Download via HTTP only if enterprise policy allows.
In order to rollout HTTP-downloads for AU to stable channel, we want to
be a bit more conservative to preseve the defense in depth we have now
with HTTPS. So, we're introduced a new enterprise policy which should be
explicitly enabled in order for the payloads to be downloaded via HTTP.
This CL adds the support for honoring such a policy in update engine.
BUG=chromium:235562
TEST=New unit tests added, existing ones updated and they all pass.
TEST=Tested on ZGB with and without policy and it works as expected.
Change-Id: I356efbe237b10031161a57c70cb851c521915a76
Reviewed-on: https://gerrit.chromium.org/gerrit/55805
Reviewed-by: Chris Sosa <sosa@chromium.org>
Tested-by: Jay Srinivasan <jaysri@chromium.org>
Commit-Queue: Jay Srinivasan <jaysri@chromium.org>
diff --git a/payload_state.h b/payload_state.h
index 1b0899c..e28d5e8 100644
--- a/payload_state.h
+++ b/payload_state.h
@@ -49,8 +49,8 @@
return payload_attempt_number_;
}
- virtual inline uint32_t GetUrlIndex() {
- return url_index_;
+ virtual inline std::string GetCurrentUrl() {
+ return candidate_urls_.size() ? candidate_urls_[url_index_] : "";
}
virtual inline uint32_t GetUrlFailureCount() {
@@ -243,6 +243,14 @@
uint64_t total_bytes_downloaded,
bool log);
+ inline uint32_t GetUrlIndex() {
+ return url_index_;
+ }
+
+ // Computes the list of candidate URLs from the total list of payload URLs in
+ // the Omaha response.
+ void ComputeCandidateUrls();
+
// The global state of the system.
SystemState* system_state_;
@@ -341,18 +349,15 @@
// return value from GetCurrentDownloadSource is used without validation.
uint64_t total_bytes_downloaded_[kNumDownloadSources + 1];
- // Returns the number of URLs in the current response.
- // Note: This value will be 0 if this method is called before we receive
- // the first valid Omaha response in this process.
- uint32_t GetNumUrls() {
- return response_.payload_urls.size();
- }
-
// A small timespan used when comparing wall-clock times for coping
// with the fact that clocks drift and consequently are adjusted
// (either forwards or backwards) via NTP.
static const base::TimeDelta kDurationSlack;
+ // The ordered list of the subset of payload URL candidates which are
+ // allowed as per device policy.
+ std::vector<std::string> candidate_urls_;
+
DISALLOW_COPY_AND_ASSIGN(PayloadState);
};