rpki-client don't hang on rrdp hash errors

When an rrdp request fails because the hash of a delta or snapshot is
incorrect the repo never finishes because the setting of
RRDP_STATE_PARSE_DONE and the call to rrdp_finished() is skipped.
The result is a hanging rpki-client until the alarm kills it after 1h.

This simple diff should fix the issue.  Added extra contex to make it more
obvious why this return is bad.
--
:wq Claudio

Index: rrdp.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/rrdp.c,v
retrieving revision 1.1
diff -u -p -U14 -r1.1 rrdp.c
--- rrdp.c 1 Apr 2021 16:04:48 -0000 1.1
+++ rrdp.c 6 Apr 2021 16:00:14 -0000
@@ -474,29 +474,28 @@ rrdp_data_handler(struct rrdp *s)
  if ((s->state & RRDP_STATE_PARSE) == 0)
  errx(1, "%s: bad parser state", s->local);
  if (len == 0) {
  /* parser stage finished */
  close(s->infd);
  s->infd = -1;
 
  if (s->task != NOTIFICATION) {
  char h[SHA256_DIGEST_LENGTH];
 
  SHA256_Final(h, &s->ctx);
  if (memcmp(s->hash, h, sizeof(s->hash)) != 0) {
  s->state |= RRDP_STATE_PARSE_ERROR;
  warnx("%s: bad message digest", s->local);
- return;
  }
  }
 
  s->state |= RRDP_STATE_PARSE_DONE;
  rrdp_finished(s);
  return;
  }
 
  /* parse and maybe hash the bytes just read */
  if (s->task != NOTIFICATION)
  SHA256_Update(&s->ctx, buf, len);
  if ((s->state & RRDP_STATE_PARSE_ERROR) == 0 &&
     XML_Parse(p, buf, len, 0) != XML_STATUS_OK) {
  s->state |= RRDP_STATE_PARSE_ERROR;

On Tue, Apr 06, 2021 at 06:08:04PM +0200, Claudio Jeker wrote:
> When an rrdp request fails because the hash of a delta or snapshot is
> incorrect the repo never finishes because the setting of
> RRDP_STATE_PARSE_DONE and the call to rrdp_finished() is skipped.
> The result is a hanging rpki-client until the alarm kills it after 1h.
>
> This simple diff should fix the issue.  Added extra contex to make it more
> obvious why this return is bad.

ok tb