This commit restructures the TAL configuration in response to the dropped
requirement to opt into the ARIN TAL.
Routinator will now use the bundled RIR TALs directly unless told otherwise
by the new --no-rir-tals command line and config option. The additional
bundled TALs can be added via the new --tal command line and config option.
Additionally, the TAL directory can still be used via the --extra-tals-dir
option. The tal-dir option has been removed but will still be accepted – and
ignored – in the config file only.
The init command has been removed.
Co-authored-by: Alex Band <alex@nlnetlabs.nl>
Co-authored-by: ximon18 <3304436+ximon18@users.noreply.github.com>
Co-authored-by: Luuk Hendriks <mail@luukhendriks.eu>
This commit fixes two issues with RTR client metrics: For one, we
accidentally used the local address to identify the client instead of the
peer address. And second, the collapsing of multiple client metrics objects
was broken.
This commit adds two new command line and config file options, limit-v4-len
and limit-v6-len, that allow limiting the prefix length of IPv4 or IPv6
prefixes, respectively, for which VRPs are to be included in the output data
set. By default, all valid VRPs are included.
This commit adds three new values to the RTR client metrics:
o last_reset contains the time of the last cache reset by the client,
o reset_queries contains the number of reset queries by the client, and
o serial_queries contains the number of serial queries by the client.
These values are available both in the status and metrics endpoints.
Co-authored-by: Alex Band <alex@nlnetlabs.nl>
Co-authored-by: Luuk Hendriks <mail@luukhendriks.eu>
This commit enables TCP keepalives for RRDP connections. The duration can be
set via the new rrdp-tcp-keepalive command line and config file option.
Setting this value to 0 disables
This commit fixes an issue in the RRDP collector which was processing all
kinds of HTTP responses as valid. It now rejects everything that isn’t a
200 OK.
This commit changes the behavior of Routinator when files are encountered in
the store that cannot be parsed (as opposed to reading failing for other
reasons). Now Routinator will just assume that the publication point stored
in that file doesn’t exist in the store and continue.
This commit introduces a new command line and config option "rrdp-fallback"
that decides when to fall back to rsync for a failed RRDP update. The
available policies are "never" for never, "stale" for fallback after a
certain time of falling the RRDP update, and "new" for fallback when RRDP has
never succeeded. The default is "stale" which reflects the current behavior.
Co-authored-by: Alex Band <alex@nlnetlabs.nl>
Co-authored-by: Luuk Hendriks <mail@luukhendriks.eu>
This commit adjust the rsync-timeout command line and config option to
disable the rsync timeout completely if set to 0. This way it behaves the
same way as rrdp-timeout.
This commit modifies the utils::fatal module to replace the standard ‘No
space left on device’ error message for ENOSPC errors on Unix to ‘No space
or inodes left on device‘.
This commit changes the default configuration option for unsafe-vrps to accept
and removes all logging or mentioning of unsafe VRPs in this case. It also
adds a pointer to the manual page for unsafe VRPs if any are logged.
This commit fixes an oversight in error handling in the RRDP collector that
cause Routinator to exit if it encountered malformed Base 64 in RRDP
snapshot and delta files.
It does this by re-appropriating the existing exception in MaxSizeRead to
not exit when data was too large and extending it to all other read errors
happening. This is fine because the encoded data is currently collected into
a vec before any of this happens, so reading cannot fail other than from
malformed Base 64 data.
This PR can be tested by using the TAL currently available at
https://routinator.do.nlnetlabs.nl/test/rrdp/ta.tal.
This is the same PR as #781 accept applied to the main branch. It fixes
CVE-2022-3029.
This commit replaces the current Packaging pkg.yml and Packaging Docker pkg-docker.yml workflows with a much simpler Packaging pkg.yml workflow that outsources the behaviour to a new equivalent reusable workflow defined in the NLnet Labs organisation wide https://github.com/NLnetLabs/.github repository.
This commit also adds Docker ARMv6, ARMv7 and ARM64 multi-arch support, ARMv6 DEB support, fixes a couple of RPM issues (postuninst script fails to run, user already exists on re-install), and resolves an unattended-upgrade TAR error.
Resolves #763, #773, #774, and #783.
This commit introduces a new utility trait WriteOrPanic which provides the
method write_fmt that is used by write! macro and friends. But because it
doesn’t return a result, it allows using the macro without unwrap or
question mark.
The trait is implemented for String and Vec<u8> and used where needed.
Much like the trait’s name suggests, these implementations panic if
formatting fails. That’s fine, as we only use with data that can be
formatted and with types where writing itself can never fail (which I think
is the actual reason for returning a result). Also, we’ve been unwrapping
for quite some time so, clearly, this is working.
This commit adds a new member "tal" to the source information for data
derived from RPKI objects in the extended JSON output format.
While at it, it also improves the formatting of user-provided strings in
this format by properly escaping them.
