CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2025/06/13 06:29:58
Modified files:
usr.sbin/rpki-client: filemode.c
Log message:
Adjust schizophrenic NULL checks in print_signature_path()
This function is only called if valid_x509() was happy with the auth
chain, so in particular we've got valid RPKI CA/TA auths. As such, the
a->cert != NULL checks are pointless and the certs have an rpkiManfiest
accessMethod in their SIA extension, so a->cert->mft is always != NULL.
For TA certs, CRLDP must be absent and the AIA is optional, so the NULL
checks for a->cert->crl and a->cert->aia are necessary.
CID 554943
claudio likes it
