![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / rpki-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.13 / (download) - annotate - [select for diffs], Sun May 15 15:00:53 2022 UTC (2 years ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
HEAD
Changes since 1.12: +1 -1 lines
Diff to previous 1.12 (colored)
whitespace spotted during read-thru
Revision 1.12 / (download) - annotate - [select for diffs], Wed Apr 20 15:31:48 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.11: +1 -2 lines
Diff to previous 1.11 (colored)
Fix various annoying whitespace errors.
Revision 1.11 / (download) - annotate - [select for diffs], Tue Apr 19 19:01:19 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.10: +9 -6 lines
Diff to previous 1.10 (colored)
Do not use a hidden global for the EVP_ENCODE_CTX to save a calloc() call. Make this work concurrently by allocating and freeing the EVP_ENCODE_CTX for every call to base64_decode(). This is not a hot path so the impact is negligible. OK tb@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Nov 24 15:24:16 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.9: +40 -1 lines
Diff to previous 1.9 (colored)
Move some functions from rrdp.c to rrdp_util.c and hex_decode to encoding.c. This will make it easier to write a RRDP regress test. OK job@ deraadt@
Revision 1.1.2.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:41:19 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_6_9
Changes since 1.1: +110 -11 lines
Diff to previous 1.1 (colored) next main 1.2 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/6.9/common/021_rpki.patch.sig
Revision 1.3.4.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:40:32 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_7_0
Changes since 1.3: +95 -26 lines
Diff to previous 1.3 (colored) next main 1.4 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/7.0/common/004_rpki.patch.sig
Revision 1.9 / (download) - annotate - [select for diffs], Sun Oct 31 16:00:14 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.8: +13 -4 lines
Diff to previous 1.8 (colored)
Further improve load_file(). Always set an errno on errors and make sure the errno is not clobbered in the error path. Check result from load_file() and issue a warning and skip the file in queue_add_tal(). OK benno@ beck@
Revision 1.8 / (download) - annotate - [select for diffs], Thu Oct 28 11:57:00 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.7: +42 -10 lines
Diff to previous 1.7 (colored)
Limit the size of the base64 blob inside the RRDP XML to be less than MAX_FILE_SIZE after base64 decoding it. This way hostile RRDP servers do less damage. OK beck@ tb@
Revision 1.7 / (download) - annotate - [select for diffs], Wed Oct 27 21:56:58 2021 UTC (2 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
Add limits on size of certain untrusted inputs ok job@
Revision 1.6 / (download) - annotate - [select for diffs], Tue Oct 26 16:59:19 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.5: +41 -1 lines
Diff to previous 1.5 (colored)
Move load_file() to encoding.c so that regress can use the function.
Revision 1.5 / (download) - annotate - [select for diffs], Tue Oct 26 16:12:54 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.4: +3 -4 lines
Diff to previous 1.4 (colored)
Refactor the tal parsing code to use the same load_file() and buffer passing as done for the other parsers. OK job@ tb@
Revision 1.4 / (download) - annotate - [select for diffs], Mon Oct 11 16:06:36 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.3: +3 -14 lines
Diff to previous 1.3 (colored)
base64_encode() should not add any newlines into the output. Because of this switch from EVP_EncodeUpdate() plus complexity to the much simpler use of calling EVP_EncodeBlock() directly. OK job@
Revision 1.3 / (download) - annotate - [select for diffs], Wed Sep 1 08:09:41 2021 UTC (2 years, 9 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE
Branch point for: OPENBSD_7_0
Changes since 1.2: +31 -1 lines
Diff to previous 1.2 (colored)
Add http_proxy support to rpki-client's http handler. OK tb@
Revision 1.2 / (download) - annotate - [select for diffs], Mon Apr 19 17:04:35 2021 UTC (3 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 (colored)
code review results in KNF, and moving local variables into lowest scope ok claudio
Revision 1.1 / (download) - annotate - [select for diffs], Thu Apr 1 06:43:23 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE
Branch point for: OPENBSD_6_9
Move base64 and hex encoding functions into their own place. OK tb@