| Age | Commit message (Collapse) | Author |
|---|
|
Many statistic values are now accounted by repository via repo_stat_inc()
At end of the run sum_stats() accumulates these stats per TAL and globally.
The new output file metrics is written when the -m output flag is specified.
The metrics file is written in OpenMetrics format (with a few tweaks to
allow node_exporter to parse the file as well). The ometric code is a copy
from bgpctl(8) and should be kept in sync.
OK tb@
|
|
header of the buf was read. This often saves a round-trip to the main
event loop and poll(2).
OK job@ tb@
|
|
OK tb@
|
|
clock_gettime(CLOCK_MONOTONIC) for runtime calculation.
OK tb@
|
|
across all object types
OK claudio@ tb@
|
|
OK tb@
|
|
|
|
|
|
is not an error. It marks file as not handled by rpki-client and they will
be ignored after checking that the provided hash matches.
New file types should only be added once the needed code in parse_entity() is
available.
OK tb@ job@
|
|
OK claudio@
|
|
OK claudio@
|
|
OK claudio@
|
|
OK claudio@
|
|
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
This way manifests can should a better error message when something fails.
With and OK tb@
|
|
|
|
|
|
discussed with job
|
|
OK tb@
|
|
|
|
OK tb@
|
|
RFC 9092 is underspecified in this regard, but other signed
objects relating to Internet number resources (ROA, BGPsec,
ASPA, RSC) all disallow inherit.
See https://mailarchive.ietf.org/arch/msg/opsawg/JXjxCA14BkW4DWyVoUMwqDvB17I/
OK tb@
|
|
(Geofeed authenticators don't have a SIA)
|
|
Only allocate b64 when it is needed. This way we can avoid allocating extra
memory for the signed data itself. Also, only check for the end signature
marker when it is actually expected. It's not forbidden - if stupid - to
have a comment '# End Signature:' in the signed data.
ok job
|
|
job didn't like jumping over a bunch of code, so handle this via a small
helper. It's not as if cms_parse_validate_internal() could not do with a
bit of splitting in general.
ok job
|
|
RFC 9092 describes a scheme in which an authenticator is appended to a
geofeed (RFC 8805) file. It is a digest of the main body of the file
signed by the private key of the relevant RPKI certificate for a covering
address range. The authenticator is a detached CMS signature.
with and OK tb@
|
|
With/ok job
|
|
|
|
OK tb@
|
|
If the operator specifies the '-H' option once (or more) followed by a FQDN,
the utility will *only* connect to those hosts and skip all others.
OK claudio@ tb@
|
|
OK claudio@
|
|
|
|
The ASN.1 profile in draft-ietf-sidrops-rfc6482bis section 4 specifies
that there must not be more than 2 ipAddrBlocks (one for IPv4, and one
for IPv6). Compatible with all published ROAs.
OK tb@
|
|
|
|
with and OK tb@
|
|
OK tb@
|
|
Instead of ignoring all non-signedObject accessMethods, we can be stricter
and only allow rpkiNotify (for now) and error on anything else. Also make
sure we properly clean up behind ourselves on error.
With and ok job
|
|
The spec allows multiple accessMethod entries, ordered by preference.
While an rsync URI must be present, others are allowed. Do not fail
in that situation and pick the first rsync URI encountered. The logic
is very similar to the one in x509_get_crl().
ok job
|
|
While RFC 6487, 4.8.2.2 is very explicit about allowing id-ad-signedObject
as the only accessMethod, the clear language was lost during the RFC 8182
editing process. APNIC, TWNIC and JPNIC and a few others are currently
known to have an id-ad-rpkiNotify. The verbose logging allows us to check
the ecosystem while waiting for the point in time where we can turn this
into an error. See also https://www.rfc-editor.org/errata/eid7239.
ok job
|
|
OK tb@ claudio@
|
|
ok claudio
|
|
|
|
This improves the hard-to-read error:
rpki-client: .rrdp/59B96A4C078FDCEDBB776D5BE8DF45EAC0149157547270EA7D4647A76611E145/rpki-rsync.us-east-2.amazonaws.com/volume/220c3ec2-ccf9-4b8a-bf61-fd4d1e151271/LAXNBPgDnLLjagP8++RFIoaMCGo.mft: RFC 6487 section 4.8.6: CRL: bad CRL distribution point extension
rpki-client: rpki-rsync.us-east-2.amazonaws.com/volume/220c3ec2-ccf9-4b8a-bf61-fd4d1e151271/LAXNBPgDnLLjagP8++RFIoaMCGo.mft: no valid mft available
to:
rpki-client: rpki.ripe.net/repository/DEFAULT/ZMvVW3ZpjFaCVe2TtDEqMlyFk3E.cer: SIA: rpkiManifest filename contains invalid characters
OK tb@
|
|
OK tb@
|
|
Unfortunately we can't yet error out when accessMethods other than
signedObject are encountered in the SubjectInformationAccess extension
because there is pollution in the ecosystem.
OK tb@
|
|
|
|
RFC 6487 section 4.8.4 restricts the KeyUsage extension on EE
certificates to only be digitalSignature.
RFC 6487 section 4.8.5 forbids the ExtendedKeyUsage extension from
appearing on CA certificates. However, this may change in the future
through the standardisation process.
OK tb@
|
