Skip to content

v1.0.0

Choose a tag to compare

View all tags
@pcarana pcarana released this 26 Aug 20:56
v1.0.0
This tag was signed with the committer’s verified signature. The key has expired.
pcarana Francisco Javier Moreno
GPG key ID: 618A7AC16260CB01
Expired
Verified
Learn about vigilant mode.
015219e
This commit was signed with the committer’s verified signature. The key has expired.
pcarana Francisco Javier Moreno
GPG key ID: 618A7AC16260CB01
Expired
Verified
Learn about vigilant mode.

This is the first official release!

The public key to verify the tarball is here (it isn't certified yet).

Changes since v0.0.2:

  • Bug fixes

    • Solved issue #11 "ROAs, MFTs and CAs created with revoked certs are valids".
    • Solved issue #12 "Programming error when a ROA without prefixes is validated".
    • Solved issue #13 "Wrong "serial number X is not unique" error is displayed when an MFT expired error happens".
    • Solved issue #14 "FORT using server mode cannot be interrupted on OpenBSD with SIGINT signal (Control+C)".
    • The whole set of multiple SLURM files wasn't rejected in overlap cases (RFC 8416 section 4.2).
    • Validate "server.port" numeric value, since the function "getaddrinfo" is a bit lax with numeric values (it takes into account only the 16 rightmost bits).
    • Log the configured "server.address" instead of always log "any" as the server address.
    • Validate "output.roa" file path at initialization.
    • LibreSSL couldn't decode base64 text with line breaks where at least one line had more than 80 chars.
    • Remove invalid memory release when a TAL wasn't successfully loaded.
    • Some files needed by the unit tests were not exporting.
    • Join each client thread when the connection is terminated.
    • Avoid memory leak caused by X509_VERIFY_PARAM.
    • Patch bad initialization of CRL stack.
    • SLURM filters weren't correctly applied when an asn and prefix were set, only the asn was taken into account to filter VRPs.
    • SLURM filters of covering prefixes were ignored; e.g. if a prefix X covered ROA prefix Y, the ROA prefix wasn't filtered.

  • Updates

    • In case of a SLURM error, log the JSON element with the error instead of logging the element number.
    • Log a warning when a configuration path ("slurm", "tal") contains 0 expected files (extensions ".slurm", ".tal").
    • Configuration property "maximum-certificate-depth" now has a minimum allowed value of 5 to allow a regular validation using RIR TALs.
    • The incidence "Signed Object's hash algorithm has NULL object as parameters" now has the ID "incid-hashalg-has-params", and by default it has an action of "ignore".
    • Update information displayed by "--help" at "--tal" and "--slurm" flags.
    • Show ROA eContent in debug mode.
    • Retry file download when there's an error related to a manifest file.
    • Set compiler optimization level ("-O") from "0" to "2".
    • Display RTR server info when successfully binded.
    • Log property name on value error (for unsigned integer values).
    • Remove compile warning '_BSD_SOURCE and _SVID_SOURCE are deprecated'.
    • Log custom incidences on initialization.

  • Docs

    • Indicate current support for 64 bits OSs. 32 bit archs MAY present the 2038 Year Problem.
    • Add installation steps for: CentOS 7, Fedora 30, openSUSE Leap, FreeBSD 12, Slackware current release (as of 2019-08-12)
    • Add minimum dependencies version required: Openssl >= 1.1.0, GCC >= 4.9.
    • Update incidences section, now the registered incidence has a distinct ID and a default action of "ignore".
    • Update link to "UINT_MAX" definition at usage section.
    • Use path "/tmp/fort/" at multiple examples (man, web docs).
Assets 5
Loading