Protocolary updates for release 1.6.4

configure.ac

@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.69])
-AC_INIT([fort],[1.6.3],[[email protected]])
+AC_INIT([fort],[1.6.4],[[email protected]])
 AC_CONFIG_SRCDIR([src/main.c])
 AM_INIT_AUTOMAKE([subdir-objects])
 

docs/_config.yml

@@ -8,7 +8,7 @@ defaults:
       layout: "default"
       image: "/img/logo_validador_og.png"
 
-fort-latest-version: 1.6.3
+fort-latest-version: 1.6.4
 plugins:
   - jekyll-seo-tag
   - jekyll-sitemap

docs/intro-fort.md

@@ -17,17 +17,14 @@ Fort is a command-line application intended for UNIX operating systems, written
 
 ## Roadmap
 
-<!-- Remember to remove issues 59 and 60 during import -->
-
 | Issue | Title | Urgency | Due release |
 |-------|-------|---------|-------------|
-| [issue82](https://github.com/NICMx/FORT-validator/issues/82) | Reach 100% RFC 9286 compliance | <span class="urgency-critical">Critical</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.4</a> |
-| [issue112](https://github.com/NICMx/FORT-validator/issues/112) | Enforce same origin for RRDP files | <span class="urgency-high">High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.4</a> |
-| [issue113](https://github.com/NICMx/FORT-validator/issues/113) | Detect and properly respond to subtler RRDP session desynchronization | <span class="urgency-medium">Medium</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.6.4</a> |
-| [issue114](https://github.com/NICMx/FORT-validator/issues/114) | Support automatic TA key rollover | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/13">1.6.5</a> |
-| [issue50](https://github.com/NICMx/FORT-validator/issues/50) | Provide prometheus endpoint | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/14">1.6.6</a> |
-| [issue58](https://github.com/NICMx/FORT-validator/issues/58) | Fort's validation produces no router keys | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/15">1.6.7</a> |
-| [issue74](https://github.com/NICMx/FORT-validator/issues/74) | Kill rsync if a timeout is exceeded | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/16">1.6.8</a> |
+| [issue82](https://github.com/NICMx/FORT-validator/issues/82) | Reach 100% RFC 9286 compliance | <span class="urgency-critical">Critical</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.7.0</a> |
+| [issue112](https://github.com/NICMx/FORT-validator/issues/112) | Enforce same origin for RRDP files | <span class="urgency-high">High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.7.0</a> |
+| [issue113](https://github.com/NICMx/FORT-validator/issues/113) | Detect and properly respond to subtler RRDP session desynchronization | <span class="urgency-medium">Medium</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/12">1.7.0</a> |
+| [issue114](https://github.com/NICMx/FORT-validator/issues/114) | Support automatic TA key rollover | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/13">1.7.1</a> |
+| [issue50](https://github.com/NICMx/FORT-validator/issues/50) | Provide prometheus endpoint | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/14">1.7.2</a> |
+| [issue58](https://github.com/NICMx/FORT-validator/issues/58) | Fort's validation produces no router keys | <span class="urgency-very-high">Very High</span> | <a href="https://github.com/NICMx/FORT-validator/milestone/15">1.7.3</a> |
 | [issue116](https://github.com/NICMx/FORT-validator/issues/116) | SLURM review | <span class="urgency-high">High</span> | - |
 | [issue118](https://github.com/NICMx/FORT-validator/issues/118) | Implement validation re-reconsidered | <span class="urgency-high">High</span> | - |
 | [issue119](https://github.com/NICMx/FORT-validator/issues/119) | Review IRIs to file names transition | <span class="urgency-high">High</span> | - |

docs/usage.md

@@ -993,7 +993,7 @@ The configuration options are mostly the same as the ones from the `argv` interf
 			"<a href="#--rsyncretrycount">count</a>": 1,
 			"<a href="#--rsyncretryinterval">interval</a>": 4
 		},
-		"<a href="#--rsynctransfer-timeout">transfer-timeout</a>": 0,
+		"<a href="#--rsynctransfer-timeout">transfer-timeout</a>": 900,
 		"<a href="#rsyncprogram">program</a>": "rsync",
 		"<a href="#rsyncarguments-recursive">arguments-recursive</a>": [
 			"-rtz",
@@ -1021,10 +1021,10 @@ The configuration options are mostly the same as the ones from the `argv` interf
 			"<a href="#--httpretrycount">count</a>": 1,
 			"<a href="#--httpretryinterval">interval</a>": 4
 		},
-		"<a href="#--httpuser-agent">user-agent</a>": "fort/1.6.2",
+		"<a href="#--httpuser-agent">user-agent</a>": "fort/{{ site.fort-latest-version }}",
 		"<a href="#--httpmax-redirs">max-redirs</a>": 10,
 		"<a href="#--httpconnect-timeout">connect-timeout</a>": 30,
-		"<a href="#--httptransfer-timeout">transfer-timeout</a>": 0,
+		"<a href="#--httptransfer-timeout">transfer-timeout</a>": 900,
 		"<a href="#--httplow-speed-limit">low-speed-limit</a>": 100000,
 		"<a href="#--httplow-speed-time">low-speed-time</a>": 10,
 		"<a href="#--httpmax-file-size">max-file-size</a>": 1000000000,
@@ -1034,8 +1034,8 @@ The configuration options are mostly the same as the ones from the `argv` interf
 	"log": {
 		"<a href="#--logenabled">enabled</a>": true,
 		"<a href="#--logoutput">output</a>": "console",
-		"<a href="#--loglevel">level</a>": "info",
-		"<a href="#--logtag">tag</a>": "Operation",
+		"<a href="#--loglevel">level</a>": "warning",
+		"<a href="#--logtag">tag</a>": "Op",
 		"<a href="#--logfacility">facility</a>": "daemon",
 		"<a href="#--logfile-name-format">file-name-format</a>": "global-url",
 		"<a href="#--logcolor-output">color-output</a>": false

examples/tal/apnic.tal

@@ -1,3 +1,4 @@
+https://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
 rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
 
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9RWSL61YAAYumEiU8z8

man/fort.8

@@ -1,4 +1,4 @@
-.TH fort 8 "2024-08-19" "v1.6.3" "FORT validator"
+.TH fort 8 "2024-09-23" "v1.6.4" "FORT validator"
 
 .SH NAME
 fort \- RPKI validator and RTR server
@@ -264,24 +264,6 @@ specific protocol needs to be deactivated, use \fB--rsync.enabled\fR or
 .RE
 .P
 
-.B \-\-shuffle-uris
-.RS 4
-If enabled, FORT will access TAL URLs in random order. This is meant for load
-balancing. If disabled, FORT will access TAL URLs in sequential order.
-.P
-By default, the flag is disabled.
-.P
-This flag is only relevant if the TAL lists more than one URL. Regardless of
-this flag, FORT will stop iterating through the URLs as soon as it finds one
-that yields a successful traversal.
-.P
-If the TAL lists more than one URL, the shuffle is done honoring the priority
-of the protocols (see \fB--rsync.priority\fR and \fB--http.priority\fR). i.e.
-if the HTTP protocol has a higher priority than RSYNC, then all the shuffled
-HTTP URLs will come first.
-.RE
-.P
-
 .B \-\-maximum-certificate-depth=\fIUNSIGNED_INTEGER\fR
 .RS 4
 Maximum allowable certificate chain length. Meant to protect FORT from
@@ -761,7 +743,7 @@ request at least once. If there was an error requesting the URI, the validator
 will retry at most \fI--http.retry.count\fR times to fetch the file, waiting
 \fI--http.retry.interval\fR seconds between each retry.
 .P
-By default, the value is \fI2\fR.
+By default, the value is \fI4\fR.
 .RE
 .P
 
@@ -914,78 +896,6 @@ requests.
 .RE
 .P
 
-.B \-\-rsync.strategy=(\fIstrict\fR|\fIroot\fR|\fIroot-except-ta\fR)
-.RS 4
-\fIrsync\fR download strategy; states the way rsync URLs are approached during
-downloads. It can have one of three values:
-.IR strict ", "
-.IR root ", "
-.IB "root-except-ta" "(default value)" \fR. \fR
-.P
-.I strict
-.RS 4
-In order to enable this strategy, FORT must be compiled using the flag:
-ENABLE\_STRICT\_STRATEGY. e.g.
-\fB $ make FORT_FLAGS='-DENABLE_STRICT_STRATEGY'\fR
-.P
-RSYNC every repository publication point separately. Only skip publication
-points that have already been downloaded during the current validation cycle.
-(Assuming each synchronization is recursive.)
-.P
-For example, suppose the validator gets certificates whose caRepository access
-methods (in their Subject Information Access extensions) point to the following
-publication points:
-.P
-1. rsync://rpki.example.com/foo/bar/
-.br
-2. rsync://rpki.example.com/foo/qux/
-.br
-3. rsync://rpki.example.com/foo/bar/
-.br
-4. rsync://rpki.example.com/foo/corge/grault/
-.br
-5. rsync://rpki.example.com/foo/corge/
-.br
-6. rsync://rpki.example.com/foo/corge/waldo/
-.P
-A validator following the `strict` strategy would download `bar`, download
-`qux`, skip `bar`, download `corge/grault`, download `corge` and skip
-`corge/waldo`.
-.P
-This is the slowest, but also the strictly correct sync strategy.
-.RE
-.P
-.I root
-.RS 4
-For each publication point found, guess the root of its repository and RSYNC
-that instead. Then skip any subsequent children of said root.
-.P
-(To guess the root of a repository, the validator counts four slashes, and
-prunes the rest of the URL.)
-.P
-Reusing the caRepository URLs from the `strict` strategy (above) as example, a
-validator following the `root` strategy would download
-`rsync://rpki.example.com/foo`, and then skip everything else.
-.P
-Assuming that the repository is specifically structured to be found within as
-few roots as possible, and they contain minimal RPKI-unrelated noise files, this
-is the fastest synchronization strategy. At time of writing, this is true for
-all the current official repositories.
-.RE
-.P
-.I root-except-ta
-.RS 4
-Synchronizes the root certificate (the one pointed by the TAL) in 'strict' mode,
-and once it's validated, synchronizes the rest of the repository in 'root' mode.
-.P
-Useful if you want 'root', but the root certificate is separated from the rest
-of the repository. Also useful if you don't want the validator to download the
-entire repository without first confirming the integrity and legitimacy of the
-root certificate.
-.RE
-.RE
-.P
-
 .B \-\-rsync.retry.count=\fIUNSIGNED_INTEGER\fR
 .RS 4
 Maximum number of retries whenever there's an error executing RSYNC.
@@ -997,7 +907,7 @@ at least once. If there was an error executing the RSYNC, the validator will
 retry it at most \fI--rsync.retry.count\fR times, waiting
 \fI--rsync.retry.interval\fR seconds between each retry.
 .P
-By default, the value is \fI2\fR.
+By default, the value is \fI4\fR.
 .RE
 .P
 
@@ -1121,26 +1031,6 @@ Maximum: \fIUINT_MAX\fR
 Default: \fI20\fR
 .RE
 
-.B \-\-thread-pool.validation.max=\fIUNSIGNED_INTEGER\fR
-.RS 4
-Maximum number of threads that will be spawned at an internal thread pool in
-order to run validation cycles.
-.P
-When a validation cycle begins, one thread per configured TAL is utilized; once
-the whole RPKI tree of the TAL is validated, the thread is returned to the pool.
-.P
-If there are more TALs at \fI--tal\fR than \fI--thread-pool.validation.max\fR
-threads at the pool, is very likely that the validation cycles take a bit more
-of time to complete since only \fI--thread-pool.validation.max\fR threads will
-be working at the same time. E.g. if \fI--thread-pool.validation.max=2\fR and
-the location at \fI--tal\fR has 4 TAL files, only 2 TALs will be validated
-simultaneously while the rest waits in a queue until there's an available thread
-at the pool to attend them.
-.P
-By default, it has a value of \fI5\fR. Minimum allowed value: \fI1\fR,
-maximum allowed value \fI100\fR.
-.RE
-
 .B \-\-asn1-decode-max-stack=\fIUNSIGNED_INTEGER\fR
 .RS 4
 ASN1 decoder max allowed stack size in bytes, utilized to avoid a stack
@@ -1150,12 +1040,6 @@ By default, it has a value of \fI4096\fR (4 kB).
 .RE
 .P
 
-.B \-\-stale-repository-period=\fIUNSIGNED_INTEGER\fR
-.RS 4
-Deprecated; does nothing.
-.RE
-.P
-
 .SH EXAMPLES
 .B fort \-\-init-tals \-\-tal=/tmp/tal
 .RS 4
@@ -1243,6 +1127,7 @@ to a specific value:
       "count": 1,
       "interval": 4
     },
+    "transfer-timeout": 900,
     "program": "rsync",
     "arguments-recursive": [
       "-rtz",
@@ -1270,10 +1155,10 @@ to a specific value:
       "count": 1,
       "interval": 4
     },
-    "user-agent": "fort/1.6.2",
+    "user-agent": "fort/1.6.4",
     "max-redirs": 10,
     "connect-timeout": 30,
-    "transfer-timeout": 0,
+    "transfer-timeout": 900,
     "low-speed-limit": 100000,
     "low-speed-time": 10,
     "max-file-size": 1000000000,
@@ -1283,8 +1168,8 @@ to a specific value:
   "log": {
     "enabled": true,
     "output": "console",
-    "level": "info",
-    "tag": "Operation",
+    "level": "warning",
+    "tag": "Op",
     "facility": "daemon",
     "file-name-format": "global-url",
     "color-output": false
@@ -1409,7 +1294,7 @@ well as some dummy Router Keys (BGPsec) info:
 .P
 
 .\".SH COPYRIGHT
-.\" FORT-validator 2021
+.\" FORT-validator 2024
 .\" MIT License
 
 .SH SEE ALSO

src/config.c

@@ -3,8 +3,7 @@
 #include <curl/curl.h>
 #include <errno.h>
 #include <getopt.h>
-#include <libxml/xmlversion.h>
-#include <jansson.h>
+#include <libxml/xmlreader.h>
 #include <openssl/opensslv.h>
 #include <syslog.h>
 
@@ -1055,6 +1054,9 @@ print_usage(FILE *stream, bool print_doc)
 
 	fprintf(stream, "Usage: %s\n", program_name);
 	FOREACH_OPTION(options, option, AVAILABILITY_GETOPT) {
+		if (option->deprecated)
+			continue;
+
 		fprintf(stream, "\t[");
 		fprintf(stream, "--%s", option->name);
 

src/object/certificate.c

@@ -5,11 +5,9 @@
 #if OPENSSL_VERSION_MAJOR >= 3
 #include <openssl/core_names.h>
 #endif
-#include <openssl/evp.h>
 #include <openssl/obj_mac.h>
 #include <openssl/objects.h>
 #include <openssl/rsa.h>
-#include <openssl/x509v3.h>
 #include <syslog.h>
 #include <time.h>