Example demonstrating an update that downloads a specific target.
# The target is signed for by a 'pypi-signed' bin.
updater.refresh()
warehouse_target = updater.target("packages/warehouse/warehouse-14.2.1.tar.gz")
updated_target = updater.updated_targets([warehouse_target], destination_directory)

for target in updated_target:
    updater.download_target(target, destination_directory)
예제 #10
0
    def pull_metadata(self, root_public_key=None, progress=None):
        """
        Download TUF metadata from the repository.

        The metadata is checked for expiry and verified against the root public
        key for the repository.

        You only need to supply the root public key once, and you should obtain
        it from the person who uploaded the metadata.

        Target data is not downloaded - use :meth:`pull_target` for that.

        :param root_public_key: PEM-encoded root public key. Obtain this from the repository's owner, who generates the key using :meth:`DTufMaster.create_root_key` on the repository master.
        :type root_public_key: str

        :param progress: Optional function to call as the download progresses. The function will be called with the hash of the metadata currently being download, the blob just read from the repository and the total size of the metadata.
        :type progress: function(dgst, chunk, total)

        :returns: List of targets which have been updated since you last downloaded them (using :meth:`pull_target`).
        :rtype: list
        """
        import tuf.keydb
        import tuf.roledb
        import tuf.client.updater
        import tuf.formats
        import tuf.sig
        from tuf.exceptions import BadSignatureError
        # pylint: disable=global-statement
        global _updater_progress
        _updater_progress = progress
        for d in ['current', 'previous']:
            try:
                makedirs(path.join(self._copy_repo_dir, 'metadata', d))
            except OSError as exception:
                import errno
                if exception.errno != errno.EEXIST:
                    raise
        # If root public key was passed, we shouldn't rely on the current
        # version but instead retrieve a new one and verify it using
        # the public key.
        if root_public_key:
            dgst = self._dxf.get_alias('root.json')[0]
            temp_file = securesystemslib.util.TempFile()
            try:
                it, size = self._dxf.pull_blob(dgst, size=True)
                _write_with_progress(it, dgst, size, temp_file, progress)
                metadata = temp_file.read()
                metadata_signable = json.loads(metadata.decode('utf-8'))
                tuf.formats.check_signable_object_format(metadata_signable)
                # pylint: disable=protected-access
                f = tuf.client.updater.Updater._ensure_not_expired
                f = getattr(f, '__func__', f)
                f(None, metadata_signable['signed'], 'root')
                # This metadata is claiming to be root.json
                # Get the keyid of the signature and use it to add the root
                # public key to the keydb. Thus when we verify the signature
                # the root public key will be used for verification.
                keyid = metadata_signable['signatures'][0]['keyid']
                tuf.keydb.add_key(
                    {
                        'keytype':
                        'rsa',
                        'scheme':
                        metadata_signable['signed']['keys'][keyid]['scheme'],
                        'keyid':
                        keyid,
                        'keyval': {
                            'public': root_public_key
                        }
                    }, keyid)
                tuf.roledb.add_role('root', {
                    'keyids': [keyid],
                    'threshold': 1
                })
                if not tuf.sig.verify(metadata_signable, 'root'):
                    raise BadSignatureError('root')
                temp_file.move(
                    path.join(self._copy_repo_dir, 'metadata', 'current',
                              'root.json'))
            except:
                temp_file.close_temp_file()
                raise
        updater = tuf.client.updater.Updater('repository',
                                             self._repository_mirrors)
        updater.refresh(False)
        targets = updater.all_targets()
        updated_targets = updater.updated_targets(targets,
                                                  self._copy_targets_dir)
        if path.isdir(self._copy_targets_dir):
            targets = dict([(t['filepath'][1:], True) for t in targets])
            for t in listdir(self._copy_targets_dir):
                if t not in targets:
                    remove(path.join(self._copy_targets_dir, t))
        return [t['filepath'][1:] for t in updated_targets]
예제 #11
0
        }
    }

    # Create the repository object using the repository name 'repository'
    # and the repository mirrors defined above.
    updater = tuf.client.updater.Updater('repository', repository_mirrors)

    # The local destination directory to save the target files.
    destination_directory = './targets'

    # Refresh the repository's top-level roles, store the target information for
    # all the targets tracked, and determine which of these targets have been
    # updated.
    updater.refresh()
    all_targets = updater.all_targets()
    updated_targets = updater.updated_targets(all_targets,
                                              destination_directory)

    # Download each of these updated targets and save them locally.
    for target in updated_targets:
        try:
            updater.download_target(target, destination_directory)
        except tuf.DownloadError, e:
            pass

    # Remove any files from the destination directory that are no longer being
    # tracked.
    updater.remove_obsolete_targets(destination_directory)


def parse_options():
    """
예제 #12
0
    }
}

# Create the Upater object using the updater name 'tuf-example'
# and the repository mirrors defined above.
updater = tuf.client.updater.Updater('tuf-example', repository_mirrors)

# Set the local destination directory to save the target files.
destination_directory = './targets'

# Refresh the repository's top-level roles, store the target information for
# all the targets tracked, and determine which of these targets have been
# updated.
updater.refresh()
all_targets = updater.all_targets()
updated_targets = updater.updated_targets(all_targets, destination_directory)

# Download each of these updated targets and save them locally.
for target in updated_targets:
    try:
        updater.download_target(target, destination_directory)

    except tuf.DownloadError as e:
        pass

# Remove any files from the destination directory that are no longer being
# tracked.
updater.remove_obsolete_targets(destination_directory)

# Example demonstrating an update that only downloads the targets of
# a specific role (i.e., 'targets/project')
예제 #13
0
                                  'targets_path': 'targets',
                                  'confined_target_dirs': ['']}}

# Create the Upater object using the updater name 'tuf-example'
# and the repository mirrors defined above.
updater = tuf.client.updater.Updater('tuf-example', repository_mirrors)

# Set the local destination directory to save the target files.
destination_directory = './targets'

# Refresh the repository's top-level roles, store the target information for
# all the targets tracked, and determine which of these targets have been
# updated.
updater.refresh()
all_targets = updater.all_targets()
updated_targets = updater.updated_targets(all_targets, destination_directory)

# Download each of these updated targets and save them locally.
for target in updated_targets:
  try:
    updater.download_target(target, destination_directory)
  
  except tuf.DownloadError as e:
    pass

# Remove any files from the destination directory that are no longer being
# tracked.
updater.remove_obsolete_targets(destination_directory)


예제 #14
0
    def pull_metadata(self, root_public_key=None, progress=None):
        """
        Download TUF metadata from the repository.

        The metadata is checked for expiry and verified against the root public
        key for the repository.

        You only need to supply the root public key once, and you should obtain
        it from the person who uploaded the metadata.

        Target data is not downloaded - use :meth:`pull_target` for that.

        :param root_public_key: PEM-encoded root public key. Obtain this from the repository's owner, who generates the key using :meth:`DTufMaster.create_root_key` on the repository master.
        :type root_public_key: str

        :param progress: Optional function to call as the download progresses. The function will be called with the hash of the metadata currently being download, the blob just read from the repository and the total size of the metadata.
        :type progress: function(dgst, chunk, total)

        :returns: List of targets which have been updated since you last downloaded them (using :meth:`pull_target`).
        :rtype: list
        """
        import tuf.keydb
        import tuf.roledb
        import tuf.client.updater
        import tuf.util
        import tuf.formats
        import tuf.sig
        from tuf import BadSignatureError
        # pylint: disable=global-statement
        global _updater_progress
        _updater_progress = progress
        for d in ['current', 'previous']:
            try:
                makedirs(path.join(self._copy_repo_dir, 'metadata', d))
            except OSError as exception:
                import errno
                if exception.errno != errno.EEXIST:
                    raise
        # If root public key was passed, we shouldn't rely on the current
        # version but instead retrieve a new one and verify it using
        # the public key.
        if root_public_key:
            dgst = self._dxf.get_alias('root.json')[0]
            temp_file = tuf.util.TempFile()
            try:
                it, size = self._dxf.pull_blob(dgst, size=True)
                _write_with_progress(it, dgst, size, temp_file, progress)
                metadata = temp_file.read()
                metadata_signable = json.loads(metadata.decode('utf-8'))
                tuf.formats.check_signable_object_format(metadata_signable)
                # pylint: disable=protected-access
                f = tuf.client.updater.Updater._ensure_not_expired
                f = getattr(f, '__func__', f)
                f(None, metadata_signable['signed'], 'root')
                # This metadata is claiming to be root.json
                # Get the keyid of the signature and use it to add the root
                # public key to the keydb. Thus when we verify the signature
                # the root public key will be used for verification.
                keyid = metadata_signable['signatures'][0]['keyid']
                tuf.keydb.add_key({
                    'keytype': 'rsa',
                    'keyid': keyid,
                    'keyval': {'public': root_public_key}
                }, keyid)
                tuf.roledb.add_role('root', {
                    'keyids': [keyid],
                    'threshold': 1
                })
                if not tuf.sig.verify(metadata_signable, 'root'):
                    raise BadSignatureError('root')
                temp_file.move(path.join(self._copy_repo_dir,
                                         'metadata',
                                         'current',
                                         'root.json'))
            except:
                temp_file.close_temp_file()
                raise
        updater = tuf.client.updater.Updater('updater',
                                             self._repository_mirrors)
        updater.refresh(False)
        targets = updater.all_targets()
        updated_targets = updater.updated_targets(
            targets, self._copy_targets_dir)
        if path.isdir(self._copy_targets_dir):
            # pylint: disable=redefined-variable-type
            targets = dict([(t['filepath'][1:], True) for t in targets])
            for t in listdir(self._copy_targets_dir):
                if t not in targets:
                    remove(path.join(self._copy_targets_dir, t))
        return [t['filepath'][1:] for t in updated_targets]
tuf.conf.repository_directory = '.'

# Set the repository mirrors.  This dictionary is needed by the Updater
# class of updater.py.  The client will download metadata and target
# files from any one of these mirrors.
repository_mirrors = {
    'mirror1': {
        'url_prefix': 'http://localhost:8001',
        'metadata_path': 'metadata',
        'targets_path': 'targets',
        'confined_target_dirs': ['']
    }
}

# Create the Upater object using the updater name 'tuf-example'
# and the repository mirrors defined above.
updater = tuf.client.updater.Updater('tuf-example', repository_mirrors)

# Set the local destination directory to save the target files.
destination_directory = './targets'

# Example demonstrating an update that downloads a specific target.
# The target is signed for by a 'pypi-signed' bin.
updater.refresh()
warehouse_target = updater.target('packages/warehouse/warehouse-14.2.1.tar.gz')
updated_target = updater.updated_targets([warehouse_target],
                                         destination_directory)

for target in updated_target:
    updater.download_target(target, destination_directory)
예제 #16
0
def update_client(repository_mirror):
    """
  <Purpose>
    Perform an update of the metadata and target files located at
    'repository_mirror'.  Target files are saved to the 'targets' directory
    in the current working directory.  The current directory must already
    include a 'metadata' directory, which in turn must contain the 'current'
    and 'previous' directories.  At a minimum, these two directories require
    the 'root.json' metadata file.

  <Arguments>
    repository_mirror:
      The URL to the repository mirror hosting the metadata and target
      files.  E.g., 'http://localhost:8001'

  <Exceptions>
    tuf.RepositoryError, if 'repository_mirror' is improperly formatted.

  <Side Effects>
    Connects to a repository mirror and updates the metadata files and
    any target files.  Obsolete targets are also removed locally.

  <Returns>
    None.
  """

    # Does 'repository_mirror' have the correct format?
    try:
        tuf.formats.URL_SCHEMA.check_match(repository_mirror)
    except tuf.FormatError as e:
        message = 'The repository mirror supplied is invalid.'
        raise tuf.RepositoryError(message)

    # Set the local repository directory containing all of the metadata files.
    tuf.conf.repository_directory = '.'

    # Set the repository mirrors.  This dictionary is needed by the Updater
    # class of updater.py.
    repository_mirrors = {
        'mirror': {
            'url_prefix': repository_mirror,
            'metadata_path': 'repository',
            'targets_path': 'repository/targets',
            'confined_target_dirs': ['']
        }
    }

    # Create the repository object using the repository name 'repository'
    # and the repository mirrors defined above.
    updater = tuf.client.updater.Updater('repository', repository_mirrors)

    # The local destination directory to save the target files.
    destination_directory = './targets'

    # Refresh the repository's top-level roles, store the target information for
    # all the targets tracked, and determine which of these targets have been
    # updated.
    updater.refresh()
    all_targets = updater.all_targets()
    updated_targets = updater.updated_targets(all_targets,
                                              destination_directory)

    # Download each of these updated targets and save them locally.
    for target in updated_targets:
        try:
            updater.download_target(target, destination_directory)
        except tuf.DownloadError as e:
            pass

    # Remove any files from the destination directory that are no longer being
    # tracked.
    updater.remove_obsolete_targets(destination_directory)