rpki-client / rpki-client-portable Goto Github PK

user@hostname:~/etc/rpki$ sudo docker exec -ti <containerid> sh
/ # rpki-client -v -t /etc/tals/afrinic.tal 
rpki-client: ta/afrinic: pulling from https://rpki.afrinic.net/repository/AfriNIC.cer
rpki-client: ta/afrinic: loaded from network
rpki-client: https://rrdp.afrinic.net/notification.xml: pulling from network
rpki-client: https://rrdp.afrinic.net/notification.xml: connect: Connection refused
rpki-client: https://rrdp.afrinic.net/notification.xml: load from network failed, fallback to rsync
rpki-client: .rsync/rpki.afrinic.net/repository: pulling from rsync://rpki.afrinic.net/repository
ERROR: rejecting unrequested file-list name: 04E8B0D80F4D11E0B657D8931367AE7D
rsync error: protocol incompatibility (code 2) at flist.c(998) [Receiver=3.2.4]
rpki-client: rsync rsync://rpki.afrinic.net/repository failed
rpki-client: .rsync/rpki.afrinic.net/repository: load from network failed, fallback to cache
rpki-client: rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft: no valid mft available
rpki-client: all files parsed: generating output
Processing time 2 seconds (0 seconds user, 0 seconds system)
Skiplist entries: 0
Route Origin Authorizations: 0 (0 failed parse, 0 invalid)
AS Provider Attestations: 0 (0 failed parse, 0 invalid)
BGPsec Router Certificates: 0
Certificates: 1 (0 invalid)
Trust Anchor Locators: 1 (0 invalid)
Manifests: 1 (1 failed parse, 0 stale)
Certificate revocation lists: 0
Ghostbuster records: 0
Repositories: 2
Cleanup: removed 0 files, 3 directories, 0 superfluous
VRP Entries: 0 (0 unique)
VAP Entries: 0 (0 unique)
/ # rpki-client -V
rpki-client-portable 8.0

CONNECT   Oct 18 08:25:13.324 [1]: Connect (file descriptor 4): 127.0.0.1
CONNECT   Oct 18 08:25:13.325 [1]: Request (file descriptor 4): CONNECT rpki.afrinic.net:443 HTTP/1.1
INFO      Oct 18 08:25:13.325 [1]: Found upstream proxy http 172.16.154.2:8080 for rpki.afrinic.net
INFO      Oct 18 08:25:13.325 [1]: opensock: opening connection to 172.16.154.2:8080
INFO      Oct 18 08:25:13.325 [1]: opensock: getaddrinfo returned for 172.16.154.2:8080
CONNECT   Oct 18 08:25:13.327 [1]: Established connection to upstream proxy "172.16.154.2" using file descriptor 5.
CONNECT   Oct 18 08:25:14.151 [1]: Connect (file descriptor 6): 127.0.0.1
CONNECT   Oct 18 08:25:14.151 [1]: Request (file descriptor 6): CONNECT rpki.afrinic.net:873 HTTP/1.0
INFO      Oct 18 08:25:14.151 [1]: Found upstream proxy http 172.16.154.2:8080 for rpki.afrinic.net
INFO      Oct 18 08:25:14.151 [1]: opensock: opening connection to 172.16.154.2:8080
INFO      Oct 18 08:25:14.151 [1]: opensock: getaddrinfo returned for 172.16.154.2:8080
CONNECT   Oct 18 08:25:14.154 [1]: Established connection to upstream proxy "172.16.154.2" using file descriptor 7.
INFO      Oct 18 08:25:15.311 [1]: Closed connection between local client (fd:6) and remote client (fd:7)
INFO      Oct 18 08:25:15.315 [1]: Closed connection between local client (fd:4) and remote client (fd:5)

#14 19.22 Copying rrdp_delta.c
#14 19.23 Copying rrdp_notification.c
#14 19.24 Copying rrdp_snapshot.c
#14 19.25 Copying rsync.c
#14 19.25 Copying tal.c
#14 19.25 Copying validate.c
#14 19.25 Copying version.h
#14 19.27 Copying x509.c
#14 19.28 Applying patch patches/0001-Allow-overriding-default-user-and-file-locations.patch
#14 19.28 1 out of 6 hunks FAILED -- saving rejects to file main.c.rej

#33 20.04 + ./autogen.sh
#33 20.04 pulling upstream openbsd source
#33 20.44 Already on 'master'
#33 20.44 Your branch is up to date with 'origin/master'.
#33 21.64 Already up to date.
#33 21.64 copying tal
#33 21.64 copying includes
#33 21.74 Copying as.c
#33 21.74 Copying cert.c
#33 21.75 Copying cms.c
#33 21.76 Copying crl.c
#33 21.76 Copying extern.h
#33 21.78 Copying gbr.c
#33 21.78 Copying http.c
#33 21.78 Copying io.c
#33 21.79 Copying ip.c
#33 21.79 Copying log.c
#33 21.80 Copying main.c
#33 21.80 Copying mft.c
#33 21.80 Copying mkdir.c
#33 21.82 Copying output-bgpd.c
#33 21.83 Copying output-bird.c
#33 21.83 Copying output-csv.c
#33 21.83 Copying output-json.c
#33 21.83 Copying output.c
#33 21.84 Copying parser.c
#33 21.89 Copying roa.c
#33 21.89 Copying rpki-client.8
#33 21.89 Copying rsync.c
#33 21.91 Copying tal.c
#33 21.91 Copying validate.c
#33 21.92 Copying x509.c
#33 21.92 Applying patch patches/0001-Allow-overriding-default-user-and-file-locations.patch
#33 21.92 1 out of 1 hunk FAILED -- saving rejects to file extern.h.rej
#33 ...

#37 23.17 Copying rsync.c
#37 23.18 Copying tak.c
#37 23.18 Copying tal.c
#37 23.20 Copying validate.c
#37 23.20 Copying version.h
#37 23.21 Copying x509.c
#37 23.22 Applying patch patches/0001-Allow-overriding-default-user-and-file-locations.patch
#37 23.24 Applying patch patches/0002-Apply-placeholders-for-portability-shim.patch
#37 23.25 Applying patch patches/0003-Emit-all-output-formats-on-non-OpenBSD-systems.patch
#37 23.26 1 out of 1 hunk FAILED -- saving rejects to file rpki-client.8.rej

#34 22.69 Applying patch patches/0001-Allow-overriding-default-user-and-file-locations.patch
#34 22.70 Applying patch patches/0002-Apply-placeholders-for-portability-shim.patch
#34 22.70 2 out of 5 hunks FAILED -- saving rejects to file rpki-client.8.rej

rpki-client-portable-6.7p1$ make
[...]
Making all in include
make[1]: Entering directory '/home/jtk/dl/rpki-client-portable-6.7p1/include'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory '/home/jtk/dl/rpki-client-portable-6.7p1/include' 
Making all in compat
make[1]: Entering directory '/home/jtk/dl/rpki-client-portable-6.7p1/compat'
  CC       recallocarray.lo
recallocarray.c: In function ‘recallocarray’:
recallocarray.c:60:28: warning: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} and ‘int’ [-Wsign-compare]
   if (d < oldsize / 2 && d < getpagesize()) {
  CC       strlcat.lo
  CC       strlcpy.lo
[...]
  CCLD     libcompat.la
ar: `u' modifier ignored since `D' is the default (see `U')
  CCLD     libcompatnoopt.la
ar: `u' modifier ignored since `D' is the default (see `U')
make[1]: Leaving directory '/home/jtk/dl/rpki-client-portable-6.7p1/compat'
Making all in src
make[1]: Entering directory '/home/jtk/dl/rpki-client-portable-6.7p1/src'

/usr/lib/gcc/x86_64-alpine-linux-musl/10.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: rpki_client-rsync.o: in function `proc_rsync':
/tmp/rpki-client-portable/src/rsync.c:330: undefined reference to `mkpath'

main.c: In function 'repo_cleanup':
main.c:1471:5: error: implicit declaration of function 'warnc' [-Werror=implicit-function-declaration]
     warnc(e->fts_errno, "fts_read %s", e->fts_path);

rpki-client: https://repo-rpki.idnic.net/rrdp/d0b0cc6f-23d0-4f4f-ad5b-adbca8dbf698/223636...: connect: Operation timed out
rpki-client: https://repo-rpki.idnic.net/rrdp/d0b0cc6f-23d0-4f4f-ad5b-adbca8dbf698/223736...: connect: Operation timed out
rpki-client: https://repo-rpki.idnic.net/rrdp/d0b0cc6f-23d0-4f4f-ad5b-adbca8dbf698/223836...: connect: Operation timed out
rpki-client: https://repo-rpki.idnic.net/rrdp/d0b0cc6f-23d0-4f4f-ad5b-adbca8dbf698/223936...: connect: Operation timed out
rpki-client: https://repo-rpki.idnic.net/rrdp/d0b0cc6f-23d0-4f4f-ad5b-adbca8dbf698/224036...: connect: Operation timed out
rpki-client: https://repo-rpki.idnic.net/rrdp/d0b0cc6f-23d0-4f4f-ad5b-adbca8dbf698/224136...: connect: Operation timed out
rpki-client: https://repo-rpki.idnic.net/rrdp/notification.xml: loaded from network

$ sudo ./src/rpki-client -r -t /etc/tals/afrinic.tal  -v
rpki-client: ta/afrinic: pulling from https://rpki.afrinic.net/repository/AfriNIC.cer
rpki-client: ta/afrinic: loaded from network
rpki-client: https://rrdp.afrinic.net/notification.xml: pulling from network
^C

[pid 2171457] poll([{fd=5, events=POLLIN}, {fd=6, events=POLLIN}], 2, -1) = 1 ([{fd=6, revents=POLLHUP}])
[pid 2171457] poll([{fd=5, events=POLLIN}, {fd=6, events=POLLIN}], 2, -1) = 1 ([{fd=6, revents=POLLHUP}])
[pid 2171457] poll([{fd=5, events=POLLIN}, {fd=6, events=POLLIN}], 2, -1) = 1 ([{fd=6, revents=POLLHUP}])
[pid 2171457] poll([{fd=5, events=POLLIN}, {fd=6, events=POLLIN}], 2, -1) = 1 ([{fd=6, revents=POLLHUP}])

http.c:61:10: fatal error: vis.h: No such file or directory
 #include <vis.h>
          ^~~~~~~

rpki-client: deleted nostromo.heficed.net/repo/1123721/0/34352e38382e39362e302f32322d3234203d3e203631333137.roa

#34 16.10 Copying rrdp_notification.c
#34 16.11 Copying rrdp_snapshot.c
#34 16.11 Copying rrdp_util.c
#34 16.12 Copying rsync.c
#34 16.12 Copying tal.c
#34 16.12 Copying validate.c
#34 16.12 Copying version.h
#34 16.13 Copying x509.c
#34 16.14 Applying patch patches/0001-Allow-overriding-default-user-and-file-locations.patch
#34 16.15 1 out of 6 hunks FAILED -- saving rejects to file main.c.rej

rpki-client: Route Origin Authorizations: 95719 (2 failed parse, 0 invalid)
rpki-client: Certificates: 27741 (0 failed parse, 0 invalid)
rpki-client: Trust Anchor Locators: 5
rpki-client: Manifests: 27741 (10 failed parse, 2 stale)
rpki-client: Certificate revocation lists: 27729
rpki-client: Ghostbuster records: 2
rpki-client: Repositories: 27561
rpki-client: Cleanup: removed 84 files, 4774 directories
rpki-client: VRP Entries: 292644 (286905 unique)

ggm@ggm-802382 rpki-client % /usr/local/sbin/rpki-client -B -c -j -o -v
rpki-client: ta/apnic: pulling from https://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
rpki-client: https://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer: server closed connection
rpki-client: ta/apnic: load from network failed, retry
rpki-client: ta/apnic: pulling from rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
rpki-client: ta/apnic: loaded from network

ggm@ggm-802382 rpki-client % curl -v -o /tmp/apnic.cer -L https://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 2001:dd8:9:2::101:18...
* TCP_NODELAY set
* Connected to rpki.apnic.net (2001:dd8:9:2::101:18) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [228 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [87 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [2714 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [589 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=rpki.apnic.net
*  start date: Mar 24 02:46:43 2021 GMT
*  expire date: Jun 22 02:46:43 2021 GMT
*  subjectAltName: host "rpki.apnic.net" matched cert's "rpki.apnic.net"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
> GET /repository/apnic-rpki-root-iana-origin.cer HTTP/1.1
> Host: rpki.apnic.net
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Thu, 15 Apr 2021 00:49:38 GMT
< Server: Apache/2.2.15 (CentOS)
< Last-Modified: Wed, 26 Aug 2020 01:30:38 GMT
< ETag: "613ef-4bb-5adbdc456cb80"
< Accept-Ranges: bytes
< Content-Length: 1211
< Set-Cookie: Persistence-Token=!YgLdXj2lHoDXBrUWwXnSi27bn6LXmBdtzMP2k77kfNo5UxkmuJh0MZsr0ID88slIiXqq4melz+nZBKeyt4yU7Mv/Uw6xBzIyeK7anREi; path=/; Httponly; Secure
< Vary: Accept-Encoding
<
{ [1211 bytes data]
100  1211  100  1211    0     0  23745      0 --:--:-- --:--:-- --:--:-- 23745
* Connection #0 to host rpki.apnic.net left intact
* Closing connection 0
ggm@ggm-802382 rpki-client % ls -ltr /tmp/apnic.cer
-rw-r--r--  1 ggm  wheel  1211 15 Apr 10:49 /tmp/apnic.cer
ggm@ggm-802382 rpki-client %

commit 316298269a71e2e69191f14a046bf4c1f2ec9d61 (HEAD -> master, origin/master, origin/HEAD)
Author: Claudio Jeker <[email protected]>
Date:   Wed Apr 14 20:50:59 2021 +0200

    Adjust repo to work after the addition of version.h

commit be3e2a68f6769ad25bb31321e1dd82c7cbe57f2a (HEAD -> master, origin/master, origin/HEAD)
Author: benno <>
Date:   Wed Apr 14 18:05:47 2021 +0000

    move the RPKI_VERSION define into its own version.h file, helps portable.
    ok claudio@

# HELP rpki_client_roas_count Total number of ROAs
# TYPE rpki_client_roas_count gauge
rpki_client_roas_count 100020

[...]

output-ometric.c:131:16: error: use of undeclared identifier 'HOST_NAME_MAX'
        char hostname[HOST_NAME_MAX + 1];
                      ^
1 error generated.
  CC       rpki_client-roa.o
make[1]: *** [rpki_client-output-ometric.o] Error 1
make[1]: *** Waiting for unfinished jobs....

% cd /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX13.sdk/usr/include
 % grep -R HOST_NAME_MAX                   
./limits.h:#define _POSIX_HOST_NAME_MAX    255
./unistd.h:#define	_SC_HOST_NAME_MAX		72

rpki-client -d /path/to/cache [-t /tal/files]

rpki-client -j -n -d /path/to/cache -P timestamp -f /roa/in/cache

	"validation": "Failed",
	"error": "unable to get local issuer certificate"

/ # rpki-client -vvv
rpki-client: ta/apnic: pulling from https://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
rpki-client: ta/afrinic: pulling from https://rpki.afrinic.net/repository/AfriNIC.cer
rpki-client: ta/lacnic: pulling from https://rrdp.lacnic.net/ta/rta-lacnic-rpki.cer
rpki-client: ta/ripe: pulling from https://rpki.ripe.net/ta/ripe-ncc-ta.cer
rpki-client: poll[2]: bad fd
/ # rpki-client -V
rpki-client-portable 7.3
/ # 

$ /usr/local/sbin/rpki-client
rpki-client: tls_load_file: No such file or directory
rpki-client: poll[2]: hangup

brew install libressl
export LDFLAGS="-L/usr/local/opt/libressl/lib"
export CPPFLAGS="-I/usr/local/opt/libressl/include"
./autogen.sh
./configure
make
make install
/usr/local/sbin/rpki-client
rpki-client: tls_load_file: No such file or directory
rpki-client: poll[2]: hangup

#34 109.8 /tmp/rpki-client-portable/src/parser.c:497: undefined reference to `aspa_parse'
#34 109.8 /usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: rpki_client-parser.o: in function `parse_entity':
#34 109.8 /tmp/rpki-client-portable/src/parser.c:647: undefined reference to `aspa_buffer'
#34 109.8 /usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: /tmp/rpki-client-portable/src/parser.c:648: undefined reference to `aspa_free'
#34 109.8 /usr/lib/gcc/x86_64-alpine-linux-musl/11.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: rpki_client-parser.o: in function `proc_parser_aspa':
#34 109.8 /tmp/rpki-client-portable/src/parser.c:505: undefined reference to `aspa_free'
#34 109.8 collect2: error: ld returned 1 exit status

main.c: In function 'proc_rsync':
main.c:652:26: error: 'WAIT_ANY' undeclared (first use in this function)
  652 |    while ((pid = waitpid(WAIT_ANY, &st, WNOHANG)) > 0) {
      |                          ^~~~~~~~
main.c:652:26: note: each undeclared identifier is reported only once for each function it appears in

#ifndef WAIT_ANY
#define WAIT_ANY (-1)
#endif

tal.c: In function 'tal_parse_buffer':
tal.c:113:15: error: implicit declaration of function 'b64_pton' [-Werror=implicit-function-declaration]
  113 |  if ((b64sz = b64_pton(buf, b64, sz)) < 0)
      |               ^~~~~~~~
cc1: some warnings being treated as errors

/usr/lib/gcc/x86_64-alpine-linux-musl/9.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: rpki_client-tal.o: in function `tal_parse_buffer':
tal.c:(.text+0x33b): undefined reference to `b64_pton'
collect2: error: ld returned 1 exit status

…
checking for library containing __b64_pton... no
checking for __b64_pton... no
…

86.51    85 | } ASN1_SEQUENCE_END(Manifest);
86.51       |                     ^~~~~~~~
86.63 mft.c: In function 'mft_parse_filehash':
86.64 mft.c:264:27: error: implicit declaration of function 'arc4random_uniform' [-Werror=implicit-function-declaration]
86.64   264 |                 new_idx = arc4random_uniform(p->res->filesz + 1);
86.64       |                           ^~~~~~~~~~~~~~~~~~
87.23 cc1: some warnings being treated as errors
87.23 make[1]: *** [Makefile:792: rpki_client-mft.o] Error 1

#37 110.1 libtool: link: cc -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wsign-compare -Werror-implicit-function-declaration -Wno-pointer-sign "-DRPKI_PATH_TAL_DIR=\"/etc/tals\"" "-DRPKI_PATH_BASE_DIR=\"/var/cache/rpki-client\"" "-DRPKI_PATH_OUT_DIR=\"/var/lib/rpki-client\"" -g -O2 -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_GNU_SOURCE -o rpki-client rpki_client-as.o rpki_client-cert.o rpki_client-cms.o rpki_client-crl.o rpki_client-gbr.o rpki_client-io.o rpki_client-ip.o rpki_client-log.o rpki_client-main.o rpki_client-mft.o rpki_client-mkdir.o rpki_client-output.o rpki_client-output-bgpd.o rpki_client-output-bird.o rpki_client-output-csv.o rpki_client-output-json.o rpki_client-parser.o rpki_client-roa.o rpki_client-rsync.o rpki_client-tal.o rpki_client-validate.o rpki_client-x509.o  ../compat/.libs/libcompat.a ../compat/.libs/libcompatnoopt.a -lcrypto -lfts
#37 110.4 /usr/lib/gcc/x86_64-alpine-linux-musl/10.2.1/../../../../x86_64-alpine-linux-musl/bin/ld: rpki_client-main.o: in function `main':
#37 110.4 /tmp/rpki-client-portable/src/main.c:1064: undefined reference to `proc_http'
#37 110.5 collect2: error: ld returned 1 exit status

rpki-client-portable-6.8p$ make
Making all in include
make[1]: Entering directory '/home/jtk/dl/rpki-client-portable-6.8p0/include'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory '/home/jtk/dl/rpki-client-portable-6.8p0/include'
Making all in compat
make[1]: Entering directory '/home/jtk/dl/rpki-client-portable-6.8p0/compat'
  CC       recallocarray.lo
recallocarray.c: In function ‘recallocarray’:
recallocarray.c:60:28: warning: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} a
nd ‘int’ [-Wsign-compare]
   if (d < oldsize / 2 && d < getpagesize()) {
                            ^
  CC       strlcat.lo
  CC       strlcpy.lo
  CC       strtonum.lo
  CCLD     libcompat.la
ar: `u' modifier ignored since `D' is the default (see `U')
  CCLD     libcompatnoopt.la
ar: `u' modifier ignored since `D' is the default (see `U')
make[1]: Leaving directory '/home/jtk/dl/rpki-client-portable-6.8p0/compat'
Making all in src
make[1]: Entering directory '/home/jtk/dl/rpki-client-portable-6.8p0/src'
  CC       rpki_client-as.o
  CC       rpki_client-cert.o
  CC       rpki_client-cms.o
  CC       rpki_client-crl.o
  CC       rpki_client-io.o
  CC       rpki_client-ip.o
  CC       rpki_client-log.o
  CC       rpki_client-main.o
main.c: In function ‘main’:
main.c:1669:7: warning: ‘rsyncpid’ may be used uninitialized in this function [-Wmaybe-uninitialized]
   if (waitpid(rsyncpid, &st, 0) == -1)
       ^~~~~~~~~~~~~~~~~~~~~~~~~
  CC       rpki_client-mft.o
mft.c: In function ‘generalizedtime_to_tm’:
mft.c:69:9: error: implicit declaration of function ‘ASN1_time_parse’; did you mean ‘ASN1_parse’? [-Werror=implicit-function-declaration]
  return ASN1_time_parse(data, len, tm, V_ASN1_GENERALIZEDTIME) ==
         ^~~~~~~~~~~~~~~
         ASN1_parse
mft.c: In function ‘check_validity’:
mft.c:99:6: error: implicit declaration of function ‘ASN1_time_tm_cmp’; did you mean ‘ASN1_item_dup’? [-Werror=implicit-function-declaration]
  if (ASN1_time_tm_cmp(&tm_until, &tm_from) < 0) {
      ^~~~~~~~~~~~~~~~
      ASN1_item_dup
cc1: some warnings being treated as errors
make[1]: *** [Makefile:648: rpki_client-mft.o] Error 1
make[1]: Leaving directory '/home/jtk/dl/rpki-client-portable-6.8p0/src'
make: *** [Makefile:454: all-recursive] Error 1

Bereits auf 'master'
Ihr Branch ist auf demselben Stand wie 'origin/master'.
Bereits aktuell.
Aktueller Branch master ist auf dem neuesten Stand.
copying tal
copying includes
Copying as.c
Copying cert.c
Copying cms.c
Copying crl.c
Copying extern.h
Copying gbr.c
Copying http.c
Copying io.c
Copying ip.c
Copying log.c
Copying main.c
Copying mft.c
Copying mkdir.c
Copying output-bgpd.c
Copying output-bird.c
Copying output-csv.c
Copying output-json.c
Copying output.c
Copying parser.c
Copying roa.c
Copying rpki-client.8
Copying rsync.c
Copying tal.c
Copying validate.c
Copying x509.c
Applying patch patches/0001-Allow-overriding-default-user-and-file-locations.patch
1 out of 5 hunks FAILED -- saving rejects to file main.c.rej

--- main.c
+++ main.c
@@ -761,7 +761,7 @@ main(int argc, char *argv[])
        struct msgbuf    procq, rsyncq;
        struct pollfd    pfd[2];
        struct roa      **out = NULL;
-       char            *rsync_prog = "openrsync";
+       char            *rsync_prog = RPKI_RSYNC_CMD;
        char            *bind_addr = NULL;
        const char      *cachedir = NULL, *errs;
        const char      *tals[TALSZ_MAX];

2022-11-30T08:30:50.064813443Z rpki-client: rpki-rps.arin.net/repository/8a848ade7fb71aa9017fdd9c5dd324c7/0/EB1DD8AA3E2B6864E06379C751DBFFFCC6418350.mft: no valid mft available
2022-11-30T08:30:50.100377723Z rpki-client: rpki-rps.arin.net/repository/8a848ade7fb71aa901800003287f4402/0/2BF7605B8927C87448B3B294A8B61D8E983248E0.mft: no valid mft available
2022-11-30T08:30:50.287559589Z rpki-client: rpki-rps.arin.net/repository/8a848adf7fb722e9017ffead9f534ac5/0/BFA2750976CA07F56A68976B0F01EB862F17C3B3.mft: no valid mft available
2022-11-30T08:31:05.479810276Z rpki-client: unhandled entity type 7
2022-11-30T08:31:05.566212488Z rpki-client: poll[0]: bad fd
2022-11-30T08:31:05.566249456Z rpki-client: write[0]: Broken pipe
2022-11-30T08:31:05.566256810Z rpki-client: parser process exited abnormally
2022-11-30T08:31:05.571419260Z rpki-client: not all files processed, giving up
2022-11-30T08:31:05.966877368Z rsync error: received SIGINT, SIGTERM, or SIGHUP (code 20) at rsync.c(713) [Receiver=3.2.4]

sudo docker inspect --format='{{index .RepoDigests 0}}' rpki/rpki-client:7.9
rpki/rpki-client@sha256:81f6c17b508e5184185a15e33f6f9f578d454ed6e78d67fa78c9182bf5f911ce