Up to [local] / src / usr.sbin / rpki-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.30 / (download) - annotate - [select for diffs], Wed Feb 21 09:17:06 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.29: +15 -26 lines
Diff to previous 1.29 (colored)
rpki-client: remove the remaining struct parse With the exception of mft.c where there is an additional boolean, this struct carries a file name and a result. This means functions having struct parse in the signature can't be shared between files, which has been annoying. Simply pass file name and necessary info directly as a function parameter and add a small dance to handle the boolean in mft.c. ok job
Revision 1.29 / (download) - annotate - [select for diffs], Fri Oct 13 12:06:49 2023 UTC (7 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
Allow imposing constraints on RPKI trust anchors The ability to constrain a RPKI Trust Anchor's effective signing authority to a limited set of Internet Number Resources allows Relying Parties to enjoy the potential benefits of assuming trust, within a bounded scope. Some examples: ARIN does not support inter-RIR IPv6 transfers, so it wouldn't make any sense to see a ROA subordinate to ARIN's trust anchor covering RIPE-managed IPv6 space. Conversely, it wouldn't make sense to observe a ROA covering ARIN-managed IPv6 space under APNIC's, LACNIC's, or RIPE's trust anchor - even if a derived trust arc (a cryptographically valid certificate path) existed. Along these same lines, AFRINIC doesn't support inter-RIR transfers of any kind, and none of the RIRs have authority over private resources like 10.0.0.0/8 and 2001:db8::/32. For more background see: https://datatracker.ietf.org/doc/draft-snijders-constraining-rpki-trust-anchors/ https://mailman.nanog.org/pipermail/nanog/2023-September/223354.html With and OK tb@, OK claudio@
Revision 1.28 / (download) - annotate - [select for diffs], Mon Sep 25 11:08:45 2023 UTC (8 months, 1 week ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.27: +3 -2 lines
Diff to previous 1.27 (colored)
Pass the talid to various parse functions This will be needed by an upcoming feature where we will need to know what trust anchor a given cert chains to. This doesn't change anything except the size of the diff. ok claudio job
Revision 1.27 / (download) - annotate - [select for diffs], Tue Jun 20 12:39:50 2023 UTC (11 months, 1 week ago) by job
Branch: MAIN
Changes since 1.26: +6 -1 lines
Diff to previous 1.26 (colored)
Add compliance checks for the version, KU, and EKU of TAK/MFT/GBR EE certs OK tb@
Revision 1.26 / (download) - annotate - [select for diffs], Sun Mar 12 11:46:35 2023 UTC (14 months, 3 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
Initialize the local signtime variable in the individual *_parse() functions ok job
Revision 1.25 / (download) - annotate - [select for diffs], Fri Mar 10 12:44:56 2023 UTC (14 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)
mechanical change, rename struct members to match the original X509 names OK tb@
Revision 1.24 / (download) - annotate - [select for diffs], Fri Mar 10 12:02:11 2023 UTC (14 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.23: +3 -9 lines
Diff to previous 1.23 (colored)
Show the X.509 notBefore in filemode OK tb@
Revision 1.23 / (download) - annotate - [select for diffs], Thu Mar 9 18:53:24 2023 UTC (14 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.22: +2 -3 lines
Diff to previous 1.22 (colored)
Unwrap a few lines and zap a tab
Revision 1.22 / (download) - annotate - [select for diffs], Thu Mar 9 12:54:28 2023 UTC (14 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.21: +12 -1 lines
Diff to previous 1.21 (colored)
In filmode also show 'Not After' for GBR records OK tb@
Revision 1.21 / (download) - annotate - [select for diffs], Thu Mar 9 09:46:21 2023 UTC (14 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.20: +5 -2 lines
Diff to previous 1.20 (colored)
Show CMS signing-time signed attribute in filemode OK tb@
Revision 1.20 / (download) - annotate - [select for diffs], Wed Nov 30 09:12:50 2022 UTC (18 months ago) by job
Branch: MAIN
Changes since 1.19: +1 -3 lines
Diff to previous 1.19 (colored)
Remove unused includes OK claudio@
Revision 1.19 / (download) - annotate - [select for diffs], Tue Nov 29 20:41:32 2022 UTC (18 months ago) by job
Branch: MAIN
Changes since 1.18: +1 -2 lines
Diff to previous 1.18 (colored)
Only include stdarg.h, if we call any of va_{start,end}() OK tb@
Revision 1.18 / (download) - annotate - [select for diffs], Tue Nov 29 20:26:22 2022 UTC (18 months ago) by job
Branch: MAIN
Changes since 1.17: +1 -2 lines
Diff to previous 1.17 (colored)
Only include assert.h if we call assert() OK tb@
Revision 1.17 / (download) - annotate - [select for diffs], Fri Nov 4 09:43:13 2022 UTC (18 months, 4 weeks ago) by job
Branch: MAIN
Changes since 1.16: +7 -3 lines
Diff to previous 1.16 (colored)
Check the SIA signedObject in ROA/MFT/ASPA/TAK/GBR EE certificates Unfortunately we can't yet error out when accessMethods other than signedObject are encountered in the SubjectInformationAccess extension because there is pollution in the ecosystem. OK tb@
Revision 1.16 / (download) - annotate - [select for diffs], Wed May 11 21:19:06 2022 UTC (2 years ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.15: +8 -2 lines
Diff to previous 1.15 (colored)
Verify MFT and GBR objects only carry RFC 3779 extensions set to 'inherit' OK claudio@ tb@
Revision 1.15 / (download) - annotate - [select for diffs], Fri Apr 1 17:22:07 2022 UTC (2 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.14: +14 -9 lines
Diff to previous 1.14 (colored)
Change x509_get_aki(), x509_get_ski(), x509_get_aia(), and x509_get_crl() to work more like x509_get_expire(). They will return an error if the extension extraction failed but not if it was not present. The callers must now do that check but most did already. With this cert_parse_inner() no longer cares about TA vs non-TA certs. Feedback and OK tb@
Revision 1.14 / (download) - annotate - [select for diffs], Tue Jan 18 16:24:55 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.13: +1 -1 lines
Diff to previous 1.13 (colored)
Revert all the files that should have not been committed in last commit.
Revision 1.13 / (download) - annotate - [select for diffs], Tue Jan 18 16:18:22 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
Kill extra newline
Revision 1.12 / (download) - annotate - [select for diffs], Tue Jan 18 13:06:43 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.11: +2 -10 lines
Diff to previous 1.11 (colored)
Cleanup the scattered OBJ_txt2obj() calls and move them into x509_init_oid() to initalize all necessary OID objects at start. OK tb@
Revision 1.9.2.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:41:19 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_6_9
Changes since 1.9: +11 -4 lines
Diff to previous 1.9 (colored) next main 1.10 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/6.9/common/021_rpki.patch.sig
Revision 1.10.4.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:40:32 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_7_0
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored) next main 1.11 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/7.0/common/004_rpki.patch.sig
Revision 1.11 / (download) - annotate - [select for diffs], Tue Oct 26 10:52:50 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)
Change CMS and CRL d2i functions from their BIO version to passing the der buffer instead. The file are loaded early in the entity processing loop. OK tb@
Revision 1.10 / (download) - annotate - [select for diffs], Thu Sep 9 14:15:49 2021 UTC (2 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE
Branch point for: OPENBSD_7_0
Changes since 1.9: +10 -3 lines
Diff to previous 1.9 (colored)
Rework how various OIDs are compared in the code. Instead of converting the ASN1_OBJECT into a string and comparing the strings, convert the string into an ASN1_OBJECT once and then compare these objects with OBJ_cmp(). Makes the code a bit easier to read and removes some repetitive conversions. With input and OK tb@
Revision 1.9 / (download) - annotate - [select for diffs], Mon Mar 29 06:50:44 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE
Branch point for: OPENBSD_6_9
Changes since 1.8: +6 -2 lines
Diff to previous 1.8 (colored)
Inline x509_get_extensions() and remove it Since aia, aki and ski are all represented by char *, this is an error-prone interface - as found by job. The function doesn't do much anyway. ok claudio
Revision 1.8 / (download) - annotate - [select for diffs], Mon Mar 29 06:38:35 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.7: +3 -2 lines
Diff to previous 1.7 (colored)
Pull up freeing cms in gbr_parse() after its last use to avoid a leak on x509_get_extensions() failure. Fix suggested by claudio
Revision 1.7 / (download) - annotate - [select for diffs], Sat Mar 27 18:12:15 2021 UTC (3 years, 2 months ago) by job
Branch: MAIN
Changes since 1.6: +3 -3 lines
Diff to previous 1.6 (colored)
Send arguments in alphabetical order OK tb@
Revision 1.6 / (download) - annotate - [select for diffs], Thu Mar 4 15:43:18 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
typo in comment
Revision 1.5 / (download) - annotate - [select for diffs], Tue Feb 16 07:58:30 2021 UTC (3 years, 3 months ago) by job
Branch: MAIN
Changes since 1.4: +4 -2 lines
Diff to previous 1.4 (colored)
get Authority Information Access (AIA) from CA & EE certs In the context of the RPKI, the AIA extension identifies the publication point of the certificate of the issuer of the certificate in which the extension appears. A single reference to the publication point of the immediate superior certificate MUST be present, except for a "self-signed" certificate. Thanks tb@ for review OK claudio@
Revision 1.4 / (download) - annotate - [select for diffs], Thu Feb 4 08:58:19 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
Eventhough most openssl includes include everything try to be a bit more explicit about what is used where. Seems to be the least worst solution.
Revision 1.3 / (download) - annotate - [select for diffs], Fri Jan 29 10:13:16 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
A while ago rpki-client was changed to validate the sha256 hashes of files referenced in MFT files during the validation of the MFT file. An MFT is only valid if all files are present and their hashes are valid. Because of this there is no longer the need to check the hash when these files are parsed later on. Remove these checks for CRT, ROA and CRL files. Use the presence of the pkey when parsing cert files to decide if it is a root cert or not. OK tb@
Revision 1.2 / (download) - annotate - [select for diffs], Tue Dec 29 14:51:11 2020 UTC (3 years, 5 months ago) by job
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
Fix calloc in GBR OK claudio@
Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 9 11:29:04 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Validate ghostbuster records (RFC 6493) but for now do nothing with the provided vcard payload. This change verifies the certificate of the .gbr file and makes sure it is valid (like we do for e.g. .roa files). OK job@