From c6be5ad7f4af8fd4eee3b94ca04dcc9290a39aff Mon Sep 17 00:00:00 2001
From: job <job@openbsd.org>
Date: Sat, 3 Feb 2024 14:30:47 +0000
Subject: [PATCH] Refactor handling of stale manifests

No need to hoist a staleness indicator through the whole process and
count it explicitly.

OK tb@
---
 usr.sbin/rpki-client/extern.h         |  5 +----
 usr.sbin/rpki-client/main.c           | 13 ++++---------
 usr.sbin/rpki-client/mft.c            |  9 ++-------
 usr.sbin/rpki-client/output-json.c    |  6 ++++--
 usr.sbin/rpki-client/output-ometric.c |  6 ++++--
 usr.sbin/rpki-client/output.c         |  5 ++---
 usr.sbin/rpki-client/parser.c         |  6 +++---
 usr.sbin/rpki-client/repo.c           |  4 +---
 8 files changed, 21 insertions(+), 33 deletions(-)

diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h
index 0264ce64656..2f472c9a1ba 100644
--- a/usr.sbin/rpki-client/extern.h
+++ b/usr.sbin/rpki-client/extern.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: extern.h,v 1.202 2024/02/01 15:11:38 tb Exp $ */
+/*	$OpenBSD: extern.h,v 1.203 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -219,7 +219,6 @@ struct mft {
 	size_t		 filesz; /* number of filenames */
 	unsigned int	 repoid;
 	int		 talid;
-	int		 stale; /* if a stale manifest */
 };
 
 /*
@@ -527,7 +526,6 @@ enum stype {
 	STYPE_OK,
 	STYPE_FAIL,
 	STYPE_INVALID,
-	STYPE_STALE,
 	STYPE_BGPSEC,
 	STYPE_TOTAL,
 	STYPE_UNIQUE,
@@ -548,7 +546,6 @@ struct repotalstats {
 	uint32_t	 certs_fail; /* invalid certificate */
 	uint32_t	 mfts; /* total number of manifests */
 	uint32_t	 mfts_fail; /* failing syntactic parse */
-	uint32_t	 mfts_stale; /* stale manifests */
 	uint32_t	 roas; /* route origin authorizations */
 	uint32_t	 roas_fail; /* failing syntactic parse */
 	uint32_t	 roas_invalid; /* invalid resources */
diff --git a/usr.sbin/rpki-client/main.c b/usr.sbin/rpki-client/main.c
index f91a9d69327..94ddc3d1c57 100644
--- a/usr.sbin/rpki-client/main.c
+++ b/usr.sbin/rpki-client/main.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: main.c,v 1.247 2023/10/13 12:06:49 job Exp $ */
+/*	$OpenBSD: main.c,v 1.248 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -621,10 +621,7 @@ entity_process(struct ibuf *b, struct stats *st, struct vrp_tree *tree,
 			break;
 		}
 		mft = mft_read(b);
-		if (!mft->stale)
-			queue_add_from_mft(mft);
-		else
-			repo_stat_inc(rp, talid, type, STYPE_STALE);
+		queue_add_from_mft(mft);
 		mft_free(mft);
 		break;
 	case RTYPE_CRL:
@@ -732,7 +729,6 @@ sum_stats(const struct repo *rp, const struct repotalstats *in, void *arg)
 
 	out->mfts += in->mfts;
 	out->mfts_fail += in->mfts_fail;
-	out->mfts_stale += in->mfts_stale;
 	out->certs += in->certs;
 	out->certs_fail += in->certs_fail;
 	out->roas += in->roas;
@@ -1451,9 +1447,8 @@ main(int argc, char *argv[])
 	    stats.repo_tal_stats.certs, stats.repo_tal_stats.certs_fail);
 	printf("Trust Anchor Locators: %u (%u invalid)\n",
 	    stats.tals, talsz - stats.tals);
-	printf("Manifests: %u (%u failed parse, %u stale)\n",
-	    stats.repo_tal_stats.mfts, stats.repo_tal_stats.mfts_fail,
-	    stats.repo_tal_stats.mfts_stale);
+	printf("Manifests: %u (%u failed parse)\n",
+	    stats.repo_tal_stats.mfts, stats.repo_tal_stats.mfts_fail);
 	printf("Certificate revocation lists: %u\n", stats.repo_tal_stats.crls);
 	printf("Ghostbuster records: %u\n", stats.repo_tal_stats.gbrs);
 	printf("Trust Anchor Keys: %u\n", stats.repo_tal_stats.taks);
diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c
index 57323f0a5c2..86c29ab7bf2 100644
--- a/usr.sbin/rpki-client/mft.c
+++ b/usr.sbin/rpki-client/mft.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: mft.c,v 1.103 2024/02/02 19:26:49 job Exp $ */
+/*	$OpenBSD: mft.c,v 1.104 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -342,10 +342,7 @@ mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
 
 /*
  * Parse the objects that have been published in the manifest.
- * This conforms to RFC 6486.
- * Note that if the MFT is stale, all referenced objects are stripped
- * from the parsed content.
- * The MFT content is otherwise returned.
+ * Return mft if it conforms to RFC 6486, otherwise NULL.
  */
 struct mft *
 mft_parse(X509 **x509, const char *fn, int talid, const unsigned char *der,
@@ -476,7 +473,6 @@ mft_buffer(struct ibuf *b, const struct mft *p)
 {
 	size_t		 i;
 
-	io_simple_buffer(b, &p->stale, sizeof(p->stale));
 	io_simple_buffer(b, &p->repoid, sizeof(p->repoid));
 	io_simple_buffer(b, &p->talid, sizeof(p->talid));
 	io_str_buffer(b, p->path);
@@ -509,7 +505,6 @@ mft_read(struct ibuf *b)
 	if ((p = calloc(1, sizeof(struct mft))) == NULL)
 		err(1, NULL);
 
-	io_read_buf(b, &p->stale, sizeof(p->stale));
 	io_read_buf(b, &p->repoid, sizeof(p->repoid));
 	io_read_buf(b, &p->talid, sizeof(p->talid));
 	io_read_str(b, &p->path);
diff --git a/usr.sbin/rpki-client/output-json.c b/usr.sbin/rpki-client/output-json.c
index ddb8b8cda2c..eb074ef501b 100644
--- a/usr.sbin/rpki-client/output-json.c
+++ b/usr.sbin/rpki-client/output-json.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: output-json.c,v 1.40 2023/06/26 18:39:53 job Exp $ */
+/*	$OpenBSD: output-json.c,v 1.41 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
  *
@@ -64,7 +64,6 @@ outputheader_json(struct stats *st)
 
 	json_do_int("manifests", st->repo_tal_stats.mfts);
 	json_do_int("failedmanifests", st->repo_tal_stats.mfts_fail);
-	json_do_int("stalemanifests", st->repo_tal_stats.mfts_stale);
 	json_do_int("crls", st->repo_tal_stats.crls);
 	json_do_int("gbrs", st->repo_tal_stats.gbrs);
 	json_do_int("repositories", st->repos);
@@ -78,6 +77,9 @@ outputheader_json(struct stats *st)
 	json_do_int("cachedir_del_superfluous_files",
 	    st->repo_stats.del_extra_files);
 
+	/* XXX: remove in rpki-client 9.0 */
+	json_do_int("stalemanifests", 0);
+
 	json_do_end();
 }
 
diff --git a/usr.sbin/rpki-client/output-ometric.c b/usr.sbin/rpki-client/output-ometric.c
index 350cf0294ac..48713be1635 100644
--- a/usr.sbin/rpki-client/output-ometric.c
+++ b/usr.sbin/rpki-client/output-ometric.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: output-ometric.c,v 1.5 2023/06/29 14:33:35 tb Exp $ */
+/*	$OpenBSD: output-ometric.c,v 1.6 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2022 Claudio Jeker <claudio@openbsd.org>
  *
@@ -47,7 +47,9 @@ set_common_stats(const struct repotalstats *in, struct ometric *metric,
 	    OKV("type", "state"), OKV("manifest", "valid"), ol);
 	ometric_set_int_with_labels(metric, in->mfts_fail,
 	    OKV("type", "state"), OKV("manifest", "failed parse"), ol);
-	ometric_set_int_with_labels(metric, in->mfts_stale,
+
+	/* XXX: remove in rpki-client 9.0 */
+	ometric_set_int_with_labels(metric, 0,
 	    OKV("type", "state"), OKV("manifest", "stale"), ol);
 
 	ometric_set_int_with_labels(metric, in->roas,
diff --git a/usr.sbin/rpki-client/output.c b/usr.sbin/rpki-client/output.c
index 659476d350a..e875698ebdf 100644
--- a/usr.sbin/rpki-client/output.c
+++ b/usr.sbin/rpki-client/output.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: output.c,v 1.31 2023/04/26 16:32:41 claudio Exp $ */
+/*	$OpenBSD: output.c,v 1.32 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2019 Theo de Raadt <deraadt@openbsd.org>
  *
@@ -233,13 +233,12 @@ outputheader(FILE *out, struct stats *st)
 
 	if (fprintf(out,
 	    " ]\n"
-	    "# Manifests: %u (%u failed parse, %u stale)\n"
+	    "# Manifests: %u (%u failed parse)\n"
 	    "# Certificate revocation lists: %u\n"
 	    "# Ghostbuster records: %u\n"
 	    "# Repositories: %u\n"
 	    "# VRP Entries: %u (%u unique)\n",
 	    st->repo_tal_stats.mfts, st->repo_tal_stats.mfts_fail,
-	    st->repo_tal_stats.mfts_stale,
 	    st->repo_tal_stats.crls,
 	    st->repo_tal_stats.gbrs,
 	    st->repos,
diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c
index e811161c842..e1ef9b973fd 100644
--- a/usr.sbin/rpki-client/parser.c
+++ b/usr.sbin/rpki-client/parser.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parser.c,v 1.127 2024/02/03 11:27:55 tb Exp $ */
+/*	$OpenBSD: parser.c,v 1.128 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -314,13 +314,13 @@ proc_parser_mft_pre(struct entity *entp, char *file, struct crl **crl,
 	if (now < mft->thisupdate) {
 		warnx("%s: manifest not yet valid %s", file,
 		    time2str(mft->thisupdate));
-		mft->stale = 1;
+		goto err;
 	}
 	/* check that now is not after until */
 	if (now > mft->nextupdate) {
 		warnx("%s: manifest expired on %s", file,
 		    time2str(mft->nextupdate));
-		mft->stale = 1;
+		goto err;
 	}
 
 	/* if there is nothing to compare to, return now */
diff --git a/usr.sbin/rpki-client/repo.c b/usr.sbin/rpki-client/repo.c
index 28aa13ef996..f1bf22ba5c5 100644
--- a/usr.sbin/rpki-client/repo.c
+++ b/usr.sbin/rpki-client/repo.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: repo.c,v 1.51 2023/07/20 05:18:31 claudio Exp $ */
+/*	$OpenBSD: repo.c,v 1.52 2024/02/03 14:30:47 job Exp $ */
 /*
  * Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@@ -1428,8 +1428,6 @@ repo_stat_inc(struct repo *rp, int talid, enum rtype type, enum stype subtype)
 			rp->stats[talid].mfts++;
 		if (subtype == STYPE_FAIL)
 			rp->stats[talid].mfts_fail++;
-		if (subtype == STYPE_STALE)
-			rp->stats[talid].mfts_stale++;
 		break;
 	case RTYPE_ROA:
 		switch (subtype) {
-- 
2.20.1