0.14.0 ‘You Must Gather Your Party Before Venturing Forth’

Breaking changes

• Keep the content of an RRDP repository in a single file rather than as individual files under a directory. (#886)
• Switched to the all-new version 0.4 of the Routinator UI. This also changes the way we import the UI into Routinator by simply including the built assets which means downloads are not necessary during the build process any more. (#952)
• Changed the summary output format to have all lines end in a semicolon. (#907)
• Changed the options used for rsync. The options -rtO --delete are now always used. The options set in the rsync-args are added or, if that is not used, -z and --no-motd, as well as --contimeout=10 if it is supported by the rsync command, and --max-size if the max-object-size option has not been set to 0. (#962)

New

• The chain_validity value in the jsonext format now considers the validity of the manifest’s EE certificates. A new stale value shows the time when any of the publication points along the way will become stale. (#945)
• If a collected manifest has a lower manifest number or an older thisUpdate field than a stored manifest for the same CA, the collected manifest is ignored and the stored publication point is used instead. This implements a requirement added in RFC 9286. (#946, #954)
• The number of delta entries in a RRDP notification file is now limited to 500 by default. If there are more entries, the deltas are ignored and the snapshot is used. The limit can be changed through the new rrdp-max-delta-list-len configuration value. (#961)
• The RRDP collector now falls back to a snapshot update if the hash of a delta listed in the notification file has changed from the previous update. This implements draft-ietf-sidrops-rrdp-desynchronization-00. (#951)
• The RRDP collector now enforces that all URIs referred to or redirected to by an RRDP server have the same origin as the rpkiNotify URI in the CA certificate. (#953)
• The config file used is now printed for some commands. This should help with avoiding confusion when running Routinator as different users. (#959)

Bug fixes

• Fixed an issue where the refresh time was calculated as zero under certain conditions until the dataset was updated. (#940)
• Add the current RRDP serial number to the RRDP server metrics when a Not Modified response is received so that Prometheus shows a constant value.

0.14.0-rc3

Bug fixes

• Updated the bundled Routinator UI to version 0.4.1. This fixes internal linking some more. (#967)

0.14.0-rc2

Bug fixes

• Updated the bundled Routinator UI to version 0.4.1. This fixes internal linking. (#965)

0.14.0-rc1

Breaking changes

• Keep the content of an RRDP repository in a single file rather than as individual files under a directory. (#886)
• Switched to the all-new version 0.4 of the Routinator UI. This also changes the way we import the UI into Routinator by simply including the built assets which means downloads are not necessary during the build process any more. (#952)
• Changed the summary output format to have all lines end in a semicolon. (#907)
• Changed the options used for rsync. The options -rtO --delete are now always used. The options set in the rsync-args are added or, if that is not used, -z and --no-motd, as well as --contimeout=10 if it is supported by the rsync command, and --max-size if the max-object-size option has not been set to 0. (#962)

New

• The chain_validity value in the jsonext format now considers the validity of the manifest’s EE certificates. A new stale value shows the time when any of the publication points along the way will become stale. (#945)
• If a collected manifest has a lower manifest number or an older thisUpdate field than a stored manifest for the same CA, the collected manifest is ignored and the stored publication point is used instead. This implements a requirement added in RFC 9286. (#946, #954)
• The number of delta entries in a RRDP notification file is now limited to 500 by default. If there are more entries, the deltas are ignored and the snapshot is used. The limit can be changed through the new rrdp-max-delta-list-len configuration value. (#961)
• The RRDP collector now falls back to a snapshot update if the hash of a delta listed in the notification file has changed from the previous update. This implements draft-ietf-sidrops-rrdp-desynchronization-00. (#951)
• The RRDP collector now enforces that all URIs referred to or redirected to by an RRDP server have the same origin as the rpkiNotify URI in the CA certificate. (#953)
• The config file used is now printed for some commands. This should help with avoiding confusion when running Routinator as different users. (#959)

Bug fixes

• Fixed an issue where the refresh time was calculated as zero under certain conditions until the dataset was updated. (#940)
• Add the current RRDP serial number to the RRDP server metrics when a Not Modified response is received so that Prometheus shows a constant value.

0.13.2 ‘Existential Funk’

Bug Fixes

• Fix the RTR listener so that Routinator won’t exit if an incoming RTR
  connection is closed again too quickly. (#937, reported by Yohei
  Nishimura, Atsushi Enomoto, Ruka Miyachi; Internet Multifeed Co., Japan.
  Assigned CVE-2024-1622.)

0.13.1 ‘Aziz, Light!’

New

• Added support for private keys marked as “EC PRIVATE KEY“ in the PEM files for TLS server configuration. (#921)
• The rsync collector now logs stderr output of the rsync command directly instead of collecting it and logging it in one go after the commend returned. ([#290])

Bug Fixes

• The dump command will now succeed even if certain directories or files in the repository cache are missing. (#916)
• A more meaningful message is now printed when decoding RPKI objects fails. It will still not give much detail but at least it isn’t confusing any more. (#917)

Other changes

• Updated the nlnetlabs-testbed TAL to the current location and key. (#922)

0.13.1-rc1

New

• Added support for private keys marked as “EC PRIVATE KEY“ in the PEM files for TLS server configuration. (#921)
• The rsync collector now logs stderr output of the rsync command directly instead of collecting it and logging it in one go after the commend returned. ([#290])

Bug Fixes

• The dump command will now succeed even if certain directories or files in the repository cache are missing. (#916)
• A more meaningful message is now printed when decoding RPKI objects fails. It will still not give much detail but at least it isn’t confusing any more. (#917)
• The RTR server now returns the expected protocol version in the version negotiation error message rather than the requested version. (rpki-rs #280)
• The RTR server does not accept protocol version 2 for now to avoid sending illegal ASPA PDUs. This is a workaround until the final format of the PDU is specified. (rpki-rs #281)

Other changes

• Updated the nlnetlabs-testbed TAL to the current location and key. (#922)

0.13.0 ‘Should Have Started This in a Screen’

New

• Added support for ASPA. Processing needs to be enabled via the new option enable-aspa which is only available if the aspa feature is explicitly selected during compilation. This is due to the specification still changing. The implementation currently conforms with draft-ietf-sidrops-aspa-profile-15. (#847, #873, #874, #878)
• Added support for version 2 of the RTR protocol. This primarly means support for the ASPA payload type. (#847)
• Sending SIGUSR2 to Routinator will re-open a log file if logging to a file is enabled. (#859)
• The HTTP server provides a new endpoint /json-delta/notify that can be used to wait for updated data similar to the RTR Notify PDU. (#863)
• Added support for filtering and adding router keys via local exception files. (#865)
• The vrps command and the HTTP payload output endpoints now allow excluding specific payload types for output. (#866)
• Added a new member payload to the output of the /api/v1/status endpoint that gives an overall summary of the produced payload. (#867)
• Added new members generated and generatedTime to the JSON object produced by the /json-delta endpoint. (#868)

Breaking Changes

• A new field aspa was added to the jsonext format. See the manual page for more information. (#847)
• A number of ASPA-related fields have been added to all metrics and status formats. (#847)
• Renamed functions and attributes that refer to standalone end entity certificates to refer to router certificates so they don’t get confused with the end entity certificates included with signed objects. (#854)
• Renamed the JSON member in the HTTP status API from validEECerts to validRouterCerts. The old name is still available but may be removed in the future. (#854)
• The regular json output format now includes router key and ASPA output. Since both are disabled by default, the format will still be compatible by default. (#866)
• The minimal required Rust version has been increased to 1.70. (#847, #853, #869, #879)

Bug Fixes

• Fixed a bug in the RTR server where it would include router key PDUs even if the negotiated protocol version was 0. (via rpki-rs #250)
• Restored the ability to parse ASNs in JSON input to the validity command as string or number. (#861)
• Update bcder to at least 0.7.3 to fix various decoding issues that could lead to a panic when processing invalid RPKI objects.
• Check the request URI when generating a path for storing a copy of a RRDP response with the rrdp-keep-responses option to avoid path traversal. (#894. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39916.)

Other Changes

• The log message for missing manifest now include the URI of the CA certificate for which the manifest is missing. (#864)
• Binary packages are now also built for Debian bookworm. (#881)

0.13.0-rc2

Bug Fixes

• Fixed various decoding issues that could lead to a panic when processing invalid RPKI objects. (via bcder release 0.7.3. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39915)
• Check the request URI when generating a path for storing a copy of a RRDP response with the rrdp-keep-responses option to avoid path traversal. ([#892]. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39916.)

0.12.2 ‘Brutti, sporchi e cattivi’

Bug Fixes

• Fixed various decoding issues that could lead to a panic when processing invalid RPKI objects. (#891, via bcder release 0.7.3. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39915)
• Check the request URI when generating a path for storing a copy of a RRDP response with the rrdp-keep-responses option to avoid path traversal. (#892. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39916.)