Pkgsrc changes:
* Re-compute cargo dependencies
Upstream changes:
Bug Fixes
* Apply unsafe filter (if requested) also on subsequent validation
runs in server mode. ([#407])
* Update all metrics on all validation runs. ([#407])
* Show the status code instead of -1 in RRDP status metrics. ([#408])
Other Changes
* Improve log message when listing resources being added to the unsafe
filter list. ([#406])
[#406]: https://github.com/NLnetLabs/routinator/pull/406
[#407]: https://github.com/NLnetLabs/routinator/pull/407
[#408]: https://github.com/NLnetLabs/routinator/pull/408
Breaking Changes
* Validation now follows the rules suggested by
[draft-ietf-sidrops-6486bis]\: Any invalid object mentioned on the
manifest will lead to the issuing CA and all its objects being rejected.
However, unlike suggested by the draft, Routinator currently will not fall
back to cached older versions of the CA's objects that may still be valid.
In addition, unknown RPKI object types are currently accepted with a
warning logged. This behaviour can be changed via the `unknown-types`
policy option. ([#371], [#401])
* Similarly, CRL handling has been tightened significantly. Each CA must
now have exactly one CRL which must be the one stated in the manifest's
EE certificate. Any violation will lead to the whole CA being rejected
with the same consequences as above. ([#397])
* The default for dealing with stale objects has been changed to `reject`
in accordance with the same draft. ([#387])
* Parsing of local exception files is now more strict in accordance with
[RFC 8416]. Any additional member in the JSON objects will lead to an
error. However, error reporting has been greatly improved and now the
line and column of an error will be indicated. ([#372])
* The alias `--allow-dubios-hosts` for the correctly spelled option has
been removed. ([#384])
* The minimal supported Rust version is now 1.42.0.
New
* All VRPs overlapping with resources from rejected CAs dubbed `unsafe
VRPs' can filtered via the new `unsafe-vrps` option. Doing so will avoid
situations were routes become RPKI invalid if their VRPs are split over
multiple CAs or there are less specific ROAs. By default, unsafe VRPs
are only warned about. ([#377], [#400])
* New metrics for the VRPs produced and filtered on the various TALs.
([#377])
* The logging output of the latest validation run is now available via the
HTTP service's `/log` endpoint. ([#396])
* TCP keep-alive is now supported and enabled by default on RTR
connections as suggested by [RFC 8210]. It can be disabled and its idle
time changed from the default 60 seconds via the new `rtr-tcp-keepalive`
command line and config file option. ([#390])
* The `pid-file`, `working-dir`, `chroot`, `user`, and `group` config file
and server command options now also work without the `--detach` command
line option. ([#392])
* The `init` command will now change ownership of the cache directory if
the `user` and `group` options are set via config file or command line
options. ([#392])
* Irrelevant log messages from libraries are now also filtered when using
syslog logging. ([#385])
* Release builds will now abort on panic, i.e., when an unexpected
internal condition is detected. This ensures that there won't be a
Routinator in a coma. ([#394])
* The feature `rta` enables the new command `rta` for validating Resource
Tagged Assertions as described in [draft-michaelson-rpki-rta]. This
feature is not enabled by default and needs to be activated by adding
the option `--features rta` to the Cargo build command.
Bug Fixes
* Update start and end times will not change between consecutive metrics
reports any more. ([#389])
* Local exceptions will now be loaded before starting a validation run
both in vrps and server mode instead of discarding the run after it
finished when loading fails. In server mode, we now wait 10 seconds
after loading local exceptions fails and try again instead of repeatedly
starting validation runs and discarding them. ([594186c])
* EE certificates encountered in the repository are now validated as
router certificates rather than regular RPKI EE certificates. ([#398])
Other Changes
* Logging has been cleaned up. The meaning of the four log levels is now
better defined see the man page and all log output has been
reassigned accordingly. ([#396])
[#357]: https://github.com/NLnetLabs/routinator/pull/357
[#371]: https://github.com/NLnetLabs/routinator/pull/371
[#372]: https://github.com/NLnetLabs/routinator/pull/372
[#377]: https://github.com/NLnetLabs/routinator/pull/377
[#384]: https://github.com/NLnetLabs/routinator/pull/384
[#385]: https://github.com/NLnetLabs/routinator/pull/385
[#387]: https://github.com/NLnetLabs/routinator/pull/387
[#389]: https://github.com/NLnetLabs/routinator/pull/389
[#390]: https://github.com/NLnetLabs/routinator/pull/390
[#392]: https://github.com/NLnetLabs/routinator/pull/392
[#394]: https://github.com/NLnetLabs/routinator/pull/394
[#396]: https://github.com/NLnetLabs/routinator/pull/396
[#397]: https://github.com/NLnetLabs/routinator/pull/397
[#398]: https://github.com/NLnetLabs/routinator/pull/398
[#400]: https://github.com/NLnetLabs/routinator/pull/400
[#401]: https://github.com/NLnetLabs/routinator/pull/401
[594186c]: 594186cc2e
[RFC 8210]: https://tools.ietf.org/html/rfc8210
[RFC 8416]: https://tools.ietf.org/html/rfc8416
[draft-ietf-sidrops-6486bis]: https://datatracker.ietf.org/doc/draft-ietf-sidrops-6486bis/
[draft-michaelson-rpki-rta]: https://datatracker.ietf.org/doc/html/draft-michaelson-rpki-rta
TDLib (Telegram Database library) is a cross-platform library for
building Telegram clients. It can be easily used from almost any
programming language.
First stable update release for our new 1.25.x series has landed.
Fixes:
evas: sw font draw - protect against null pointer access
efreet - windows - still call stat but skip lstat/readlink
v20.0.35 (2020-10-15)
Bugfixes - 20.0.35
* Bump embedded setuptools from 50.3.0 to 50.3.1
* After importing virtualenv passing cwd to a subprocess calls breaks with
invalid directory
v20.0.34 (2020-10-12)
Bugfixes - 20.0.34
* Align with venv module when creating virtual environments with builtin
creator on Windows 3.7 and later
* Handle Cygwin path conversion in the activation script
Switch to clang, which doesn't do the aggressive DSE in this case.
The Makefiles aleady assume we're using clang, in any case.
See:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71388
SEGV crash is like (from PrusaSlicer):
parent=parent@entry=0x0, context=context@entry=0x79966ba4ab40 <tbb::internal::the_dummy_context>)
at ../../src/tbb/scheduler.cpp:352
genuine=genuine@entry=true) at ../../src/tbb/scheduler.cpp:99
m=..., this=0x799632fe7e80) at ../../src/tbb/custom_scheduler.h:55
at ../../src/tbb/custom_scheduler.h:140
Jason Bacon
Michael Baeuerle
Astr0
Havard Eidnes
Leonardo Taccari
kikadf
K.I.A.Derouiche
Makoto Fujiwara (CF-SX3)
Iku Iwasa
Frank Kardel
Juraj Lutter
Paul Ripke
Thomas Klausner
Amitai Schleier
Maya Rashish