diff options
-rw-r--r-- | usr.sbin/rpki-client/extern.h | 38 | ||||
-rw-r--r-- | usr.sbin/rpki-client/main.c | 37 | ||||
-rw-r--r-- | usr.sbin/rpki-client/output-bgpd.c | 7 | ||||
-rw-r--r-- | usr.sbin/rpki-client/output-bird.c | 19 | ||||
-rw-r--r-- | usr.sbin/rpki-client/output-csv.c | 4 | ||||
-rw-r--r-- | usr.sbin/rpki-client/output-json.c | 66 | ||||
-rw-r--r-- | usr.sbin/rpki-client/output.c | 47 |
7 files changed, 172 insertions, 46 deletions
diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index 27f1d0866ce..7e312c1105b 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.27 2020/04/01 14:15:49 claudio Exp $ */ +/* $OpenBSD: extern.h,v 1.28 2020/04/28 13:41:35 deraadt Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -244,6 +244,27 @@ enum rtype { RTYPE_CRL }; +/* + * Statistics collected during run-time. + */ +struct stats { + size_t tals; /* total number of locators */ + size_t mfts; /* total number of manifests */ + size_t mfts_fail; /* failing syntactic parse */ + size_t mfts_stale; /* stale manifests */ + size_t certs; /* certificates */ + size_t certs_fail; /* failing syntactic parse */ + size_t certs_invalid; /* invalid resources */ + size_t roas; /* route origin authorizations */ + size_t roas_fail; /* failing syntactic parse */ + size_t roas_invalid; /* invalid resources */ + size_t repos; /* repositories */ + size_t crls; /* revocation lists */ + size_t vrps; /* total number of vrps */ + size_t uniqs; /* number of unique vrps */ + char *talnames; +}; + /* global variables */ extern int verbose; @@ -370,13 +391,14 @@ extern int outformats; #define FORMAT_JSON 0x08 extern char* outputdir; -int outputfiles(struct vrp_tree *v); -int output_bgpd(FILE *, struct vrp_tree *); -int output_bird1v4(FILE *, struct vrp_tree *); -int output_bird1v6(FILE *, struct vrp_tree *); -int output_bird2(FILE *, struct vrp_tree *); -int output_csv(FILE *, struct vrp_tree *); -int output_json(FILE *, struct vrp_tree *); +int outputfiles(struct vrp_tree *v, struct stats *); +int outputheader(FILE *, struct stats *); +int output_bgpd(FILE *, struct vrp_tree *, struct stats *); +int output_bird1v4(FILE *, struct vrp_tree *, struct stats *); +int output_bird1v6(FILE *, struct vrp_tree *, struct stats *); +int output_bird2(FILE *, struct vrp_tree *, struct stats *); +int output_csv(FILE *, struct vrp_tree *, struct stats *); +int output_json(FILE *, struct vrp_tree *, struct stats *); void logx(const char *fmt, ...) __attribute__((format(printf, 1, 2))); diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c index 2122fc48592..d88e1281e44 100644 --- a/usr.sbin/rpki-client/main.c +++ b/usr.sbin/rpki-client/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.65 2020/04/23 12:55:44 benno Exp $ */ +/* $OpenBSD: main.c,v 1.66 2020/04/28 13:41:35 deraadt Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -77,26 +77,6 @@ #define TALSZ_MAX 8 /* - * Statistics collected during run-time. - */ -struct stats { - size_t tals; /* total number of locators */ - size_t mfts; /* total number of manifests */ - size_t mfts_fail; /* failing syntactic parse */ - size_t mfts_stale; /* stale manifests */ - size_t certs; /* certificates */ - size_t certs_fail; /* failing syntactic parse */ - size_t certs_invalid; /* invalid resources */ - size_t roas; /* route origin authorizations */ - size_t roas_fail; /* failing syntactic parse */ - size_t roas_invalid; /* invalid resources */ - size_t repos; /* repositories */ - size_t crls; /* revocation lists */ - size_t vrps; /* total number of vrps */ - size_t uniqs; /* number of unique vrps */ -}; - -/* * An rsync repository. */ struct repo { @@ -479,6 +459,8 @@ queue_add_from_mft_set(int fd, struct entityq *q, const struct mft *mft, } } +char *talnames; + /* * Add a local TAL file (RFC 7730) to the queue of files to fetch. */ @@ -491,6 +473,16 @@ queue_add_tal(int fd, struct entityq *q, const char *file, size_t *eid) err(1, "strdup"); buf = tal_read_file(file); + /* Record tal for later reporting */ + if (talnames == NULL) + talnames = strdup(file); + else { + char *tmp; + asprintf(&tmp, "%s %s", talnames, file); + free(talnames); + talnames = tmp; + } + /* Not in a repository, so directly add to queue. */ entityq_add(fd, q, nfile, RTYPE_TAL, NULL, NULL, NULL, 0, buf, eid); /* entityq_add makes a copy of buf */ @@ -1656,7 +1648,8 @@ main(int argc, char *argv[]) rc = 1; } - if (outputfiles(&v)) + stats.talnames = talnames; + if (outputfiles(&v, &stats)) rc = 1; logx("Route Origin Authorizations: %zu (%zu failed parse, %zu invalid)", diff --git a/usr.sbin/rpki-client/output-bgpd.c b/usr.sbin/rpki-client/output-bgpd.c index e3608e57145..a60cb5dafa5 100644 --- a/usr.sbin/rpki-client/output-bgpd.c +++ b/usr.sbin/rpki-client/output-bgpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output-bgpd.c,v 1.16 2019/12/04 23:03:05 benno Exp $ */ +/* $OpenBSD: output-bgpd.c,v 1.17 2020/04/28 13:41:35 deraadt Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -21,11 +21,14 @@ #include "extern.h" int -output_bgpd(FILE *out, struct vrp_tree *vrps) +output_bgpd(FILE *out, struct vrp_tree *vrps, struct stats *st) { char buf1[64], buf2[32]; struct vrp *v; + if (outputheader(out, st) < 0) + return -1; + if (fprintf(out, "roa-set {\n") < 0) return -1; diff --git a/usr.sbin/rpki-client/output-bird.c b/usr.sbin/rpki-client/output-bird.c index e9067b402ed..483dc583d95 100644 --- a/usr.sbin/rpki-client/output-bird.c +++ b/usr.sbin/rpki-client/output-bird.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output-bird.c,v 1.7 2020/03/06 17:36:42 benno Exp $ */ +/* $OpenBSD: output-bird.c,v 1.8 2020/04/28 13:41:35 deraadt Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2020 Robert Scheck <robert@fedoraproject.org> @@ -22,12 +22,15 @@ #include "extern.h" int -output_bird1v4(FILE *out, struct vrp_tree *vrps) +output_bird1v4(FILE *out, struct vrp_tree *vrps, struct stats *st) { extern const char *bird_tablename; char buf[64]; struct vrp *v; + if (outputheader(out, st) < 0) + return -1; + if (fprintf(out, "roa table %s {\n", bird_tablename) < 0) return -1; @@ -46,12 +49,15 @@ output_bird1v4(FILE *out, struct vrp_tree *vrps) } int -output_bird1v6(FILE *out, struct vrp_tree *vrps) +output_bird1v6(FILE *out, struct vrp_tree *vrps, struct stats *st) { extern const char *bird_tablename; char buf[64]; struct vrp *v; + if (outputheader(out, st) < 0) + return -1; + if (fprintf(out, "roa table %s {\n", bird_tablename) < 0) return -1; @@ -70,14 +76,17 @@ output_bird1v6(FILE *out, struct vrp_tree *vrps) } int -output_bird2(FILE *out, struct vrp_tree *vrps) +output_bird2(FILE *out, struct vrp_tree *vrps, struct stats *st) { extern const char *bird_tablename; char buf[64]; struct vrp *v; time_t now = time(NULL); - if (fprintf(out, "define force_roa_table_update = %lld;\n\n" + if (outputheader(out, st) < 0) + return -1; + + if (fprintf(out, "\ndefine force_roa_table_update = %lld;\n\n" "roa4 table %s4;\nroa6 table %s6;\n\n" "protocol static {\n\troa4 { table %s4; };\n\n", (long long) now, bird_tablename, bird_tablename, diff --git a/usr.sbin/rpki-client/output-csv.c b/usr.sbin/rpki-client/output-csv.c index da56e04e88d..22147397068 100644 --- a/usr.sbin/rpki-client/output-csv.c +++ b/usr.sbin/rpki-client/output-csv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output-csv.c,v 1.6 2019/12/04 23:03:05 benno Exp $ */ +/* $OpenBSD: output-csv.c,v 1.7 2020/04/28 13:41:35 deraadt Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * @@ -21,7 +21,7 @@ #include "extern.h" int -output_csv(FILE *out, struct vrp_tree *vrps) +output_csv(FILE *out, struct vrp_tree *vrps, struct stats *st) { char buf[64]; struct vrp *v; diff --git a/usr.sbin/rpki-client/output-json.c b/usr.sbin/rpki-client/output-json.c index a2ea0856eb4..eb39ef2c60b 100644 --- a/usr.sbin/rpki-client/output-json.c +++ b/usr.sbin/rpki-client/output-json.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output-json.c,v 1.6 2019/12/04 23:03:05 benno Exp $ */ +/* $OpenBSD: output-json.c,v 1.7 2020/04/28 13:41:35 deraadt Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * @@ -16,18 +16,78 @@ */ #include <stdlib.h> +#include <unistd.h> +#include <netdb.h> #include <openssl/ssl.h> #include "extern.h" +static int +outputheader_json(FILE *out, struct stats *st) +{ + char hn[NI_MAXHOST], tbuf[26]; + time_t t; + + time(&t); + setenv("TZ", "UTC", 1); + ctime_r(&t, tbuf); + *strrchr(tbuf, '\n') = '\0'; + + gethostname(hn, sizeof hn); + + if (fprintf(out, "{\n\t\"metadata\": {\n") < 0) + return -1; + if (fprintf(out, "\t\t\"buildmachine\": \"%s\",\n", hn) < 0) + return -1; + if (fprintf(out, "\t\t\"buildtime\": \"%s\",\n", tbuf) < 0) + return -1; + + if (fprintf(out, "\t\t\"roas\": %zu,\n", st->roas) < 0) + return -1; + if (fprintf(out, "\t\t\"failedroas\": %zu,\n", st->roas_fail) < 0) + return -1; + if (fprintf(out, "\t\t\"invalidroas\": %zu,\n", st->roas_invalid) < 0) + return -1; + if (fprintf(out, "\t\t\"tals\": %zu,\n", st->tals) < 0) + return -1; + if (fprintf(out, "\t\t\"talfiles\": \"%s\",\n", st->talnames) < 0) + return -1; + if (fprintf(out, "\t\t\"certificates\": %zu,\n", st->certs) < 0) + return -1; + if (fprintf(out, "\t\t\"failcertificates\": %zu,\n", st->certs_fail) < 0) + return -1; + if (fprintf(out, "\t\t\"invalidcertificates\": %zu,\n", st->certs_invalid) < 0) + return -1; + if (fprintf(out, "\t\t\"manifests\": %zu,\n", st->mfts) < 0) + return -1; + if (fprintf(out, "\t\t\"failedmanifests\": %zu,\n", st->mfts_fail) < 0) + return -1; + if (fprintf(out, "\t\t\"stalemanifests\": %zu,\n", st->mfts_stale) < 0) + return -1; + if (fprintf(out, "\t\t\"crls\": %zu,\n", st->crls) < 0) + return -1; + if (fprintf(out, "\t\t\"repositories\": %zu,\n", st->repos) < 0) + return -1; + if (fprintf(out, "\t\t\"vrps\": %zu,\n", st->vrps) < 0) + return -1; + if (fprintf(out, "\t\t\"uniquevrps\": %zu\n", st->uniqs) < 0) + return -1; + if (fprintf(out, "\t},\n\n") < 0) + return -1; + return 0; +} + int -output_json(FILE *out, struct vrp_tree *vrps) +output_json(FILE *out, struct vrp_tree *vrps, struct stats *st) { char buf[64]; struct vrp *v; int first = 1; - if (fprintf(out, "{\n\t\"roas\": [\n") < 0) + if (outputheader_json(out, st) < 0) + return -1; + + if (fprintf(out, "\t\"roas\": [\n") < 0) return -1; RB_FOREACH(v, vrp_tree, vrps) { diff --git a/usr.sbin/rpki-client/output.c b/usr.sbin/rpki-client/output.c index 3b521ca108d..41c21af552e 100644 --- a/usr.sbin/rpki-client/output.c +++ b/usr.sbin/rpki-client/output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: output.c,v 1.10 2020/04/11 15:23:23 benno Exp $ */ +/* $OpenBSD: output.c,v 1.11 2020/04/28 13:41:35 deraadt Exp $ */ /* * Copyright (c) 2019 Theo de Raadt <deraadt@openbsd.org> * @@ -19,6 +19,8 @@ #include <err.h> #include <fcntl.h> +#include <unistd.h> +#include <netdb.h> #include <signal.h> #include <string.h> #include <limits.h> @@ -37,7 +39,7 @@ static char output_name[PATH_MAX]; static const struct outputs { int format; char *name; - int (*fn)(FILE *, struct vrp_tree *); + int (*fn)(FILE *, struct vrp_tree *, struct stats *); } outputs[] = { { FORMAT_OPENBGPD, "openbgpd", output_bgpd }, { FORMAT_BIRD, "bird1v4", output_bird1v4 }, @@ -55,7 +57,7 @@ static void sig_handler(int); static void set_signal_handler(void); int -outputfiles(struct vrp_tree *v) +outputfiles(struct vrp_tree *v, struct stats *st) { int i, rc = 0; @@ -74,7 +76,7 @@ outputfiles(struct vrp_tree *v) rc = 1; continue; } - if ((*outputs[i].fn)(fout, v) != 0) { + if ((*outputs[i].fn)(fout, v, st) != 0) { warn("output for %s format failed", outputs[i].name); fclose(fout); output_cleantmp(); @@ -167,3 +169,40 @@ set_signal_handler(void) } } } + +int +outputheader(FILE *out, struct stats *st) +{ + char hn[NI_MAXHOST], tbuf[26]; + time_t t; + + time(&t); + setenv("TZ", "UTC", 1); + ctime_r(&t, tbuf); + *strrchr(tbuf, '\n') = '\0'; + + gethostname(hn, sizeof hn); + + if (fprintf(out, "# Generated on host %s at %s\n", hn, tbuf) < 0) + return -1; + if (fprintf(out, + "# Route Origin Authorizations: %zu (%zu failed parse, %zu invalid)\n", + st->roas, st->roas_fail, st->roas_invalid) < 0) + return -1; + if (fprintf(out, "# Certificates: %zu (%zu failed parse, %zu invalid)\n", + st->certs, st->certs_fail, st->certs_invalid) < 0) + return -1; + if (fprintf(out, "# Trust Anchor Locators: %zu (%s)\n", + st->tals, st->talnames) < 0) + return -1; + if (fprintf(out, "# Manifests: %zu (%zu failed parse, %zu stale)\n", + st->mfts, st->mfts_fail, st->mfts_stale) < 0) + return -1; + if (fprintf(out, "# Certificate revocation lists: %zu\n", st->crls) < 0) + return -1; + if (fprintf(out, "# Repositories: %zu\n", st->repos) < 0) + return -1; + if (fprintf(out, "# VRP Entries: %zu (%zu unique)\n", st->vrps, st->uniqs) < 0) + return -1; + return 0; +} |