Age | Commit message (Collapse) | Author |
|
ok claudio job
|
|
Requested by claudio@
OK tb@
|
|
It is technically possible for a series of RRDP deltas and a snapshot
to diverge. An RRDP server could distribute files via Deltas and then
forget about those files, causing copies to remain stuck in the caches
of RRDP clients. Resetting RRDP sessions once every few weeks helps with
garbage collection.
In week 0 the probability of triggering re-initialization is ~0.025% and
doubles every week, in week 11 its 50% and always after week 12. Thus,
RPs will reinitialize at least once every 3 months.
OK tb@ claudio@
|
|
This pulls in an overflow check and the change from recallocarray() to
realloc(). claudio tells me that we might soon get rid of this copy.
ok claudio
|
|
OK tb@ claudio@
|
|
OK tb@
|
|
RFC 9632 introduced additional constraints and requirements for RPKI-based
Geofeed authenticators (at my request).
|
|
|
|
OK tb@ claudio@
|
|
repo_abort() called by repo_check_timeout() will add messages to
be sent out.
OK tb@
|
|
The code path gcc is whining about ensures that the struct auth in
question is initialized, but the pile of garbage that is gcc's use
of uninitialized warnings can't figure that one out. Enough time on
this was wasted during the last few releases that silencing gcc with
annoying workarounds may be the lesser evil.
ok claudio
|
|
Only trigger a duplicate error if a valid filepath is revisted. It is
possible that a bad CA references somebody else's files and if that
happens first it would block the valid access.
To make this work, pass the ok flag to filepath_add() and only set the
talmask bit if the file was ok. Since we need to do the duplicate check
before processing the entity introduce filepath_valid() which checks
if the path is in the tree and has its talmask bit set.
In repo_move_valid() handle conflicts more gracefully. When both a valid
and temporary file are present assume that one of the files was never ok
(talmask == 0) and silently remove that file from the filepath tree.
OK tb@
|
|
We need to pass this to filepath_add so lets use a better name.
OK tb@
|
|
for now add an XXX reminder.
Pointed out by job a while back
|
|
discussed with jca and job
ok claudio
|
|
discussed with jca
ok claudio
|
|
OK tb@ claudio@
|
|
There was a shift of the index in the for loop, and invalidating the wrong
member could result in a double free in auth_tree_free() on process exit.
ok claudio job
|
|
Turns out filemode still relies on these. Rather than adding to the
spaghetti in filemode.c, begrudgingly put back the NULL checks with
an additional XXX.
ok claudio job
|
|
Instead, continue processing what we can but avoid lots of warning noise.
Error out at the end of the parser process to avoid loading a bad config
into bgpd. This isn't great as it is and can be refined in tree.
ok claudio
|
|
ok job
|
|
It's been a few months with lots of changes. We should release soon-ish.
discussed with job
|
|
piuid and psuid annoy me every time I see them.
no functional change
|
|
https://github.com/NLnetLabs/rpki-rs/pull/295
|
|
|
|
ok claudio
|
|
This goes back to the initial import in mft.c and was then copied to rsc.c.
ASN1_tag2str() doesn't take a nid but rather an ASN.1 tag. Use nid2str()
instead.
ok claudio (who helped me use nid2str() correctly)
|
|
|
|
The OpenSSL 1.1 get_signature_nid() API is available for all libraries
that we support and it does exactly what we want. It is much simpler
than the unergonomic accessors we used previously. The ASN.1 templates
ensure that the relevant struct members aren't NULL after successful
deserialization, so the calls are safe.
ok claudio
|
|
Nothing says there may be only one purpose. We only need to find
id-kp-bgpsec-router among them. This matches the intention of the
extended key usage extension in RFCs 5280 and 8209 more closely.
ok claudio
|
|
The valid_x509() in proc_parser_gbr() was initially left unchecked but
has been checked since r1.79.
|
|
Now all key usage and extended key usage handling is at the same place.
This fixes a bug for BGPsec Router certs where key usage was ignored.
Another omission that is fixed here is that criticality of the key usage
extension was not checked. Drop a comment about possible use of EKU that
was in the TA/CA code path but would only apply to EE certs.
ok claudio
|
|
Instead of checking for EXFLAG_SS use the more accurate information
we already gathered.
ok job
|
|
Require that a cert fed to cert_parse_ee_cert() have an EE cert purpose.
Instead of throwing a warning for BGPsec router certs, check for the TA
purpose in ta_parse() and reject everything else.
ok job
|
|
It is currently assumed that there is only one extended key usage OID.
RFC 8209 allows others. For example, it may well make sense for operators
to include the anyExtendedKeyUsage OID to be able to use validators that
don't recognize the BGPsec Router purpose.
ok job
|
|
Instead of only differentiating between CA and BGPsec Router certs,
make it recognize TA and EE certs as well. TAs and CAs have the cA
boolean in the basic constraints, while EE and BGPsec router certs
do not.
TAs are self-signed, CAs not self-issued, all other certs with the
cA boolean are invalid. EE certs do not have an extended key usage
and BGPsec certs contain the id-kp-bgpsec-router OID.
Handle the new purposes where needed.
ok job
|
|
ok job
|
|
This adds a TA and an EE purpose to be used in upcoming commits.
ok job
|
|
This is a simple wrapper around X509_check_policy(cert, -1, 0) that
doesn't need an explanatory comment in the caller.
The reason for having to do this is that various OpenSSL API calls rely
on having extension information cached. As an unsurprising consequence of
OpenSSL's characteristic API misdesign these calls can't report errors,
so they call the extension caching without error checking and the result
is that they may report nonsense.
To work around this, cache the extensions up front so a second call can't
fail and thus API calls such as X509_check_ca(), X509_get_key_usage() and
X509_cmp() work reliably.
ok job
|
|
Instead of just looking at the serial number it's easier to use X509_cmp().
This compares the certs' hashes computed during the extension caching. This
is currently SHA-512 for LibreSSL and SHA-1 for OpenSSL, which is good
enough. After all, the TA certs were signed by a trusted source and if you
choose to use OpenSSL this won't be the worst of your problems.
ok job
|
|
Additional tiebreaker: prefer TA certificates with the narrower validity window
OK tb@
|
|
BGPsec certs are a bit weird and checks for them are all over the place,
some of them in the TA handling, which makes very little sense. We'd be
better off adding another purpose for trust anchors and use that instead.
ok claudio job
|
|
Mimick the approach already taken from manifests and compare the trust
anchor fetched from the net with the one in the cache (if any). This
allows us to choose which one to use and pick the one we like better.
We currently look at the notBefore date and pick the TA later one or
pick the new one if the serialNumber changed. These conditions will
be tweaked in tree.
This prevents replay attacks where a man in the middle could feed us
still valid TA certificates with outdated internet number resources.
This is not currently an issue since all currently valid TA certs from
the RIRs have the same set of resources. Some TA certificates in the RPKI
expire so far in the future that its 32-bit time is again positive.
Things may well change in the next 100 years...
Problem pointed out to us by Ties de Kock a long time ago.
with and ok claudio
ok job
|
|
can decide which of the two files to use.
With and OK tb@
|
|
|
|
We know the pubkey from the TAL, so check that the signature is right
as required by RFC 6487, section 7, additional condition 1, applied to
self-issued certs. Make the error check weird since OpenSSL 3 broke yet
another API (thanks claudio for making me go look).
ok claudio job
|
|
ok claudio
|
|
For an expired TA, cert is freed and zeroed in file mode and cert_print()
crashes. For such TAs (and otherwise invalid ones) expired and notafter
become dangling pointers. Invalidate them and set them only for valid TA
certs.
with/ok claudio
|
|
|
|
Since this is always called after cert_parse_pre(), notBefore and notAfter
are available in struct cert, so we can use time_t comparison.
ok claudio
|