Rework the warnings on internet resources

Unify the printing of warnings about AS numbers and IP address blocks to
use a call to as_warn() and ip_warn(). Fix a bug in the latter where the
upper bound of an IP range didn't take the RFC 3779 encoding into account
and passed the address directly to inet_pton() rather than filling the
missing bits with 1. Switch the argument order to match the warnings and
tweak some warning messages.

ok claudio job

rpki-client: move inherit in {ip,as}_warn()

While alphabetic order makes sense, having inherit between individual
AS and IP entries and ranges makes little sense. Use the order that we
have elsewhere.

ok claudio job

rpki-client: rework as_check_overlap()

Avoid early returns and use a single copy of the warning by reworking
the control flow through two nested switches.

ok claudio job

Allow imposing constraints on RPKI trust anchors

The ability to constrain a RPKI Trust Anchor's effective signing
authority to a limited set of Internet Number Resources allows
Relying Parties to enjoy the potential benefits of assuming trust,
within a bounded scope.

Some examples: ARIN does not support inter-RIR IPv6 transfers, so
it wouldn't make any sense to see a ROA subordinate to ARIN's trust
anchor covering RIPE-managed IPv6 space. Conversely, it wouldn't
make sense to observe a ROA covering ARIN-managed IPv6 space under
APNIC's, LACNIC's, or RIPE's trust anchor - even if a derived trust
arc (a cryptographically valid certificate path) existed. Along these
same lines, AFRINIC doesn't support inter-RIR transfers of any kind,
and none of the RIRs have authority over private resources like
10.0.0.0/8 and 2001:db8::/32.

For more background see:
https://datatracker.ietf.org/doc/draft-snijders-constraining-rpki-trust-anchors/
https://mailman.nanog.org/pipermail/nanog/2023-September/223354.html

With and OK tb@, OK claudio@

Simplify as_id_parse() using ASN1_INTEGER_get_uint64()

Instead of decoding an ASN1_INTEGER by hand because ASN1_INTEGER_get()
is broken by design and would report an error on LP32 architectures for
the reserved ASid UINT32_MAX, we can simplify this ugliness and use the
ASN1_INTEGER_get_uint64() API, available since LibreSSL 3.6.

ok claudio

Remove unused sys/socket.h include

OK claudio@

Only include stdarg.h, if we call any of va_{start,end}()

OK tb@

Only include assert.h if we call assert()

OK tb@

More KNF and whitespace fixes.

fix spelling of inheritance

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

rpki-client: move inherit in {ip,as}_warn()

While alphabetic order makes sense, having inherit between individual
AS and IP entries and ranges makes little sense. Use the order that we
have elsewhere.

ok claudio job

rpki-client: rework as_check_overlap()

Avoid early returns and use a single copy of the warning by reworking
the control flow through two nested switches.

ok claudio job

Allow imposing constraints on RPKI trust anchors

The ability to constrain a RPKI Trust Anchor's effective signing
authority to a limited set of Internet Number Resources allows
Relying Parties to enjoy the potential benefits of assuming trust,
within a bounded scope.

Some examples: ARIN does not support inter-RIR IPv6 transfers, so
it wouldn't make any sense to see a ROA subordinate to ARIN's trust
anchor covering RIPE-managed IPv6 space. Conversely, it wouldn't
make sense to observe a ROA covering ARIN-managed IPv6 space under
APNIC's, LACNIC's, or RIPE's trust anchor - even if a derived trust
arc (a cryptographically valid certificate path) existed. Along these
same lines, AFRINIC doesn't support inter-RIR transfers of any kind,
and none of the RIRs have authority over private resources like
10.0.0.0/8 and 2001:db8::/32.

For more background see:
https://datatracker.ietf.org/doc/draft-snijders-constraining-rpki-trust-anchors/
https://mailman.nanog.org/pipermail/nanog/2023-September/223354.html

With and OK tb@, OK claudio@

Simplify as_id_parse() using ASN1_INTEGER_get_uint64()

Instead of decoding an ASN1_INTEGER by hand because ASN1_INTEGER_get()
is broken by design and would report an error on LP32 architectures for
the reserved ASid UINT32_MAX, we can simplify this ugliness and use the
ASN1_INTEGER_get_uint64() API, available since LibreSSL 3.6.

ok claudio

Remove unused sys/socket.h include

OK claudio@

Only include stdarg.h, if we call any of va_{start,end}()

OK tb@

Only include assert.h if we call assert()

OK tb@

More KNF and whitespace fixes.

fix spelling of inheritance

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

Allow imposing constraints on RPKI trust anchors

The ability to constrain a RPKI Trust Anchor's effective signing
authority to a limited set of Internet Number Resources allows
Relying Parties to enjoy the potential benefits of assuming trust,
within a bounded scope.

Some examples: ARIN does not support inter-RIR IPv6 transfers, so
it wouldn't make any sense to see a ROA subordinate to ARIN's trust
anchor covering RIPE-managed IPv6 space. Conversely, it wouldn't
make sense to observe a ROA covering ARIN-managed IPv6 space under
APNIC's, LACNIC's, or RIPE's trust anchor - even if a derived trust
arc (a cryptographically valid certificate path) existed. Along these
same lines, AFRINIC doesn't support inter-RIR transfers of any kind,
and none of the RIRs have authority over private resources like
10.0.0.0/8 and 2001:db8::/32.

For more background see:
https://datatracker.ietf.org/doc/draft-snijders-constraining-rpki-trust-anchors/
https://mailman.nanog.org/pipermail/nanog/2023-September/223354.html

With and OK tb@, OK claudio@

Simplify as_id_parse() using ASN1_INTEGER_get_uint64()

Instead of decoding an ASN1_INTEGER by hand because ASN1_INTEGER_get()
is broken by design and would report an error on LP32 architectures for
the reserved ASid UINT32_MAX, we can simplify this ugliness and use the
ASN1_INTEGER_get_uint64() API, available since LibreSSL 3.6.

ok claudio

Remove unused sys/socket.h include

OK claudio@

Only include stdarg.h, if we call any of va_{start,end}()

OK tb@

Only include assert.h if we call assert()

OK tb@

More KNF and whitespace fixes.

fix spelling of inheritance

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

Simplify as_id_parse() using ASN1_INTEGER_get_uint64()

Instead of decoding an ASN1_INTEGER by hand because ASN1_INTEGER_get()
is broken by design and would report an error on LP32 architectures for
the reserved ASid UINT32_MAX, we can simplify this ugliness and use the
ASN1_INTEGER_get_uint64() API, available since LibreSSL 3.6.

ok claudio

Remove unused sys/socket.h include

OK claudio@

Only include stdarg.h, if we call any of va_{start,end}()

OK tb@

Only include assert.h if we call assert()

OK tb@

More KNF and whitespace fixes.

fix spelling of inheritance

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

Remove unused sys/socket.h include

OK claudio@

Only include stdarg.h, if we call any of va_{start,end}()

OK tb@

Only include assert.h if we call assert()

OK tb@

More KNF and whitespace fixes.

fix spelling of inheritance

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

More KNF and whitespace fixes.

fix spelling of inheritance

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

fix spelling of inheritance

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

Include openssl/x509.h in extern.h since it uses a few of the typedefs from
there in structs and prototypes. Remove the openssl/ssl.h and other strange
openssl includes in the .c files that don't use openssl specific functions.
OK beck@ and tb@

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

swap some comparisons

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

use $OpenBSD$ headers

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision

indentation adjustments, in particular near warn statements
ok claudio

Don't do -portable in base. It is better done outside the tree.
Imagine if we did it throughout the tree, how many copies of strlcpy
would we have, and how much time would all the configure shell scripts
and includes take? It would be ludicrous.

branches: 1.1.1;
Initial revision