![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / rpki-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.258 / (download) - annotate - [select for diffs], Mon May 20 15:51:43 2024 UTC (12 days, 3 hours ago) by claudio
Branch: MAIN
CVS Tags: HEAD
Changes since 1.257: +12 -8 lines
Diff to previous 1.257 (colored)
Instead of tracking certificates by SKI track them by an internal identifier. The certificate SKI is not strictly unique so using it as a unique id is problematic. It is also not really needed to do that since in theory we already know the path (but this got lost in the privsep communication). So add a cert id and pass this id back and forth between main process and the parser. With this id we can lookup the authentication chain in the parser and this even works with multiple paths to the same resource. Since we no longer lookup by SKI the valid_aki_ski function is replaced by find_issuer() which does the lookup by certid. The loop protection is now extended to allow each TAL to reach each file once but still triggers if a file is reaccessed by the tree of a TAL. In filemode the lookup now uses an AIA uri based lookup tree. Again this replaces the SKI based lookups from before. Done together with tb@ OK tb@ job@
Revision 1.257 / (download) - annotate - [select for diffs], Mon Apr 8 14:02:13 2024 UTC (7 weeks, 5 days ago) by tb
Branch: MAIN
Changes since 1.256: +5 -3 lines
Diff to previous 1.256 (colored)
Fix capping of VAPs The previous approach introduced a cap, but it might not always be hit as intended (I missed this on review). Fix this to check the cap after merging an ASPA into an already existing VAP. Also free the list of providers since nothing should be looking at it anymore. Count VAPs that hit the limit with a new overflowed counter. There are still a few aspects of the accounting that probably aren't entirely right. This will be fixed at another point. It's just statistics after all. with/ok claudio, ok job
Revision 1.256 / (download) - annotate - [select for diffs], Fri Apr 5 16:05:15 2024 UTC (8 weeks, 1 day ago) by job
Branch: MAIN
Changes since 1.255: +2 -2 lines
Diff to previous 1.255 (colored)
Don't emit Validated ASPAs for Customer ASIDs with more than MAX_ASPA_PROVIDERS The number of providers in a single ASPA object already was limited to MAX_ASPA_PROVIDERS, now also impose a limit on the total number of providers across multiple ASPA objects. If the MAX_ASPA_PROVIDERS limit is hit, omit the Customer ASID's entry from OpenBGPD and JSON output. OK tb@
Revision 1.255 / (download) - annotate - [select for diffs], Fri Mar 22 03:38:12 2024 UTC (2 months, 1 week ago) by job
Branch: MAIN
Changes since 1.254: +3 -3 lines
Diff to previous 1.254 (colored)
Replace protocol literal strings and strlen() calls with defined constants OK tb@ claudio@
Revision 1.254 / (download) - annotate - [select for diffs], Fri Mar 1 09:36:55 2024 UTC (3 months ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.253: +10 -10 lines
Diff to previous 1.253 (colored)
Lipstick on a pig: avoid comparing signed and unsigned OK tb@ claudio@
Revision 1.253 / (download) - annotate - [select for diffs], Fri Mar 1 08:10:09 2024 UTC (3 months ago) by tb
Branch: MAIN
Changes since 1.252: +9 -4 lines
Diff to previous 1.252 (colored)
Add -x to opt into experimental file formats Instead of burning one letter for each new file format (sidrops is known to crank out new things faster than a normal person can read), use -x to opt into parsing and processing file formats that aren't yet considered stable. This is currently only the Signed Prefix List. While a repetition of the ASPA debacle, this code hasn't yet seen enough stress testing to be enabled by default. ok claudio job
Revision 1.252 / (download) - annotate - [select for diffs], Mon Feb 26 15:40:33 2024 UTC (3 months ago) by job
Branch: MAIN
Changes since 1.251: +5 -1 lines
Diff to previous 1.251 (colored)
Track the number of new files moving from 'staging' to 'validated cache' The OpenMetrics output shows per-repository counters for new files added, the main process and JSON output emit the sum of all new files. OK claudio@
Revision 1.251 / (download) - annotate - [select for diffs], Thu Feb 22 12:49:42 2024 UTC (3 months, 1 week ago) by job
Branch: MAIN
Changes since 1.250: +31 -4 lines
Diff to previous 1.250 (colored)
Add support for RPKI Signed Prefix Lists Signed Prefix List are a CMS protected content type for use with the RPKI to carry the complete list of prefixes which an Autonomous System may originate to all or any of its routing peers. The validation of a Signed Prefix List confirms that the holder of the listed ASN produced the object, and that this list is a current, accurate and complete description of address prefixes that may be announced into the routing system originated by this AS. https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-prefixlist with and OK claudio@ tb@
Revision 1.250 / (download) - annotate - [select for diffs], Wed Feb 21 12:48:25 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.249: +18 -9 lines
Diff to previous 1.249 (colored)
Group logx() getmonotime() and get_current_time() together Fix their indent in extern.h, move the X509_TIME_* macros to main.c since they aren't (and can't really be) used elsewhere, document the meaning of the magic numbers. Also move get_current_time() out of the middle of entity handlers. ok claudio job
Revision 1.249 / (download) - annotate - [select for diffs], Fri Feb 16 11:55:42 2024 UTC (3 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.248: +4 -4 lines
Diff to previous 1.248 (colored)
fix whitespace
Revision 1.248 / (download) - annotate - [select for diffs], Sat Feb 3 14:30:47 2024 UTC (3 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.247: +4 -9 lines
Diff to previous 1.247 (colored)
Refactor handling of stale manifests No need to hoist a staleness indicator through the whole process and count it explicitly. OK tb@
Revision 1.247 / (download) - annotate - [select for diffs], Fri Oct 13 12:06:49 2023 UTC (7 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.246: +7 -1 lines
Diff to previous 1.246 (colored)
Allow imposing constraints on RPKI trust anchors The ability to constrain a RPKI Trust Anchor's effective signing authority to a limited set of Internet Number Resources allows Relying Parties to enjoy the potential benefits of assuming trust, within a bounded scope. Some examples: ARIN does not support inter-RIR IPv6 transfers, so it wouldn't make any sense to see a ROA subordinate to ARIN's trust anchor covering RIPE-managed IPv6 space. Conversely, it wouldn't make sense to observe a ROA covering ARIN-managed IPv6 space under APNIC's, LACNIC's, or RIPE's trust anchor - even if a derived trust arc (a cryptographically valid certificate path) existed. Along these same lines, AFRINIC doesn't support inter-RIR transfers of any kind, and none of the RIRs have authority over private resources like 10.0.0.0/8 and 2001:db8::/32. For more background see: https://datatracker.ietf.org/doc/draft-snijders-constraining-rpki-trust-anchors/ https://mailman.nanog.org/pipermail/nanog/2023-September/223354.html With and OK tb@, OK claudio@
Revision 1.246 / (download) - annotate - [select for diffs], Wed Aug 30 10:02:28 2023 UTC (9 months ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.245: +2 -2 lines
Diff to previous 1.245 (colored)
Constify argument to entity_write_repo() OK tb@
Revision 1.245 / (download) - annotate - [select for diffs], Wed Aug 30 10:01:52 2023 UTC (9 months ago) by job
Branch: MAIN
Changes since 1.244: +2 -2 lines
Diff to previous 1.244 (colored)
Fix comments OK tb@
Revision 1.244 / (download) - annotate - [select for diffs], Thu Jun 29 14:33:35 2023 UTC (11 months ago) by tb
Branch: MAIN
Changes since 1.243: +1 -3 lines
Diff to previous 1.243 (colored)
rpki-client: fix vap_pas stats A small mistake in a diff broke the counters. Make them AFI agnostic and adjust ometric output. guidance & ok claudio
Revision 1.243 / (download) - annotate - [select for diffs], Fri Jun 23 11:36:24 2023 UTC (11 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.242: +7 -11 lines
Diff to previous 1.242 (colored)
Improve detection of RRDP session desynchronization According to RFC 8182, a given session_id and serial number represent an immutable record of the state of the Repository Server at a certain point in time. Add a check to the RRDP notification file processing to compare whether the delta hashes associated to previously seen serials are different in newly fetched notification files. Fall back to a snapshot if a difference is detected, because such a mutation is a strong desynchronization indicator. Idea from Ties de Kock (RIPE NCC). Based on a diff by job@ With and OK job@ tb@
Revision 1.242 / (download) - annotate - [select for diffs], Tue Jun 20 15:15:14 2023 UTC (11 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.241: +3 -3 lines
Diff to previous 1.241 (colored)
Use new ibuf API in rpki-client. Use ibuf_fd_get/set/avail in the file descriptor passing code. Switch some ibuf_seek() calls to ibuf_set() and use ibuf_add_zero() instead of ibuf_reserve(). OK tb@ job@
Revision 1.241 / (download) - annotate - [select for diffs], Tue May 30 16:02:28 2023 UTC (12 months ago) by job
Branch: MAIN
Changes since 1.240: +4 -2 lines
Diff to previous 1.240 (colored)
Fixup file modification timestamps to optimize failover from RRDP to RSYNC In the RSYNC protocol a file's last modification time and its size are used to determine whether sending a (partial) copy over the wire is needed. Previously, when RRDP data structures are serialized to disk, the mtime of files in DIR_VALID ended up being UTIME_NOW. Thus, the mtimes of files obtained through RRDP will never match the mtimes of the same files available through RSYNC - causing each and every file to be added to the file transfer list. Instead, use the internal timestamps of RPKI files as the last modified timestamp. Specifically, for Signed Objects (ROAs, MFTs, GBRs, TAKs, ASPAs) the CMS signing-time, for .cer files the X.509 notBefore, and for .crl files the CRL lastUpdate. This results in a surprising optimization for the number files which have to be transfered. OK claudio@
Revision 1.240 / (download) - annotate - [select for diffs], Tue May 30 12:14:48 2023 UTC (12 months ago) by claudio
Branch: MAIN
Changes since 1.239: +11 -5 lines
Diff to previous 1.239 (colored)
Revert commitid ANSBO0rBvIUtTi45: Make rpki-client choose the verification time of the time it is invoked rather than always getting the current system time for every certificate verification. This will result in output that is not variable on run-time. Using the time of invocation does not work well with fast publishing CAs. It can take a few minutes to reach a repo and that CA may have issued certificates that are not yet valid if that startup time of rpki-client is used to validate. This still keeps the -P option to specify a fixed validation time. OK beck@ job@ tb@
Revision 1.239 / (download) - annotate - [select for diffs], Tue May 30 12:12:06 2023 UTC (12 months ago) by claudio
Branch: MAIN
Changes since 1.238: +4 -3 lines
Diff to previous 1.238 (colored)
Split cleanup into cleanup and repository cleanup and show how many files are kept / removed in the repository temporary storage. After a discussion with tb@ and job@
Revision 1.238 / (download) - annotate - [select for diffs], Fri May 26 14:57:38 2023 UTC (12 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.237: +2 -1 lines
Diff to previous 1.237 (colored)
Properly account del_extra_files and add the value to the json header. OK tb@ (from a larger diff)
Revision 1.237 / (download) - annotate - [select for diffs], Thu May 25 12:52:56 2023 UTC (12 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.236: +4 -4 lines
Diff to previous 1.236 (colored)
Update usage add -P epoch
Revision 1.236 / (download) - annotate - [select for diffs], Thu Apr 27 08:37:53 2023 UTC (13 months ago) by beck
Branch: MAIN
Changes since 1.235: +5 -11 lines
Diff to previous 1.235 (colored)
Make rpki-client choose the verification time of the time it is invoked rather than always getting the current system time for every certificate verification. This will result in output that is not variable on run-time. ok tb@ claudio@
Revision 1.235 / (download) - annotate - [select for diffs], Wed Apr 26 22:05:28 2023 UTC (13 months ago) by beck
Branch: MAIN
Changes since 1.234: +18 -2 lines
Diff to previous 1.234 (colored)
Add a -P option to rpki-client to specify the evaluation time This is intended to be able to test rpki-client in a reproducable way without worrying about the system time changing the results ok claudio@
Revision 1.234 / (download) - annotate - [select for diffs], Wed Apr 26 16:32:41 2023 UTC (13 months ago) by claudio
Branch: MAIN
Changes since 1.233: +51 -36 lines
Diff to previous 1.233 (colored)
Improve accounting by tracking things by repo and tal. This fixes some wrong accounting for repositories that are referenced from more than one TAL. It changes the ometric lable output a little bit since there are repository metrics that no longer include the 'name' label. OK tb@
Revision 1.233 / (download) - annotate - [select for diffs], Thu Apr 13 17:04:02 2023 UTC (13 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.232: +18 -8 lines
Diff to previous 1.232 (colored)
Check whether products listed on a manifest were issued by the same authority as the manifest itself OK tb@
Revision 1.232 / (download) - annotate - [select for diffs], Thu Feb 23 09:50:40 2023 UTC (15 months, 1 week ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.231: +4 -2 lines
Diff to previous 1.231 (colored)
When parsing MFT the CRL referenced by the MFT is loaded and verified at the same time. So in case of a valid crl pass the CRL filename as entity message to the parent process together with the MFT. This way the MFT and CRL end up both in the valid cache even if some files in the MFT are missing. On severe errors (like X.509 verify errors) the CRL is not moved since it is not considered valid. With and OK job@, tb@
Revision 1.231 / (download) - annotate - [select for diffs], Fri Jan 13 08:58:36 2023 UTC (16 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.230: +7 -3 lines
Diff to previous 1.230 (colored)
Add aspa-set to openbgpd config output. Change the way the validated ASPA tree is built since OpenBGPD config follows more the ASPA profile and puts the optional AFI to each provider ASnum instead of duplicated everything into an IPv4 and IPv6 tree. The JSON output of ASPA is still the same. The inclusion of the aspa-set can currently be disabled by the -A flag. OK tb@
Revision 1.230 / (download) - annotate - [select for diffs], Fri Jan 6 16:06:43 2023 UTC (16 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.229: +4 -3 lines
Diff to previous 1.229 (colored)
Rework the main <-> parser/filemode communication protocol a bit. Swap repo_id and filename to simplify the code in parser.c. In filemode both repo_id and filename are ignored. Additionally do not errx() in case of unknown file types. Instead send back enough info that the code can move on. OK tb@
Revision 1.229 / (download) - annotate - [select for diffs], Thu Dec 15 12:02:29 2022 UTC (17 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.228: +82 -40 lines
Diff to previous 1.228 (colored)
Rework statistic collection to be per repository and add metric output option Many statistic values are now accounted by repository via repo_stat_inc() At end of the run sum_stats() accumulates these stats per TAL and globally. The new output file metrics is written when the -m output flag is specified. The metrics file is written in OpenMetrics format (with a few tweaks to allow node_exporter to parse the file as well). The ometric code is a copy from bgpctl(8) and should be kept in sync. OK tb@
Revision 1.228 / (download) - annotate - [select for diffs], Wed Dec 14 10:34:49 2022 UTC (17 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.227: +20 -13 lines
Diff to previous 1.227 (colored)
Switch to struct timespec for collecting stats. This allows to use clock_gettime(CLOCK_MONOTONIC) for runtime calculation. OK tb@
Revision 1.227 / (download) - annotate - [select for diffs], Wed Nov 30 08:16:10 2022 UTC (18 months ago) by job
Branch: MAIN
Changes since 1.226: +1 -2 lines
Diff to previous 1.226 (colored)
Remove unused ctype.h include OK tb@
Revision 1.226 / (download) - annotate - [select for diffs], Tue Nov 29 20:41:32 2022 UTC (18 months ago) by job
Branch: MAIN
Changes since 1.225: +2 -1 lines
Diff to previous 1.225 (colored)
Only include stdarg.h, if we call any of va_{start,end}()
OK tb@
Revision 1.225 / (download) - annotate - [select for diffs], Mon Nov 28 17:47:01 2022 UTC (18 months ago) by claudio
Branch: MAIN
Changes since 1.224: +3 -3 lines
Diff to previous 1.224 (colored)
Reshuffle case a little bit. No functional change.
Revision 1.224 / (download) - annotate - [select for diffs], Fri Nov 18 14:38:34 2022 UTC (18 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.223: +21 -22 lines
Diff to previous 1.223 (colored)
Move skiplist to main and merge with shortlist. With/ok job
Revision 1.223 / (download) - annotate - [select for diffs], Fri Nov 18 11:07:10 2022 UTC (18 months, 1 week ago) by jmc
Branch: MAIN
Changes since 1.222: +2 -2 lines
Diff to previous 1.222 (colored)
zap errant space in usage();
Revision 1.222 / (download) - annotate - [select for diffs], Thu Nov 17 20:51:39 2022 UTC (18 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.221: +2 -2 lines
Diff to previous 1.221 (colored)
Schedule cleanup of '-r' now useless getopt option OK tb@
Revision 1.221 / (download) - annotate - [select for diffs], Thu Nov 17 20:49:38 2022 UTC (18 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.220: +55 -8 lines
Diff to previous 1.220 (colored)
Add shortlist functionality, a compagnion to the skiplist If the operator specifies the '-H' option once (or more) followed by a FQDN, the utility will *only* connect to those hosts and skip all others. OK claudio@ tb@
Revision 1.220 / (download) - annotate - [select for diffs], Wed Nov 2 12:43:02 2022 UTC (18 months, 4 weeks ago) by job
Branch: MAIN
Changes since 1.219: +5 -1 lines
Diff to previous 1.219 (colored)
Add support for draft-ietf-sidrops-signed-tal-12 Add support validation of Signed Objects containing Trust Anchor Keys (TAKs - aka 'Signed TALs'). Signed TALs provide a mechanism for RIRs to distribute and sign the next Trust Anchor with the current Trust Anchor. This might be an improvement over visiting RIR websites and copy+pasting TAL data by hand. OK tb@
Revision 1.219 / (download) - annotate - [select for diffs], Sat Sep 3 09:22:25 2022 UTC (20 months, 4 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.218: +5 -3 lines
Diff to previous 1.218 (colored)
Move the repo lookup into queue_from_mft() OK tb@
Revision 1.218 / (download) - annotate - [select for diffs], Fri Sep 2 21:56:45 2022 UTC (20 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.217: +6 -1 lines
Diff to previous 1.217 (colored)
Introduce a deadline timer that aborts all repository syncs. With this rpki-client has a chance to still finish and produce an output even when a CA is excessivly slow and holds back progress. With and OK benno@ tb@ and job@
Revision 1.217 / (download) - annotate - [select for diffs], Fri Sep 2 19:14:04 2022 UTC (20 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.216: +5 -5 lines
Diff to previous 1.216 (colored)
Fix over long lines OK tb@ job@
Revision 1.216 / (download) - annotate - [select for diffs], Fri Sep 2 19:10:37 2022 UTC (20 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.215: +26 -1 lines
Diff to previous 1.215 (colored)
Use the abort commands when a repo timeout happens. This is cleaner then just failing the repo fetch but leaving the backends running. OK tb@
Revision 1.215 / (download) - annotate - [select for diffs], Tue Aug 30 22:42:32 2022 UTC (21 months ago) by tb
Branch: MAIN
Changes since 1.214: +2 -2 lines
Diff to previous 1.214 (colored)
Avoid dead assignment
Revision 1.214 / (download) - annotate - [select for diffs], Tue Aug 30 18:56:49 2022 UTC (21 months ago) by job
Branch: MAIN
Changes since 1.213: +24 -4 lines
Diff to previous 1.213 (colored)
Add support for ASPA objects (draft-ietf-sidrops-aspa-profile-10) ASPA objects are published in the RPKI and can be used to detect and mitigate BGP route leaks. Validated ASPA Payloads are visible through filemode (-f) and the JSON output format (-j). With feedback from tb@ OK claudio@ tb@
Revision 1.213 / (download) - annotate - [select for diffs], Mon Aug 29 18:28:35 2022 UTC (21 months ago) by tb
Branch: MAIN
Changes since 1.212: +4 -6 lines
Diff to previous 1.212 (colored)
Simplify load_skiplist() Instead of copy-pasting valid_uri(), we can call the real thing. That's also not ideal since we actually check for an FQDN, but it's a bit simpler. ok claudio
Revision 1.212 / (download) - annotate - [select for diffs], Fri Aug 26 11:04:13 2022 UTC (21 months ago) by tb
Branch: MAIN
Changes since 1.211: +9 -9 lines
Diff to previous 1.211 (colored)
Tweaks in load_skiplist() If there's an issue opening the default skip list file other than its absence (most likely bad permissions), we should not silently ignore that. Also, use err() instead of errx() to display the error. Second, linelen, the return value of getline(), is not currently used. Repurpose it to save the result of strcspn() which calculates the length of the string we're interested in and use that instead of strlen(). ok claudio
Revision 1.211 / (download) - annotate - [select for diffs], Thu Aug 25 18:12:05 2022 UTC (21 months, 1 week ago) by job
Branch: MAIN
Changes since 1.210: +4 -8 lines
Diff to previous 1.210 (colored)
Make PEM printing available through increased verbosity (-vvf) Suggestion from claudio@ OK tb@
Revision 1.210 / (download) - annotate - [select for diffs], Thu Aug 25 17:31:26 2022 UTC (21 months, 1 week ago) by job
Branch: MAIN
Changes since 1.209: +8 -3 lines
Diff to previous 1.209 (colored)
In verbose filemode print details about encapsulated certificates. Add command line flag to print the certificate in PEM format. OK tb@
Revision 1.209 / (download) - annotate - [select for diffs], Thu Aug 4 13:44:07 2022 UTC (21 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.208: +12 -3 lines
Diff to previous 1.208 (colored)
Once all files from argv have been read the main process can unveil to the cachedir and if output files are written to outputdir. In -f mode the unveil can be read-only in normal operation rwc is required because the main process writes the RRDP files and also does the cleanup at the end of the run. Input from tb@ and mestre@, OK tb@
Revision 1.208 / (download) - annotate - [select for diffs], Mon Jun 27 10:18:27 2022 UTC (23 months ago) by job
Branch: MAIN
Changes since 1.207: +81 -7 lines
Diff to previous 1.207 (colored)
Add skiplist option to steer clear of skiplisted hosts Blocking outbound connections towards RPKI publication servers based on IP or IPv6 address in external instrumentation like HTTP proxies or pf(4) rules is somewhat unwieldy. It might be easier for operators if we offer a mechanism that cuts at the CA cert SIA parsing step. OK claudio@ tb@
Revision 1.207 / (download) - annotate - [select for diffs], Sat Jun 25 20:25:43 2022 UTC (23 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.206: +5 -1 lines
Diff to previous 1.206 (colored)
Don't add unknown filetypes to the entity queue. Otherwise we bail out without good reason. Regression introduced in a recent refactoring found by job ok claudio job
Revision 1.206 / (download) - annotate - [select for diffs], Wed Jun 1 14:48:53 2022 UTC (2 years ago) by tb
Branch: MAIN
Changes since 1.205: +1 -7 lines
Diff to previous 1.205 (colored)
Remove a confusing comment that has been stale since e2k19 (r1.26).
Revision 1.205 / (download) - annotate - [select for diffs], Mon May 23 13:39:14 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.204: +13 -13 lines
Diff to previous 1.204 (colored)
There is no need to be quiet by default anymore and also stdout is perfectly fine. So switch the stats output at the end of the run to simply use printtf(3) and no longer depend on -v flag. OK tb@
Revision 1.204 / (download) - annotate - [select for diffs], Sun May 15 16:43:34 2022 UTC (2 years ago) by tb
Branch: MAIN
Changes since 1.203: +2 -2 lines
Diff to previous 1.203 (colored)
More KNF and whitespace fixes.
Revision 1.203 / (download) - annotate - [select for diffs], Tue May 10 07:28:43 2022 UTC (2 years ago) by job
Branch: MAIN
Changes since 1.202: +9 -4 lines
Diff to previous 1.202 (colored)
Improve control flow readability by removing 'else if' stanzas OK tb@ claudio@
Revision 1.202 / (download) - annotate - [select for diffs], Wed May 4 15:21:25 2022 UTC (2 years ago) by tb
Branch: MAIN
Changes since 1.201: +3 -3 lines
Diff to previous 1.201 (colored)
rpki-client: bypass timeout in file mode. ok claudio
Revision 1.201 / (download) - annotate - [select for diffs], Wed May 4 13:07:35 2022 UTC (2 years ago) by tb
Branch: MAIN
Changes since 1.200: +3 -3 lines
Diff to previous 1.200 (colored)
Tweak wording of a comment to reflect current reality better.
Revision 1.200 / (download) - annotate - [select for diffs], Wed Apr 27 11:46:19 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.199: +2 -2 lines
Diff to previous 1.199 (colored)
typo: exceded -> exceed
Revision 1.199 / (download) - annotate - [select for diffs], Thu Apr 21 09:53:07 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.198: +5 -6 lines
Diff to previous 1.198 (colored)
The filemode code is enough different from the regular parser code that it makes sense to totally split it out. Duplicate proc_parser_cert_validate() and proc_parser_root_cert() for now. The valid_x509() plus the required static functions are moved to validate.c. The crl_tree code moved into crl.c similar to the auth_tree handling in cert.c. All the proc functions are now tagged with __attribute(noreturn) which allows to remove the errx() after them. OK tb@
Revision 1.198 / (download) - annotate - [select for diffs], Wed Apr 20 04:40:33 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.197: +1 -3 lines
Diff to previous 1.197 (colored)
Remove an unreachable error message If timeout != 0 and 0 <= timeout <= 24*60*60, then timeout < 1 is impossible. ok
Revision 1.197 / (download) - annotate - [select for diffs], Tue Apr 19 20:06:48 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.196: +2 -4 lines
Diff to previous 1.196 (colored)
zap extra line break and extra empty line
Revision 1.196 / (download) - annotate - [select for diffs], Tue Apr 19 13:52:24 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.195: +8 -9 lines
Diff to previous 1.195 (colored)
Change type of talsz and dependent code from size_t to int. Tal ids are already stored as int and and talsz is the limit for these ids. OK tb@
Revision 1.195 / (download) - annotate - [select for diffs], Tue Apr 19 11:07:33 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.194: +3 -3 lines
Diff to previous 1.194 (colored)
Cosmetics, add missing space
Revision 1.194 / (download) - annotate - [select for diffs], Tue Apr 19 09:52:29 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.193: +11 -42 lines
Diff to previous 1.193 (colored)
Adjust on how CRL and MFT files are verified. Verify the CRL referenced from the mft against the mft's fileAndHash info. If the CRL matches then load it and use it to validate this mft. If the mft validated OK add the now also valid CRL to the auth store for later use. Before the newest CRL was always selected but that has negative consequences because it is common practice to revoke the previous MFT's EE cert and with that the cache is turned useless as soon as a new CRL is used. Also there was a possibility that the CRL used for validation of the MFT was not the one later used. Both RFC6486 and draft-ietf-sidrops-6486bis are unclear about this part of the validation process. We opted in favor of the chached MFT. With and OK tb@
Revision 1.193 / (download) - annotate - [select for diffs], Mon Apr 11 18:59:23 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.192: +39 -94 lines
Diff to previous 1.192 (colored)
Refactor on how the subprocesses are started. Move the unveil and pledges to the actuall subprocesses and put all the common code to start these into process_start(). Reduces the lenght of main() a fair bit. OK tb@
Revision 1.192 / (download) - annotate - [select for diffs], Mon Apr 4 16:02:54 2022 UTC (2 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.191: +3 -2 lines
Diff to previous 1.191 (colored)
Adjust cache cleanup to the deficits of RRDP. Unlike rysnc, RRDP has no method to sync the cache. It just depends on all deltas to work but has no method to check if the result is consistent with the source. Because of this do not unlink files which were fetched via RRDP. Instead move them back to their .rrdp directory and hope the will be cleaned up. This should help to keep the cache coherent in some edge cases. OK tb@
Revision 1.191 / (download) - annotate - [select for diffs], Mon Apr 4 12:11:54 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.190: +1 -4 lines
Diff to previous 1.190 (colored)
rpki-client: remove a stale FIXME We fixed this back in January when we added rtype_from_mftfile(). ok claudio
Revision 1.190 / (download) - annotate - [select for diffs], Sat Apr 2 12:17:53 2022 UTC (2 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.189: +1 -6 lines
Diff to previous 1.189 (colored)
Split certificate parsing in two steps. cert_parse_pre() which does the parse and some checks and cert_parse() or ta_parse() to do the additional checks for regular certs or TAs. With this adjust the cert parser in -f mode to identify TAs (by checking if it is self signed) and adjust the validation in that case. Now -f should be able to parse and show all object correctly. With and OK tb@
Revision 1.189 / (download) - annotate - [select for diffs], Thu Feb 10 18:58:46 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.188: +2 -2 lines
Diff to previous 1.188 (colored)
Improve free inodes check from fs.f_favail > 0 to fs.f_free > 0. suggested by millert
Revision 1.188 / (download) - annotate - [select for diffs], Thu Feb 10 11:14:04 2022 UTC (2 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.187: +3 -2 lines
Diff to previous 1.187 (colored)
Only show the 'not enough inodes' warning if the filesystem reports more than zero free inodes. btrfs always reports zero inodes, so on linux distros like fedora, users will always see the not enough space warning, which it is a bit ugly. fine with claudio
Revision 1.187 / (download) - annotate - [select for diffs], Fri Jan 28 15:30:23 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.186: +13 -7 lines
Diff to previous 1.186 (colored)
Properly handle .mft files as intended by the RFC. Instead of always selecting the newest file this opens both the new (from rrdp or rsync) and old (valid) MFT. It then compares the manifest number and based on that the 'newer' MFT is selected. The MFT file and hash check is also changed to always try both locations and selecting whatever matches up with the hash. The selction is passed back to the the main process and used later on to open exactly the same file as was checked against the hash. The MFT parsing code has been split up into multiple steps so that the files can be parsed, compared and then fully validated. In most cases this makes no difference but it prevents replay attacks using old but still valid files. With and OK tb@
Revision 1.186 / (download) - annotate - [select for diffs], Wed Jan 26 14:42:39 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.185: +8 -6 lines
Diff to previous 1.185 (colored)
Allow rsync:// URI as file in -f mode. This makes it easier to explore rpki repositories by following AIA and manifest URIs. Also stop checking the the loaded file is not part of the auth tree, it is possible that this file was loaded before as a dependency. OK tb@
Revision 1.185 / (download) - annotate - [select for diffs], Mon Jan 24 17:29:37 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.184: +2 -2 lines
Diff to previous 1.184 (colored)
Adjust code to handle unsupported file types a bit more graceful. The file still needs to match its hash to make the MFT valid but then there will only be a warning printed. Parsing of other files from that MFT are not influenced. OK tb@
Revision 1.184 / (download) - annotate - [select for diffs], Sun Jan 23 18:40:55 2022 UTC (2 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.183: +2 -2 lines
Diff to previous 1.183 (colored)
rearrange SYNOPSIS/usage to be a bit clearer; discussed with and ok claudio
Revision 1.183 / (download) - annotate - [select for diffs], Sun Jan 23 12:09:24 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.182: +2 -4 lines
Diff to previous 1.182 (colored)
Handle EINTR the same way in all poll loops. In all cases restart the poll loop. In the main process move the timeout handling for repositories into a single function that does the timeouts and the calculation of the timeout in one go. OK tb@
Revision 1.182 / (download) - annotate - [select for diffs], Sun Jan 23 07:21:12 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.181: +25 -21 lines
Diff to previous 1.181 (colored)
Allow rpki-client to display more than one file in -f mode. Change -f to be a mode flag and pass one or multiple files as arguments to rpki-client. Some extra checks need to be done to not load the same certificate or CRL multiple times. Input and OK tb@
Revision 1.181 / (download) - annotate - [select for diffs], Fri Jan 21 18:49:44 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.180: +17 -31 lines
Diff to previous 1.180 (colored)
Add function to determine the file type from the file name extension rpki-client uses the same idiom to determine the file type in too many places. Use one function that determines the appropriate RTYPE from the file name. Add that type to struct mftfile and use this new member to simplify queue_add_from_mft*(). input/ok claudio
Revision 1.180 / (download) - annotate - [select for diffs], Fri Jan 21 14:08:33 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.179: +3 -1 lines
Diff to previous 1.179 (colored)
Avoid out-of-bounds accesses in case the filename is too showrt to contain an extension of length four. ok claudio
Revision 1.179 / (download) - annotate - [select for diffs], Wed Jan 19 17:15:08 2022 UTC (2 years, 4 months ago) by job
Branch: MAIN
Changes since 1.178: +2 -2 lines
Diff to previous 1.178 (colored)
Add -f to usage in main routine OK tb@
Revision 1.178 / (download) - annotate - [select for diffs], Wed Jan 19 15:50:31 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.177: +44 -17 lines
Diff to previous 1.177 (colored)
Implement a filemode where the passed file from the command line is printed in human readable form and is also verified against the valid cache of rpki-client. To validate the file the chain is explored backwards by looking at the Authority Information Access URI and X509v3 CRL Distribution Point of the cert. Once the trust anchor is found this chain can be verified. Feedback and OK job@ tb@
Revision 1.177 / (download) - annotate - [select for diffs], Wed Jan 19 09:22:51 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.176: +4 -2 lines
Diff to previous 1.176 (colored)
rpki-client: don't leak nfile if no repo is found. ok claudio
Revision 1.176 / (download) - annotate - [select for diffs], Fri Jan 14 15:00:23 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.175: +11 -8 lines
Diff to previous 1.175 (colored)
Introduce a validated cache which holds all the files that have successfully been verified by rpki-client. With this the rsync and rrdp directories are more of a temporary storage location. New files are downloaded there and then moved to the valid directory at the end. In -n mode only the valid directory is looked at with the exception of the ta directory holding the trust anchors. A file can now be in two different locations so adjust all the code paths that open files to check both locations. One nice side-effect of this is that the RRDP handling in the main process got simplified. There is no longer the need for temporary RRDP directories. OK tb@
Revision 1.175 / (download) - annotate - [select for diffs], Thu Jan 13 13:18:41 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.174: +4 -1 lines
Diff to previous 1.174 (colored)
Implement a RRDP_CLEAR message that instructs the parent to cleanup the rrdp directory. This is used before a snapshot download to ensure that the snapshot is applied to a clean repo. Similar cleanup happens if the transfer fails. In that case remove the temp directory contents only. This uses a new function remove_contents() to remove everything below a base directory (a bit like rm -r X/*). OK tb@
Revision 1.174 / (download) - annotate - [select for diffs], Thu Jan 13 11:50:29 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.173: +2 -1 lines
Diff to previous 1.173 (colored)
Implement but don't use code to use rsync's --compare-dest feature. One gotcha is that the path passed to --compare-dest needs to be relative to the dst directory. rsync_fixup_dest() will prepend the necessary ../ for that by counting number of '/' in dst. OK tb@
Revision 1.173 / (download) - annotate - [select for diffs], Tue Jan 11 13:06:07 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.172: +88 -56 lines
Diff to previous 1.172 (colored)
Change the way the parser accesses files. It now builds the file path based on information from the repository, a local path and the filename. This simplifies some code both in the main process and the parser. For this to work repositories are passed to the parser before any other entity of this repository is passed. Struct entity is extended to include the repoid and the path along the file(name). Input and OK tb@ & job@
Revision 1.172 / (download) - annotate - [select for diffs], Thu Jan 6 16:06:30 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.171: +4 -3 lines
Diff to previous 1.171 (colored)
Cleanup mft file handling, especially the stale mft bits. Move staleness check up into mft_parse_econtent() to simplify code. Remove the big FIXME bits since they are no longer needed. The parent process will only process MFTs that are not stale. Cleanup a few other bits mainly unneccessary else if cascades and use valid_filename() to check if the filename embedded in the mft fileandhash is sensible. OK tb@
Revision 1.171 / (download) - annotate - [select for diffs], Tue Jan 4 18:41:32 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.170: +11 -7 lines
Diff to previous 1.170 (colored)
Pass the filename back from the parser to the parent. The parent will then add the filename to the filepath tree instead of doing that in entity_write_req(). In the parser pass the filename instead of the full entity object to various proc_parser functions. With this it will be possible to check more then one file in the parser. OK tb@, earlyer version OK benno@
Revision 1.170 / (download) - annotate - [select for diffs], Wed Dec 29 11:37:57 2021 UTC (2 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.169: +5 -12 lines
Diff to previous 1.169 (colored)
Cleanup struct entity. Remove the unneeded has_data field, the same information can be figured out by looking at the data pointer itself. It is NULL when there is no data and not-NULL if there is data. OK benno@
Revision 1.169 / (download) - annotate - [select for diffs], Wed Dec 22 09:35:14 2021 UTC (2 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.168: +15 -10 lines
Diff to previous 1.168 (colored)
Replace two questionable size_t types. For the repo id use a unsigned int and for the roa maxlength use unsigned char (like the prefixlen in struct ip_addr). With input and OK job@
Revision 1.168 / (download) - annotate - [select for diffs], Tue Dec 21 17:50:27 2021 UTC (2 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.167: +6 -7 lines
Diff to previous 1.167 (colored)
Cleanup a few things while reading the code. OK job@
Revision 1.167 / (download) - annotate - [select for diffs], Thu Nov 25 15:03:04 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.166: +3 -2 lines
Diff to previous 1.166 (colored)
Initialize the repo_timeout to timeout / 4 at start of main(). OK job@
Revision 1.166 / (download) - annotate - [select for diffs], Thu Nov 25 14:03:40 2021 UTC (2 years, 6 months ago) by job
Branch: MAIN
Changes since 1.165: +8 -1 lines
Diff to previous 1.165 (colored)
Replace MAX_REPO_TIMEOUT with repo_timeout, which is set to 1/4th of timeout, or if timeout is disabled set to 24 hours. OK claudio@
Revision 1.165 / (download) - annotate - [select for diffs], Fri Nov 19 09:47:30 2021 UTC (2 years, 6 months ago) by job
Branch: MAIN
Changes since 1.164: +2 -2 lines
Diff to previous 1.164 (colored)
Fix typo
Revision 1.138.2.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:41:19 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_6_9
Changes since 1.138: +278 -192 lines
Diff to previous 1.138 (colored) next main 1.139 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/6.9/common/021_rpki.patch.sig
Revision 1.145.4.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:40:32 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_7_0
Changes since 1.145: +220 -183 lines
Diff to previous 1.145 (colored) next main 1.146 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/7.0/common/004_rpki.patch.sig
Revision 1.164 / (download) - annotate - [select for diffs], Tue Nov 9 11:03:39 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.163: +15 -7 lines
Diff to previous 1.163 (colored)
Limit the number of publication points under a given TAL. Introduce an additional timeout for each publication point. The limits are large enough to accomodate normal operating levels. With and OK benno@ job@ tb@ beck@ deraadt@
Revision 1.163 / (download) - annotate - [select for diffs], Thu Nov 4 18:00:07 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.162: +12 -8 lines
Diff to previous 1.162 (colored)
On errors related to the pipes to the childs don't error out right away. Instead exit the main event loop and use waitpid to know why a child went away. This should make it hopefully more clear when shit hits the fan. OK tb@ deraadt@
Revision 1.162 / (download) - annotate - [select for diffs], Thu Nov 4 14:24:41 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.161: +11 -1 lines
Diff to previous 1.161 (colored)
Move and promote getmonotime() to an internal API function.
Revision 1.161 / (download) - annotate - [select for diffs], Thu Nov 4 11:32:55 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.160: +25 -34 lines
Diff to previous 1.160 (colored)
Instead of passing tal descriptions around just pass a tal id and use a small lookup table to print the description in the output path. OK tb@
Revision 1.160 / (download) - annotate - [select for diffs], Mon Nov 1 17:00:34 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.159: +14 -21 lines
Diff to previous 1.159 (colored)
Further simplify cert and auth handling. Move common code into auth_insert and skip this distinction between invalid and failed certificates. The difference between the to is getting more and more blurry. OK tb@
Revision 1.159 / (download) - annotate - [select for diffs], Sun Oct 31 16:00:14 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.158: +5 -1 lines
Diff to previous 1.158 (colored)
Further improve load_file(). Always set an errno on errors and make sure the errno is not clobbered in the error path. Check result from load_file() and issue a warning and skip the file in queue_add_tal(). OK benno@ beck@
Revision 1.158 / (download) - annotate - [select for diffs], Sun Oct 31 15:58:13 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.157: +2 -2 lines
Diff to previous 1.157 (colored)
When converting the TAL parser to use load_file and pass the file via data/datasz element to the parser process I forgot to remove the old buf argument that abused descr for that. Because of this rpki-client can crash. Found by benno@, OK benno@ beck@
Revision 1.157 / (download) - annotate - [select for diffs], Thu Oct 28 19:02:36 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.156: +8 -3 lines
Diff to previous 1.156 (colored)
Sync output at end of run with output inside the openbgpd output file. With and OK tb@
Revision 1.156 / (download) - annotate - [select for diffs], Tue Oct 26 16:59:19 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.155: +1 -35 lines
Diff to previous 1.155 (colored)
Move load_file() to encoding.c so that regress can use the function.
Revision 1.155 / (download) - annotate - [select for diffs], Tue Oct 26 16:12:54 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.154: +63 -22 lines
Diff to previous 1.154 (colored)
Refactor the tal parsing code to use the same load_file() and buffer passing as done for the other parsers. OK job@ tb@
Revision 1.154 / (download) - annotate - [select for diffs], Sun Oct 24 21:24:19 2021 UTC (2 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.153: +3 -3 lines
Diff to previous 1.153 (colored)
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
Revision 1.153 / (download) - annotate - [select for diffs], Sun Oct 24 16:59:14 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.152: +2 -1 lines
Diff to previous 1.152 (colored)
Add my copyright to some files OK job@
Revision 1.152 / (download) - annotate - [select for diffs], Sat Oct 23 20:01:16 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.151: +15 -15 lines
Diff to previous 1.151 (colored)
Rename io_buf_new to io_new_buffer and io_buf_close to io_close_buffer. With this the write functions are all of the form io_xyz_buffer. Remove some prototypes of functions I forgot to remove in previous commit. OK benno@
Revision 1.151 / (download) - annotate - [select for diffs], Sat Oct 23 16:06:04 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.150: +103 -96 lines
Diff to previous 1.150 (colored)
Finnally move away from blocking reads in rpki-client. The code was a mish mash of poll, non-blocking writes and blocking reads. Using the introduced ibuf size header in io_buf_new()/io_buf_close() the read side can be changed to pull in a full ibuf and only start the un-marshal once all data has been read. OK benno@
Revision 1.150 / (download) - annotate - [select for diffs], Fri Oct 22 11:13:06 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.149: +24 -25 lines
Diff to previous 1.149 (colored)
First step of cleanup in the io land. Introduce io_buf_new() and io_buf_close(). These function will inject a size of the the buffer at the beginning of the buffer and will allow the read size to be switched to proper async IO. OK benno@
Revision 1.149 / (download) - annotate - [select for diffs], Mon Oct 11 16:50:03 2021 UTC (2 years, 7 months ago) by job
Branch: MAIN
Changes since 1.148: +13 -10 lines
Diff to previous 1.148 (colored)
Add support for BGPsec Router Certificates (RFC 8209) BGPsec router keys are extracted from RPKI certificates and emitted via the JSON output in base64 encoded form. OK tb@ claudio@
Revision 1.148 / (download) - annotate - [select for diffs], Sun Oct 10 22:04:33 2021 UTC (2 years, 7 months ago) by job
Branch: MAIN
Changes since 1.147: +1 -2 lines
Diff to previous 1.147 (colored)
Remove unused variable
Revision 1.147 / (download) - annotate - [select for diffs], Sun Oct 10 21:57:43 2021 UTC (2 years, 7 months ago) by job
Branch: MAIN
Changes since 1.146: +2 -6 lines
Diff to previous 1.146 (colored)
Make style consistent and remove an unused code path OK tb@
Revision 1.146 / (download) - annotate - [select for diffs], Tue Oct 5 11:20:46 2021 UTC (2 years, 7 months ago) by job
Branch: MAIN
Changes since 1.145: +19 -9 lines
Diff to previous 1.145 (colored)
Add rudimentary support for BGPsec router certificates OK claudio@
Revision 1.145 / (download) - annotate - [select for diffs], Mon Aug 30 16:05:55 2021 UTC (2 years, 9 months ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE
Branch point for: OPENBSD_7_0
Changes since 1.144: +2 -1 lines
Diff to previous 1.144 (colored)
Properly account entity_queue when the file has already been seen Thanks to Ben Maddison for helping create a test case OK claudio@
Revision 1.144 / (download) - annotate - [select for diffs], Tue Jun 29 17:43:57 2021 UTC (2 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.143: +2 -2 lines
Diff to previous 1.143 (colored)
Flip the -r RRDP switch, which went through community testing for half a year. Default is now to attempt RRDP first, then try RSYNC. If problems show up, return to rsync-only behaviour with -R, and file a report. ok claudio
Revision 1.143 / (download) - annotate - [select for diffs], Mon Jun 14 09:54:15 2021 UTC (2 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.142: +30 -2 lines
Diff to previous 1.142 (colored)
Do a fstatvfs() call to figure out if the filesystem used for the cache is large enough for the cache. People like to build VM images with way too small filesystems and so warning about this situation should help. With deraadt@ and job@
Revision 1.142 / (download) - annotate - [select for diffs], Thu Jun 3 15:10:05 2021 UTC (2 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.141: +3 -3 lines
Diff to previous 1.141 (colored)
Use O_DIRECTORY when opening directories. This makes some errors a bit clearer when using -d. OK deraadt@
Revision 1.141 / (download) - annotate - [select for diffs], Tue May 11 11:48:02 2021 UTC (3 years ago) by claudio
Branch: MAIN
Changes since 1.140: +4 -2 lines
Diff to previous 1.140 (colored)
Make sure some variables are initialised since modern gcc warns about them. Handle rrdppid like we do for all other child processes. The two warnings in rrdp are probably false positives. OK tb@
Revision 1.140 / (download) - annotate - [select for diffs], Tue May 11 11:43:21 2021 UTC (3 years ago) by claudio
Branch: MAIN
Changes since 1.139: +23 -7 lines
Diff to previous 1.139 (colored)
Arm the alarms in all childs so they terminate if the timeout is hit. Also install the special signal handler around the main poll() loop. The main process handles SIGALRM so it can log an error to the operator before exiting. With and OK deraadt@
Revision 1.139 / (download) - annotate - [select for diffs], Mon Apr 19 17:04:35 2021 UTC (3 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.138: +4 -2 lines
Diff to previous 1.138 (colored)
code review results in KNF, and moving local variables into lowest scope ok claudio
Revision 1.138 / (download) - annotate - [select for diffs], Thu Apr 15 14:22:05 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE
Branch point for: OPENBSD_6_9
Changes since 1.137: +3 -1 lines
Diff to previous 1.137 (colored)
Rework the http code to require poll() only when really needed. Especially tls_read() and tls_write() do not map 1:1 to read() and write() calls and so assuming that after a tls_read() one needs to poll for more data is wrong. Instead call tls_read() until it returns a TLS_WANT_* return. While here also ignore SIGPIPE. It is almost impossible to properly guard from SIGPIPE by looking at POLLHUP. Instead just let write() handle it and return an error. Putting this in now so this can be tested widely.
Revision 1.137 / (download) - annotate - [select for diffs], Thu Apr 15 13:33:17 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.136: +3 -2 lines
Diff to previous 1.136 (colored)
Make rpki-client -V output nicer. OK job@, kn@, deraadt@
Revision 1.136 / (download) - annotate - [select for diffs], Wed Apr 14 18:05:47 2021 UTC (3 years, 1 month ago) by benno
Branch: MAIN
Changes since 1.135: +2 -1 lines
Diff to previous 1.135 (colored)
move the RPKI_VERSION define into its own version.h file, helps portable. ok claudio@
Revision 1.135 / (download) - annotate - [select for diffs], Sun Apr 11 01:20:03 2021 UTC (3 years, 1 month ago) by job
Branch: MAIN
Changes since 1.134: +3 -3 lines
Diff to previous 1.134 (colored)
Fix two typos in comments sure deraadt@
Revision 1.134 / (download) - annotate - [select for diffs], Thu Apr 8 17:07:55 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.133: +4 -4 lines
Diff to previous 1.133 (colored)
Switch logic from != to ==. Makes the code easier to read.
Revision 1.133 / (download) - annotate - [select for diffs], Thu Apr 8 16:32:42 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.132: +49 -45 lines
Diff to previous 1.132 (colored)
More cleanup of the main function. Use a loop to collect all childs with waitpid() and print if they exited non-zero or by a signal. Also adjust the poll hangup case to exit the poll loop instead of erroring out. This way a crashed child should be reported before exit. OK job@ tb@
Revision 1.132 / (download) - annotate - [select for diffs], Thu Apr 8 15:31:14 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.131: +2 -1 lines
Diff to previous 1.131 (colored)
Missing setproctitle("rrdp") noticed by deraadt@
Revision 1.131 / (download) - annotate - [select for diffs], Wed Apr 7 16:06:37 2021 UTC (3 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.130: +2 -2 lines
Diff to previous 1.130 (colored)
minor KNF found while hunting for a bug
Revision 1.130 / (download) - annotate - [select for diffs], Thu Apr 1 16:40:05 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.129: +2 -2 lines
Diff to previous 1.129 (colored)
Sort usage: rR -> Rr
Revision 1.129 / (download) - annotate - [select for diffs], Thu Apr 1 16:04:48 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.128: +243 -441 lines
Diff to previous 1.128 (colored)
Initial commit of RRDP (The RPKI Repository Delta Protocol - RFC8182) support in rpki-client. For now it is off by default. All XML processing is done in its own process with minimal pledge rights. It uses the already present https process to fetch the xml files and uses the master porcess to handle the file IO into the repositories. RRDP data is stored in the cache under ./rrdp/ and the first directory is the SHA256 hash of the notify URI. Fetching snapshots and deltas works to bring the cache up to date. If something goes wrong rpki-client will fall back to rsync. RRDP was implemented by Nils Fisher and integrated into rpki-client by myself. "Time to get it in" deraadt@
Revision 1.128 / (download) - annotate - [select for diffs], Thu Apr 1 06:53:49 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.127: +76 -46 lines
Diff to previous 1.127 (colored)
Do a better job at cleaning up. Remove empty directories, scan not only the known repositories but also clean up no longer known repositories. With this rpki-client keeps its cache nice and shiny. With and OK job@
Revision 1.127 / (download) - annotate - [select for diffs], Wed Mar 31 16:11:02 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.126: +4 -1 lines
Diff to previous 1.126 (colored)
Set the process title for the rpki-client subprocesses so they can be identified more easily. OK deraadt@
Revision 1.126 / (download) - annotate - [select for diffs], Mon Mar 29 03:45:35 2021 UTC (3 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.125: +4 -4 lines
Diff to previous 1.125 (colored)
minor KNF and consistancy (rpki-client is pretty good code, couple hours of audit and I can only find a few minor things)
Revision 1.125 / (download) - annotate - [select for diffs], Fri Mar 26 16:03:29 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.124: +2 -2 lines
Diff to previous 1.124 (colored)
Compare filepath with strcmp() and not strcasecmp(). The URI in RPKI are case sensitive. OK tb@
Revision 1.124 / (download) - annotate - [select for diffs], Fri Mar 26 10:01:51 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.123: +27 -43 lines
Diff to previous 1.123 (colored)
Rewrite poll loop a bit. Put the various message queues into an array with the same order as the pollfds. This way simple for loops can be used to setup and handle all cases but POLLIN. OK tb@
Revision 1.123 / (download) - annotate - [select for diffs], Thu Mar 25 12:18:45 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.122: +15 -14 lines
Diff to previous 1.122 (colored)
Adjust HTTP client code a bit. Add support for 304 Not Modified responses, remove handling of 206 Partial Content (the client does not use range headers). Report the Last-Modified timestamp back to the requestor and switch OK to a enum value for (FAIL, OK and NOT MODIFIED). OK tb@
Revision 1.122 / (download) - annotate - [select for diffs], Fri Mar 19 13:56:10 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.121: +5 -3 lines
Diff to previous 1.121 (colored)
Add an -V option to show the version of rpki-client. For the base version it will show just OpenBSD while -portable will show the portable version. OK sthen@, tb@, kn@
Revision 1.121 / (download) - annotate - [select for diffs], Fri Mar 19 09:43:59 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.120: +13 -5 lines
Diff to previous 1.120 (colored)
Delay chdir to the cache directory to after parsing the tal files. Using the -t option relative locations can be passed as tal locations and so the process can not chdir until these files were read. OK job@
Revision 1.120 / (download) - annotate - [select for diffs], Thu Mar 18 14:05:44 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.119: +7 -3 lines
Diff to previous 1.119 (colored)
Initialize rsyncpid and httppid in the noop case. It seem gcc is not able to realize that the pids are initialized if !noop and not accessed if noop. OK job@ tb@
Revision 1.119 / (download) - annotate - [select for diffs], Mon Mar 15 08:56:31 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.118: +91 -86 lines
Diff to previous 1.118 (colored)
Allocate the repo structs individually linked by a SLIST instead of using an array that is reallocated during runtime. With this the entityq can move back into struct repo. OK tb@
Revision 1.118 / (download) - annotate - [select for diffs], Thu Mar 11 11:57:45 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.117: +43 -37 lines
Diff to previous 1.117 (colored)
Revert rev 1.116 The repo structs are reallocated during runtime and so the back pointers to the head element of the TAILQ get corrupted. Noticed by tb@
Revision 1.117 / (download) - annotate - [select for diffs], Thu Mar 11 09:21:16 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.116: +10 -4 lines
Diff to previous 1.116 (colored)
There is no need to revisit a file in the repo, so if the RB_INSERT fails just drop the entity queue element. OK benno@ tb@
Revision 1.116 / (download) - annotate - [select for diffs], Thu Mar 11 09:19:16 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.115: +37 -43 lines
Diff to previous 1.115 (colored)
There is no need for a global enity queue, instead use per repo queues. Simplifies the code a fair bit. OK tb@
Revision 1.115 / (download) - annotate - [select for diffs], Wed Mar 10 08:09:41 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.114: +12 -34 lines
Diff to previous 1.114 (colored)
When adding files from the manifest only the .crl need to be first, after that the order does not matter so simplify the code and just walk the list twice. Add the .crl first and then in the second round all other files. OK job@
Revision 1.114 / (download) - annotate - [select for diffs], Thu Mar 4 15:44:13 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.113: +5 -4 lines
Diff to previous 1.113 (colored)
Add two error checks for strdup for consistency. ok claudio
Revision 1.113 / (download) - annotate - [select for diffs], Thu Mar 4 15:35:39 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)
Last commit was done from a non-clean tree. Revert one line that broke everything. Oups.
Revision 1.112 / (download) - annotate - [select for diffs], Thu Mar 4 14:24:17 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.111: +19 -20 lines
Diff to previous 1.111 (colored)
Use the same way to error out in out of memory situation. Just use 'err(1, NULL);' there is no need to include the type of function that failed since it is still impossible to locate the right call. Just use a debugger in that case. OK tb@ deraadt@
Revision 1.111 / (download) - annotate - [select for diffs], Thu Mar 4 14:16:21 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.110: +2 -2 lines
Diff to previous 1.110 (colored)
an -> and
Revision 1.110 / (download) - annotate - [select for diffs], Thu Mar 4 14:04:47 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.109: +4 -4 lines
Diff to previous 1.109 (colored)
Replace NOTREACHED with actuall errx() calls. I managed to return from the proc_xyz() function at least in two occastions and it is not that trivial to realize what goes wrong.
Revision 1.109 / (download) - annotate - [select for diffs], Thu Mar 4 13:01:41 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.108: +192 -32 lines
Diff to previous 1.108 (colored)
Implement a https client as a sub-process for rpki-client. This code will be used to fetch TA certs and later on for RRDP. Kind of unreached for now since the default TAL files don't include https URI. The http client is fully asynchronous and can handle multiple downloads at the same time. This code was based on the http client in ftp(1). OK tb@, job@
Revision 1.108 / (download) - annotate - [select for diffs], Tue Mar 2 09:23:59 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.107: +2 -2 lines
Diff to previous 1.107 (colored)
There is no longer the need to mkpathat(), the main process runs now from the cachedir.
Revision 1.107 / (download) - annotate - [select for diffs], Tue Mar 2 09:08:59 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.106: +19 -19 lines
Diff to previous 1.106 (colored)
Open both the cachedir and outputdir early and use fchdir(2) to switch between the two. OK deraadt@ job@
Revision 1.106 / (download) - annotate - [select for diffs], Sat Feb 27 08:59:29 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.105: +3 -3 lines
Diff to previous 1.105 (colored)
It is perfectly fine to POLLIN and POLLOUT at the same time. It may actually make things a bit faster. OK deraadt@
Revision 1.105 / (download) - annotate - [select for diffs], Tue Feb 23 14:25:29 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.104: +2 -3 lines
Diff to previous 1.104 (colored)
Adjust pledge() and unveil() calls for proc_rsync() a bit. Since the mkdir was moved to the main process there is no need for access to . in the rsync process. OK job@ deraadt@
Revision 1.104 / (download) - annotate - [select for diffs], Mon Feb 22 09:46:05 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.103: +2 -2 lines
Diff to previous 1.103 (colored)
Rename mkpath() to mkpathat() since it uses mkdirat() internally.
Revision 1.103 / (download) - annotate - [select for diffs], Fri Feb 19 12:18:23 2021 UTC (3 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.102: +4 -4 lines
Diff to previous 1.102 (colored)
Convert reallocarray + memset to recallocarray. ok claudio
Revision 1.102 / (download) - annotate - [select for diffs], Fri Feb 19 08:14:49 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.101: +23 -9 lines
Diff to previous 1.101 (colored)
Move the mkpath() call from the rsync path to the main process. This allows to drop cpath from the rsync proc pledge (down to "stdio proc exec"). This will also make work easier with the upcoming http fetcher. OK tb@
Revision 1.101 / (download) - annotate - [select for diffs], Thu Feb 18 10:10:20 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.100: +1 -28 lines
Diff to previous 1.100 (colored)
All the code for output handling was moved to output.c some time ago. Also move the license that came along with it to output.c.
Revision 1.100 / (download) - annotate - [select for diffs], Tue Feb 16 16:50:41 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.99: +3 -2 lines
Diff to previous 1.99 (colored)
Prevent double free by copying the URI string from struct tal to the repo.
Revision 1.99 / (download) - annotate - [select for diffs], Tue Feb 16 08:52:00 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.98: +113 -61 lines
Diff to previous 1.98 (colored)
Rework the repository handling. Split the handling of trust anchors into
ta_lookup() while regular repositories (to fetch .mft files) are handled
by repo_lookup(). Also the cache directory layout changed; moving the
trust anchors to ./ta/{tal basename}/ the other repositories end up in
./rsync/
OK tb@
Revision 1.98 / (download) - annotate - [select for diffs], Fri Feb 5 12:26:52 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.97: +3 -17 lines
Diff to previous 1.97 (colored)
Remove the not so periodic stats from rpki-client. The output is not very useful and the way it works is a bit strange. OK job@ tb@
Revision 1.97 / (download) - annotate - [select for diffs], Thu Feb 4 14:32:01 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.96: +5 -5 lines
Diff to previous 1.96 (colored)
The uri parameter of struct entity is actually a local file path. Rename field to reduce confusion about what is what. OK tb@
Revision 1.96 / (download) - annotate - [select for diffs], Thu Feb 4 13:38:27 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.95: +79 -96 lines
Diff to previous 1.95 (colored)
Define the msgbuf queues globably. Clean up the code since rsyncq and procq no longer need to be passed all the way down anymore. Shuffle code a bit to bring it into more order. OK tb@
Revision 1.95 / (download) - annotate - [select for diffs], Thu Feb 4 09:57:37 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.94: +3 -2 lines
Diff to previous 1.94 (colored)
Fix an overly long line
Revision 1.94 / (download) - annotate - [select for diffs], Thu Feb 4 08:21:50 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.93: +2 -6 lines
Diff to previous 1.93 (colored)
Remove openssl includes and fcntl.h neither of those are used in main.c. Add errno.h since this code makes direct use of errno.
Revision 1.93 / (download) - annotate - [select for diffs], Thu Feb 4 08:10:24 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.92: +3 -616 lines
Diff to previous 1.92 (colored)
Shuffle code around, move all the bits of proc_parser into parser.c. OK tb@
Revision 1.92 / (download) - annotate - [select for diffs], Tue Feb 2 18:35:38 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.91: +44 -48 lines
Diff to previous 1.91 (colored)
Adjust the repository handling a bit. Instead of storing host/module pairs store repo (rsync URI) and local (the local path to the repository). Simplifies the the rsync handling a fair bit. OK deraadt@
Revision 1.91 / (download) - annotate - [select for diffs], Fri Jan 29 10:13:16 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.90: +13 -32 lines
Diff to previous 1.90 (colored)
A while ago rpki-client was changed to validate the sha256 hashes of files referenced in MFT files during the validation of the MFT file. An MFT is only valid if all files are present and their hashes are valid. Because of this there is no longer the need to check the hash when these files are parsed later on. Remove these checks for CRT, ROA and CRL files. Use the presence of the pkey when parsing cert files to decide if it is a root cert or not. OK tb@
Revision 1.90 / (download) - annotate - [select for diffs], Fri Jan 8 08:45:55 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.89: +42 -74 lines
Diff to previous 1.89 (colored)
Simplify the entity queue processing. There is no need to keep the entity queue element around once it is sent to the parser process. Instead just keep a count of pending entities and make the parser send back the entity type instead of the id (since this is the only field needed to figure out what to do). OK job@
Revision 1.89 / (download) - annotate - [select for diffs], Fri Jan 8 08:09:07 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.88: +124 -100 lines
Diff to previous 1.88 (colored)
Start using the ibuf API (ibuf_dynamic, ibuf_add, ibuf_close) for writing data between processes. This completely decouples the write side. rpki-client can't really use the imsg framework but it can use the ibuf bits wich imsg is built on. OK benno@ job@
Revision 1.88 / (download) - annotate - [select for diffs], Mon Dec 21 11:35:55 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.87: +4 -10 lines
Diff to previous 1.87 (colored)
Now that a NULL string is marshalled as NULL again we can drop some extra has_xyz integers to indicate if the following buffer is present or not. At the same time sprinkle some asserts for strings which must be not NULL. OK tb@
Revision 1.87 / (download) - annotate - [select for diffs], Fri Dec 18 12:31:06 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.86: +5 -12 lines
Diff to previous 1.86 (colored)
Use asprintf with %.*s to construct the path based on the mft file location and the filename of the referenced file. Use the same method both in main.c and mft.c which is a fair bit simpler than using calloc and strlcpy/strlcat to build the string by hand. OK tb@
Revision 1.86 / (download) - annotate - [select for diffs], Wed Dec 9 11:29:04 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.85: +72 -1 lines
Diff to previous 1.85 (colored)
Validate ghostbuster records (RFC 6493) but for now do nothing with the provided vcard payload. This change verifies the certificate of the .gbr file and makes sure it is valid (like we do for e.g. .roa files). OK job@
Revision 1.85 / (download) - annotate - [select for diffs], Wed Dec 2 15:31:15 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.84: +9 -4 lines
Diff to previous 1.84 (colored)
Remove the last users of io_*_write functions that call io_simple_write() internally. This is a step in direction of more async aware io in rpki-client. Now everything uses a buffer which is then written. OK tb@
Revision 1.84 / (download) - annotate - [select for diffs], Sat Oct 24 08:12:00 2020 UTC (3 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.83: +3 -24 lines
Diff to previous 1.83 (colored)
queue_add_from_cert() and queue_add_from_tal() are both called with properly validated certs / tals and there is no need to double check if the URIs point to the right resource again. rtype_resolve() is now unused and can be removed. OK tb@
Revision 1.83 / (download) - annotate - [select for diffs], Sun Oct 11 12:35:24 2020 UTC (3 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.82: +40 -23 lines
Diff to previous 1.82 (colored)
Introduce repo_filename() a function that converts a URI into the local path to that resource. This will be needed for future RRDP support. Additionally support more then one TAL URI and select the rsync URI in that list. Finally queue_add_from_cert() got modified to include both the rsync URI and the RRDP notify URI (which is still unused). OK benno@
Revision 1.82 / (download) - annotate - [select for diffs], Thu Oct 1 11:06:47 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.81: +14 -11 lines
Diff to previous 1.81 (colored)
Rewrite the signal handler to just toggle a flag and then exit asap in the main loop. This removes a few portability issues. OK benno@
Revision 1.81 / (download) - annotate - [select for diffs], Thu Oct 1 10:25:26 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.80: +29 -31 lines
Diff to previous 1.80 (colored)
Make the repotab (rt) a global instead of passing the value around as an argument. Will help with further changes. OK benno@
Revision 1.80 / (download) - annotate - [select for diffs], Thu Oct 1 08:27:33 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.79: +2 -2 lines
Diff to previous 1.79 (colored)
Use correct way to report error when strtonum fails. Use errx(), remove the extra \n and use the correct argument (-s not -t).
Revision 1.79 / (download) - annotate - [select for diffs], Tue Sep 15 12:06:02 2020 UTC (3 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.78: +34 -4 lines
Diff to previous 1.78 (colored)
Experienced a situation where (older code) rpki-client+openrsyncd got "stuck" (for an amusing long time), so that the partnership with cron "~ -ns" could not make progress ingesting new ROAs. Add a "-s timeout" feature (default 1H, 0 to disable) after which rpki-client gives up the ghost, allowing cron to perform a fresh try. Log loudly when this occurs. ok job claudio beck
Revision 1.78 / (download) - annotate - [select for diffs], Sat Sep 12 13:26:06 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.77: +4 -5 lines
Diff to previous 1.77 (colored)
Remove last two arguments from repo_lookup() since they are unused.
Revision 1.77 / (download) - annotate - [select for diffs], Sat Sep 12 10:02:01 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.76: +62 -296 lines
Diff to previous 1.76 (colored)
Move the proc_rsync and with that the rsync processing into rsync.c main.c is too crowded OK deraadt@
Revision 1.76 / (download) - annotate - [select for diffs], Sat Sep 12 09:22:26 2020 UTC (3 years, 8 months ago) by tobhe
Branch: MAIN
Changes since 1.75: +1 -4 lines
Diff to previous 1.75 (colored)
Delete unused strdup(). ok claudio@
Revision 1.75 / (download) - annotate - [select for diffs], Sat Sep 12 09:06:26 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.74: +89 -75 lines
Diff to previous 1.74 (colored)
Change the noop (-n) behaviour. When no network fetch is done there is no reason to run the rsync subprocess. Just immediatly make the repo valid when inserting it to the repo_list. OK benno@ (some time ago)
Revision 1.74 / (download) - annotate - [select for diffs], Fri Jul 31 09:57:38 2020 UTC (3 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.73: +3 -2 lines
Diff to previous 1.73 (colored)
Replace warnc() with warnx() + strerror() since the first is less portable. Should hopefully fix an issue seen by Robert Scheck OK deraadt@
Revision 1.73 / (download) - annotate - [select for diffs], Tue Jul 28 13:52:18 2020 UTC (3 years, 10 months ago) by beck
Branch: MAIN
Changes since 1.72: +126 -41 lines
Diff to previous 1.72 (colored)
-Separate out the adding of trust anchors into a separate function than what is used for adding other certificates. -Don't call X509_verify on trust anchors for no reason. -Add basic checks for TA certificate (subject can parse, cert is not expired) -Add some useful error reporting if the TA cert we fetched is no good. ok claudio@
Revision 1.72 / (download) - annotate - [select for diffs], Tue Jun 30 12:52:44 2020 UTC (3 years, 11 months ago) by job
Branch: MAIN
Changes since 1.71: +11 -16 lines
Diff to previous 1.71 (colored)
Remove -f (force) option. The -f option existed for some initial debugging work. Thanks Weerd for review OK claudio@
Revision 1.71 / (download) - annotate - [select for diffs], Wed Jun 24 14:39:21 2020 UTC (3 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.70: +137 -4 lines
Diff to previous 1.70 (colored)
Stop using rsync --delete when syncing up with the CA repos. Instead use the files referenced in the manifests to build up a list of files to keep and remove anything that is not in the list after doing the full computation. OK job@ benno@
Revision 1.69.4.1 / (download) - annotate - [select for diffs], Mon May 18 18:52:08 2020 UTC (4 years ago) by benno
Branch: OPENBSD_6_7
Changes since 1.69: +22 -21 lines
Diff to previous 1.69 (colored) next main 1.70 (colored)
this is errata 6.7/002_rpki.patch.sig original commit message: date: 2020/05/18 08:46:39; author: claudio; state: Exp; lines: +22 -21; commitid: oBvD0CUI5A2QSt63; Properly wait for exiting rsync processes. Since SIGCHILD is blocked outside of ppoll() it is possible that multiple processes exited before waitpid is called. Because of this all childs need to be picked up and not only one. Fixes a hang seen more often now since there is a lot more repositories to sync. OK deraadt@ who came up with a very similar fix also OK job@ benno@
Revision 1.70 / (download) - annotate - [select for diffs], Mon May 18 08:46:39 2020 UTC (4 years ago) by claudio
Branch: MAIN
Changes since 1.69: +22 -21 lines
Diff to previous 1.69 (colored)
Properly wait for exiting rsync processes. Since SIGCHILD is blocked outside of ppoll() it is possible that multiple processes exited before waitpid is called. Because of this all childs need to be picked up and not only one. Fixes a hang seen more often now since there is a lot more repositories to sync. OK deraadt@ who came up with a very similar fix also OK job@ benno@
Revision 1.69 / (download) - annotate - [select for diffs], Wed May 6 12:15:50 2020 UTC (4 years ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE
Branch point for: OPENBSD_6_7
Changes since 1.68: +2 -2 lines
Diff to previous 1.68 (colored)
rpki-client is only interested in real files. Don't tell rsync to preserve symbolic links. Instead just ignore them. OK benno@ deraadt@
Revision 1.68 / (download) - annotate - [select for diffs], Thu Apr 30 16:08:04 2020 UTC (4 years, 1 month ago) by job
Branch: MAIN
Changes since 1.67: +3 -3 lines
Diff to previous 1.67 (colored)
Reword verbose log messages to clarify what's happening OK deraadt@
Revision 1.67 / (download) - annotate - [select for diffs], Thu Apr 30 13:46:39 2020 UTC (4 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.66: +24 -11 lines
Diff to previous 1.66 (colored)
Place elapsed, user, and system time for processing in the comment headers. ok job benno claudio
Revision 1.66 / (download) - annotate - [select for diffs], Tue Apr 28 13:41:35 2020 UTC (4 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.65: +15 -22 lines
Diff to previous 1.65 (colored)
Print statistics as comments at the top of the files which can take comments. ok claudio job
Revision 1.65 / (download) - annotate - [select for diffs], Thu Apr 23 12:55:44 2020 UTC (4 years, 1 month ago) by benno
Branch: MAIN
Changes since 1.64: +3 -3 lines
Diff to previous 1.64 (colored)
Always initialize cachedir and outputdir. ok job@
Revision 1.64 / (download) - annotate - [select for diffs], Sat Apr 18 00:00:58 2020 UTC (4 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)
improve whitespaces in usage
Revision 1.63 / (download) - annotate - [select for diffs], Thu Apr 16 17:01:01 2020 UTC (4 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.62: +1 -6 lines
Diff to previous 1.62 (colored)
remove the libcrypto cleanup before exit. Most of the functions are officially deprecated and even if not exit(3) will take care of freeing all that memory anyway. Non of the functions do any cleanup beyond simple memory deallocation. OK benno@ deraadt@
Revision 1.62 / (download) - annotate - [select for diffs], Thu Apr 16 11:25:43 2020 UTC (4 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)
Replace deprecated ERR_remove_state(0) with ERR_remove_thread_state(NULL); OK tb@
Revision 1.61 / (download) - annotate - [select for diffs], Wed Apr 1 14:15:49 2020 UTC (4 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.60: +7 -1 lines
Diff to previous 1.60 (colored)
Split the mft file and hash check from the mft parsing. This makes it easier to check all files in a mft before failing and also the check is now done after the embedded cert was checked. This refactor was triggered because of a bug in mft_parse_econtent(). check_validity() altered rc but later failure code assumed that goto out is good enough to return an error (rc == -1) but since rc was 1 success was returned. This bug is now also fixed. Bug report and OK job@
Revision 1.60 / (download) - annotate - [select for diffs], Wed Apr 1 10:54:19 2020 UTC (4 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)
Better warning message. Show the filename of the CRL instead of the constant function name. Also AKI (authority key identifier) should be capitalized and use duplicated instead of dup. There was a case where this error got hit so better make it pretty.
Revision 1.59 / (download) - annotate - [select for diffs], Fri Mar 6 17:42:45 2020 UTC (4 years, 2 months ago) by job
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)
Change default table name for BIRD to something that is more easily identifable as user provided
Revision 1.58 / (download) - annotate - [select for diffs], Tue Feb 11 18:41:39 2020 UTC (4 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)
Simplify and unify wording for the -I sourceaddr option in various places. This is somewhat related to the "-b bind_addr" option some programs have, which should get some cleanup also... input florian claudio jmc
Revision 1.57 / (download) - annotate - [select for diffs], Mon Dec 16 10:40:56 2019 UTC (4 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.56: +5 -8 lines
Diff to previous 1.56 (colored)
When rsync exits non zero because of network issues or because the provided URI is bogous, rpki-client should try to work with the cache it has and not exit with an error. This should help when URI to localhost are published which happened at least 2 times already. Agreed by deraadt@ and benno@
Revision 1.56 / (download) - annotate - [select for diffs], Fri Dec 6 18:50:31 2019 UTC (4 years, 5 months ago) by jmc
Branch: MAIN
Changes since 1.55: +3 -2 lines
Diff to previous 1.55 (colored)
add -d to usage();
Revision 1.55 / (download) - annotate - [select for diffs], Fri Dec 6 09:27:12 2019 UTC (4 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.54: +47 -33 lines
Diff to previous 1.54 (colored)
Don't hardcode the cache directory for rpki-client. If started as root rpki-client will use the defaults for cache and output directory. If not started as root users need to provide both directories as arguments. While there switch from absolute path names to relative ones. For this the parser and rsync process do a chdir(2) to the cache directory on startup. OK benno@
Revision 1.54 / (download) - annotate - [select for diffs], Thu Dec 5 11:21:58 2019 UTC (4 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.53: +1 -3 lines
Diff to previous 1.53 (colored)
No need to unveil(NULL, NULL) right before pledge "stdio rpath". From George Brown. ok benno
Revision 1.53 / (download) - annotate - [select for diffs], Wed Dec 4 12:40:17 2019 UTC (4 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.52: +6 -104 lines
Diff to previous 1.52 (colored)
split output management code into seperate file. iterate over output methods using a table. detect output truncation (for instance filesystem full) and don't overwrite previous output ok claudio
Revision 1.52 / (download) - annotate - [select for diffs], Mon Dec 2 02:11:13 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.51: +8 -8 lines
Diff to previous 1.51 (colored)
output_createtmp() remembers the true name, so output_finish() does not need to replay it.
Revision 1.51 / (download) - annotate - [select for diffs], Mon Dec 2 02:06:51 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.50: +3 -3 lines
Diff to previous 1.50 (colored)
linewrap usage
Revision 1.50 / (download) - annotate - [select for diffs], Mon Dec 2 02:05:06 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)
missing | leads to incompete results
Revision 1.49 / (download) - annotate - [select for diffs], Sat Nov 30 22:55:22 2019 UTC (4 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)
- no -r option - man page is bgpd, not openbgpd ok deraadt
Revision 1.48 / (download) - annotate - [select for diffs], Sat Nov 30 02:31:12 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.47: +44 -43 lines
Diff to previous 1.47 (colored)
Tweak rpki-client to create all 4 output file formats from a single compute, based upon flags. OpenBGPD compatible format by default if no options, to integrate with bgpd.conf and bgpctl reload. Adapt mtree and stuff. This will receive further refactoring... ok benno job
Revision 1.47 / (download) - annotate - [select for diffs], Fri Nov 29 23:31:29 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.46: +8 -31 lines
Diff to previous 1.46 (colored)
Use X509_STORE_CTX_set_flags() instead of doing the same thing by hand in a much more complicated way. OK benno@
Revision 1.46 / (download) - annotate - [select for diffs], Fri Nov 29 19:18:36 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.45: +4 -7 lines
Diff to previous 1.45 (colored)
Restore the previous behaiviour of not checking the crl for the mft. Added back by accident when readding CRL checks. ok claudio@
Revision 1.45 / (download) - annotate - [select for diffs], Fri Nov 29 17:54:19 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)
... and fix the compile.
Revision 1.44 / (download) - annotate - [select for diffs], Fri Nov 29 17:52:59 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.43: +7 -4 lines
Diff to previous 1.43 (colored)
bring back CRL checks, noted by claudio@
Revision 1.43 / (download) - annotate - [select for diffs], Fri Nov 29 16:25:59 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.42: +3 -3 lines
Diff to previous 1.42 (colored)
whitespaces
Revision 1.42 / (download) - annotate - [select for diffs], Fri Nov 29 05:23:55 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.41: +4 -4 lines
Diff to previous 1.41 (colored)
s/EXIT_SUCCESS/0/ ok "yeeees" claudio@
Revision 1.41 / (download) - annotate - [select for diffs], Fri Nov 29 04:58:26 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.40: +77 -77 lines
Diff to previous 1.40 (colored)
s/EXIT_FAILURE/1/ ok claudio@
Revision 1.40 / (download) - annotate - [select for diffs], Fri Nov 29 04:42:44 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.39: +1 -16 lines
Diff to previous 1.39 (colored)
normalize_name() is no longer needed
Revision 1.39 / (download) - annotate - [select for diffs], Fri Nov 29 04:40:04 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.38: +9 -57 lines
Diff to previous 1.38 (colored)
Use the AKI embedded in the CRL to store the crls. This way the AKI from the cert can be used to load the correct CRL. This simplifies the code even further. OK benno@, beck@ agrees that this is the right way to do it
Revision 1.38 / (download) - annotate - [select for diffs], Fri Nov 29 04:04:08 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.37: +24 -7 lines
Diff to previous 1.37 (colored)
If run as root, priv-drop to _rpki-client. If no output file is specified, output to the bgpd/bgpd.conf-compatible /var/db/rpki-client/roa file. ok claudio and benno
Revision 1.37 / (download) - annotate - [select for diffs], Fri Nov 29 03:36:44 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.36: +3 -2 lines
Diff to previous 1.36 (colored)
fchmod 0644 the output roa file, since it is public information and this will work better with upcoming privdrop rpki-client and bgpd consumption ok benno
Revision 1.36 / (download) - annotate - [select for diffs], Fri Nov 29 02:52:22 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.35: +69 -69 lines
Diff to previous 1.35 (colored)
Shuffle the desk chairs on this ocean liner
Revision 1.35 / (download) - annotate - [select for diffs], Thu Nov 28 21:12:00 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.34: +5 -5 lines
Diff to previous 1.34 (colored)
enable more warning flags and fix a few issues noticed. ok claudio@ deraadt@
Revision 1.34 / (download) - annotate - [select for diffs], Thu Nov 28 21:08:25 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.33: +5 -4 lines
Diff to previous 1.33 (colored)
improve snprintf overflow test; noted by benno
Revision 1.33 / (download) - annotate - [select for diffs], Thu Nov 28 20:36:17 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.32: +84 -114 lines
Diff to previous 1.32 (colored)
Convert the auths array into an RB tree indexed by SKI. For fast lookups the parent auth struct is stored as a pointer so walking up the certificate chain remains simple. Doing this replaces a few slow lookups and speeds up rpki-client by a factor of 2. OK benno@
Revision 1.32 / (download) - annotate - [select for diffs], Thu Nov 28 20:23:09 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.31: +107 -9 lines
Diff to previous 1.31 (colored)
Output to a temporary file, which gets renamed on success. This will work much better with bgpd.conf include automation. ok claudio benno
Revision 1.31 / (download) - annotate - [select for diffs], Thu Nov 28 20:10:45 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.30: +12 -12 lines
Diff to previous 1.30 (colored)
convert the return code to be 0 for success and 1 for failure. ok claudio@ deraadt@
Revision 1.30 / (download) - annotate - [select for diffs], Thu Nov 28 19:32:30 2019 UTC (4 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.29: +3 -1 lines
Diff to previous 1.29 (colored)
intentionally fclose output file, rather than relying on exit() to do it. benno and stsp stared...
Revision 1.29 / (download) - annotate - [select for diffs], Thu Nov 28 19:25:52 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.28: +5 -4 lines
Diff to previous 1.28 (colored)
add missing prototype
Revision 1.28 / (download) - annotate - [select for diffs], Thu Nov 28 18:46:32 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.27: +21 -34 lines
Diff to previous 1.27 (colored)
Remove -r flag and associated plumbing. We are always checking CRLs from now on. ok claudio@
Revision 1.27 / (download) - annotate - [select for diffs], Thu Nov 28 18:31:50 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.26: +78 -23 lines
Diff to previous 1.26 (colored)
improve on previous to only use the required CRLs. ok claudio@
Revision 1.26 / (download) - annotate - [select for diffs], Thu Nov 28 03:22:59 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.25: +107 -33 lines
Diff to previous 1.25 (colored)
To verify a manifest, a roa, or a certificate, we check its signature against the CA one layer above it. This check just needs to use the certificate revocation list published by that CA. Instead of loading all CRLs we find into the trust store, we create a STACK_OF(X509_CRL), push the onto it and use it with X509_STORE_CTX_set0_crls(ctx, crls); The x509_get_crl() function to retrieve a crl path from an X509 object is written by claudio@. ok claudio@
Revision 1.25 / (download) - annotate - [select for diffs], Wed Nov 27 17:08:12 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.24: +59 -13 lines
Diff to previous 1.24 (colored)
Only store ta certs in the trust store and build chains of the intermediate certificates for use in X509_STORE_CTX_init(). To do that save the X509 cert in struct cert. claudio sees > 2x speed increase. ok claudio@ and feedback from jsing@ and beck@.
Revision 1.24 / (download) - annotate - [select for diffs], Wed Nov 27 03:39:16 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.23: +5 -5 lines
Diff to previous 1.23 (colored)
rename a variable to show it's a CRL. ok claudio@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Nov 18 08:40:35 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.22: +13 -4 lines
Diff to previous 1.22 (colored)
Move the define of TALSZ_MAX to top and add a description for tal_load_default(). from kristaps@
Revision 1.22 / (download) - annotate - [select for diffs], Mon Nov 4 09:35:43 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.21: +3 -52 lines
Diff to previous 1.21 (colored)
Refactor tal code a bit. Move the file reader back into tal.c so that the regress test is able to use it. OK deraadt@
Revision 1.21 / (download) - annotate - [select for diffs], Thu Oct 31 08:36:43 2019 UTC (4 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.20: +72 -33 lines
Diff to previous 1.20 (colored)
Handle the TAL files in the master process and pass them as buffer to the parser process. This way the parser never needs to read outside of the cache directory which makes the unveil simpler. Additionally rsync_uri_parse no longer needs to know about .tal files so there is now no chance to sneak in a .tal file later on. OK deraadt@
Revision 1.20 / (download) - annotate - [select for diffs], Wed Oct 16 21:43:41 2019 UTC (4 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)
tweak previous; help/ok claudio
Revision 1.19 / (download) - annotate - [select for diffs], Wed Oct 16 17:43:29 2019 UTC (4 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.18: +37 -9 lines
Diff to previous 1.18 (colored)
Add an output format for bird and one doing CSV. Also update the manpage to include all the changes.
Revision 1.18 / (download) - annotate - [select for diffs], Tue Oct 8 10:04:36 2019 UTC (4 years, 7 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.17: +56 -27 lines
Diff to previous 1.17 (colored)
Rewrite the output handling of rpki-client and add an option to dump the data in JSON format. To make the JSON output the same as the output of the RIPE rpki-validator the basename of the TAL had to be added and passed around in rpki-client. Additinally the VRPs are now stored in an RB tree in the main process instead of keeping them per ROA object. This changes the sort order to be in network order and no longer just lexographical. Agreed by job@ deraadt@
Revision 1.17 / (download) - annotate - [select for diffs], Thu Sep 26 17:07:30 2019 UTC (4 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.16: +4 -2 lines
Diff to previous 1.16 (colored)
For whatever reason it is fairly common that a ROA object references a CRL that is not in the store. Put this paricular error under verbose logging. Agreed by deraadt@, job@
Revision 1.16 / (download) - annotate - [select for diffs], Tue Aug 20 16:01:52 2019 UTC (4 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.15: +60 -15 lines
Diff to previous 1.15 (colored)
Change the arguments to rpki-client a bit. Instead of listing all TAL files as arguments rpki-client will now load the TAL installed in /etc/rpki by default. For debug reasons an option -t tal is added to pass in TAL files by hand. The argument is now instead the filename of the output file. Now `rpki-client roa.conf` will do what you need which is a lot nicer. Agreed by deraadt@ job@ to be a step in the right direction.
Revision 1.15 / (download) - annotate - [select for diffs], Tue Aug 13 13:27:26 2019 UTC (4 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
Show the most common warnings only if verbose is set. Most of these warnings were shown because of an inconsistent rpki database and is no real problem. OK florian@
Revision 1.14 / (download) - annotate - [select for diffs], Mon Aug 12 18:03:17 2019 UTC (4 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.13: +6 -13 lines
Diff to previous 1.13 (colored)
Stop pulling libssl into rpki-client. None of this code actually does TLS, hence libssl is not needed. Instead, pull in the correct headers and call the appropriate libcrypto initialisation functions (even this is only necessary to support OpenSSL prior to 1.1). While here also remove libssl/libcrypto initialisation/uninitialisation from main() - it should only be necessary in proc_parser(). ok deraadt@ job@
Revision 1.13 / (download) - annotate - [select for diffs], Fri Aug 9 09:50:44 2019 UTC (4 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.12: +16 -9 lines
Diff to previous 1.12 (colored)
Add -b bind_addr as argument which is passed to rsync as --address to use as source address for connecting to the rsync daemons. OK sthen@ benno@
Revision 1.12 / (download) - annotate - [select for diffs], Fri Aug 9 05:29:51 2019 UTC (4 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.11: +20 -19 lines
Diff to previous 1.11 (colored)
If the rsync of a repository fails print out the URI of the failed process. Better error handling is needed but at least now it is clear which repository fails. OK deraadt@
Revision 1.11 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:50 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jun 19 16:39:02 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.9: +1 -15 lines
Diff to previous 1.9 (colored)
The main process does not need to toggle the sockets from blocking to nonblocking just for poll(). OK deraadt@
Revision 1.9 / (download) - annotate - [select for diffs], Wed Jun 19 16:36:36 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)
Close proc fd used to talk to proc_parser when spaning the rsync process else the fd leaks into the rsync process. OK deraadt@
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jun 19 16:30:37 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.7: +1 -1 lines
Diff to previous 1.7 (colored)
use $OpenBSD$ headers
Revision 1.7 / (download) - annotate - [select for diffs], Wed Jun 19 16:29:19 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.6: +10 -10 lines
Diff to previous 1.6 (colored)
repair a cluster of "< 0" error checks for libc / syscalls, which should be "== -1"
Revision 1.6 / (download) - annotate - [select for diffs], Wed Jun 19 09:41:25 2019 UTC (4 years, 11 months ago) by job
Branch: MAIN
Changes since 1.5: +7 -7 lines
Diff to previous 1.5 (colored)
Improve terminology used
Revision 1.5 / (download) - annotate - [select for diffs], Wed Jun 19 04:21:43 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.4: +103 -115 lines
Diff to previous 1.4 (colored)
indentation adjustments, in particular near warn statements ok claudio
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jun 19 02:02:28 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)
swap comparisons
Revision 1.3 / (download) - annotate - [select for diffs], Tue Jun 18 14:55:14 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +5 -5 lines
Diff to previous 1.2 (colored)
do not need to allocate memory for execvp arguments
Revision 1.2 / (download) - annotate - [select for diffs], Mon Jun 17 15:04:59 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +1 -2 lines
Diff to previous 1.1 (colored)
Don't do -portable in base. It is better done outside the tree. Imagine if we did it throughout the tree, how many copies of strlcpy would we have, and how much time would all the configure shell scripts and includes take? It would be ludicrous.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon Jun 17 14:31:31 2019 UTC (4 years, 11 months ago) by job
Branch: job
CVS Tags: job_20190617
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Import Kristaps Dzonsons' RPKI validator into the tree rpki-client(1) is an implementation of the Resource Public Key Infrastructure (RPKI), specified by RFC 6480. The client is responsible for downloading, validating and converting Route Origin Authorisations (ROAs) into Validated ROA Payloads (VRPs). The client's output (VRPs) can be used by bgpd(8) to perform BGP Origin Validation (RFC 6811). The current rpki-client(1) version depends on the CMS functions in OpenSSL, this of course needs to be addressed urgently. Thanks to NetNod, IIS.SE, SUNET & 6connect for supporting this effort! OK deraadt@
Revision 1.1 / (download) - annotate - [select for diffs], Mon Jun 17 14:31:31 2019 UTC (4 years, 11 months ago) by job
Branch: MAIN
Initial revision