Merge pull request #421 from amazonlinux/tuftool

tuftool: Warn before downloading root.json

workspaces/tuftool/src/download.rs

@@ -3,7 +3,7 @@ use snafu::{OptionExt, ResultExt};
 use std::fs::{File, OpenOptions};
 use std::io::{self};
 use std::num::NonZeroU64;
-use std::path::PathBuf;
+use std::path::{Path, PathBuf};
 use structopt::StructOpt;
 use tempdir::TempDir;
 use tough::{Limits, Repository, Settings};
@@ -27,16 +27,30 @@ pub(crate) struct DownloadArgs {
  #[structopt(short = "t", long = "target-url")]
  target_base_url: String,
 
+ /// Allow downloading the root.json file (unsafe)
+ #[structopt(long)]
+ allow_root_download: bool,
+
  /// Output directory of targets
  indir: PathBuf,
 }
 
+fn root_warning<P: AsRef<Path>>(path: P) {
+ #[rustfmt::skip]
+ eprintln!("\
+=================================================================
+WARNING: Downloading root.json to {}
+This is unsafe and will not establish trust, use only for testing
+=================================================================",
+ path.as_ref().display());
+}
+
 impl DownloadArgs {
  pub(crate) fn run(&self) -> Result<()> {
  // use local root.json or download from repository
  let root_path = if let Some(path) = &self.root {
  PathBuf::from(path)
- } else {
+ } else if self.allow_root_download {
  let name = if let Some(version) = self.root_version {
  format!("{}.root.json", version)
  } else {
@@ -53,7 +67,9 @@ impl DownloadArgs {
  .context(error::UrlParse {
  url: &self.metadata_base_url,
  })?;
- println!("Downloading {} to {:?}", &name, &path);
+
+ root_warning(&path);
+
  let mut f = OpenOptions::new()
  .write(true)
  .create(true)
@@ -64,6 +80,9 @@ impl DownloadArgs {
  .copy_to(&mut f)
  .context(error::ReqwestCopy)?;
  path
+ } else {
+ eprintln!("No root.json available");
+ std::process::exit(1);
  };
 
  // load repository