Index | Thread | Search

From:
Theo Buehler <tb@theobuehler.org>
Subject:
Re: rpki-client: set expiry time for gbr and tak
To:
tech@openbsd.org
Date:
Tue, 19 Aug 2025 09:43:53 +0200

Download raw body.

Thread 
On Mon, Aug 11, 2025 at 05:18:52PM +0200, Theo Buehler wrote:
> Small fix for two very rare objects: we forgot to set the expiry
> time of GBRs and TAKs.

I'd like to get this in even if it doesn't really matter. It makes
upcoming diffs more uniform.

Index: parser.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/parser.c,v
diff -u -p -r1.168 parser.c
--- parser.c	6 Aug 2025 05:23:06 -0000	1.168
+++ parser.c	11 Aug 2025 14:56:33 -0000
@@ -760,7 +760,7 @@ proc_parser_gbr(char *file, const unsign
 
 	gbr->talid = a->cert->talid;
 
-	/* XXX - gbr->expires? */
+	gbr->expires = x509_find_expires(cert->notafter, a, &crls);
 	cert_free(cert);
 
 	return gbr;
@@ -844,7 +844,7 @@ proc_parser_tak(char *file, const unsign
 
 	tak->talid = a->cert->talid;
 
-	/* XXX - tak->expires? */
+	tak->expires = x509_find_expires(cert->notafter, a, &crls);
 	cert_free(cert);
 
 	return tak;