tough 0.22.0

The Update Framework (TUF) repository client
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284

use crate::SafeUrlPath;
#[cfg(feature = "http")]
use crate::{HttpTransport, HttpTransportBuilder};
use async_trait::async_trait;
use bytes::Bytes;
use dyn_clone::DynClone;
use futures::TryStreamExt;
use futures_core::Stream;
use std::error::Error;
use std::fmt::{Debug, Display, Formatter};
use std::io::{self, ErrorKind};
use std::path::Path;
use std::pin::Pin;
use tokio_util::io::ReaderStream;
use url::Url;

/// Type alias for the stream returned by transports
pub type TransportStream = Pin<Box<dyn Stream<Item = Result<Bytes, TransportError>> + Send + Sync>>;

/// Fallible byte streams that collect into a `Vec<u8>`.
#[async_trait]
pub trait IntoVec<E> {
    /// Try to collect into `Vec<u8>`.
    async fn into_vec(self) -> Result<Vec<u8>, E>;
}

#[async_trait]
impl<S: Stream<Item = Result<Bytes, E>> + Send, E: Send> IntoVec<E> for S {
    async fn into_vec(self) -> Result<Vec<u8>, E> {
        self.try_fold(Vec::new(), |mut acc, bytes| {
            acc.extend(bytes.as_ref());
            std::future::ready(Ok(acc))
        })
        .await
    }
}

/// A trait to abstract over the method/protocol by which files are obtained.
///
/// The trait hides the underlying types involved by returning the `Read` object as a
/// `Box<dyn Read + Send>` and by requiring concrete type [`TransportError`] as the error type.
///
/// Inclusion of the `DynClone` trait means that you will need to implement `Clone` when
/// implementing a `Transport`.
#[async_trait]
pub trait Transport: Debug + DynClone + Send + Sync {
    /// Opens a `Read` object for the file specified by `url`.
    async fn fetch(&self, url: Url) -> Result<TransportStream, TransportError>;
}

// Implements `Clone` for `Transport` trait objects (i.e. on `Box::<dyn Clone>`). To facilitate
// this, `Clone` needs to be implemented for any `Transport`s. The compiler will enforce this.
dyn_clone::clone_trait_object!(Transport);

// =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=

/// The kind of error that the transport object experienced during `fetch`.
#[derive(Debug, Copy, Clone, Eq, PartialEq)]
#[non_exhaustive]
pub enum TransportErrorKind {
    /// The [`Transport`] does not handle the URL scheme. e.g. `file://` or `http://`.
    UnsupportedUrlScheme,
    /// The file cannot be found.
    ///
    /// Some TUF operations could benefit from knowing whether a [`Transport`] failure is a result
    /// of a file not existing. In particular:
    /// > TUF v1.0.16 5.2.2. Try downloading version N+1 of the root metadata file `[...]` If this
    /// > file is not available `[...]` then go to step 5.1.9.
    ///
    /// We want to distinguish cases when a specific file probably doesn't exist from cases where
    /// the failure to fetch it is due to some other problem (i.e. some fault in the [`Transport`]
    /// or the machine hosting the file).
    ///
    /// For some transports, the distinction is obvious. For example, a local file transport should
    /// return `FileNotFound` for `std::error::ErrorKind::NotFound` and nothing else. For other
    /// transports it might be less obvious, but the intent of `FileNotFound` is to indicate that
    /// the file probably doesn't exist.
    FileNotFound,
    /// The transport failed for any other reason, e.g. IO error, HTTP broken pipe, etc.
    Other,
}

impl Display for TransportErrorKind {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        write!(
            f,
            "{}",
            match self {
                TransportErrorKind::UnsupportedUrlScheme => "unsupported URL scheme",
                TransportErrorKind::FileNotFound => "file not found",
                TransportErrorKind::Other => "other",
            }
        )
    }
}

/// The error type that [`Transport::fetch`] returns.
#[derive(Debug)]
pub struct TransportError {
    /// The kind of error that occurred.
    kind: TransportErrorKind,
    /// The URL that the transport was trying to fetch.
    url: String,
    /// The underlying error that occurred (if any).
    source: Option<Box<dyn Error + Send + Sync>>,
}

impl TransportError {
    /// Creates a new [`TransportError`]. Use this when there is no underlying error to wrap.
    pub fn new<S>(kind: TransportErrorKind, url: S) -> Self
    where
        S: AsRef<str>,
    {
        Self {
            kind,
            url: url.as_ref().into(),
            source: None,
        }
    }

    /// Creates a new [`TransportError`]. Use this to preserve an underlying error.
    pub fn new_with_cause<S, E>(kind: TransportErrorKind, url: S, source: E) -> Self
    where
        E: Into<Box<dyn Error + Send + Sync>>,
        S: AsRef<str>,
    {
        Self {
            kind,
            url: url.as_ref().into(),
            source: Some(source.into()),
        }
    }

    /// The type of [`Transport`] error that occurred.
    pub fn kind(&self) -> TransportErrorKind {
        self.kind
    }

    /// The URL that the [`Transport`] was trying to fetch when the error occurred.
    pub fn url(&self) -> &str {
        self.url.as_str()
    }
}

impl Display for TransportError {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        if let Some(e) = self.source.as_ref() {
            write!(
                f,
                "Transport '{}' error fetching '{}': {e}",
                self.kind, self.url
            )
        } else {
            write!(f, "Transport '{}' error fetching '{}'", self.kind, self.url)
        }
    }
}

impl Error for TransportError {
    fn source(&self) -> Option<&(dyn Error + 'static)> {
        self.source.as_ref().map(|e| e.as_ref() as &dyn Error)
    }
}

// =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=

/// Provides a [`Transport`] for local files.
#[derive(Debug, Clone, Copy)]
pub struct FilesystemTransport;

impl FilesystemTransport {
    async fn open(
        file_path: impl AsRef<Path>,
    ) -> Result<impl Stream<Item = Result<Bytes, io::Error>> + Send, io::Error> {
        // Open the file
        let f = tokio::fs::File::open(file_path).await?;

        // And convert to stream
        let reader = tokio::io::BufReader::new(f);
        let stream = ReaderStream::new(reader);

        Ok(stream)
    }
}

#[async_trait]
impl Transport for FilesystemTransport {
    async fn fetch(&self, url: Url) -> Result<TransportStream, TransportError> {
        // If the scheme isn't "file://", reject
        if url.scheme() != "file" {
            return Err(TransportError::new(
                TransportErrorKind::UnsupportedUrlScheme,
                url,
            ));
        }

        let file_path = url.safe_url_filepath();

        // Open the file
        let stream = Self::open(file_path).await;

        // And map to `TransportError`
        let map_io_err = move |e: io::Error| -> TransportError {
            let kind = match e.kind() {
                ErrorKind::NotFound => TransportErrorKind::FileNotFound,
                _ => TransportErrorKind::Other,
            };
            TransportError::new_with_cause(kind, url.clone(), e)
        };
        Ok(Box::pin(
            stream.map_err(map_io_err.clone())?.map_err(map_io_err),
        ))
    }
}

// =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=   =^..^=

/// A Transport that provides support for both local files and, if the `http` feature is enabled,
/// HTTP-transported files.
#[derive(Debug, Clone, Copy)]
pub struct DefaultTransport {
    file: FilesystemTransport,
    #[cfg(feature = "http")]
    http: HttpTransport,
}

impl Default for DefaultTransport {
    fn default() -> Self {
        Self {
            file: FilesystemTransport,
            #[cfg(feature = "http")]
            http: HttpTransport::default(),
        }
    }
}

impl DefaultTransport {
    /// Creates a new `DefaultTransport`. Same as `default()`.
    pub fn new() -> Self {
        Self::default()
    }
}

#[cfg(feature = "http")]
impl DefaultTransport {
    /// Create a new `DefaultTransport` with potentially customized settings.
    pub fn new_with_http_settings(builder: HttpTransportBuilder) -> Self {
        Self {
            file: FilesystemTransport,
            http: builder.build(),
        }
    }
}

#[async_trait]
impl Transport for DefaultTransport {
    async fn fetch(&self, url: Url) -> Result<TransportStream, TransportError> {
        match url.scheme() {
            "file" => self.file.fetch(url).await,
            "http" | "https" => self.handle_http(url).await,
            _ => Err(TransportError::new(
                TransportErrorKind::UnsupportedUrlScheme,
                url,
            )),
        }
    }
}

impl DefaultTransport {
    #[cfg(not(feature = "http"))]
    #[allow(clippy::trivially_copy_pass_by_ref, clippy::unused_self)]
    async fn handle_http(&self, url: Url) -> Result<TransportStream, TransportError> {
        Err(TransportError::new_with_cause(
            TransportErrorKind::UnsupportedUrlScheme,
            url,
            "The library was not compiled with the http feature enabled.",
        ))
    }

    #[cfg(feature = "http")]
    async fn handle_http(&self, url: Url) -> Result<TransportStream, TransportError> {
        self.http.fetch(url).await
    }
}