Rewrite logging. #859
Merged
Rewrite logging. #859
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DRiKE
requested changes
May 17, 2023
|
Fixed the comments. Also switched date formatting to the lazy version provided via |
DRiKE
approved these changes
May 30, 2023
partim
added a commit
that referenced
this pull request
Jul 13, 2023
New * Added support for ASPA. Processing needs to be enabled via the new option `enable-aspa` which is only available if the `aspa` feature is explicitly selected during compilation. This is due to the specification still changing. The implementation currently conforms with [draft-ietf-sidrops-aspa-profile-15]. ([#847], [#873], [#874], [#878]) * Added support for version 2 of the RTR protocol. This primarly means support for the ASPA payload type. ([#847]) * Sending SIGUSR2 to Routinator will re-open a log file if logging to a file is enabled. ([#859]) * The HTTP server provides a new endpoint `/json-delta/notify` that can be used to wait for updated data similar to the RTR Notify PDU. ([#863]) * Added support for filtering and adding router keys via local exception files. ([#865]) * The `vrps` command and the HTTP payload output endpoints now allow excluding specific payload types for output. ([#866]) * Added a new member `payload` to the output of the `/api/v1/status` endpoint that gives an overall summary of the produced payload. ([#867]) * Added new members `generated` and `generatedTime` to the JSON object produced by the `/json-delta` endpoint. ([#868]) Breaking Changes * A new field `aspa` was added to the jsonext format. See the manual page for more information. ([#847]) * A number of ASPA-related fields have been added to all metrics and status formats. ([#847]) * Renamed functions and attributes that refer to standalone end entity certificates to refer to router certificates so they don’t get confused with the end entity certificates included with signed objects. ([#854]) * Renamed the JSON member in the HTTP status API from `validEECerts` to `validRouterCerts`. The old name is still available but may be removed in the future. ([#854]) * The regular `json` output format now includes router key and ASPA output. Since both are disabled by default, the format will still be compatible by default. ([#866]) * The minimal required Rust version has been increased to 1.70. ([#847], [#853], [#869], [#879]) Bug Fixes * Fixed a bug in the RTR server where it would include router key PDUs even if the negotiated protocol version was 0. (via [rpki-rs #250]) * Restored the ability to parse ASNs in JSON input to the `validity` command as string or number. ([#861]) Other Changes * The log message for missing manifest now include the URI of the CA certificate for which the manifest is missing. ([#864]) * Binary packages are now also built for Debian _bookworm._ ([#881]) --------- Co-authored-by: Ximon Eighteen <3304436+ximon18@users.noreply.github.com>
partim
added a commit
that referenced
this pull request
Sep 21, 2023
New * Added support for ASPA. Processing needs to be enabled via the new option `enable-aspa` which is only available if the `aspa` feature is explicitly selected during compilation. This is due to the specification still changing. The implementation currently conforms with [draft-ietf-sidrops-aspa-profile-15]. ([#847], [#873], [#874], [#878]) * Added support for version 2 of the RTR protocol. This primarly means support for the ASPA payload type. ([#847]) * Sending SIGUSR2 to Routinator will re-open a log file if logging to a file is enabled. ([#859]) * The HTTP server provides a new endpoint `/json-delta/notify` that can be used to wait for updated data similar to the RTR Notify PDU. ([#863]) * Added support for filtering and adding router keys via local exception files. ([#865]) * The `vrps` command and the HTTP payload output endpoints now allow excluding specific payload types for output. ([#866]) * Added a new member `payload` to the output of the `/api/v1/status` endpoint that gives an overall summary of the produced payload. ([#867]) * Added new members `generated` and `generatedTime` to the JSON object produced by the `/json-delta` endpoint. ([#868]) Breaking Changes * A new field `aspa` was added to the jsonext format. See the manual page for more information. ([#847]) * A number of ASPA-related fields have been added to all metrics and status formats. ([#847]) * Renamed functions and attributes that refer to standalone end entity certificates to refer to router certificates so they don’t get confused with the end entity certificates included with signed objects. ([#854]) * Renamed the JSON member in the HTTP status API from `validEECerts` to `validRouterCerts`. The old name is still available but may be removed in the future. ([#854]) * The regular `json` output format now includes router key and ASPA output. Since both are disabled by default, the format will still be compatible by default. ([#866]) * The minimal required Rust version has been increased to 1.70. ([#847], [#853], [#869], [#879]) Bug Fixes * Fixed a bug in the RTR server where it would include router key PDUs even if the negotiated protocol version was 0. (via [rpki-rs #250]) * Restored the ability to parse ASNs in JSON input to the `validity` command as string or number. ([#861]) * Update bcder to at least 0.7.3 to fix various decoding issues that could lead to a panic when processing invalid RPKI objects. * Check the request URI when generating a path for storing a copy of a RRDP response with the `rrdp-keep-responses` option to avoid path traversal. ([#894]. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39916.) Other Changes * The log message for missing manifest now include the URI of the CA certificate for which the manifest is missing. ([#864]) * Binary packages are now also built for Debian _bookworm._ ([#881])
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Sep 21, 2023
Pkgsrc changes: * Update cargo-depends.mk, update checksums. Upstream changes: Release v0.13.0 -- 'Should Have Started This in a Screen' New * Added support for ASPA. Processing needs to be enabled via the new option `enable-aspa` which is only available if the `aspa` feature is explicitly selected during compilation. This is due to the specification still changing. The implementation currently conforms with [draft-ietf-sidrops-aspa-profile-15]. ([#847], [#873], [#874], [#878]) * Added support for version 2 of the RTR protocol. This primarly means support for the ASPA payload type. ([#847]) * Sending SIGUSR2 to Routinator will re-open a log file if logging to a file is enabled. ([#859]) * The HTTP server provides a new endpoint `/json-delta/notify` that can be used to wait for updated data similar to the RTR Notify PDU. ([#863]) * Added support for filtering and adding router keys via local exception files. ([#865]) * The `vrps` command and the HTTP payload output endpoints now allow excluding specific payload types for output. ([#866]) * Added a new member `payload` to the output of the `/api/v1/status` endpoint that gives an overall summary of the produced payload. ([#867]) * Added new members `generated` and `generatedTime` to the JSON object produced by the `/json-delta` endpoint. ([#868]) Breaking Changes * A new field `aspa` was added to the jsonext format. See the manual page for more information. ([#847]) * A number of ASPA-related fields have been added to all metrics and status formats. ([#847]) * Renamed functions and attributes that refer to standalone end entity certificates to refer to router certificates so they don't get confused with the end entity certificates included with signed objects. ([#854]) * Renamed the JSON member in the HTTP status API from `validEECerts` to `validRouterCerts`. The old name is still available but may be removed in the future. ([#854]) * The regular `json` output format now includes router key and ASPA output. Since both are disabled by default, the format will still be compatible by default. ([#866]) * The minimal required Rust version has been increased to 1.70. ([#847], [#853], [#869], [#879]) Bug Fixes * Fixed a bug in the RTR server where it would include router key PDUs even if the negotiated protocol version was 0. (via [rpki-rs #250]) * Restored the ability to parse ASNs in JSON input to the `validity` command as string or number. ([#861]) * Update bcder to at least 0.7.3 to fix various decoding issues that could lead to a panic when processing invalid RPKI objects. * Check the request URI when generating a path for storing a copy of a RRDP response with the `rrdp-keep-responses` option to avoid path traversal. ([#894]. Found by Haya Shulman, Donika Mirdita and Niklas Vogel. Assigned CVE-2023-39916.) Other Changes * The log message for missing manifest now include the URI of the CA certificate for which the manifest is missing. ([#864]) * Binary packages are now also built for Debian _bookworm._ ([#881]) [#847]: NLnetLabs/routinator#847 [#853]: NLnetLabs/routinator#853 [#854]: NLnetLabs/routinator#854 [#859]: NLnetLabs/routinator#859 [#861]: NLnetLabs/routinator#861 [#863]: NLnetLabs/routinator#863 [#864]: NLnetLabs/routinator#864 [#865]: NLnetLabs/routinator#865 [#866]: NLnetLabs/routinator#866 [#867]: NLnetLabs/routinator#867 [#868]: NLnetLabs/routinator#868 [#869]: NLnetLabs/routinator#869 [#873]: NLnetLabs/routinator#873 [#874]: NLnetLabs/routinator#874 [#878]: NLnetLabs/routinator#878 [#879]: NLnetLabs/routinator#879 [#881]: NLnetLabs/routinator#881 [#894]: NLnetLabs/routinator#894 [rpki-rs #250]: NLnetLabs/rpki-rs#250 [draft-ietf-sidrops-aspa-profile-15]: https://datatracker.ietf.org/doc/draft-ietf-sidrops-aspa-profile/15/
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR implements all log handling with the exception of actual syslog in Routinator itself. It also implements support for log rotation when logging into files by re-opening the log file when receiving SIGUSR2.
Error handling for logging is now such that if trying to log to file or syslog fails, Routinator will exit. It will also exit if it receives SIGUSR2 and can’t open the log file.
The motivation for this is that the log is used by many people to determine issues with the RPKI repositories, so silently not having logs seems bad. Also, not being able to log is a good indication for bigger problems to come.
Fixes #468. Fixes #732.