Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add error messages #14

Merged
merged 5 commits into from
Sep 17, 2022
Merged

Add error messages #14

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
d6db0b5
Add error messages
fancyFranci Sep 17, 2022
6b1e386
Merge branch 'tuf' of https://github.com/joomla-projects/joomla-tuf i…
fancyFranci Sep 17, 2022
b83c048
Rename roll back function
fancyFranci Sep 17, 2022
8a8bb18
Sorting textIds
fancyFranci Sep 17, 2022
708e726
Merge branch 'tuf' of https://github.com/joomla-projects/joomla-tuf i…
fancyFranci Sep 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion administrator/language/en-GB/lib_joomla.ini
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -655,11 +655,15 @@ JLIB_INSTALLER_SQL_BEGIN="Start of SQL updates."
JLIB_INSTALLER_SQL_BEGIN_SCHEMA="The current database version (schema) is %s."
JLIB_INSTALLER_SQL_END="End of SQL updates."
JLIB_INSTALLER_SQL_END_NOT_COMPLETE="End of SQL updates - INCOMPLETE."
JLIB_INSTALLER_TUF_FREEZE_ATTACK="Update not possible because the offered update is expired."
fancyFranci marked this conversation as resolved.
Show resolved Hide resolved
JLIB_INSTALLER_TUF_INVALID_METADATA="The saved TUF update information is invalid."
JLIB_INSTALLER_TUF_NOT_AVAILABLE="TUF is not available for extensions yet."
JLIB_INSTALLER_TUF_ROLLBACK_ATTACK="Update not possible because the offered update version is older than the current installed version."
JLIB_INSTALLER_TUF_SIGNATURE_THRESHOLD="Update not possible because the offered update has not enough signatures."
JLIB_INSTALLER_UNINSTALL="Uninstall"
JLIB_INSTALLER_UPDATE="Update"
JLIB_INSTALLER_UPDATE_LOG_QUERY="Ran query from file %1$s. Query text: %2$s."
JLIB_INSTALLER_WARNING_UNABLE_TO_INSTALL_CONTENT_LANGUAGE="Unable to create a content language for %s language: %s"
JLIB_INSTALLER_TUF_NOT_AVAILABLE="TUF is not available for extensions yet."

JLIB_JS_AJAX_ERROR_CONNECTION_ABORT="A connection abort has occurred while fetching the JSON data."
JLIB_JS_AJAX_ERROR_NO_CONTENT="No content was returned."
Expand Down
45 changes: 36 additions & 9 deletions libraries/src/TUF/TufValidation.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,14 @@
namespace Joomla\CMS\TUF;

use Joomla\CMS\Factory;
use Joomla\CMS\Language\Text;
use Joomla\CMS\TUF\HttpFileFetcher;
use Joomla\Database\DatabaseDriver;
use Joomla\Database\ParameterType;
use Symfony\Component\OptionsResolver\Exception\InvalidOptionsException;
use Symfony\Component\OptionsResolver\Exception\UndefinedOptionsException;
use Symfony\Component\OptionsResolver\OptionsResolver;
use Tuf\Client\GuzzleFileFetcher;
use Joomla\CMS\TUF\HttpFileFetcher;
use Tuf\Client\Updater;
use Tuf\Exception\Attack\FreezeAttackException;
use Tuf\Exception\Attack\RollbackAttackException;
Expand Down Expand Up @@ -129,16 +130,42 @@ public function getValidUpdate()

return $storage['targets.json'];
}
catch (FreezeAttackException | MetadataException | SignatureThresholdException | RollbackAttackException $e)
catch (MetadataException $e)
{
// When the validation fails, for example when one file is written but the others don't, we roll back everything
// and cancel the update
$query = $db->getQuery(true)
->delete($db->quoteName('#__tuf_metadata'))
->columns(['snapshot_json', 'targets_json', 'timestamp_json']);
$db->setQuery($query);

$this->rollBackTufMetadata();
Factory::getApplication()->enqueueMessage(Text::_('JLIB_INSTALLER_TUF_INVALID_METADATA'), 'error');
return null;
}
catch (FreezeAttackException $e)
{
$this->rollBackTufMetadata();
Factory::getApplication()->enqueueMessage(Text::_('JLIB_INSTALLER_TUF_FREEZE_ATTACK'), 'error');
return null;
}
catch (RollbackAttackException $e)
{
$this->rollBackTufMetadata();
Factory::getApplication()->enqueueMessage(Text::_('JLIB_INSTALLER_TUF_ROLLBACK_ATTACK'), 'error');
return null;
}
catch (SignatureThresholdException $e)
{
$this->rollBackTufMetadata();
Factory::getApplication()->enqueueMessage(Text::_('JLIB_INSTALLER_TUF_SIGNATURE_THRESHOLD'), 'error');
return null;
}
}

/**
* When the validation fails, for example when one file is written but the others don't, we roll back everything
*
* @return void
*/
private function rollBackTufMetadata() {
$db = Factory::getContainer()->get(DatabaseDriver::class);
$query = $db->getQuery(true)
->delete($db->quoteName('#__tuf_metadata'))
->columns(['snapshot_json', 'targets_json', 'timestamp_json']);
$db->setQuery($query);
}
}
13 changes: 8 additions & 5 deletions libraries/src/Updater/Adapter/TufAdapter.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,14 +57,17 @@ public function findUpdate($options)
$updates = [];
$targets = $this->getUpdateTargets($options);

foreach ($targets as $target)
if ($targets)
{
$updateTable = Table::getInstance('update');
$updateTable->set('update_site_id', $options['update_site_id']);
foreach ($targets as $target)
{
$updateTable = Table::getInstance('update');
$updateTable->set('update_site_id', $options['update_site_id']);

$updateTable->bind($target);
$updateTable->bind($target);

$updates[] = $updateTable;
$updates[] = $updateTable;
}
}

return array('update_sites' => array(), 'updates' => $updates);
Expand Down