Log a warning when a manifest replay is detected

OK tb@ claudio@

diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c
index 0e4af6e..8fd3755 100644 (file)
--- a/usr.sbin/rpki-client/mft.c
+++ b/usr.sbin/rpki-client/mft.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: mft.c,v 1.99 2023/10/13 12:06:49 job Exp $ */
+/*     $OpenBSD: mft.c,v 1.100 2023/12/11 15:50:23 job Exp $ */
 /*
  * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -545,8 +545,9 @@ mft_read(struct ibuf *b)
 }
 
 /*
- * Compare two MFT files, returns 1 if first MFT is preferred and 0 if second
- * MFT should be used.
+ * Compare the manifestNumber of two MFT files.
+ * Returns 1 if first MFT should be used, 0 if both are equal, and -1 if the
+ * second MFT should be used.
  */
 int
 mft_compare(const struct mft *a, const struct mft *b)
@@ -556,16 +557,19 @@ mft_compare(const struct mft *a, const struct mft *b)
        if (b == NULL)
                return 1;
        if (a == NULL)
-               return 0;
+               return -1;
 
        r = strlen(a->seqnum) - strlen(b->seqnum);
        if (r > 0)      /* seqnum in a is longer -> higher */
                return 1;
        if (r < 0)      /* seqnum in a is shorter -> smaller */
-               return 0;
+               return -1;
 
        r = strcmp(a->seqnum, b->seqnum);
        if (r > 0)      /* a is greater, prefer a */
                return 1;
+       if (r < 0)      /* b is greater, prefer b */
+               return -1;
+
        return 0;
 }

diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c
index 61a66db..0425984 100644 (file)
--- a/usr.sbin/rpki-client/parser.c
+++ b/usr.sbin/rpki-client/parser.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: parser.c,v 1.101 2023/12/09 00:44:18 job Exp $ */
+/*     $OpenBSD: parser.c,v 1.102 2023/12/11 15:50:23 job Exp $ */
 /*
  * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -361,7 +361,7 @@ proc_parser_mft(struct entity *entp, struct mft **mp, char **crlfile,
        struct crl      *crl, *crl1, *crl2;
        char            *file, *file1, *file2, *crl1file, *crl2file;
        const char      *err1, *err2;
-       int              warned = 0;
+       int              r, warned = 0;
 
        *mp = NULL;
        *crlmtime = 0;
@@ -376,7 +376,12 @@ proc_parser_mft(struct entity *entp, struct mft **mp, char **crlfile,
                if (err2 != NULL)
                        err1 = err2;
 
-       if (mft_compare(mft1, mft2) == 1) {
+       r = mft_compare(mft1, mft2);
+       if (r == -1 && mft1 != NULL && mft2 != NULL)
+               warnx("%s: manifest replay detected (expected >= #%s, got #%s)",
+                   file1, mft2->seqnum, mft1->seqnum);
+
+       if (r == 1) {
                *mp = proc_parser_mft_post(file1, mft1, entp->path, err1,
                    &warned);
                if (*mp == NULL) {