GCC Code Coverage Report

Directory: cvmfs/
File: cvmfs/manifest_fetch.h
Date: 2025-11-02 02:35:35
Exec Total Coverage
Lines: 29 30 96.7%
Branches: 9 10 90.0%
Line Branch Exec Source
1 /**
2 * This file is part of the CernVM File System.
3 */
4
5 #ifndef CVMFS_MANIFEST_FETCH_H_
6 #define CVMFS_MANIFEST_FETCH_H_
7
8 #include <cstdlib>
9 #include <string>
10
11 #include "manifest.h"
12
13 namespace shash {
14 struct Any;
15 }
16
17 namespace signature {
18 class SignatureManager;
19 }
20
21 namespace download {
22 class DownloadManager;
23 }
24
25 namespace manifest {
26
27 enum Failures {
28 kFailOk = 0,
29 kFailLoad,
30 kFailIncomplete,
31 kFailNameMismatch,
32 kFailRootMismatch,
33 kFailOutdated,
34 kFailBadCertificate,
35 kFailBadSignature,
36 kFailBadWhitelist,
37 kFailInvalidCertificate,
38 kFailUnknown,
39
40 kFailNumEntries
41 };
42
43 228 inline const char *Code2Ascii(const Failures error) {
44 const char *texts[kFailNumEntries + 1];
45 228 texts[0] = "OK";
46 228 texts[1] = "failed to download";
47 228 texts[2] = "incomplete manifest";
48 228 texts[3] = "repository name mismatch";
49 228 texts[4] = "catalog root path mismatch";
50 228 texts[5] = "outdated manifest";
51 228 texts[6] = "bad certificate, failed to verify repository manifest";
52 228 texts[7] = "bad signature, failed to verify repository manifest";
53 228 texts[8] = "bad whitelist";
54 228 texts[9] = "invalid certificate";
55 228 texts[10] = "unknown error";
56 228 texts[11] = "no text";
57 228 return texts[error];
58 }
59
60 /**
61 * A manifest requires the certificate and the whitelist to be verified.
62 * All three (for with the pkcs7 signature of the whitelist) are an ensemble.
63 */
64 struct ManifestEnsemble {
65 807 ManifestEnsemble() {
66 807 manifest = NULL;
67 807 raw_manifest_buf = cert_buf = whitelist_buf = whitelist_pkcs7_buf = NULL;
68 807 raw_manifest_size = cert_size = whitelist_size = whitelist_pkcs7_size = 0;
69 807 }
70 1614 virtual ~ManifestEnsemble() {
71
2/2
✓ Branch 0 taken 609 times.
✓ Branch 1 taken 198 times.
 1614 delete manifest;
72
2/2
✓ Branch 0 taken 609 times.
✓ Branch 1 taken 198 times.
 1614 if (raw_manifest_buf)
73 1218 free(raw_manifest_buf);
74
2/2
✓ Branch 0 taken 545 times.
✓ Branch 1 taken 262 times.
 1614 if (cert_buf)
75 1090 free(cert_buf);
76
2/2
✓ Branch 0 taken 545 times.
✓ Branch 1 taken 262 times.
 1614 if (whitelist_buf)
77 1090 free(whitelist_buf);
78
1/2
✗ Branch 0 not taken.
✓ Branch 1 taken 807 times.
 1614 if (whitelist_pkcs7_buf)
79 free(whitelist_pkcs7_buf);
80 }
81 // Can be overwritten to fetch certificate from cache
82 324 virtual void FetchCertificate(const shash::Any &hash) { }
83
84 Manifest *manifest;
85 unsigned char *raw_manifest_buf;
86 unsigned char *cert_buf;
87 unsigned char *whitelist_buf;
88 unsigned char *whitelist_pkcs7_buf;
89 unsigned raw_manifest_size;
90 unsigned cert_size;
91 unsigned whitelist_size;
92 unsigned whitelist_pkcs7_size;
93 };
94
95 // TODO(jblomer): analogous to the Fetcher class, make a ManifestFetcher class
96 Failures Fetch(const std::string &base_url, const std::string &repository_name,
97 const uint64_t minimum_timestamp, const shash::Any *base_catalog,
98 signature::SignatureManager *signature_manager,
99 download::DownloadManager *download_manager,
100 ManifestEnsemble *ensemble);
101
102 Failures Verify(unsigned char *manifest_data, size_t manifest_size,
103 const std::string &base_url, const std::string &repository_name,
104 const uint64_t minimum_timestamp,
105 const shash::Any *base_catalog,
106 signature::SignatureManager *signature_manager,
107 download::DownloadManager *download_manager,
108 ManifestEnsemble *ensemble);
109
110 } // namespace manifest
111
112 #endif // CVMFS_MANIFEST_FETCH_H_
113