# Process this file with autoconf to produce a configure script.
AC_PREREQ([2.69])
-AC_INIT([fort], [m4_esyscmd_s([git describe --dirty --always --tags])],
- [fort-validator@nic.mx])
+AC_INIT([fort], [1.5.3], [fort-validator@nic.mx])
AC_CONFIG_SRCDIR([src/main.c])
AM_INIT_AUTOMAKE([subdir-objects])
layout: "default"
image: "/img/logo_validador_og.png"
-fort-latest-version: 1.5.2
+fort-latest-version: 1.5.3
plugins:
- jekyll-seo-tag
- jekyll-sitemap
It is the number of seconds that the transfer speed should be below `--http.low-speed-limit` for the Fort to consider it too slow. (Slow connections are dropped.)
-See [`--http.low-speed-limit`](#--httplow-speed-limit).
+See [`--http.low-speed-limit`](#--httplow-speed-limit) for an example.
### `--http.max-file-size`
This is intended to prevent malicious RPKI repositories from stagnating Fort.
-As of 2021-10-05, the largest legitimate file in the repositories is an RRDP snapshot that weights ~150 megabytes.
+As of 2021-10-05, the largest legitimate file in the repositories is an RRDP snapshot that weights ~150 megabytes. (But will double in size during key rollover.)
+
+This configuration value is _transient_. It is expected that the IETF will eventually standardize a more versatile means to prevent unbounded file transfers. In particular, because RRDP snapshots tend to grow over time, `--http.max-file-size`'s default value will likely eventually be exceeded by legitimate files.
+
+Watch out for the following warning in the operation logs:
+
+ File size exceeds 50% of the configured limit
### `--http.ca-path`
- **Type:** String (Path to file)
- **Availability:** `argv` and JSON
->  BGPsec certificate validation has been disabled in version 1.5.2 because of [this bug](https://github.com/NICMx/FORT-validator/issues/58). It will be restored in version 1.5.3.
+>  BGPsec certificate validation has been disabled in version 1.5.2 because of [this bug](https://github.com/NICMx/FORT-validator/issues/58). It will be restored in version 1.5.4.
File where the BGPsec Router Keys (found during each validation run) will be stored. See [`--output.format`](#--outputformat).
-.TH fort 8 "2021-10-19" "v1.5.2" "FORT validator"
+.TH fort 8 "2021-11-09" "v1.5.3" "FORT validator"
.SH NAME
fort \- RPKI validator and RTR server
.RE
.P
-.B \-\-http.idle\-timeout=\fIUNSIGNED_INTEGER\fR
+.B \-\-low\-speed\-limit=\fIUNSIGNED_INTEGER\fR
.RS 4
-Maximum time in seconds (once the connection is established) that the request
-can be idle.
+The value Fort employs as CURLOPT_LOW_SPEED_LIMIT during every HTTP transfer.
.P
-Once the connection is established with the server, and if the request stops
-receiving data for at least \fBhttp.idle-timeout\fR seconds, the connection
-will be dropped. A value of \fI0\fR disables idle time verification (use with
-caution).
+"Abort connection if slower than LIMIT bytes/sec during TIME seconds."
.P
-The value specified (either by the argument or the default value) is utilized
-in libcurl’s option \fICURLOPT_LOW_SPEED_TIME\fR.
+(See \-\-low\-speed\-time.)
+.P
+Default: \fI100000\fR (100 KB/s)
+.RE
+.P
+
+.B \-\-low\-speed\-time=\fIUNSIGNED_INTEGER\fR
+.RS 4
+The value Fort employs as CURLOPT_LOW_SPEED_TIME during every HTTP transfer.
+.P
+"Abort connection if slower than LIMIT bytes/sec during TIME seconds."
+.P
+(See \-\-low\-speed\-limit.)
+.P
+Default: \fI10\fR
+.RE
+.P
+
+.B \-\-http\.max\-file\-size=\fIUNSIGNED_INTEGER\fR
+.RS 4
+Maximum amount of bytes files are allowed to length during HTTP transfers.
.P
-By default, it has a value of \fI15\fR.
+Default: \fI1000000000\fR (1 GB)
.RE
.P
.\".SH COPYRIGHT
.\" FORT-validator 2021
-.\" Licensed under the blah blah...
+.\" MIT License
.SH SEE ALSO
.B Regular man pages
fort_SOURCES += rtr/db/db_table.c rtr/db/db_table.h
fort_SOURCES += rtr/db/delta.c rtr/db/delta.h
fort_SOURCES += rtr/db/deltas_array.c rtr/db/deltas_array.h
-fort_SOURCES += rtr/db/roa.h
fort_SOURCES += rtr/db/vrps.c rtr/db/vrps.h
fort_SOURCES += slurm/db_slurm.c slurm/db_slurm.h
projects / thirdparty / FORT-validator.git / commitdiff
