From 4c866cd6bcbfcdfec4a403a61a9d7b20abeb0afe Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 3 Sep 2022 13:06:15 +0000 Subject: [PATCH] Allow multiple X.509 locations While currently everyone only uses a single location, the spec allows for multiple locations ordered by preference. While rpki-client does not support more than one location this should not be a fatal error. Instead, pick the first location and warn if there are more than one. ok job --- usr.sbin/rpki-client/x509.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/usr.sbin/rpki-client/x509.c b/usr.sbin/rpki-client/x509.c index d3e65d8c1ea..f49d0590974 100644 --- a/usr.sbin/rpki-client/x509.c +++ b/usr.sbin/rpki-client/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.48 2022/08/30 18:56:49 job Exp $ */ +/* $OpenBSD: x509.c,v 1.49 2022/09/03 13:06:15 tb Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2021 Claudio Jeker @@ -549,12 +549,6 @@ x509_location(const char *fn, const char *descr, const char *proto, { ASN1_IA5STRING *uri; - if (*out != NULL) { - warnx("%s: RFC 6487 section 4.8: %s already specified", fn, - descr); - return 0; - } - if (location->type != GEN_URI) { warnx("%s: RFC 6487 section 4.8: %s not URI", fn, descr); return 0; @@ -567,6 +561,12 @@ x509_location(const char *fn, const char *descr, const char *proto, return 0; } + if (*out != NULL) { + warnx("%s: RFC 6487 section 4.8: multiple %s specified, " + "using the first one", fn, descr); + return 1; + } + if ((*out = strndup(uri->data, uri->length)) == NULL) err(1, NULL); -- 2.20.1