From: Job Snijders Subject: rpki-client: remove Ghostbusters Record (RFC 6493) support To: tech@openbsd.org Date: Thu, 13 Nov 2025 13:14:45 +0000 Dear all, This patchset removes support for validating and decoding Ghostbusters Records (GBRs) in rpki-client. GBRs are specified in RFC 6493. Support for GBRs in rpki-client was introduced roughly 5 years ago. Since then, nobody published any GBRs except for myself and the author of the GBR specification (with the latter entity's own vCard publications never confirming to profile specified in RFC 6493). GBRs were intended to enable RPKI CAs to convey contact information through the RPKI itself. At first glance that might seem useful, but operators already have a myriad of methods to exchange contact details: RDAP, Whois, IRR, PeeringDB, IXP member portals, etc, etc. I suspect that the name choosen for this technology didn't do its deployment any favors: had it had been named "vCards in the RPKI", everyone would've immediately understood what it is and what it is for, but this silly cute name just isn't descriptive at all. RFC 6493 probably should be assigned Historic status. OK? Kind regards, Job Index: usr.sbin/rpki-client/Makefile =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/Makefile,v diff -u -p -r1.37 Makefile --- usr.sbin/rpki-client/Makefile 23 Aug 2025 09:13:14 -0000 1.37 +++ usr.sbin/rpki-client/Makefile 13 Nov 2025 13:10:59 -0000 @@ -11,7 +11,6 @@ SRCS+= constraints.c SRCS+= crl.c SRCS+= encoding.c SRCS+= filemode.c -SRCS+= gbr.c SRCS+= geofeed.c SRCS+= http.c SRCS+= io.c Index: usr.sbin/rpki-client/extern.h =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/extern.h,v diff -u -p -r1.266 extern.h --- usr.sbin/rpki-client/extern.h 30 Oct 2025 23:18:06 -0000 1.266 +++ usr.sbin/rpki-client/extern.h 13 Nov 2025 13:10:59 -0000 @@ -195,7 +195,6 @@ enum rtype { RTYPE_ROA, RTYPE_CER, RTYPE_CRL, - RTYPE_GBR, RTYPE_REPO, RTYPE_FILE, RTYPE_RSC, @@ -363,16 +362,6 @@ struct geofeed { }; /* - * A single Ghostbuster record - */ -struct gbr { - char *vcard; - time_t signtime; /* CMS signing-time attribute */ - time_t expires; /* when the signature path expires */ - int talid; /* TAL the GBR is chained up to */ -}; - -/* * A single ASPA record */ struct aspa { @@ -658,7 +647,6 @@ struct repotalstats { uint32_t aspas_invalid; /* ASPAs with invalid customerASID */ uint32_t brks; /* number of BGPsec Router Key (BRK) certs */ uint32_t crls; /* revocation lists */ - uint32_t gbrs; /* ghostbuster records */ uint32_t taks; /* signed TAL objects */ uint32_t vaps; /* total number of Validated ASPA Payloads */ uint32_t vaps_uniqs; /* total number of unique VAPs */ @@ -713,7 +701,6 @@ extern ASN1_OBJECT *signedobj_oid; extern ASN1_OBJECT *notify_oid; extern ASN1_OBJECT *roa_oid; extern ASN1_OBJECT *mft_oid; -extern ASN1_OBJECT *gbr_oid; extern ASN1_OBJECT *bgpsec_oid; extern ASN1_OBJECT *cnt_type_oid; extern ASN1_OBJECT *msg_dgst_oid; @@ -784,10 +771,6 @@ struct spl *spl_read(struct ibuf *); void spl_insert_vsps(struct vsp_tree *, struct spl *, struct repo *); -void gbr_free(struct gbr *); -struct gbr *gbr_parse(struct cert **, const char *, int, - const unsigned char *, size_t); - void geofeed_free(struct geofeed *); struct geofeed *geofeed_parse(struct cert **, const char *, int, char *, size_t); @@ -1011,7 +994,6 @@ void cert_print(const struct cert *); void crl_print(const struct crl *); void mft_print(const struct cert *, const struct mft *); void roa_print(const struct cert *, const struct roa *); -void gbr_print(const struct cert *, const struct gbr *); void rsc_print(const struct cert *, const struct rsc *); void aspa_print(const struct cert *, const struct aspa *); void tak_print(const struct cert *, const struct tak *); Index: usr.sbin/rpki-client/filemode.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/filemode.c,v diff -u -p -r1.71 filemode.c --- usr.sbin/rpki-client/filemode.c 23 Oct 2025 05:16:55 -0000 1.71 +++ usr.sbin/rpki-client/filemode.c 13 Nov 2025 13:10:59 -0000 @@ -369,8 +369,6 @@ rtype_from_der(const char *fn, const uns rtype = RTYPE_ASPA; else if (OBJ_cmp(obj, mft_oid) == 0) rtype = RTYPE_MFT; - else if (OBJ_cmp(obj, gbr_oid) == 0) - rtype = RTYPE_GBR; else if (OBJ_cmp(obj, roa_oid) == 0) rtype = RTYPE_ROA; else if (OBJ_cmp(obj, rsc_oid) == 0) @@ -422,7 +420,6 @@ proc_parser_file(char *file, unsigned ch struct cert *cert = NULL; struct ccr *ccr = NULL; struct crl *crl = NULL; - struct gbr *gbr = NULL; struct geofeed *geofeed = NULL; struct mft *mft = NULL; struct roa *roa = NULL; @@ -521,15 +518,6 @@ proc_parser_file(char *file, unsigned ch notbefore = &mft->thisupdate; notafter = &mft->nextupdate; break; - case RTYPE_GBR: - gbr = gbr_parse(&cert, file, -1, buf, len); - if (gbr == NULL) - break; - aia = cert->aia; - expires = &gbr->expires; - notbefore = &cert->notbefore; - notafter = &cert->notafter; - break; case RTYPE_GEOFEED: geofeed = geofeed_parse(&cert, file, -1, buf, len); if (geofeed == NULL) @@ -649,9 +637,6 @@ proc_parser_file(char *file, unsigned ch case RTYPE_CER: cert_print(cert); break; - case RTYPE_GBR: - gbr_print(cert, gbr); - break; case RTYPE_GEOFEED: geofeed_print(cert, geofeed); break; @@ -733,7 +718,6 @@ proc_parser_file(char *file, unsigned ch cert_free(cert); ccr_free(ccr); crl_free(crl); - gbr_free(gbr); geofeed_free(geofeed); mft_free(mft); roa_free(roa); Index: usr.sbin/rpki-client/gbr.c =================================================================== RCS file: usr.sbin/rpki-client/gbr.c diff -N usr.sbin/rpki-client/gbr.c --- usr.sbin/rpki-client/gbr.c 1 Aug 2025 14:57:15 -0000 1.35 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,98 +0,0 @@ -/* $OpenBSD: gbr.c,v 1.35 2025/08/01 14:57:15 tb Exp $ */ -/* - * Copyright (c) 2020 Claudio Jeker - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include -#include -#include - -#include - -#include "extern.h" - -#define VCARD_START "BEGIN:VCARD\r\nVERSION:4.0\r\n" -#define VCARD_START_LEN (sizeof(VCARD_START) - 1) - -/* - * Parse a full RFC 6493 file and signed by the certificate "cacert" - * (the latter is optional and may be passed as NULL to disable). - * Returns the payload or NULL if the document was malformed. - */ -struct gbr * -gbr_parse(struct cert **out_cert, const char *fn, int talid, - const unsigned char *der, size_t len) -{ - struct gbr *gbr; - struct cert *cert = NULL; - size_t cmsz; - unsigned char *cms; - time_t signtime = 0; - - assert(*out_cert == NULL); - - cms = cms_parse_validate(&cert, fn, talid, der, len, gbr_oid, &cmsz, - &signtime); - if (cms == NULL) - return NULL; - - if ((gbr = calloc(1, sizeof(*gbr))) == NULL) - err(1, NULL); - gbr->signtime = signtime; - - if (cmsz < VCARD_START_LEN || - strncmp(cms, VCARD_START, VCARD_START_LEN) != 0) { - warnx("%s: Ghostbusters record with invalid vCard", fn); - goto out; - } - if ((gbr->vcard = calloc(cmsz + 1, 4)) == NULL) - err(1, NULL); - (void)strvisx(gbr->vcard, cms, cmsz, VIS_SAFE); - - free(cms); - cms = NULL; - - if (!x509_inherits(cert->x509)) { - warnx("%s: RFC 3779 extension not set to inherit", fn); - goto out; - } - - *out_cert = cert; - - return gbr; - - out: - free(cms); - gbr_free(gbr); - cert_free(cert); - return NULL; -} - -/* - * Free a GBR pointer. - * Safe to call with NULL. - */ -void -gbr_free(struct gbr *p) -{ - if (p == NULL) - return; - - free(p->vcard); - free(p); -} Index: usr.sbin/rpki-client/main.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v diff -u -p -r1.301 main.c --- usr.sbin/rpki-client/main.c 30 Oct 2025 23:18:06 -0000 1.301 +++ usr.sbin/rpki-client/main.c 13 Nov 2025 13:10:59 -0000 @@ -694,8 +694,6 @@ entity_process(struct ibuf *b, struct va repo_stat_inc(rp, talid, type, STYPE_INVALID); roa_free(roa); break; - case RTYPE_GBR: - break; case RTYPE_ASPA: io_read_buf(b, &ok, sizeof(ok)); if (ok == 0) { @@ -816,7 +814,6 @@ sum_stats(const struct repo *rp, const s out->aspas_invalid += in->aspas_invalid; out->brks += in->brks; out->crls += in->crls; - out->gbrs += in->gbrs; out->taks += in->taks; out->vrps += in->vrps; out->vrps_uniqs += in->vrps_uniqs; @@ -1603,7 +1600,6 @@ main(int argc, char *argv[]) stats.repo_tal_stats.mfts, stats.repo_tal_stats.mfts_fail, stats.repo_tal_stats.mfts_gap); printf("Certificate revocation lists: %u\n", stats.repo_tal_stats.crls); - printf("Ghostbuster records: %u\n", stats.repo_tal_stats.gbrs); printf("Trust Anchor Keys: %u\n", stats.repo_tal_stats.taks); printf("Repositories: %u\n", stats.repos); printf("New files moved into validated cache: %u\n", Index: usr.sbin/rpki-client/mft.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/mft.c,v diff -u -p -r1.132 mft.c --- usr.sbin/rpki-client/mft.c 11 Sep 2025 08:21:00 -0000 1.132 +++ usr.sbin/rpki-client/mft.c 13 Nov 2025 13:11:00 -0000 @@ -81,8 +81,6 @@ rtype_from_file_extension(const char *fn return RTYPE_MFT; if (strcasecmp(fn + sz - 4, ".roa") == 0) return RTYPE_ROA; - if (strcasecmp(fn + sz - 4, ".gbr") == 0) - return RTYPE_GBR; if (strcasecmp(fn + sz - 4, ".sig") == 0) return RTYPE_RSC; if (strcasecmp(fn + sz - 4, ".asa") == 0) @@ -133,7 +131,6 @@ rtype_from_mftfile(const char *fn) switch (type) { case RTYPE_CER: case RTYPE_CRL: - case RTYPE_GBR: case RTYPE_ROA: case RTYPE_ASPA: case RTYPE_SPL: Index: usr.sbin/rpki-client/output-json.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/output-json.c,v diff -u -p -r1.58 output-json.c --- usr.sbin/rpki-client/output-json.c 30 Oct 2025 23:18:06 -0000 1.58 +++ usr.sbin/rpki-client/output-json.c 13 Nov 2025 13:11:00 -0000 @@ -76,7 +76,6 @@ outputheader_json(struct validation_data json_do_int("manifests", st->repo_tal_stats.mfts); json_do_int("failedmanifests", st->repo_tal_stats.mfts_fail); json_do_int("crls", st->repo_tal_stats.crls); - json_do_int("gbrs", st->repo_tal_stats.gbrs); json_do_int("repositories", st->repos); json_do_int("vrps", st->repo_tal_stats.vrps); json_do_int("uniquevrps", st->repo_tal_stats.vrps_uniqs); Index: usr.sbin/rpki-client/output-ometric.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/output-ometric.c,v diff -u -p -r1.15 output-ometric.c --- usr.sbin/rpki-client/output-ometric.c 8 Jul 2025 14:19:21 -0000 1.15 +++ usr.sbin/rpki-client/output-ometric.c 13 Nov 2025 13:11:00 -0000 @@ -70,8 +70,6 @@ set_common_stats(const struct repotalsta OKV("type", "state"), OKV("router_key", "valid"), ol); ometric_set_int_with_labels(metric, in->crls, OKV("type", "state"), OKV("crl", "valid"), ol); - ometric_set_int_with_labels(metric, in->gbrs, - OKV("type", "state"), OKV("gbr", "valid"), ol); ometric_set_int_with_labels(metric, in->taks, OKV("type", "state"), OKV("tak", "valid"), ol); Index: usr.sbin/rpki-client/output.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/output.c,v diff -u -p -r1.44 output.c --- usr.sbin/rpki-client/output.c 31 Oct 2025 07:41:36 -0000 1.44 +++ usr.sbin/rpki-client/output.c 13 Nov 2025 13:11:00 -0000 @@ -291,12 +291,10 @@ outputheader(FILE *out, struct validatio " ]\n" "# Manifests: %u (%u failed parse)\n" "# Certificate revocation lists: %u\n" - "# Ghostbuster records: %u\n" "# Repositories: %u\n" "# VRP Entries: %u (%u unique)\n", st->repo_tal_stats.mfts, st->repo_tal_stats.mfts_fail, st->repo_tal_stats.crls, - st->repo_tal_stats.gbrs, st->repos, st->repo_tal_stats.vrps, st->repo_tal_stats.vrps_uniqs) < 0) return -1; Index: usr.sbin/rpki-client/parser.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/parser.c,v diff -u -p -r1.172 parser.c --- usr.sbin/rpki-client/parser.c 23 Oct 2025 05:16:55 -0000 1.172 +++ usr.sbin/rpki-client/parser.c 13 Nov 2025 13:11:00 -0000 @@ -737,46 +737,6 @@ proc_parser_root_cert(struct entity *ent } /* - * Parse a ghostbuster record - */ -static struct gbr * -proc_parser_gbr(char *file, const unsigned char *der, size_t len, - const struct entity *entp, X509_STORE_CTX *ctx) -{ - struct gbr *gbr; - struct cert *cert = NULL; - struct crl *crl; - struct auth *a; - const char *errstr; - - if ((gbr = gbr_parse(&cert, file, entp->talid, der, len)) == NULL) - goto out; - - a = find_issuer(file, entp->certid, cert->aki, entp->mftaki); - if (a == NULL) - goto out; - crl = crl_get(&crls, a); - - if (!valid_x509(file, ctx, cert->x509, a, crl, &errstr)) { - warnx("%s: %s", file, errstr); - goto out; - } - - gbr->talid = a->cert->talid; - - gbr->expires = x509_find_expires(cert->notafter, a, &crls); - cert_free(cert); - - return gbr; - - out: - gbr_free(gbr); - cert_free(cert); - - return NULL; -} - -/* * Parse an ASPA object */ static struct aspa * @@ -893,7 +853,6 @@ parse_entity(struct entityq *q, struct i struct mft *mft; struct roa *roa; struct aspa *aspa; - struct gbr *gbr; struct tak *tak; struct spl *spl; struct ibuf *b; @@ -1003,15 +962,6 @@ parse_entity(struct entityq *q, struct i if (roa != NULL) roa_buffer(b, roa); roa_free(roa); - break; - case RTYPE_GBR: - file = parse_load_file(entp, &f, &flen); - io_str_buffer(b, file); - gbr = proc_parser_gbr(file, f, flen, entp, ctx); - if (gbr != NULL) - mtime = gbr->signtime; - io_simple_buffer(b, &mtime, sizeof(mtime)); - gbr_free(gbr); break; case RTYPE_ASPA: file = parse_load_file(entp, &f, &flen); Index: usr.sbin/rpki-client/print.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/print.c,v diff -u -p -r1.70 print.c --- usr.sbin/rpki-client/print.c 16 Oct 2025 06:46:31 -0000 1.70 +++ usr.sbin/rpki-client/print.c 13 Nov 2025 13:11:00 -0000 @@ -611,36 +611,6 @@ spl_print(const struct cert *c, const st } void -gbr_print(const struct cert *c, const struct gbr *p) -{ - if (outformats & FORMAT_JSON) { - json_do_string("type", "gbr"); - json_do_string("ski", c->ski); - x509_print(c->x509); - json_do_string("aki", c->aki); - json_do_string("aia", c->aia); - json_do_string("sia", c->signedobj); - json_do_int("signing_time", p->signtime); - json_do_int("valid_since", c->notbefore); - json_do_int("valid_until", c->notafter); - if (p->expires) - json_do_int("expires", p->expires); - json_do_string("vcard", p->vcard); - } else { - printf("Subject key identifier: %s\n", pretty_key_id(c->ski)); - x509_print(c->x509); - printf("Authority key identifier: %s\n", pretty_key_id(c->aki)); - printf("Authority info access: %s\n", c->aia); - printf("Subject info access: %s\n", c->signedobj); - printf("Signing time: %s\n", time2str(p->signtime)); - printf("GBR not before: %s\n", - time2str(c->notbefore)); - printf("GBR not after: %s\n", time2str(c->notafter)); - printf("vcard:\n%s", p->vcard); - } -} - -void rsc_print(const struct cert *c, const struct rsc *p) { char *hash; Index: usr.sbin/rpki-client/repo.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/repo.c,v diff -u -p -r1.79 repo.c --- usr.sbin/rpki-client/repo.c 14 Aug 2025 15:12:00 -0000 1.79 +++ usr.sbin/rpki-client/repo.c 13 Nov 2025 13:11:01 -0000 @@ -1646,9 +1646,6 @@ repo_stat_inc(struct repo *rp, int talid case RTYPE_CRL: rp->stats[talid].crls++; break; - case RTYPE_GBR: - rp->stats[talid].gbrs++; - break; case RTYPE_TAK: rp->stats[talid].taks++; break; Index: usr.sbin/rpki-client/rpki-client.8 =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/rpki-client.8,v diff -u -p -r1.130 rpki-client.8 --- usr.sbin/rpki-client/rpki-client.8 11 Sep 2025 09:25:05 -0000 1.130 +++ usr.sbin/rpki-client/rpki-client.8 13 Nov 2025 13:11:01 -0000 @@ -371,11 +371,6 @@ This facility is experimental and is sti .Re .Pp .Rs -.%T The RPKI Ghostbusters Record -.%R RFC 6493 -.Re -.Pp -.Rs .%T Policy Qualifiers in RPKI Certificates .%R RFC 7318 .Re Index: usr.sbin/rpki-client/rsync.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/rsync.c,v diff -u -p -r1.59 rsync.c --- usr.sbin/rpki-client/rsync.c 1 Aug 2025 13:46:06 -0000 1.59 +++ usr.sbin/rpki-client/rsync.c 13 Nov 2025 13:11:01 -0000 @@ -156,7 +156,6 @@ exec_rsync(const char *prog, const char args[i++] = "--include=*/"; args[i++] = "--include=*.cer"; args[i++] = "--include=*.crl"; - args[i++] = "--include=*.gbr"; args[i++] = "--include=*.mft"; args[i++] = "--include=*.roa"; args[i++] = "--include=*.asa"; Index: usr.sbin/rpki-client/x509.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/x509.c,v diff -u -p -r1.120 x509.c --- usr.sbin/rpki-client/x509.c 16 Oct 2025 06:46:31 -0000 1.120 +++ usr.sbin/rpki-client/x509.c 13 Nov 2025 13:11:01 -0000 @@ -38,7 +38,6 @@ ASN1_OBJECT *signedobj_oid; /* 1.3.6.1.5 ASN1_OBJECT *notify_oid; /* 1.3.6.1.5.5.7.48.13 (rpkiNotify) */ ASN1_OBJECT *roa_oid; /* id-ct-routeOriginAuthz CMS content type */ ASN1_OBJECT *mft_oid; /* id-ct-rpkiManifest CMS content type */ -ASN1_OBJECT *gbr_oid; /* id-ct-rpkiGhostbusters CMS content type */ ASN1_OBJECT *bgpsec_oid; /* id-kp-bgpsec-router Key Purpose */ ASN1_OBJECT *cnt_type_oid; /* pkcs-9 id-contentType */ ASN1_OBJECT *msg_dgst_oid; /* pkcs-9 id-messageDigest */ @@ -85,10 +84,6 @@ static const struct { { .oid = "1.2.840.113549.1.9.16.1.26", .ptr = &mft_oid, - }, - { - .oid = "1.2.840.113549.1.9.16.1.35", - .ptr = &gbr_oid, }, { .oid = "1.3.6.1.5.5.7.3.30", Index: regress/usr.sbin/rpki-client/Makefile.inc =================================================================== RCS file: /cvs/src/regress/usr.sbin/rpki-client/Makefile.inc,v diff -u -p -r1.43 Makefile.inc --- regress/usr.sbin/rpki-client/Makefile.inc 10 Sep 2025 06:46:58 -0000 1.43 +++ regress/usr.sbin/rpki-client/Makefile.inc 13 Nov 2025 13:11:01 -0000 @@ -7,7 +7,6 @@ CFLAGS += -Werror PROGS += test-ip PROGS += test-cert -PROGS += test-gbr PROGS += test-geofeed PROGS += test-mft PROGS += test-roa @@ -61,10 +60,6 @@ SRCS_test-rsc+= test-rsc.c rsc.c ${TEST_ run-regress-test-rsc: test-rsc ./test-rsc -v ${.CURDIR}/../rsc/*.sig - -SRCS_test-gbr+= test-gbr.c gbr.c ${TEST_COMMON} -run-regress-test-gbr: test-gbr - ./test-gbr -v ${.CURDIR}/../gbr/*.gbr SRCS_test-geofeed+= test-geofeed.c geofeed.c ${TEST_COMMON} run-regress-test-geofeed: test-geofeed Index: regress/usr.sbin/rpki-client/test-gbr.c =================================================================== RCS file: regress/usr.sbin/rpki-client/test-gbr.c diff -N regress/usr.sbin/rpki-client/test-gbr.c --- regress/usr.sbin/rpki-client/test-gbr.c 23 Oct 2025 05:35:46 -0000 1.22 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,88 +0,0 @@ -/* $Id: test-gbr.c,v 1.22 2025/10/23 05:35:46 tb Exp $ */ -/* - * Copyright (c) 2019 Kristaps Dzonsons - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "extern.h" - -int outformats; -int verbose; -int filemode = 1; -int experimental; - -int -main(int argc, char *argv[]) -{ - int c, i, verb = 0; - struct gbr *p; - struct cert *cert = NULL; - unsigned char *buf; - size_t len; - - x509_init_oid(); - - while ((c = getopt(argc, argv, "v")) != -1) - switch (c) { - case 'v': - verb++; - break; - default: - errx(1, "bad argument %c", c); - } - - argv += optind; - argc -= optind; - - if (argc == 0) - errx(1, "argument missing"); - - for (i = 0; i < argc; i++) { - buf = load_file(argv[i], &len); - if ((p = gbr_parse(&cert, argv[i], -1, buf, len)) == NULL) { - free(buf); - break; - } - if (verb) - gbr_print(cert, p); - free(buf); - gbr_free(p); - cert_free(cert); - cert = NULL; - } - - if (i < argc) - errx(1, "test failed for %s", argv[i]); - - printf("OK\n"); - return 0; -} - -time_t -get_current_time(void) -{ - return time(NULL); -} Index: regress/usr.sbin/rpki-client/gbr/jkpjwLmZhnrotSqF7o9qqEzSOXs.gbr =================================================================== RCS file: regress/usr.sbin/rpki-client/gbr/jkpjwLmZhnrotSqF7o9qqEzSOXs.gbr diff -N regress/usr.sbin/rpki-client/gbr/jkpjwLmZhnrotSqF7o9qqEzSOXs.gbr Binary files /tmp/cvs6lpO1b and /dev/null differ