[Bug 267891] net/routinator: Update to 12.0

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 21 Nov 2022 12:40:34 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267891

            Bug ID: 267891
           Summary: net/routinator: Update to 12.0
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://www.nlnetlabs.nl/news/2022/Nov/10/routinator-0
                    .12.0-released/
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: jaap@NLnetLabs.nl
 Attachment #238212 maintainer-approval+
             Flags:

Created attachment 238212
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=238212&action=edit
patch to update

0.12.0  'Brutalism and Gardening'

Breaking Changes

* Restructured the TAL configuration in response to the dropped
requirement to opt into the ARIN TAL.  Routinator will now use the
bundled RIR TALs directly unless told otherwise by the new --no-rir-tals
command line and config option.  The additional bundled TALs can
be added via the new --tal command line and config option. Additionally,
the TAL directory can still be used via the --extra-tals-dir option.
The tal-dir option has been removed but will still be accepted and
ignored in the config file only.  The init command has been removed.
(#796)

* Changed the default configuration option for unsafe-vrps to accept
and removed all logging or mentioning of unsafe VRPs in this case.  (#761)

* Setting the rsync-timeout option to 0 now disables the rsync
timeout. (#798)

* Refactored error handling. Routinator now logs the reason why an
object failed verification or was otherwise rejected. (#755)

* Removed the deprecated rrdp-disable-gzip configuration option.  (#769)

New

* The new limit-v4-len and limit-v6-len command line and config
file options allow limiting the length of IPv4 and IPv6 prefixes,
respectively, to be included in the VRP data set. (#810)

* The new rrdp-fallback command line and config file option allows
specifying the circumstances under which a failed RRDP fetch should
result in using rsync instead. Supported polices are never for never
falling back to using rsync, stale for the current behavior of
falling back when RRDP has failed for some time, and new to only
fall back for repositories where RRDP has never worked before.
(#799)

* In the extended jsonext output format, the information for VRPs
and router keys derived from RPKI data has gained a new member "tal"
that shows the name of the TAL this object was published under.
(#765)

* The log output to files, stderr, and the /log HTTP endpoint now
includes the log level of the message to make it more clear how
important the message really is. (#797)

* The RTR client metrics have been extended by three new values
allowing to track the time since last cache reset and the number
of reset and serial queries. Like all RTR client metrics, these new
values are only available if enable explicitly via the rtr-client-metrics
config option. (#800)

* TCP keepalive is now enabled for RRDP connections. The keepalive
duration can be configured via the new command line and config file
option rrdp-tcp-keepalive. (#801)


Bug Fixes

* Fixed an issue in error handling in the RRDP collector that causes
Routinator to exit if it encountered malformed Base 64 in RRDP
snapshot and delta files. (Found by Donika Mirdita and Haya Shulman.
Assigned [CVE-2022-3029].) ([#784])

* Fixed an issue where RRDP snapshots and deltas with a status code
other than 200 OK were accepted and processed. (#802)

* Changed how Routinator deals with files in the store that cannot
be parsed. These will now be ignored and the publication point
stored in them considered not available. (#803)

* When piping output from the vrps command into something else, a
broken pipe will not lead to an error message any more. (#807)

* Fixed various issues with the calculation of RTR metrics. (#811)


Other Changes

* The minimal required Rust version has been increased to 1.60.  (#792)

* The default Docker image now listens on both port 8323 and 9556
for HTTP requests. (#809)

-- 
You are receiving this mail because:
You are the assignee for the bug.