mirror/nlnetlabs-routinator
1
0
Fork 0
mirror of https://github.com/NLnetLabs/routinator.git synced 2024-05-19 06:50:04 +00:00
Code Issues Releases Activity

Merge branch 'master' into new-structure

Browse Source
This commit is contained in:
Martin Hoffmann
2018-12-06 15:58:59 +01:00
parent d796625c91 7a66687eae
commit f139ab1625
4 changed files with 24 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Cargo.lock generated
View File

@ -636,7 +636,7 @@ dependencies = [
[[package]]
name = "rpki"
version = "0.2.0"
source = "git+https://github.com/NLnetLabs/rpki-rs.git#5b7a3f582381cf0574551f357d6c807ad9469c46"
source = "git+https://github.com/NLnetLabs/rpki-rs.git#25e20a14e37d431f2a5f9bf5d8a9436a063fe442"
dependencies = [
"base64 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)",
"bcder 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",

7
Changelog.md
View File

@ -24,12 +24,19 @@ Bug Fixes
* The default output format was accidentally changed to `none`. It is
`csv` again.
Performance Improvements
* Caching of CRL serial numbers for CAs with large manifests leads to
about half the validation time for the current repository. [(#34)]
Dependencies
[(#21)]: https://github.com/NLnetLabs/routinator/pull/21
[(#23)]: https://github.com/NLnetLabs/routinator/pull/23
[(#27)]: https://github.com/NLnetLabs/routinator/pull/27
[(#32)]: https://github.com/NLnetLabs/routinator/pull/32
[(#34)]: https://github.com/NLnetLabs/routinator/pull/34
## 0.1.2 And I Cry If I Want To

3
doc/routinator.1
View File

@ -196,9 +196,6 @@ to stderr.
.BR \-h , " \-\-help"
Print some help information.
.TP
.B \-\-strict
Parse RPKI data in strict mode.
.TP
.BR \-V , " \-\-version
Print version information.

16
src/repository.rs
View File

@ -28,6 +28,15 @@ use super::config::Config;
use super::origins::RouteOrigins;
//------------ Configuration -------------------------------------------------
/// The minimum number of manifest entries that triggers CRL serial caching.
///
/// The value has been determined exprimentally with the RPKI repository at
/// a certain state so may or may not be a good one, really.
const CRL_CACHE_LIMIT: usize = 50;
//------------ Repository ----------------------------------------------------
/// A reference to the local copy of the RPKI repository.
@ -461,6 +470,13 @@ impl Repository {
continue
}
};
if manifest.len() > CRL_CACHE_LIMIT {
debug!(
"Manifest with {} entries: enabling serial caching",
manifest.len()
);
store.enable_serial_caching();
}
if let Err(_) = self.check_crl(cert, issuer, store) {
info!("{}: certificate has been revoked", uri);
continue