CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/06/17 02:22:21
Modified files:
usr.sbin/rpki-client: aspa.c mft.c roa.c rsc.c spl.c tak.c
Log message:
rpki-client: unify CMS signed object parsers
This commit starts unifying various CMS signed object parsers in
preparation for a lot more refactoring of this long-accumulated
copy-paste mess.
The signed object is passed as a void * object to various handlers, so
these handlers all have the same signature.
In this step, *_parse() is essentially split into allocation plus:
1. *_cert_info(), which checks some basic things on the EE cert (usually
inheritance, presence or absence of RFC 3779 extensions). For MFTs
it also extracts some info and hangs that off mft.
2. the already existing *_parse_econtent()
3. *_validate() that does some validation steps and sets ->valid.
In most signed object handlers the validate step can't currently
fail. This is one of the many warts we've accumulated and is marked
with an /* XXX */.
This is all straightforward and should not change anything.
The reason cert_info comes after parse_econtent is that the latter
usually has some helpers and it is easier to reason about this if
the future struct members are somewhat close to each other.
ok claudio job
