summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorClaudio Jeker <claudio@cvs.openbsd.org>2019-08-09 09:50:45 +0000
committerClaudio Jeker <claudio@cvs.openbsd.org>2019-08-09 09:50:45 +0000
commitdcd4963c49593b48ca447d4f4b36922bb83e87aa (patch)
tree16fb7459879380aeea172ee45040c6b0ec4c9954 /usr.sbin
parentaa338ecaa3c02420e30094182d5a9d8372fbb92e (diff)
Add -b bind_addr as argument which is passed to rsync as --address to
use as source address for connecting to the rsync daemons. OK sthen@ benno@
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/rpki-client/main.c25
-rw-r--r--usr.sbin/rpki-client/rpki-client.812
2 files changed, 25 insertions, 12 deletions
diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c
index 319626bd8da..70eb9dd3123 100644
--- a/usr.sbin/rpki-client/main.c
+++ b/usr.sbin/rpki-client/main.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: main.c,v 1.12 2019/08/09 05:29:51 claudio Exp $ */
+/* $OpenBSD: main.c,v 1.13 2019/08/09 09:50:44 claudio Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -113,7 +113,7 @@ TAILQ_HEAD(entityq, entity);
*/
static void proc_parser(int, int, int)
__attribute__((noreturn));
-static void proc_rsync(const char *, int, int)
+static void proc_rsync(const char *, const char *, int, int)
__attribute__((noreturn));
static void logx(const char *fmt, ...)
__attribute__((format(printf, 1, 2)));
@@ -522,7 +522,7 @@ proc_child(int signal)
* repositories and saturate our system.
*/
static void
-proc_rsync(const char *prog, int fd, int noop)
+proc_rsync(const char *prog, const char *bind_addr, int fd, int noop)
{
size_t id, i, idsz = 0;
ssize_t ssz;
@@ -678,10 +678,12 @@ proc_rsync(const char *prog, int fd, int noop)
err(EXIT_FAILURE, "pledge");
i = 0;
args[i++] = (char *)prog;
- args[i++] = "-r";
- args[i++] = "-l";
- args[i++] = "-t";
+ args[i++] = "-rlt";
args[i++] = "--delete";
+ if (bind_addr != NULL) {
+ args[i++] = "--address";
+ args[i++] = (char *)bind_addr;
+ }
args[i++] = uri;
args[i++] = dst;
args[i] = NULL;
@@ -1270,12 +1272,16 @@ main(int argc, char *argv[])
struct stats stats;
struct roa **out = NULL;
const char *rsync_prog = "openrsync";
+ const char *bind_addr = NULL;
if (pledge("stdio rpath proc exec cpath unveil", NULL) == -1)
err(EXIT_FAILURE, "pledge");
- while ((c = getopt(argc, argv, "e:fnqrv")) != -1)
+ while ((c = getopt(argc, argv, "b:e:fnqrv")) != -1)
switch (c) {
+ case 'b':
+ bind_addr = optarg;
+ break;
case 'e':
rsync_prog = optarg;
break;
@@ -1350,7 +1356,7 @@ main(int argc, char *argv[])
if (noop && pledge("stdio", NULL) == -1)
err(EXIT_FAILURE, "pledge");
- proc_rsync(rsync_prog, fd[0], noop);
+ proc_rsync(rsync_prog, bind_addr, fd[0], noop);
/* NOTREACHED */
}
@@ -1505,6 +1511,7 @@ main(int argc, char *argv[])
usage:
fprintf(stderr,
- "usage: rpki-client [-fnqrv] [-e rsync_prog] tal ...\n");
+ "usage: rpki-client [-fnqrv] [-b bind_addr] [-e rsync_prog] "
+ "tal ...\n");
return EXIT_FAILURE;
}
diff --git a/usr.sbin/rpki-client/rpki-client.8 b/usr.sbin/rpki-client/rpki-client.8
index 3106a2158f7..0e4b7c599a9 100644
--- a/usr.sbin/rpki-client/rpki-client.8
+++ b/usr.sbin/rpki-client/rpki-client.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: rpki-client.8,v 1.3 2019/06/18 13:28:37 job Exp $
+.\" $OpenBSD: rpki-client.8,v 1.4 2019/08/09 09:50:44 claudio Exp $
.\"
.\" Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: June 18 2019 $
+.Dd $Mdocdate: August 9 2019 $
.Dt RPKI-CLIENT 8
.Os
.Sh NAME
@@ -25,6 +25,7 @@ for Origin Validation.
.Sh SYNOPSIS
.Nm
.Op Fl fnqrv
+.Op Fl b Ar bind_addr
.Op Fl e Ar rsync_prog
.Ar tal1 tal2 ...
.Sh DESCRIPTION
@@ -38,6 +39,10 @@ to fetch certificates, manifests, revocation lists, and route
announcements themselves.
Its arguments are as follows:
.Bl -tag -width Ds
+.It Fl b Ar bind_addr
+Tell the rsync client to use the specified
+.Ar bind_addr
+as the source address for connections.
.It Fl e Ar rsync_prog
Use
.Ar rsync_prog
@@ -45,7 +50,8 @@ instead of
.Xr openrsync 1
to fetch repositories.
It must accept the
-.Fl rlt
+.Fl rlt ,
+.Fl -address
and
.Fl -delete
flags and connect with rsync-protocol locations.