rpki/tests/test_manifest_cache_errors_more.rs

use rpki::policy::{CaFailedFetchPolicy, Policy};
use rpki::storage::RocksStore;
use rpki::validation::manifest::process_manifest_publication_point;

fn issuer_ca_fixture() -> Vec<u8> {
    std::fs::read(
        "tests/fixtures/repository/rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer",
    )
    .expect("read issuer ca fixture")
}

fn issuer_ca_rsync_uri() -> &'static str {
    "rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer"
}

#[test]
fn cache_is_not_used_when_missing_and_fresh_manifest_is_missing() {
    let temp = tempfile::tempdir().expect("tempdir");
    let store = RocksStore::open(temp.path()).expect("open rocksdb");

    let mut policy = Policy::default();
    policy.ca_failed_fetch_policy = CaFailedFetchPolicy::ReuseCurrentInstanceVcir;
    let issuer_ca_der = issuer_ca_fixture();

    let err = process_manifest_publication_point(
        &store,
        &policy,
        "rsync://example.net/repo/manifest.mft",
        "rsync://example.net/repo/",
        &issuer_ca_der,
        Some(issuer_ca_rsync_uri()),
        time::OffsetDateTime::from_unix_timestamp(0).unwrap(),
    )
    .expect_err("no raw and no current-instance VCIR should fail");

    let msg = err.to_string();
    assert!(
        msg.contains("no reusable current-instance validated result is available"),
        "{msg}"
    );
    assert!(
        msg.contains("latest current-instance VCIR missing"),
        "{msg}"
    );
}