github NLnetLabs/routinator v0.13.0
0.13.0 ‘Should Have Started This in a Screen’
on GitHub

latest releases: v0.14.0, v0.14.0-rc3, v0.14.0-rc2...
13 months ago

New

  • Added support for ASPA. Processing needs to be enabled via the new option enable-aspa which is only available if the aspa feature is explicitly selected during compilation. This is due to the specification still changing. The implementation currently conforms with draft-ietf-sidrops-aspa-profile-15. (#847, #873, #874, #878)
  • Added support for version 2 of the RTR protocol. This primarly means support for the ASPA payload type. (#847)
  • Sending SIGUSR2 to Routinator will re-open a log file if logging to a file is enabled. (#859)
  • The HTTP server provides a new endpoint /json-delta/notify that can be used to wait for updated data similar to the RTR Notify PDU. (#863)
  • Added support for filtering and adding router keys via local exception files. (#865)
  • The vrps command and the HTTP payload output endpoints now allow excluding specific payload types for output. (#866)
  • Added a new member payload to the output of the /api/v1/status endpoint that gives an overall summary of the produced payload. (#867)
  • Added new members generated and generatedTime to the JSON object produced by the /json-delta endpoint. (#868)

Breaking Changes

  • A new field aspa was added to the jsonext format. See the manual page for more information. (#847)
  • A number of ASPA-related fields have been added to all metrics and status formats. (#847)
  • Renamed functions and attributes that refer to standalone end entity certificates to refer to router certificates so they don’t get confused with the end entity certificates included with signed objects. (#854)
  • Renamed the JSON member in the HTTP status API from validEECerts to validRouterCerts. The old name is still available but may be removed in the future. (#854)
  • The regular json output format now includes router key and ASPA output. Since both are disabled by default, the format will still be compatible by default. (#866)
  • The minimal required Rust version has been increased to 1.70. (#847, #853, #869, #879)

Bug Fixes

  • Fixed a bug in the RTR server where it would include router key PDUs even if the negotiated protocol version was 0. (via rpki-rs #250)
  • Restored the ability to parse ASNs in JSON input to the validity command as string or number. (#861)
  • Update bcder to at least 0.7.3 to fix various decoding issues that could lead to a panic when processing invalid RPKI objects.
  • Check the request URI when generating a path for storing a copy of a RRDP response with the rrdp-keep-responses option to avoid path traversal. (#894. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39916.)

Other Changes

  • The log message for missing manifest now include the URI of the CA certificate for which the manifest is missing. (#864)
  • Binary packages are now also built for Debian bookworm. (#881)
Check out latest releases or
releases around NLnetLabs/routinator v0.13.0

Don't miss a new routinator release

NewReleases is sending notifications on new releases.

Get notifications