Skip to content

Releases: NLnetLabs/routinator

0.3.3 ‘Big Bada Boom’

01 Apr 15:38
f136830
Compare
Choose a tag to compare

This is yet another bug fix release. It primarily fixes a crash that happened under certain conditions when checking address prefixes in certificates. In addition, some configuration file options related to rtrd mode were ignored. Finally, we now quietly ignore if the standard output is closed midway during output in vrps mode, making Routinator behave better when piping output somewhere.


Bug Fixes

  • The config file option specific to rtrd mode weren’t picked up.
    (#102, reported by Jay Borkenhagen)
  • Ignore ‘broken pipe’ errors when outputting VRPs to make Routinator play
    nice with piping output into scripts etc. (#105)
  • Fixes a crash when validating certain invalid resource sets on
    certificates. (rpki-rs #30)

Dependencies

  • There’s now a crude way to check if you have the minimum Rust version
    required and stop building. (#104)

0.3.2 ‘Bitter and Twisted’

27 Mar 11:31
1af32f3
Compare
Choose a tag to compare

This is a bugfix release resolving two issues:

When we moved reading of the TALs to be done only at the start in the last
release, we accidentally made all error messages related to them invisible.
This resulted in Routinator quietly terminating if the TALs were broken.

Additionally, Github user matsm got stung by our RPSL output not being
quite correct. Now IPv6 prefixes are properly provided via a route6:
statement and all lines have Unix-style endings.


Bug Fixes

  • Print errors when reading the trust anchor locators to standard error
    instead of logging them since logging isn’t set up yet at that point.
    (#89)
  • Use route6: fields in RPSL output for IPv6 prefixes. (#96, reported
    by @matsm)
  • Use LF as line endings in RPSL output. Seems that’s what whois uses in
    practice, too. (#97, reported by @matsm)

0.3.1 ‘More Intensity’

06 Mar 14:06
f65bd57
Compare
Choose a tag to compare

This release ties up some loose ends before some big improvements planned
for the next version. Most importantly, we added a timeout to rsync runs
after a hanging rsync got the entire Routinator RTR daemon stuck. Trust
anchor locators are now only read once when Routinator starts. While this
will make Routinator more robust against accidental file system changes, you
will need now need to restart it if you changed the TALs on purpose.

We fixed a bug where a missing tcp-listen option in the config file would
make Routinator crash in rtrd mode – it will now use the default listen
address 127.0.0.1:3323 as expected.

Finally, we added some more details to the Prometheus metrics introduced in
the last version. These are now given per trust anchor and include not only
the number of VRPs but also of ROAs.


New

  • TAL files will only be read once when Routinator starts. This
    improves robustness at the cost of having to restart Routinator when the
    TALs change. (#74)
  • New option --rsync-timeout setting the maximum number of seconds any
    rsync command is allowed to run. This prevents hanging rsync from
    blocking Routinator. (#76)
  • Additional Prometheus metric valid_roas reporting the number of
    verified ROAs. Additionally, both metrics are now reported separately
    for each TAL. (#78)
  • Compare RTR serial numbers according to RFC 1932. (#81)

Bug Fixes

  • A missing tcp-listen option in the config file caused Routinator to
    crash in rtrd mode instead of using the default socket. (#80)
  • Decoding manifest and ROAs now checks that the content type field in the
    signed object has the correct object identifier. (rpki-rs #27)

0.3.0 ‘It‘s More Fun at the Zoo’

21 Feb 14:24
7b56f02
Compare
Choose a tag to compare

This release implements
RFC 8360 which proposes an
alternative mode for dealing with overclaimed resources in
certificates. It promises to make it easier to deal with resources
being transfered away from a holder.

We have also added an HTTP service to rtrd mode. It is intended
primarily for monitoring - it already supports the metrics endpoint for
Prometheus –, but it also allows you to fetch the list of VRPs via your
browser. We will add more extensive monitoring metrics in future
releases.

Finally, we fixed a bug where some serial numbers in RTR were all wrong.


Breaking Changes

  • Several API and organizational changes in the Routinator library crate
    for the various improvements below.

New

  • New output format csvext that mimics the output format of the Original
    RIPE NCC Validator. (#59)
  • Support for alternative resource extensions and validation defined in
    [RFC 8360]. (The accompanying changes made it quite a bit faster, too.)
    (#63)
  • Support for cargo-deb-based Debian packaging. Thanks to David
    Monosov. (#62)
  • Log warnings for stale manifests and CRLs.
  • Optional HTTP service in rtrd mode. This can be enabled via the
    --listen-http command line option and the listen-http config option.
    This is only the beginning of more extensive monitoring support. (#68)

Bug Fixes

  • Converts the endianess of the serial number in the SerialNotify RTR PDU.
    Reported by Massimiliano Stucchi. (#60)

Dependencies

  • Docker build updated to Rust 1.32 and Alpine Linux 3.9. Thanks to David
    Monosov. (#61)

Housekeeping

  • Included Clippy in Travis runs for better code quality. (#65)

0.2.1 ‘Rated R’

21 Feb 14:25
f3d5a94
Compare
Choose a tag to compare

New

  • The config command now prints the configuration in TOML format and
    can be used to create a configuration file for the current
    configuration. (#54)
  • Routinator now builds and runs on Windows. Given that Windows is a Rust
    tier 1 platform, we wanted to see how difficult it is to get this
    going. Note that you will need the rsync executable that comes with
    Cygwin. (#55)

Bug Fixes

  • Actually use $HOME/.routinator.conf as the default config file as
    promised by the documentation. (#49)
  • Fix a compile time error on 32 bit systems.

0.2.0 ‘Instant Gezellig’

21 Feb 14:27
26084e1
Compare
Choose a tag to compare

Breaking Changes

  • The command line arguments have been restructured to use commands to
    determine the mode of operation rather than options. In the course of
    that, some options changed, too. (#35)
  • Add trust anchor information to the CSV, JSON, and RPSL output. (#21)

New

  • Add a configuration file for all standard options and the options for
    the RTR server mode. (#35)
  • Add a Dockerfile for building and deploying through Docker. Thanks to
    David Monosov. (#23)
  • Output from the rsync runs is now send to the logger and will be handled
    according to log settings. Output to stderr is logged with log level
    warn, stdout is logged with info. (#27)
  • New options for daemon mode: pid-file, working-dir, and chroot.
    Options to change the user and group in daemon mode are coming soon.
    (#42)
  • In daemon mode, forking now happens after the TALs are checked so that
    you can see the error messages and that it fails.
  • New VRP output format openbgpd which produces a roa-set for
    OpenBGPD config.
    Thanks to Job Snijders. (#32)
  • A new command line and config file option rsync-command allows to
    choose which command to run for rsync. A new config file option
    rsync-args allows to provide arguments to rsync. (#41)

Bug Fixes

  • The default output format was accidentally changed to none. It is
    csv again.

Performance Improvements

  • Caching of CRL serial numbers for CAs with large manifests leads to
    about half the validation time for the current repository. (#34)

0.1.2 ‘And I Cry If I Want To’

21 Feb 14:28
Compare
Choose a tag to compare

Bug Fixes

0.1.1 ‘Five-second Rule’

21 Feb 14:29
Compare
Choose a tag to compare

0.1.0 ‘Godspeed!’

21 Feb 14:29
8c0ad67
Compare
Choose a tag to compare
v0.1.0

Release 0.1.0 "Godspeed!"