CVSROOT: /cvs
Module name: src
Changes by: clau...@cvs.openbsd.org 2021/01/29 03:13:16
Modified files:
usr.sbin/rpki-client: cert.c cms.c crl.c extern.h gbr.c main.c
mft.c roa.c
Log message:
A while ago rpki-client was changed to validate the sha256 hashes of
files referenced in MFT files during the validation of the MFT file.
An MFT is only valid if all files are present and their hashes are valid.
Because of this there is no longer the need to check the hash when
these files are parsed later on. Remove these checks for CRT, ROA and CRL
files. Use the presence of the pkey when parsing cert files to decide
if it is a root cert or not.
OK tb@
