Prioritize https refreshes on TAL URLs

Few reasons:

1. rsync is a bit of a pain as a retrieval tool for RPKI,
   and I'd like to avoid it when I can get away with it.
2. Refresh by SIA was already prioritizing RRDP over rsync,
   so this makes the overall behavior more consistent.
3. Always preferring one protocol over the other tends to
   reduce bandwidth & cache usage.

So, mirror the SIA refresh order for TAs. From highest to lowest
priority:

1. Online HTTPS (including RRDP)
2. Online rsync
3. Fallback HTTPS (including RRDP)
4. Fallback rsync

diff --git a/src/object/tal.c b/src/object/tal.c
index 79e2b1bec5d5de8a25489e0c5262a59ed6635658..ec46059341b5434255c0e225267507147572da22 100644 (file)
--- a/src/object/tal.c
+++ b/src/object/tal.c
@@ -165,43 +165,51 @@ validate_ta(struct tal *tal, struct cache_mapping const *ta_map)
 }
 
 static int
-traverse_tal(char const *tal_path)
+try_urls(struct tal *tal, bool (*url_is_protocol)(char const *),
+    char *(*get_path)(char const *))
 {
-       struct tal tal;
        char **url;
        struct cache_mapping map;
-       int error;
-
-       fnstack_push(tal_path);
-
-       error = tal_init(&tal, tal_path);
-       if (error)
-               goto end1;
 
-       /* Online attempts */
-       ARRAYLIST_FOREACH(&tal.urls, url) {
+       ARRAYLIST_FOREACH(&tal->urls, url) {
                map.url = *url;
+               if (!url_is_protocol(map.url))
+                       continue;
                // XXX if this is rsync, it seems this will queue and fail
-               map.path = cache_refresh_by_url(*url);
+               map.path = get_path(*url);
                if (!map.path)
                        continue;
-               if (validate_ta(&tal, &map) != 0)
+               if (validate_ta(tal, &map) != 0)
                        continue;
                cache_commit_file(&map);
-               goto end2; /* Happy path */
+               return 0;
        }
 
+       return ESRCH;
+}
+
+static int
+traverse_tal(char const *tal_path)
+{
+       struct tal tal;
+       int error;
+
+       fnstack_push(tal_path);
+
+       error = tal_init(&tal, tal_path);
+       if (error)
+               goto end1;
+
+       /* Online attempts */
+       if (try_urls(&tal, url_is_https, cache_refresh_by_url) == 0)
+               goto end2;
+       if (try_urls(&tal, url_is_rsync, cache_refresh_by_url) == 0)
+               goto end2;
        /* Offline fallback attempts */
-       ARRAYLIST_FOREACH(&tal.urls, url) {
-               map.url = *url;
-               map.path = cache_get_fallback(*url);
-               if (!map.path)
-                       continue;
-               if (validate_ta(&tal, &map) != 0)
-                       continue;
-               cache_commit_file(&map);
-               goto end2; /* Happy path */
-       }
+       if (try_urls(&tal, url_is_https, cache_get_fallback) == 0)
+               goto end2;
+       if (try_urls(&tal, url_is_rsync, cache_get_fallback) == 0)
+               goto end2;
 
        pr_op_err("None of the TAL URIs yielded a successful traversal.");
        error = EINVAL;