Noticed the other day, a stale manifest tries to check the fileandhash
data. But when running with -n none of this data will be around since it
was most probably removed on the previous run. The result is a lot of
warnings on top of the warning about the mft being stale. It is better to
skip mft_check() if the mft is stale.
Also reshuffle the order of setting repoid and path to be before the
mft_check() call. Upcoming code will require this information in
mft_check().
--
:wq Claudio
Index: parser.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/parser.c,v
retrieving revision 1.35
diff -u -p -r1.35 parser.c
--- parser.c 13 Jan 2022 13:46:03 -0000 1.35
+++ parser.c 13 Jan 2022 13:47:04 -0000
@@ -310,15 +310,17 @@ proc_parser_mft(char *file, const unsign
sk_X509_free(chain);
X509_free(x509);
- if (!mft_check(file, mft)) {
- mft_free(mft);
- return NULL;
- }
-
+ mft->repoid = repoid;
if (path != NULL)
if ((mft->path = strdup(path)) == NULL)
err(1, NULL);
- mft->repoid = repoid;
+
+ if (!mft->stale)
+ if (!mft_check(file, mft)) {
+ mft_free(mft);
+ return NULL;
+ }
+
return mft;
}
