From: Alberto Leiva Popper Date: Mon, 8 Nov 2021 18:23:00 +0000 (-0600) Subject: RRDP: Add DEBUG_RRDP X-Git-Tag: 1.5.3~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c064564ccbb92e27605b706140ae5185163ef46d;p=thirdparty%2FFORT-validator.git RRDP: Add DEBUG_RRDP I had a lot of trouble debugging N. The problem was that RRDP files are not cached, so it wasn't possible to debug the snapshot parser in offline mode. So I added DEBUG_RRDP. It forces RRDP file caching. Not meant to be enabled in production. --- diff --git a/src/common.c b/src/common.c index 918e4117..a57b5f7d 100644 --- a/src/common.c +++ b/src/common.c @@ -312,6 +312,11 @@ delete_dir_recursive_bottom_up(char const *path) size_t config_len; int error; +#ifdef DEBUG_RRDP + /* Dev will likely need this file in the next offline run. */ + return 0; +#endif + error = remove_file(path); if (error) return error; diff --git a/src/delete_dir_daemon.c b/src/delete_dir_daemon.c index 0aebaa41..76478d3c 100644 --- a/src/delete_dir_daemon.c +++ b/src/delete_dir_daemon.c @@ -25,19 +25,30 @@ static int remove_file(char const *location) { pr_op_debug("Trying to remove file '%s'.", location); - if (remove(location)) - return pr_op_errno(errno, "Couldn't delete file '%s'", location); + +#ifdef DEBUG_RRDP + /* Dev will likely need this file in the next offline run. */ return 0; +#endif + + return remove(location) + ? pr_op_errno(errno, "Couldn't delete file '%s'", location) + : 0; } static int remove_dir(char const *location) { pr_op_debug("Trying to remove dir '%s'.", location); - if (rmdir(location)) - return pr_op_errno(errno, "Couldn't delete directory '%s'", - location); + +#ifdef DEBUG_RRDP + /* Dev will likely need this directory in the next offline run. */ return 0; +#endif + + return rmdir(location) + ? pr_op_errno(errno, "Couldn't delete directory '%s'", location) + : 0; } static int diff --git a/src/rrdp/rrdp_loader.c b/src/rrdp/rrdp_loader.c index ea68709c..f7d82772 100644 --- a/src/rrdp/rrdp_loader.c +++ b/src/rrdp/rrdp_loader.c @@ -109,6 +109,15 @@ process_diff_session(struct update_notification *notification, return process_snapshot(notification, log_operation, visited); } +/* + * Downloads the Update Notification pointed by @uri, and updates the cache + * accordingly. + * + * "Updates the cache accordingly" means it downloads the missing deltas or + * snapshot, and explodes them into the corresponding RPP's local directory. + * Calling code can then access the files, just as if they had been downloaded + * via rsync. + */ static int __rrdp_load(struct rpki_uri *uri, bool force_snapshot, bool *data_updated) { @@ -121,10 +130,40 @@ __rrdp_load(struct rpki_uri *uri, bool force_snapshot, bool *data_updated) (*data_updated) = false; +#ifndef DEBUG_RRDP + /* + * In normal mode (DEBUG_RRDP disabled), RRDP files (notifications, + * snapshots and deltas) are not cached. + * I think it was implemented this way to prevent the cache from growing + * indefinitely. (Because otherwise Fort would lose track of RRDP files + * from disappearing CAs. RRDP files are designed to be relevant on + * single validation runs anyway.) + * Note that __rrdp_load() includes the RRDP file explosion. Exploded + * files (manifests, certificates, ROAs and ghostbusters) are cached as + * usual. + * + * Therefore, in normal offline mode, the entirety of __rrdp_load() + * needs to be skipped because it would otherwise error out while + * attempting to access the nonexistent RRDP files. + * + * But if you need to debug RRDP files specifically, their persistent + * deletions will force you to debug them in online mode. + * + * That's why DEBUG_RRDP exists. When it's enabled, RRDP files will not + * be deleted, and config_get_http_enabled() will kick off during + * __http_download_file(). This will allow you to reach the RRDP file + * parsing code in offline mode. + * + * I know this is somewhat convoluted, but I haven't found a more + * elegant way to do it. + * + * Simple enable example: `make FORT_FLAGS=-DDEBUG_RRDP` + */ if (!config_get_http_enabled()) { (*data_updated) = true; return 0; } +#endif /* Avoid multiple requests on the same run */ requested = RRDP_URI_REQ_UNVISITED;