Merge remote-tracking branch 'upstream/master' into repair-run-skel-w…

…ith-run
canonical · Aug 22, 2017 · 9c16b27 · 9c16b27
2 parents 1402301 + b4d62db
commit 9c16b27
Show file tree

Hide file tree

Showing 30 changed files with 300 additions and 126 deletions.
diff --git a/asserts/assertstest/assertstest.go b/asserts/assertstest/assertstest.go
@@ -278,21 +278,33 @@ type StoreStack struct {
 	*SigningDB
 }
 
-// NewStoreStack creates a new store assertion stack. It panics on error.
-// optional privKeys can be in order: root, store, generic
-func NewStoreStack(authorityID string, privKeys ...asserts.PrivateKey) *StoreStack {
-	if len(privKeys) > 3 {
-		panic("too many private keys specified, expected at most: root, store, generic")
+// StoreKeys holds a set of store private keys.
+type StoreKeys struct {
+	Root    asserts.PrivateKey
+	Store   asserts.PrivateKey
+	Generic asserts.PrivateKey
+}
+
+var (
+	rootPrivKey, _    = GenerateKey(1024)
+	storePrivKey, _   = GenerateKey(752)
+	genericPrivKey, _ = GenerateKey(752)
+
+	pregenKeys = StoreKeys{
+		Root:    rootPrivKey,
+		Store:   storePrivKey,
+		Generic: genericPrivKey,
 	}
-	for len(privKeys) < 3 {
-		privKey, _ := GenerateKey(752)
-		privKeys = append(privKeys, privKey)
+)
+
+// NewStoreStack creates a new store assertion stack. It panics on error.
+// Optional keys specify private keys to use for the various roles.
+func NewStoreStack(authorityID string, keys *StoreKeys) *StoreStack {
+	if keys == nil {
+		keys = &pregenKeys
 	}
-	rootPrivKey := privKeys[0]
-	storePrivKey := privKeys[1]
-	genericPrivKey := privKeys[2]
 
-	rootSigning := NewSigningDB(authorityID, rootPrivKey)
+	rootSigning := NewSigningDB(authorityID, keys.Root)
 	ts := time.Now().Format(time.RFC3339)
 	trustedAcct := NewAccount(rootSigning, authorityID, map[string]interface{}{
 		"account-id": authorityID,
@@ -302,7 +314,7 @@ func NewStoreStack(authorityID string, privKeys ...asserts.PrivateKey) *StoreSta
 	trustedKey := NewAccountKey(rootSigning, trustedAcct, map[string]interface{}{
 		"name":  "root",
 		"since": ts,
-	}, rootPrivKey.PublicKey(), "")
+	}, keys.Root.PublicKey(), "")
 	trusted := []asserts.Assertion{trustedAcct, trustedKey}
 
 	genericAcct := NewAccount(rootSigning, "generic", map[string]interface{}{
@@ -320,26 +332,26 @@ func NewStoreStack(authorityID string, privKeys ...asserts.PrivateKey) *StoreSta
 	if err != nil {
 		panic(err)
 	}
-	err = db.ImportKey(storePrivKey)
+	err = db.ImportKey(keys.Store)
 	if err != nil {
 		panic(err)
 	}
 	storeKey := NewAccountKey(rootSigning, trustedAcct, map[string]interface{}{
 		"name": "store",
-	}, storePrivKey.PublicKey(), "")
+	}, keys.Store.PublicKey(), "")
 	err = db.Add(storeKey)
 	if err != nil {
 		panic(err)
 	}
 
-	err = db.ImportKey(genericPrivKey)
+	err = db.ImportKey(keys.Generic)
 	if err != nil {
 		panic(err)
 	}
 	genericKey := NewAccountKey(rootSigning, genericAcct, map[string]interface{}{
 		"name":  "serials",
 		"since": ts,
-	}, genericPrivKey.PublicKey(), "")
+	}, keys.Generic.PublicKey(), "")
 	err = db.Add(genericKey)
 	if err != nil {
 		panic(err)

diff --git a/asserts/assertstest/assertstest_test.go b/asserts/assertstest/assertstest_test.go
@@ -75,10 +75,7 @@ func (s *helperSuite) TestReadPrivKeyUnarmored(c *C) {
 }
 
 func (s *helperSuite) TestStoreStack(c *C) {
-	rootPrivKey, _ := assertstest.GenerateKey(1024)
-	storePrivKey, _ := assertstest.GenerateKey(752)
-
-	store := assertstest.NewStoreStack("super", rootPrivKey, storePrivKey)
+	store := assertstest.NewStoreStack("super", nil)
 
 	c.Check(store.TrustedAccount.AccountID(), Equals, "super")
 	c.Check(store.TrustedAccount.IsCertified(), Equals, true)

diff --git a/asserts/fetcher_test.go b/asserts/fetcher_test.go
@@ -39,9 +39,7 @@ type fetcherSuite struct {
 var _ = Suite(&fetcherSuite{})
 
 func (s *fetcherSuite) SetUpTest(c *C) {
-	rootPrivKey, _ := assertstest.GenerateKey(1024)
-	storePrivKey, _ := assertstest.GenerateKey(752)
-	s.storeSigning = assertstest.NewStoreStack("can0nical", rootPrivKey, storePrivKey)
+	s.storeSigning = assertstest.NewStoreStack("can0nical", nil)
 }
 
 func fakeSnap(rev int) []byte {

diff --git a/asserts/gpgkeypairmgr_test.go b/asserts/gpgkeypairmgr_test.go
@@ -80,7 +80,7 @@ func (gkms *gpgKeypairMgrSuite) TestGetNotFound(c *C) {
 }
 
 func (gkms *gpgKeypairMgrSuite) TestUseInSigning(c *C) {
-	store := assertstest.NewStoreStack("trusted", testPrivKey0, testPrivKey1)
+	store := assertstest.NewStoreStack("trusted", nil)
 
 	devKey, err := gkms.keypairMgr.Get(assertstest.DevKeyID)
 	c.Assert(err, IsNil)

diff --git a/asserts/snap_asserts_test.go b/asserts/snap_asserts_test.go
@@ -596,10 +596,7 @@ func (sbs *snapBuildSuite) TestDecodeInvalid(c *C) {
 }
 
 func makeStoreAndCheckDB(c *C) (store *assertstest.StoreStack, checkDB *asserts.Database) {
-	trustedPrivKey := testPrivKey0
-	storePrivKey := testPrivKey1
-
-	store = assertstest.NewStoreStack("canonical", trustedPrivKey, storePrivKey)
+	store = assertstest.NewStoreStack("canonical", nil)
 	cfg := &asserts.DatabaseConfig{
 		Backstore:       asserts.NewMemoryBackstore(),
 		Trusted:         store.Trusted,

diff --git a/asserts/snapasserts/snapasserts_test.go b/asserts/snapasserts/snapasserts_test.go
@@ -49,9 +49,7 @@ type snapassertsSuite struct {
 var _ = Suite(&snapassertsSuite{})
 
 func (s *snapassertsSuite) SetUpTest(c *C) {
-	rootPrivKey, _ := assertstest.GenerateKey(1024)
-	storePrivKey, _ := assertstest.GenerateKey(752)
-	s.storeSigning = assertstest.NewStoreStack("can0nical", rootPrivKey, storePrivKey)
+	s.storeSigning = assertstest.NewStoreStack("can0nical", nil)
 
 	s.dev1Acct = assertstest.NewAccount(s.storeSigning, "developer1", nil, "")
 

diff --git a/cmd/snap-repair/runner.go b/cmd/snap-repair/runner.go
@@ -610,7 +610,9 @@ func (run *Runner) makeReady(brandID string, sequenceNext int) (repair *asserts.
 		var err error
 		repair, aux, err = run.refetch(brandID, state.Sequence, state.Revision)
 		if err != nil {
-			logger.Noticef("cannot refetch repair %q-%d, will retry what is on disk: %v", brandID, sequenceNext, err)
+			if err != ErrRepairNotModified {
+				logger.Noticef("cannot refetch repair %q-%d, will retry what is on disk: %v", brandID, sequenceNext, err)
+			}
 			// try to use what we have already on disk
 			repair, aux, err = run.readSavedStream(brandID, state.Sequence, state.Revision)
 			if err != nil {

diff --git a/cmd/snap-repair/runner_test.go b/cmd/snap-repair/runner_test.go
@@ -568,10 +568,24 @@ AXNpZw==
 `
 )
 
-func makeMockServer(c *C, seqRepairs *[]string) *httptest.Server {
-	mockServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		c.Check(strings.HasPrefix(r.URL.Path, "/repairs/canonical/"), Equals, true)
-		seq, err := strconv.Atoi(strings.TrimPrefix(r.URL.Path, "/repairs/canonical/"))
+func makeMockServer(c *C, seqRepairs *[]string, redirectFirst bool) *httptest.Server {
+	var mockServer *httptest.Server
+	mockServer = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		urlPath := r.URL.Path
+		if redirectFirst && r.Header.Get("Accept") == asserts.MediaType {
+			if !strings.HasPrefix(urlPath, "/final/") {
+				// redirect
+				finalURL := mockServer.URL + "/final" + r.URL.Path
+				w.Header().Set("Location", finalURL)
+				w.WriteHeader(302)
+				return
+			}
+			urlPath = strings.TrimPrefix(urlPath, "/final")
+		}
+
+		c.Check(strings.HasPrefix(urlPath, "/repairs/canonical/"), Equals, true)
+
+		seq, err := strconv.Atoi(strings.TrimPrefix(urlPath, "/repairs/canonical/"))
 		c.Assert(err, IsNil)
 
 		if seq > len(*seqRepairs) {
@@ -604,10 +618,10 @@ func makeMockServer(c *C, seqRepairs *[]string) *httptest.Server {
 	return mockServer
 }
 
-func (s *runnerSuite) TestNext(c *C) {
+func (s *runnerSuite) testNext(c *C, redirectFirst bool) {
 	seqRepairs := append([]string(nil), nextRepairs...)
 
-	mockServer := makeMockServer(c, &seqRepairs)
+	mockServer := makeMockServer(c, &seqRepairs, redirectFirst)
 	defer mockServer.Close()
 
 	runner := repair.NewRunner()
@@ -677,6 +691,16 @@ func (s *runnerSuite) TestNext(c *C) {
 	})
 }
 
+func (s *runnerSuite) TestNext(c *C) {
+	redirectFirst := false
+	s.testNext(c, redirectFirst)
+}
+
+func (s *runnerSuite) TestNextRedirect(c *C) {
+	redirectFirst := true
+	s.testNext(c, redirectFirst)
+}
+
 func (s *runnerSuite) TestNextImmediateSkip(c *C) {
 	seqRepairs := []string{`type: repair
 authority-id: canonical
@@ -693,7 +717,7 @@ scriptB
 
 AXNpZw==`}
 
-	mockServer := makeMockServer(c, &seqRepairs)
+	mockServer := makeMockServer(c, &seqRepairs, false)
 	defer mockServer.Close()
 
 	runner := repair.NewRunner()
@@ -728,7 +752,7 @@ scriptB
 
 AXNpZw==`}
 
-	mockServer := makeMockServer(c, &seqRepairs)
+	mockServer := makeMockServer(c, &seqRepairs, false)
 	defer mockServer.Close()
 
 	runner := repair.NewRunner()
@@ -811,7 +835,7 @@ scriptB
 
 AXNpZw==`}
 
-	mockServer := makeMockServer(c, &seqRepairs)
+	mockServer := makeMockServer(c, &seqRepairs, false)
 	defer mockServer.Close()
 
 	runner := repair.NewRunner()

diff --git a/cmd/snap/cmd_export_key_test.go b/cmd/snap/cmd_export_key_test.go
@@ -58,9 +58,7 @@ func (s *SnapKeysSuite) TestExportKeyNonDefault(c *C) {
 }
 
 func (s *SnapKeysSuite) TestExportKeyAccount(c *C) {
-	rootPrivKey, _ := assertstest.GenerateKey(1024)
-	storePrivKey, _ := assertstest.GenerateKey(752)
-	storeSigning := assertstest.NewStoreStack("canonical", rootPrivKey, storePrivKey)
+	storeSigning := assertstest.NewStoreStack("canonical", nil)
 	manager := asserts.NewGPGKeypairManager()
 	assertstest.NewAccount(storeSigning, "developer1", nil, "")
 	rest, err := snap.Parser().ParseArgs([]string{"export-key", "another", "--account=developer1"})

diff --git a/corecfg/picfg_test.go b/corecfg/picfg_test.go
@@ -43,9 +43,7 @@ var _ = Suite(&piCfgSuite{})
 var mockConfigTxt = `
 # For more options and information see
 # http://www.raspberrypi.org/documentation/configuration/config-txt.md
-# Some settings may impact device functionality. See link above for details
-# uncomment if you get no picture on HDMI for a default "safe" mode
-#hdmi_safe=1
+#hdmi_group=1
 # uncomment this if your display has a black border of unused pixels visible
 # and your display can output without overscan
 #disable_overscan=1
@@ -109,29 +107,25 @@ func (s *piCfgSuite) TestConfigurePiConfigAddNewOption(c *C) {
 }
 
 func (s *piCfgSuite) TestConfigurePiConfigNoChangeUnset(c *C) {
-	st1, err := os.Stat(s.mockConfigPath)
+	// ensure we cannot write to the dir to test that we really
+	// do not update the file
+	err := os.Chmod(filepath.Dir(s.mockConfigPath), 0500)
 	c.Assert(err, IsNil)
+	defer os.Chmod(filepath.Dir(s.mockConfigPath), 0755)
 
-	err = corecfg.UpdatePiConfig(s.mockConfigPath, map[string]string{"hdmi_safe": ""})
+	err = corecfg.UpdatePiConfig(s.mockConfigPath, map[string]string{"hdmi_group": ""})
 	c.Assert(err, IsNil)
-
-	st2, err := os.Stat(s.mockConfigPath)
-	c.Assert(err, IsNil)
-
-	c.Check(st1.ModTime(), DeepEquals, st2.ModTime())
 }
 
 func (s *piCfgSuite) TestConfigurePiConfigNoChangeSet(c *C) {
-	st1, err := os.Stat(s.mockConfigPath)
-	c.Assert(err, IsNil)
-
-	err = corecfg.UpdatePiConfig(s.mockConfigPath, map[string]string{"unrelated_options": "are-kept"})
-	c.Assert(err, IsNil)
-
-	st2, err := os.Stat(s.mockConfigPath)
+	// ensure we cannot write to the dir to test that we really
+	// do not update the file
+	err := os.Chmod(filepath.Dir(s.mockConfigPath), 0500)
 	c.Assert(err, IsNil)
+	defer os.Chmod(filepath.Dir(s.mockConfigPath), 0755)
 
-	c.Check(st1.ModTime(), DeepEquals, st2.ModTime())
+	err = corecfg.UpdatePiConfig(s.mockConfigPath, map[string]string{"unrelated_options": "cannot-be-set"})
+	c.Assert(err, ErrorMatches, `cannot set unsupported configuration value "unrelated_options"`)
 }
 
 func (s *piCfgSuite) TestConfigurePiConfigIntegration(c *C) {

diff --git a/corecfg/proxy.go b/corecfg/proxy.go
@@ -29,9 +29,9 @@ import (
 )
 
 var proxyConfigKeys = map[string]bool{
-	"http":  true,
-	"https": true,
-	"ftp":   true,
+	"http_proxy":  true,
+	"https_proxy": true,
+	"ftp_proxy":   true,
 }
 
 func etcEnvironment() string {

diff --git a/corecfg/utils.go b/corecfg/utils.go
@@ -32,15 +32,20 @@ var rx = regexp.MustCompile(`^[ \t]*(#?)[ \t#]*([a-z_]+)=(.*)$`)
 // updateKeyValueStream updates simple key=value files with comments.
 // Example for such formats are: /etc/environment or /boot/uboot/config.txt
 //
-// An r io.Reader and a configuration "patch" is taken as input, the r is
-// read line-by-line and any line and any required configuration change from
-// the "config" input is applied. If changes need to be written a []string
+// An r io.Reader, map of supported config keys and a configuration
+// "patch" is taken as input, the r is read line-by-line and any line
+// and any required configuration change from the "config" input is
+// applied.
+//
+// If changes need to be written a []string
 // that contains the full file is returned. On error an error is returned.
-func updateKeyValueStream(r io.Reader, allConfig map[string]bool, newConfig map[string]string) (toWrite []string, err error) {
-	// build regexp
+func updateKeyValueStream(r io.Reader, supportedConfigKeys map[string]bool, newConfig map[string]string) (toWrite []string, err error) {
 	cfgKeys := make([]string, len(newConfig))
 	i := 0
 	for k := range newConfig {
+		if !supportedConfigKeys[k] {
+			return nil, fmt.Errorf("cannot set unsupported configuration value %q", k)
+		}
 		cfgKeys[i] = k
 		i++
 	}
@@ -53,7 +58,7 @@ func updateKeyValueStream(r io.Reader, allConfig map[string]bool, newConfig map[
 	for scanner.Scan() {
 		line := scanner.Text()
 		matches := rx.FindStringSubmatch(line)
-		if len(matches) > 0 && allConfig[matches[2]] {
+		if len(matches) > 0 && supportedConfigKeys[matches[2]] {
 			wasComment := (matches[1] == "#")
 			key := matches[2]
 			oldValue := matches[3]

diff --git a/corecfg/utils_test.go b/corecfg/utils_test.go
@@ -31,24 +31,35 @@ type utilsSuite struct{}
 
 var _ = Suite(&utilsSuite{})
 
-func (s *utilsSuite) TestUpdateKeyValueStreamNoChanges(c *C) {
+func (s *utilsSuite) TestUpdateKeyValueStreamNoNewConfig(c *C) {
 	in := bytes.NewBufferString("foo=bar")
 	newConfig := map[string]string{}
-	allConfig := map[string]bool{}
+	supportedConfigKeys := map[string]bool{}
 
-	toWrite, err := corecfg.UpdateKeyValueStream(in, allConfig, newConfig)
+	toWrite, err := corecfg.UpdateKeyValueStream(in, supportedConfigKeys, newConfig)
 	c.Check(err, IsNil)
 	c.Check(toWrite, IsNil)
 }
 
+func (s *utilsSuite) TestUpdateKeyValueStreamConfigNotInAllConfig(c *C) {
+	in := bytes.NewBufferString("")
+	newConfig := map[string]string{"unsupported-options": "cannot be set"}
+	supportedConfigKeys := map[string]bool{
+		"foo": true,
+	}
+
+	_, err := corecfg.UpdateKeyValueStream(in, supportedConfigKeys, newConfig)
+	c.Check(err, ErrorMatches, `cannot set unsupported configuration value "unsupported-options"`)
+}
+
 func (s *utilsSuite) TestUpdateKeyValueStreamOneChange(c *C) {
 	in := bytes.NewBufferString("foo=bar")
 	newConfig := map[string]string{"foo": "baz"}
-	allConfig := map[string]bool{
+	supportedConfigKeys := map[string]bool{
 		"foo": true,
 	}
 
-	toWrite, err := corecfg.UpdateKeyValueStream(in, allConfig, newConfig)
+	toWrite, err := corecfg.UpdateKeyValueStream(in, supportedConfigKeys, newConfig)
 	c.Check(err, IsNil)
 	c.Check(toWrite, DeepEquals, []string{"foo=baz"})
 }