On Tue, Jun 30, 2020 at 10:33:21AM +0000, Job Snijders wrote:
> Remove rpki-client's -f command line option
>
> I haven't come across a use case that requires tricking the software
> into accepting out-of-date manifests. Anyone using -f? I think this is a
> leftover from the initial debugging era.
>
> OK?
Agreed. I think the last time I used this was in Elk Lakes during
development. I would not encurage anyone to use -f in production.
OK claudio@
> Index: extern.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v
> retrieving revision 1.30
> diff -u -p -r1.30 extern.h
> --- extern.h 24 Jun 2020 14:39:21 -0000 1.30
> +++ extern.h 30 Jun 2020 10:21:04 -0000
> @@ -289,7 +289,7 @@ struct cert *cert_read(int);
>
> void mft_buffer(char **, size_t *, size_t *, const struct mft *);
> void mft_free(struct mft *);
> -struct mft *mft_parse(X509 **, const char *, int);
> +struct mft *mft_parse(X509 **, const char *);
> int mft_check(const char *, struct mft *);
> struct mft *mft_read(int);
>
> Index: main.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v
> retrieving revision 1.71
> diff -u -p -r1.71 main.c
> --- main.c 24 Jun 2020 14:39:21 -0000 1.71
> +++ main.c 30 Jun 2020 10:21:05 -0000
> @@ -148,7 +148,7 @@ struct filepath_tree fpt = RB_INITIALIZ
> /*
> * Mark that our subprocesses will never return.
> */
> -static void proc_parser(int, int) __attribute__((noreturn));
> +static void proc_parser(int) __attribute__((noreturn));
> static void proc_rsync(char *, char *, int, int)
> __attribute__((noreturn));
> static void build_chain(const struct auth *, STACK_OF(X509) **);
> @@ -892,8 +892,8 @@ proc_parser_roa(struct entity *entp,
> * Return the mft on success or NULL on failure.
> */
> static struct mft *
> -proc_parser_mft(struct entity *entp, int force, X509_STORE *store,
> - X509_STORE_CTX *ctx, struct auth_tree *auths, struct crl_tree *crlt)
> +proc_parser_mft(struct entity *entp, X509_STORE *store, X509_STORE_CTX *ctx,
> + struct auth_tree *auths, struct crl_tree *crlt)
> {
> struct mft *mft;
> X509 *x509;
> @@ -902,7 +902,7 @@ proc_parser_mft(struct entity *entp, int
> STACK_OF(X509) *chain;
>
> assert(!entp->has_dgst);
> - if ((mft = mft_parse(&x509, entp->uri, force)) == NULL)
> + if ((mft = mft_parse(&x509, entp->uri)) == NULL)
> return NULL;
>
> a = valid_ski_aki(entp->uri, auths, mft->ski, mft->aki);
> @@ -1127,7 +1127,7 @@ build_crls(const struct auth *a, struct
> * The process will exit cleanly only when fd is closed.
> */
> static void
> -proc_parser(int fd, int force)
> +proc_parser(int fd)
> {
> struct tal *tal;
> struct cert *cert;
> @@ -1249,8 +1249,7 @@ proc_parser(int fd, int force)
> */
> break;
> case RTYPE_MFT:
> - mft = proc_parser_mft(entp, force,
> - store, ctx, &auths, &crlt);
> + mft = proc_parser_mft(entp, store, ctx, &auths, &crlt);
> c = (mft != NULL);
> io_simple_buffer(&b, &bsz, &bmax, &c, sizeof(int));
> if (mft != NULL)
> @@ -1500,8 +1499,7 @@ int
> main(int argc, char *argv[])
> {
> int rc = 1, c, proc, st, rsync,
> - fl = SOCK_STREAM | SOCK_CLOEXEC, noop = 0,
> - force = 0;
> + fl = SOCK_STREAM | SOCK_CLOEXEC, noop = 0;
> size_t i, j, eid = 1, outsz = 0, talsz = 0;
> pid_t procpid, rsyncpid;
> int fd[2];
> @@ -1539,7 +1537,7 @@ main(int argc, char *argv[])
> if (pledge("stdio rpath wpath cpath fattr proc exec unveil", NULL) ==
> -1)
> err(1, "pledge");
>
> - while ((c = getopt(argc, argv, "b:Bcd:e:fjnot:T:v")) != -1)
> + while ((c = getopt(argc, argv, "b:Bcd:e:jnot:T:v")) != -1)
> switch (c) {
> case 'b':
> bind_addr = optarg;
> @@ -1556,9 +1554,6 @@ main(int argc, char *argv[])
> case 'e':
> rsync_prog = optarg;
> break;
> - case 'f':
> - force = 1;
> - break;
> case 'j':
> outformats |= FORMAT_JSON;
> break;
> @@ -1634,7 +1629,7 @@ main(int argc, char *argv[])
> err(1, "%s: unveil", cachedir);
> if (pledge("stdio rpath", NULL) == -1)
> err(1, "pledge");
> - proc_parser(fd[0], force);
> + proc_parser(fd[0]);
> /* NOTREACHED */
> }
>
> @@ -1826,7 +1821,7 @@ main(int argc, char *argv[])
>
> usage:
> fprintf(stderr,
> - "usage: rpki-client [-Bcfjnov] [-b sourceaddr] [-d cachedir]"
> + "usage: rpki-client [-Bcjnov] [-b sourceaddr] [-d cachedir]"
> " [-e rsync_prog]\n"
> " [-T table] [-t tal] [outputdir]\n");
> return 1;
> Index: mft.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v
> retrieving revision 1.14
> diff -u -p -r1.14 mft.c
> --- mft.c 11 Apr 2020 15:53:44 -0000 1.14
> +++ mft.c 30 Jun 2020 10:21:05 -0000
> @@ -61,7 +61,7 @@ gentime2str(const ASN1_GENERALIZEDTIME *
> */
> static time_t
> check_validity(const ASN1_GENERALIZEDTIME *from,
> - const ASN1_GENERALIZEDTIME *until, const char *fn, int force)
> + const ASN1_GENERALIZEDTIME *until, const char *fn)
> {
> time_t now = time(NULL);
>
> @@ -82,10 +82,8 @@ check_validity(const ASN1_GENERALIZEDTIM
> }
> /* check that now is not after until */
> if (X509_cmp_time(until, &now) < 0) {
> - warnx("%s: mft expired on %s%s", fn, gentime2str(until),
> - force ? " (ignoring)" : "");
> - if (!force)
> - return 0;
> + warnx("%s: mft expired on %s", fn, gentime2str(until));
> + return 0;
> }
>
> return 1;
> @@ -237,7 +235,7 @@ out:
> * Returns <0 on failure, 0 on stale, >0 on success.
> */
> static int
> -mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p, int
> force)
> +mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
> {
> ASN1_SEQUENCE_ANY *seq;
> const ASN1_TYPE *t;
> @@ -311,7 +309,7 @@ mft_parse_econtent(const unsigned char *
> }
> until = t->value.generalizedtime;
>
> - validity = check_validity(from, until, p->fn, force);
> + validity = check_validity(from, until, p->fn);
> if (validity != 1)
> goto out;
>
> @@ -356,7 +354,7 @@ out:
> * The MFT content is otherwise returned.
> */
> struct mft *
> -mft_parse(X509 **x509, const char *fn, int force)
> +mft_parse(X509 **x509, const char *fn)
> {
> struct parse p;
> int c, rc = 0;
> @@ -384,7 +382,7 @@ mft_parse(X509 **x509, const char *fn, i
> * references as well as marking it as stale.
> */
>
> - if ((c = mft_parse_econtent(cms, cmsz, &p, force)) == 0) {
> + if ((c = mft_parse_econtent(cms, cmsz, &p)) == 0) {
> /*
> * FIXME: it should suffice to just mark this as stale
> * and have the logic around mft_read() simply ignore
> Index: rpki-client.8
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rpki-client/rpki-client.8,v
> retrieving revision 1.27
> diff -u -p -r1.27 rpki-client.8
> --- rpki-client.8 14 May 2020 07:12:16 -0000 1.27
> +++ rpki-client.8 30 Jun 2020 10:21:05 -0000
> @@ -81,9 +81,6 @@ It must accept the
> and
> .Fl -delete
> flags and connect with rsync-protocol locations.
> -.It Fl f
> -Accept out-of-date manifests.
> -This will still report if a manifest has expired.
> .It Fl j
> Create output in the file
> .Pa json
>
--
:wq Claudio
