Dedup econtent version checks

Since the ASN.1 template conversions, we have three copies of mostly dead
code that validates that the econtent version is at its default value 0.
Until a new standard bumps this version and we decide to support that,
we're better off with only one copy of this code.

ok claudio

1 files changed, 24 insertions, 1 deletions

diff --git a/usr.sbin/rpki-client/validate.c b/usr.sbin/rpki-client/validate.c
index 4d65f9de61d..5c3fcd87acd 100644
--- a/usr.sbin/rpki-client/validate.c
+++ b/usr.sbin/rpki-client/validate.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: validate.c,v 1.39 2022/06/07 08:50:07 tb Exp $ */
+/*	$OpenBSD: validate.c,v 1.40 2022/06/10 10:36:43 tb Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -510,3 +510,26 @@ valid_rsc(const char *fn, struct auth *a, struct rsc *rsc)
 
 	return 1;
 }
+
+int
+valid_econtent_version(const char *fn, const ASN1_INTEGER *aint)
+{
+	long version;
+
+	if (aint == NULL)
+		return 1;
+
+	if ((version = ASN1_INTEGER_get(aint)) < 0) {
+		warnx("%s: ASN1_INTEGER_get failed", fn);
+		return 0;
+	}
+
+	switch (version) {
+	case 0:
+		warnx("%s: incorrect encoding for version 0", fn);
+		return 0;
+	default:
+		warnx("%s: version %ld not supported (yet)", fn, version);
+		return 0;
+	}
+}