![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / rpki-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.24 / (download) - annotate - [select for diffs], Tue Dec 12 15:54:18 2023 UTC (5 months, 2 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.23: +3 -8 lines
Diff to previous 1.23 (colored)
io_read_buf() abused the ibuf internal rpos which is no longer allowed. This is now just a simple wrapper around ibuf_get(). OK tb@
Revision 1.23 / (download) - annotate - [select for diffs], Tue Jun 20 15:15:14 2023 UTC (11 months, 1 week ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.22: +4 -4 lines
Diff to previous 1.22 (colored)
Use new ibuf API in rpki-client. Use ibuf_fd_get/set/avail in the file descriptor passing code. Switch some ibuf_seek() calls to ibuf_set() and use ibuf_add_zero() instead of ibuf_reserve(). OK tb@ job@
Revision 1.22 / (download) - annotate - [select for diffs], Wed Dec 14 15:19:16 2022 UTC (17 months, 2 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.21: +5 -2 lines
Diff to previous 1.21 (colored)
Optimize io_buf_read() a bit by calling read() again after the inital header of the buf was read. This often saves a round-trip to the main event loop and poll(2). OK job@ tb@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Nov 29 20:26:22 2022 UTC (18 months ago) by job
Branch: MAIN
Changes since 1.20: +1 -2 lines
Diff to previous 1.20 (colored)
Only include assert.h if we call assert() OK tb@
Revision 1.20 / (download) - annotate - [select for diffs], Sun May 15 16:43:34 2022 UTC (2 years ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.19: +1 -2 lines
Diff to previous 1.19 (colored)
More KNF and whitespace fixes.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Apr 20 15:31:48 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
Fix various annoying whitespace errors.
Revision 1.18 / (download) - annotate - [select for diffs], Sun Dec 5 12:26:27 2021 UTC (2 years, 5 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
fix unintended sizeof pointer ok claudio@
Revision 1.13.2.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:41:19 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_6_9
Changes since 1.13: +157 -71 lines
Diff to previous 1.13 (colored) next main 1.14 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/6.9/common/021_rpki.patch.sig
Revision 1.13.6.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:40:32 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_7_0
Changes since 1.13: +156 -71 lines
Diff to previous 1.13 (colored) next main 1.14 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/7.0/common/004_rpki.patch.sig
Revision 1.17 / (download) - annotate - [select for diffs], Sun Oct 24 16:59:14 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.16: +2 -1 lines
Diff to previous 1.16 (colored)
Add my copyright to some files OK job@
Revision 1.16 / (download) - annotate - [select for diffs], Sat Oct 23 20:01:16 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.15: +3 -3 lines
Diff to previous 1.15 (colored)
Rename io_buf_new to io_new_buffer and io_buf_close to io_close_buffer. With this the write functions are all of the form io_xyz_buffer. Remove some prototypes of functions I forgot to remove in previous commit. OK benno@
Revision 1.15 / (download) - annotate - [select for diffs], Sat Oct 23 16:06:04 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.14: +130 -74 lines
Diff to previous 1.14 (colored)
Finnally move away from blocking reads in rpki-client. The code was a mish mash of poll, non-blocking writes and blocking reads. Using the introduced ibuf size header in io_buf_new()/io_buf_close() the read side can be changed to pull in a full ibuf and only start the un-marshal once all data has been read. OK benno@
Revision 1.14 / (download) - annotate - [select for diffs], Fri Oct 22 11:13:06 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.13: +30 -2 lines
Diff to previous 1.13 (colored)
First step of cleanup in the io land. Introduce io_buf_new() and io_buf_close(). These function will inject a size of the the buffer at the beginning of the buffer and will allow the read size to be switched to proper async IO. OK benno@
Revision 1.13 / (download) - annotate - [select for diffs], Thu Mar 4 13:01:41 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_6_9_BASE
Branch point for: OPENBSD_7_0,
OPENBSD_6_9
Changes since 1.12: +78 -1 lines
Diff to previous 1.12 (colored)
Implement a https client as a sub-process for rpki-client. This code will be used to fetch TA certs and later on for RRDP. Kind of unreached for now since the default TAL files don't include https URI. The http client is fully asynchronous and can handle multiple downloads at the same time. This code was based on the http client in ftp(1). OK tb@, job@
Revision 1.12 / (download) - annotate - [select for diffs], Fri Jan 8 08:09:07 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.11: +15 -39 lines
Diff to previous 1.11 (colored)
Start using the ibuf API (ibuf_dynamic, ibuf_add, ibuf_close) for writing data between processes. This completely decouples the write side. rpki-client can't really use the imsg framework but it can use the ibuf bits wich imsg is built on. OK benno@ job@
Revision 1.11 / (download) - annotate - [select for diffs], Fri Dec 18 16:58:59 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.10: +6 -2 lines
Diff to previous 1.10 (colored)
In io_str_read() return 0-length strings as NULL pointers instead of empty strings. There are no empty strings being passed around but a fair amount of optional strings and this will simplify this code. OK tb@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Dec 2 15:31:15 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.9: +1 -23 lines
Diff to previous 1.9 (colored)
Remove the last users of io_*_write functions that call io_simple_write() internally. This is a step in direction of more async aware io in rpki-client. Now everything uses a buffer which is then written. OK tb@
Revision 1.9 / (download) - annotate - [select for diffs], Sat Sep 12 15:46:48 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.8: +1 -3 lines
Diff to previous 1.8 (colored)
Include openssl/x509.h in extern.h since it uses a few of the typedefs from there in structs and prototypes. Remove the openssl/ssl.h and other strange openssl includes in the .c files that don't use openssl specific functions. OK beck@ and tb@
Revision 1.8 / (download) - annotate - [select for diffs], Fri Nov 29 05:09:50 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.7: +12 -12 lines
Diff to previous 1.7 (colored)
You know the main street in white horse? On the left... s/EXIT_FAILURE/1/ kind of ok claudio@
Revision 1.7 / (download) - annotate - [select for diffs], Fri Nov 29 01:46:46 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
fix io_simple_read() change from earlier 'fix warnings' commit found by deraadt in most unfunny circumstances.
Revision 1.6 / (download) - annotate - [select for diffs], Thu Nov 28 21:12:00 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.5: +4 -2 lines
Diff to previous 1.5 (colored)
enable more warning flags and fix a few issues noticed. ok claudio@ deraadt@
Revision 1.5 / (download) - annotate - [select for diffs], Tue Aug 13 13:34:43 2019 UTC (4 years, 9 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.4: +2 -3 lines
Diff to previous 1.4 (colored)
Silence warnings about short reads. They happen, we deal with it, it's just noise. OK claudio
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:50 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jun 19 16:30:37 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +1 -1 lines
Diff to previous 1.2 (colored)
use $OpenBSD$ headers
Revision 1.2 / (download) - annotate - [select for diffs], Mon Jun 17 15:04:59 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +1 -2 lines
Diff to previous 1.1 (colored)
Don't do -portable in base. It is better done outside the tree. Imagine if we did it throughout the tree, how many copies of strlcpy would we have, and how much time would all the configure shell scripts and includes take? It would be ludicrous.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon Jun 17 14:31:30 2019 UTC (4 years, 11 months ago) by job
Branch: job
CVS Tags: job_20190617
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Import Kristaps Dzonsons' RPKI validator into the tree rpki-client(1) is an implementation of the Resource Public Key Infrastructure (RPKI), specified by RFC 6480. The client is responsible for downloading, validating and converting Route Origin Authorisations (ROAs) into Validated ROA Payloads (VRPs). The client's output (VRPs) can be used by bgpd(8) to perform BGP Origin Validation (RFC 6811). The current rpki-client(1) version depends on the CMS functions in OpenSSL, this of course needs to be addressed urgently. Thanks to NetNod, IIS.SE, SUNET & 6connect for supporting this effort! OK deraadt@
Revision 1.1 / (download) - annotate - [select for diffs], Mon Jun 17 14:31:30 2019 UTC (4 years, 11 months ago) by job
Branch: MAIN
Initial revision