#include <errno.h>
#include <libcmscodec/ContentType.h>
#include "file.h"
+#include "log.h"
#include "oid.h"
#include "asn1/decode.h"
if (error)
return error;
- if (!ARCS_EQUAL_OIDS(&arcs, oid_sdata)) {
- fprintf(stderr, "Incorrect content-type.");
- return -EINVAL;
- }
+ if (!ARCS_EQUAL_OIDS(&arcs, oid_sdata))
+ error = pr_err("Incorrect content-type.");
- return 0;
+ free_arcs(&arcs);
+ return error;
}
static int
* Wrapper for OBJECT_IDENTIFIER_get_arcs().
*
* Callers must free @result.
+ *
+ * TODO (whatever) Most of the time, this function is called to compare @result
+ * to some oid. Maybe create a wrapper that takes care of all the boilerplate.
*/
int
oid2arcs(OBJECT_IDENTIFIER_t *oid, struct oid_arcs *result)
return 0;
}
-/* Callers must free @result. */
-int
-any2arcs(ANY_t *any, struct oid_arcs *result)
-{
- OBJECT_IDENTIFIER_t *oid;
- int error;
-
- error = asn1_decode_any(any, &asn_DEF_OBJECT_IDENTIFIER,
- (void **) &oid);
- if (error)
- return error;
-
- error = oid2arcs(oid, result);
- ASN_STRUCT_FREE(asn_DEF_OBJECT_IDENTIFIER, oid);
- return error;
-}
-
bool oid_equal(OBJECT_IDENTIFIER_t *a, OBJECT_IDENTIFIER_t *b)
{
return (a->size == b->size) && (memcmp(a->buf, b->buf, a->size) == 0);
#define OID_SHA256 { 2, 16, 840, 1, 101, 3, 4, 2, 1 }
int oid2arcs(OBJECT_IDENTIFIER_t *, struct oid_arcs *);
-int any2arcs(ANY_t *, struct oid_arcs *);
bool oid_equal(OBJECT_IDENTIFIER_t *, OBJECT_IDENTIFIER_t *);
bool arcs_equal(struct oid_arcs const *, struct oid_arcs const *);
MessageDigest_t *digest;
int error;
- if (eci->eContent == NULL) {
- pr_err("There's no content being signed.");
- return -EINVAL;
- }
+ if (eci->eContent == NULL)
+ return pr_err("There's no content being signed.");
error = asn1_decode_any(value, &asn_DEF_MessageDigest,
(void **) &digest);
if (error)
pr_err("The content's hash does not match the Message-Digest Attribute.");
- free(digest);
+ ASN_STRUCT_FREE(asn_DEF_MessageDigest, digest);
return error;
}
struct validation *state;
int error;
- error = download_files(uri);
+ error = download_files(uri, true);
if (error) {
return pr_warn("TAL URI '%s' could not be RSYNC'd.",
uri->global);
handle_caRepository(struct rpki_uri *uri, void *arg)
{
pr_debug("caRepository: %s", uri_get_printable(uri));
- return download_files(uri);
+ return download_files(uri, false);
}
static int
}
static int
-get_rsync_uri(struct rpki_uri const *requested_uri, struct rpki_uri *rsync_uri)
+get_rsync_uri(struct rpki_uri const *requested_uri, bool force_strict,
+ struct rpki_uri *rsync_uri)
{
+ if (force_strict)
+ return handle_strict_strategy(requested_uri, rsync_uri);
+
switch (config_get_sync_strategy()) {
case SYNC_ROOT:
return handle_root_strategy(requested_uri, rsync_uri);
exit(-EINVAL);
}
+/**
+ * @force_srict:
+ * true:
+ * SYNC_OFF -> SYNC_OFF
+ * SYNC_STRICT -> SYNC_STRICT
+ * SYNC_ROOT -> SYNC_STRICT
+ * false:
+ * SYNC_OFF -> SYNC_OFF
+ * SYNC_STRICT -> SYNC_STRICT
+ * SYNC_ROOT -> SYNC_ROOT
+ */
int
-download_files(struct rpki_uri const *requested_uri)
+download_files(struct rpki_uri const *requested_uri, bool force_strict)
{
/**
* Note:
return 0;
}
- error = get_rsync_uri(requested_uri, &rsync_uri);
+ error = get_rsync_uri(requested_uri, force_strict, &rsync_uri);
if (error)
return error;
#ifndef SRC_RSYNC_RSYNC_H_
#define SRC_RSYNC_RSYNC_H_
+#include <stdbool.h>
#include "uri.h"
-int download_files(struct rpki_uri const *);
+int download_files(struct rpki_uri const *, bool);
int rsync_init(void);
void rsync_destroy(void);
projects / thirdparty / FORT-validator.git / commitdiff
