This moves two helper functions down so that the file starts with the
code parsing ASIdentifiers, then the code dealing with IPAddrBlocks.
Index: cert.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/cert.c,v
retrieving revision 1.74
diff -u -p -r1.74 cert.c
--- cert.c 10 May 2022 16:43:53 -0000 1.74
+++ cert.c 10 May 2022 16:44:44 -0000
@@ -54,34 +54,6 @@ extern ASN1_OBJECT *manifest_oid; /* 1.3
extern ASN1_OBJECT *notify_oid; /* 1.3.6.1.5.5.7.48.13 (rpkiNotify) */
/*
- * Append an IP address structure to our list of results.
- * This will also constrain us to having at most one inheritance
- * statement per AFI and also not have overlapping ranges (as prohibited
- * in section 2.2.3.6).
- * It does not make sure that ranges can't coalesce, that is, that any
- * two ranges abut each other.
- * This is warned against in section 2.2.3.6, but doesn't change the
- * semantics of the system.
- * Returns zero on failure (IP overlap) non-zero on success.
- */
-static int
-append_ip(struct parse *p, const struct cert_ip *ip)
-{
- struct cert *res = p->res;
-
- if (!ip_addr_check_overlap(ip, p->fn, p->res->ips, p->res->ipsz))
- return 0;
- if (res->ipsz >= MAX_IP_SIZE)
- return 0;
- res->ips = reallocarray(res->ips, res->ipsz + 1,
- sizeof(struct cert_ip));
- if (res->ips == NULL)
- err(1, NULL);
- res->ips[res->ipsz++] = *ip;
- return 1;
-}
-
-/*
* Append an AS identifier structure to our list of results.
* Makes sure that the identifiers do not overlap or improperly inherit
* as defined by RFC 3779 section 3.3.
@@ -102,28 +74,6 @@ append_as(struct parse *p, const struct
}
/*
- * Construct a RFC 3779 2.2.3.8 range from its bit string.
- * Returns zero on failure, non-zero on success.
- */
-static int
-sbgp_addr(struct parse *p, struct cert_ip *ip, const ASN1_BIT_STRING *bs)
-{
- if (!ip_addr_parse(bs, ip->afi, p->fn, &ip->ip)) {
- warnx("%s: RFC 3779 section 2.2.3.8: IPAddress: "
- "invalid IP address", p->fn);
- return 0;
- }
-
- if (!ip_cert_compose_ranges(ip)) {
- warnx("%s: RFC 3779 section 2.2.3.8: IPAddress: "
- "IP address range reversed", p->fn);
- return 0;
- }
-
- return append_ip(p, ip);
-}
-
-/*
* Parse a range of addresses as in 3.2.3.8.
* Returns zero on failure, non-zero on success.
*/
@@ -414,6 +364,56 @@ out:
sk_ASN1_TYPE_pop_free(sseq, ASN1_TYPE_free);
free(sv);
return rc;
+}
+
+/*
+ * Append an IP address structure to our list of results.
+ * This will also constrain us to having at most one inheritance
+ * statement per AFI and also not have overlapping ranges (as prohibited
+ * in section 2.2.3.6).
+ * It does not make sure that ranges can't coalesce, that is, that any
+ * two ranges abut each other.
+ * This is warned against in section 2.2.3.6, but doesn't change the
+ * semantics of the system.
+ * Returns zero on failure (IP overlap) non-zero on success.
+ */
+static int
+append_ip(struct parse *p, const struct cert_ip *ip)
+{
+ struct cert *res = p->res;
+
+ if (!ip_addr_check_overlap(ip, p->fn, p->res->ips, p->res->ipsz))
+ return 0;
+ if (res->ipsz >= MAX_IP_SIZE)
+ return 0;
+ res->ips = reallocarray(res->ips, res->ipsz + 1,
+ sizeof(struct cert_ip));
+ if (res->ips == NULL)
+ err(1, NULL);
+ res->ips[res->ipsz++] = *ip;
+ return 1;
+}
+
+/*
+ * Construct a RFC 3779 2.2.3.8 range from its bit string.
+ * Returns zero on failure, non-zero on success.
+ */
+static int
+sbgp_addr(struct parse *p, struct cert_ip *ip, const ASN1_BIT_STRING *bs)
+{
+ if (!ip_addr_parse(bs, ip->afi, p->fn, &ip->ip)) {
+ warnx("%s: RFC 3779 section 2.2.3.8: IPAddress: "
+ "invalid IP address", p->fn);
+ return 0;
+ }
+
+ if (!ip_cert_compose_ranges(ip)) {
+ warnx("%s: RFC 3779 section 2.2.3.8: IPAddress: "
+ "IP address range reversed", p->fn);
+ return 0;
+ }
+
+ return append_ip(p, ip);
}
/*
