This PR switches to using version 0.4.0 of the Routinator UI. It also changes
the way we import the UI into Routinator by simply including the built assets
in the contrib/ui directory and updating them if necessary.
The PR also imports the mechanism to collect assets and provide them to the
HTTP server from the now deprecated routinator-ui crate.
This PR enforces that all resources fetched for an RRDP server have the same
origin as the URI provided in the CA certificate. It checks this for all
URIs provided in the server’s notification file and restricts redirects to
URIs with the same origin.
This PR ensures that the hash of an RRDP delta with a given serial doesn’t
change between updates. It stores the list of delta serials and hashes with
the RRDP repository state in its archive and checks that hashes for serial
numbers present both in the repository state and a new notification are
equal. Otherwise falls back to a snapshot update.
This PR implements the draft-ietf-sidrops-rrdp-desynchronization-00. The
draft suggests to limit the number of deltas stored. We are not yet doing
that. Instead this should be part of limiting the number of deltas taken out
of the notification file when parsing in a follow up PR in rpki-rs.
This PR changes the format of the repository state and thus increases its
version to 1. Strictly speaking, we never released version 0, but it’s been
in main from quite some time, so an increase feels prudent.
This PR adds a check for manifest number regressions when validating a
collected publication point. It stores the manifest number for each manifest
and checks against it when collecting a new manifest. If the latter’s number
has not increased, it falls back to the stored manifest. This behaviour is
mandated by RFC 9286.
The PR changes the data stored for manifests and thus updates the
StoredManifest version to 1. In order to avoid an endless stream of error
messages after an upgrade, it downgrades the logged message when
encountering an malformed StoredManifest to DEBUG.
This PR changes the code that calculates the validity of the full validation
chain to also consider the validity of the EE certificates of the
publication points along the chain. It also adds a new field in the jsonext
output format that provides the time when any of the publication points
along the validation chain become stale.
This PR adds the current RRDP serial number and session ID to the RRDP
server metrics when a Not Modified response is received from the server.
This makes Prometheus have a constant value for this metrics.
This PR fixes an issue with calculating the refresh time under certain
conditions by updating the current internal payload snapshot even if the
delta to the previous snapshot is empty.
Because this snapshot also contains the expiry time of certificate first to
expire and this time is used as the refresh time if it is closer than the
configure refresh time (so the date derived from the expired certificate is
removed as soon as possible), not updating the snapshot can lead to a
refresh time in the past (effectively: an immediate refresh) if there is a
second, longer living object for an expiring object.
This PR changes the RTR listener to not fail the accept loop when setting up
a stream after accepting it fails. Instead it will quietly drop the stream
in this case and keep going.
As part of this, the PR also drops tokio-stream as a dependency and
implements its own listener stream.
This PR fixes CVE-2024-1622 reported by Yohei Nishimura, Atsushi Enomoto,
Ruka Miyachi; Internet Multifeed Co., Japan.
is PR excludes the doc/manual directory and some files in the root
directory from the files included with the package uploaded to crates.io
when publishing.
This PR fixes a number of error that can happen during dump when the cache is
missing certain directories.
This is a port of #916, originally added to the 0.13 series.
This PR changes the error message printed when decoding any of the RPKI
objects fails from whatever wondrous thing the decoder says to a generic
message stating that decoding an object of a certain expected type failed.
This PR is a port of #917, originally added to the 0.13 series.
This PR changes the rsync collector to directly log all stderr output from the rsync command rather than collecting it and then blasting it out all at once which can cause issues with the syslog daemon on some systems.
