From: Alberto Leiva Popper Date: Fri, 30 Jun 2023 20:02:25 +0000 (-0600) Subject: Deprecate and no-op --rsync.strategy X-Git-Tag: 1.6.0~74 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b90890377f40f36da32f3c46af23cc8ce2be4fe8;p=thirdparty%2FFORT-validator.git Deprecate and no-op --rsync.strategy Only STRICT synchronizations are allowed now. This orphans --rsync.arguments-recursive, so it has been deprecated and no-op'd as well. Fixes #80. --- diff --git a/examples/config.json b/examples/config.json index a7bc3436..88d7c03a 100644 --- a/examples/config.json +++ b/examples/config.json @@ -52,7 +52,6 @@ "rsync": { "enabled": true, "priority": 50, - "strategy": "root-except-ta", "retry": { "count": 2, "interval": 5 diff --git a/man/fort.8 b/man/fort.8 index 52f49360..ca8c8053 100644 --- a/man/fort.8 +++ b/man/fort.8 @@ -100,29 +100,14 @@ Some configuration options can't be set at the JSON configuration file: Other configuration options can be configured exclusively at the JSON configuration file: .P + .B rsync.program .RS 4 Name of the program needed to invoke an rsync file transfer. The default value is "rsync". .RE .P -.B rsync.arguments-recursive -.RS 4 -Arguments needed by -.B rsync.program -to perform a recursive rsync. The arguments are specified as a JSON string -array; its default value is: -[ "--recursive", "--delete", "--times", "--contimeout=20", "--timeout=15", -"$REMOTE", "$LOCAL" ] -.P -FORT will replace "$REMOTE" with the remote URL it needs to download, and -"$LOCAL" with the target local directory where the file is supposed to be -dropped. -.P -If \fBrsync.program\fR set is \fIrsync\fR (default value), see more about its -arguments and behavior at \fIrsync(1)\fR. -.RE -.P + .B rsync.arguments-flat .RS 4 Arguments needed by @@ -139,6 +124,13 @@ If \fBrsync.program\fR set is \fIrsync\fR (default value), see more about its arguments and behavior at \fIrsync(1)\fR. .RE .P + +.B rsync.arguments-recursive +.RS 4 +Deprecated; does nothing. +.RE +.P + .B incidences .RS 4 A listing of actions to be performed by validation upon encountering certain @@ -235,7 +227,7 @@ methods defined by the CAs, Fort can do two things: .RS 4 .br - Literally invoke an rsync command (see \fBrsync.program\fR and -\fBrsync.arguments-recursive\fR), which will download the files into +\fBrsync.arguments-flat\fR), which will download the files into \fB--local-repository\fR. .br - Fetch the RRDP Update Notification file (which implies an HTTP request) and @@ -918,73 +910,7 @@ requests. .B \-\-rsync.strategy=(\fIstrict\fR|\fIroot\fR|\fIroot-except-ta\fR) .RS 4 -\fIrsync\fR download strategy; states the way rsync URLs are approached during -downloads. It can have one of three values: -.IR strict ", " -.IR root ", " -.IB "root-except-ta" "(default value)" \fR. \fR -.P -.I strict -.RS 4 -In order to enable this strategy, FORT must be compiled using the flag: -ENABLE\_STRICT\_STRATEGY. e.g. -\fB $ make FORT_FLAGS='-DENABLE_STRICT_STRATEGY'\fR -.P -RSYNC every repository publication point separately. Only skip publication -points that have already been downloaded during the current validation cycle. -(Assuming each synchronization is recursive.) -.P -For example, suppose the validator gets certificates whose caRepository access -methods (in their Subject Information Access extensions) point to the following -publication points: -.P -1. rsync://rpki.example.com/foo/bar/ -.br -2. rsync://rpki.example.com/foo/qux/ -.br -3. rsync://rpki.example.com/foo/bar/ -.br -4. rsync://rpki.example.com/foo/corge/grault/ -.br -5. rsync://rpki.example.com/foo/corge/ -.br -6. rsync://rpki.example.com/foo/corge/waldo/ -.P -A validator following the `strict` strategy would download `bar`, download -`qux`, skip `bar`, download `corge/grault`, download `corge` and skip -`corge/waldo`. -.P -This is the slowest, but also the strictly correct sync strategy. -.RE -.P -.I root -.RS 4 -For each publication point found, guess the root of its repository and RSYNC -that instead. Then skip any subsequent children of said root. -.P -(To guess the root of a repository, the validator counts four slashes, and -prunes the rest of the URL.) -.P -Reusing the caRepository URLs from the `strict` strategy (above) as example, a -validator following the `root` strategy would download -`rsync://rpki.example.com/foo`, and then skip everything else. -.P -Assuming that the repository is specifically structured to be found within as -few roots as possible, and they contain minimal RPKI-unrelated noise files, this -is the fastest synchronization strategy. At time of writing, this is true for -all the current official repositories. -.RE -.P -.I root-except-ta -.RS 4 -Synchronizes the root certificate (the one pointed by the TAL) in 'strict' mode, -and once it's validated, synchronizes the rest of the repository in 'root' mode. -.P -Useful if you want 'root', but the root certificate is separated from the rest -of the repository. Also useful if you don't want the validator to download the -entire repository without first confirming the integrity and legitimacy of the -root certificate. -.RE +Deprecated; does nothing. .RE .P @@ -1260,21 +1186,11 @@ to a specific value: "rsync": { "enabled": true, "priority": 50, - "strategy": "root-except-ta", "retry": { "count": 2, "interval": 5 }, "program": "rsync", - "arguments-recursive": [ - "--recursive", - "--delete", - "--times", - "--contimeout=20", - "--timeout=15", - "$REMOTE", - "$LOCAL" - ], "arguments-flat": [ "--times", "--contimeout=20", diff --git a/src/Makefile.am b/src/Makefile.am index 87ba5883..afb16433 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -54,7 +54,6 @@ fort_SOURCES += config/log_conf.h config/log_conf.c fort_SOURCES += config/mode.c config/mode.h fort_SOURCES += config/incidences.h config/incidences.c fort_SOURCES += config/output_format.h config/output_format.c -fort_SOURCES += config/rsync_strategy.h config/rsync_strategy.c fort_SOURCES += config/str.c config/str.h fort_SOURCES += config/string_array.h config/string_array.c fort_SOURCES += config/types.h diff --git a/src/config.c b/src/config.c index 3ff514ba..54b611d0 100644 --- a/src/config.c +++ b/src/config.c @@ -89,7 +89,7 @@ struct rpki_config { */ unsigned int priority; /* Synchronization download strategy. */ - enum rsync_strategy strategy; + char *strategy; /* Retry conf, utilized on errors */ struct { /* Maximum number of retries on error */ @@ -443,9 +443,10 @@ static const struct option_field options[] = { }, { .id = 3002, .name = "rsync.strategy", - .type = >_rsync_strategy, + .type = >_string, .offset = offsetof(struct rpki_config, rsync.strategy), - .doc = "RSYNC download strategy", + .doc = "Deprecated; does nothing.", + .deprecated = true, }, { .id = 3003, .name = "rsync.retry.count", @@ -475,7 +476,7 @@ static const struct option_field options[] = { .name = "rsync.arguments-recursive", .type = >_string_array, .offset = offsetof(struct rpki_config, rsync.args.recursive), - .doc = "RSYNC program arguments that will trigger a recursive RSYNC", + .doc = "Deprecated; does nothing.", .availability = AVAILABILITY_JSON, /* Unlimited */ .max = 0, @@ -878,17 +879,7 @@ print_config(void) static void set_default_values(void) { - static char const *recursive_rsync_args[] = { - "--recursive", - "--delete", - "--times", - "--contimeout=20", - "--timeout=15", - "--max-size=20MB", - "$REMOTE", - "$LOCAL", - }; - + static char const *recursive_rsync_args[] = { "" }; static char const *flat_rsync_args[] = { "--times", "--contimeout=20", @@ -904,15 +895,6 @@ set_default_values(void) * duplicates. */ - string_array_init(&rpki_config.server.address, NULL, 0); - rpki_config.server.port = pstrdup("323"); - rpki_config.server.backlog = SOMAXCONN; - rpki_config.server.interval.validation = 3600; - rpki_config.server.interval.refresh = 3600; - rpki_config.server.interval.retry = 600; - rpki_config.server.interval.expire = 7200; - rpki_config.server.deltas_lifetime = 2; - rpki_config.tal = NULL; rpki_config.local_repository = pstrdup("/tmp/fort/repository"); rpki_config.shuffle_tal_uris = false; @@ -922,9 +904,18 @@ set_default_values(void) rpki_config.work_offline = false; rpki_config.daemon = false; + string_array_init(&rpki_config.server.address, NULL, 0); + rpki_config.server.port = pstrdup("323"); + rpki_config.server.backlog = SOMAXCONN; + rpki_config.server.interval.validation = 3600; + rpki_config.server.interval.refresh = 3600; + rpki_config.server.interval.retry = 600; + rpki_config.server.interval.expire = 7200; + rpki_config.server.deltas_lifetime = 2; + rpki_config.rsync.enabled = true; rpki_config.rsync.priority = 50; - rpki_config.rsync.strategy = RSYNC_ROOT_EXCEPT_TA; + rpki_config.rsync.strategy = pstrdup(""); rpki_config.rsync.retry.count = 1; rpki_config.rsync.retry.interval = 4; rpki_config.rsync.program = pstrdup("rsync"); @@ -933,8 +924,8 @@ set_default_values(void) string_array_init(&rpki_config.rsync.args.recursive, recursive_rsync_args, ARRAY_LEN(recursive_rsync_args)); - /* By default, has a higher priority than rsync */ rpki_config.http.enabled = true; + /* Higher priority than rsync by default */ rpki_config.http.priority = 60; rpki_config.http.retry.count = 1; rpki_config.http.retry.interval = 4; @@ -969,6 +960,7 @@ set_default_values(void) rpki_config.asn1_decode_max_stack = 4096; /* 4kB */ rpki_config.stale_repository_period = 43200; /* 12 hours */ rpki_config.init_tals = false; + rpki_config.init_tal0s = false; rpki_config.thread_pool.server.max = 20; rpki_config.thread_pool.validation.max = 5; @@ -1333,12 +1325,6 @@ config_get_rsync_priority(void) return rpki_config.rsync.priority; } -enum rsync_strategy -config_get_rsync_strategy(void) -{ - return rpki_config.rsync.strategy; -} - unsigned int config_get_rsync_retry_count(void) { @@ -1358,22 +1344,9 @@ config_get_rsync_program(void) } struct string_array const * -config_get_rsync_args(bool is_ta) -{ - switch (rpki_config.rsync.strategy) { - case RSYNC_ROOT: - return &rpki_config.rsync.args.recursive; - case RSYNC_ROOT_EXCEPT_TA: - return is_ta - ? &rpki_config.rsync.args.flat - : &rpki_config.rsync.args.recursive; - case RSYNC_STRICT: - return &rpki_config.rsync.args.flat; - default: - break; - } - - pr_crit("Invalid rsync strategy: '%u'", rpki_config.rsync.strategy); +config_get_rsync_args(void) +{ + return &rpki_config.rsync.args.flat; } bool diff --git a/src/config.h b/src/config.h index cfc4b933..66e34fae 100644 --- a/src/config.h +++ b/src/config.h @@ -8,7 +8,6 @@ #include "config/log_conf.h" #include "config/mode.h" #include "config/output_format.h" -#include "config/rsync_strategy.h" #include "config/string_array.h" #include "config/types.h" @@ -41,11 +40,10 @@ long config_get_http_max_file_size(void); char const *config_get_http_ca_path(void); bool config_get_rsync_enabled(void); unsigned int config_get_rsync_priority(void); -enum rsync_strategy config_get_rsync_strategy(void); unsigned int config_get_rsync_retry_count(void); unsigned int config_get_rsync_retry_interval(void); char *config_get_rsync_program(void); -struct string_array const *config_get_rsync_args(bool); +struct string_array const *config_get_rsync_args(void); bool config_get_http_enabled(void); unsigned int config_get_http_priority(void); unsigned int config_get_http_retry_count(void); diff --git a/src/config/rsync_strategy.c b/src/config/rsync_strategy.c deleted file mode 100644 index 8a58cf7b..00000000 --- a/src/config/rsync_strategy.c +++ /dev/null @@ -1,86 +0,0 @@ -#include "config/rsync_strategy.h" - -#include -#include -#include - -#include "config.h" -#include "log.h" -#include "config/str.h" - -#define RSYNC_VALUE_STRICT "strict" -#define RSYNC_VALUE_ROOT "root" -#define RSYNC_VALUE_ROOT_EXCEPT_TA "root-except-ta" - -#define DEREFERENCE(void_value) (*((enum rsync_strategy *) void_value)) - -#ifdef ENABLE_STRICT_STRATEGY -#define PRINT_STRICT_ARG_DOC "|" RSYNC_VALUE_STRICT -#define HANDLE_RSYNC_STRICT DEREFERENCE(result) = RSYNC_STRICT; -#else -#define PRINT_STRICT_ARG_DOC -#define HANDLE_RSYNC_STRICT \ - return pr_op_err("Unknown rsync synchronization strategy: '%s'. In order to use it, recompile using flag ENABLE_STRICT_STRATEGY.",\ - str); -#endif - -static void -print_rsync_strategy(struct option_field const *field, void *value) -{ - char const *str = ""; - - switch (DEREFERENCE(value)) { - case RSYNC_STRICT: - str = RSYNC_VALUE_STRICT; - break; - case RSYNC_ROOT: - str = RSYNC_VALUE_ROOT; - break; - case RSYNC_ROOT_EXCEPT_TA: - str = RSYNC_VALUE_ROOT_EXCEPT_TA; - break; - default: - break; - } - - pr_op_info("%s: %s", field->name, str); -} - -static int -parse_argv_rsync_strategy(struct option_field const *field, char const *str, - void *result) -{ - if (strcmp(str, RSYNC_VALUE_STRICT) == 0) - HANDLE_RSYNC_STRICT - else if (strcmp(str, RSYNC_VALUE_ROOT) == 0) - DEREFERENCE(result) = RSYNC_ROOT; - else if (strcmp(str, RSYNC_VALUE_ROOT_EXCEPT_TA) == 0) - DEREFERENCE(result) = RSYNC_ROOT_EXCEPT_TA; - else - return pr_op_err("Unknown rsync synchronization strategy: '%s'", - str); - - return 0; -} - -static int -parse_json_rsync_strategy(struct option_field const *opt, struct json_t *json, - void *result) -{ - char const *string; - int error; - - error = parse_json_string(json, opt->name, &string); - return error ? error : parse_argv_rsync_strategy(opt, string, result); -} - -const struct global_type gt_rsync_strategy = { - .has_arg = required_argument, - .size = sizeof(enum rsync_strategy), - .print = print_rsync_strategy, - .parse.argv = parse_argv_rsync_strategy, - .parse.json = parse_json_rsync_strategy, - .arg_doc = RSYNC_VALUE_ROOT - "|" RSYNC_VALUE_ROOT_EXCEPT_TA - PRINT_STRICT_ARG_DOC, -}; diff --git a/src/config/rsync_strategy.h b/src/config/rsync_strategy.h deleted file mode 100644 index e3f90376..00000000 --- a/src/config/rsync_strategy.h +++ /dev/null @@ -1,57 +0,0 @@ -#ifndef SRC_CONFIG_RSYNC_STRATEGY_H_ -#define SRC_CONFIG_RSYNC_STRATEGY_H_ - -#include "config/types.h" - -enum rsync_strategy { - /** - * Strictly correct download strategy. - * - * The validator will sync each repository publication point separately - * as requested by each caRepository contained in the CA certificates' - * SIA extensions. - * - * No risk of downloading unneeded files, but otherwise slow, as every - * different repository publication point requires a separate sync call. - * - * In order to enable this strategy, compile using the flag: - * ENABLE_STRICT_STRATEGY - */ - RSYNC_STRICT, - /** - * Always download the likely root of the entire repository. - * - * For example, if we get the following caRepositories: - * - * - `rsync://a.b.c/d/e/f/g/h/i` - * - `rsync://a.b.c/d/e/f/g/h/j` - * - `rsync://a.b.c/d/e/f/k` - * - * This strategy will synchronize `rsync://a.b.c/d` while parsing the - * first caRepository, and then skip synchronization during the second - * and third ones. (Because they are already downloaded.) - * - * This strategy risks downloading unneeded files, and even failing due - * to lack of read permissions on stray subdirectories. On the flip - * side, if the repository holds no unnecessary subdirectories, then - * this strategy is the fastest one, since it generally only requires - * one sync call per domain, which often translates into one sync call - * per validation cycle. - * - * Currently, all of the official repositories are actually specifically - * structured to benefit this strategy. - */ - RSYNC_ROOT, - /** - * Same as SYNC_ROOT, except the root certificate is synchronized - * separately. - * (Either because it's in a separate directory, or because we don't - * want to download its entire repository until we've verified its - * legitimacy and integrity.) - */ - RSYNC_ROOT_EXCEPT_TA, -}; - -extern const struct global_type gt_rsync_strategy; - -#endif /* SRC_CONFIG_RSYNC_STRATEGY_H_ */ diff --git a/src/object/certificate.c b/src/object/certificate.c index 411f6e64..b315464d 100644 --- a/src/object/certificate.c +++ b/src/object/certificate.c @@ -1930,7 +1930,7 @@ exec_rsync_method(struct sia_ca_uris *sia_uris) { int error; - error = rsync_download_files(sia_uris->caRepository.uri, false, false); + error = rsync_download_files(sia_uris->caRepository.uri, false); if (error) return error; @@ -2201,7 +2201,7 @@ certificate_traverse(struct rpp *rpp_parent, struct rpki_uri *cert_uri) */ pr_val_info("Retrying repository download to discard 'transient inconsistency' manifest issue (see RFC 6481 section 5) '%s'", uri_val_get_printable(sia_uris.caRepository.uri)); - error = rsync_download_files(sia_uris.caRepository.uri, false, true); + error = rsync_download_files(sia_uris.caRepository.uri, true); if (error) break; diff --git a/src/object/tal.c b/src/object/tal.c index 292d3fd1..c82b417c 100644 --- a/src/object/tal.c +++ b/src/object/tal.c @@ -499,7 +499,7 @@ handle_tal_uri(struct tal *tal, struct rpki_uri *uri, void *arg) validation_destroy(state); return 0; /* Try some other TAL URI */ } - error = rsync_download_files(uri, true, false); + error = rsync_download_files(uri, false); } else /* HTTPS */ { if (!config_get_http_enabled()) { validation_destroy(state); diff --git a/src/rsync/rsync.c b/src/rsync/rsync.c index 9380291a..0cfdcaa5 100644 --- a/src/rsync/rsync.c +++ b/src/rsync/rsync.c @@ -13,7 +13,6 @@ #include "common.h" #include "config.h" #include "log.h" -#include "str_token.h" #include "thread_var.h" struct uri { @@ -51,35 +50,6 @@ rsync_destroy(struct uri_list *list) free(list); } -/* - * Returns true if @ancestor an ancestor of @descendant, or @descendant itself. - * Returns false otherwise. - */ -static bool -is_descendant(struct rpki_uri *ancestor, struct rpki_uri *descendant) -{ - struct string_tokenizer ancestor_tokenizer; - struct string_tokenizer descendant_tokenizer; - - string_tokenizer_init(&ancestor_tokenizer, uri_get_global(ancestor), - uri_get_global_len(ancestor), '/'); - string_tokenizer_init(&descendant_tokenizer, uri_get_global(descendant), - uri_get_global_len(descendant), '/'); - - if (config_get_rsync_strategy() == RSYNC_STRICT) - return strcmp(uri_get_global(ancestor), - uri_get_global(descendant)) == 0; - - do { - if (!string_tokenizer_next(&ancestor_tokenizer)) - return true; - if (!string_tokenizer_next(&descendant_tokenizer)) - return false; - if (!token_equals(&ancestor_tokenizer, &descendant_tokenizer)) - return false; - } while (true); -} - /* * Returns whether @uri has already been rsync'd during the current validation * run. @@ -91,7 +61,7 @@ is_already_downloaded(struct rpki_uri *uri, struct uri_list *visited_uris) /* TODO (next iteration) this is begging for a hash set. */ SLIST_FOREACH(cursor, visited_uris, next) - if (is_descendant(cursor->uri, uri)) + if (uri_equals(cursor->uri, uri)) return true; return false; @@ -109,58 +79,6 @@ mark_as_downloaded(struct rpki_uri *uri, struct uri_list *visited_uris) SLIST_INSERT_HEAD(visited_uris, node, next); } -static int -handle_strict_strategy(struct rpki_uri *requested_uri, - struct rpki_uri **rsync_uri) -{ - *rsync_uri = requested_uri; - uri_refget(requested_uri); - return 0; -} - -static int -handle_root_strategy(struct rpki_uri *src, struct rpki_uri **dst) -{ - char const *global; - size_t global_len; - unsigned int slashes; - size_t i; - - global = uri_get_global(src); - global_len = uri_get_global_len(src); - slashes = 0; - - for (i = 0; i < global_len; i++) { - if (global[i] == '/') { - slashes++; - if (slashes == 4) - return uri_create_rsync_str(dst, global, i); - } - } - - *dst = src; - uri_refget(src); - return 0; -} - -static int -get_rsync_uri(struct rpki_uri *requested_uri, bool is_ta, - struct rpki_uri **rsync_uri) -{ - switch (config_get_rsync_strategy()) { - case RSYNC_ROOT: - return handle_root_strategy(requested_uri, rsync_uri); - case RSYNC_ROOT_EXCEPT_TA: - return is_ta - ? handle_strict_strategy(requested_uri, rsync_uri) - : handle_root_strategy(requested_uri, rsync_uri); - case RSYNC_STRICT: - return handle_strict_strategy(requested_uri, rsync_uri); - } - - pr_crit("Invalid rsync strategy: %u", config_get_rsync_strategy()); -} - /* * Duplicate parent FDs, to pipe rsync output: * - fds[0] = stderr @@ -193,13 +111,13 @@ release_args(char **args, unsigned int size) } static void -prepare_rsync(struct rpki_uri *uri, bool is_ta, char ***args, size_t *args_len) +prepare_rsync(struct rpki_uri *uri, char ***args, size_t *args_len) { struct string_array const *config_args; char **copy_args; unsigned int i; - config_args = config_get_rsync_args(is_ta); + config_args = config_get_rsync_args(); /* * We need to work on a copy, because the config args are immutable, * and we need to add the program name (for some reason) and NULL @@ -356,7 +274,7 @@ read_pipes(int fds[2][2]) * Downloads the @uri->global file into the @uri->local path. */ static int -do_rsync(struct rpki_uri *uri, bool is_ta) +do_rsync(struct rpki_uri *uri) { /* Descriptors to pipe stderr (first element) and stdout (second) */ char **args; @@ -371,7 +289,7 @@ do_rsync(struct rpki_uri *uri, bool is_ta) /* Prepare everything for the child exec */ args = NULL; args_len = 0; - prepare_rsync(uri, is_ta, &args, &args_len); + prepare_rsync(uri, &args, &args_len); pr_val_info("rsync: %s", uri_get_global(uri)); if (log_val_enabled(LOG_DEBUG)) { @@ -493,25 +411,11 @@ release_args: return error; } -/** - * @is_ta: Are we rsync'ing the TA? - * The TA rsync will not be recursive, and will force SYNC_STRICT - * (unless the strategy has been set to SYNC_OFF.) - * Why? Because we should probably not trust the repository until we've - * validated the TA's public key. - */ int -rsync_download_files(struct rpki_uri *requested_uri, bool is_ta, bool force) +rsync_download_files(struct rpki_uri *uri, bool force) { - /** - * Note: - * @requested_uri is the URI we were asked to RSYNC. - * @rsync_uri is the URL we're actually going to RSYNC. - * (They can differ, depending on config_get_rsync_strategy().) - */ struct validation *state; struct uri_list *visited_uris; - struct rpki_uri *rsync_uri; int error; if (!config_get_rsync_enabled()) @@ -520,34 +424,26 @@ rsync_download_files(struct rpki_uri *requested_uri, bool is_ta, bool force) state = state_retrieve(); visited_uris = validation_rsync_visited_uris(state); - if (!force && is_already_downloaded(requested_uri, visited_uris)) { + if (!force && is_already_downloaded(uri, visited_uris)) { pr_val_debug("No need to redownload '%s'.", - uri_val_get_printable(requested_uri)); + uri_val_get_printable(uri)); return 0; } - error = force - ? handle_strict_strategy(requested_uri, &rsync_uri) - : get_rsync_uri(requested_uri, is_ta, &rsync_uri); - if (error) - return error; - - pr_val_debug("Going to RSYNC '%s'.", uri_val_get_printable(rsync_uri)); + pr_val_debug("Going to RSYNC '%s'.", uri_val_get_printable(uri)); - error = do_rsync(rsync_uri, is_ta); - switch(error) { + error = do_rsync(uri); + switch (error) { case 0: /* Don't store when "force" and if its already downloaded */ - if (!(force && is_already_downloaded(rsync_uri, visited_uris))) - mark_as_downloaded(rsync_uri, visited_uris); + if (!(force && is_already_downloaded(uri, visited_uris))) + mark_as_downloaded(uri, visited_uris); break; case EREQFAILED: - mark_as_downloaded(rsync_uri, visited_uris); - error = EREQFAILED; /* Return the original error */ + mark_as_downloaded(uri, visited_uris); break; } - uri_refput(rsync_uri); return error; } diff --git a/src/rsync/rsync.h b/src/rsync/rsync.h index bb715bd3..8f1cbcd3 100644 --- a/src/rsync/rsync.h +++ b/src/rsync/rsync.h @@ -6,7 +6,7 @@ struct uri_list; -int rsync_download_files(struct rpki_uri *, bool, bool); +int rsync_download_files(struct rpki_uri *, bool); struct uri_list *rsync_create(void); void rsync_destroy(struct uri_list *); diff --git a/test/mock.c b/test/mock.c index d48da724..73e5e8b7 100644 --- a/test/mock.c +++ b/test/mock.c @@ -102,8 +102,6 @@ MOCK(config_get_local_repository, char const *, "repository/", void) MOCK_FALSE(config_get_shuffle_tal_uris, void) MOCK(config_get_mode, enum mode, STANDALONE, void) MOCK_TRUE(config_get_rsync_enabled, void) -MOCK(config_get_rsync_strategy, enum rsync_strategy, RSYNC_ROOT, void) -MOCK_ABORT_PTR(config_get_rsync_args, string_array const, bool t) MOCK_NULL(config_get_output_roa, char const *, void) MOCK_NULL(config_get_output_bgpsec, char const *, void) MOCK_UINT(config_get_thread_pool_validation_max, 10, void) diff --git a/test/rsync_test.c b/test/rsync_test.c index 9410d190..dba230f2 100644 --- a/test/rsync_test.c +++ b/test/rsync_test.c @@ -16,43 +16,6 @@ MOCK_ABORT_PTR(validation_rsync_visited_uris, uri_list, struct validation *s) /* Tests */ -static void -assert_descendant(bool expected, char *ancestor, char *descendant) -{ - struct rpki_uri *ancestor_uri; - struct rpki_uri *descendant_uri; - - ck_assert_int_eq(0, uri_create_rsync_str(&ancestor_uri, ancestor, - strlen(ancestor))); - ck_assert_int_eq(0, uri_create_rsync_str(&descendant_uri, descendant, - strlen(descendant))); - - ck_assert_int_eq(is_descendant(ancestor_uri, descendant_uri), expected); - - uri_refput(ancestor_uri); - uri_refput(descendant_uri); -} - -START_TEST(rsync_test_prefix_equals) -{ - char *ancestor; - - ancestor = "rsync://a/b/c"; - assert_descendant(true, ancestor, "rsync://a/b/c"); - assert_descendant(false, ancestor, "rsync://a/b/"); - assert_descendant(true, ancestor, "rsync://a/b/c/c"); - assert_descendant(false, ancestor, "rsync://a/b/cc"); - assert_descendant(false, ancestor, "rsync://a/b/cc/"); - - ancestor = "rsync://a/b/c/"; - assert_descendant(true, ancestor, "rsync://a/b/c"); - assert_descendant(false, ancestor, "rsync://a/b/"); - assert_descendant(true, ancestor, "rsync://a/b/c/c"); - assert_descendant(false, ancestor, "rsync://a/b/cc"); - assert_descendant(false, ancestor, "rsync://a/b/cc/"); -} -END_TEST - static void __mark_as_downloaded(char *uri_str, struct uri_list *visited_uris) { @@ -88,69 +51,30 @@ START_TEST(rsync_test_list) assert_downloaded("rsync://example.foo/repository/", visited_uris, true); assert_downloaded("rsync://example.foo/repository/abc/cdfg", - visited_uris, true); + visited_uris, false); assert_downloaded("rsync://example.foo/member_repository/bca", - visited_uris, true); + visited_uris, false); assert_downloaded("rsync://example.boo/repository/", visited_uris, false); assert_downloaded("rsync://example.potato/repository/", visited_uris, false); assert_downloaded("rsync://example.potato/rpki/abc/", visited_uris, - true); + false); rsync_destroy(visited_uris); } END_TEST -static void -test_root_strategy(char *test, char *expected) -{ - struct rpki_uri *src; - struct rpki_uri *dst; - - ck_assert_int_eq(0, uri_create_rsync_str(&src, test, strlen(test))); - ck_assert_int_eq(handle_root_strategy(src, &dst), 0); - ck_assert_str_eq(uri_get_global(dst), expected); - - uri_refput(src); - uri_refput(dst); -} - -START_TEST(rsync_test_get_prefix) -{ - test_root_strategy("rsync://www.example1.com/test/foo/", - "rsync://www.example1.com/test"); - test_root_strategy("rsync://www.example1.com/test/foo/bar", - "rsync://www.example1.com/test"); - test_root_strategy("rsync://www.example1.com/test/", - "rsync://www.example1.com/test"); - test_root_strategy("rsync://www.example1.com/test", - "rsync://www.example1.com/test"); - test_root_strategy("rsync://www.example1.com", - "rsync://www.example1.com"); - test_root_strategy("rsync://w", "rsync://w"); - test_root_strategy("rsync://", "rsync://"); -} -END_TEST - Suite *rsync_load_suite(void) { Suite *suite; - TCase *prefix_equals, *uri_list, *test_get_prefix; - - prefix_equals = tcase_create("PrefixEquals"); - tcase_add_test(prefix_equals, rsync_test_prefix_equals); + TCase *uri_list; uri_list = tcase_create("uriList"); tcase_add_test(uri_list, rsync_test_list); - test_get_prefix = tcase_create("test_get_prefix"); - tcase_add_test(test_get_prefix, rsync_test_get_prefix); - suite = suite_create("rsync_test()"); - suite_add_tcase(suite, prefix_equals); suite_add_tcase(suite, uri_list); - suite_add_tcase(suite, test_get_prefix); return suite; }