From 22abd014c474a3f2c75daf9e5522f537aa5e52f5 Mon Sep 17 00:00:00 2001
From: Joshua Lock <jlock@vmware.com>
Date: Tue, 21 Jun 2022 11:42:26 +0100
Subject: [PATCH] fix: only check version after parsing fetched ss and ts

We check the length and hashes of the fetched bytes before parsing them,
therefore once the data are parsed into a FileMeta we only need to check
against the expected version. The length and hashes checks are no longer
required at this point, as they have already been done.

Signed-off-by: Joshua Lock <jlock@vmware.com>
---
 client/client.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/client/client.go b/client/client.go
index 5f298c0af..080deefdc 100644
--- a/client/client.go
+++ b/client/client.go
@@ -683,10 +683,12 @@ func (c *Client) downloadMetaFromSnapshot(name string, m data.SnapshotFileMeta)
 	if err != nil {
 		return nil, err
 	}
-	// 5.6.4 - Check against snapshot role's targets hash and version
-	if err := util.SnapshotFileMetaEqual(meta, m); err != nil {
+
+	// 5.6.4 - Check against snapshot role's version
+	if err := util.VersionEqual(meta.Version, m.Version); err != nil {
 		return nil, ErrDownloadFailed{name, err}
 	}
+
 	return b, nil
 }
 
@@ -705,10 +707,12 @@ func (c *Client) downloadMetaFromTimestamp(name string, m data.TimestampFileMeta
 	if err != nil {
 		return nil, err
 	}
-	// 5.5.4 - Check against timestamp role's snapshot hash and version
-	if err := util.TimestampFileMetaEqual(meta, m); err != nil {
+
+	// 5.5.4 - Check against timestamp role's version
+	if err := util.VersionEqual(meta.Version, m.Version); err != nil {
 		return nil, ErrDownloadFailed{name, err}
 	}
+
 	return b, nil
 }