From d81b21e46f325d0c12df3054fe08aa29bb1061f3 Mon Sep 17 00:00:00 2001
From: Karen Arutyunov <karen@codesynthesis.com>
Date: Tue, 18 Apr 2017 12:16:10 +0300
Subject: Add support for task manifest trust value

---
 bbot/manifest.cxx | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

(limited to 'bbot/manifest.cxx')

diff --git a/bbot/manifest.cxx b/bbot/manifest.cxx
index b183596..9aedcea 100644
--- a/bbot/manifest.cxx
+++ b/bbot/manifest.cxx
@@ -6,6 +6,7 @@
 
 #include <vector>
 #include <string>
+#include <cctype>    // isxdigit()
 #include <cassert>
 #include <sstream>
 #include <cstddef>   // size_t
@@ -78,6 +79,28 @@ namespace bbot
     return true;
   }
 
+  inline static bool
+  valid_fingerprint (const string& f) noexcept
+  {
+    size_t n (f.size ());
+    if (n != 32 * 3 - 1)
+      return false;
+
+    for (size_t i (0); i < n; ++i)
+    {
+      char c (f[i]);
+      if ((i + 1) % 3 == 0)
+      {
+        if (c != ':')
+          return false;
+      }
+      else if (!isxdigit (c))
+        return false;
+    }
+
+    return true;
+  }
+
   // machine_header_manifest
   //
   machine_header_manifest::
@@ -366,6 +389,13 @@ namespace bbot
           bad_value (string ("invalid task repository: ") + e.what ());
         }
       }
+      else if (n == "trust")
+      {
+        if (v != "yes" && !valid_fingerprint (v))
+          bad_value ("invalid repository certificate fingerprint");
+
+        trust.emplace_back (move (v));
+      }
       else if (n == "machine")
       {
         if (!machine.empty ())
@@ -462,6 +492,10 @@ namespace bbot
     s.next ("name", name);
     s.next ("version", version.string ());
     s.next ("repository", repository.string ());
+
+    for (const auto& v: trust)
+      s.next ("trust", v);
+
     s.next ("machine", machine);
 
     if (target)
-- 
cgit v1.1