Put back NULL checks in crl_get() and build_chain()

Turns out filemode still relies on these. Rather than adding to the
spaghetti in filemode.c, begrudgingly put back the NULL checks with
an additional XXX.

ok claudio job

diff --git a/usr.sbin/rpki-client/crl.c b/usr.sbin/rpki-client/crl.c
index 0cf97ca..fddd27a 100644 (file)
--- a/usr.sbin/rpki-client/crl.c
+++ b/usr.sbin/rpki-client/crl.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: crl.c,v 1.41 2024/06/12 10:03:09 tb Exp $ */
+/*     $OpenBSD: crl.c,v 1.42 2024/06/17 18:52:50 tb Exp $ */
 /*
  * Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -296,6 +296,10 @@ crl_get(struct crl_tree *crlt, const struct auth *a)
 {
        struct crl      find;
 
+       /* XXX - this should be removed, but filemode relies on it. */
+       if (a == NULL)
+               return NULL;
+
        find.aki = a->cert->ski;
        find.mftpath = a->cert->mft;
 

diff --git a/usr.sbin/rpki-client/validate.c b/usr.sbin/rpki-client/validate.c
index f4c6e7c..bcbf9cb 100644 (file)
--- a/usr.sbin/rpki-client/validate.c
+++ b/usr.sbin/rpki-client/validate.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: validate.c,v 1.75 2024/06/12 10:03:09 tb Exp $ */
+/*     $OpenBSD: validate.c,v 1.76 2024/06/17 18:52:50 tb Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -304,6 +304,10 @@ build_chain(const struct auth *a, STACK_OF(X509) **intermediates,
        *intermediates = NULL;
        *root = NULL;
 
+       /* XXX - this should be removed, but filemode relies on it. */
+       if (a == NULL)
+               return;
+
        if ((*intermediates = sk_X509_new_null()) == NULL)
                err(1, "sk_X509_new_null");
        if ((*root = sk_X509_new_null()) == NULL)