[5.1] Catch block for generic TUF exceptions (#43477)

Author: SniperSister

administrator/language/en-GB/lib_joomla.ini

@@ -663,6 +663,7 @@ JLIB_INSTALLER_SQL_END="End of SQL updates."
 JLIB_INSTALLER_SQL_END_NOT_COMPLETE="End of SQL updates - INCOMPLETE."
 JLIB_INSTALLER_TUF_DEBUG_MESSAGE="TUF Debug Message: %s"
 JLIB_INSTALLER_TUF_DOWNLOAD_SIZE="The size of the update downloaded did not match the expected size."
+JLIB_INSTALLER_TUF_ERROR_GENERIC="Could not fetch update information, enable system debug mode for further information."
 JLIB_INSTALLER_TUF_FREEZE_ATTACK="Update not possible because the offered update has expired."
 JLIB_INSTALLER_TUF_INVALID_METADATA="The saved TUF update information is invalid."
 JLIB_INSTALLER_TUF_NOT_AVAILABLE="TUF is not available for extensions yet."

libraries/src/TUF/HttpLoader.php

@@ -29,8 +29,13 @@ public function __construct(private readonly string $repositoryPath, private rea
 
     public function load(string $locator, int $maxBytes): PromiseInterface
     {
-        /** @var Http $client */
-        $response = $this->http->get($this->repositoryPath . $locator);
+        try {
+            /** @var Http $client */
+            $response = $this->http->get($this->repositoryPath . $locator);
+        } catch (\Exception $e) {
+            // We convert the generic exception thrown in the Http library into a TufException
+            throw new HttpLoaderException($e->getMessage(), $e->getCode(), $e);
+        }
 
         if ($response->code !== 200) {
             throw new RepoFileNotFound();

libraries/src/TUF/HttpLoaderException.php

@@ -0,0 +1,19 @@
+<?php
+
+/**
+ * Joomla! Content Management System
+ *
+ * @copyright  (C) 2024 Open Source Matters, Inc. <https://www.joomla.org>
+ * @license    GNU General Public License version 2 or later; see LICENSE.txt
+ */
+
+namespace Joomla\CMS\TUF;
+
+use Tuf\Exception\TufException;
+
+/**
+ * @since  __DEPLOY_VERSION__
+ */
+class HttpLoaderException extends TufException
+{
+}

libraries/src/TUF/TufFetcher.php

@@ -20,6 +20,7 @@
 use Tuf\Exception\Attack\SignatureThresholdException;
 use Tuf\Exception\DownloadSizeException;
 use Tuf\Exception\MetadataException;
+use Tuf\Exception\TufException;
 use Tuf\Loader\SizeCheckingLoader;
 
 // phpcs:disable PSR1.Files.SideEffects
@@ -136,6 +137,8 @@ public function getValidUpdate()
             $this->app->enqueueMessage(Text::_('JLIB_INSTALLER_TUF_ROLLBACK_ATTACK'), CMSApplicationInterface::MSG_ERROR);
         } catch (SignatureThresholdException $e) {
             $this->app->enqueueMessage(Text::_('JLIB_INSTALLER_TUF_SIGNATURE_THRESHOLD'), CMSApplicationInterface::MSG_ERROR);
+        } catch (TufException $e) {
+            $this->app->enqueueMessage(Text::_('JLIB_INSTALLER_TUF_ERROR_GENERIC'), CMSApplicationInterface::MSG_ERROR);
         }
 
         $this->rollBackTufMetadata();