artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0870592) | patch
When parsing MFT the CRL referenced by the MFT is loaded and verified at
authorclaudio <claudio@openbsd.org>
Thu, 23 Feb 2023 09:50:40 +0000 (09:50 +0000)
committerclaudio <claudio@openbsd.org>
Thu, 23 Feb 2023 09:50:40 +0000 (09:50 +0000)
commite038f1a19ed776790f781a4bc86a618f984c526e
tree4631e629ad3ed364bcc014a6ca0822aa18bab8f3tree | snapshot
parent08705922bf4d7a46fc89e298b7482890a2ddf809commit | diff
When parsing MFT the CRL referenced by the MFT is loaded and verified at
the same time. So in case of a valid crl pass the CRL filename as entity
message to the parent process together with the MFT. This way the MFT and
CRL end up both in the valid cache even if some files in the MFT are missing.
On severe errors (like X.509 verify errors) the CRL is not moved since it
is not considered valid.
With and OK job@, tb@
usr.sbin/rpki-client/main.c diff | blob | history
usr.sbin/rpki-client/parser.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim