fort_SOURCES += config/incidences.h config/incidences.c
fort_SOURCES += config/output_format.h config/output_format.c
fort_SOURCES += config/init_tals.h config/init_tals.c
-fort_SOURCES += config/rrdp_conf.h config/rrdp_conf.c
fort_SOURCES += config/rsync_strategy.h config/rsync_strategy.c
fort_SOURCES += config/str.c config/str.h
fort_SOURCES += config/string_array.h config/string_array.c
-fort_SOURCES += config/sync_strategy.h config/sync_strategy.c
fort_SOURCES += config/types.h
fort_SOURCES += config/uint.c config/uint.h
fort_SOURCES += config/uint32.c config/uint32.h
#include "config/boolean.h"
#include "config/incidences.h"
#include "config/init_tals.h"
-#include "config/rrdp_conf.h"
#include "config/str.h"
-#include "config/sync_strategy.h"
#include "config/uint.h"
#include "config/uint32.h"
#include "config/work_offline.h"
char *tal;
/** Path of our local clone of the repository */
char *local_repository;
- /** TODO (later) Deprecated, remove it. RSYNC download strategy. */
- enum rsync_strategy sync_strategy;
/**
* Handle TAL URIs in random order?
* (https://tools.ietf.org/html/rfc8630#section-3, last
} args;
} rsync;
- struct {
- /* Enables the protocol */
- bool enabled;
- /*
- * Priority, this will override the order set at the CAs in
- * their accessMethod extension.
- */
- unsigned int priority;
- /* Retry conf, utilized on errors */
- struct {
- /* Maximum number of retries on error */
- unsigned int count;
- /* Interval (in seconds) between each retry */
- unsigned int interval;
- } retry;
- } rrdp;
-
struct {
/* Enables the protocol */
bool enabled;
.offset = offsetof(struct rpki_config, local_repository),
.doc = "Directory where the repository local cache will be stored/read",
.arg_doc = "<directory>",
- }, {
- .id = 1001,
- .name = "sync-strategy",
- .type = >_sync_strategy,
- .offset = offsetof(struct rpki_config, sync_strategy),
- .doc = "RSYNC download strategy. Deprecated; use 'rsync.strategy' instead.",
}, {
.id = 2001,
.name = "shuffle-uris",
}, {
.id = 3001,
.name = "rsync.priority",
- .type = >_uint32,
+ .type = >_uint32, /* TODO (#78) this is not u32 */
.offset = offsetof(struct rpki_config, rsync.priority),
.doc = "Priority of execution to fetch repositories files, a higher value means higher priority",
.min = 0,
.max = 0,
},
- /* RRDP fields */
- {
- .id = 10000,
- .name = "rrdp.enabled",
- .type = >_rrdp_enabled,
- .offset = offsetof(struct rpki_config, rrdp.enabled),
- .doc = "Enables RRDP execution. Deprecated; use 'http.enabled' instead.",
- }, {
- .id = 10001,
- .name = "rrdp.priority",
- .type = >_rrdp_priority,
- .offset = offsetof(struct rpki_config, rrdp.priority),
- .doc = "Priority of execution to fetch repositories files, a higher value means higher priority. Deprecated; use 'http.priority' instead.",
- .min = 0,
- .max = 100,
- }, {
- .id = 10002,
- .name = "rrdp.retry.count",
- .type = >_rrdp_retry_count,
- .offset = offsetof(struct rpki_config, rrdp.retry.count),
- .doc = "Maximum amount of retries whenever there's an error fetching RRDP files. Deprecated; use 'http.retry.count' instead.",
- .min = 0,
- .max = UINT_MAX,
- }, {
- .id = 10003,
- .name = "rrdp.retry.interval",
- .type = >_rrdp_retry_interval,
- .offset = offsetof(struct rpki_config, rrdp.retry.interval),
- .doc = "Period (in seconds) to wait between retries after an error ocurred fetching RRDP files. Deprecated; use 'http.retry.interval' instead.",
- .min = 0,
- .max = UINT_MAX,
- },
-
/* HTTP requests parameters */
{
.id = 9000,
.name = "http.enabled",
- .type = >_rrdp_enabled,
+ .type = >_bool,
.offset = offsetof(struct rpki_config, http.enabled),
.doc = "Enables outgoing HTTP requests",
}, {
.id = 9001,
.name = "http.priority",
- .type = >_rrdp_priority,
+ .type = >_uint,
.offset = offsetof(struct rpki_config, http.priority),
.doc = "Priority of execution to fetch repositories files, a higher value means higher priority",
.min = 0,
}, {
.id = 9002,
.name = "http.retry.count",
- .type = >_rrdp_retry_count,
+ .type = >_uint,
.offset = offsetof(struct rpki_config, http.retry.count),
.doc = "Maximum amount of retries whenever there's an error requesting HTTP URIs",
.min = 0,
}, {
.id = 9003,
.name = "http.retry.interval",
- .type = >_rrdp_retry_interval,
+ .type = >_uint,
.offset = offsetof(struct rpki_config, http.retry.interval),
.doc = "Period (in seconds) to wait between retries after an error ocurred doing HTTP requests",
.min = 0,
.doc = "Maximum transfer time (once the connection is established) before dropping the connection",
.min = 0,
.max = UINT_MAX,
- }, {
- .id = 9007,
- .name = "http.idle-timeout", /* TODO DEPRECATED. */
- .type = >_uint,
- .offset = offsetof(struct rpki_config, http.low_speed_time),
- .doc = "Deprecated; currently an alias for --http.low-speed-time. Use --http.low-speed-time instead.",
- .min = 0,
- .max = UINT_MAX,
}, {
.id = 9009,
.name = "http.low-speed-limit",
rpki_config.tal = NULL;
rpki_config.local_repository = pstrdup("/tmp/fort/repository");
- rpki_config.sync_strategy = RSYNC_ROOT_EXCEPT_TA;
rpki_config.shuffle_tal_uris = false;
rpki_config.maximum_certificate_depth = 32;
rpki_config.slurm = NULL;
rpki_config.http.max_file_size = 1000000000;
rpki_config.http.ca_path = NULL; /* Use system default */
- /*
- * TODO (later) Same values as http.*, delete when rrdp.* is fully
- * deprecated
- */
- rpki_config.rrdp.enabled = rpki_config.http.enabled;
- rpki_config.rrdp.priority = rpki_config.http.priority;
- rpki_config.rrdp.retry.count = rpki_config.http.retry.count;
- rpki_config.rrdp.retry.interval = rpki_config.http.retry.interval;
-
rpki_config.log.enabled = true;
rpki_config.log.tag = NULL;
rpki_config.log.color = false;
!valid_file_or_dir(rpki_config.slurm, true, true, pr_op_err))
return pr_op_err("Invalid slurm location.");
- /* TODO (later) Remove when sync-strategy is fully deprecated */
- if (!rpki_config.rsync.enabled)
- config_set_sync_strategy(RSYNC_OFF);
-
return 0;
}
if (is_rpki_config_field(option) && option->type->free != NULL)
option->type->free(get_rpki_config_field(option));
}
-
-/*
- * "To be deprecated" section
- */
-void
-config_set_rrdp_enabled(bool value)
-{
- rpki_config.rrdp.enabled = value;
-}
-
-void
-config_set_sync_strategy(enum rsync_strategy value)
-{
- rpki_config.sync_strategy = value;
-}
-
-void
-config_set_rsync_strategy(enum rsync_strategy value)
-{
- rpki_config.rsync.strategy = value;
-}
-
-void
-config_set_rrdp_priority(unsigned int value)
-{
- rpki_config.rrdp.priority = value;
-}
-
-void
-config_set_http_priority(unsigned int value)
-{
- rpki_config.http.priority = value;
-}
-
-void
-config_set_rrdp_retry_count(unsigned int value)
-{
- rpki_config.rrdp.retry.count = value;
-}
-
-void
-config_set_http_retry_count(unsigned int value)
-{
- rpki_config.http.retry.count = value;
-}
-
-void
-config_set_rrdp_retry_interval(unsigned int value)
-{
- rpki_config.rrdp.retry.interval = value;
-}
-
-void
-config_set_http_retry_interval(unsigned int value)
-{
- rpki_config.http.retry.interval = value;
-}
enum log_output config_get_val_log_output(void);
uint32_t config_get_val_log_facility(void);
-/*
- * Public, so that work-offline can set them, or (to be deprecated)
- * sync-strategy when set to 'off'.
- */
+/* Public, so --work-offline can override them. */
void config_set_rsync_enabled(bool);
void config_set_http_enabled(bool);
-/* TODO (later) Deprecated */
-void config_set_rrdp_enabled(bool);
-
-/* TODO (later) Remove when sync-strategy is fully deprecated */
-void config_set_sync_strategy(enum rsync_strategy);
-void config_set_rsync_strategy(enum rsync_strategy);
-
-/* TODO (later) Remove once rrdp.* is fully deprecated */
-void config_set_rrdp_priority(unsigned int);
-void config_set_http_priority(unsigned int);
-void config_set_rrdp_retry_count(unsigned int);
-void config_set_http_retry_count(unsigned int);
-void config_set_rrdp_retry_interval(unsigned int);
-void config_set_http_retry_interval(unsigned int);
/* Needed public by the JSON module */
void *get_rpki_config_field(struct option_field const *);
+++ /dev/null
-#include "config/rrdp_conf.h"
-
-#include <getopt.h>
-#include <stdbool.h>
-#include <string.h>
-#include "config.h"
-#include "log.h"
-#include "config/boolean.h"
-#include "config/uint.h"
-#include "config/uint32.h"
-
-/*
- * Note that this is just a wrapper to set rrdp.* arguments and its equivalent
- * http.* args.
- *
- * TODO (later) This wrapper will live until all rrdp.* args are fully
- * deprecated.
- */
-
-#define DEREFERENCE_BOOL(void_value) (*((bool *) void_value))
-#define DEREFERENCE_UINT32(void_value) (*((uint32_t *) void_value))
-#define DEREFERENCE_UINT(void_value) (*((unsigned int *) void_value))
-
-static int
-set_rrdp_enabled(char const *name, bool value)
-{
- /* Warn about future deprecation */
- if (strcmp(name, "rrdp.enabled") == 0)
- pr_op_warn("'rrdp.enabled' is deprecated; use 'http.enabled' instead.");
-
- config_set_rrdp_enabled(value);
- config_set_http_enabled(value);
- return 0;
-}
-
-static int
-set_priority(char const *name, uint32_t value)
-{
- /* Warn about future deprecation */
- if (strcmp(name, "rrdp.priority") == 0)
- pr_op_warn("'rrdp.priority' is deprecated; use 'http.priority' instead.");
-
- config_set_rrdp_priority(value);
- config_set_http_priority(value);
- return 0;
-}
-
-static int
-set_retry_count(char const *name, unsigned int value)
-{
- /* Warn about future deprecation */
- if (strcmp(name, "rrdp.retry.count") == 0)
- pr_op_warn("'rrdp.retry.count' is deprecated; use 'http.retry.count' instead.");
-
- config_set_rrdp_retry_count(value);
- config_set_http_retry_count(value);
- return 0;
-}
-
-static int
-set_retry_interval(char const *name, unsigned int value)
-{
- /* Warn about future deprecation */
- if (strcmp(name, "rrdp.retry.interval") == 0)
- pr_op_warn("'rrdp.retry.interval' is deprecated; use 'http.retry.interval' instead.");
-
- config_set_rrdp_retry_interval(value);
- config_set_http_retry_interval(value);
- return 0;
-}
-
-int
-parse_argv_enabled(struct option_field const *field, char const *str,
- void *result)
-{
- int error;
-
- error = parse_argv_bool(field, str, result);
- if (error)
- return error;
-
- return set_rrdp_enabled(field->name, DEREFERENCE_BOOL(result));
-}
-
-int
-parse_json_enabled(struct option_field const *opt, struct json_t *json,
- void *result)
-{
- int error;
-
- error = parse_json_bool(opt, json, result);
- if (error)
- return error;
-
- return set_rrdp_enabled(opt->name, DEREFERENCE_BOOL(result));
-}
-
-int
-parse_argv_priority(struct option_field const *field, char const *str,
- void *result)
-{
- int error;
-
- error = parse_argv_uint32(field, str, result);
- if (error)
- return error;
-
- return set_priority(field->name, DEREFERENCE_UINT32(result));
-}
-
-int
-parse_json_priority(struct option_field const *opt, json_t *json, void *result)
-{
- int error;
-
- error = parse_json_uint32(opt, json, result);
- if (error)
- return error;
-
- return set_priority(opt->name, DEREFERENCE_UINT32(result));
-}
-
-int
-parse_argv_retry_count(struct option_field const *field, char const *str,
- void *result)
-{
- int error;
-
- error = parse_argv_uint(field, str, result);
- if (error)
- return error;
-
- return set_retry_count(field->name, DEREFERENCE_UINT(result));
-}
-
-int
-parse_json_retry_count(struct option_field const *opt, json_t *json,
- void *result)
-{
- int error;
-
- error = parse_json_uint(opt, json, result);
- if (error)
- return error;
-
- return set_retry_count(opt->name, DEREFERENCE_UINT(result));
-}
-
-int
-parse_argv_retry_interval(struct option_field const *field, char const *str,
- void *result)
-{
- int error;
-
- error = parse_argv_uint(field, str, result);
- if (error)
- return error;
-
- return set_retry_interval(field->name, DEREFERENCE_UINT(result));
-}
-
-int
-parse_json_retry_interval(struct option_field const *opt, json_t *json,
- void *result)
-{
- int error;
-
- error = parse_json_uint(opt, json, result);
- if (error)
- return error;
-
- return set_retry_interval(opt->name, DEREFERENCE_UINT(result));
-}
-
-const struct global_type gt_rrdp_enabled = {
- .has_arg = optional_argument,
- .size = sizeof(bool),
- .print = print_bool,
- .parse.argv = parse_argv_enabled,
- .parse.json = parse_json_enabled,
- .arg_doc = "true|false",
-};
-
-const struct global_type gt_rrdp_priority = {
- .has_arg = required_argument,
- .size = sizeof(uint32_t),
- .print = print_uint32,
- .parse.argv = parse_argv_priority,
- .parse.json = parse_json_priority,
- .arg_doc = "<32-bit unsigned integer>",
-};
-
-const struct global_type gt_rrdp_retry_count = {
- .has_arg = required_argument,
- .size = sizeof(unsigned int),
- .print = print_uint,
- .parse.argv = parse_argv_retry_count,
- .parse.json = parse_json_retry_count,
- .arg_doc = "<unsigned integer>",
-};
-
-const struct global_type gt_rrdp_retry_interval = {
- .has_arg = required_argument,
- .size = sizeof(unsigned int),
- .print = print_uint,
- .parse.argv = parse_argv_retry_interval,
- .parse.json = parse_json_retry_interval,
- .arg_doc = "<unsigned integer>",
-};
+++ /dev/null
-#ifndef SRC_CONFIG_RRDP_CONF_H_
-#define SRC_CONFIG_RRDP_CONF_H_
-
-#include "config/types.h"
-
-extern const struct global_type gt_rrdp_enabled;
-extern const struct global_type gt_rrdp_priority;
-extern const struct global_type gt_rrdp_retry_count;
-extern const struct global_type gt_rrdp_retry_interval;
-
-#endif /* SRC_CONFIG_RRDP_CONF_H_ */
str);
#endif
-void
+static void
print_rsync_strategy(struct option_field const *field, void *value)
{
char const *str = "<unknown>";
pr_op_info("%s: %s", field->name, str);
}
-int
+static int
parse_argv_rsync_strategy(struct option_field const *field, char const *str,
void *result)
{
return pr_op_err("Unknown rsync synchronization strategy: '%s'",
str);
- /* TODO (later) Remove when sync-strategy is fully deprecated */
- config_set_sync_strategy(DEREFERENCE(result));
-
return 0;
}
-int
+static int
parse_json_rsync_strategy(struct option_field const *opt, struct json_t *json,
void *result)
{
#include "config/types.h"
enum rsync_strategy {
- /*
- * TODO (later) Deprecated. Still alive so that 'sync-strategy' and
- * 'rsync.strategy' can live together.
- *
- * 'sync-strategy' type must handle this value to set 'rsync.enabled'
- * as 'false'.
- */
- RSYNC_OFF,
/**
* Strictly correct download strategy.
*
extern const struct global_type gt_rsync_strategy;
-/*
- * TODO (later) Public to live along with 'sync-strategy', return them to
- * private whenever 'sync-strategy' is deleted.
- */
-void print_rsync_strategy(struct option_field const *, void *);
-int parse_argv_rsync_strategy(struct option_field const *, char const *,
- void *);
-int parse_json_rsync_strategy(struct option_field const *, struct json_t *,
- void *);
-
#endif /* SRC_CONFIG_RSYNC_STRATEGY_H_ */
+++ /dev/null
-#include "config/sync_strategy.h"
-
-#include <getopt.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "config.h"
-#include "log.h"
-#include "config/str.h"
-#include "config/rsync_strategy.h"
-
-/*
- * Yeap, all of this is duplicated, better remove it with the whole source file
- * whenever sync-strategy isn't supported anymore.
- */
-
-#define RSYNC_VALUE_OFF "off"
-#define RSYNC_VALUE_STRICT "strict"
-#define RSYNC_VALUE_ROOT "root"
-#define RSYNC_VALUE_ROOT_EXCEPT_TA "root-except-ta"
-
-#define DEREFERENCE(void_value) (*((enum rsync_strategy *) void_value))
-
-#ifdef ENABLE_STRICT_STRATEGY
-#define PRINT_STRICT_ARG_DOC "|" RSYNC_VALUE_STRICT
-#define HANDLE_RSYNC_STRICT DEREFERENCE(result) = RSYNC_STRICT;
-#else
-#define PRINT_STRICT_ARG_DOC
-#define HANDLE_RSYNC_STRICT \
- return pr_err("Unknown synchronization strategy: '%s'. In order to use it, recompile using flag ENABLE_STRICT_STRATEGY.",\
- str);
-#endif
-
-static void
-print_sync_strategy(struct option_field const *field, void *value)
-{
- if (DEREFERENCE(value) == RSYNC_OFF) {
- pr_op_info("%s: %s", field->name, RSYNC_VALUE_OFF);
- return;
- }
-
- print_rsync_strategy(field, value);
-}
-
-static int
-parse_argv_sync_strategy(struct option_field const *field, char const *str,
- void *result)
-{
- int error;
-
- pr_op_warn("'sync-strategy' is deprecated.");
- pr_op_warn("Use 'rsync.strategy' instead; or 'rsync.enabled=false' if you wish to use 'off' strategy.");
-
- if (strcmp(str, RSYNC_VALUE_OFF) == 0) {
- DEREFERENCE(result) = RSYNC_OFF;
- config_set_rsync_enabled(false);
- return 0;
- }
-
- error = parse_argv_rsync_strategy(field, str, result);
- if (!error)
- config_set_rsync_strategy(DEREFERENCE(result));
- return error;
-}
-
-static int
-parse_json_sync_strategy(struct option_field const *opt, struct json_t *json,
- void *result)
-{
- char const *string;
- int error;
-
- error = parse_json_string(json, opt->name, &string);
- return error ? error : parse_argv_sync_strategy(opt, string, result);
-}
-
-const struct global_type gt_sync_strategy = {
- .has_arg = required_argument,
- .size = sizeof(enum rsync_strategy),
- .print = print_sync_strategy,
- .parse.argv = parse_argv_sync_strategy,
- .parse.json = parse_json_sync_strategy,
- .arg_doc = RSYNC_VALUE_OFF
- "|" RSYNC_VALUE_ROOT
- "|" RSYNC_VALUE_ROOT_EXCEPT_TA
- PRINT_STRICT_ARG_DOC,
-};
+++ /dev/null
-#ifndef SRC_CONFIG_SYNC_STRATEGY_H_
-#define SRC_CONFIG_SYNC_STRATEGY_H_
-
-#include "config/types.h"
-
-extern const struct global_type gt_sync_strategy;
-
-#endif /* SRC_CONFIG_SYNC_STRATEGY_H_ */
return error;
config_set_rsync_enabled(!DEREFERENCE(result));
- config_set_rrdp_enabled(!DEREFERENCE(result));
config_set_http_enabled(!DEREFERENCE(result));
return 0;
return error;
config_set_rsync_enabled(!DEREFERENCE(result));
- config_set_rrdp_enabled(!DEREFERENCE(result));
config_set_http_enabled(!DEREFERENCE(result));
return 0;
: handle_root_strategy(requested_uri, rsync_uri);
case RSYNC_STRICT:
return handle_strict_strategy(requested_uri, rsync_uri);
- case RSYNC_OFF:
- break;
}
pr_crit("Invalid rsync strategy: %u", config_get_rsync_strategy());
projects / thirdparty / FORT-validator.git / commitdiff
