On Tue, Jun 30, 2020 at 10:33:21AM +0000, Job Snijders wrote: > Remove rpki-client's -f command line option > > I haven't come across a use case that requires tricking the software > into accepting out-of-date manifests. Anyone using -f? I think this is a > leftover from the initial debugging era. > > OK?
Agreed. I think the last time I used this was in Elk Lakes during development. I would not encurage anyone to use -f in production. OK claudio@ > Index: extern.h > =================================================================== > RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v > retrieving revision 1.30 > diff -u -p -r1.30 extern.h > --- extern.h 24 Jun 2020 14:39:21 -0000 1.30 > +++ extern.h 30 Jun 2020 10:21:04 -0000 > @@ -289,7 +289,7 @@ struct cert *cert_read(int); > > void mft_buffer(char **, size_t *, size_t *, const struct mft *); > void mft_free(struct mft *); > -struct mft *mft_parse(X509 **, const char *, int); > +struct mft *mft_parse(X509 **, const char *); > int mft_check(const char *, struct mft *); > struct mft *mft_read(int); > > Index: main.c > =================================================================== > RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v > retrieving revision 1.71 > diff -u -p -r1.71 main.c > --- main.c 24 Jun 2020 14:39:21 -0000 1.71 > +++ main.c 30 Jun 2020 10:21:05 -0000 > @@ -148,7 +148,7 @@ struct filepath_tree fpt = RB_INITIALIZ > /* > * Mark that our subprocesses will never return. > */ > -static void proc_parser(int, int) __attribute__((noreturn)); > +static void proc_parser(int) __attribute__((noreturn)); > static void proc_rsync(char *, char *, int, int) > __attribute__((noreturn)); > static void build_chain(const struct auth *, STACK_OF(X509) **); > @@ -892,8 +892,8 @@ proc_parser_roa(struct entity *entp, > * Return the mft on success or NULL on failure. > */ > static struct mft * > -proc_parser_mft(struct entity *entp, int force, X509_STORE *store, > - X509_STORE_CTX *ctx, struct auth_tree *auths, struct crl_tree *crlt) > +proc_parser_mft(struct entity *entp, X509_STORE *store, X509_STORE_CTX *ctx, > + struct auth_tree *auths, struct crl_tree *crlt) > { > struct mft *mft; > X509 *x509; > @@ -902,7 +902,7 @@ proc_parser_mft(struct entity *entp, int > STACK_OF(X509) *chain; > > assert(!entp->has_dgst); > - if ((mft = mft_parse(&x509, entp->uri, force)) == NULL) > + if ((mft = mft_parse(&x509, entp->uri)) == NULL) > return NULL; > > a = valid_ski_aki(entp->uri, auths, mft->ski, mft->aki); > @@ -1127,7 +1127,7 @@ build_crls(const struct auth *a, struct > * The process will exit cleanly only when fd is closed. > */ > static void > -proc_parser(int fd, int force) > +proc_parser(int fd) > { > struct tal *tal; > struct cert *cert; > @@ -1249,8 +1249,7 @@ proc_parser(int fd, int force) > */ > break; > case RTYPE_MFT: > - mft = proc_parser_mft(entp, force, > - store, ctx, &auths, &crlt); > + mft = proc_parser_mft(entp, store, ctx, &auths, &crlt); > c = (mft != NULL); > io_simple_buffer(&b, &bsz, &bmax, &c, sizeof(int)); > if (mft != NULL) > @@ -1500,8 +1499,7 @@ int > main(int argc, char *argv[]) > { > int rc = 1, c, proc, st, rsync, > - fl = SOCK_STREAM | SOCK_CLOEXEC, noop = 0, > - force = 0; > + fl = SOCK_STREAM | SOCK_CLOEXEC, noop = 0; > size_t i, j, eid = 1, outsz = 0, talsz = 0; > pid_t procpid, rsyncpid; > int fd[2]; > @@ -1539,7 +1537,7 @@ main(int argc, char *argv[]) > if (pledge("stdio rpath wpath cpath fattr proc exec unveil", NULL) == > -1) > err(1, "pledge"); > > - while ((c = getopt(argc, argv, "b:Bcd:e:fjnot:T:v")) != -1) > + while ((c = getopt(argc, argv, "b:Bcd:e:jnot:T:v")) != -1) > switch (c) { > case 'b': > bind_addr = optarg; > @@ -1556,9 +1554,6 @@ main(int argc, char *argv[]) > case 'e': > rsync_prog = optarg; > break; > - case 'f': > - force = 1; > - break; > case 'j': > outformats |= FORMAT_JSON; > break; > @@ -1634,7 +1629,7 @@ main(int argc, char *argv[]) > err(1, "%s: unveil", cachedir); > if (pledge("stdio rpath", NULL) == -1) > err(1, "pledge"); > - proc_parser(fd[0], force); > + proc_parser(fd[0]); > /* NOTREACHED */ > } > > @@ -1826,7 +1821,7 @@ main(int argc, char *argv[]) > > usage: > fprintf(stderr, > - "usage: rpki-client [-Bcfjnov] [-b sourceaddr] [-d cachedir]" > + "usage: rpki-client [-Bcjnov] [-b sourceaddr] [-d cachedir]" > " [-e rsync_prog]\n" > " [-T table] [-t tal] [outputdir]\n"); > return 1; > Index: mft.c > =================================================================== > RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v > retrieving revision 1.14 > diff -u -p -r1.14 mft.c > --- mft.c 11 Apr 2020 15:53:44 -0000 1.14 > +++ mft.c 30 Jun 2020 10:21:05 -0000 > @@ -61,7 +61,7 @@ gentime2str(const ASN1_GENERALIZEDTIME * > */ > static time_t > check_validity(const ASN1_GENERALIZEDTIME *from, > - const ASN1_GENERALIZEDTIME *until, const char *fn, int force) > + const ASN1_GENERALIZEDTIME *until, const char *fn) > { > time_t now = time(NULL); > > @@ -82,10 +82,8 @@ check_validity(const ASN1_GENERALIZEDTIM > } > /* check that now is not after until */ > if (X509_cmp_time(until, &now) < 0) { > - warnx("%s: mft expired on %s%s", fn, gentime2str(until), > - force ? " (ignoring)" : ""); > - if (!force) > - return 0; > + warnx("%s: mft expired on %s", fn, gentime2str(until)); > + return 0; > } > > return 1; > @@ -237,7 +235,7 @@ out: > * Returns <0 on failure, 0 on stale, >0 on success. > */ > static int > -mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p, int > force) > +mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p) > { > ASN1_SEQUENCE_ANY *seq; > const ASN1_TYPE *t; > @@ -311,7 +309,7 @@ mft_parse_econtent(const unsigned char * > } > until = t->value.generalizedtime; > > - validity = check_validity(from, until, p->fn, force); > + validity = check_validity(from, until, p->fn); > if (validity != 1) > goto out; > > @@ -356,7 +354,7 @@ out: > * The MFT content is otherwise returned. > */ > struct mft * > -mft_parse(X509 **x509, const char *fn, int force) > +mft_parse(X509 **x509, const char *fn) > { > struct parse p; > int c, rc = 0; > @@ -384,7 +382,7 @@ mft_parse(X509 **x509, const char *fn, i > * references as well as marking it as stale. > */ > > - if ((c = mft_parse_econtent(cms, cmsz, &p, force)) == 0) { > + if ((c = mft_parse_econtent(cms, cmsz, &p)) == 0) { > /* > * FIXME: it should suffice to just mark this as stale > * and have the logic around mft_read() simply ignore > Index: rpki-client.8 > =================================================================== > RCS file: /cvs/src/usr.sbin/rpki-client/rpki-client.8,v > retrieving revision 1.27 > diff -u -p -r1.27 rpki-client.8 > --- rpki-client.8 14 May 2020 07:12:16 -0000 1.27 > +++ rpki-client.8 30 Jun 2020 10:21:05 -0000 > @@ -81,9 +81,6 @@ It must accept the > and > .Fl -delete > flags and connect with rsync-protocol locations. > -.It Fl f > -Accept out-of-date manifests. > -This will still report if a manifest has expired. > .It Fl j > Create output in the file > .Pa json > -- :wq Claudio