securesystemslib: Add AnyNonemptyString, use for PATH_SCHEMA

[woodruffw]

TODO: Needs tests.

Fixes issue #: #241.

Description of the changes being introduced by the pull request:

Please verify and check that the pull request fulfils the following
requirements:

• The code follows the Code Style Guidelines
• Tests have been added for the bug fix or new feature
• Docs have been added for the bug fix or new feature

[coveralls]

Coverage increased (+0.002%) to 98.943% when pulling a3d0f58 on trailofbits:ww/any-nonempty-string into 9b3a78e on secure-systems-lab:master.

[woodruffw]

test_B3_file_in_confined_directories currently fails on this:

self.assertTrue(in_confined_directory('a/b/c.txt', ['']))

...presumably because that second parameter is now being enforced via PATH_SCHEMA as a nonempty string. My intuition is that this should really become assertFalse, but that's a behavioral change. Thoughts @lukpueh @joshuagl @mnm678 @trishankatdatadog?

[lukpueh]

...presumably because that second parameter is now being enforced via PATH_SCHEMA as a non-empty string. My intuition is that this should really become assertFalse, but that's a behavioral change. Thoughts @lukpueh @joshuagl @mnm678 @trishankatdatadog?

I see this function for the first time. According to a comment, an empty string in the second parameter acts as some sort of "arbitrarily chosen" wildcard:

securesystemslib/securesystemslib/util.py

Lines 216 to 217 in 9b3a78e

	# The empty string (arbitrarily chosen) signifies the client is confined
	# to all directories and subdirectories. No need to check 'filepath'.

The only place where this function is used is in tuf.mirrors.get_list_of_mirrors, which btw. I'm also looking at for the first time. @trishankdatdatadog, do you know more about this? Confined directories are nowhere mentioned in the specification. Do we really need this function as securesystemslib.util? To me it looks like something that could be an inline check in get_list_of_mirrors.

@willwoodruff, for the time being I suggest to just patch that function to not validate the second argument as list of paths but rather as list of any strings (including empty string).

[lukpueh]

Thanks for the patch, @woodruffw! Do you have bandwidth to add tests?

[lukpueh]

Minor suggestion: We could subclass from AnyString and replace this first check with super().check_match.
Subclassing would also make it safe to remove the constructor here. Because the implicitly called AnyString.__init__(): pass will then prevent us from calling any further upper-level constructors (... which for some reason seem to be desired, or otherwise I don't understand the many __init__(): pass here).

[woodruffw]

Good call! super() is a bit messy since this code (appears to be) Python 2.7 compatible, so I called AnyString.check_match(self, object) explicitly. We could use super if we turned the top-level Schema class into a "new-style" one, but I figured that this was less invasive for a small change.

[woodruffw]

for the time being I suggest to just patch that function to not validate the second argument as list of paths but rather as list of any strings (including empty string).

Sounds good to me. JFYI, you tagged another Will Woodruff 😉

I should also have some bandwidth for unit tests today.

[trishankatdatadog]

Confined directories are nowhere mentioned in the specification. Do we really need this function as securesystemslib.util?

Yeah, this is some non-standard optional thing we should really get rid off. That, and the list of mirrors. Nobody uses them AFAIK. I would wholeheartedly endorse and merge any PR that does this.

[lukpueh]

[Apologies for mixing you two up, @willwoodruff and @woodruffw]

LGTM! Merging.

[lukpueh]

Confined directories are nowhere mentioned in the specification. Do we really need this function as securesystemslib.util?

Yeah, this is some non-standard optional thing we should really get rid off. That, and the list of mirrors. Nobody uses them AFAIK. I would wholeheartedly endorse and merge any PR that does this.

Thanks for weighing in, @trishankatdatadog. I opened an issue: #245