CVSROOT: /cvs
Module name: src
Changes by: clau...@cvs.openbsd.org 2024/07/12 03:27:32
Modified files:
usr.sbin/rpki-client: extern.h main.c repo.c
Log message:
Improve duplicate detection and repo_move_valid
Only trigger a duplicate error if a valid filepath is revisted. It is
possible that a bad CA references somebody else's files and if that
happens first it would block the valid access.
To make this work, pass the ok flag to filepath_add() and only set the
talmask bit if the file was ok. Since we need to do the duplicate check
before processing the entity introduce filepath_valid() which checks
if the path is in the tree and has its talmask bit set.
In repo_move_valid() handle conflicts more gracefully. When both a valid
and temporary file are present assume that one of the files was never ok
(talmask == 0) and silently remove that file from the filepath tree.
OK tb@
