Release 0.13.0. (#898)

New

* Added support for ASPA. Processing needs to be enabled via the new option
  `enable-aspa` which is only available if the `aspa` feature is
  explicitly selected during compilation. This is due to the specification
  still changing. The implementation currently conforms with
  [draft-ietf-sidrops-aspa-profile-15].  ([#847], [#873], [#874], [#878])
* Added support for version 2 of the RTR protocol. This primarly means
  support for the ASPA payload type. ([#847])
* Sending SIGUSR2 to Routinator will re-open a log file if logging to a
  file is enabled. ([#859])
* The HTTP server provides a new endpoint `/json-delta/notify` that can be
  used to wait for updated data similar to the RTR Notify PDU. ([#863])
* Added support for filtering and adding router keys via local exception
  files. ([#865])
* The `vrps` command and the HTTP payload output endpoints now allow
  excluding specific payload types for output. ([#866])
* Added a new member `payload` to the output of the `/api/v1/status`
  endpoint that gives an overall summary of the produced payload. ([#867])
* Added new members `generated` and `generatedTime` to the JSON object
  produced by the `/json-delta` endpoint. ([#868])

Breaking Changes

* A new field `aspa` was added to the jsonext format. See the manual page
  for more information. ([#847])
* A number of ASPA-related fields have been added to all metrics and
  status formats. ([#847])
* Renamed functions and attributes that refer to standalone end entity
  certificates to refer to router certificates so they don’t get confused
  with the end entity certificates included with signed objects. ([#854])
* Renamed the JSON member in the HTTP status API from `validEECerts`
  to `validRouterCerts`. The old name is still available but may be
  removed in the future. ([#854])
* The regular `json` output format now includes router key and ASPA
  output. Since both are disabled by default, the format will still be
  compatible by default. ([#866])
* The minimal required Rust version has been increased to 1.70.
  ([#847], [#853], [#869], [#879])

Bug Fixes

* Fixed a bug in the RTR server where it would include router key PDUs
  even if the negotiated protocol version was 0. (via [rpki-rs #250])
* Restored the ability to parse ASNs in JSON input to the `validity` command
  as string or number. ([#861])
* Update bcder to at least 0.7.3 to fix various decoding issues that could
  lead to a panic when processing invalid RPKI objects.
* Check the request URI when generating a path for storing a copy of a RRDP
  response with the `rrdp-keep-responses` option to avoid path traversal.
  ([#894]. Found by Haya Shulman, Donika Mirdita and Niklas Vogel.
  Assigned CVE-2023-39916.)

Other Changes

* The log message for missing manifest now include the URI of the CA
  certificate for which the manifest is missing. ([#864])
* Binary packages are now also built for Debian _bookworm._ ([#881])

Cargo.lock

@@ -1136,10 +1136,9 @@ dependencies = [
 
 [[package]]
 name = "routinator"
-version = "0.13.0-dev"
+version = "0.13.0"
 dependencies = [
  "arbitrary",
- "bcder",
  "bytes",
  "chrono",
  "clap",
@@ -1183,9 +1182,9 @@ dependencies = [
 
 [[package]]
 name = "rpki"
-version = "0.17.1"
+version = "0.17.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a2e2cf92592175551ef134dba1b30f8d1526479e680399d3a1eef27136023373"
+checksum = "98a05b958a41ba8c923cf14bd2ad5f1aca3f3509c8ffd147c36e094346a0290b"
 dependencies = [
  "arbitrary",
  "base64",

Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 # Note: some of these values are also used when building Debian packages below.
 name = "routinator"
-version = "0.13.0-dev"
+version = "0.13.0"
 edition = "2021"
 rust-version = "1.70"
 authors = ["The NLnet Labs RPKI Team <rpki@nlnetlabs.nl>"]
@@ -14,9 +14,6 @@ readme = "README.md"
 exclude = [ ".github" ]
 
 [dependencies]
-# XXX Force bcder to be at least 0.7.3.
-bcder           = "0.7.3"
-
 arbitrary       = { version = "1", optional = true, features = ["derive"] }
 bytes           = "1.0.0"
 chrono          = "0.4.23"
@@ -33,7 +30,7 @@ pin-project-lite = "0.2.4"
 rand            = "0.8.1"
 reqwest         = { version = "0.11.0", default-features = false, features = ["blocking", "rustls-tls" ] }
 ring            = "0.16.12"
-rpki            = { version = "0.17.1", features = [ "repository", "rrdp", "rtr", "serde", "slurm" ] }
+rpki            = { version = "0.17.2", features = [ "repository", "rrdp", "rtr", "serde", "slurm" ] }
 rustls-pemfile  = "1"
 serde           = { version = "1.0.95", features = [ "derive" ] }
 serde_json      = "1.0.57"

Changelog.md

@@ -1,10 +1,10 @@
 # Change Log
 
-## Unreleased next version
+## 0.13.0 ‘Should Have Started This in a Screen’
 
-Bug Fixes
+Released 2023-09-21
 
-Other Changes
+There have been no changes since 0.13.0-rc2.
 
 
 ## 0.13.0-rc2

doc/routinator.1

@@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
 .in \\n[rst2man-indent\\n[rst2man-indent-level]]u
 ..
-.TH "ROUTINATOR" "1" "Sep 13, 2023" "0.13.0-dev" "Routinator"
+.TH "ROUTINATOR" "1" "Sep 21, 2023" "0.13.0" "Routinator"
 .SH NAME
 routinator \- RPKI relying party software
 .SH SYNOPSIS