From 73c890b11cb5816d6c56714d60c109e3d6ccdd6a Mon Sep 17 00:00:00 2001 From: claudio Date: Tue, 8 Feb 2022 12:35:14 +0000 Subject: [PATCH] Before loading the certificate chain for the file under inspection check if the AKI cert is not already present. This fixes a problem when a top level MFT is displayed. Report and OK job@, OK tb@ --- usr.sbin/rpki-client/parser.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c index 53f936771d4..ed8040716b4 100644 --- a/usr.sbin/rpki-client/parser.c +++ b/usr.sbin/rpki-client/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.61 2022/02/08 11:51:51 tb Exp $ */ +/* $OpenBSD: parser.c,v 1.62 2022/02/08 12:35:14 claudio Exp $ */ /* * Copyright (c) 2019 Claudio Jeker * Copyright (c) 2019 Kristaps Dzonsons @@ -1033,7 +1033,8 @@ proc_parser_file(char *file, unsigned char *buf, size_t len) c = x509_get_crl(x509, file); parse_load_crl(c); free(c); - parse_load_certchain(aia); + if (auth_find(&auths, aki) == NULL) + parse_load_certchain(aia); a = auth_find(&auths, aki); crl = get_crl(a); -- 2.20.1