Improve ValidatorList invalid UNL manifest logging (#5804)

This change raises logging severity from `INFO` to `WARN` when handling UNL manifest signed with an unexpected / invalid key. It also changes the internal error code for an invalid format of UNL manifest to `invalid` (from `untrusted`). This is a follow up to problems experienced by an UNL node due to old manifest key configured in `validators.txt`, which would be easier to diagnose with improved logging. It also replaces a log line with `UNREACHABLE` for an impossible situation when we match UNL manifest key against a configured key which has an invalid type (we cannot configure such a key because of checks when loading configured keys).
2025-12-06 17:27:55 +00:00 · 2025-09-25 15:14:29 +01:00
parent 73ff54143d
commit 51c5f2bfc9
3 changed files with 44 additions and 16 deletions
--- a/src/test/app/ValidatorList_test.cpp
+++ b/src/test/app/ValidatorList_test.cpp
@@ -768,6 +768,24 @@ private:
        expectUntrusted(lists.at(7));
        expectTrusted(lists.at(2));

+        // try empty or mangled manifest
+        checkResult(
+            trustedKeys->applyLists(
+                "", version, {{blob7, sig7, {}}, {blob6, sig6, {}}}, siteUri),
+            publisherPublic,
+            ListDisposition::invalid,
+            ListDisposition::invalid);
+
+        checkResult(
+            trustedKeys->applyLists(
+                base64_encode("not a manifest"),
+                version,
+                {{blob7, sig7, {}}, {blob6, sig6, {}}},
+                siteUri),
+            publisherPublic,
+            ListDisposition::invalid,
+            ListDisposition::invalid);
+
        // do not use list from untrusted publisher
        auto const untrustedManifest = base64_encode(makeManifestString(
            randomMasterKey(),