Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / update_engine / 738fdf37c15284b60dac703408b8de19eef9c6a3^! / . / install_plan.h
commit738fdf37c15284b60dac703408b8de19eef9c6a3[log] [tgz]
authorJay Srinivasan <jaysri@chromium.org>Fri Dec 07 17:40:54 2012 -0800
committerGerrit <chrome-bot@google.com>Sun Dec 09 21:22:50 2012 -0800
tree4bf1db1c8719957732e4d1f5bcafb782aaa0ede4
parent4f8ee27b3592351cd71897d192065758340932d1 [diff] [blame]
Make hash checks mandatory for HTTP downloads.

Currently we've made all the checks for metadata size, metadata signature
and operation hashes as optional. While they are still optional if we use
HTTPS for downloading the payload, we want to make them mandatory in case
of HTTP, so as to support HTTP downloads.

In this CL, we make these checks mandatory if the Omaha response has a
HTTP URL. This will not affect any scenarios of our test team because they
always use HTTPS URLs for payload URLs. But this would break the dev tools
and our hardware test lab scenarios because they use HTTP URLs and do not
generate the required manifest signature yet. So we waive this requirement
for dev/test images even though they use HTTP.

This CL will not have any effect until we decide to add a HTTP rule in
Omaha, which serves as a safety knob till we are confident with our
testing.

BUG=chromium-os:36808
TEST=Existing unit tests pass. Added new unit tests for most new code.
TEST=Ran manual tests on ZGB for every type of hash failure for HTTP.
TEST=Tested image_to_live to make sure hash checks are waived as expected.

Change-Id: I8c4408e3052635ccf4bee0c848781733c1f8e984
Reviewed-on: https://gerrit.chromium.org/gerrit/39293
Reviewed-by: Gaurav Shah <gauravsh@chromium.org>
Commit-Ready: Jay Srinivasan <jaysri@chromium.org>
Reviewed-by: Jay Srinivasan <jaysri@chromium.org>
Tested-by: Jay Srinivasan <jaysri@chromium.org>

diff --git a/install_plan.h b/install_plan.h
index d277f66..c0fa4cd 100644
--- a/install_plan.h
+++ b/install_plan.h

@@ -33,8 +33,17 @@
         install_path(install_path),
         kernel_install_path(kernel_install_path),
         kernel_size(0),
-        rootfs_size(0) {}
-  InstallPlan() : is_resume(false), payload_size(0), metadata_size(0) {}
+        rootfs_size(0),
+        hash_checks_mandatory(false) {}
+
+  // Default constructor: Initialize all members which don't have a class
+  // initializer.
+  InstallPlan() : is_resume(false),
+                  payload_size(0),
+                  metadata_size(0),
+                  kernel_size(0),
+                  rootfs_size(0),
+                  hash_checks_mandatory(false) {}
 
   bool is_resume;
   std::string download_url;  // url to download from
@@ -62,6 +71,10 @@
   std::vector<char> kernel_hash;
   std::vector<char> rootfs_hash;
 
+  // True if payload hash checks are mandatory based on the system state and
+  // the Omaha response.
+  bool hash_checks_mandatory;
+
   bool operator==(const InstallPlan& that) const {
     return ((is_resume == that.is_resume) &&
             (download_url == that.download_url) &&
@@ -84,7 +97,8 @@
               << ", metadata size: " << metadata_size
               << ", metadata signature: " << metadata_signature
               << ", install_path: " << install_path
-              << ", kernel_install_path: " << kernel_install_path;
+              << ", kernel_install_path: " << kernel_install_path
+              << ", hash_checks_mandatory: " << hash_checks_mandatory;
   }
 };