Index | Thread | Search

From:
Job Snijders <job@openbsd.org>
Subject:
rpki-client: deprecate -T and hardcode BIRD table names?
To:
tech@openbsd.org
Date:
Thu, 2 Jan 2025 13:04:53 +0000

Download raw body.

Thread 
Ola,

I think the -T option isn't all that useful, especially considering the
advent of ASPA (for which specification of the table name currently is
not possible), so for consistency sake we either need to add another
command line option for the ASPA table name, or just deprecate -T.

OK?

Kind regards,

Job

Index: main.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v
diff -u -p -r1.276 main.c
--- main.c	2 Dec 2024 14:55:02 -0000	1.276
+++ main.c	2 Jan 2025 13:03:48 -0000
@@ -63,8 +63,6 @@ static struct filepath_tree	fpt = RB_INI
 static struct msgbuf		*procq, *rsyncq, *httpq, *rrdpq;
 static int			cachefd, outdirfd;
 
-const char	*bird_tablename = "ROAS";
-
 int	verbose;
 int	noop;
 int	excludeas0 = 1;
@@ -1086,7 +1084,8 @@ main(int argc, char *argv[])
 			tals[talsz++] = optarg;
 			break;
 		case 'T':
-			bird_tablename = optarg;
+			/* remove after OpenBSD 7.8 */
+			errx(1, "-T is deprecated, see manual for table names");
 			break;
 		case 'v':
 			verbose++;
@@ -1560,8 +1559,8 @@ usage:
 	    "usage: rpki-client [-0ABcjmnoRVvx] [-b sourceaddr] [-d cachedir]"
 	    " [-e rsync_prog]\n"
 	    "                   [-H fqdn] [-P epoch] [-S skiplist] [-s timeout]"
-	    " [-T table]\n"
-	    "                   [-t tal] [outputdir]\n"
+	    " [-t tal]\n"
+	    "                   [outputdir]\n"
 	    "       rpki-client [-Vv] [-d cachedir] [-j] [-t tal] -f file ..."
 	    "\n");
 	return 1;
Index: output-bird.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/output-bird.c,v
diff -u -p -r1.20 output-bird.c
--- output-bird.c	2 Jan 2025 12:29:30 -0000	1.20
+++ output-bird.c	2 Jan 2025 13:03:48 -0000
@@ -24,7 +24,6 @@ int
 output_bird2(FILE *out, struct vrp_tree *vrps, struct brk_tree *brks,
     struct vap_tree *vaps, struct vsp_tree *vsps, struct stats *st)
 {
-	extern		const char *bird_tablename;
 	struct vrp	*v;
 	time_t		 now = get_current_time();
 
@@ -32,10 +31,9 @@ output_bird2(FILE *out, struct vrp_tree 
 		return -1;
 
 	if (fprintf(out, "\ndefine force_roa_table_update = %lld;\n\n"
-	    "roa4 table %s4;\nroa6 table %s6;\n\n"
-	    "protocol static {\n\troa4 { table %s4; };\n\n",
-	    (long long)now, bird_tablename, bird_tablename,
-	    bird_tablename) < 0)
+	    "roa4 table ROAS4;\nroa6 table ROAS6;\n\n"
+	    "protocol static {\n\troa4 { table ROAS4; };\n\n",
+	    (long long)now) < 0)
 		return -1;
 
 	RB_FOREACH(v, vrp_tree, vrps) {
@@ -49,8 +47,8 @@ output_bird2(FILE *out, struct vrp_tree 
 		}
 	}
 
-	if (fprintf(out, "}\n\nprotocol static {\n\troa6 { table %s6; };\n\n",
-	    bird_tablename) < 0)
+	if (fprintf(out, "}\n\nprotocol static {\n\troa6 { table ROAS6; };"
+	    "\n\n") < 0)
 		return -1;
 
 	RB_FOREACH(v, vrp_tree, vrps) {
@@ -73,7 +71,6 @@ int
 output_bird3(FILE *out, struct vrp_tree *vrps, struct brk_tree *brks,
     struct vap_tree *vaps, struct vsp_tree *vsps, struct stats *st)
 {
-	extern		const char *bird_tablename;
 	struct vrp	*v;
 	struct vap	*vap;
 	time_t		 now = get_current_time();
@@ -83,8 +80,7 @@ output_bird3(FILE *out, struct vrp_tree 
 		return -1;
 
 	if (fprintf(out, "\ndefine force_roa_table_update = %lld;\n\n"
-	    "roa4 table %s4;\nroa6 table %s6;\n", (long long)now,
-	    bird_tablename, bird_tablename) < 0)
+	    "roa4 table ROAS4;\nroa6 table ROAS6;\n", (long long)now) < 0)
 		return -1;
 
 	if (!excludeaspa) {
@@ -92,8 +88,8 @@ output_bird3(FILE *out, struct vrp_tree 
 			return -1;
 	}
 
-	if (fprintf(out, "\nprotocol static {\n\troa4 { table %s4; };\n\n",
-	    bird_tablename) < 0)
+	if (fprintf(out, "\nprotocol static {\n\troa4 { table ROAS4; };"
+	    "\n\n") < 0)
 		return -1;
 
 	RB_FOREACH(v, vrp_tree, vrps) {
@@ -107,8 +103,8 @@ output_bird3(FILE *out, struct vrp_tree 
 		}
 	}
 
-	if (fprintf(out, "}\n\nprotocol static {\n\troa6 { table %s6; };\n\n",
-	    bird_tablename) < 0)
+	if (fprintf(out, "}\n\nprotocol static {\n\troa6 { table ROAS6; };"
+	    "\n\n") < 0)
 		return -1;
 
 	RB_FOREACH(v, vrp_tree, vrps) {
Index: rpki-client.8
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/rpki-client.8,v
diff -u -p -r1.116 rpki-client.8
--- rpki-client.8	2 Jan 2025 12:29:30 -0000	1.116
+++ rpki-client.8	2 Jan 2025 13:03:48 -0000
@@ -29,7 +29,6 @@
 .Op Fl H Ar fqdn
 .Op Fl S Ar skiplist
 .Op Fl s Ar timeout
-.Op Fl T Ar table
 .Op Fl t Ar tal
 .Op Ar outputdir
 .Nm
@@ -73,11 +72,16 @@ OpenBGPD).
 .It Fl B
 Create output in the files
 .Pa bird
-(for bird2)
+(for bird v2, includes only ROA payloads)
 and
 .Pa bird3
-(for bird3)
+(for bird v3, includes both ROA and ASPA payloads)
 in the output directory which is suitable for the BIRD internet routing daemon.
+The table names for validated payloads are
+.Em ROAS4 ,
+.Em ROAS6 ,
+and
+.Em ASPAS .
 .It Fl b Ar sourceaddr
 Tell the HTTP and rsync clients to use
 .Ar sourceaddr
@@ -204,12 +208,6 @@ Individual RSYNC/RRDP repositories are t
 .Em timeout .
 All network synchronisation tasks are aborted after seven eights of
 .Em timeout .
-.It Fl T Ar table
-For BIRD output generated with the
-.Fl B
-option use
-.Ar table
-as roa table name instead of the default 'ROAS'.
 .It Fl t Ar tal
 Specify a
 .Em Trust Anchor Location Pq TAL