hancock

Check-in [d3764da499]
Login
Home Timeline Branches Tags Tickets Wiki

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:manifest.Check() imposes limits on manifest data
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: d3764da499ae00820adf329c2b8b2e836734a003c88151148cea7a992908e207
User & Date: dnc 2019-06-09 11:40:23
Context
2019-09-26
14:26
add check that authority public key is set check-in: 77d3d4e49a user: dnc tags: trunk
2019-06-09
11:40
manifest.Check() imposes limits on manifest data check-in: d3764da499 user: dnc tags: trunk
10:59
cmd/hancock verify: produce concise human-readable summary check-in: d7ecc454b7 user: dnc tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to cmd/hancock/manifest.go. 

121
122
123
124
125
126
127


128
129
130
131
132
133
134

			if manifest.Quality == 0 {
				manifest.Quality = model.Valid // default, if no quality flag
			}

			if len(messageFlag) > 0 {
				manifest.Message = messageFlag.Strings()
			}



			// encoded manifest to stdout
			fmt.Println(mustEncode(manifest))

			return nil // continue walk
		})
		if err == noRecurse {








>
>








121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

			if manifest.Quality == 0 {
				manifest.Quality = model.Valid // default, if no quality flag
			}

			if len(messageFlag) > 0 {
				manifest.Message = messageFlag.Strings()
			}

			command.Check(manifest.Check())

			// encoded manifest to stdout
			fmt.Println(mustEncode(manifest))

			return nil // continue walk
		})
		if err == noRecurse {

Changes to cmd/hancock/publish.go. 

167
168
169
170
171
172
173




174
175
176
177
178
179
180

			defer f.Close()

			dec := json.NewDecoder(f)
			var testimony fileTestimony
			err = dec.Decode(&testimony)
			if err != nil {
				return err




			}

			// validate testimony here?
			indexed := false
			for _, idxURL := range indexFlag {
				err = publishTestimonyToIndex(idxURL, testimony)
				if err != nil {








>
>
>
>








167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184

			defer f.Close()

			dec := json.NewDecoder(f)
			var testimony fileTestimony
			err = dec.Decode(&testimony)
			if err != nil {
				return err
			}
			err = testimony.FileManifest.Check()
			if err != nil {
				return err
			}

			// validate testimony here?
			indexed := false
			for _, idxURL := range indexFlag {
				err = publishTestimonyToIndex(idxURL, testimony)
				if err != nil {

Changes to cmd/hancock/testimony.go. 

147
148
149
150
151
152
153

154
155
156
157
158
159
160

			break
		}
		command.Check(err)

		var man model.FileManifest
		err = json.Unmarshal(rawMan, &man)
		command.Check(err)


		var sig ssh.Signature
		err = dec.Decode(&sig)
		command.Check(err)

		testimony := model.Testimony{
			Public:    publicEncoded,








>








147
148
149
150
151
152
153
154
155
156
157
158
159
160
161

			break
		}
		command.Check(err)

		var man model.FileManifest
		err = json.Unmarshal(rawMan, &man)
		command.Check(err)
		command.Check(man.Check())

		var sig ssh.Signature
		err = dec.Decode(&sig)
		command.Check(err)

		testimony := model.Testimony{
			Public:    publicEncoded,

Changes to cmd/hancock/verify.go. 

239
240
241
242
243
244
245





246
247
248
249
250
251
252
...
297
298
299
300
301
302
303

304
305
306
307
308
309
310
311
312
313
314
315


							var manifest model.FileManifest
							err = json.Unmarshal(testimony.Encoded, &manifest)
							if err != nil {
								command.Info(err)
								continue
							}






							// checks
							err = testimony.Verify()
							if err != nil {
								// BUG(dnc): may not be an error, if another valid testimony applies to the same file.
								command.Info(errors.Wrapf(err, "invalid testimony (%q)", currentFile))
								continue
................................................................................
			return fmt.Errorf("Expected file name. Use -r to recurse directories (%q).", arg)
		} else if err != nil {
			command.Error(err) // log error, continue arg loop
		}
	}

	// write summary

	for dir, sum := range summary {
		for m, count := range sum {
			if dir == "." {
				fmt.Printf("%d files %s\n", count, m)
			} else {
				fmt.Printf("%d files in %q %s\n", count, dir, m)
			}
		}
	}
	os.Exit(status)
	return nil
}








>
>
>
>
>







 







>













239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
...
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321


							var manifest model.FileManifest
							err = json.Unmarshal(testimony.Encoded, &manifest)
							if err != nil {
								command.Info(err)
								continue
							}
							err = manifest.Check()
							if err != nil {
								command.Info(err)
								continue
							}

							// checks
							err = testimony.Verify()
							if err != nil {
								// BUG(dnc): may not be an error, if another valid testimony applies to the same file.
								command.Info(errors.Wrapf(err, "invalid testimony (%q)", currentFile))
								continue
................................................................................
			return fmt.Errorf("Expected file name. Use -r to recurse directories (%q).", arg)
		} else if err != nil {
			command.Error(err) // log error, continue arg loop
		}
	}

	// write summary
	// TODO(dnc): consistent order of messages (go map iterates in random order)
	for dir, sum := range summary {
		for m, count := range sum {
			if dir == "." {
				fmt.Printf("%d files %s\n", count, m)
			} else {
				fmt.Printf("%d files in %q %s\n", count, dir, m)
			}
		}
	}
	os.Exit(status)
	return nil
}

Changes to model/manifest.go. 

17
18
19
20
21
22
23

24
25
26
27
28
29
30
...
125
126
127
128
129
130
131















132
133
134
135
136
137
138

//
// A file manifest is a description of a source file, produced by an
// authority who signs the manifest to produce testimony.
package model

import (
	"encoding/json"

	"io"
	"os"
	"strings"
	"time"
)

// Role is the relationship the testifier has to the source.
................................................................................
	return &FileManifest{
		Path: path,
		Time: time.Now().Unix(),
		CID:  cid.Encode(),
	}, nil
}
















func mustJSON(v interface{}) string {
	enc, err := json.MarshalIndent(v, "", "\t")
	if err != nil {
		panic(err)
	}
	return string(enc)
}








>







 







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|







17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
...
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

//
// A file manifest is a description of a source file, produced by an
// authority who signs the manifest to produce testimony.
package model

import (
	"encoding/json"
	"fmt"
	"io"
	"os"
	"strings"
	"time"
)

// Role is the relationship the testifier has to the source.
................................................................................
	return &FileManifest{
		Path: path,
		Time: time.Now().Unix(),
		CID:  cid.Encode(),
	}, nil
}

// Enforce limitations on manifest data.
func (this FileManifest) Check() error {
	const messageCount = 8
	const messageLength = 128
	if len(this.Message) > messageCount {
		return fmt.Errorf("message count (%d) exceeds limit (%d)", len(this.Message), messageCount)
	}
	for _, m := range this.Message {
		if len(m) > messageLength {
			return fmt.Errorf("message length (%d) exceeds limit (%d)", len(m), messageLength)
		}
	}
	return nil
}

func mustJSONXXX(v interface{}) string {
	enc, err := json.MarshalIndent(v, "", "\t")
	if err != nil {
		panic(err)
	}
	return string(enc)
}

This page was generated in about 0.021s by Fossil 2.10 [9d9ef82234] 2019-10-04 21:41:13