From 6eaf405bd5b57262fa7fc0a421efa0e507e88e0d Mon Sep 17 00:00:00 2001
From: Jussi Kukkonen <jkukkonen@google.com>
Date: Wed, 17 Jul 2024 11:50:43 +0300
Subject: [PATCH] ngclient: Increase default max_root_rotations

this configuration variable controls how many root versions
the client will upgrade in a single refresh(). The idea is to prevent
a malicious repository from filling the disk with root versions.

We want a number that is high enough that a repository should not have
made that many roots in the time that clients take to update the "embedded"
root that the client shipped with ship with.

32 is small enough that a repository could reach it while clients with
v1 embedded in them are still in use. Let's bump to 256: this should be
plenty.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
---
 tuf/ngclient/config.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tuf/ngclient/config.py b/tuf/ngclient/config.py
index 8019c4d26d..357b26b025 100644
--- a/tuf/ngclient/config.py
+++ b/tuf/ngclient/config.py
@@ -44,7 +44,7 @@ class UpdaterConfig:
             prefixed to ngclient user agent when the default fetcher is used.
     """
 
-    max_root_rotations: int = 32
+    max_root_rotations: int = 256
     max_delegations: int = 32
     root_max_length: int = 512000  # bytes
     timestamp_max_length: int = 16384  # bytes