Add command line flag to print the certificate in PEM format.
OK tb@
-/* $OpenBSD: filemode.c,v 1.10 2022/08/25 17:11:34 job Exp $ */
+/* $OpenBSD: filemode.c,v 1.11 2022/08/25 17:31:26 job Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
#include <openssl/asn1.h>
#include <openssl/err.h>
#include <openssl/evp.h>
+#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include "extern.h"
+extern int printpem;
+extern int verbose;
+
static X509_STORE_CTX *ctx;
static struct auth_tree auths = RB_INITIALIZER(&auths);
static struct crl_tree crlt = RB_INITIALIZER(&crlt);
if (outformats & FORMAT_JSON)
printf("\"\n}\n");
- else
+ else {
printf("\n");
+ if (x509 == NULL)
+ goto out;
+ if (type == RTYPE_TAL || type == RTYPE_CRL)
+ goto out;
+
+ if (verbose) {
+ if (!X509_print_fp(stdout, x509))
+ errx(1, "X509_print_fp");
+ }
+
+ if (printpem) {
+ if (!PEM_write_X509(stdout, x509))
+ errx(1, "PEM_write_X509");
+ }
+ }
+
+ out:
X509_free(x509);
cert_free(cert);
crl_free(crl);
-/* $OpenBSD: main.c,v 1.209 2022/08/04 13:44:07 claudio Exp $ */
+/* $OpenBSD: main.c,v 1.210 2022/08/25 17:31:26 job Exp $ */
/*
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
int verbose;
int noop;
int filemode;
+int printpem;
int rrdpon = 1;
int repo_timeout;
"proc exec unveil", NULL) == -1)
err(1, "pledge");
- while ((c = getopt(argc, argv, "b:Bcd:e:fjnorRs:S:t:T:vV")) != -1)
+ while ((c = getopt(argc, argv, "b:Bcd:e:fjnoprRs:S:t:T:vV")) != -1)
switch (c) {
case 'b':
bind_addr = optarg;
case 'o':
outformats |= FORMAT_OPENBGPD;
break;
+ case 'p':
+ printpem = 1;
+ break;
case 'R':
rrdpon = 0;
break;
" [-e rsync_prog]\n"
" [-S skiplist] [-s timeout] [-T table] [-t tal]"
" [outputdir]\n"
- " rpki-client [-Vv] [-d cachedir] [-t tal] -f file ...\n");
+ " rpki-client [-Vv] [-d cachedir] [-j | -p] [-t tal] -f file"
+ " ...\n");
return 1;
}
-.\" $OpenBSD: rpki-client.8,v 1.68 2022/06/30 10:27:52 job Exp $
+.\" $OpenBSD: rpki-client.8,v 1.69 2022/08/25 17:31:26 job Exp $
.\"
.\" Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
.\"
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: June 30 2022 $
+.Dd $Mdocdate: August 25 2022 $
.Dt RPKI-CLIENT 8
.Os
.Sh NAME
.Nm
.Op Fl Vv
.Op Fl d Ar cachedir
+.Op Fl j | p
.Op Fl t Ar tal
.Fl f
.Ar
and
.Fl j
options are not specified this is the default.
+.It Fl p
+Print the encapsulated X.509 certificate in PEM format.
.It Fl R
Synchronize via RSYNC only.
.It Fl r
projects / openbsd / commitdiff