diff options
Diffstat (limited to 'bbot/manifest.cxx')
| -rw-r--r-- | bbot/manifest.cxx | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/bbot/manifest.cxx b/bbot/manifest.cxx index b183596..9aedcea 100644 --- a/bbot/manifest.cxx +++ b/bbot/manifest.cxx @@ -6,6 +6,7 @@ #include <vector> #include <string> +#include <cctype> // isxdigit() #include <cassert> #include <sstream> #include <cstddef> // size_t @@ -78,6 +79,28 @@ namespace bbot return true; } + inline static bool + valid_fingerprint (const string& f) noexcept + { + size_t n (f.size ()); + if (n != 32 * 3 - 1) + return false; + + for (size_t i (0); i < n; ++i) + { + char c (f[i]); + if ((i + 1) % 3 == 0) + { + if (c != ':') + return false; + } + else if (!isxdigit (c)) + return false; + } + + return true; + } + // machine_header_manifest // machine_header_manifest:: @@ -366,6 +389,13 @@ namespace bbot bad_value (string ("invalid task repository: ") + e.what ()); } } + else if (n == "trust") + { + if (v != "yes" && !valid_fingerprint (v)) + bad_value ("invalid repository certificate fingerprint"); + + trust.emplace_back (move (v)); + } else if (n == "machine") { if (!machine.empty ()) @@ -462,6 +492,10 @@ namespace bbot s.next ("name", name); s.next ("version", version.string ()); s.next ("repository", repository.string ()); + + for (const auto& v: trust) + s.next ("trust", v); + s.next ("machine", machine); if (target) |