diff options
| author | Job Snijders <job@cvs.openbsd.org> | 2024-02-03 14:30:48 +0000 |
|---|---|---|
| committer | Job Snijders <job@cvs.openbsd.org> | 2024-02-03 14:30:48 +0000 |
| commit | 011c864124184a3799bc5fd16a1ab380235cf803 (patch) | |
| tree | 71fc1b84ae18e31b3c1583fc8afa5c8e475063f4 | |
| parent | b6ff21811ce94eeb76785882b57631d619281704 (diff) | |
Refactor handling of stale manifests
No need to hoist a staleness indicator through the whole process and
count it explicitly.
OK tb@
| -rw-r--r-- | usr.sbin/rpki-client/extern.h | 5 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/main.c | 13 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/mft.c | 9 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/output-json.c | 6 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/output-ometric.c | 6 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/output.c | 5 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/parser.c | 6 | ||||
| -rw-r--r-- | usr.sbin/rpki-client/repo.c | 4 |
8 files changed, 21 insertions, 33 deletions
diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index 0264ce64656..2f472c9a1ba 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.202 2024/02/01 15:11:38 tb Exp $ */ +/* $OpenBSD: extern.h,v 1.203 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -219,7 +219,6 @@ struct mft { size_t filesz; /* number of filenames */ unsigned int repoid; int talid; - int stale; /* if a stale manifest */ }; /* @@ -527,7 +526,6 @@ enum stype { STYPE_OK, STYPE_FAIL, STYPE_INVALID, - STYPE_STALE, STYPE_BGPSEC, STYPE_TOTAL, STYPE_UNIQUE, @@ -548,7 +546,6 @@ struct repotalstats { uint32_t certs_fail; /* invalid certificate */ uint32_t mfts; /* total number of manifests */ uint32_t mfts_fail; /* failing syntactic parse */ - uint32_t mfts_stale; /* stale manifests */ uint32_t roas; /* route origin authorizations */ uint32_t roas_fail; /* failing syntactic parse */ uint32_t roas_invalid; /* invalid resources */ diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c index f91a9d69327..94ddc3d1c57 100644 --- a/usr.sbin/rpki-client/main.c +++ b/usr.sbin/rpki-client/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.247 2023/10/13 12:06:49 job Exp $ */ +/* $OpenBSD: main.c,v 1.248 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -621,10 +621,7 @@ entity_process(struct ibuf *b, struct stats *st, struct vrp_tree *tree, break; } mft = mft_read(b); - if (!mft->stale) - queue_add_from_mft(mft); - else - repo_stat_inc(rp, talid, type, STYPE_STALE); + queue_add_from_mft(mft); mft_free(mft); break; case RTYPE_CRL: @@ -732,7 +729,6 @@ sum_stats(const struct repo *rp, const struct repotalstats *in, void *arg) out->mfts += in->mfts; out->mfts_fail += in->mfts_fail; - out->mfts_stale += in->mfts_stale; out->certs += in->certs; out->certs_fail += in->certs_fail; out->roas += in->roas; @@ -1451,9 +1447,8 @@ main(int argc, char *argv[]) stats.repo_tal_stats.certs, stats.repo_tal_stats.certs_fail); printf("Trust Anchor Locators: %u (%u invalid)\n", stats.tals, talsz - stats.tals); - printf("Manifests: %u (%u failed parse, %u stale)\n", - stats.repo_tal_stats.mfts, stats.repo_tal_stats.mfts_fail, - stats.repo_tal_stats.mfts_stale); + printf("Manifests: %u (%u failed parse)\n", + stats.repo_tal_stats.mfts, stats.repo_tal_stats.mfts_fail); printf("Certificate revocation lists: %u\n", stats.repo_tal_stats.crls); printf("Ghostbuster records: %u\n", stats.repo_tal_stats.gbrs); printf("Trust Anchor Keys: %u\n", stats.repo_tal_stats.taks); diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c index 57323f0a5c2..86c29ab7bf2 100644 --- a/usr.sbin/rpki-client/mft.c +++ b/usr.sbin/rpki-client/mft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mft.c,v 1.103 2024/02/02 19:26:49 job Exp $ */ +/* $OpenBSD: mft.c,v 1.104 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler <tb@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -342,10 +342,7 @@ mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p) /* * Parse the objects that have been published in the manifest. - * This conforms to RFC 6486. - * Note that if the MFT is stale, all referenced objects are stripped - * from the parsed content. - * The MFT content is otherwise returned. + * Return mft if it conforms to RFC 6486, otherwise NULL. */ struct mft * mft_parse(X509 **x509, const char *fn, int talid, const unsigned char *der, @@ -476,7 +473,6 @@ mft_buffer(struct ibuf *b, const struct mft *p) { size_t i; - io_simple_buffer(b, &p->stale, sizeof(p->stale)); io_simple_buffer(b, &p->repoid, sizeof(p->repoid)); io_simple_buffer(b, &p->talid, sizeof(p->talid)); io_str_buffer(b, p->path); @@ -509,7 +505,6 @@ mft_read(struct ibuf *b) if ((p = calloc(1, sizeof(struct mft))) == NULL) err(1, NULL); - io_read_buf(b, &p->stale, sizeof(p->stale)); io_read_buf(b, &p->repoid, sizeof(p->repoid)); io_read_buf(b, &p->talid, sizeof(p->talid)); io_read_str(b, &p->path); diff --git a/usr.sbin/rpki-client/output-json.c b/usr.sbin/rpki-client/output-json.c index ddb8b8cda2c..eb074ef501b 100644 --- a/usr.sbin/rpki-client/output-json.c +++ b/usr.sbin/rpki-client/output-json.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output-json.c,v 1.40 2023/06/26 18:39:53 job Exp $ */ +/* $OpenBSD: output-json.c,v 1.41 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * @@ -64,7 +64,6 @@ outputheader_json(struct stats *st) json_do_int("manifests", st->repo_tal_stats.mfts); json_do_int("failedmanifests", st->repo_tal_stats.mfts_fail); - json_do_int("stalemanifests", st->repo_tal_stats.mfts_stale); json_do_int("crls", st->repo_tal_stats.crls); json_do_int("gbrs", st->repo_tal_stats.gbrs); json_do_int("repositories", st->repos); @@ -78,6 +77,9 @@ outputheader_json(struct stats *st) json_do_int("cachedir_del_superfluous_files", st->repo_stats.del_extra_files); + /* XXX: remove in rpki-client 9.0 */ + json_do_int("stalemanifests", 0); + json_do_end(); } diff --git a/usr.sbin/rpki-client/output-ometric.c b/usr.sbin/rpki-client/output-ometric.c index 350cf0294ac..48713be1635 100644 --- a/usr.sbin/rpki-client/output-ometric.c +++ b/usr.sbin/rpki-client/output-ometric.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output-ometric.c,v 1.5 2023/06/29 14:33:35 tb Exp $ */ +/* $OpenBSD: output-ometric.c,v 1.6 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2022 Claudio Jeker <claudio@openbsd.org> * @@ -47,7 +47,9 @@ set_common_stats(const struct repotalstats *in, struct ometric *metric, OKV("type", "state"), OKV("manifest", "valid"), ol); ometric_set_int_with_labels(metric, in->mfts_fail, OKV("type", "state"), OKV("manifest", "failed parse"), ol); - ometric_set_int_with_labels(metric, in->mfts_stale, + + /* XXX: remove in rpki-client 9.0 */ + ometric_set_int_with_labels(metric, 0, OKV("type", "state"), OKV("manifest", "stale"), ol); ometric_set_int_with_labels(metric, in->roas, diff --git a/usr.sbin/rpki-client/output.c b/usr.sbin/rpki-client/output.c index 659476d350a..e875698ebdf 100644 --- a/usr.sbin/rpki-client/output.c +++ b/usr.sbin/rpki-client/output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output.c,v 1.31 2023/04/26 16:32:41 claudio Exp $ */ +/* $OpenBSD: output.c,v 1.32 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2019 Theo de Raadt <deraadt@openbsd.org> * @@ -233,13 +233,12 @@ outputheader(FILE *out, struct stats *st) if (fprintf(out, " ]\n" - "# Manifests: %u (%u failed parse, %u stale)\n" + "# Manifests: %u (%u failed parse)\n" "# Certificate revocation lists: %u\n" "# Ghostbuster records: %u\n" "# Repositories: %u\n" "# VRP Entries: %u (%u unique)\n", st->repo_tal_stats.mfts, st->repo_tal_stats.mfts_fail, - st->repo_tal_stats.mfts_stale, st->repo_tal_stats.crls, st->repo_tal_stats.gbrs, st->repos, diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c index e811161c842..e1ef9b973fd 100644 --- a/usr.sbin/rpki-client/parser.c +++ b/usr.sbin/rpki-client/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.127 2024/02/03 11:27:55 tb Exp $ */ +/* $OpenBSD: parser.c,v 1.128 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -314,13 +314,13 @@ proc_parser_mft_pre(struct entity *entp, char *file, struct crl **crl, if (now < mft->thisupdate) { warnx("%s: manifest not yet valid %s", file, time2str(mft->thisupdate)); - mft->stale = 1; + goto err; } /* check that now is not after until */ if (now > mft->nextupdate) { warnx("%s: manifest expired on %s", file, time2str(mft->nextupdate)); - mft->stale = 1; + goto err; } /* if there is nothing to compare to, return now */ diff --git a/usr.sbin/rpki-client/repo.c b/usr.sbin/rpki-client/repo.c index 28aa13ef996..f1bf22ba5c5 100644 --- a/usr.sbin/rpki-client/repo.c +++ b/usr.sbin/rpki-client/repo.c @@ -1,4 +1,4 @@ -/* $OpenBSD: repo.c,v 1.51 2023/07/20 05:18:31 claudio Exp $ */ +/* $OpenBSD: repo.c,v 1.52 2024/02/03 14:30:47 job Exp $ */ /* * Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -1428,8 +1428,6 @@ repo_stat_inc(struct repo *rp, int talid, enum rtype type, enum stype subtype) rp->stats[talid].mfts++; if (subtype == STYPE_FAIL) rp->stats[talid].mfts_fail++; - if (subtype == STYPE_STALE) - rp->stats[talid].mfts_stale++; break; case RTYPE_ROA: switch (subtype) { |