Un-deprecate http.priority and rsync.priority

Reverts relevant tweak from c717043aad5bf8306a437ac0020bdfceeb8d2234,
though it rewrites the mechanism.

Orders from above. But also, RRDP seems to be much faster than rsync.
Best prefer the former at all times by default.

diff --git a/src/config.c b/src/config.c
index 531f55003a6afcef246d75ae8f583a622874bf75..46206d470bc234c3d4a84161c4954f8d096b132d 100644 (file)
--- a/src/config.c
+++ b/src/config.c
@@ -1303,6 +1303,12 @@ config_get_rsync_enabled(void)
        return !rpki_config.work_offline && rpki_config.rsync.enabled;
 }
 
+unsigned int
+config_get_rsync_priority(void)
+{
+       return rpki_config.rsync.priority;
+}
+
 unsigned int
 config_get_rsync_retry_count(void)
 {
@@ -1333,6 +1339,12 @@ config_get_http_enabled(void)
        return !rpki_config.work_offline && rpki_config.http.enabled;
 }
 
+unsigned int
+config_get_http_priority(void)
+{
+       return rpki_config.http.priority;
+}
+
 unsigned int
 config_get_http_retry_count(void)
 {

diff --git a/src/config.h b/src/config.h
index 8f17a20a6015e35a1bb7923c0a332faf3ac06e26..c7d353dbff21e5a0d0c6838fb5f503c4d95c9a37 100644 (file)
--- a/src/config.h
+++ b/src/config.h
@@ -40,11 +40,13 @@ long config_get_http_low_speed_time(void);
 long config_get_http_max_file_size(void);
 char const *config_get_http_ca_path(void);
 bool config_get_rsync_enabled(void);
+unsigned int config_get_rsync_priority(void);
 unsigned int config_get_rsync_retry_count(void);
 unsigned int config_get_rsync_retry_interval(void);
 char *config_get_rsync_program(void);
 struct string_array const *config_get_rsync_args(void);
 bool config_get_http_enabled(void);
+unsigned int config_get_http_priority(void);
 unsigned int config_get_http_retry_count(void);
 unsigned int config_get_http_retry_interval(void);
 char const *config_get_output_roa(void);

diff --git a/src/object/certificate.c b/src/object/certificate.c
index 523b159108310fb31ec7b539f6107b5e6015eb67..1004c14856534343cb4a9cb69224ae41cdae3f51 100644 (file)
--- a/src/object/certificate.c
+++ b/src/object/certificate.c
@@ -1927,30 +1927,62 @@ certificate_validate_aia(struct rpki_uri *caIssuers, X509 *cert)
        return 0;
 }
 
-static int
-download_rpp(struct sia_uris *uris)
+static bool
+try_uris(struct sia_uris *uris, enum uri_type const *filter)
 {
        struct rpki_uri **node, *uri;
-
-       if (uris->rpp.len == 0)
-               return pr_val_err("SIA lacks both caRepository and rpkiNotify.");
+       enum uri_type type;
 
        ARRAYLIST_FOREACH(&uris->rpp, node) {
                uri = *node;
-               switch (uri_get_type(uri)) {
+               type = uri_get_type(uri);
+
+               if (filter != NULL && (*filter) != type)
+                       continue;
+
+               switch (type) {
                case UT_RSYNC:
                        if (cache_download(uri, NULL) == 0)
-                               return 0;
+                               return true;
                        break;
                case UT_HTTPS:
                        if (rrdp_update(uri) == 0)
-                               return 0;
+                               return true;
                        break;
                default:
-                       pr_crit("Unknown URI type: %u", uri_get_type(uri));
+                       pr_crit("Unknown URI type: %u", type);
                }
        }
 
+       return false;
+}
+
+static int
+download_rpp(struct sia_uris *uris)
+{
+       static const enum uri_type HTTP = UT_HTTPS;
+       static const enum uri_type RSYNC = UT_RSYNC;
+
+       if (uris->rpp.len == 0)
+               return pr_val_err("SIA lacks both caRepository and rpkiNotify.");
+
+       if (config_get_http_priority() > config_get_rsync_priority()) {
+               if (try_uris(uris, &HTTP))
+                       return 0;
+               if (try_uris(uris, &RSYNC))
+                       return 0;
+
+       } else if (config_get_http_priority() < config_get_rsync_priority()) {
+               if (try_uris(uris, &RSYNC))
+                       return 0;
+               if (try_uris(uris, &HTTP))
+                       return 0;
+
+       } else {
+               if (try_uris(uris, NULL))
+                       return 0;
+       }
+
        return pr_val_err("The RPP could not be downloaded.");
 }
 

diff --git a/src/object/tal.c b/src/object/tal.c
index 74bc0f0a2486fa4dd62d6c01c7451ffaa0af56ef..f0256adf2afa665d36a061d71e53eeffb5284efb 100644 (file)
--- a/src/object/tal.c
+++ b/src/object/tal.c
@@ -362,20 +362,50 @@ tal_destroy(struct tal *tal)
 }
 
 static int
-foreach_uri(struct tal *tal, foreach_uri_cb cb, void *arg)
+foreach(enum uri_type const *filter, struct tal *tal,
+    foreach_uri_cb cb, void *arg)
 {
+       struct rpki_uri *uri;
        unsigned int i;
        int error;
 
        for (i = 0; i < tal->uris.count; i++) {
-               error = cb(tal, tal->uris.array[i], arg);
-               if (error)
-                       return error;
+               uri = tal->uris.array[i];
+               if (filter == NULL || (*filter) == uri_get_type(uri)) {
+                       error = cb(tal, uri, arg);
+                       if (error)
+                               return error;
+               }
        }
 
        return 0;
 }
 
+static int
+foreach_uri(struct tal *tal, foreach_uri_cb cb, void *arg)
+{
+       static const enum uri_type HTTP = UT_HTTPS;
+       static const enum uri_type RSYNC = UT_RSYNC;
+       int error;
+
+       if (config_get_http_priority() > config_get_rsync_priority()) {
+               error = foreach(&HTTP, tal, cb, arg);
+               if (!error)
+                       error = foreach(&RSYNC, tal, cb, arg);
+
+       } else if (config_get_http_priority() < config_get_rsync_priority()) {
+               error = foreach(&RSYNC, tal, cb, arg);
+               if (!error)
+                       error = foreach(&HTTP, tal, cb, arg);
+
+       } else {
+               error = foreach(NULL, tal, cb, arg);
+
+       }
+
+       return error;
+}
+
 char const *
 tal_get_file_name(struct tal *tal)
 {