CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2025/07/04 10:22:07
Modified files: usr.sbin/rpki-client: cert.c Log message: rpki-client: introduce cert_parse_internal() End entity certificates have been checked only in a rather minimalistic way for no good reason. A certificate is a certificate and while there are some differences in the details of the extensions, there should only be a single parsing function. Factor some checks for CA/TA certificates into helpers and handle the logic in such a way that it can be read next to RFC 6487 and checked for completeness. Some items are left for later. input/ok job