The RRDP specification is very vage what to do if a notification file

has a serial lower than what the client synced to last time. This could
happen if the CDN has a bad server that distributes old data.
Instead of falling back to a snapshot just ignore this case and consider
the repo synced. Hopefully the next run will bring everything back to normal.
OK job@ benno@

diff --git a/usr.sbin/rpki-client/rrdp_notification.c b/usr.sbin/rpki-client/rrdp_notification.c
index 9ff8c9a..d110896 100644 (file)
--- a/usr.sbin/rpki-client/rrdp_notification.c
+++ b/usr.sbin/rpki-client/rrdp_notification.c
@@ -365,8 +365,9 @@ notification_done(struct notification_xml *nxml, char *last_mod)
        if (nxml->repository->serial == 0)
                goto snapshot;
 
-       if (nxml->repository->serial == nxml->serial) {
-               nxml->current->serial = nxml->serial;
+       /* if our serial is equal or bigger, the repo is up to date */
+       if (nxml->repository->serial >= nxml->serial) {
+               nxml->current->serial = nxml->repository->serial;
                return NOTIFICATION;
        }