-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tough: RFC: More flexible datastore
s
#417
Comments
This sounds fine to me. The only thought I had in the back of my mind is whether or not the existing Datastore enum could remain more-or-less as is. If the trait had some other name, ( Then again, the blast radius is already probably very small because there is not a lot of code that actually specifies a custom (i.e. non-default) Edit: and maybe a function with the name Edit2: we might need to sternly warn potential self-implementers that taking the |
Yes, extremely. We could also stand to be a lot clearer about what threats exist if you don't provide a datastore today. |
I'm not worried about breakage, I was just mulling it over. One problem is that pub fn datastore<P: Into<PathBuf>>(mut self, datastore: P) -> Self { /* ... */ } Maybe it could be changed to: pub fn datastore<D: Into<Box<dyn Datastore>>(mut self, datastore: D) -> Self { /* ... */ } And we could impl From<Into<PathBuf>> for YeOldeEnumDatastore // <- not sure that's a thing feels like something I always wish I could do (or more likely correct) impl From<PathBuf> for YeOldeEnumDatastore And impl Datastore for YeOldeEnumDatastore |
I think Rust forces us to do something slightly more contrived (spoiler: I get to write |
Hello again! 👋
The
datastore
, currently:tough/tough/src/lib.rs
Lines 202 to 208 in 7aa4804
I'm working in an environment where all my easy-to-access filesystems are not persistent, but I'd still like to be able to detect rollback attacks.
I'd like to make
Datastore
a trait, with more or less the following definition, as well as retaining the current behavior of the persistent and temporary (default) filesystem-based datastores:This would also add a
Box<dyn Datastore>
toRepository
andRepositoryLoader
.The only information required for preventing rollback attacks is trusted persistent storage of the versions of the various roles; in my environment storing only the versions to a trusted database would be sufficient here.
Thoughts/comments/concerns before I go implementing? :)
The text was updated successfully, but these errors were encountered: