valid_econtent_version() to allow for non-zero versions.
OK tb@
-/* $OpenBSD: aspa.c,v 1.17 2023/04/26 16:32:41 claudio Exp $ */
+/* $OpenBSD: aspa.c,v 1.18 2023/06/07 10:46:34 job Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
goto out;
}
- if (!valid_econtent_version(p->fn, aspa->version))
+ if (!valid_econtent_version(p->fn, aspa->version, 0))
goto out;
if (!as_id_parse(aspa->customerASID, &p->res->custasid)) {
-/* $OpenBSD: extern.h,v 1.183 2023/05/30 16:02:28 job Exp $ */
+/* $OpenBSD: extern.h,v 1.184 2023/06/07 10:46:34 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
int valid_x509(char *, X509_STORE_CTX *, X509 *, struct auth *,
struct crl *, const char **);
int valid_rsc(const char *, struct cert *, struct rsc *);
-int valid_econtent_version(const char *, const ASN1_INTEGER *);
+int valid_econtent_version(const char *, const ASN1_INTEGER *,
+ uint64_t);
int valid_aspa(const char *, struct cert *, struct aspa *);
int valid_geofeed(const char *, struct cert *, struct geofeed *);
int valid_uuid(const char *);
-/* $OpenBSD: mft.c,v 1.93 2023/05/22 15:15:25 tb Exp $ */
+/* $OpenBSD: mft.c,v 1.94 2023/06/07 10:46:34 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
goto out;
}
- if (!valid_econtent_version(p->fn, mft->version))
+ if (!valid_econtent_version(p->fn, mft->version, 0))
goto out;
p->res->seqnum = x509_convert_seqnum(p->fn, mft->manifestNumber);
-/* $OpenBSD: roa.c,v 1.67 2023/05/23 06:42:08 tb Exp $ */
+/* $OpenBSD: roa.c,v 1.68 2023/06/07 10:46:34 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
goto out;
}
- if (!valid_econtent_version(p->fn, roa->version))
+ if (!valid_econtent_version(p->fn, roa->version, 0))
goto out;
if (!as_id_parse(roa->asid, &p->res->asid)) {
-/* $OpenBSD: rsc.c,v 1.25 2023/03/12 13:31:39 tb Exp $ */
+/* $OpenBSD: rsc.c,v 1.26 2023/06/07 10:46:34 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2022 Job Snijders <job@fastly.com>
goto out;
}
- if (!valid_econtent_version(p->fn, rsc->version))
+ if (!valid_econtent_version(p->fn, rsc->version, 0))
goto out;
resources = rsc->resources;
-/* $OpenBSD: tak.c,v 1.8 2023/03/12 11:46:35 tb Exp $ */
+/* $OpenBSD: tak.c,v 1.9 2023/06/07 10:46:34 job Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
goto out;
}
- if (!valid_econtent_version(fn, tak->version))
+ if (!valid_econtent_version(fn, tak->version, 0))
goto out;
p->res->current = parse_takey(fn, tak->current);
-/* $OpenBSD: validate.c,v 1.63 2023/05/30 12:14:48 claudio Exp $ */
+/* $OpenBSD: validate.c,v 1.64 2023/06/07 10:46:34 job Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
}
int
-valid_econtent_version(const char *fn, const ASN1_INTEGER *aint)
+valid_econtent_version(const char *fn, const ASN1_INTEGER *aint,
+ uint64_t expected)
{
uint64_t version;
- if (aint == NULL)
+ if (expected == 0 && aint == NULL)
return 1;
if (!ASN1_INTEGER_get_uint64(&version, aint)) {
return 0;
}
- switch (version) {
- case 0:
+ if (version == 0) {
warnx("%s: incorrect encoding for version 0", fn);
return 0;
- default:
- warnx("%s: version %llu not supported (yet)", fn,
- (unsigned long long)version);
+ }
+
+ if (version != expected) {
+ warnx("%s: unexpected version (expected %llu, got %llu)", fn,
+ (unsigned long long)expected, (unsigned long long)version);
return 0;
}
+
+ return 1;
}
/*
projects / openbsd / commitdiff