Breaking Changes
-
Restructured the TAL configuration in response to the dropped requirement to opt into the ARIN TAL.
Routinator will now use the bundled RIR TALs directly unless told otherwise by the new
--no-rir-talscommand line and config option. The additional bundled TALs can be added via the new--talcommand line and config option. Additionally, the TAL directory can still be used via the--extra-tals-diroption. Thetal-diroption has been removed but will still be accepted – and ignored – in the config file only.The
initcommand has been removed. (#796) -
Changed the default configuration option for
unsafe-vrpstoacceptand removed all logging or mentioning of unsafe VRPs in this case. (#761) -
Setting the
rsync-timeoutoption to 0 now disables the rsync timeout. (#798) -
Refactored error handling. Routinator now logs the reason why an object failed verification or was otherwise rejected. (#755)
-
Removed the deprecated
rrdp-disable-gzipconfiguration option. (#769)
New
- The new
limit-v4-lenandlimit-v6-lencommand line and config file options allow limiting the length of IPv4 and IPv6 prefixes, respectively, to be included in the VRP data set. (#810) - The new
rrdp-fallbackcommand line and config file option allows specifying the circumstances under which a failed RRDP fetch should result in using rsync instead. Supported polices areneverfor never falling back to using rsync,stalefor the current behavior of falling back when RRDP has failed for some time, andnewto only fall back for repositories where RRDP has never worked before. (#799) - In the extended
jsonextoutput format, the information for VRPs and router keys derived from RPKI data has gained a new member"tal"that shows the name of the TAL this object was published under. (#765) - The log output to files, stderr, and the
/logHTTP endpoint now includes the log level of the message to make it more clear how important the message really is. (#797) - The RTR client metrics have been extended by three new values allowing to track the time since last cache reset and the number of reset and serial queries. Like all RTR client metrics, these new values are only available if enable explicitly via the
rtr-client-metricsconfig option. (#800) - TCP keepalive is now enabled for RRDP connections. The keepalive duration can be configured via the new command line and config file option
rrdp-tcp-keepalive. (#801)
Bug Fixes
- Fixed an issue in error handling in the RRDP collector that causes Routinator to exit if it encountered malformed Base 64 in RRDP snapshot and delta files. (Found by Donika Mirdita and Haya Shulman. Assigned [CVE-2022-3029].) ([#784])
- Fixed an issue where RRDP snapshots and deltas with a status code other than 200 OK were accepted and processed. (#802)
- Changed how Routinator deals with files in the store that cannot be parsed. These will now be ignored and the publication point stored in them considered not available. (#803)
- When piping output from the
vrpscommand into something else, a broken pipe will not lead to an error message any more. (#807) - Fixed various issues with the calculation of RTR metrics. (#811)
Other Changes