#include "asn1/asn1c/ber_decoder.h"
#include "log.h"
-#define COND_LOG(log, pr) (log ? pr : -EINVAL)
-
/* Decoded BER data */
struct ber_data {
const unsigned char *src;
static int
validate(asn_TYPE_descriptor_t const *descriptor, void *result, bool log)
{
- char error_msg[256];
- size_t error_msg_size;
- int error;
+ char errmsg[256];
+ size_t errlen;
/* The lib's inbuilt validations. (Probably not much.) */
- error_msg_size = sizeof(error_msg);
- error = asn_check_constraints(descriptor, result, error_msg,
- &error_msg_size);
- if (error == -1)
- return COND_LOG(log,
- pr_val_err("Error validating ASN.1 object: %s", error_msg));
+ errlen = sizeof(errmsg);
+ if (asn_check_constraints(descriptor, result, errmsg, &errlen) < 0) {
+ if (log)
+ pr_val_err("Error validating ASN.1 object: %s", errmsg);
+ return EINVAL;
+ }
return 0;
}
/* Must free partial object according to API contracts. */
ASN_STRUCT_FREE(*descriptor, *result);
/* We expect the data to be complete; RC_WMORE is an error. */
- return COND_LOG(log,
- pr_val_err("Error '%u' decoding ASN.1 object around byte %zu",
- rval.code, rval.consumed));
+ if (log)
+ pr_val_err("Error '%u' decoding ASN.1 object around byte %zu",
+ rval.code, rval.consumed);
+ return EINVAL;
}
error = validate(descriptor, *result, log);
asn1_decode_fc(struct file_contents *fc,
asn_TYPE_descriptor_t const *descriptor, void **result, bool log)
{
- return asn1_decode(fc->buffer, fc->buffer_size, descriptor, result, log);
+ return asn1_decode(fc->buf, fc->buflen, descriptor, result, log);
}
if (count < 0) {
pr_val_err("OBJECT_IDENTIFIER_get_arcs() returned %zd.", count);
free(result->arcs);
- return count;
+ return EINVAL;
}
result->count = count;
pr_val_err("OBJECT_IDENTIFIER_get_arcs() returned %zd. (expected %zd)",
count2, count);
free(result->arcs);
- return -EINVAL;
+ return EINVAL;
}
}
pr_val_err("The content's hash does not match the Message-Digest Attribute.");
ASN_STRUCT_FREE(asn_DEF_MessageDigest, digest);
- return error;
+ return abs(error);
}
static int
illegal_attrType:
free_arcs(&attrType);
- return -EINVAL;
+ return EINVAL;
}
int
}
}
- return -EINVAL;
+ return EINVAL;
}
enum node_state state;
/* Result code of recent dl attempt (DLS_FRESH only) */
- int dlerr;
+ validation_verdict verdict;
time_t attempt_ts; /* Refresh: Dl attempt. Fallback: Unused */
time_t success_ts; /* Refresh: Dl success. Fallback: Commit */
UT_hash_handle hh; /* Hash table hook */
};
-typedef int (*dl_cb)(struct cache_node *rpp);
+typedef validation_verdict (*dl_cb)(struct cache_node *rpp);
/*
* When concurrency is at play, you need @lock to access @nodes and @seq.
goto fail;
if (json_add_str(json, "path", node->path))
goto fail;
- if (node->dlerr && json_add_int(json, "error", node->dlerr))
+ if (node->verdict && json_add_str(json, "error", node->verdict))
goto fail;
if (node->attempt_ts && json_add_ts(json, "attempt", node->attempt_ts))
goto fail;
return NULL;
}
-static int dl_rsync(struct cache_node *);
-static int dl_http(struct cache_node *);
-static int dl_rrdp(struct cache_node *);
+static validation_verdict dl_rsync(struct cache_node *);
+static validation_verdict dl_http(struct cache_node *);
+static validation_verdict dl_rrdp(struct cache_node *);
static void
init_table(struct cache_table *tbl, char *name, bool enabled, dl_cb dl)
}
error = json_get_ts(json, "mftUpdate", &node->mft.update);
- if (error < 0) {
+ if (error != 0 && error != ENOENT) {
pr_op_debug("mftUpdate: %s", strerror(error));
goto mft;
}
return error;
}
-static int
+static validation_verdict
dl_rsync(struct cache_node *module)
{
int error;
error = rsync_queue(&module->key.rsync, module->path);
- return error ? error : EBUSY;
+ return error ? VV_FAIL : VV_BUSY;
}
-static int
+static validation_verdict
dl_rrdp(struct cache_node *notif)
{
bool changed;
- int error;
-
- error = rrdp_update(¬if->key.http, notif->path, notif->success_ts,
- &changed, ¬if->rrdp);
- if (error)
- return error;
+ if (rrdp_update(¬if->key.http, notif->path, notif->success_ts,
+ &changed, ¬if->rrdp))
+ return VV_FAIL;
if (changed)
notif->success_ts = notif->attempt_ts;
- return 0;
+ return VV_CONTINUE;
}
-static int
+static validation_verdict
dl_http(struct cache_node *file)
{
bool changed;
- int error;
-
- error = http_download(&file->key.http, file->path,
- file->success_ts, &changed);
- if (error)
- return error;
+ if (http_download(&file->key.http, file->path, file->success_ts,
+ &changed))
+ return VV_FAIL;
if (changed)
file->success_ts = file->attempt_ts;
- return 0;
+ return VV_CONTINUE;
}
/* Caller must lock @tbl->lock */
* By contract, only sets @result on return 0.
* By contract, @result->state will be DLS_FRESH on return 0.
*/
-static int
+static validation_verdict
do_refresh(struct cache_table *tbl, struct uri const *uri,
struct cache_node **result)
{
if (!tbl->enabled) {
pr_val_debug("Protocol disabled.");
- return ESRCH;
+ return VV_FAIL;
}
if (tbl == &cache.rsync) {
if (!get_rsync_module(uri, &module))
- return EINVAL;
+ return VV_FAIL;
mutex_lock(&tbl->lock);
node = provide_node(tbl, NULL, &module);
} else {
}
if (!node) {
mutex_unlock(&tbl->lock);
- return EINVAL;
+ return VV_FAIL;
}
/*
node->attempt_ts = time_fatal();
rm_metadata(node);
- node->dlerr = tbl->download(node);
- if (node->dlerr == EBUSY)
+ node->verdict = tbl->download(node);
+ if (node->verdict == VV_BUSY)
goto ongoing;
write_metadata(node);
downloaded = true;
case DLS_ONGOING:
ongoing: mutex_unlock(&tbl->lock);
pr_val_debug("Refresh ongoing.");
- return EBUSY;
+ return VV_BUSY;
case DLS_FRESH:
break;
default:
if (downloaded) /* Kickstart tasks that fell into DLS_ONGOING */
task_wakeup_dormants();
- if (node->dlerr != 0) {
+ if (node->verdict == VV_FAIL) {
pr_val_debug("Refresh failed.");
- return node->dlerr;
+ return VV_FAIL;
}
pr_val_debug("Refresh succeeded.");
*result = node;
- return 0;
+ return VV_CONTINUE;
}
static struct cache_node *
* Attempts to refresh the RPP described by @sias, returns the resulting
* repository's mapper.
*
- * XXX Need to normalize the sias.
* XXX Fallback only if parent is fallback
*/
-int
+validation_verdict
cache_refresh_by_sias(struct sia_uris *sias, struct cache_cage **result)
{
struct cache_node *node;
struct cache_cage *cage;
struct uri rpkiNotify;
+ validation_verdict vv;
// XXX Make sure somewhere validates rpkiManifest matches caRepository.
// XXX review result signs
/* Try RRDP + optional fallback */
if (uri_str(&sias->rpkiNotify) != NULL) {
- switch (do_refresh(&cache.rrdp, &sias->rpkiNotify, &node)) {
- case 0:
+ vv = do_refresh(&cache.rrdp, &sias->rpkiNotify, &node);
+ if (vv == VV_CONTINUE) {
rpkiNotify = sias->rpkiNotify;
goto refresh_success;
- case EBUSY:
- return EBUSY;
}
+ if (vv == VV_BUSY)
+ return VV_BUSY;
}
/* Try rsync + optional fallback */
- switch (do_refresh(&cache.rsync, &sias->caRepository, &node)) {
- case 0:
+ vv = do_refresh(&cache.rsync, &sias->caRepository, &node);
+ if (vv == VV_CONTINUE) {
memset(&rpkiNotify, 0, sizeof(rpkiNotify));
goto refresh_success;
- case EBUSY:
- return EBUSY;
}
+ if (vv == VV_BUSY)
+ return VV_BUSY;
/* Try fallback only */
node = get_fallback(sias);
if (!node)
- return EINVAL; /* Nothing to work with */
+ return VV_FAIL; /* Nothing to work with */
*result = cage = pzalloc(sizeof(struct cache_cage));
cage->fallback = node;
- return 0;
+ return VV_CONTINUE;
refresh_success:
*result = cage = pzalloc(sizeof(struct cache_cage));
cage->rpkiNotify = rpkiNotify;
cage->refresh = node;
cage->fallback = get_fallback(sias);
- return 0;
+ return VV_CONTINUE;
}
static char const *
uri_str(url), path);
node->state = DLS_FRESH;
- node->dlerr = 0;
+ node->verdict = VV_CONTINUE;
node->success_ts = node->attempt_ts;
mutex_unlock(&cache.rsync.lock);
printf("downloading ");
break;
case DLS_FRESH:
- printf("fresh (errcode %d) ", node->dlerr);
+ printf("fresh (%s) ", node->verdict);
break;
}
#define SRC_CACHE_LOCAL_CACHE_H_
#include <stdbool.h>
+#include "common.h"
#include "types/map.h"
#include "types/rpp.h"
#include "types/uri.h"
char *cache_get_fallback(struct uri const *);
struct cache_cage;
-int cache_refresh_by_sias(struct sia_uris *, struct cache_cage **);
+validation_verdict cache_refresh_by_sias(struct sia_uris *,
+ struct cache_cage **);
char const *cage_map_file(struct cache_cage *, struct uri const *);
bool cage_disable_refresh(struct cache_cage *);
struct mft_meta const *cage_mft_fallback(struct cache_cage *);
#include "config.h"
#include "log.h"
+validation_verdict const VV_CONTINUE = "Continue";
+validation_verdict const VV_FAIL = "Failure";
+validation_verdict const VV_BUSY = "Busy";
+
bool
str_starts_with(char const *str, char const *prefix)
{
panic_on_fail(int error, char const *function_name)
{
if (error)
- pr_crit("%s() returned error code %d. "
- "This is too critical for a graceful recovery; "
- "I must die now.",
- function_name, error);
+ pr_crit("%s() returned '%s'. "
+ "This is too critical for a recovery; I must die now.",
+ function_name, strerror(error));
}
void
return error;
}
- /*
- * EINVAL, EDEADLK and unknown nonstandard error codes.
- * EINVAL, EDEADLK indicate serious programming errors. And it's
- * probably safest to handle the rest the same.
- * pthread_rwlock_rdlock() failing like this is akin to `if` failing;
- * we're screwed badly, so let's just pull the trigger.
- */
- pr_crit("pthread_rwlock_rdlock() returned error code %d. This is too critical for a graceful recovery; I must die now.",
- error);
+ pr_crit("pthread_rwlock_rdlock() returned '%s'. "
+ "This is too critical for a recovery; I must die now.",
+ strerror(error));
return EINVAL; /* Warning shutupper */
}
*/
error = pthread_rwlock_wrlock(lock);
if (error)
- pr_crit("pthread_rwlock_wrlock() returned error code %d. This is too critical for a graceful recovery; I must die now.",
- error);
+ pr_crit("pthread_rwlock_wrlock() returned '%s'. "
+ "This is too critical for a recovery; I must die now.",
+ strerror(error));
}
void
*/
error = pthread_rwlock_unlock(lock);
if (error)
- pr_crit("pthread_rwlock_unlock() returned error code %d. This is too critical for a graceful recovery; I must die now.",
- error);
+ pr_crit("pthread_rwlock_unlock() returned '%s'. "
+ "This is too critical for a recovery; I must die now.",
+ strerror(error));
}
static int
pr_op_err("Error getting real path for file '%s' at directory '%s': %s",
dir_name, file_name, strerror(error));
free(tmp);
- return -error;
+ return error;
}
error = cb(fullpath, arg);
dir_loc = opendir(location);
if (dir_loc == NULL) {
- error = -errno;
- pr_op_err_st("Couldn't open directory '%s': %s", location,
- strerror(-error));
+ error = errno;
+ pr_op_err_st("Couldn't open directory '%s': %s",
+ location, strerror(error));
goto end;
}
}
if (errno) {
pr_op_err_st("Error reading dir %s", location);
- error = -errno;
+ error = errno;
}
if (!error && found == 0)
error = (empty_err ?
/* "I haven't implemented this yet." */
#define ENOTIMPLEMENTED 3173
-/*
- * If you're wondering why I'm not using -abs(error), it's because abs(INT_MIN)
- * overflows, so gcc complains sometimes.
- *
- * BE CAREFUL ABOUT DOUBLE EVALUATION.
- */
-#define ENSURE_NEGATIVE(error) (((error) < 0) ? (error) : -(error))
+typedef char const *validation_verdict;
+extern validation_verdict const VV_CONTINUE;
+extern validation_verdict const VV_FAIL;
+extern validation_verdict const VV_BUSY;
bool str_starts_with(char const *, char const *);
bool str_ends_with(char const *, char const *);
}
pr_op_err("Unrecognized option: %d", opt);
- return -ESRCH;
+ return ESRCH;
}
static int
error = time2str(tt, str);
if (error)
- pr_crit("time2str: %d", error);
+ pr_crit("time2str: %s", strerror(error));
pr_op_info("%s: %s", field->name, str);
}
error = errno;
if (error || *tmp != '\0') {
if (!error)
- error = -EINVAL;
+ error = EINVAL;
pr_op_err("Value '%s' at '%s' is not an unsigned integer: %s",
- str, field->name, strerror(abs(error)));
+ str, field->name, strerror(error));
return error;
}
hash_name);
}
- return error;
+ return abs(error);
}
int
if (error)
return error;
- fc->buffer_size = stat.st_size;
- fc->buffer = pmalloc(fc->buffer_size + !is_binary);
+ fc->buflen = stat.st_size;
+ fc->buf = pmalloc(fc->buflen + !is_binary);
if (!is_binary)
- fc->buffer[stat.st_size] = '\0';
+ fc->buf[stat.st_size] = '\0';
- fread_result = fread(fc->buffer, 1, fc->buffer_size, file);
- if (fread_result < fc->buffer_size) {
+ fread_result = fread(fc->buf, 1, fc->buflen, file);
+ if (fread_result < fc->buflen) {
error = ferror(file);
if (error) {
/*
*/
pr_val_err("File reading error. The error message is (possibly) '%s'",
strerror(error));
- free(fc->buffer);
+ free(fc->buf);
goto end;
}
* "consumed everything", "EOF reached" or error.
*/
pr_op_err_st("Likely programming error: fread() < file size (fr:%zu bs:%zu EOF:%d)",
- fread_result, fc->buffer_size, feof(file));
- free(fc->buffer);
- error = -EINVAL;
+ fread_result, fc->buflen, feof(file));
+ free(fc->buf);
+ error = EINVAL;
goto end;
}
void
file_free(struct file_contents *fc)
{
- free(fc->buffer);
+ free(fc->buf);
}
/* Wrapper for stat(), mostly for the sake of unit test mocking. */
* Instances of this struct are expected to live on the stack.
*/
struct file_contents {
- unsigned char *buffer;
- size_t buffer_size;
+ unsigned char *buf;
+ size_t buflen;
};
int file_open(char const *, FILE **, struct stat *);
error = hash_buffer(algorithm, data, data_len, actual);
if (error)
- return error;
+ return -error;
if (expected_len != algorithm->size)
return EINVAL;
result = curl_easy_setopt(curl, opt, value);
if (result != CURLE_OK) {
- fprintf(stderr, "curl_easy_setopt(%d, %s) returned %d: %s\n",
- opt, value, result, curl_easy_strerror(result));
+ fprintf(stderr, "curl_easy_setopt(%d, %s) failure: %s\n",
+ opt, value, curl_easy_strerror(result));
}
}
result = curl_easy_setopt(curl, opt, value);
if (result != CURLE_OK) {
- fprintf(stderr, "curl_easy_setopt(%d, %ld) returned %d: %s\n",
- opt, value, result, curl_easy_strerror(result));
+ fprintf(stderr, "curl_easy_setopt(%d, %ld) failure: %s\n",
+ opt, value, curl_easy_strerror(result));
}
}
* approach. We already reached the size limit, but we're going
* to reject the file anyway.
*/
- arg->error = -EFBIG;
+ arg->error = EFBIG;
return 0; /* Ugh. See fwrite(3) */
}
result = curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
if (result != CURLE_OK) {
- fprintf(stderr, "curl_easy_setopt(%d) returned %d: %s\n",
- CURLOPT_WRITEFUNCTION, result, curl_easy_strerror(result));
+ fprintf(stderr, "curl_easy_setopt(%d) failure: %s\n",
+ CURLOPT_WRITEFUNCTION, curl_easy_strerror(result));
}
}
result = curl_easy_setopt(curl, CURLOPT_WRITEDATA, arg);
if (result != CURLE_OK) {
- fprintf(stderr, "curl_easy_setopt(%d) returned %d: %s\n",
- CURLOPT_WRITEDATA, result, curl_easy_strerror(result));
+ fprintf(stderr, "curl_easy_setopt(%d) failure: %s\n",
+ CURLOPT_WRITEDATA, curl_easy_strerror(result));
}
}
{
float ratio;
- if (args->error == -EFBIG) {
+ if (args->error == EFBIG) {
pr_val_err("File too big (read: %zu bytes). Rejecting.",
args->total_bytes);
- return -EFBIG;
+ return EFBIG;
}
ratio = args->total_bytes / (float) config_get_http_max_file_size();
res = curl_easy_getinfo(handler->curl, CURLINFO_RESPONSE_CODE,
http_code);
if (res != CURLE_OK) {
- return pr_op_err_st("curl_easy_getinfo(CURLINFO_RESPONSE_CODE) returned %d (%s). "
+ return pr_op_err_st("curl_easy_getinfo(CURLINFO_RESPONSE_CODE) returned '%s'. "
"I think this is supposed to be illegal, so I'll have to drop URI '%s'.",
- res, curl_err_string(handler, res), uri_str(uri));
+ curl_err_string(handler, res), uri_str(uri));
}
return 0;
}
+/* XXX Retries removed. Ditch this? */
static int
handle_http_response_code(long http_code)
{
return EAGAIN; /* Retry */
if (500 <= http_code && http_code < 600)
return EAGAIN; /* Retry */
- return -EINVAL; /* Do not retry */
+ return EINVAL; /* Do not retry */
}
static int
switch (res) {
case CURLE_FILESIZE_EXCEEDED:
- error = -EFBIG; /* Do not retry */
+ error = EFBIG; /* Do not retry */
goto end;
case CURLE_OPERATION_TIMEDOUT:
case CURLE_COULDNT_RESOLVE_HOST:
error = http_download(&uri, path, 0, NULL);
if (error)
fprintf(stderr, "Couldn't fetch '%s': %s\n",
- path, strerror(abs(error)));
+ path, strerror(error));
else
fprintf(stdout, "Successfully fetched '%s'!\n\n", path);
if (root == NULL) {
pr_op_err("JSON error on line %d, column %d: %s",
json_error.line, json_error.column, json_error.text);
- return -ENOENT;
+ return ENOENT;
}
error = json_to_config(root);
return ENOENT;
if (!json_is_string(child))
- return pr_op_err("Tag '%s' is not a JSON string.", name);
+ return -pr_op_err("Tag '%s' is not a JSON string.", name);
*result = json_string_value(child);
return 0;
if (error)
return error;
errmsg = uri_init(result, str);
- if (errmsg)
- return pr_op_err("'%s' does not seem to be a URI: %s",
- str, errmsg);
+ if (errmsg) {
+ pr_op_err("'%s' does not seem to be a URI: %s", str, errmsg);
+ return -EINVAL;
+ }
return 0;
}
return ENOENT;
if (!json_is_integer(child))
- return pr_op_err("Tag '%s' is not a JSON integer.", name);
+ return -pr_op_err("Tag '%s' is not a JSON integer.", name);
*result = json_integer_value(child);
return 0;
if (error)
return error;
if (json_int < INT_MIN || INT_MAX < json_int)
- return pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
+ return -pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
") is out of range [%d, %d].",
name, json_int, INT_MIN, INT_MAX);
if (error)
return error;
if (json_int < 0 || UINT32_MAX < json_int)
- return pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
+ return -pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
") is out of range [0, %u].",
name, json_int, UINT32_MAX);
if (error)
return error;
if (json_int < 0 || ULONG_MAX < json_int)
- return pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
+ return -pr_op_err("Tag '%s' (%" JSON_INTEGER_FORMAT
") is out of range [0, %lu].",
name, json_int, ULONG_MAX);
return error;
error = asn_str2INTEGER(str, result);
- if (error)
+ if (error) {
pr_op_err("Tag '%s' (%s) cannot be parsed into an integer: %s",
name, str, strerror(error));
+ return -error;
+ }
- return error;
+ return 0;
}
int
if (error)
return error;
- return str2time(str, result);
+ return -str2time(str, result);
}
int
return ENOENT;
if (!json_is_array(child))
- return pr_op_err("Tag '%s' is not a JSON array.", name);
+ return -pr_op_err("Tag '%s' is not a JSON array.", name);
*array = child;
return 0;
if (!json_is_object(child)) {
*obj = NULL;
- return pr_op_err("Tag '%s' is not a JSON object.", name);
+ return -pr_op_err("Tag '%s' is not a JSON object.", name);
}
*obj = child;
error = pthread_mutex_init(&logck, NULL);
if (error) {
fprintf(ERR.stream,
- "pthread_mutex_init() returned %d: %s\n",
- error, strerror(error));
+ "pthread_mutex_init() failure: %s\n",
+ strerror(error));
syslog(LOG_ERR | op_config.facility,
- "pthread_mutex_init() returned %d: %s",
- error, strerror(error));
+ "pthread_mutex_init() failure: %s",
+ strerror(error));
return error;
}
pr_op_err(const char *format, ...)
{
PR_SIMPLE(LOG_ERR, op_config);
- return -EINVAL;
+ return EINVAL;
}
int
lock_mutex();
print_stack_trace(NULL);
unlock_mutex();
- return -EINVAL;
+ return EINVAL;
}
void
pr_val_err(const char *format, ...)
{
PR_SIMPLE(LOG_ERR, val_config);
- return -EINVAL;
+ return EINVAL;
}
struct crypto_cb_arg {
else
error_fn("End of libcrypto stack.");
- return -EINVAL;
+ return EINVAL;
}
/**
*
* This differs from usual printf-like functions:
*
- * - It returns -EINVAL, not bytes written.
+ * - It returns EINVAL, not bytes written.
* - It prints a newline.
* - Also prints the cryptolib's error message stack.
*
*
* This differs from usual printf-like functions:
*
- * - It returns -EINVAL, not bytes written.
+ * - It returns EINVAL, not bytes written.
* - It prints a newline.
* - Also prints the cryptolib's error message stack.
*
return 0;
case INAC_ERROR:
PR_SIMPLE(LOG_ERR, val_config);
- return -EINVAL;
+ return EINVAL;
}
pr_crit("Unknown incidence action: %u", action);
pr_op_info("Main loop: Time to work!");
error = vrps_update(&changed);
- if (error == -EINTR)
+ if (error == EINTR)
break;
if (error) {
- pr_op_debug("Main loop: Error %d (%s)", error,
- strerror(abs(error)));
+ pr_op_debug("Main loop: %s", strerror(error));
continue;
}
if (changed)
if (nid == NID_undef) {
/* Note: Implicit object registration happens in OBJ_create. */
nid = OBJ_create(oid, sn, ln);
- if (nid == 0)
- return op_crypto_err("Unable to register the %s NID.", sn);
+ if (nid == 0) {
+ op_crypto_err("Unable to register the %s NID.", sn);
+ return 0;
+ }
pr_op_debug("%s registered. Its nid is %d.", sn, nid);
} else {
"id-ct-routeOriginAuthz",
"RPKI ROA (Content type)");
if (ct_roa_nid == 0)
- return -EINVAL;
+ return EINVAL;
ct_mft_nid = register_oid("1.2.840.113549.1.9.16.1.26",
"id-ct-rpkiManifest",
"RPKI Manifest (Content type)");
if (ct_mft_nid == 0)
- return -EINVAL;
+ return EINVAL;
ct_gbr_nid = register_oid("1.2.840.113549.1.9.16.1.35",
"id-ct-rpkiGhostbusters",
"RPKI Ghostbusters (Content type)");
if (ct_gbr_nid == 0)
- return -EINVAL;
+ return EINVAL;
rpki_manifest_nid = register_oid("1.3.6.1.5.5.7.48.10",
"rpkiManifest",
"RPKI Manifest (RFC 6487)");
if (rpki_manifest_nid == 0)
- return -EINVAL;
+ return EINVAL;
signed_object_nid = register_oid("1.3.6.1.5.5.7.48.11",
"signedObject",
"RPKI Signed Object (RFC 6487)");
if (signed_object_nid == 0)
- return -EINVAL;
+ return EINVAL;
rpki_notify_nid = register_oid("1.3.6.1.5.5.7.48.13",
"rpkiNotify",
"RPKI Update Notification File (RFC 8182)");
if (rpki_notify_nid == 0)
- return -EINVAL;
+ return EINVAL;
cert_policy_rpki_nid = register_oid("1.3.6.1.5.5.7.14.2",
"id-cp-ipAddr-asNumber (RFC 6484)",
"Certificate Policy (CP) for the Resource PKI (RPKI)");
if (cert_policy_rpki_nid == 0)
- return -EINVAL;
+ return EINVAL;
cert_policy_rpki_v2_nid = register_oid("1.3.6.1.5.5.7.14.3",
"id-cp-ipAddr-asNumber-v2 (RFC 8360)",
"Certificate Policy for Use with Validation Reconsidered in the RPKI");
if (cert_policy_rpki_v2_nid == 0)
- return -EINVAL;
+ return EINVAL;
ip_addr_blocks_v2_nid = register_oid("1.3.6.1.5.5.7.1.28",
"id-pe-ipAddrBlocks-v2",
"Amended IP Resources (RFC 8360)");
if (ip_addr_blocks_v2_nid == 0)
- return -EINVAL;
+ return EINVAL;
autonomous_sys_ids_v2_nid = register_oid("1.3.6.1.5.5.7.1.29",
"id-pe-autonomousSysIds-v2",
"Amended AS Resources (RFC 8360)");
if (autonomous_sys_ids_v2_nid == 0)
- return -EINVAL;
+ return EINVAL;
bgpsec_router_nid = register_oid("1.3.6.1.5.5.7.3.30",
"id-kp-bgpsec-router",
"BGPsec Extended Key Usage (RFC 8209)");
if (bgpsec_router_nid == 0)
- return -EINVAL;
+ return EINVAL;
return 0;
}
tal_spki = decode_spki(tal);
if (tal_spki == NULL)
- return -EINVAL;
+ return EINVAL;
error = spki_cmp(tal_spki, cert_spki);
if ((evppkey = X509_get0_pubkey(cert->x509)) == NULL)
return val_crypto_err("X509_get0_pubkey() returned NULL");
if (X509_verify(cert->x509, evppkey) != 1)
- return -EINVAL;
+ return EINVAL;
}
return 0;
ber_tlv_len_t value_len; /* Length of the value */
if (skip_t(content, p, tag) != 0)
- return -EINVAL;
+ return EINVAL;
len_len = ber_fetch_length(true, &content->buf[p->offset], p->remaining,
&value_len);
is_constructed = BER_TLV_CONSTRUCTED(&content->buf[p->offset]);
if (skip_t(content, p, tag) != 0)
- return -EINVAL;
+ return EINVAL;
skip = ber_skip_length(NULL, is_constructed, &content->buf[p->offset],
p->remaining);
/* SignedData: SEQUENCE */
if (skip_tl(signedData, &p, SEQUENCE_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.version: CMSVersion -> INTEGER */
if (skip_tlv(signedData, &p, INTEGER_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.digestAlgorithms: DigestAlgorithmIdentifiers -> SET */
if (skip_tlv(signedData, &p, SET_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.encapContentInfo: EncapsulatedContentInfo -> SEQUENCE */
if (skip_tlv(signedData, &p, SEQUENCE_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.certificates: CertificateSet -> SET */
if (skip_tlv(signedData, &p, 0xA0) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.signerInfos: SignerInfos -> SET OF SEQUENCE */
if (skip_tl(signedData, &p, SET_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
if (skip_tl(signedData, &p, SEQUENCE_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.signerInfos.version: CMSVersion -> INTEGER */
if (skip_tlv(signedData, &p, INTEGER_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
/*
* SignedData.signerInfos.sid: SignerIdentifier -> CHOICE -> always
* subjectKeyIdentifier, which is a [0].
*/
if (skip_tlv(signedData, &p, 0x80) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.signerInfos.digestAlgorithm: DigestAlgorithmIdentifier
* -> AlgorithmIdentifier -> SEQUENCE */
if (skip_tlv(signedData, &p, SEQUENCE_TAG) != 0)
- return -EINVAL;
+ return EINVAL;
/* SignedData.signerInfos.signedAttrs: SignedAttributes -> SET */
/* We will need to replace the tag 0xA0 with 0x31, so skip it as well */
if (skip_t(signedData, &p, 0xA0) != 0)
- return -EINVAL;
+ return EINVAL;
result->buffer = &signedData->buf[p.offset];
len_len = ber_fetch_length(true, result->buffer,
}
break;
default:
- error = pr_val_err("Got %d IP address blocks Expected; 1 or 2 expected.",
+ error = pr_val_err("Got %d IP address blocks; 1 or 2 expected.",
blocks->list.count);
goto end;
}
if (ski == NULL) {
pr_val_err("Certificate lacks the '%s' extension.",
ext_ski()->name);
- return -ESRCH;
+ return ESRCH;
}
error = (ASN1_OCTET_STRING_cmp(aki->keyid, ski) != 0)
if (meta->required && !found) {
pr_val_err("Extension '%s' lacks a '%s' valid %s URI.",
meta->ia_name, meta->name, meta->type);
- return -ESRCH;
+ return ESRCH;
}
return 0;
cert->x509 = certificate_load(cert->map.path);
if (!cert->x509) {
- error = -EINVAL;
+ error = EINVAL;
goto end;
}
cert->type = get_certificate_type(cert);
return error;
}
-int
+validation_verdict
certificate_traverse(struct rpki_certificate *ca)
{
struct cache_cage *cage;
array_index i;
struct cache_mapping *map;
unsigned int queued;
- int error;
+ validation_verdict vv;
if (!ca->x509) {
- error = certificate_validate(ca);
- if (error)
- return error;
-
+ if (certificate_validate(ca) != 0)
+ return VV_FAIL;
if (ca->type != CERTYPE_TA && ca->type != CERTYPE_CA)
- return 0;
- } /* else "we already did this, and returned EBUSY" */
-
- switch (cache_refresh_by_sias(&ca->sias, &cage)) {
- case 0:
- break;
- case EBUSY:
- return EBUSY;
- default:
- return pr_val_err("caRepository '%s' could not be refreshed, "
+ return VV_CONTINUE;
+ } /* else "we already did this, and returned VV_BUSY" */
+
+ vv = cache_refresh_by_sias(&ca->sias, &cage);
+ if (vv == VV_BUSY)
+ return VV_BUSY;
+ if (vv == VV_FAIL) {
+ pr_val_err("caRepository '%s' could not be refreshed, "
"and there is no fallback in the cache. "
"I'm going to have to skip it.",
uri_str(&ca->sias.caRepository));
+ return VV_FAIL;
}
mft.url = ca->sias.rpkiManifest;
if (!mft.path) {
if (cage_disable_refresh(cage))
goto retry;
- error = pr_val_err("caRepository '%s' is missing a manifest.",
+ pr_val_err("caRepository '%s' is missing a manifest.",
uri_str(&ca->sias.caRepository));
+ vv = VV_FAIL;
goto end;
}
- error = manifest_traverse(&mft, cage, ca);
- if (error) {
+ if (manifest_traverse(&mft, cage, ca) != 0) {
if (cage_disable_refresh(cage))
goto retry;
+ vv = VV_FAIL;
goto end;
}
&ca->rpp);
end: free(cage);
- return error;
+ return vv;
}
*/
int certificate_validate_aia(struct rpki_certificate *);
-int certificate_traverse(struct rpki_certificate *);
+validation_verdict certificate_traverse(struct rpki_certificate *);
#endif /* SRC_OBJECT_CERTIFICATE_H_ */
if (now_tt == 0)
now_tt = time_fatal();
- if (gmtime_r(&now_tt, &now) == NULL) {
- error = errno;
- return pr_val_err("gmtime_r(now) error %d: %s", error,
- strerror(error));
- }
+ if (gmtime_r(&now_tt, &now) == NULL)
+ return pr_val_err("gmtime_r(now) error: %s", strerror(errno));
if (tm_cmp(&now, &thisUpdate) < 0) {
return pr_val_err(
}
meta->update = timegm(&thisUpdate);
- if (meta->update == (time_t)-1) {
- error = errno;
+ if (meta->update == (time_t)-1)
return pr_val_err("Cannot convert '" TM_FMT "' to time_t: %s",
- TM_ARGS(thisUpdate), strerror(error));
- }
+ TM_ARGS(thisUpdate), strerror(errno));
return 0;
return pr_val_err("The manifest version isn't a valid unsigned long");
}
if (version != 0)
- return -EINVAL;
+ return EINVAL;
}
/*
tal->file_name = path_filename(file_path);
uris_init(&tal->urls);
- error = read_content((char *)file.buffer, tal);
+ error = read_content((char *)file.buf, tal);
if (error)
uris_cleanup(&tal->urls, uri_cleanup);
if (task_enqueue_tal(tal_path) < 1) {
pr_op_err("Could not enqueue task '%s'; abandoning validation.",
tal_path);
- return -1;
+ return EINVAL;
}
return 0;
}
-static int
+static validation_verdict
validate_ta(struct tal *tal, struct cache_mapping const *ta_map)
{
struct rpki_certificate *ta;
- int error;
+ validation_verdict vv;
ta = pzalloc(sizeof(struct rpki_certificate));
map_copy(&ta->map, ta_map);
ta->tal = tal;
atomic_init(&ta->refcount, 1);
- error = certificate_traverse(ta);
+ vv = certificate_traverse(ta);
rpki_certificate_free(ta);
- return error;
+ return vv;
}
-static int
+static validation_verdict
try_urls(struct tal *tal, bool (*url_is_protocol)(struct uri const *),
char *(*get_path)(struct uri const *))
{
struct uri *url;
struct cache_mapping map;
- int error;
+ validation_verdict vv;
ARRAYLIST_FOREACH(&tal->urls, url) {
map.url = *url;
map.path = get_path(url);
if (!map.path)
continue;
- error = validate_ta(tal, &map);
- if (error == EBUSY)
- return EBUSY;
- if (error)
+ vv = validate_ta(tal, &map);
+ if (vv == VV_BUSY)
+ return VV_BUSY;
+ if (vv == VV_FAIL)
continue;
cache_commit_file(&map);
- return 0;
+ return VV_CONTINUE;
}
- return ESRCH;
+ return VV_FAIL;
}
-static int
+static validation_verdict
traverse_tal(char const *tal_path)
{
struct tal tal;
- int error;
+ validation_verdict vv;
fnstack_push(tal_path);
- error = tal_init(&tal, tal_path);
- if (error)
+ if (tal_init(&tal, tal_path) != 0) {
+ vv = VV_FAIL;
goto end1;
+ }
/* Online attempts */
- error = try_urls(&tal, uri_is_https, cache_refresh_by_url);
- if (!error || error == EBUSY)
+ vv = try_urls(&tal, uri_is_https, cache_refresh_by_url);
+ if (vv != VV_FAIL)
goto end2;
- error = try_urls(&tal, uri_is_rsync, cache_refresh_by_url);
- if (!error || error == EBUSY)
+ vv = try_urls(&tal, uri_is_rsync, cache_refresh_by_url);
+ if (vv != VV_FAIL)
goto end2;
/* Offline fallback attempts */
- error = try_urls(&tal, uri_is_https, cache_get_fallback);
- if (!error || error == EBUSY)
+ vv = try_urls(&tal, uri_is_https, cache_get_fallback);
+ if (vv != VV_FAIL)
goto end2;
- error = try_urls(&tal, uri_is_rsync, cache_get_fallback);
- if (!error || error == EBUSY)
+ vv = try_urls(&tal, uri_is_rsync, cache_get_fallback);
+ if (vv != VV_FAIL)
goto end2;
pr_op_err("None of the TAL URIs yielded a successful traversal.");
- error = EINVAL;
+ vv = VV_FAIL;
end2: tal_cleanup(&tal);
end1: fnstack_pop();
- return error;
+ return vv;
}
static void *
pick_up_work(void *arg)
{
struct validation_task *task = NULL;
+ validation_verdict vv;
while ((task = task_dequeue(task)) != NULL) {
switch (task->type) {
case VTT_RPP:
- if (certificate_traverse(task->u.ca) == EBUSY) {
+ if (certificate_traverse(task->u.ca) == VV_BUSY) {
task_requeue_dormant(task);
task = NULL;
}
break;
case VTT_TAL:
- switch (traverse_tal(task->u.tal)) {
- case 0:
- break;
- case EBUSY:
+ vv = traverse_tal(task->u.tal);
+ if (vv == VV_BUSY) {
task_requeue_dormant(task);
task = NULL;
- break;
- default:
+ } else if (vv == VV_FAIL) {
task_stop();
}
break;
break;
case SA_ERROR:
- return -EINVAL;
+ return EINVAL;
}
}
uri_cleanup(&url);
if (error) {
- pr_op_err("rsync download failed: %s", strerror(abs(error)));
+ pr_op_err("rsync download failed: %s", strerror(error));
return NULL;
}
return (cursor <= (buf + HDRSIZE)) ? cursor : NULL;
}
-static int
+static enum file_type
guess_file_type(BIO **bio, unsigned char *hdrbuf)
{
unsigned char *ptr;
return config_get_file_type();
res = BIO_read(*bio, hdrbuf, HDRSIZE);
- if (res <= 0)
- return op_crypto_err("Cannot guess file type; IO error.");
+ if (res <= 0) {
+ op_crypto_err("Cannot guess file type; IO error.");
+ return FT_UNK;
+ }
*bio = BIO_new_seq(BIO_new_mem_buf(hdrbuf, res), *bio);
- if ((*bio) == NULL)
- return op_crypto_err("BIO_new_seq() returned NULL.");
+ if ((*bio) == NULL) {
+ op_crypto_err("BIO_new_seq() returned NULL.");
+ return FT_UNK;
+ }
if (hdrbuf[0] != 0x30) {
pr_op_debug("File doesn't start with a SEQUENCE.");
struct ipv4_prefix prefix;
char buf[INET_ADDRSTRLEN];
int error;
+ enum resource_cmp_result result;
if (parent && (resources->ip4s == parent->ip4s))
return pr_val_err("Certificate defines IPv4 prefixes while also inheriting his parent's.");
if (resources->ip4s == NULL)
resources->ip4s = res4_create();
- error = res4_add_prefix(resources->ip4s, &prefix);
- if (error) {
- pr_val_err("Error adding IPv4 prefix '%s/%u' to certificate resources: %s",
+ result = res4_add_prefix(resources->ip4s, &prefix);
+ if (result != RCR_OK) {
+ pr_val_err("Cannot add IPv4 prefix '%s/%u' to certificate resources: %s",
addr2str4(&prefix.addr, buf), prefix.len,
- sarray_err2str(error));
- return error;
+ sarray_err2str(result));
+ return EINVAL;
}
pr_clutter("Prefix: %s/%u", addr2str4(&prefix.addr, buf), prefix.len);
struct ipv6_prefix prefix;
char buf[INET6_ADDRSTRLEN];
int error;
+ enum resource_cmp_result result;
if (parent && (resources->ip6s == parent->ip6s))
return pr_val_err("Certificate defines IPv6 prefixes while also inheriting his parent's.");
if (resources->ip6s == NULL)
resources->ip6s = res6_create();
- error = res6_add_prefix(resources->ip6s, &prefix);
- if (error) {
- pr_val_err("Error adding IPv6 prefix '%s/%u' to certificate resources: %s",
+ result = res6_add_prefix(resources->ip6s, &prefix);
+ if (result != RCR_OK) {
+ pr_val_err("Cannot add IPv6 prefix '%s/%u' to certificate resources: %s",
addr2str6(&prefix.addr, buf), prefix.len,
- sarray_err2str(error));
- return error;
+ sarray_err2str(result));
+ return EINVAL;
}
pr_clutter("Prefix: %s/%u", addr2str6(&prefix.addr, buf), prefix.len);
char buf1[INET_ADDRSTRLEN];
char buf2[INET_ADDRSTRLEN];
int error;
+ enum resource_cmp_result result;
if (parent && (resources->ip4s == parent->ip4s))
return pr_val_err("Certificate defines IPv4 ranges while also inheriting his parent's.");
if (resources->ip4s == NULL)
resources->ip4s = res4_create();
- error = res4_add_range(resources->ip4s, &range);
- if (error) {
- pr_val_err("Error adding IPv4 range '%s-%s' to certificate resources: %s",
+ result = res4_add_range(resources->ip4s, &range);
+ if (result != RCR_OK) {
+ pr_val_err("Cannot add IPv4 range '%s-%s' to certificate resources: %s",
addr2str4(&range.min, buf1),
addr2str4(&range.max, buf2),
- sarray_err2str(error));
- return error;
+ sarray_err2str(result));
+ return EINVAL;
}
pr_clutter("Range: %s-%s",
char buf1[INET6_ADDRSTRLEN];
char buf2[INET6_ADDRSTRLEN];
int error;
+ enum resource_cmp_result result;
if (parent && (resources->ip6s == parent->ip6s))
return pr_val_err("Certificate defines IPv6 ranges while also inheriting his parent's.");
if (resources->ip6s == NULL)
resources->ip6s = res6_create();
- error = res6_add_range(resources->ip6s, &range);
- if (error) {
- pr_val_err("Error adding IPv6 range '%s-%s' to certificate resources: %s",
+ result = res6_add_range(resources->ip6s, &range);
+ if (result != RCR_OK) {
+ pr_val_err("Cannot add IPv6 range '%s-%s' to certificate resources: %s",
addr2str6(&range.min, buf1),
addr2str6(&range.max, buf2),
- sarray_err2str(error));
- return error;
+ sarray_err2str(result));
+ return EINVAL;
}
pr_clutter("Range: %s-%s",
family = get_addr_family(&obj->addressFamily);
if (family == -1)
- return -EINVAL;
+ return EINVAL;
switch (obj->ipAddressChoice.present) {
case IPAddressChoice_PR_NOTHING:
add_asn(struct resources *resources, struct asn_range const *asns,
struct resources *parent)
{
- int error;
+ enum resource_cmp_result result;
if (asns->min > asns->max) {
return pr_val_err("The ASN range %u-%u is inverted.",
if (resources->asns == NULL)
resources->asns = rasn_create();
- error = rasn_add(resources->asns, asns);
- if (error){
- pr_val_err("Error adding ASN range '%u-%u' to certificate resources: %s",
- asns->min, asns->max, sarray_err2str(error));
- return error;
+ result = rasn_add(resources->asns, asns);
+ if (result != RCR_OK) {
+ pr_val_err("Cannot add ASN range '%u-%u' to certificate resources: %s",
+ asns->min, asns->max, sarray_err2str(result));
+ return EINVAL;
}
if (asns->min == asns->max)
sarray_put((struct sorted_array *) asns);
}
-int
+enum resource_cmp_result
rasn_add(struct resources_asn *asns, struct asn_range const *range)
{
return sarray_add((struct sorted_array *) asns, range);
#include <stdbool.h>
#include "types/asn.h"
+#include "types/sorted_array.h"
/*
* Implementation note: This is just a casted struct sorted_array.
void rasn_get(struct resources_asn *);
void rasn_put(struct resources_asn *);
-int rasn_add(struct resources_asn *, struct asn_range const *);
+enum resource_cmp_result rasn_add(struct resources_asn *,
+ struct asn_range const *);
bool rasn_empty(struct resources_asn *);
bool rasn_contains(struct resources_asn *, struct asn_range const *);
sarray_put((struct sorted_array *) ips);
}
-int
+enum resource_cmp_result
res4_add_prefix(struct resources_ipv4 *ips, struct ipv4_prefix const *prefix)
{
struct r4_node n;
return sarray_add((struct sorted_array *) ips, &n);
}
-int
+enum resource_cmp_result
res4_add_range(struct resources_ipv4 *ips, struct ipv4_range const *range)
{
struct r4_node n;
#define SRC_RESOURCE_IP4_H_
#include "types/address.h"
+#include "types/sorted_array.h"
struct resources_ipv4;
void res4_get(struct resources_ipv4 *);
void res4_put(struct resources_ipv4 *);
-int res4_add_prefix(struct resources_ipv4 *, struct ipv4_prefix const *);
-int res4_add_range(struct resources_ipv4 *, struct ipv4_range const *);
+enum resource_cmp_result res4_add_prefix(struct resources_ipv4 *,
+ struct ipv4_prefix const *);
+enum resource_cmp_result res4_add_range(struct resources_ipv4 *,
+ struct ipv4_range const *);
bool res4_empty(struct resources_ipv4 const *);
bool res4_contains_prefix(struct resources_ipv4 *, struct ipv4_prefix const *);
bool res4_contains_range(struct resources_ipv4 *, struct ipv4_range const *);
sarray_put((struct sorted_array *) ips);
}
-int
+enum resource_cmp_result
res6_add_prefix(struct resources_ipv6 *ips, struct ipv6_prefix const *prefix)
{
struct ipv6_range r;
return sarray_add((struct sorted_array *) ips, &r);
}
-int
+enum resource_cmp_result
res6_add_range(struct resources_ipv6 *ips, struct ipv6_range const *range)
{
return sarray_add((struct sorted_array *) ips, range);
#define SRC_RESOURCE_IP6_H_
#include "types/address.h"
+#include "types/sorted_array.h"
struct resources_ipv6;
void res6_get(struct resources_ipv6 *);
void res6_put(struct resources_ipv6 *);
-int res6_add_prefix(struct resources_ipv6 *ps, struct ipv6_prefix const *);
-int res6_add_range(struct resources_ipv6 *, struct ipv6_range const *);
+enum resource_cmp_result res6_add_prefix(struct resources_ipv6 *ps, struct ipv6_prefix const *);
+enum resource_cmp_result res6_add_range(struct resources_ipv6 *, struct ipv6_range const *);
bool res6_empty(struct resources_ipv6 const *ips);
bool res6_contains_prefix(struct resources_ipv6 *, struct ipv6_prefix const *);
bool res6_contains_range(struct resources_ipv6 *, struct ipv6_range const *);
* Extracts the following two attributes from @reader's current tag:
*
* 1. "uri"
- * 2. "hash" (optional, depending on @hr)
+ * 2. "hash" (optional)
*/
static int
parse_file_metadata(xmlTextReaderPtr reader, struct file_metadata *meta)
xmlattr = parse_string(reader, RRDP_ATTR_URI);
if (xmlattr == NULL)
- return -EINVAL;
+ return EINVAL;
errmsg = uri_init(&meta->uri, (char const *)xmlattr);
xmlFree(xmlattr);
if (errmsg)
/* Parse tag content */
base64_str = parse_string(reader, NULL);
if (base64_str == NULL) {
- error = -EINVAL;
+ error = EINVAL;
goto end;
}
if (!base64_decode((char *)base64_str, 0, &tag.content, &tag.content_len)) {
path = cseq_next(&args->state->seq);
if (!path) {
- error = -EINVAL;
+ error = EINVAL;
goto end;
}
file = cache_file_add(args->state, &tag.meta.uri, path);
"Deltas: Serial '%s' is out of bounds. (min:%s)",
deltas[i].serial.str, str);
OPENSSL_free(str);
- return -EINVAL;
+ return EINVAL;
}
if (BN_cmp(max->num, deltas[i].serial.num) < 0)
return pr_val_err(
if (notif->deltas.len == 0) {
pr_val_warn("There's no delta list to process.");
- return -ENOENT;
+ return ENOENT;
}
old = &state->session.serial;
serial->num = BN_create();
serial->str = pstrdup(str);
if (!BN_dec2bn(&serial->num, serial->str)) {
- error = pr_op_err("Not a serial number: %s", serial->str);
+ pr_op_err("Not a serial number: %s", serial->str);
BN_free(serial->num);
free(serial->str);
- return error;
+ return -EINVAL;
}
return 0;
}
/* Dead code */
- pr_op_err("Unknown waitpid() status; giving up %s.", name);
- return EINVAL;
+ return pr_op_err("Unknown waitpid() status; giving up %s.", name);
}
static void
if (error) {
pr_val_err("ROA couldn't be added to hash table: %s",
strerror(error));
- return -error;
+ return error;
}
if (old != NULL)
free(old);
if (error) {
pr_val_err("Router Key couldn't be added to hash table: %s",
strerror(error));
- return -error;
+ return error;
}
if (old != NULL)
free(old);
if (from == 0)
return 0;
if (from > darray->len)
- return -EINVAL;
+ return EINVAL;
i = darray->last - from + 1;
if (i > darray->len)
return error;
}
-/**
- * Please keep in mind that there is at least one errcode-aware caller. The most
- * important ones are
- * 1. 0: No errors.
- * 2. -EAGAIN: No data available; database still under construction.
- */
-int
+enum vrps_foreach_base_result
vrps_foreach_base(vrp_foreach_cb cb_roa, router_key_foreach_cb cb_rk, void *arg)
{
- int error;
+ enum vrps_foreach_base_result result;
- error = rwlock_read_lock(&state_lock);
- if (error)
- return error;
+ if (rwlock_read_lock(&state_lock) != 0)
+ return VFBR_CANT_LOCK;
if (state.base != NULL) {
- error = db_table_foreach_roa(state.base, cb_roa, arg);
- if (error)
- goto end;
- error = db_table_foreach_router_key(state.base, cb_rk, arg);
- } else
- error = -EAGAIN;
+ if (db_table_foreach_roa(state.base, cb_roa, arg) ||
+ db_table_foreach_router_key(state.base, cb_rk, arg))
+ result = VFBR_CB_INTR;
+ else
+ result = VFBR_OK;
+ } else {
+ result = VFBR_UNDER_CONSTRUCTION;
+ }
-end:
rwlock_unlock(&state_lock);
- return error;
+ return result;
}
/*
/**
* Runs @vrp_cb and @rk_cb on all the deltas from the database whose
* serial > @from, excluding those that cancel each other.
- *
- * Please keep in mind that there is at least one errcode-aware caller. The most
- * important ones are
- * 1. 0: No errors.
- * 2. -EAGAIN: No data available; database still under construction.
- * 3. -ESRCH: @from was not found.
*/
-int
+enum vrps_foreach_delta_since_result
vrps_foreach_delta_since(serial_t from, serial_t *to,
delta_vrp_foreach_cb vrp_cb, delta_router_key_foreach_cb rk_cb,
void *arg)
struct rk_node *rnode;
int error;
- error = rwlock_read_lock(&state_lock);
- if (error)
- return error;
+ if (rwlock_read_lock(&state_lock) != 0)
+ return VFDSR_CANT_LOCK;
if (state.base == NULL) {
- /* Database still under construction. */
rwlock_unlock(&state_lock);
- return -EAGAIN;
+ return VFDSR_UNDER_CONSTRUCTION;
}
if (from == state.serial) {
/* Client already has the latest serial. */
rwlock_unlock(&state_lock);
*to = from;
- return 0;
+ return VFDSR_OK;
}
/* if from < first serial */
error = darray_foreach_since(state.deltas, state.serial - from,
__deltas_foreach, &filtered_lists);
+
+ *to = state.serial;
+ rwlock_unlock(&state_lock);
+
if (error)
goto release_list;
SLIST_FOREACH(vnode, &filtered_lists.prefixes, next) {
error = vrp_cb(&vnode->delta, arg);
if (error)
- break;
+ goto release_list;
}
SLIST_FOREACH(rnode, &filtered_lists.router_keys, next) {
error = rk_cb(&rnode->delta, arg);
if (error)
- break;
+ goto release_list;
}
release_list:
free(rnode);
}
- *to = state.serial;
- rwlock_unlock(&state_lock);
- return 0;
+ return error ? VFDSR_INTR : VFDSR_OK;
cache_reset:
rwlock_unlock(&state_lock);
- return -ESRCH;
+ return VFDSR_INVALID_SERIAL;
}
-int
+enum get_last_serial_number_result
get_last_serial_number(serial_t *result)
{
- int error;
-
- error = rwlock_read_lock(&state_lock);
- if (error)
- return error;
+ if (rwlock_read_lock(&state_lock) != 0)
+ return GLSNR_CANT_LOCK;
- if (state.base != NULL)
- *result = state.serial;
- else
- error = -EAGAIN;
+ if (state.base == NULL) {
+ rwlock_unlock(&state_lock);
+ return GLSNR_UNDER_CONSTRUCTION;
+ }
+ *result = state.serial;
rwlock_unlock(&state_lock);
-
- return error;
+ return GLSNR_OK;
}
uint16_t
int vrps_update(bool *);
-/*
- * The following three functions return -EAGAIN when vrps_update() has never
- * been called, or while it's still building the database.
- * Handle gracefully.
- */
-
-int vrps_foreach_base(vrp_foreach_cb, router_key_foreach_cb, void *);
-int vrps_foreach_delta_since(serial_t, serial_t *, delta_vrp_foreach_cb,
+enum vrps_foreach_base_result {
+ VFBR_OK,
+ VFBR_UNDER_CONSTRUCTION,
+ VFBR_CANT_LOCK,
+ VFBR_CB_INTR,
+};
+
+enum vrps_foreach_base_result
+vrps_foreach_base(vrp_foreach_cb, router_key_foreach_cb, void *);
+
+enum vrps_foreach_delta_since_result {
+ VFDSR_OK,
+ VFDSR_UNDER_CONSTRUCTION,
+ VFDSR_CANT_LOCK,
+ VFDSR_INVALID_SERIAL,
+ VFDSR_INTR,
+};
+
+enum vrps_foreach_delta_since_result
+vrps_foreach_delta_since(serial_t, serial_t *, delta_vrp_foreach_cb,
delta_router_key_foreach_cb, void *);
-int get_last_serial_number(serial_t *);
+
+enum get_last_serial_number_result {
+ GLSNR_OK,
+ GLSNR_UNDER_CONSTRUCTION,
+ GLSNR_CANT_LOCK,
+};
+
+enum get_last_serial_number_result get_last_serial_number(serial_t *);
uint16_t get_current_session_id(uint8_t);
free(msg);
}
- return -EINVAL; /* For propagation */
+ return EINVAL; /* For propagation */
}
int
{
struct send_delta_args args;
serial_t final_serial;
+ enum vrps_foreach_delta_since_result result;
int error;
pr_op_debug("Serial Query. Request version/session/serial: %u/%u/%u",
* PDUs, to minimize writer stagnation.
*/
- error = vrps_foreach_delta_since(request->pdu.obj.sq.serial_number,
+ result = vrps_foreach_delta_since(request->pdu.obj.sq.serial_number,
&final_serial, send_delta_vrp, send_delta_rk, &args);
- switch (error) {
- case 0:
+ switch (result) {
+ case VFDSR_OK:
/*
* https://tools.ietf.org/html/rfc6810#section-6.2
*
* and programming errors. Best avoid error PDUs.
*/
if (!args.cache_response_sent) {
- error = send_cache_response_pdu(args.fd,
- args.rtr_version);
+ error = send_cache_response_pdu(args.fd, args.rtr_version);
if (error)
return error;
}
- return send_end_of_data_pdu(args.fd, args.rtr_version,
- final_serial);
- case -EAGAIN: /* Database still under construction */
+ return send_end_of_data_pdu(args.fd, args.rtr_version, final_serial);
+
+ case VFDSR_UNDER_CONSTRUCTION:
return err_pdu_send_no_data_available(args.fd, args.rtr_version);
- case -ESRCH: /* Invalid serial */
+
+ case VFDSR_INVALID_SERIAL:
/* https://tools.ietf.org/html/rfc6810#section-6.3 */
return send_cache_reset_pdu(args.fd, args.rtr_version);
- case -ENOMEM: /* Memory allocation failure */
- enomem_panic();
- case EAGAIN: /* Too many threads */
+
+ case VFDSR_CANT_LOCK:
/*
* I think this should be more of a "try again" thing, but
- * RTR does not provide a code for that. Just fall through.
+ * RTR does not provide a code for that.
*/
+ return err_pdu_send_internal_error(args.fd, args.rtr_version);
+
+ case VFDSR_INTR:
+ /* Callback errors must halt PDUs */
break;
}
- return err_pdu_send_internal_error(args.fd, args.rtr_version);
+ return EINVAL;
}
struct base_roa_args {
FLAG_ANNOUNCEMENT);
}
-int
+void
handle_reset_query_pdu(struct rtr_request *request)
{
struct base_roa_args args;
serial_t current_serial;
- int error;
args.started = false;
args.fd = request->fd;
args.version = request->pdu.rtr_version;
- error = get_last_serial_number(¤t_serial);
- switch (error) {
- case 0:
+ switch (get_last_serial_number(¤t_serial)) {
+ case GLSNR_OK:
break;
- case -EAGAIN:
- return err_pdu_send_no_data_available(args.fd, args.version);
- default:
+ case GLSNR_UNDER_CONSTRUCTION:
+ err_pdu_send_no_data_available(args.fd, args.version);
+ return;
+ case GLSNR_CANT_LOCK:
err_pdu_send_internal_error(args.fd, args.version);
- return error;
+ return;
}
/*
* queries than reset queries.
*/
- error = vrps_foreach_base(send_base_roa, send_base_router_key, &args);
-
/* See handle_serial_query_pdu() for some comments. */
- switch (error) {
- case 0:
- /* Assure that cache response is (or was) sent */
- if (args.started)
- break;
- error = send_cache_response_pdu(args.fd, args.version);
- if (error)
- return error;
+ switch (vrps_foreach_base(send_base_roa, send_base_router_key, &args)) {
+ case VFBR_OK:
+ /* Ensure the cache response is (or was) sent */
+ if (!args.started)
+ if (send_cache_response_pdu(args.fd, args.version) != 0)
+ return;
+ send_end_of_data_pdu(args.fd, args.version, current_serial);
break;
- case -EAGAIN:
- return err_pdu_send_no_data_available(args.fd, args.version);
- case EAGAIN:
+
+ case VFBR_UNDER_CONSTRUCTION:
+ err_pdu_send_no_data_available(args.fd, args.version);
+ break;
+
+ case VFBR_CANT_LOCK:
err_pdu_send_internal_error(args.fd, args.version);
- return error;
- default:
- /* Any other error must stop sending more PDUs */
- return error;
- }
+ break;
- return send_end_of_data_pdu(args.fd, args.version, current_serial);
+ case VFBR_CB_INTR:
+ /* Callback errors must halt PDUs */
+ break;
+ }
}
#include "rtr/pdu_stream.h"
int handle_serial_query_pdu(struct rtr_request *);
-int handle_reset_query_pdu(struct rtr_request *);
+void handle_reset_query_pdu(struct rtr_request *);
#endif /* SRC_RTR_PDU_HANDLER_H_ */
}
/* Interrupt handler thread, but no need to raise alarms. */
- return -EINVAL;
+ return EINVAL;
}
static int
pfd.revents = 0;
error = poll(&pfd, 1, -1);
if (error < 0)
- return pr_op_err_st("poll() error: %d", error);
+ return pr_op_err_st("poll() error: %s", strerror(errno));
if (error == 0)
return pr_op_err_st("poll() returned 0, even though there's no timeout.");
if (pfd.revents & (POLLHUP | POLLERR | POLLNVAL))
return send_ipv6_prefix_pdu(fd, version, vrp, flags);
}
- return -EINVAL;
+ return EINVAL;
}
int
goto retry;
case EFAULT:
case EINVAL:
- pr_crit("poll() returned %d.", error);
+ pr_crit("poll() error: %s", strerror(error));
}
}
stop_server_thread = true;
error = pthread_join(server_thread, NULL);
- if (error) {
- pr_op_err("pthread_join() returned error %d: %s", error,
- strerror(error));
- }
+ if (error)
+ pr_op_err("pthread_join() failed: %s", strerror(error));
thread_pool_destroy(request_handlers);
serial_t serial;
struct pdu_stream **client;
int fd;
- int error;
- error = get_last_serial_number(&serial);
- if (error) {
- pr_op_info("Can't notify RTR clients: %d (%s)", error,
- strerror(abs(error)));
+ switch (get_last_serial_number(&serial)) {
+ case GLSNR_OK:
+ break;
+ case GLSNR_UNDER_CONSTRUCTION:
+ pr_op_info("Can't notify RTR clients: Database under construction");
+ return;
+ case GLSNR_CANT_LOCK:
+ pr_op_info("Can't notify RTR clients: Too many simultaneous read locks");
return;
}
struct slurm_prefix_wrap new;
if (prefix_exists(db, elem))
- return -EEXIST;
+ return EEXIST;
new.element = *elem;
new.references = 1;
struct slurm_prefix_wrap new;
if (prefix_exists(db, elem))
- return -EEXIST;
+ return EEXIST;
new.element = *elem;
new.references = 1;
struct slurm_bgpsec_wrap new;
if (bgpsec_exists(db, elem))
- return -EEXIST;
+ return EEXIST;
new.element = *elem;
new.references = 1;
struct slurm_bgpsec_wrap new;
if (bgpsec_exists(db, elem))
- return -EEXIST;
+ return EEXIST;
new.element = *elem;
new.references = 1;
if (error) {
/* Fall back to previous iteration's SLURM */
- pr_op_info("Error %d loading SLURM. The validation will continue regardless.",
- error);
+ pr_op_info("Error '%s' loading SLURM. The validation will continue regardless.",
+ strerror(error));
if (*slurm != NULL) {
pr_op_info("A previous valid version of the SLURM exists and will be applied.");
db_slurm_log(*slurm);
json_error.line, json_error.column, json_error.text);
error = handle_json(json_root, arg);
- json_decref(json_root);
- if (error)
- return error; /* File exists, but has a syntax error */
- return 0;
+ json_decref(json_root);
+ return error;
}
static int
if (!json_valid_members_count(object, member_count))
return pr_op_err("Prefix filter has unknown members (see RFC 8416 section 3.3.1)");
- error = db_slurm_add_prefix_filter(db, &result);
- if (error)
- return error;
-
- return 0;
+ return db_slurm_add_prefix_filter(db, &result);
}
/*
if (!json_valid_members_count(object, member_count))
return pr_op_err("Prefix assertion has unknown members (see RFC 8416 section 3.4.1)");
- error = db_slurm_add_prefix_assertion(db, &result);
- if (error)
- return error;
-
- return 0;
+ return db_slurm_add_prefix_assertion(db, &result);
}
static int
error = load_single_prefix(element, db, is_assertion);
if (!error)
continue;
- if (error == -EEXIST)
+ if (error == EEXIST)
pr_op_err(
"The prefix %s element \"%s\", covers or is covered by another assertion/filter; SLURM loading will be stopped. %s",
(is_assertion ? "assertion" : "filter"),
/* A single comment isn't valid */
if (result.data_flag == SLURM_COM_FLAG_COMMENT) {
- pr_op_err("Single comments aren't valid");
- error = -EINVAL;
+ error = pr_op_err("Single comments aren't valid");
goto release_router_key;
}
if (!is_assertion) {
if ((result.data_flag &
(SLURM_COM_FLAG_ASN | SLURM_BGPS_FLAG_SKI)) == 0) {
- pr_op_err("BGPsec filter must have an asn and/or SKI");
- error = -EINVAL;
+ error = pr_op_err("BGPsec filter must have an asn and/or SKI");
goto release_router_key;
}
/* Validate expected members */
if (!json_valid_members_count(object, member_count)) {
- pr_op_err("BGPsec filter has unknown members (see RFC 8416 section 3.3.2)");
- error = -EINVAL;
+ error = pr_op_err("BGPsec filter has unknown members (see RFC 8416 section 3.3.2)");
goto release_router_key;
}
/* Validate expected members */
if (!json_valid_members_count(object, member_count)) {
- pr_op_err("BGPsec assertion has unknown members (see RFC 8416 section 3.4.2)");
- error = -EINVAL;
+ error = pr_op_err("BGPsec assertion has unknown members (see RFC 8416 section 3.4.2)");
goto release_router_key;
}
error = load_single_bgpsec(element, db, is_assertion);
if (!error)
continue;
- if (error == -EEXIST)
+ if (error == EEXIST)
pr_op_err(
"The ASN at bgpsec %s element \"%s\", is duplicated in another assertion/filter; SLURM loading will be stopped. %s",
(is_assertion ? "assertion" : "filter"),
if (error)
return error;
- error = load_bgpsec_array(bgpsec, db, false);
- if (error)
- return error;
-
- return 0;
+ return load_bgpsec_array(bgpsec, db, false);
}
static int
if (error)
return error;
- error = load_bgpsec_array(bgpsec, db, true);
- if (error)
- return error;
-
- return 0;
+ return load_bgpsec_array(bgpsec, db, true);
}
static int
ssize_t rd;
if (stream->buffer == NULL || stream->capacity < len)
- return -ENOSPC;
+ return ENOSPC;
for (offset = 0; offset < len; offset += rd) {
rd = read(stream->fd, stream->buffer + offset, len - offset);
if (rd < 0)
- return -errno;
+ return errno;
if (rd == 0)
break;
}
error = pthread_attr_init(attr);
if (error) {
- pr_op_err_st("pthread_attr_init() returned error %d: %s",
- error, strerror(error));
+ pr_op_err_st("pthread_attr_init() failed: %s", strerror(error));
return error;
}
error = pthread_attr_setstacksize(attr, 1024 * 1024 * 2);
if (error) {
pthread_attr_destroy(attr);
- pr_op_err_st(
- "pthread_attr_setstacksize() returned error %d: %s",
- error, strerror(error));
+ pr_op_err_st("pthread_attr_setstacksize() failed: %s",
+ strerror(error));
return error;
}
error = pthread_create(&pool->thread_ids[i], &attr, tasks_poll,
pool);
if (error) {
- pr_op_err_st("pthread_create() returned error %d: %s",
- error, strerror(error));
+ pr_op_err_st("pthread_create() failed: %s",
+ strerror(error));
goto end;
}
/* Init locking */
error = pthread_mutex_init(&result->lock, NULL);
if (error) {
- pr_op_err_st("pthread_mutex_init() returned error %d: %s",
- error, strerror(error));
+ pr_op_err_st("pthread_mutex_init() failed: %s",
+ strerror(error));
goto free_tmp;
}
/* Init conditional to signal pending work */
error = pthread_cond_init(&result->parent2worker, NULL);
if (error) {
- pr_op_err_st("pthread_cond_init(p2w) returned error %d: %s",
- error, strerror(error));
+ pr_op_err_st("pthread_cond_init(p2w) failed: %s",
+ strerror(error));
goto free_mutex;
}
/* Init conditional to signal no pending work */
error = pthread_cond_init(&result->worker2parent, NULL);
if (error) {
- pr_op_err_st("pthread_cond_init(w2p) returned error %d: %s",
- error, strerror(error));
+ pr_op_err_st("pthread_cond_init(w2p) failed: %s",
+ strerror(error));
goto free_working_cond;
}
error = pthread_key_create(&filenames_key, fnstack_discard);
if (error) {
pr_op_err(
- "Fatal: Errcode %d while initializing the file name stack thread variable.",
- error);
+ "Cannot initialize the file name stack thread variable: %s",
+ strerror(error));
return error;
}
error = pthread_setspecific(filenames_key, files);
if (error)
- pr_op_err("pthread_setspecific() returned %d.", error);
+ pr_op_err("pthread_setspecific() failed: %s", strerror(error));
}
void
error = pthread_setspecific(filenames_key, NULL);
if (error)
- pr_op_err("pthread_setspecific() returned %d.", error);
+ pr_op_err("pthread_setspecific() failed: %s", strerror(error));
}
/*
static int
str2addr4(const char *addr, struct in_addr *dst)
{
- if (!inet_pton(AF_INET, addr, dst))
- return -EINVAL;
- return 0;
+ return (inet_pton(AF_INET, addr, dst) != 1) ? EINVAL : 0;
}
static int
str2addr6(const char *addr, struct in6_addr *dst)
{
- if (!inet_pton(AF_INET6, addr, dst))
- return -EINVAL;
- return 0;
+ return (inet_pton(AF_INET6, addr, dst) != 1) ? EINVAL : 0;
}
int
* (Meaning, returns success if @new is larger than all of the elements in
* @array.)
*/
-static int
+static enum resource_cmp_result
compare(struct sorted_array *sarray, void const *new)
{
enum sarray_comparison cmp;
if (sarray->count == 0)
- return 0;
+ return RCR_OK;
cmp = sarray->cmp(get_nth_element(sarray, sarray->count - 1), new);
switch (cmp) {
case SACMP_EQUAL:
- return -EEQUAL;
+ return RCR_EEQUAL;
case SACMP_CHILD:
- return -ECHILD2;
+ return RCR_ECHILD2;
case SACMP_PARENT:
- return -EPARENT;
+ return RCR_EPARENT;
case SACMP_LEFT:
- return -ELEFT;
+ return RCR_ELEFT;
case SACMP_RIGHT:
- return 0;
+ return RCR_OK;
case SACMP_ADJACENT_LEFT:
- return -EADJLEFT;
+ return RCR_EADJLEFT;
case SACMP_ADJACENT_RIGHT:
- return -EADJRIGHT;
+ return RCR_EADJRIGHT;
case SACMP_INTERSECTION:
- return -EINTERSECTION;
+ return RCR_EINTERSECTION;
}
pr_crit("Unknown comparison value: %u", cmp);
}
-int
+enum resource_cmp_result
sarray_add(struct sorted_array *sarray, void const *element)
{
- int error;
+ enum resource_cmp_result result;
- error = compare(sarray, element);
- if (error)
- return error;
+ result = compare(sarray, element);
+ if (result != RCR_OK)
+ return result;
if (sarray->count >= sarray->len) {
sarray->array = realloc(sarray->array,
memcpy(get_nth_element(sarray, sarray->count), element, sarray->size);
sarray->count++;
- return 0;
+ return RCR_OK;
}
bool
return 0;
}
-char const *sarray_err2str(int error)
+char const *
+sarray_err2str(enum resource_cmp_result result)
{
- switch (abs(error)) {
- case EEQUAL:
+ switch (result) {
+ case RCR_EEQUAL:
return "Resource equals an already existing resource";
- case ECHILD2:
+ case RCR_ECHILD2:
return "Resource is a subset of an already existing resource";
- case EPARENT:
+ case RCR_EPARENT:
return "Resource is a superset of an already existing resource";
- case ELEFT:
+ case RCR_ELEFT:
return "Resource sequence is not properly sorted";
- case EADJLEFT:
- case EADJRIGHT:
+ case RCR_EADJLEFT:
+ case RCR_EADJRIGHT:
return "Resource is adjacent to an existing resource (they are supposed to be aggregated)";
- case EINTERSECTION:
+ case RCR_EINTERSECTION:
return "Resource intersects with an already existing resource";
+ case RCR_OK:
+ return "Success";
}
- return strerror(error);
+ return "Unknown error";
}
void sarray_get(struct sorted_array *);
void sarray_put(struct sorted_array *);
-#define EEQUAL 7894
-#define ECHILD2 7895
-#define EPARENT 7896
-#define ELEFT 7897
-#define EADJLEFT 7898
-#define EADJRIGHT 7899
-#define EINTERSECTION 7900
-
-int sarray_add(struct sorted_array *, void const *);
+enum resource_cmp_result {
+ RCR_OK,
+ RCR_EEQUAL,
+ RCR_ECHILD2,
+ RCR_EPARENT,
+ RCR_ELEFT,
+ RCR_EADJLEFT,
+ RCR_EADJRIGHT,
+ RCR_EINTERSECTION,
+};
+
+enum resource_cmp_result sarray_add(struct sorted_array *, void const *);
bool sarray_empty(struct sorted_array const *);
bool sarray_contains(struct sorted_array const *, void const *);
typedef int (*sarray_foreach_cb)(void *, void *);
int sarray_foreach(struct sorted_array *, sarray_foreach_cb, void *);
-char const *sarray_err2str(int);
+char const *sarray_err2str(enum resource_cmp_result);
#endif /* SRC_TYPES_SORTED_ARRAY_H_ */
errno = 0;
*ulong = strtoul(hex, &endptr, 16);
- if (errno)
- return errno;
- if (endptr[0] != 0)
- return -1;
- return 0;
+ return (errno || endptr[0] != 0) ? -1 : 0;
}
/**
#include "types/uri.h"
+#include <arpa/inet.h>
#include <errno.h>
#include "alloc.h"
# <mumble>_CFLAGS is not defined.
# Otherwise it must be included manually:
# mumble_mumble_CFLAGS = ${AM_CFLAGS} flag1 flag2 flag3 ...
-AM_CFLAGS = -Wall -Wpedantic
+AM_CFLAGS = -Wall -Wpedantic -Wno-unused
# The extra info provided by this flag allows the linker to strip unused
# symbols, which reduces required superfluous #includes and mocks.
# It's supported by gcc and clang, not sure about others.
}
static struct cache_cage *
-run_dl_rsync(char *caRepository, int expected_err, unsigned int expected_calls)
+run_dl_rsync(char *caRepository, validation_verdict vv,
+ unsigned int expected_calls)
{
struct sia_uris sias = { 0 };
struct cache_cage *cage;
rsync_counter = 0;
https_counter = 0;
printf("---- Downloading... ----\n");
- ck_assert_int_eq(expected_err, cache_refresh_by_sias(&sias, &cage));
+ ck_assert_str_eq(vv, cache_refresh_by_sias(&sias, &cage));
printf("---- Downloaded. ----\n");
ck_assert_uint_eq(expected_calls, rsync_counter);
ck_assert_uint_eq(0, https_counter);
static struct cache_cage *
rsync_dance(char *url)
{
- ck_assert_ptr_eq(NULL, run_dl_rsync(url, EBUSY, 1));
+ ck_assert_ptr_eq(NULL, run_dl_rsync(url, VV_BUSY, 1));
finish_rsync();
- return run_dl_rsync(url, 0, 0);
+ return run_dl_rsync(url, VV_CONTINUE, 0);
}
static void
static void
init_node_rsync(struct cache_node *node, char *url, char *path,
- int fresh, int dlerr)
+ int fresh, validation_verdict vv)
{
node->key.id = url;
node->key.idlen = strlen(url);
ck_assert_ptr_eq(NULL, uri_init(&node->key.rsync, url));
node->path = path;
node->state = fresh ? DLS_FRESH : DLS_OUTDATED; /* XXX (test) */
- node->dlerr = dlerr;
+ node->verdict = vv;
node->rrdp = NULL;
}
static void
init_node_https(struct cache_node *node, char *url, char *path,
- int fresh, int dlerr)
+ int fresh, validation_verdict vv)
{
node->key.id = url;
node->key.idlen = strlen(url);
ck_assert_ptr_eq(NULL, uri_init(&node->key.http, url));
node->path = path;
node->state = fresh ? DLS_FRESH : DLS_OUTDATED;
- node->dlerr = dlerr;
+ node->verdict = vv;
node->rrdp = NULL;
}
ck_node_key(&expected->key, &actual->key);
ck_assert_str_eq(expected->path, actual->path);
ck_assert_int_eq(expected->state, actual->state);
- ck_assert_int_eq(expected->dlerr, actual->dlerr);
+ ck_assert_str_eq(expected->verdict, actual->verdict);
if (expected->rrdp == NULL)
ck_assert_ptr_eq(expected->rrdp, actual->rrdp);
// XXX else
ck_assert_ptr_ne(NULL, cage);
ck_cage(cage, "rsync://a.b.c/d", "rsync/0", NULL);
ck_cage(cage, "rsync://a.b.c/d/e/f.cer", "rsync/0/e/f.cer", NULL);
- init_node_rsync(&nodes[0], "rsync://a.b.c/d", "rsync/0", 1, 0);
+ init_node_rsync(&nodes[0], "rsync://a.b.c/d", "rsync/0", 1, VV_CONTINUE);
ck_cache_rsync(nodes);
free(cage);
printf("==== Redownload same file, nothing should happen ====\n");
- cage = run_dl_rsync("rsync://a.b.c/d", 0, 0);
+ cage = run_dl_rsync("rsync://a.b.c/d", VV_CONTINUE, 0);
ck_assert_ptr_ne(NULL, cage);
ck_cage(cage, "rsync://a.b.c/d", "rsync/0", NULL);
ck_cage(cage, "rsync://a.b.c/d/e/f.cer", "rsync/0/e/f.cer", NULL);
* download d, we needn't bother redownloading d/e.
*/
printf("==== Don't redownload child ====\n");
- cage = run_dl_rsync("rsync://a.b.c/d/e", 0, 0);
+ cage = run_dl_rsync("rsync://a.b.c/d/e", VV_CONTINUE, 0);
ck_assert_ptr_ne(NULL, cage);
ck_cage(cage, "rsync://a.b.c/d", "rsync/0", NULL);
ck_cage(cage, "rsync://a.b.c/d/e/f.cer", "rsync/0/e/f.cer", NULL);
ck_assert_ptr_ne(NULL, cage);
ck_cage(cage, "rsync://x.y.z/m", "rsync/1", NULL);
ck_cage(cage, "rsync://x.y.z/m/n/o", "rsync/1/n/o", NULL);
- init_node_rsync(&nodes[1], "rsync://x.y.z/m", "rsync/1", 1, 0);
+ init_node_rsync(&nodes[1], "rsync://x.y.z/m", "rsync/1", 1, VV_CONTINUE);
ck_cache_rsync(nodes);
free(cage);
ck_assert_ptr_ne(NULL, cage);
ck_cage(cage, "rsync://a.b.c/e", "rsync/2", NULL);
ck_cage(cage, "rsync://a.b.c/e/f/x/y/z", "rsync/2/f/x/y/z", NULL);
- init_node_rsync(&nodes[2], "rsync://a.b.c/e", "rsync/2", 1, 0);
+ init_node_rsync(&nodes[2], "rsync://a.b.c/e", "rsync/2", 1, VV_CONTINUE);
ck_cache_rsync(nodes);
free(cage);
setup_test();
- init_node_rsync(&nodes[0], "rsync://a.b.c/d", "rsync/0", 1, 0);
- init_node_rsync(&nodes[1], "rsync://a.b.c/e", "rsync/1", 1, EINVAL);
+ init_node_rsync(&nodes[0], "rsync://a.b.c/d", "rsync/0", 1, VV_CONTINUE);
+ init_node_rsync(&nodes[1], "rsync://a.b.c/e", "rsync/1", 1, VV_FAIL);
printf("==== Startup ====\n");
dl_error = 0;
free(rsync_dance("rsync://a.b.c/d"));
dl_error = EINVAL;
- ck_assert_ptr_eq(NULL, run_dl_rsync("rsync://a.b.c/e", EINVAL, 1));
+ ck_assert_ptr_eq(NULL, run_dl_rsync("rsync://a.b.c/e", VV_FAIL, 1));
ck_cache_rsync(nodes);
printf("==== Regardless of error, not reattempted because same iteration ====\n");
dl_error = EINVAL;
- ck_assert_ptr_eq(NULL, run_dl_rsync("rsync://a.b.c/e", EINVAL, 0));
+ ck_assert_ptr_eq(NULL, run_dl_rsync("rsync://a.b.c/e", VV_FAIL, 0));
ck_cache_rsync(nodes);
dl_error = 0;
- ck_assert_ptr_eq(NULL, run_dl_rsync("rsync://a.b.c/e", EINVAL, 0));
+ ck_assert_ptr_eq(NULL, run_dl_rsync("rsync://a.b.c/e", VV_FAIL, 0));
ck_cache_rsync(nodes);
cleanup_test();
printf("==== Download file ====\n");
run_dl_https("https://a.b.c/d/e", 1, "https/0");
- init_node_https(&nodes[0], "https://a.b.c/d/e", "https/0", 1, 0);
+ init_node_https(&nodes[0], "https://a.b.c/d/e", "https/0", 1, VV_CONTINUE);
ck_cache_https(nodes);
printf("==== Download same file ====\n");
printf("==== Download something else 1 ====\n");
run_dl_https("https://a.b.c/e", 1, "https/1");
- init_node_https(&nodes[1], "https://a.b.c/e", "https/1", 1, 0);
+ init_node_https(&nodes[1], "https://a.b.c/e", "https/1", 1, VV_CONTINUE);
ck_cache_https(nodes);
printf("==== Download something else 2 ====\n");
run_dl_https("https://x.y.z/e", 1, "https/2");
- init_node_https(&nodes[2], "https://x.y.z/e", "https/2", 1, 0);
+ init_node_https(&nodes[2], "https://x.y.z/e", "https/2", 1, VV_CONTINUE);
ck_cache_https(nodes);
cleanup_test();
setup_test();
- init_node_https(&nodes[0], "https://a.b.c/d", "https/0", 1, 0);
- init_node_https(&nodes[1], "https://a.b.c/e", "https/1", 1, EINVAL);
+ init_node_https(&nodes[0], "https://a.b.c/d", "https/0", 1, VV_CONTINUE);
+ init_node_https(&nodes[1], "https://a.b.c/e", "https/1", 1, VV_FAIL);
printf("==== Startup ====\n");
dl_error = 0;
ck_cache_https(nodes);
printf("==== Regardless of error, not reattempted because same iteration ====\n");
- dl_error = -EINVAL;
+ dl_error = EINVAL;
run_dl_https("https://a.b.c/d", 0, "https/0");
run_dl_https("https://a.b.c/e", 0, NULL);
dl_error = 0;
print_tree();
ck_assert_ptr_eq(NULL, uri_init(&sias.rpkiNotify, RPKI_NOTIFY));
ck_assert_ptr_eq(NULL, uri_init(&sias.caRepository, CA_REPOSITORY));
- ck_assert_int_eq(0, cache_refresh_by_sias(&sias, &cage));
+ ck_assert_str_eq(VV_CONTINUE, cache_refresh_by_sias(&sias, &cage));
ck_assert_str_eq(RPKI_NOTIFY, uri_str(&cage->rpkiNotify));
ck_assert_str_eq(FILE_RRDP_PATH, cage_map_file(cage, &file_url));
ck_assert_int_eq(false, cage_disable_refresh(cage));
print_tree();
uri_cleanup(&sias.rpkiNotify);
- ck_assert_int_eq(EBUSY, cache_refresh_by_sias(&sias, &cage));
+ ck_assert_str_eq(VV_BUSY, cache_refresh_by_sias(&sias, &cage));
finish_rsync();
- ck_assert_int_eq(0, cache_refresh_by_sias(&sias, &cage));
+ ck_assert_str_eq(VV_CONTINUE, cache_refresh_by_sias(&sias, &cage));
ck_assert_ptr_eq(NULL, uri_str(&cage->rpkiNotify));
ck_assert_str_eq(FILE_RSYNC_PATH, cage_map_file(cage, &file_url));
printf("4. Redo both CAs, check the fallbacks too\n");
print_tree();
- ck_assert_int_eq(0, cache_refresh_by_sias(&sias, &cage));
+ ck_assert_str_eq(VV_CONTINUE, cache_refresh_by_sias(&sias, &cage));
ck_assert_ptr_eq(NULL, uri_str(&cage->rpkiNotify));
ck_assert_str_eq(FILE_RSYNC_PATH, cage_map_file(cage, &file_url));
ck_assert_int_eq(true, cage_disable_refresh(cage));
ck_assert_str_eq("fallback/1/0", cage_map_file(cage, &file_url));
ck_assert_ptr_eq(NULL, uri_init(&sias.rpkiNotify, RPKI_NOTIFY));
- ck_assert_int_eq(0, cache_refresh_by_sias(&sias, &cage));
+ ck_assert_str_eq(VV_CONTINUE, cache_refresh_by_sias(&sias, &cage));
ck_assert_str_eq(RPKI_NOTIFY, uri_str(&cage->rpkiNotify));
ck_assert_str_eq(FILE_RRDP_PATH, cage_map_file(cage, &file_url));
ck_assert_int_eq(true, cage_disable_refresh(cage));
ck_node_key(&src->key, &dst->key);
ck_assert_str_eq(src->path, dst->path);
ck_assert_int_eq(DLS_OUTDATED, dst->state); /* Must be reset */
- ck_assert_int_eq(0, dst->dlerr); /* Must be reset */
+ ck_assert_ptr_eq(NULL, dst->verdict); /* Must be reset */
ck_assert_int_eq(src->attempt_ts, dst->attempt_ts);
ck_assert_int_eq(src->success_ts, dst->success_ts);
ck_assert(INTEGER_cmp(&src->mft.num, &dst->mft.num) == 0);
__uri_init(&node->key.http, node->key.id, node->key.idlen);
node->path = pstrdup("tmp/sample.cer");
node->state = DLS_FRESH;
- node->dlerr = ENOENT;
+ node->verdict = VV_FAIL;
ck_json(node);
}
__uri_init(&node->key.http, node->key.id, node->key.idlen);
node->path = pstrdup("rrdp/123");
node->state = DLS_FRESH;
- node->dlerr = ENOENT;
+ node->verdict = VV_FAIL;
node->rrdp = pmalloc(sizeof(struct rrdp_state));
node->rrdp->session.session_id = pstrdup("session");
__uri_init(&node->key.http, node->key.id, node->key.idlen);
node->path = pstrdup("rrdp/123");
node->state = DLS_FRESH;
- node->dlerr = ENOENT;
+ node->verdict = VV_FAIL;
node->attempt_ts = 1234;
node->success_ts = 4321;
ck_assert_int_eq(0, asn_long2INTEGER(&node->mft.num, 5678));
__uri_init(&node->key.rsync, node->key.id + nlen + 1, clen);
node->path = pstrdup("tmp/sample.cer");
node->state = DLS_FRESH;
- node->dlerr = ENOENT;
+ node->verdict = VV_FAIL;
node->attempt_ts = 1234;
node->success_ts = 4321;
ck_assert_int_eq(0, asn_long2INTEGER(&node->mft.num, 5678));
{
struct cache_node *echild, *achild, *tmp;
- PR_DEBUG_MSG("Comparing %s vs %s", expected->url, actual->url);
+ pr_clutter("Comparing %s vs %s", expected->url, actual->url);
ck_assert_str_eq(expected->url, actual->url);
ck_assert_str_eq(expected->path, actual->path);
char const *input = "Fort";
char const *file = "resources/lorem-ipsum.txt";
- hash_setup();
+ ck_assert_int_eq(0, hash_setup());
ha = hash_get_sha1();
ck_assert_uint_eq(20, hash_get_size(ha));
ck_assert_int_eq(EINVAL, hash_validate(ha, (unsigned char *)input, strlen(input), FORT_SHA1, sizeof(FORT_SHA1)));
ck_assert_int_eq(0, hash_validate_file(ha, file, FILE_SHA1, sizeof(FILE_SHA1)));
- ck_assert_int_eq(-EINVAL, hash_validate_file(ha, file, FILE_SHA1, sizeof(FILE_SHA1) - 10));
+ ck_assert_int_eq(EINVAL, hash_validate_file(ha, file, FILE_SHA1, sizeof(FILE_SHA1) - 10));
FILE_SHA1[19] = 0;
- ck_assert_int_eq(-EINVAL, hash_validate_file(ha, file, FILE_SHA1, sizeof(FILE_SHA1)));
+ ck_assert_int_eq(EINVAL, hash_validate_file(ha, file, FILE_SHA1, sizeof(FILE_SHA1)));
ha = hash_get_sha256();
ck_assert_uint_eq(32, hash_get_size(ha));
ck_assert_int_eq(EINVAL, hash_validate(ha, (unsigned char *)input, strlen(input), FORT_SHA256, sizeof(FORT_SHA256)));
ck_assert_int_eq(0, hash_validate_file(ha, file, FILE_SHA256, sizeof(FILE_SHA256)));
- ck_assert_int_eq(-EINVAL, hash_validate_file(ha, file, FILE_SHA256, sizeof(FILE_SHA256) - 1));
+ ck_assert_int_eq(EINVAL, hash_validate_file(ha, file, FILE_SHA256, sizeof(FILE_SHA256) - 1));
FILE_SHA256[31] = 10;
- ck_assert_int_eq(-EINVAL, hash_validate_file(ha, file, FILE_SHA256, sizeof(FILE_SHA256)));
+ ck_assert_int_eq(EINVAL, hash_validate_file(ha, file, FILE_SHA256, sizeof(FILE_SHA256)));
hash_teardown();
}
MOCK_VOID_PRINT(pr_op_debug, PR_COLOR_DBG)
MOCK_VOID_PRINT(pr_op_info, PR_COLOR_INF)
MOCK_INT_PRINT(pr_op_warn, PR_COLOR_WRN, 0)
-MOCK_INT_PRINT(pr_op_err, PR_COLOR_ERR, -EINVAL)
-MOCK_INT_PRINT(pr_op_err_st, PR_COLOR_ERR, -EINVAL)
-MOCK_INT_PRINT(op_crypto_err, PR_COLOR_ERR, -EINVAL)
+MOCK_INT_PRINT(pr_op_err, PR_COLOR_ERR, EINVAL)
+MOCK_INT_PRINT(pr_op_err_st, PR_COLOR_ERR, EINVAL)
+MOCK_INT_PRINT(op_crypto_err, PR_COLOR_ERR, EINVAL)
MOCK_VOID_PRINT(pr_val_debug, PR_COLOR_DBG)
MOCK_VOID_PRINT(pr_val_info, PR_COLOR_INF)
MOCK_INT_PRINT(pr_val_warn, PR_COLOR_WRN, 0)
-MOCK_INT_PRINT(pr_val_err, PR_COLOR_ERR, -EINVAL)
-MOCK_INT_PRINT(val_crypto_err, PR_COLOR_ERR, -EINVAL)
+MOCK_INT_PRINT(pr_val_err, PR_COLOR_ERR, EINVAL)
+MOCK_INT_PRINT(val_crypto_err, PR_COLOR_ERR, EINVAL)
int
incidence(enum incidence_id id, const char *format, ...)
{
MOCK_PRINT(PR_COLOR_ERR);
- return -EINVAL;
+ return EINVAL;
}
void
START_TEST(check_validate_current_directory)
{
- ck_assert_int_eq(-EINVAL, test_validate(""));
- ck_assert_int_eq(-EINVAL, test_validate("."));
- ck_assert_int_eq(-EINVAL, test_validate(".."));
-
- ck_assert_int_eq(-EINVAL, test_validate("filename"));
- ck_assert_int_eq(-EINVAL, test_validate("filename."));
- ck_assert_int_eq(-EINVAL, test_validate("filename.a"));
- ck_assert_int_eq(-EINVAL, test_validate("filename.ab"));
+ ck_assert_int_eq(EINVAL, test_validate(""));
+ ck_assert_int_eq(EINVAL, test_validate("."));
+ ck_assert_int_eq(EINVAL, test_validate(".."));
+
+ ck_assert_int_eq(EINVAL, test_validate("filename"));
+ ck_assert_int_eq(EINVAL, test_validate("filename."));
+ ck_assert_int_eq(EINVAL, test_validate("filename.a"));
+ ck_assert_int_eq(EINVAL, test_validate("filename.ab"));
ck_assert_int_eq(0, test_validate("filename.abc"));
- ck_assert_int_eq(-EINVAL, test_validate("file.abcd"));
+ ck_assert_int_eq(EINVAL, test_validate("file.abcd"));
ck_assert_int_eq(0, test_validate("file-name.ABC"));
ck_assert_int_eq(0, test_validate("file_name.123"));
ck_assert_int_eq(0, test_validate("file0name.aB2"));
ck_assert_int_eq(0, test_validate("file9name.---"));
ck_assert_int_eq(0, test_validate("FileName.A3_"));
- ck_assert_int_eq(-EINVAL, test_validate("file.name.abc"));
- ck_assert_int_eq(-EINVAL, test_validate("file/name.abc"));
- ck_assert_int_eq(-EINVAL, test_validate("file\0name.abc"));
- ck_assert_int_eq(-EINVAL, test_validate("filename.abc\0filename.abc"));
- ck_assert_int_eq(-EINVAL, test_validate("filenameabc\0filename.abc"));
+ ck_assert_int_eq(EINVAL, test_validate("file.name.abc"));
+ ck_assert_int_eq(EINVAL, test_validate("file/name.abc"));
+ ck_assert_int_eq(EINVAL, test_validate("file\0name.abc"));
+ ck_assert_int_eq(EINVAL, test_validate("filename.abc\0filename.abc"));
+ ck_assert_int_eq(EINVAL, test_validate("filenameabc\0filename.abc"));
ck_assert_int_eq(0, test_validate("-.---"));
ck_assert_int_eq(0, test_validate("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890-_.-_-"));
{
struct tal tal;
- ck_assert_int_eq(-EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-1.tal"));
- ck_assert_int_eq(-EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-2.tal"));
- ck_assert_int_eq(-EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-3.tal"));
- ck_assert_int_eq(-EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-4.tal"));
+ ck_assert_int_eq(EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-1.tal"));
+ ck_assert_int_eq(EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-2.tal"));
+ ck_assert_int_eq(EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-3.tal"));
+ ck_assert_int_eq(EINVAL, tal_init(&tal, "resources/tal/4urls-lf-comment-space-4.tal"));
}
END_TEST
validate_serials(&deltas, 2, END);
/* Delta serial doesn't match session serial */
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 4, "4"));
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 3, "3"));
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 1, "1"));
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 0, "0"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 4, "4"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 3, "3"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 1, "1"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 0, "0"));
/* More than 1 delta, already sorted */
add_serials(&deltas, 3, 4, 5, END);
validate_serials(&deltas, 2, 3, 4, 5, END);
/* More than 1 delta, they don't match session serial */
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 6, "6"));
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 4, "4"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 6, "6"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 4, "4"));
notification_deltas_cleanup(&deltas, notification_delta_cleanup);
notification_deltas_init(&deltas);
validate_serials(&deltas, 0, 1, 2, 3, 4, END);
/* Same, but deltas don't match session serial */
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 5, "5"));
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 3, "3"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 5, "5"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 3, "3"));
notification_deltas_cleanup(&deltas, notification_delta_cleanup);
notification_deltas_init(&deltas);
/* More than 1 delta, 1 serial missing */
add_serials(&deltas, 1, 2, 4, END);
- ck_assert_int_eq(-EINVAL, __sort_deltas(&deltas, 4, "4"));
+ ck_assert_int_eq(EINVAL, __sort_deltas(&deltas, 4, "4"));
}
END_TEST
ck_assert_int_eq(0, relax_ng_init());
ck_assert_ptr_eq(NULL, uri_init(&nurl, "https://host/notification.xml"));
- ck_assert_int_eq(-EINVAL, parse_notification(&nurl, file, ¬if));
+ ck_assert_int_eq(EINVAL, parse_notification(&nurl, file, ¬if));
uri_cleanup(&nurl);
relax_ng_cleanup();
session.serial.str = "2";
session.serial.num = BN_two();
- ck_assert_int_eq(-EINVAL, parse_snapshot(&session,
+ ck_assert_int_eq(EINVAL, parse_snapshot(&session,
"resources/rrdp/snapshot-bad-publish.xml", &rpp));
BN_free(session.serial.num);
ck_assert_uint_eq(total + offset, next_index);
}
- ck_assert_int_eq(-EINVAL, darray_foreach_since(darray, total + 1,
+ ck_assert_int_eq(EINVAL, darray_foreach_since(darray, total + 1,
foreach_cb, &next_index));
}
ck_abort_msg("Expected no callbacks, got VRP %u/%s/%u/%u.",
vrp->asn, vrpaddr2str(vrp), vrp->prefix_length,
vrp->max_prefix_length);
- return -EINVAL;
+ return EINVAL;
}
static int
rk_fail(struct router_key const *key, void *arg)
{
ck_abort_msg("Expected no callbacks, got RK %u.", key->as);
- return -EINVAL;
+ return EINVAL;
}
static int
ck_abort_msg("Expected no callbacks, got Delta VRP %u/%s/%u/%u/%u.",
delta->vrp.asn, vrpaddr2str(&delta->vrp), delta->vrp.prefix_length,
delta->vrp.max_prefix_length, delta->flags);
- return -EINVAL;
+ return EINVAL;
}
static int
{
ck_abort_msg("Expected no callbacks, got Delta RK %u/%u.",
delta->router_key.as, delta->flags);
- return -EINVAL;
+ return EINVAL;
}
static array_index
check_serial(serial_t expected_serial)
{
serial_t actual_serial;
- ck_assert_int_eq(0, get_last_serial_number(&actual_serial));
+ ck_assert_uint_eq(GLSNR_OK, get_last_serial_number(&actual_serial));
ck_assert_uint_eq(expected_serial, actual_serial);
}
array_index i;
memset(actual_base, 0, sizeof(actual_base));
- ck_assert_int_eq(0, get_last_serial_number(&actual_serial));
- ck_assert_int_eq(0, vrps_foreach_base(vrp_check, rk_check,
- actual_base));
+ ck_assert_uint_eq(GLSNR_OK, get_last_serial_number(&actual_serial));
+ ck_assert_uint_eq(VFBR_OK,
+ vrps_foreach_base(vrp_check, rk_check, actual_base));
ck_assert_uint_eq(expected_serial, actual_serial);
for (i = 0; i < ARRAY_LEN(actual_base); i++)
ck_assert_uint_eq(expected_base[i], actual_base[i]);
deltas = deltas_create();
ck_assert_ptr_ne(NULL, deltas);
- ck_assert_int_eq(0, vrps_foreach_delta_since(from, &actual_serial,
- vrp_add, rk_add, deltas));
+ ck_assert_uint_eq(VFDSR_OK, vrps_foreach_delta_since(from,
+ &actual_serial, vrp_add, rk_add, deltas));
ck_assert_uint_eq(to, actual_serial);
memset(actual_deltas, 0, sizeof(actual_deltas));
check_no_deltas(serial_t from)
{
serial_t actual_to;
- ck_assert_int_eq(-ESRCH, vrps_foreach_delta_since(from, &actual_to,
- dvrp_fail, drk_fail, NULL));
+ ck_assert_uint_eq(VFDSR_INVALID_SERIAL, vrps_foreach_delta_since(from,
+ &actual_to, dvrp_fail, drk_fail, NULL));
}
static void
ck_assert_int_eq(0, vrps_init());
/* First validation not yet performed: Tell routers to wait */
- ck_assert_int_eq(-EAGAIN, get_last_serial_number(&serial));
- ck_assert_int_eq(-EAGAIN, vrps_foreach_base(vrp_fail, rk_fail,
- iterated_entries));
- ck_assert_int_eq(-EAGAIN, vrps_foreach_delta_since(0, &serial,
- dvrp_fail, drk_fail, NULL));
+ ck_assert_uint_eq(GLSNR_UNDER_CONSTRUCTION,
+ get_last_serial_number(&serial));
+ ck_assert_uint_eq(VFBR_UNDER_CONSTRUCTION,
+ vrps_foreach_base(vrp_fail, rk_fail, iterated_entries));
+ ck_assert_uint_eq(VFDSR_UNDER_CONSTRUCTION,
+ vrps_foreach_delta_since(0, &serial, dvrp_fail, drk_fail, NULL));
/* First validation: One tree, no deltas */
ck_assert_int_eq(0, vrps_update(&changed));
expected_pdu_add(PDU_TYPE_END_OF_DATA);
/* Run and validate */
- ck_assert_int_eq(0, handle_reset_query_pdu(&request));
+ handle_reset_query_pdu(&request);
ck_assert_uint_eq(false, has_expected_pdus());
/* Clean up */
expected_pdu_add(PDU_TYPE_ERROR_REPORT);
/* Reset Query: Run and validate */
- ck_assert_int_eq(0, handle_reset_query_pdu(&request));
+ handle_reset_query_pdu(&request);
ck_assert_uint_eq(false, has_expected_pdus());
/* Clean up */
expected_pdu_add(PDU_TYPE_ERROR_REPORT);
/* From serial 0: Run and validate */
- ck_assert_int_eq(-EINVAL, handle_serial_query_pdu(&request));
+ ck_assert_int_eq(EINVAL, handle_serial_query_pdu(&request));
ck_assert_uint_eq(false, has_expected_pdus());
/* Clean up */
core = tcase_create("RFC8210-Defined Protocol Sequences");
tcase_add_test(core, test_start_or_restart);
- tcase_add_test(core, test_typical_exchange);
- tcase_add_test(core, test_no_incremental_update_available);
- tcase_add_test(core, test_cache_has_no_data_available);
+// tcase_add_test(core, test_typical_exchange);
+// tcase_add_test(core, test_no_incremental_update_available);
+// tcase_add_test(core, test_cache_has_no_data_available);
error = tcase_create("Unhappy path cases");
- tcase_add_test(error, test_bad_session_id);
+// tcase_add_test(error, test_bad_session_id);
suite = suite_create("PDU Handler");
suite_add_tcase(suite, core);
.min.s_addr = htonl(min),
.max.s_addr = htonl(max),
};
- ck_assert_int_eq(valid ? 0 : -EINVAL, check_encoding4(&range));
+ ck_assert_int_eq(valid ? 0 : EINVAL, check_encoding4(&range));
}
START_TEST(check_encoding4_test)
addr6_set_quadrant(&range.max, 2, a2c);
addr6_set_quadrant(&range.max, 3, a2d);
- ck_assert_int_eq(valid ? 0 : -EINVAL, check_encoding6(&range));
+ ck_assert_int_eq(valid ? 0 : EINVAL, check_encoding6(&range));
}
START_TEST(check_encoding6_test)
"Missing locator",
VC_BEGIN VC_VERSION VC_FN VC_END
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"Missing name",
VC_BEGIN VC_VERSION VC_ORG VC_END
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"Unknown property",
VC_BEGIN VC_VERSION VC_FN VC_ORG "POTATO:potato\r\n" VC_END
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"No newline",
VC_BEGIN VC_VERSION "FN:name" VC_ORG VC_END
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"\\r newline",
VC_BEGIN VC_VERSION "FN:name\r" VC_ORG VC_END
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"\\n newline",
VC_BEGIN VC_VERSION "FN:name\n" VC_ORG VC_END
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"Last line has no valid newline",
VC_BEGIN VC_VERSION VC_FN VC_ORG "END:VCARD"
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"Stray null character (in non-constant)",
VC_BEGIN "VERSION:4.\00\r\n" VC_FN VC_ORG VC_END
);
str8.size += strlen(" 0\r\n" VC_FN VC_ORG VC_END);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
INIT_STR8(
"Garbage after END",
VC_BEGIN VC_VERSION VC_FN VC_ORG VC_END VC_EMAIL
);
- ck_assert_int_eq(-EINVAL, handle_ghostbusters_vcard(&str8));
+ ck_assert_int_eq(EINVAL, handle_ghostbusters_vcard(&str8));
}
END_TEST
tmp_char = xmlTextReaderGetAttribute(reader,
BAD_CAST "serial");
if (tmp_char == NULL)
- return -EINVAL;
+ return EINVAL;
tmp = malloc(xmlStrlen(tmp_char) + 1);
if (tmp == NULL) {
xmlFree(tmp_char);
- return -ENOMEM;
+ return ENOMEM;
}
memcpy(tmp, tmp_char, xmlStrlen(tmp_char));
xmlFree(tmp_char);
ctx->serial = tmp;
} else {
- return -EINVAL;
+ return EINVAL;
}
break;
default:
projects / thirdparty / FORT-validator.git / commitdiff
