CVSROOT: /cvs
Module name: src
Changes by: be...@cvs.openbsd.org 2021/11/09 06:40:41
Modified files:
usr.sbin/rpki-client: Tag: OPENBSD_7_0 Makefile cert.c cms.c
crl.c encoding.c extern.h gbr.c http.c
io.c ip.c main.c mft.c output-bgpd.c
output-bird.c output-csv.c output-json.c
output.c parser.c repo.c roa.c
rpki-client.8 rrdp.c rrdp.h rrdp_delta.c
rrdp_notification.c rrdp_snapshot.c
rsync.c tal.c validate.c version.h x509.c
usr.bin/rsync : Tag: OPENBSD_7_0 Makefile blocks.c downloader.c
extern.h fargs.c flist.c main.c receiver.c
rsync.1 rules.c server.c uploader.c
Log message:
rpki-client(8) should handle CA misbehaviours as soft-errors.
This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current
and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40
2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including:
* Make rpki-client more resilient regarding untrusted input:
- fail repository synchronisation after 15min runtime
- limit the number of publication points per TAL
- don't allow DOCTYPE definitions in RRDP XML files
- fix detection of HTTP redirect loops.
* limit the number of concurrent rsync processes.
* fix CRLF in tal files.
This is patches/7.0/common/004_rpki.patch.sig
