summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--usr.sbin/rpki-client/main.c14
-rw-r--r--usr.sbin/rpki-client/parser.c20
-rw-r--r--usr.sbin/rpki-client/rpki-client.87
3 files changed, 26 insertions, 15 deletions
diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c
index 7259662da27..90cb3abeef0 100644
--- a/usr.sbin/rpki-client/main.c
+++ b/usr.sbin/rpki-client/main.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: main.c,v 1.185 2022/01/24 17:29:37 claudio Exp $ */
+/* $OpenBSD: main.c,v 1.186 2022/01/26 14:42:39 claudio Exp $ */
/*
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -387,13 +387,15 @@ queue_add_from_mft_set(const struct mft *mft, const char *name, struct repo *rp)
static void
queue_add_file(const char *file, enum rtype type, int talid)
{
- unsigned char *buf;
+ unsigned char *buf = NULL;
char *nfile;
- size_t len;
+ size_t len = 0;
- buf = load_file(file, &len);
- if (buf == NULL)
- err(1, "%s", file);
+ if (!filemode || strncmp(file, "rsync://", strlen("rsync://")) != 0) {
+ buf = load_file(file, &len);
+ if (buf == NULL)
+ err(1, "%s", file);
+ }
if ((nfile = strdup(file)) == NULL)
err(1, NULL);
diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c
index 25d71bad862..fe3ffa275cf 100644
--- a/usr.sbin/rpki-client/parser.c
+++ b/usr.sbin/rpki-client/parser.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: parser.c,v 1.55 2022/01/26 13:57:56 claudio Exp $ */
+/* $OpenBSD: parser.c,v 1.56 2022/01/26 14:42:39 claudio Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -901,11 +901,21 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
struct gbr *gbr = NULL;
struct tal *tal = NULL;
enum rtype type;
- char *aia = NULL, *aki = NULL, *ski = NULL;
+ char *aia = NULL, *aki = NULL;
unsigned long verify_flags = X509_V_FLAG_CRL_CHECK;
if (num++ > 0)
printf("--\n");
+
+ if (strncmp(file, "rsync://", strlen("rsync://")) == 0) {
+ file += strlen("rsync://");
+ buf = load_file(file, &len);
+ if (buf == NULL) {
+ warn("parse file %s", file);
+ return;
+ }
+ }
+
printf("File: %s\n", file);
type = rtype_from_file_extension(file);
@@ -918,7 +928,6 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
cert_print(cert);
aia = cert->aia;
aki = cert->aki;
- ski = cert->ski;
x509 = cert->x509;
if (X509_up_ref(x509) == 0)
errx(1, "%s: X509_up_ref failed", __func__);
@@ -930,7 +939,6 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
mft_print(mft);
aia = mft->aia;
aki = mft->aki;
- ski = mft->ski;
verify_flags = 0;
break;
case RTYPE_ROA:
@@ -940,7 +948,6 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
roa_print(roa);
aia = roa->aia;
aki = roa->aki;
- ski = roa->ski;
break;
case RTYPE_GBR:
gbr = gbr_parse(&x509, file, buf, len);
@@ -949,7 +956,6 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
gbr_print(gbr);
aia = gbr->aia;
aki = gbr->aki;
- ski = gbr->ski;
break;
case RTYPE_TAL:
tal = tal_parse(file, buf, len);
@@ -972,7 +978,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
parse_load_crl(c);
free(c);
parse_load_certchain(aia);
- a = valid_ski_aki(file, &auths, ski, aki);
+ a = auth_find(&auths, aki);
crl = get_crl(a);
if (valid_x509(file, x509, a, crl, verify_flags))
diff --git a/usr.sbin/rpki-client/rpki-client.8 b/usr.sbin/rpki-client/rpki-client.8
index d8363686d10..88cb5fe9b43 100644
--- a/usr.sbin/rpki-client/rpki-client.8
+++ b/usr.sbin/rpki-client/rpki-client.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: rpki-client.8,v 1.55 2022/01/24 06:54:15 jmc Exp $
+.\" $OpenBSD: rpki-client.8,v 1.56 2022/01/26 14:42:39 claudio Exp $
.\"
.\" Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: January 24 2022 $
+.Dd $Mdocdate: January 26 2022 $
.Dt RPKI-CLIENT 8
.Os
.Sh NAME
@@ -106,6 +106,9 @@ in
against the RPKI cache stored in
.Ar cachedir
and print human-readable information about the object.
+If
+.Ar file
+is an rsync:// URI the corresponding file from the cache will be used.
This option implies
.Fl n .
.It Fl j
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-28 18:04:52 +0000