artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2612f63) | patch
A while ago rpki-client was changed to validate the sha256 hashes of
authorclaudio <claudio@openbsd.org>
Fri, 29 Jan 2021 10:13:16 +0000 (10:13 +0000)
committerclaudio <claudio@openbsd.org>
Fri, 29 Jan 2021 10:13:16 +0000 (10:13 +0000)
commitfc5c0efe7652b178b6c85fda052d8ce5336f2ce7
tree3727dc1bd4677126be1b83fb8d097696a24ca761tree | snapshot
parent2612f635c85d1afb61e1834f44ed9be550da7feccommit | diff
A while ago rpki-client was changed to validate the sha256 hashes of
files referenced in MFT files during the validation of the MFT file.
An MFT is only valid if all files are present and their hashes are valid.
Because of this there is no longer the need to check the hash when
these files are parsed later on. Remove these checks for CRT, ROA and CRL
files. Use the presence of the pkey when parsing cert files to decide
if it is a root cert or not.
OK tb@
usr.sbin/rpki-client/cert.c diff | blob | history
usr.sbin/rpki-client/cms.c diff | blob | history
usr.sbin/rpki-client/crl.c diff | blob | history
usr.sbin/rpki-client/extern.h diff | blob | history
usr.sbin/rpki-client/gbr.c diff | blob | history
usr.sbin/rpki-client/main.c diff | blob | history
usr.sbin/rpki-client/mft.c diff | blob | history
usr.sbin/rpki-client/roa.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim