| Age | Commit message (Collapse) | Author |
|---|
|
if all possible sources have been used to ta_fetch() this simplifies the
logic in the rsync and http done cases.
Additionally when -R is used, skip https URI and only connect via rsync.
If the TAL file has no rsync URI then the system will fall back to the
cache and not try https instead.
This makes -R a only use rsync flag.
With and OK job@
|
|
has a serial lower than what the client synced to last time. This could
happen if the CDN has a bad server that distributes old data.
Instead of falling back to a snapshot just ignore this case and consider
the repo synced. Hopefully the next run will bring everything back to normal.
OK job@ benno@
|
|
the sort of thing which should actually be used (a proper random string
rather than a common word, and especially not a common word that is the
default for much SNMP software). The example here is restricted to
127.0.0.1 but it's easy to adapt to something where it's more unsafe
so better not to give the example. ok martijn@
|
|
This caused listen on tcp lines to fail to parse.
OK sthen@
|
|
|
|
OK sthen
|
|
Suggested by schwarze@
|
|
This way we can have a global listen statement, but add an additional
listener on with different flags on specific interfaces (e.g. allow
snmpv2c on localhost for easier testing)
OK sthen@
|
|
This is a convenient shorthand for
listen on 0.0.0.0
listen on ::
and was already the default behaviour if no listen on statement is present.
This way it's easier to add additional listeners to the default (like trap
receivers).
Manpage feedback sthen@ schwarze@
Manpage OK jmc@
OK sthen@
|
|
Diff by jmc@, who can't commit right now.
Thanks.
|
|
The previous engineid was based aronud the engine boottime and a random
value, which gives problems when sending/receiving unacknowledged PDUs
(trapv2) over SNMPv3 with authentication enabled, which need a consistent
engineid across restarts to determine the correct user from the sender.
The new default engineid takes a sha256 hash (chosen for its longer output)
of gethostname(3) and places the first 27 bytes after the new format number
129. This should give us a very low probability of collisions, assuming
all machines have a unique name.
The other formats as specified in SNMP-FRAMEWORK-MIB (RFC3411) are also
supported as well as arbitrary formats in the range 128-255 for other
private enterprise numbers in hex format.
OK jmatthew@
|
|
- don't adjust the file object, just extract_to_fh
- for may_check_digest, explicitly pass the path instead of a file object
|
|
add $self->extract_to_fh, only for IsFile objects, so that they can be
written to a temporary file without needing to adjust the file object's name
|
|
- in both extract and tie, $self has the right file names
- move the possible creation of the directory into find_safe_dir (passing
state as the only parameter, since we have everything else in self), thus
getting rid of an XXX
should have zero effect on anything
|
|
such URI. The http client in rpki-client does not support http authentication
since it only accesses public websites.
OK jca@ job@
|
|
To work properly also a neighbor needs to be selected. The assumption
here is that the peer will use the same path-id for the same peer
accross all its routes. The RFC does not require this and it is valid
to assign path-ids randomly. The path-id only matters for one specific
path but most BGP implementations seem to assign the same path-id to
multiple routes when originated from the same source.
OK benno@
|
|
side of RFC7911 and the send portion will follow.
The path-id is extracted from the NLRI encoding an put into struct
prefix. To do this the prefix_by_peer() function gets a path-id
argument. If a session is not path-id enabled this argument will
be always 0. If a session is path-id enabled the value is taken
from the NLRI and can be anything, including 0. The value has no
meaning in itself. Still to make sure the decision process is able
to break a tie the path-id is checked as the last step (this is not
part of the RFC but required).
OK benno@
|
|
Practical experience on several machines after updates suggests the snmp
world isn't really ready for hmac-sha2-256, and the HMAC construction doesn't
require collision resistance (which is the weakness of MD5/SHA1; see e.g.
"New proofs for NMAC and HMAC: Security without collision-resistance",
Bellare 2014).
Feedback from martijn@ (who would prefer to keep using the sha2 hmac),
deraadt@, tb@.
|
|
|
|
and formats a bit nicer;
while here, wrap lines to <80;
|
|
Most other 2xx status codes are still not expected and therefor considered
an error. The GET requests issued by this code should not result in other
2xx result codes.
Also handle and ignore the 1xx Informational headers but again only 100
and 103 are handled and 101 Switching Protocols and 102 Processing are
not expected and are considered an error.
OK deraadt@
|
|
This may help to spot encoding errors a bit more easily.
|
|
|
|
bounce report.
From Erik Brens
|
|
also clean up a comment
OK tb@
|
|
This is a type-O that snuck in when merging traphandler into snmpe.
OK jmatthew@
|
|
OK jmatthew@
|
|
OK benno@
|
|
Ensure the maxLength is greater than or equal to the length of
the accompanying prefix, and less than or equal to the length
(in bits) of an IP address in the address family (32 for IPv4
and 128 for IPv6). The same checks are applied when reading VRPs
from configuration on disk.
OK claudio@
|
|
|
|
millert@ thinks its useful.
|
|
|
|
* maxLength may not be zero or negative
* maxLength can't be lower than the prefixlength of ip_addr
* maxLength can't be higher than the maximum prefix length
OK claudio@
|
|
|
|
that splits the normal RIB linkage vs the adjrib-out linkage. This is
done to make a bit of space to put an extra add-path related id into
the struct without blowing its size over 128 bytes.
Long run this struct should be split up but the necessary changes are
too large right now so this is the 2nd best option.
OK benno@
|
|
add-path information will be dumped properly.
There is one bit where this implementation is not in line with the RFC.
The encoding of DUMP_V2_RIB_GENERIC_ADDPATH for non IPv4 or IPv6 prefixes
is implemented the way gobgp did it (which seems to be the only other BGP
implementation that supports generic encoding). The RFC puts the path_id
in the NLRI for generic encoding instead of adding it to RIB entry struct
like in the IPv4 and IPv6 encoding. This is an open discussion point with
the RFC author.
OK benno@
|
|
to dump add-path enabled systems because the NLRI format changes based
on the add-path capability and there is no way to know which format is
in use so new message types had to be added.
Also extend the ctl_show_rib structure to include the path_id.
OK benno@
|
|
This allows to send more then 255 bytes of optional parameters. With this
it is possible to send more capabilities. bgpd will switch automatically
to the new extended lenght format if needed but by default the old 1 byte
param length encoding is used to keep compatible with old systems.
OK benno@
|
|
client identifier (option 61). Some dhcp servers expect these options
and refuse to hand out a lease without them.
Need for vendor class identifier pointed out & tested by bket
Need for client identifier pointed out by sthen
Input & reads OK sthen (as part of a larger diff)
OK kn (as part of a larger diff)
|
|
"%s". Same for the output of relay_expand_http().
with and ok claudio@
Found by Cedric Tessier, thanks!
|
|
* "Connection: keep-alive" isn't needed, as the HTTP 1.1 default is to
use persistent connections (RFC 7230, section 6.3).
* "Host" is recommended to be in the front.
* "Accept-Encoding: identity" makes it clear to the server compression
encodings are not supported.
Based on suggestions from Julian Reschke.
OK benno@ claudio@
|
|
the bootloader. This is a no-op on architectures where such a filesystem
isn't needed.
ok krw@, deraadt@
|
|
|
|
|
|
Refactor config_setvm to directly return error code on failure
instead of returning -1 and setting errno. It was setting unsupported
values not defined in <errno.h>.
OK mlarkin@
|
|
Zap the obsolete dhclient.conf(5) supersede quirk while here.
Feedback OK florian
|
|
Remove legacy state handling on the ns8250 and virtio network devices
originally put in place before using libevent for async device
events. The vcpu thread doesn't need to process device data as it is
handled by the libevent thread.
This has the benefit of simplifying some of the message passing
between threads introduced to the ns8250 uart since both the vcpu
and libevent threads were processing read events.
No functional change intended. Tested by many, including abieber@,
weerd@, Mischa Peters, and Matthias Schmidt. (Thanks.)
OK mlarkin@
|
|
chroot (and privdrop) in the child procs at this point are all set and done so
pledge("inet id") promises are not required anymore.
analysis and OK @kn
|
|
priv_constraint_child() which is called before we reach pledge(2), therefore we
we don't need to unveil(2) that file nor having pledge("rpath") since it was
only required to read that same file.
OK kn@
|
|
As per the manual and lib/libtls/tls.c revision 1.79 from 2018
"Automatically handle library initialisation for libtls." initialisation
is handled automatically by other tls_*(3) functions.
Remove the tls_init() call to not give the impression of it being needed.
Feedback tb
OK Tests mestre
|
