diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-12-15 21:18:19 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-12-15 21:18:19 +0000 |
| commit | 5a6c54aeb95fcfdc70bef20e4a24a0bceed9ba45 (patch) | |
| tree | c711d682c8349a5b2b1f2553b3825f058224a97b /specs | |
| parent | eed069baf58952623ea035637eef154e10fa2038 (diff) | |
Implement lengths in thandy objects, mostly:
Accept them, and when they're present, don't fetch more bytes than
specified, since that would be dangerous. Include lengths in every
generated object type except for the timestamp, since that would break
exising code.
git-svn-id: file:///home/or/svnrepo/updater/trunk@17629 55e972cd-5a19-0410-ae62-a4d7a52db4cd
Diffstat (limited to 'specs')
| -rw-r--r-- | specs/thandy-spec.txt | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/specs/thandy-spec.txt b/specs/thandy-spec.txt index 3726c94..5cc4fa6 100644 --- a/specs/thandy-spec.txt +++ b/specs/thandy-spec.txt @@ -397,10 +397,10 @@ { "_type" : Timestamp, "at" : TIME, - "m" : [ TIME, HASH ], - "k" : [ TIME, HASH ], + "m" : [ TIME, HASH, LENGTH ], + "k" : [ TIME, HASH, LENGTH ], "b" : { NAME : - [ [ Version, Path, Time, Hash ] ] } + [ [ Version, Path, Time, Hash, (Length) ] ] } } TIME is when the timestamp was signed. MIRRORLISTHASH is the digest @@ -409,6 +409,8 @@ bundles and their locations and hashes. The "name" of a bundle (in this context) is the directory component of the bundle's path. + The LENGTH field may be absent on very old timestamp files. + 3.6. File formats: bundle files { "_type" : "Bundle", @@ -423,6 +425,7 @@ "version" : VERSION, "path" : PATH, "hash" : HASH, + ("length" : LENGTH), "order" : [ INST, UPDATE, REMOVE ], ("optional : BOOL, ) "gloss" : { LANG : TEXT }, @@ -446,6 +449,9 @@ language. The UI should display the must appropriate language to the user. + The LENGTH field is required on all new bundles, but may be absent + on very old ones. + 3.7. File formats: package files { "_type" : "Package", @@ -454,13 +460,14 @@ "version" : VERSION, "format" : FMT, "ts" : TIME, - "files" : [ [ PATH, HASH, INFO ], ... ], + "files" : [ [ PATH, HASH, INFO, (LENGTH) ], ... ], "shortdesc" : { LANG : DESC, ... }, "longdesc" : { LANG : DESC, ... }, } Most elements are self-explanatory. To interpret the 'INFO' entry - for each installable file, see section 6. + for each installable file, see section 6. The LENGTH field is + required on all new packages, but may be absent on very old ones. No two package files in the same repository should have the same name and version. If a package needs to be changed, the version @@ -508,6 +515,10 @@ Clients SHOULD cache at least the latest versions they have received of all files. + When dowloading a file, if the client knows what that file's length + should be, it SHOULD NOT accept a longer file, and SHOULD NOT + continue the download past the file length. + 4.1.1. Download preferences Users should be able to specify that packages must be only |