artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a0c63bf) | patch
Display distinct errors for various problematic CRL/MFT situationships
authorjob <job@openbsd.org>
Sat, 20 Apr 2024 15:45:41 +0000 (15:45 +0000)
committerjob <job@openbsd.org>
Sat, 20 Apr 2024 15:45:41 +0000 (15:45 +0000)
commit8a9424f8c5c906abef17d8f94fe007f2fa52c0bc
tree0699c0545388d76c54be9a2ebc517cfb29c164aftree | snapshot
parenta0c63bf7b3c7302866013e3b35aadf54a323acc7commit | diff
Display distinct errors for various problematic CRL/MFT situationships

RFC 6487 section 8 specifies only a single CRL is issued at a time, so
error when multiple .crl files are listed in a Manifest's FileList.

The CRLDP extension identifies the location of the CRL, so the CRL's
filename must match the CA's CRLDP's 'rsync://' entry, error if that
isn't the case. (RFC 6486 section 4.8.6)

with & OK tb@
usr.sbin/rpki-client/mft.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim