Download via HTTP only if enterprise policy allows.
In order to rollout HTTP-downloads for AU to stable channel, we want to
be a bit more conservative to preseve the defense in depth we have now
with HTTPS. So, we're introduced a new enterprise policy which should be
explicitly enabled in order for the payloads to be downloaded via HTTP.
This CL adds the support for honoring such a policy in update engine.
BUG=chromium:235562
TEST=New unit tests added, existing ones updated and they all pass.
TEST=Tested on ZGB with and without policy and it works as expected.
Change-Id: I356efbe237b10031161a57c70cb851c521915a76
Reviewed-on: https://gerrit.chromium.org/gerrit/55805
Reviewed-by: Chris Sosa <sosa@chromium.org>
Tested-by: Jay Srinivasan <jaysri@chromium.org>
Commit-Queue: Jay Srinivasan <jaysri@chromium.org>
diff --git a/omaha_response_handler_action.cc b/omaha_response_handler_action.cc
index ad6a087..c85711b 100644
--- a/omaha_response_handler_action.cc
+++ b/omaha_response_handler_action.cc
@@ -39,11 +39,17 @@
}
// All decisions as to which URL should be used have already been done. So,
- // make the download URL as the payload URL at the current url index.
- uint32_t url_index = system_state_->payload_state()->GetUrlIndex();
- LOG(INFO) << "Using Url" << url_index << " as the download url this time";
- CHECK(url_index < response.payload_urls.size());
- install_plan_.download_url = response.payload_urls[url_index];
+ // make the current URL as the download URL.
+ string current_url = system_state_->payload_state()->GetCurrentUrl();
+ if (current_url.empty()) {
+ // This shouldn't happen as we should always supply the HTTPS backup URL.
+ // Handling this anyway, just in case.
+ LOG(ERROR) << "There are no suitable URLs in the response to use.";
+ completer.set_code(kErrorCodeOmahaResponseInvalid);
+ return;
+ }
+
+ install_plan_.download_url = current_url;
// Fill up the other properties based on the response.
install_plan_.payload_size = response.size;