-
Notifications
You must be signed in to change notification settings - Fork 12
/
ChangeLog
206 lines (177 loc) · 9.55 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
0.14, not yet released
0.13, relased 2017-11-04
* Increased the running mode in Docker, and the handbook is doc/docker/Install_and_Run_Rpstir_in_Docker.txt.
* Because the code does not change, so the version number remains unchanged.
0.13, released 2017-03-21
* New Certificate Policy with validation reconsidered
(draft-ietf-sidr-rpki-validation-reconsidered) based on
old OIDs
0.12, released 2016-06-16
* Fixed a bug where an "evil twin" certificate (maliciously
crafted certificate that uses the same public key, SKI, and
issuer as another valid certificate) could cause RPSTIR to
treat valid objects as invalid.
* Fixed some potentially exploitable buffer overflow bugs.
* Fixed unsafe use of snprintf().
* Compatibility improvements for MySQL 5.7.
* The undocumented, incomplete, and probably buggy support for
LTAM has been removed. (draft-ietf-sidr-ltamgmt has been
deprecated in favor of draft-ietf-sidr-slurm.)
* Miscellaneous code clean-up and minor bug fixes.
* Adjusted README to instruct users to build a shared version
of OpenSSL.
* Bumped copyright year to 2016.
* A compiler with C99 support is now required.
* Build system improvements. Autoconf 2.60 is now required.
* Test suite improvements.
0.11, released 2015-06-12
* Fix a bug where ROAs with hundreds of ROAIPAddresses or more would be
truncated.
* Add support for new-style Trust Anchor Locators (TALs)
[draft-ietf-sidr-rfc6490-bis-03].
* Fix a potential buffer overflow in code that handles untrusted input.
* Fix performance scaling of rpki-rtr-daemon. The rpki-rtr-daemon
previously had poor performance with very large rtr_incremental or
rtr_full tables.
* Decrease the likelihood of a malformed rsync URI resulting in a
successful attack, by passing the --protect-args option to rsync.
* Improve conformance to [RFC6810] by sending a No Data Available PDU
instead of a Cache Reset PDU in response to a serial query for which
we don't have data yet.
* Fix expired certificates in the test suite.
* Fix a potential infinite loop in one of the self tests.
* Fix a compatibility bug in the test suite, where the tests were
failing on several popular systems that use a particular version of
netcat.
0.10, released 2014-02-25
* Add beta support for running rpstir in 64-bit mode.
* Add beta support for running rpstir on Mac OS X.
* Significantly improve performance of incremental updates by adding an
rsync flag to preserve file modification times.
* Fix multiple potential SQL-injection bugs.
* Support newer versions of rsync and automake.
* Remove support for RPSL due to lack of demand.
* Update conformance cases (see doc/conformance-cases).
* The ./configure script no longer prints a misleading error message
when it's run outside of a git directory.
* Add tests with AS numbers that don't fit into 16 bits.
* Reject trust anchor CA certificates that have resources marked
inherit, as specified in RFC 6490, Section 2.2.
* Verify that rpstir compiles with clang, and fix all of clang's
warnings.
* In the statistics collection mode, add support for incremental updates
and for running multiple simultaneous statistics collections.
* Change handling of CRLs that list syntactically invalid serial
numbers. These CRLs are now accepted, but the certificates with
syntactically invalid serial numbers are still not accepted.
0.9, released 2013-10-31
* Add many more conformance test cases. (See doc/conformance-cases for
the full list.) These test cases can be used by relying party
software to test compliance with published RFCs and Internet-Drafts.
Additionally, relying party software that passes the tests can be
used to test the output of a Certification Authority.
* Fix bugs found by the above test cases.
* Add a pseudo-random factor to the calculation of how long to wait
before retrying an rsync connection. This should help prevent many
relying parties from hitting the same server at the same time.
* Implement basic support for collecting statistics of the RPKI over
time.
0.8, released 2013-07-25
* Support Ghostbusters Records [RFC 6493].
* Fix a SQL injection bug when a filename in a manifest contains certain
characters.
* Fix a bug where CRLs were not being marked as invalid when their
issuers became invalid and manifests were not being marked as invalid
when their associated EE certificates became invalid.
* Fix the query client (rpstir-query) to not consider it an error
when no results are returned for a query.
* Require ROA EE certificates to explicitly specify IP resources.
That is, disallow RFC 3779 "inherit" bit in ROA EE certificates.
* Add functionality to rpstir-results for outputting simple lists
of good and bad URIs, to simplify comparison testing.
* On installation, create ${bindir} if it does not already exist.
* Improve README based on user feedback.
0.7, released 2013-04-10
* Add preliminary support for adding files from the local cache. In the
future, this could be used to quickly deploy additional relying party
machines without each one needing to download all files from the
global RPKI.
* Fix a buffer overflow when manifests list filenames longer than 199
bytes.
* Fix a read of uninitialized memory when the first file listed on a
manifest has an unknown extension.
* Don't allow empty sets of IP resources in certificates.
(http://tools.ietf.org/html/rfc6487#section-4.8.10)
* Don't allow Subsequent Address Family Identifier (SAFI) values in IP
resources. (http://tools.ietf.org/html/rfc6487#section-4.8.10)
* Fix bugs in the ROA validation code where AS numbers equal to zero
or larger than 2^31 - 1 were rejected.
0.6, released 2013-02-15
* Simplify the commands used during normal operation. The commands
are now named after what the user intends to do, instead of after the
internal component we used to implement them. Some of the scripts are
reorganized so that each script does one function (e.g., synchronize
with remote repositories) instead of presenting an interface to one
internal component (e.g., the component that validates objects fed to
it by other components while syncronizing with remote repositories).
* Use a single configuration file syntax instead of a mix of
environment variables and multiple incompatible configuration files.
Additionally, provide an example configuration file with comments
describing each option. This should make rpstir easier to set up.
* Switch from one Makefile per directory to a single Makefile. Aside
from speeding up parallel compilation, this lets us simplify
internal dependencies. With one Makefile per directory, we had to
carefully order the directories such that nothing in one directory
depended on something in a later directory. Since the dependencies
changed over time, this became more and more complex to maintain.
With a single Makefile, we can just tell "make" about each dependency
and let "make" figure out the order to build things.
* Remove duplicate code. Before switching to a single Makefile (see
above), we occasionally copied functions from one file to another to
avoid having to restructure the source tree and reorder the
per-directory Makefiles. With a single Makefile keeping track of
dependencies, we consolidated the duplicated code and let "make"
do the build ordering for us.
* Find and remove unused code.
* Improve support for CHECKTOOL. When $CHECKTOOL is set to "valgrind"
for the self-tests, much more code is now tested with valgrind.
* Make it possible to install to the system instead of running from
within the source directory.
* When an rsync download of a trust anchor fails, retry a few times
instead of giving up on downloading that trust anchor.
* Support Cryptlib 3.4.2.
* Fix a bug that occured when a trust anchor was added after its
children. Some of the children that should have been considered valid
were considered unknown. This doesn't happen in normal operation, but
was discovered during testing at IETF 85.
* Don't require access to the database root account. As long as
rpstir's database user has full permissions on a database, there's
no reason to require access to the root database user.
0.5, released 2012-11-02
* Fix compatibility with older rsync servers.
* Be more careful about runaway processes in a few places.
* Log when a URI is dropped from the list to synchronize.
* Minimize extraneous fetching of remote repositories.
* Support 20-octet serial numbers, manifest numbers, and CRL numbers.
* Check for new versions and log when a newer version is available.
0.4, released 2012-06-18
* Add conformance cases for various specifications and fix problems revealed by those conformance cases.
* Performance tuning for rsync.
* Remove dependency on python-netaddr and increase performance where python-netaddr used to be used.
* Fix build and tests on NetBSD.
* Fix compiling/linking with pthreads on some platforms.
* More tests can be run under valgrind.
* Various bug and compiler warning fixes.
0.3, released 2012-03-05
* Fix security bugs in rsync_cord and rsync_listener.
* First-pass at preventing SQL injection attacks.
* Update chaser to prevent shell injection attacks and to minimize duplicate downloads.
* Warn if people try to build on an (unsupported) 64-bit platform or if OpenSSL was compiled without RFC 3779 support.
* Add error checking to rsync_aur.
* Performance tuning for rpki-rtr.
* Various bug fixes.
0.2, released 2012-01-05
* Support current version of rpki-rtr protocol.
* Various bug fixes.
0.1, released 2011-12-17
* Initial public release.