rpki-client: add compat for BIT STRING accessors
ASN.1 bit strings are DER encoded by zero-padding the bit string at the end
to a length divisible by eight. The number of padding bits ("unused bits"),
a number between 0 and 7, is stored in the first value octet, the remainder
of the value octets are formed by the zero-padded bit string.
Since asn1_string_st is opaque in OpenSSL 4, there need to be accessors for
length and unused bits, which is what is added here. The getter assumes the
ASN1_STRING_FLAG_BITS_LEFT flag is set on a bit string, which is always the
case for deserialized bit strings. I prefer not to elaborate on the madness
hiding here at this point in time...
LibreSSL will likely add these accessors to libcrypto in the ongoing cycle,
but we will need this compat code for OpenSSL and older LibreSSL anyway.
The code is not yet used in rpki-client. The conversions will be committed
soon.
ok claudio job
Add support for line numbers in copy mode. A new copy-mode-line-numbers
option has the following modes: off, default (tmux's normal line
numbering where 0 is the top visible line), absolute (first line in
history is 1), relative (relative to the cursor) and hybrid (current
line is absolute, others relative). Also adds
copy-mode-line-number-style and copy-mode-current-line-number-style to
set the style of the line numbers. When copy mode is entered with the
mouse, line numbers stay off.
From Leo Henon in GitHub issue 5025.
In the rtr_reader_callback() make sure that the PDU length is not only
smaller than RTR_MAX_PDU_SIZE but also larger than sizeof(struct rtr_header).
Passing a too small value will trigger a fatal error later on which is
not great. Also switch the type of len to size_t, there is no need for
a signed value here.
OK tb@
Refactor dtls1_do_write_handshake_message().
If the call to dtls1_write_bytes() fails, handle the potential MTU update
and return/continue, which allows for the remainder to be moved out of an
else statement.
ok kenjiro@ tb@
bgpctl: add log.c for bgpctl
This provides log_{warn{,x},info,debug}() and fatal{,x}() implementations
that wrap the err.h API. They are API compatile with bgpd's log.h and will
help undo some contortions where we had to put log calls into weird spots
because of code sharing between bgpd and bgpctl.
ok claudio
Split dtls1_do_write() into handshake message and CCS handling.
dtls1_do_write() is currently a single function that handles both handshake
messages and CCS. This is a strange mix that only serves to complicate the
code - handshake messages have their own headers and may need to be
fragmented, while CCS must be sent verbatim (and only contain a single
byte). Pull the CCS part out into a separate function, simplifying the
code. By definition, when sending a CCS message the MTU will already be
set appropriately.
ok kenjiro@ tb@
Avoid unnecessary lookups in dtls1_retransmit_message().
dtls1_retransmit_buffered_messages() is iterating over the sent_messages
pqueue, only to pass dtls1_retransmit_message() a sequence number that it
turns back into a priority, to then do a lookup on the sent_messages pqueue.
This is pointless given that we already have the message that we need to
retransmit - just pass that to dtls1_retransmit_message() directly.
ok kenjiro@ tb@
Make dtls1_retransmit_message() static.
This function is only called from dtls1_retransmit_buffered_messages().
Make it static and move it above the caller.
ok kenjiro@ tb@
Inline dtls1_fix_message_header().
This is only used in one place and it makes no sense to have it as a
separate function. Furthermore, pull up an assertion so that we check
before assigning frag_len.
ok kenjiro@ tb@
rpki-client: properly ignore missing unsupported files in -n mode
RFC 9286 section 6.5 mandates that we fetch all the files in a manifest
fileList and validate their hashes. By design, RRDP will ship all the
available files whereas in rsync we decided to fetch only the files of
types we explicitly support. While we check the hashes of unsupported
files, they won't be copied into the cache of validated files.
Since unsupported files are not in the validated cache and may or may
not be present in the temporary directory of fetched objects, there is
logic that ensures that the hashes of all available files are correct
and attempts to avoid an error for files absent from both directories.
Whether all the above decisions in both, standards and our code, are
fully sound is not entirely clear.
Be that as it may, Job observed that this logic was incorrect in noop mode
where no temporary directory is available. This resulted in rejecting the
one manifest that still lists a Ghostbuster's record (RFC 6493) and as a
[7 lines not shown]
The dual-pool form of the af-to action, af-to af FROM redirpool pool_opts
TO redirpool pool_opts was writing the TO side options in the FROM side.
OK sashan@
Fix possible reload bug that leave old filters on a peer.
In rde_reload_done() the code handling the peer->reconf_rib case has a
continue which skips the code path that actually reapplies the outbound
filters. The result is that such a peer keeps on running with the old
filters -- a subsequent reload will then fix this.
Removing the continue changes the way peer->reconf_rib and peer->reconf_out
interact. Now reconf_rib needs to be checked before reconf_out since it
is possible for both to be set. Adjust the code in rde_softreconfig_in_done()
accordingly.
OK tb@
