aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-10-06Move fcntl(F_SETFL, O_NONBLOCK) to after fork().Rob Austein
svn path=/rcynic/rcynic.c; revision=4017
2011-10-06Use Auto_update for all BPKI objects (fixes #68).Rob Austein
svn path=/rpkid/rpki/rootd.py; revision=4016
2011-10-05Stop abusing RuntimeError. This closes #52.Rob Austein
svn path=/rpkid/portal-gui/scripts/load_csv.py; revision=4015
2011-10-05Add global traceback control; this closes #95. Clean up someRob Austein
"except:" clauses that should have been "except Exception:". svn path=/rpkid/rpki-sql-setup.py; revision=4014
2011-10-05Check manifest generation before whining about missing backup objects. This ↵Rob Austein
closes #93. svn path=/rcynic/rcynic.c; revision=4013
2011-10-04More explicit certificate expiration checks in CMS verify (see #94).Rob Austein
svn path=/rcynic/rcynic.c; revision=4012
2011-10-04Add explicit check for certificate expiration in CMS verify (see #94).Rob Austein
svn path=/rpkid/rpki/exceptions.py; revision=4011
2011-10-04Don't spew to stderr if dumpasn1 isn't available when we want to dumpRob Austein
CMS that doesn't validate (see #94). Switch CMS-dumping code to use OpenSSL library code rather than dumpasn1 -- dumpasn1 is prettier, but not enough prettier to be worth making people install yet another freaking program that's only used to diagnose strange failures. svn path=/rpkid/rpki/x509.py; revision=4010
2011-10-04Rework http_queue exception handling not to drop the event chain ifRob Austein
callback handler throws an exception, eg, due to CMS validation failure. This closes #94. svn path=/rpkid/rpki/http.py; revision=4009
2011-10-04Catch IOError when dumping bad CMS (see #94).Rob Austein
svn path=/rpkid/rpki/x509.py; revision=4008
2011-10-03Fixes #93. New config parameter allow-digest-mismatch, default isRob Austein
warn and allow. Digest mismatch is now a warning message only. Missing object that's listed in manifest is now logged as a serious problem. At the moment, we do this for missing objects in both current and backup generations. I'm not sure that's right, might make more sense to log this only for current generation, but let's try running this way for a little while to see what patterns show up. svn path=/rcynic/README; revision=4007
2011-09-30add entitydb_dir to example rpki.conf to make use of path relative to ↵Michael Elkins
configuration_directory svn path=/rpkid/examples/rpki.conf; revision=4006
2011-09-30no longer necessary to create stub rpki.conf for deprecated rpkidemo usersMichael Elkins
svn path=/rpkid/portal-gui/scripts/adduser.py; revision=4005
2011-09-29Tweak logging levels for what's debugging vs what's mergely verboseRob Austein
when logging stuff related to rsync subprocesses. svn path=/rcynic/rcynic.c; revision=4004
2011-09-29Remove gratuitous and incorrect assertion unmasked by [4002].Rob Austein
This fixes #91. svn path=/rcynic/rcynic.c; revision=4003
2011-09-29Add rsync_state_closed: pipe from rsync has closed, but rsync hasn'tRob Austein
exited yet. Dunno why this happens, but it does. Apply upper bound to how long rcynic goes to sleep for any one select(); pity kqueue() isn't portable, that'd be a better solution. This closes #87. svn path=/rcynic/rcynic.c; revision=4002
2011-09-24svn:keywordsRob Austein
svn path=/rcynic/bio_f_linebreak.c; revision=4001
2011-09-24CleanupRob Austein
svn path=/rcynic/bio_f_linebreak.c; revision=4000
2011-09-23Compiler warningRob Austein
svn path=/rcynic/rcynic.c; revision=3999
2011-09-23Minor doc edit, needed to be done, but real purpose of this changesetRob Austein
is to see whether this commit closes #83 properly. svn path=/rcynic/README; revision=3998
2011-09-23Handle multiple CRLs from same issuer properly, or as properly as IRob Austein
know how to manage. Cache values we use on every call to check_x509() in the walk_ctx_t. This closes #83. svn path=/rcynic/rcynic.c; revision=3997
2011-09-21rcynic is now more than one file.Rob Austein
svn path=/rcynic/Doxyfile; revision=3996
2011-09-21Still more #83: rework CRL digest check to allow local policy, addRob Austein
check (warning only) of CRLDPs in other objects against manifest EE certificate CRLDP. svn path=/rcynic/README; revision=3995
2011-09-20fix botch where a child's prefixes were passed instead of asnsMichael Elkins
svn path=/rpkid/rpki/gui/app/glue.py; revision=3994
2011-09-20Further #83: rework check_manifest() to compare manifest numbers,Rob Austein
postpone CRL digest check until we've picked the manifest. svn path=/rcynic/rcynic.c; revision=3993
2011-09-19Progress (not complete) on #83: check CRL numbers rather than justRob Austein
blindly accepting current when both exist, further nit-picky checks (AKI, CRL extensions, CRL and certificate versions). svn path=/rcynic/rcynic.c; revision=3992
2011-09-16Rework CMS checking to use check_x509(). (#82)Rob Austein
Start cleaning up tangled mess of interlocked checks between CRL and manifests. (#83) svn path=/rcynic/README; revision=3991
2011-09-16Minor rework of main program. Send --show output to stdout, withoutRob Austein
timestamps and without nasty EPIPE backtrace. svn path=/rtr-origin/rtr-origin.py; revision=3990
2011-09-16Rework separation between fatal and non-fatal rpki-rtr error codes.Rob Austein
svn path=/rtr-origin/rtr-origin.py; revision=3989
2011-09-15Consolidate and rationalize validation status codes. (#81)Rob Austein
svn path=/rcynic/rcynic.c; revision=3988
2011-09-15Check TAL URI properly. (#80)Rob Austein
Clean up a bit of dead code. svn path=/rcynic/rcynic.c; revision=3987
2011-09-15Update smoketest to track rcynicRob Austein
svn path=/rpkid/tests/smoketest.py; revision=3986
2011-09-15Merge rcynic-ng/ back into rcynic/. Used svn merge --ignore-ancestryRob Austein
to minimize problems for people mirroring the repository. svn path=/configure; revision=3985
2011-09-14Better support for migration from old-style output directories.Rob Austein
svn path=/rcynic-ng/rcynic.c; revision=3984
2011-09-14Fix test in upgraded_from_pre_symlink_rcynic()Rob Austein
svn path=/rcynic-ng/rcynic.c; revision=3983
2011-09-14Silence compiler warningRob Austein
svn path=/rcynic-ng/rcynic.c; revision=3982
2011-09-14Forgot doc update. No biscuit.Rob Austein
svn path=/rcynic-ng/README; revision=3981
2011-09-14Rework output directory scheme to do atomic instalation of new resultsRob Austein
via the ancient rename-symlink-to-directory hack. (#61) svn path=/rcynic-ng/rcynic.c; revision=3980
2011-09-13Comment nit.Rob Austein
svn path=/rcynic-ng/rcynic.c; revision=3979
2011-09-13Clean up handling of stale certificates and manifests.Rob Austein
svn path=/rcynic-ng/rcynic.c; revision=3978
2011-09-12Add (non-zero) default for rsync-timeout. Update documentation. (#40)Rob Austein
svn path=/rcynic-ng/README; revision=3977
2011-09-10Check for exception select() throws on bad file descriptor, to avoidRob Austein
going into a spin loop. (#69) Preserve old signal handlers even if we do have to restart the I/O loop. Minor clean up. svn path=/rpkid/rpki/async.py; revision=3976
2011-09-07Handle client close events and exceptions a bit more quietly andRob Austein
aggressively in rpki-rtr server. svn path=/rtr-origin/rtr-origin.py; revision=3975
2011-09-07Fix handling of HTTPTimeout. (#70)Rob Austein
Crank down HTTP timeout values. svn path=/rpkid/rpki/http.py; revision=3974
2011-09-07Change [3245] should have applied to sql-dumper.py too.Rob Austein
svn path=/rpkid/tests/sql-dumper.py; revision=3973
2011-09-06CleanupRob Austein
svn path=/scripts/Old/apnic-test-3.tgz; revision=3972
2011-09-06Non-blocking connect needs timeout. (#70)Rob Austein
svn path=/rpkid/rpki/http.py; revision=3971
2011-09-06Upgrade to OpenSSL 1.0.0e (CVE-2011-3207).Rob Austein
svn path=/openssl/Makefile.in; revision=3970
2011-09-05Rudamentary script for extracting XML from pcap files.Rob Austein
svn path=/scripts/pcap-to-xml.sh; revision=3969
2011-09-01Implement rsync_state_conflict_wait (#12).Rob Austein
svn path=/rcynic-ng/rcynic.c; revision=3968
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-21 16:35:54 +0000