On Tue, Nov 9, 2021 at 3:05 PM Sebastian Benoit <be...@openbsd.org> wrote:
> An errata patch for rpki-client has been released for OpenBSD 6.9 [...]
It turns out that the 6.9 version of the patch (021_rpki) causes
rpki-client to provide OpenBGPd output that bgpd does not accept.
Specifically: bgpd on 6.9 does not accept the 'expires' property in
the ROA, in line with what bgpd.conf(5) states.
# bgpd -n
/var/db/rpki-client/openbgpd:13: syntax error
# head -n 13 /var/db/rpki-client/openbgpd | tail -n2
roa-set {
1.0.0.0/24 source-as 13335 expires 1638843500
Noticed this by accident on an older host that I was about to upgrade.
Following diff changes the rpki-client output to restore bgpd's former
happiness.
Of course, it only makes sense to apply this on 6.9-stable (r1.20.2.1).
Index: output-bgpd.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/output-bgpd.c,v
retrieving revision 1.20.2.1
diff -u -p -u -r1.20.2.1 output-bgpd.c
--- output-bgpd.c 9 Nov 2021 13:41:19 -0000 1.20.2.1
+++ output-bgpd.c 5 Dec 2021 13:06:27 -0000
@@ -42,8 +42,8 @@ output_bgpd(FILE *out, struct vrp_tree *
return -1;
} else
maxlenbuf[0] = '\0';
- if (fprintf(out, "\t%s %ssource-as %u expires %lld\n",
- ipbuf, maxlenbuf, v->asid, (long long)v->expires) < 0)
+ if (fprintf(out, "\t%s %ssource-as %u\n",
+ ipbuf, maxlenbuf, v->asid) < 0)
return -1;
}
Best regards,
Rogier
