-/* $OpenBSD: main.c,v 1.252 2024/02/26 15:40:33 job Exp $ */
+/* $OpenBSD: main.c,v 1.253 2024/03/01 08:10:09 tb Exp $ */
/*
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
int shortlistmode;
int rrdpon = 1;
int repo_timeout;
+int experimental;
time_t deadline;
/* 9999-12-31 23:59:59 UTC */
case RTYPE_SPL:
io_read_buf(b, &c, sizeof(c));
if (c == 0) {
- repo_stat_inc(rp, talid, type, STYPE_FAIL);
+ if (experimental)
+ repo_stat_inc(rp, talid, type, STYPE_FAIL);
break;
}
spl = spl_read(b);
"proc exec unveil", NULL) == -1)
err(1, "pledge");
- while ((c = getopt(argc, argv, "Ab:Bcd:e:fH:jmnoP:rRs:S:t:T:vV")) != -1)
+ while ((c = getopt(argc, argv, "Ab:Bcd:e:fH:jmnoP:rRs:S:t:T:vVx")) != -1)
switch (c) {
case 'A':
excludeaspa = 1;
case 'V':
fprintf(stderr, "rpki-client %s\n", RPKI_VERSION);
return 0;
+ case 'x':
+ experimental = 1;
+ break;
default:
goto usage;
}
usage:
fprintf(stderr,
- "usage: rpki-client [-ABcjmnoRrVv] [-b sourceaddr] [-d cachedir]"
+ "usage: rpki-client [-ABcjmnoRrVvx] [-b sourceaddr] [-d cachedir]"
" [-e rsync_prog]\n"
" [-H fqdn] [-P epoch] [-S skiplist] [-s timeout]"
" [-T table]\n"
-/* $OpenBSD: output-json.c,v 1.45 2024/03/01 07:59:20 tb Exp $ */
+/* $OpenBSD: output-json.c,v 1.46 2024/03/01 08:10:09 tb Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
*
#include "extern.h"
#include "json.h"
+extern int experimental;
+
static void
outputheader_json(struct stats *st)
{
if (!excludeaspa)
output_aspa(vaps);
- output_spl(vsps);
+ if (experimental)
+ output_spl(vsps);
return json_do_finish();
}
-/* $OpenBSD: parser.c,v 1.129 2024/02/22 12:49:42 job Exp $ */
+/* $OpenBSD: parser.c,v 1.130 2024/03/01 08:10:09 tb Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
#include "extern.h"
extern int noop;
+extern int experimental;
+extern int verbose;
static X509_STORE_CTX *ctx;
static struct auth_tree auths = RB_INITIALIZER(&auths);
case RTYPE_SPL:
file = parse_load_file(entp, &f, &flen);
io_str_buffer(b, file);
- spl = proc_parser_spl(file, f, flen, entp);
- if (spl != NULL)
- mtime = spl->signtime;
+ if (experimental) {
+ spl = proc_parser_spl(file, f, flen, entp);
+ if (spl != NULL)
+ mtime = spl->signtime;
+ } else {
+ if (verbose > 0)
+ warnx("%s: skipped", file);
+ spl = NULL;
+ }
io_simple_buffer(b, &mtime, sizeof(mtime));
c = (spl != NULL);
io_simple_buffer(b, &c, sizeof(int));
-.\" $OpenBSD: rpki-client.8,v 1.102 2024/02/22 17:54:08 tb Exp $
+.\" $OpenBSD: rpki-client.8,v 1.103 2024/03/01 08:10:09 tb Exp $
.\"
.\" Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
.\"
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: February 22 2024 $
+.Dd $Mdocdate: March 1 2024 $
.Dt RPKI-CLIENT 8
.Os
.Sh NAME
.Nd RPKI validator to support BGP routing security
.Sh SYNOPSIS
.Nm
-.Op Fl ABcjmnoRrVv
+.Op Fl ABcjmnoRrVvx
.Op Fl b Ar sourceaddr
.Op Fl d Ar cachedir
.Op Fl e Ar rsync_prog
.Fl f
is given, specify once to print more information about the encapsulated X.509
certificate, twice to print the certificate in PEM format.
+.It Fl x
+Enable processing of experimental file formats.
+This option is implied by
+.Fl f .
.It Ar outputdir
The directory where
.Nm
projects / openbsd / commitdiff