summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.sbin/rpki-client/extern.h38
-rw-r--r--usr.sbin/rpki-client/main.c37
-rw-r--r--usr.sbin/rpki-client/output-bgpd.c7
-rw-r--r--usr.sbin/rpki-client/output-bird.c19
-rw-r--r--usr.sbin/rpki-client/output-csv.c4
-rw-r--r--usr.sbin/rpki-client/output-json.c66
-rw-r--r--usr.sbin/rpki-client/output.c47
7 files changed, 172 insertions, 46 deletions
diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h
index 27f1d0866ce..7e312c1105b 100644
--- a/usr.sbin/rpki-client/extern.h
+++ b/usr.sbin/rpki-client/extern.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: extern.h,v 1.27 2020/04/01 14:15:49 claudio Exp $ */
+/* $OpenBSD: extern.h,v 1.28 2020/04/28 13:41:35 deraadt Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -244,6 +244,27 @@ enum rtype {
RTYPE_CRL
};
+/*
+ * Statistics collected during run-time.
+ */
+struct stats {
+ size_t tals; /* total number of locators */
+ size_t mfts; /* total number of manifests */
+ size_t mfts_fail; /* failing syntactic parse */
+ size_t mfts_stale; /* stale manifests */
+ size_t certs; /* certificates */
+ size_t certs_fail; /* failing syntactic parse */
+ size_t certs_invalid; /* invalid resources */
+ size_t roas; /* route origin authorizations */
+ size_t roas_fail; /* failing syntactic parse */
+ size_t roas_invalid; /* invalid resources */
+ size_t repos; /* repositories */
+ size_t crls; /* revocation lists */
+ size_t vrps; /* total number of vrps */
+ size_t uniqs; /* number of unique vrps */
+ char *talnames;
+};
+
/* global variables */
extern int verbose;
@@ -370,13 +391,14 @@ extern int outformats;
#define FORMAT_JSON 0x08
extern char* outputdir;
-int outputfiles(struct vrp_tree *v);
-int output_bgpd(FILE *, struct vrp_tree *);
-int output_bird1v4(FILE *, struct vrp_tree *);
-int output_bird1v6(FILE *, struct vrp_tree *);
-int output_bird2(FILE *, struct vrp_tree *);
-int output_csv(FILE *, struct vrp_tree *);
-int output_json(FILE *, struct vrp_tree *);
+int outputfiles(struct vrp_tree *v, struct stats *);
+int outputheader(FILE *, struct stats *);
+int output_bgpd(FILE *, struct vrp_tree *, struct stats *);
+int output_bird1v4(FILE *, struct vrp_tree *, struct stats *);
+int output_bird1v6(FILE *, struct vrp_tree *, struct stats *);
+int output_bird2(FILE *, struct vrp_tree *, struct stats *);
+int output_csv(FILE *, struct vrp_tree *, struct stats *);
+int output_json(FILE *, struct vrp_tree *, struct stats *);
void logx(const char *fmt, ...)
__attribute__((format(printf, 1, 2)));
diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c
index 2122fc48592..d88e1281e44 100644
--- a/usr.sbin/rpki-client/main.c
+++ b/usr.sbin/rpki-client/main.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: main.c,v 1.65 2020/04/23 12:55:44 benno Exp $ */
+/* $OpenBSD: main.c,v 1.66 2020/04/28 13:41:35 deraadt Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -77,26 +77,6 @@
#define TALSZ_MAX 8
/*
- * Statistics collected during run-time.
- */
-struct stats {
- size_t tals; /* total number of locators */
- size_t mfts; /* total number of manifests */
- size_t mfts_fail; /* failing syntactic parse */
- size_t mfts_stale; /* stale manifests */
- size_t certs; /* certificates */
- size_t certs_fail; /* failing syntactic parse */
- size_t certs_invalid; /* invalid resources */
- size_t roas; /* route origin authorizations */
- size_t roas_fail; /* failing syntactic parse */
- size_t roas_invalid; /* invalid resources */
- size_t repos; /* repositories */
- size_t crls; /* revocation lists */
- size_t vrps; /* total number of vrps */
- size_t uniqs; /* number of unique vrps */
-};
-
-/*
* An rsync repository.
*/
struct repo {
@@ -479,6 +459,8 @@ queue_add_from_mft_set(int fd, struct entityq *q, const struct mft *mft,
}
}
+char *talnames;
+
/*
* Add a local TAL file (RFC 7730) to the queue of files to fetch.
*/
@@ -491,6 +473,16 @@ queue_add_tal(int fd, struct entityq *q, const char *file, size_t *eid)
err(1, "strdup");
buf = tal_read_file(file);
+ /* Record tal for later reporting */
+ if (talnames == NULL)
+ talnames = strdup(file);
+ else {
+ char *tmp;
+ asprintf(&tmp, "%s %s", talnames, file);
+ free(talnames);
+ talnames = tmp;
+ }
+
/* Not in a repository, so directly add to queue. */
entityq_add(fd, q, nfile, RTYPE_TAL, NULL, NULL, NULL, 0, buf, eid);
/* entityq_add makes a copy of buf */
@@ -1656,7 +1648,8 @@ main(int argc, char *argv[])
rc = 1;
}
- if (outputfiles(&v))
+ stats.talnames = talnames;
+ if (outputfiles(&v, &stats))
rc = 1;
logx("Route Origin Authorizations: %zu (%zu failed parse, %zu invalid)",
diff --git a/usr.sbin/rpki-client/output-bgpd.c b/usr.sbin/rpki-client/output-bgpd.c
index e3608e57145..a60cb5dafa5 100644
--- a/usr.sbin/rpki-client/output-bgpd.c
+++ b/usr.sbin/rpki-client/output-bgpd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: output-bgpd.c,v 1.16 2019/12/04 23:03:05 benno Exp $ */
+/* $OpenBSD: output-bgpd.c,v 1.17 2020/04/28 13:41:35 deraadt Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@@ -21,11 +21,14 @@
#include "extern.h"
int
-output_bgpd(FILE *out, struct vrp_tree *vrps)
+output_bgpd(FILE *out, struct vrp_tree *vrps, struct stats *st)
{
char buf1[64], buf2[32];
struct vrp *v;
+ if (outputheader(out, st) < 0)
+ return -1;
+
if (fprintf(out, "roa-set {\n") < 0)
return -1;
diff --git a/usr.sbin/rpki-client/output-bird.c b/usr.sbin/rpki-client/output-bird.c
index e9067b402ed..483dc583d95 100644
--- a/usr.sbin/rpki-client/output-bird.c
+++ b/usr.sbin/rpki-client/output-bird.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: output-bird.c,v 1.7 2020/03/06 17:36:42 benno Exp $ */
+/* $OpenBSD: output-bird.c,v 1.8 2020/04/28 13:41:35 deraadt Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2020 Robert Scheck <robert@fedoraproject.org>
@@ -22,12 +22,15 @@
#include "extern.h"
int
-output_bird1v4(FILE *out, struct vrp_tree *vrps)
+output_bird1v4(FILE *out, struct vrp_tree *vrps, struct stats *st)
{
extern const char *bird_tablename;
char buf[64];
struct vrp *v;
+ if (outputheader(out, st) < 0)
+ return -1;
+
if (fprintf(out, "roa table %s {\n", bird_tablename) < 0)
return -1;
@@ -46,12 +49,15 @@ output_bird1v4(FILE *out, struct vrp_tree *vrps)
}
int
-output_bird1v6(FILE *out, struct vrp_tree *vrps)
+output_bird1v6(FILE *out, struct vrp_tree *vrps, struct stats *st)
{
extern const char *bird_tablename;
char buf[64];
struct vrp *v;
+ if (outputheader(out, st) < 0)
+ return -1;
+
if (fprintf(out, "roa table %s {\n", bird_tablename) < 0)
return -1;
@@ -70,14 +76,17 @@ output_bird1v6(FILE *out, struct vrp_tree *vrps)
}
int
-output_bird2(FILE *out, struct vrp_tree *vrps)
+output_bird2(FILE *out, struct vrp_tree *vrps, struct stats *st)
{
extern const char *bird_tablename;
char buf[64];
struct vrp *v;
time_t now = time(NULL);
- if (fprintf(out, "define force_roa_table_update = %lld;\n\n"
+ if (outputheader(out, st) < 0)
+ return -1;
+
+ if (fprintf(out, "\ndefine force_roa_table_update = %lld;\n\n"
"roa4 table %s4;\nroa6 table %s6;\n\n"
"protocol static {\n\troa4 { table %s4; };\n\n",
(long long) now, bird_tablename, bird_tablename,
diff --git a/usr.sbin/rpki-client/output-csv.c b/usr.sbin/rpki-client/output-csv.c
index da56e04e88d..22147397068 100644
--- a/usr.sbin/rpki-client/output-csv.c
+++ b/usr.sbin/rpki-client/output-csv.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: output-csv.c,v 1.6 2019/12/04 23:03:05 benno Exp $ */
+/* $OpenBSD: output-csv.c,v 1.7 2020/04/28 13:41:35 deraadt Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
*
@@ -21,7 +21,7 @@
#include "extern.h"
int
-output_csv(FILE *out, struct vrp_tree *vrps)
+output_csv(FILE *out, struct vrp_tree *vrps, struct stats *st)
{
char buf[64];
struct vrp *v;
diff --git a/usr.sbin/rpki-client/output-json.c b/usr.sbin/rpki-client/output-json.c
index a2ea0856eb4..eb39ef2c60b 100644
--- a/usr.sbin/rpki-client/output-json.c
+++ b/usr.sbin/rpki-client/output-json.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: output-json.c,v 1.6 2019/12/04 23:03:05 benno Exp $ */
+/* $OpenBSD: output-json.c,v 1.7 2020/04/28 13:41:35 deraadt Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
*
@@ -16,18 +16,78 @@
*/
#include <stdlib.h>
+#include <unistd.h>
+#include <netdb.h>
#include <openssl/ssl.h>
#include "extern.h"
+static int
+outputheader_json(FILE *out, struct stats *st)
+{
+ char hn[NI_MAXHOST], tbuf[26];
+ time_t t;
+
+ time(&t);
+ setenv("TZ", "UTC", 1);
+ ctime_r(&t, tbuf);
+ *strrchr(tbuf, '\n') = '\0';
+
+ gethostname(hn, sizeof hn);
+
+ if (fprintf(out, "{\n\t\"metadata\": {\n") < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"buildmachine\": \"%s\",\n", hn) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"buildtime\": \"%s\",\n", tbuf) < 0)
+ return -1;
+
+ if (fprintf(out, "\t\t\"roas\": %zu,\n", st->roas) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"failedroas\": %zu,\n", st->roas_fail) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"invalidroas\": %zu,\n", st->roas_invalid) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"tals\": %zu,\n", st->tals) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"talfiles\": \"%s\",\n", st->talnames) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"certificates\": %zu,\n", st->certs) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"failcertificates\": %zu,\n", st->certs_fail) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"invalidcertificates\": %zu,\n", st->certs_invalid) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"manifests\": %zu,\n", st->mfts) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"failedmanifests\": %zu,\n", st->mfts_fail) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"stalemanifests\": %zu,\n", st->mfts_stale) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"crls\": %zu,\n", st->crls) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"repositories\": %zu,\n", st->repos) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"vrps\": %zu,\n", st->vrps) < 0)
+ return -1;
+ if (fprintf(out, "\t\t\"uniquevrps\": %zu\n", st->uniqs) < 0)
+ return -1;
+ if (fprintf(out, "\t},\n\n") < 0)
+ return -1;
+ return 0;
+}
+
int
-output_json(FILE *out, struct vrp_tree *vrps)
+output_json(FILE *out, struct vrp_tree *vrps, struct stats *st)
{
char buf[64];
struct vrp *v;
int first = 1;
- if (fprintf(out, "{\n\t\"roas\": [\n") < 0)
+ if (outputheader_json(out, st) < 0)
+ return -1;
+
+ if (fprintf(out, "\t\"roas\": [\n") < 0)
return -1;
RB_FOREACH(v, vrp_tree, vrps) {
diff --git a/usr.sbin/rpki-client/output.c b/usr.sbin/rpki-client/output.c
index 3b521ca108d..41c21af552e 100644
--- a/usr.sbin/rpki-client/output.c
+++ b/usr.sbin/rpki-client/output.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: output.c,v 1.10 2020/04/11 15:23:23 benno Exp $ */
+/* $OpenBSD: output.c,v 1.11 2020/04/28 13:41:35 deraadt Exp $ */
/*
* Copyright (c) 2019 Theo de Raadt <deraadt@openbsd.org>
*
@@ -19,6 +19,8 @@
#include <err.h>
#include <fcntl.h>
+#include <unistd.h>
+#include <netdb.h>
#include <signal.h>
#include <string.h>
#include <limits.h>
@@ -37,7 +39,7 @@ static char output_name[PATH_MAX];
static const struct outputs {
int format;
char *name;
- int (*fn)(FILE *, struct vrp_tree *);
+ int (*fn)(FILE *, struct vrp_tree *, struct stats *);
} outputs[] = {
{ FORMAT_OPENBGPD, "openbgpd", output_bgpd },
{ FORMAT_BIRD, "bird1v4", output_bird1v4 },
@@ -55,7 +57,7 @@ static void sig_handler(int);
static void set_signal_handler(void);
int
-outputfiles(struct vrp_tree *v)
+outputfiles(struct vrp_tree *v, struct stats *st)
{
int i, rc = 0;
@@ -74,7 +76,7 @@ outputfiles(struct vrp_tree *v)
rc = 1;
continue;
}
- if ((*outputs[i].fn)(fout, v) != 0) {
+ if ((*outputs[i].fn)(fout, v, st) != 0) {
warn("output for %s format failed", outputs[i].name);
fclose(fout);
output_cleantmp();
@@ -167,3 +169,40 @@ set_signal_handler(void)
}
}
}
+
+int
+outputheader(FILE *out, struct stats *st)
+{
+ char hn[NI_MAXHOST], tbuf[26];
+ time_t t;
+
+ time(&t);
+ setenv("TZ", "UTC", 1);
+ ctime_r(&t, tbuf);
+ *strrchr(tbuf, '\n') = '\0';
+
+ gethostname(hn, sizeof hn);
+
+ if (fprintf(out, "# Generated on host %s at %s\n", hn, tbuf) < 0)
+ return -1;
+ if (fprintf(out,
+ "# Route Origin Authorizations: %zu (%zu failed parse, %zu invalid)\n",
+ st->roas, st->roas_fail, st->roas_invalid) < 0)
+ return -1;
+ if (fprintf(out, "# Certificates: %zu (%zu failed parse, %zu invalid)\n",
+ st->certs, st->certs_fail, st->certs_invalid) < 0)
+ return -1;
+ if (fprintf(out, "# Trust Anchor Locators: %zu (%s)\n",
+ st->tals, st->talnames) < 0)
+ return -1;
+ if (fprintf(out, "# Manifests: %zu (%zu failed parse, %zu stale)\n",
+ st->mfts, st->mfts_fail, st->mfts_stale) < 0)
+ return -1;
+ if (fprintf(out, "# Certificate revocation lists: %zu\n", st->crls) < 0)
+ return -1;
+ if (fprintf(out, "# Repositories: %zu\n", st->repos) < 0)
+ return -1;
+ if (fprintf(out, "# VRP Entries: %zu (%zu unique)\n", st->vrps, st->uniqs) < 0)
+ return -1;
+ return 0;
+}