tmp
docs/_site
+# Files we're sorta contractually obligated to exclude.
+# Can't include ARIN's TAL because of their Relying Party Agreement
+# (https://www.arin.net/resources/manage/rpki/tal/)
+tal/arin.tal
+
# Unwanted manure shat by imbecile OSs
.DS_Store*
ehthumbs.db
config_tal = config_get_tal();
error = stat(config_tal, &attr);
- if (error) {
- pr_errno(errno, "Error reading path '%s'", config_tal);
- return -errno;
- }
+ if (error)
+ return pr_errno(errno, "Error reading path '%s'", config_tal);
fnstack_init();
if (S_ISDIR(attr.st_mode) == 0)
static int
create_dir_recursive(char *localuri)
{
- size_t repository_len;
int i, error;
bool exist = false;
if (exist)
return 0;
- repository_len = strlen(config_get_local_repository());
- for (i = 1 + repository_len; localuri[i] != '\0'; i++) {
+ for (i = 1; localuri[i] != '\0'; i++) {
if (localuri[i] == '/') {
localuri[i] = '\0';
error = create_dir(localuri);
if (err == ENETDOWN || err == EPROTO || err == ENOPROTOOPT
|| err == EHOSTDOWN || err == ENONET || err == EHOSTUNREACH
|| err == EOPNOTSUPP || err == ENETUNREACH)
- return VERDICT_RETRY;
+ goto retry;
#endif
#pragma GCC diagnostic push
#pragma GCC diagnostic ignored "-Wlogical-op"
if (err == EAGAIN || err == EWOULDBLOCK)
- return VERDICT_RETRY;
+ goto retry;
#pragma GCC diagnostic pop
- errno = err;
- pr_warn("Connection acceptor thread interrupted");
+ pr_info("Client connection attempt not accepted: %s. Quitting...",
+ strerror(err));
return VERDICT_EXIT;
+
+retry:
+ pr_info("Client connection attempt not accepted: %s. Retrying...",
+ strerror(err));
+ return VERDICT_RETRY;
}
static void
sizeof_client_addr = sizeof(client_addr);
do {
- client_fd = accept(server_fd, (struct sockaddr *)&client_addr,
+ client_fd = accept(server_fd, (struct sockaddr *) &client_addr,
&sizeof_client_addr);
switch (handle_accept_result(client_fd, errno)) {
case VERDICT_SUCCESS:
case VERDICT_RETRY:
continue;
case VERDICT_EXIT:
- return 0;
+ return -EINVAL;
}
/*
--- /dev/null
+# TALs
+
+Most of the Trust Anchor Locators of the RIRs are included here for convenience. (But maybe you should get your own, for security.)
+
+The only one that's not included is ARIN's, because you need to agree to their [RPA](https://www.arin.net/resources/manage/rpki/tal/).
--- /dev/null
+rsync://rpki.afrinic.net/repository/AfriNIC.cer
+
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsAqAhWIO+ON2Ef9oRDM
+pKxv+AfmSLIdLWJtjrvUyDxJPBjgR+kVrOHUeTaujygFUp49tuN5H2C1rUuQavTH
+vve6xNF5fU3OkTcqEzMOZy+ctkbde2SRMVdvbO22+TH9gNhKDc9l7Vu01qU4LeJH
+k3X0f5uu5346YrGAOSv6AaYBXVgXxa0s9ZvgqFpim50pReQe/WI3QwFKNgpPzfQL
+6Y7fDPYdYaVOXPXSKtx7P4s4KLA/ZWmRL/bobw/i2fFviAGhDrjqqqum+/9w1hEl
+L/vqihVnV18saKTnLvkItA/Bf5i11Yhw2K7qv573YWxyuqCknO/iYLTR1DToBZcZ
+UQIDAQAB
--- /dev/null
+rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
+
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9RWSL61YAAYumEiU8z8
+qH2ETVIL01ilxZlzIL9JYSORMN5Cmtf8V2JblIealSqgOTGjvSjEsiV73s67zYQI
+7C/iSOb96uf3/s86NqbxDiFQGN8qG7RNcdgVuUlAidl8WxvLNI8VhqbAB5uSg/Mr
+LeSOvXRja041VptAxIhcGzDMvlAJRwkrYK/Mo8P4E2rSQgwqCgae0ebY1CsJ3Cjf
+i67C1nw7oXqJJovvXJ4apGmEv8az23OLC6Ki54Ul/E6xk227BFttqFV3YMtKx42H
+cCcDVZZy01n7JjzvO8ccaXmHIgR7utnqhBRNNq5Xc5ZhbkrUsNtiJmrZzVlgU6Ou
+0wIDAQAB
--- /dev/null
+rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
+
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZEzhYK0+PtDOPfub/KR
+c3MeWx3neXx4/wbnJWGbNAtbYqXg3uU5J4HFzPgk/VIppgSKAhlO0H60DRP48by9
+gr5/yDHu2KXhOmnMg46sYsUIpfgtBS9+VtrqWziJfb+pkGtuOWeTnj6zBmBNZKK+
+5AlMCW1WPhrylIcB+XSZx8tk9GS/3SMQ+YfMVwwAyYjsex14Uzto4GjONALE5oh1
+M3+glRQduD6vzSwOD+WahMbc9vCOTED+2McLHRKgNaQf0YJ9a1jG9oJIvDkKXEqd
+fqDRktwyoD74cV57bW3tBAexB7GglITbInyQAsmdngtfg2LUMrcROHHP86QPZINj
+DQIDAQAB
--- /dev/null
+rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
+
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0URYSGqUz2myBsOzeW1j
+Q6NsxNvlLMyhWknvnl8NiBCs/T/S2XuNKQNZ+wBZxIgPPV2pFBFeQAvoH/WK83Hw
+A26V2siwm/MY2nKZ+Olw+wlpzlZ1p3Ipj2eNcKrmit8BwBC8xImzuCGaV0jkRB0G
+Z0hoH6Ml03umLprRsn6v0xOP0+l6Qc1ZHMFVFb385IQ7FQQTcVIxrdeMsoyJq9eM
+kE6DoclHhF/NlSllXubASQ9KUWqJ0+Ot3QCXr4LXECMfkpkVR2TZT+v5v658bHVs
+6ZxRD1b6Uk1uQKAyHUbn/tXvP8lrjAibGzVsXDT2L0x4Edx+QdixPgOji3gBMyL2
+VwIDAQAB
projects / thirdparty / FORT-validator.git / commitdiff
