![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / rpki-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.21 / (download) - annotate - [select for diffs], Fri Apr 12 11:50:29 2024 UTC (8 weeks, 1 day ago) by job
Branch: MAIN
CVS Tags: HEAD
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
Fix warning about delta element issues in the Update Notification File XML OK tb@
Revision 1.20 / (download) - annotate - [select for diffs], Fri Mar 22 03:38:12 2024 UTC (2 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)
Replace protocol literal strings and strlen() calls with defined constants OK tb@ claudio@
Revision 1.19 / (download) - annotate - [select for diffs], Wed Dec 27 07:17:39 2023 UTC (5 months, 1 week ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)
Mark rrdp debug logging functions as used in regress ok claudio
Revision 1.18 / (download) - annotate - [select for diffs], Fri Jun 23 11:36:24 2023 UTC (11 months, 2 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.17: +161 -21 lines
Diff to previous 1.17 (colored)
Improve detection of RRDP session desynchronization According to RFC 8182, a given session_id and serial number represent an immutable record of the state of the Repository Server at a certain point in time. Add a check to the RRDP notification file processing to compare whether the delta hashes associated to previously seen serials are different in newly fetched notification files. Fall back to a snapshot if a difference is detected, because such a mutation is a strong desynchronization indicator. Idea from Ties de Kock (RIPE NCC). Based on a diff by job@ With and OK job@ tb@
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jan 4 14:22:43 2023 UTC (17 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.16: +3 -2 lines
Diff to previous 1.16 (colored)
Validate the session_id to be a real UUID. RFC 8182 requires the session_id to be a version 4 random UUID (using variant 1). Now checking the version and variant is currently disabled because there is at least one CA with a session_id that is all random and therefor the version check triggers there. Joint work with job@. OK job@, tb@
Revision 1.16 / (download) - annotate - [select for diffs], Thu Jun 16 16:09:56 2022 UTC (23 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.15: +8 -3 lines
Diff to previous 1.15 (colored)
RRDP serial numbers should only increase. Warn if the serial number decreases between syncs. On top of this only allow a small window of up to 2 deltas from the current one to consider our cache to be in sync. The number 2 is probably to conservative and should be adjusted once some data points got collected. It seems to happen that CAs restore RRDP snapshots instead of building a fresh snapshot with a new session-id. Which results in rpki-client to ignore the repo until the serial number is bigger again. OK tb@
Revision 1.15 / (download) - annotate - [select for diffs], Sun May 15 15:00:53 2022 UTC (2 years ago) by deraadt
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
whitespace spotted during read-thru
Revision 1.14 / (download) - annotate - [select for diffs], Mon Feb 14 14:46:16 2022 UTC (2 years, 3 months ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)
Name the maximum number of deltas permitted in a RRDP Notification file OK claudio@ tb@
Revision 1.13 / (download) - annotate - [select for diffs], Thu Feb 3 18:19:32 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.12: +3 -2 lines
Diff to previous 1.12 (colored)
Enforce the RRDP XMLNS to "http://www.ripe.net/rpki/rrdp" Missing check reported by Ties de Kock OK tb@ benno@
Revision 1.12 / (download) - annotate - [select for diffs], Wed Nov 24 15:24:16 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.11: +14 -1 lines
Diff to previous 1.11 (colored)
Move some functions from rrdp.c to rrdp_util.c and hex_decode to encoding.c. This will make it easier to write a RRDP regress test. OK job@ deraadt@
Revision 1.4.2.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:41:19 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_6_9
Changes since 1.4: +30 -9 lines
Diff to previous 1.4 (colored) next main 1.5 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/6.9/common/021_rpki.patch.sig
Revision 1.7.4.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:40:32 2021 UTC (2 years, 6 months ago) by benno
Branch: OPENBSD_7_0
Changes since 1.7: +22 -6 lines
Diff to previous 1.7 (colored) next main 1.8 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/7.0/common/004_rpki.patch.sig
Revision 1.11 / (download) - annotate - [select for diffs], Tue Nov 9 11:01:04 2021 UTC (2 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.10: +13 -1 lines
Diff to previous 1.10 (colored)
Issue a parse error for XML files that include a DOCTYPE section. DTD handling is known for various security problems and so it is best to not even enter that mine field. Also the RFC defines the RRDP XML schema using RELAX NG instead of DTD. With and OK benno@ job@ tb@ beck@ deraadt@
Revision 1.10 / (download) - annotate - [select for diffs], Fri Nov 5 14:30:53 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.9: +4 -4 lines
Diff to previous 1.9 (colored)
Show the attribute name like in the other non conforming attribute errors for snapshost and delta files. OK deraadt@
Revision 1.9 / (download) - annotate - [select for diffs], Fri Oct 29 09:27:36 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.8: +8 -4 lines
Diff to previous 1.8 (colored)
Ensure that RRDP snapshot and delta files are fetched from the same host as the notification file. OK tb@ job@
Revision 1.8 / (download) - annotate - [select for diffs], Sun Oct 24 17:16:09 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.7: +1 -0 lines
Diff to previous 1.7 (colored)
Add $OpenBSD$ header and add a licence to rrdp.h which was lacking it.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Sep 14 11:38:44 2021 UTC (2 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE
Branch point for: OPENBSD_7_0
Changes since 1.6: +4 -0 lines
Diff to previous 1.6 (colored)
Do not download more than 300 deltas to sync a RRDP repo. Somewhere around 300 the time it takes to fetch and process all the deltas is higher than fetching just a snapshot. OK job@ sthen@
Revision 1.6 / (download) - annotate - [select for diffs], Thu Aug 12 15:23:16 2021 UTC (2 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.5: +3 -2 lines
Diff to previous 1.5 (colored)
The RRDP specification is very vage what to do if a notification file has a serial lower than what the client synced to last time. This could happen if the CDN has a bad server that distributes old data. Instead of falling back to a snapshot just ignore this case and consider the repo synced. Hopefully the next run will bring everything back to normal. OK job@ benno@
Revision 1.5 / (download) - annotate - [select for diffs], Tue May 11 11:48:02 2021 UTC (3 years ago) by claudio
Branch: MAIN
Changes since 1.4: +1 -1 lines
Diff to previous 1.4 (colored)
Make sure some variables are initialised since modern gcc warns about them. Handle rrdppid like we do for all other child processes. The two warnings in rrdp are probably false positives. OK tb@
Revision 1.4 / (download) - annotate - [select for diffs], Thu Apr 15 08:58:46 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE
Branch point for: OPENBSD_6_9
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
Do not only check the serial number but also the session_id before adding a delta to the queue. If the session_id differs there is no need for deltas since a snapshot must be fetched. OK job@ benno@ deraadt@
Revision 1.3 / (download) - annotate - [select for diffs], Fri Apr 2 08:07:47 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.2: +3 -1 lines
Diff to previous 1.2 (colored)
Don't leak the uri of a delta with duplicate serial. ok claudio deraadt
Revision 1.2 / (download) - annotate - [select for diffs], Fri Apr 2 02:20:17 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.1: +6 -6 lines
Diff to previous 1.1 (colored)
Indent struct members like everywhere else.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Apr 1 16:04:48 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Initial commit of RRDP (The RPKI Repository Delta Protocol - RFC8182) support in rpki-client. For now it is off by default. All XML processing is done in its own process with minimal pledge rights. It uses the already present https process to fetch the xml files and uses the master porcess to handle the file IO into the repositories. RRDP data is stored in the cache under ./rrdp/ and the first directory is the SHA256 hash of the notify URI. Fetching snapshots and deltas works to bring the cache up to date. If something goes wrong rpki-client will fall back to rsync. RRDP was implemented by Nils Fisher and integrated into rpki-client by myself. "Time to get it in" deraadt@