From 0636c4d090fc00505adf0cf3e2e05700a27de810 Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Mon, 25 Sep 2023 11:08:45 +0000
Subject: [PATCH] Pass the talid to various parse functions

This will be needed by an upcoming feature where we will need to know
what trust anchor a given cert chains to. This doesn't change anything
except the size of the diff.

ok claudio job
---
 usr.sbin/rpki-client/aspa.c     |  5 +++--
 usr.sbin/rpki-client/extern.h   | 16 +++++++--------
 usr.sbin/rpki-client/filemode.c | 16 +++++++--------
 usr.sbin/rpki-client/gbr.c      |  5 +++--
 usr.sbin/rpki-client/geofeed.c  |  4 ++--
 usr.sbin/rpki-client/mft.c      |  5 +++--
 usr.sbin/rpki-client/parser.c   | 36 ++++++++++++++++-----------------
 usr.sbin/rpki-client/roa.c      |  5 +++--
 usr.sbin/rpki-client/rsc.c      |  5 +++--
 usr.sbin/rpki-client/tak.c      |  5 +++--
 10 files changed, 54 insertions(+), 48 deletions(-)

diff --git a/usr.sbin/rpki-client/aspa.c b/usr.sbin/rpki-client/aspa.c
index 8e5ef060faf..fc4a292f858 100644
--- a/usr.sbin/rpki-client/aspa.c
+++ b/usr.sbin/rpki-client/aspa.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: aspa.c,v 1.22 2023/07/10 12:02:37 job Exp $ */
+/*	$OpenBSD: aspa.c,v 1.23 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2022 Job Snijders <job@fastly.com>
  * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
@@ -159,7 +159,8 @@ aspa_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
  * Returns the payload or NULL if the file was malformed.
  */
 struct aspa *
-aspa_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
+aspa_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
+    size_t len)
 {
 	struct parse	 p;
 	size_t		 cmsz;
diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h
index 8420d0f79c1..54975251ab9 100644
--- a/usr.sbin/rpki-client/extern.h
+++ b/usr.sbin/rpki-client/extern.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: extern.h,v 1.190 2023/09/25 08:48:14 job Exp $ */
+/*	$OpenBSD: extern.h,v 1.191 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -624,33 +624,33 @@ void		 cert_insert_brks(struct brk_tree *, struct cert *);
 enum rtype	 rtype_from_file_extension(const char *);
 void		 mft_buffer(struct ibuf *, const struct mft *);
 void		 mft_free(struct mft *);
-struct mft	*mft_parse(X509 **, const char *, const unsigned char *,
+struct mft	*mft_parse(X509 **, const char *, int, const unsigned char *,
 		    size_t);
 struct mft	*mft_read(struct ibuf *);
 int		 mft_compare(const struct mft *, const struct mft *);
 
 void		 roa_buffer(struct ibuf *, const struct roa *);
 void		 roa_free(struct roa *);
-struct roa	*roa_parse(X509 **, const char *, const unsigned char *,
+struct roa	*roa_parse(X509 **, const char *, int, const unsigned char *,
 		    size_t);
 struct roa	*roa_read(struct ibuf *);
 void		 roa_insert_vrps(struct vrp_tree *, struct roa *,
 		    struct repo *);
 
 void		 gbr_free(struct gbr *);
-struct gbr	*gbr_parse(X509 **, const char *, const unsigned char *,
+struct gbr	*gbr_parse(X509 **, const char *, int, const unsigned char *,
 		    size_t);
 
 void		 geofeed_free(struct geofeed *);
-struct geofeed	*geofeed_parse(X509 **, const char *, char *, size_t);
+struct geofeed	*geofeed_parse(X509 **, const char *, int, char *, size_t);
 
 void		 rsc_free(struct rsc *);
-struct rsc	*rsc_parse(X509 **, const char *, const unsigned char *,
+struct rsc	*rsc_parse(X509 **, const char *, int, const unsigned char *,
 		    size_t);
 
 void		 takey_free(struct takey *);
 void		 tak_free(struct tak *);
-struct tak	*tak_parse(X509 **, const char *, const unsigned char *,
+struct tak	*tak_parse(X509 **, const char *, int, const unsigned char *,
 		    size_t);
 struct tak	*tak_read(struct ibuf *);
 
@@ -658,7 +658,7 @@ void		 aspa_buffer(struct ibuf *, const struct aspa *);
 void		 aspa_free(struct aspa *);
 void		 aspa_insert_vaps(struct vap_tree *, struct aspa *,
 		    struct repo *);
-struct aspa	*aspa_parse(X509 **, const char *, const unsigned char *,
+struct aspa	*aspa_parse(X509 **, const char *, int, const unsigned char *,
 		    size_t);
 struct aspa	*aspa_read(struct ibuf *);
 
diff --git a/usr.sbin/rpki-client/filemode.c b/usr.sbin/rpki-client/filemode.c
index 967f6816e69..89844be6dc8 100644
--- a/usr.sbin/rpki-client/filemode.c
+++ b/usr.sbin/rpki-client/filemode.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: filemode.c,v 1.34 2023/06/29 10:28:25 tb Exp $ */
+/*	$OpenBSD: filemode.c,v 1.35 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -346,7 +346,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
 
 	switch (type) {
 	case RTYPE_ASPA:
-		aspa = aspa_parse(&x509, file, buf, len);
+		aspa = aspa_parse(&x509, file, -1, buf, len);
 		if (aspa == NULL)
 			break;
 		aia = aspa->aia;
@@ -378,7 +378,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
 		crl_print(crl);
 		break;
 	case RTYPE_MFT:
-		mft = mft_parse(&x509, file, buf, len);
+		mft = mft_parse(&x509, file, -1, buf, len);
 		if (mft == NULL)
 			break;
 		aia = mft->aia;
@@ -387,7 +387,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
 		notafter = &mft->nextupdate;
 		break;
 	case RTYPE_GBR:
-		gbr = gbr_parse(&x509, file, buf, len);
+		gbr = gbr_parse(&x509, file, -1, buf, len);
 		if (gbr == NULL)
 			break;
 		aia = gbr->aia;
@@ -396,7 +396,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
 		notafter = &gbr->notafter;
 		break;
 	case RTYPE_GEOFEED:
-		geofeed = geofeed_parse(&x509, file, buf, len);
+		geofeed = geofeed_parse(&x509, file, -1, buf, len);
 		if (geofeed == NULL)
 			break;
 		aia = geofeed->aia;
@@ -405,7 +405,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
 		notafter = &geofeed->notafter;
 		break;
 	case RTYPE_ROA:
-		roa = roa_parse(&x509, file, buf, len);
+		roa = roa_parse(&x509, file, -1, buf, len);
 		if (roa == NULL)
 			break;
 		aia = roa->aia;
@@ -414,7 +414,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
 		notafter = &roa->notafter;
 		break;
 	case RTYPE_RSC:
-		rsc = rsc_parse(&x509, file, buf, len);
+		rsc = rsc_parse(&x509, file, -1, buf, len);
 		if (rsc == NULL)
 			break;
 		aia = rsc->aia;
@@ -423,7 +423,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len)
 		notafter = &rsc->notafter;
 		break;
 	case RTYPE_TAK:
-		tak = tak_parse(&x509, file, buf, len);
+		tak = tak_parse(&x509, file, -1, buf, len);
 		if (tak == NULL)
 			break;
 		aia = tak->aia;
diff --git a/usr.sbin/rpki-client/gbr.c b/usr.sbin/rpki-client/gbr.c
index 214bf3231f4..10322b40ebf 100644
--- a/usr.sbin/rpki-client/gbr.c
+++ b/usr.sbin/rpki-client/gbr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: gbr.c,v 1.27 2023/06/20 12:39:50 job Exp $ */
+/*	$OpenBSD: gbr.c,v 1.28 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>
  *
@@ -40,7 +40,8 @@ extern ASN1_OBJECT	*gbr_oid;
  * Returns the payload or NULL if the document was malformed.
  */
 struct gbr *
-gbr_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
+gbr_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
+    size_t len)
 {
 	struct parse	 p;
 	struct cert	*cert = NULL;
diff --git a/usr.sbin/rpki-client/geofeed.c b/usr.sbin/rpki-client/geofeed.c
index 5e874550062..4dbbe7c9dde 100644
--- a/usr.sbin/rpki-client/geofeed.c
+++ b/usr.sbin/rpki-client/geofeed.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: geofeed.c,v 1.13 2023/03/10 12:44:56 job Exp $ */
+/*	$OpenBSD: geofeed.c,v 1.14 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2022 Job Snijders <job@fastly.com>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -100,7 +100,7 @@ geofeed_parse_geoip(struct geofeed *res, char *cidr, char *loc)
  * Returns the Geofeed, or NULL if the object was malformed.
  */
 struct geofeed *
-geofeed_parse(X509 **x509, const char *fn, char *buf, size_t len)
+geofeed_parse(X509 **x509, const char *fn, int talid, char *buf, size_t len)
 {
 	struct parse	 p;
 	char		*delim, *line, *loc, *nl;
diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c
index 682c2ec1556..86f8e4c490a 100644
--- a/usr.sbin/rpki-client/mft.c
+++ b/usr.sbin/rpki-client/mft.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: mft.c,v 1.97 2023/09/03 10:48:50 job Exp $ */
+/*	$OpenBSD: mft.c,v 1.98 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -358,7 +358,8 @@ mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
  * The MFT content is otherwise returned.
  */
 struct mft *
-mft_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
+mft_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
+    size_t len)
 {
 	struct parse	 p;
 	struct cert	*cert = NULL;
diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c
index 22a8a42ca63..0c867da1aa5 100644
--- a/usr.sbin/rpki-client/parser.c
+++ b/usr.sbin/rpki-client/parser.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parser.c,v 1.98 2023/08/30 10:01:52 job Exp $ */
+/*	$OpenBSD: parser.c,v 1.99 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -126,7 +126,7 @@ parse_filepath(unsigned int repoid, const char *path, const char *file,
  */
 static struct roa *
 proc_parser_roa(char *file, const unsigned char *der, size_t len,
-    const char *mftaki)
+    const struct entity *entp)
 {
 	struct roa		*roa;
 	struct auth		*a;
@@ -134,10 +134,10 @@ proc_parser_roa(char *file, const unsigned char *der, size_t len,
 	X509			*x509;
 	const char		*errstr;
 
-	if ((roa = roa_parse(&x509, file, der, len)) == NULL)
+	if ((roa = roa_parse(&x509, file, entp->talid, der, len)) == NULL)
 		return NULL;
 
-	a = valid_ski_aki(file, &auths, roa->ski, roa->aki, mftaki);
+	a = valid_ski_aki(file, &auths, roa->ski, roa->aki, entp->mftaki);
 	crl = crl_get(&crlt, a);
 
 	if (!valid_x509(file, ctx, x509, a, crl, &errstr)) {
@@ -276,7 +276,7 @@ proc_parser_mft_pre(struct entity *entp, enum location loc, char **file,
 	if (der == NULL && errno != ENOENT)
 		warn("parse file %s", *file);
 
-	if ((mft = mft_parse(&x509, *file, der, len)) == NULL) {
+	if ((mft = mft_parse(&x509, *file, entp->talid, der, len)) == NULL) {
 		free(der);
 		return NULL;
 	}
@@ -493,7 +493,7 @@ proc_parser_root_cert(char *file, const unsigned char *der, size_t len,
  */
 static struct gbr *
 proc_parser_gbr(char *file, const unsigned char *der, size_t len,
-    const char *mftaki)
+    const struct entity *entp)
 {
 	struct gbr	*gbr;
 	X509		*x509;
@@ -501,10 +501,10 @@ proc_parser_gbr(char *file, const unsigned char *der, size_t len,
 	struct auth	*a;
 	const char	*errstr;
 
-	if ((gbr = gbr_parse(&x509, file, der, len)) == NULL)
+	if ((gbr = gbr_parse(&x509, file, entp->talid, der, len)) == NULL)
 		return NULL;
 
-	a = valid_ski_aki(file, &auths, gbr->ski, gbr->aki, mftaki);
+	a = valid_ski_aki(file, &auths, gbr->ski, gbr->aki, entp->mftaki);
 	crl = crl_get(&crlt, a);
 
 	/* return value can be ignored since nothing happens here */
@@ -526,7 +526,7 @@ proc_parser_gbr(char *file, const unsigned char *der, size_t len,
  */
 static struct aspa *
 proc_parser_aspa(char *file, const unsigned char *der, size_t len,
-    const char *mftaki)
+    const struct entity *entp)
 {
 	struct aspa	*aspa;
 	struct auth	*a;
@@ -534,10 +534,10 @@ proc_parser_aspa(char *file, const unsigned char *der, size_t len,
 	X509		*x509;
 	const char	*errstr;
 
-	if ((aspa = aspa_parse(&x509, file, der, len)) == NULL)
+	if ((aspa = aspa_parse(&x509, file, entp->talid, der, len)) == NULL)
 		return NULL;
 
-	a = valid_ski_aki(file, &auths, aspa->ski, aspa->aki, mftaki);
+	a = valid_ski_aki(file, &auths, aspa->ski, aspa->aki, entp->mftaki);
 	crl = crl_get(&crlt, a);
 
 	if (!valid_x509(file, ctx, x509, a, crl, &errstr)) {
@@ -560,7 +560,7 @@ proc_parser_aspa(char *file, const unsigned char *der, size_t len,
  */
 static struct tak *
 proc_parser_tak(char *file, const unsigned char *der, size_t len,
-    const char *mftaki)
+    const struct entity *entp)
 {
 	struct tak	*tak;
 	X509		*x509;
@@ -569,10 +569,10 @@ proc_parser_tak(char *file, const unsigned char *der, size_t len,
 	const char	*errstr;
 	int		 rc = 0;
 
-	if ((tak = tak_parse(&x509, file, der, len)) == NULL)
+	if ((tak = tak_parse(&x509, file, entp->talid, der, len)) == NULL)
 		return NULL;
 
-	a = valid_ski_aki(file, &auths, tak->ski, tak->aki, mftaki);
+	a = valid_ski_aki(file, &auths, tak->ski, tak->aki, entp->mftaki);
 	crl = crl_get(&crlt, a);
 
 	if (!valid_x509(file, ctx, x509, a, crl, &errstr)) {
@@ -729,7 +729,7 @@ parse_entity(struct entityq *q, struct msgbuf *msgq)
 		case RTYPE_ROA:
 			file = parse_load_file(entp, &f, &flen);
 			io_str_buffer(b, file);
-			roa = proc_parser_roa(file, f, flen, entp->mftaki);
+			roa = proc_parser_roa(file, f, flen, entp);
 			if (roa != NULL)
 				mtime = roa->signtime;
 			io_simple_buffer(b, &mtime, sizeof(mtime));
@@ -742,7 +742,7 @@ parse_entity(struct entityq *q, struct msgbuf *msgq)
 		case RTYPE_GBR:
 			file = parse_load_file(entp, &f, &flen);
 			io_str_buffer(b, file);
-			gbr = proc_parser_gbr(file, f, flen, entp->mftaki);
+			gbr = proc_parser_gbr(file, f, flen, entp);
 			if (gbr != NULL)
 				mtime = gbr->signtime;
 			io_simple_buffer(b, &mtime, sizeof(mtime));
@@ -751,7 +751,7 @@ parse_entity(struct entityq *q, struct msgbuf *msgq)
 		case RTYPE_ASPA:
 			file = parse_load_file(entp, &f, &flen);
 			io_str_buffer(b, file);
-			aspa = proc_parser_aspa(file, f, flen, entp->mftaki);
+			aspa = proc_parser_aspa(file, f, flen, entp);
 			if (aspa != NULL)
 				mtime = aspa->signtime;
 			io_simple_buffer(b, &mtime, sizeof(mtime));
@@ -764,7 +764,7 @@ parse_entity(struct entityq *q, struct msgbuf *msgq)
 		case RTYPE_TAK:
 			file = parse_load_file(entp, &f, &flen);
 			io_str_buffer(b, file);
-			tak = proc_parser_tak(file, f, flen, entp->mftaki);
+			tak = proc_parser_tak(file, f, flen, entp);
 			if (tak != NULL)
 				mtime = tak->signtime;
 			io_simple_buffer(b, &mtime, sizeof(mtime));
diff --git a/usr.sbin/rpki-client/roa.c b/usr.sbin/rpki-client/roa.c
index e7637a42356..01f25bd8ee1 100644
--- a/usr.sbin/rpki-client/roa.c
+++ b/usr.sbin/rpki-client/roa.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: roa.c,v 1.69 2023/06/29 10:28:25 tb Exp $ */
+/*	$OpenBSD: roa.c,v 1.70 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -208,7 +208,8 @@ roa_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
  * Returns the ROA or NULL if the document was malformed.
  */
 struct roa *
-roa_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
+roa_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
+    size_t len)
 {
 	struct parse	 p;
 	size_t		 cmsz;
diff --git a/usr.sbin/rpki-client/rsc.c b/usr.sbin/rpki-client/rsc.c
index 552eb5ba61b..09ee0ee1ca5 100644
--- a/usr.sbin/rpki-client/rsc.c
+++ b/usr.sbin/rpki-client/rsc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rsc.c,v 1.27 2023/06/29 10:28:25 tb Exp $ */
+/*	$OpenBSD: rsc.c,v 1.28 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2022 Job Snijders <job@fastly.com>
@@ -371,7 +371,8 @@ rsc_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
  * Returns the RSC or NULL if the object was malformed.
  */
 struct rsc *
-rsc_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
+rsc_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
+    size_t len)
 {
 	struct parse		 p;
 	unsigned char		*cms;
diff --git a/usr.sbin/rpki-client/tak.c b/usr.sbin/rpki-client/tak.c
index 45a5e4035fd..6978934f09d 100644
--- a/usr.sbin/rpki-client/tak.c
+++ b/usr.sbin/rpki-client/tak.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tak.c,v 1.11 2023/06/29 10:28:25 tb Exp $ */
+/*	$OpenBSD: tak.c,v 1.12 2023/09/25 11:08:45 tb Exp $ */
 /*
  * Copyright (c) 2022 Job Snijders <job@fastly.com>
  * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
@@ -225,7 +225,8 @@ tak_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
  * Returns the TAK or NULL if the object was malformed.
  */
 struct tak *
-tak_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len)
+tak_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
+    size_t len)
 {
 	struct parse		 p;
 	struct cert		*cert = NULL;
-- 
2.20.1