From: Job Snijders Subject: rpki-client: track rpkiNotify in rrdp state file To: tech@openbsd.org Date: Wed, 3 Jun 2026 21:39:13 +0000 As part of RPKIViews I'd like to build something to more easily detect whether RRDP servers are presenting different data to different clients. Recording the rpkiNotify itself in the RRDP .state file makes easier for external programs to analyse RRDP states across different instances. Having the actual URL handy makes it easier to instrument such comparisons. As example: $ head /var/cache/rpki-client/.rrdp/436FC6BD7B32853E42FCE5FD95B31D5E3EC1C32C46B7518C2067D568E7EAC119/.state https://chloe.sobornost.net/rpki/news.xml bd919006-71a6-457c-8a7e-83bafbd1065c 30391 1780521020 Wed, 03 Jun 2026 21:15:03 GMT 30388 48F6825FA81BC1D9E0DDDAD1B70CE4442DBF2FE0220EDDF7276A9B1C7FBCC1ED 30389 64B659EE9D34C314AE9A4CB93EC418F3106E9064228BF288C6E0BA2AD08B09D8 30390 33C4BBC59CDD2A43B7DE4B6F00E7149C4BB58FF7656FF814609E3E3D8FCEC0E7 30391 F58312DAE900CA43516649C606CD8D5BF534B93BC0CF540F568BF52F31CC6DE6 OK? Kind regards, Job Index: repo.c =================================================================== RCS file: /cvs/src/usr.sbin/rpki-client/repo.c,v diff -u -p -r1.81 repo.c --- repo.c 13 May 2026 04:38:42 -0000 1.81 +++ repo.c 3 Jun 2026 21:33:06 -0000 @@ -709,10 +709,14 @@ rrdp_session_parse(struct rrdprepo *rr) line[n - 1] = '\0'; switch (ln) { case 0: + if (!valid_uri(line, strlen(line), HTTPS_PROTO)) + goto reset; + break; + case 1: if ((state->session_id = strdup(line)) == NULL) err(1, NULL); break; - case 1: + case 2: state->serial = strtonum(line, 1, LLONG_MAX, &errstr); if (errstr) { warnx("%s: state file: serial is %s: %s", @@ -720,7 +724,7 @@ rrdp_session_parse(struct rrdprepo *rr) goto reset; } break; - case 2: + case 3: rr->last_reset = strtonum(line, 1, LLONG_MAX, &errstr); if (errstr) { warnx("%s: state file: last_reset is %s: %s", @@ -728,7 +732,7 @@ rrdp_session_parse(struct rrdprepo *rr) goto reset; } break; - case 3: + case 4: if (strcmp(line, "-") == 0) break; if ((state->last_mod = strdup(line)) == NULL) @@ -805,7 +809,7 @@ rrdp_session_save(unsigned int id, struc err(1, "fdopen"); /* write session state file out */ - if (fprintf(f, "%s\n%lld\n%lld\n", state->session_id, + if (fprintf(f, "%s\n%s\n%lld\n%lld\n", rr->notifyuri, state->session_id, state->serial, (long long)rr->last_reset) < 0) goto fail;