CVSROOT:        /cvs
Module name:    src
Changes by:     t...@cvs.openbsd.org    2025/07/04 10:22:07

Modified files:
        usr.sbin/rpki-client: cert.c 

Log message:
rpki-client: introduce cert_parse_internal()

End entity certificates have been checked only in a rather minimalistic
way for no good reason.  A certificate is a certificate and while there
are some differences in the details of the extensions, there should only
be a single parsing function. Factor some checks for CA/TA certificates
into helpers and handle the logic in such a way that it can be read next
to RFC 6487 and checked for completeness. Some items are left for later.

input/ok job

Reply via email to