pcarana [Tue, 21 May 2019 21:11:40 +0000 (16:11 -0500)]
Add multiple improvements at SLURM, config and vrp, and fix a test bug
- Fix bug at client_test, the module wasn't updated with several changes from other commits.
- Add common function to load data from a file or directory, use this for TAL and SLURM locations (both configurations can have a file path or a dir path).
- Update some config parameters:
+ 'server.slurm.location' renamed to 'slurm' and it can be a file path or a directory path.
+ 'server.queue' renamed to 'server.backlog' with a default value of SOMAXCONN.
+ Delete 'server.rtr-interval.*' (RTRv1 isn't supported yet).
- Create macros to compare VRPs and to compare each of its properties.
- If the SLURM has errors, don't drop the whole ROA tree, just don't apply SLURM on the tree.
pcarana [Mon, 20 May 2019 22:06:50 +0000 (17:06 -0500)]
Attend some TODOs on clients and vrps DB
+Clients:
- Unify thread's DB and clients DB; threads IDs are remembered apart from client FDs, so that the main process can join all threads at the end.
- Remove (now unnecessary) struct rtr_client.
- End clients gracefully when the server is stopped (release memory, close sockets, join threads) and when communication between server-client stops in a regular way (eg. all PDUs were sent and the communication is terminated).
- Add a client to the DB until its own thread has started.
- Init clients DB from rtr.c instead of main.c.
+VRPS:
- Remove min_serial storage, is useless; calculate it instead when requested.
- Purge deltas when needed and don't store them if there are no clients.
- Rename 'current_serial' to 'next_serial'.
- include most TALs for convenience
- patch local repository's `mkdir -p` (just wasn't working at all)
- print status messages on client `accept(2)` failures
I couldn't find a viable way to multithreadedly manage deltas
without reference counters, and sig_atomic_t doesn't look portable
to me. So I decided to use C11 atomic types.
Upgrades the language standard from gnu99 to gnu11.
- Remove the traverse_down() and traverse_up() callbacks, obsolete since
the ROA database refactor.
- Fix warnings reported by ultra-pedantic gcc.
- Add abbreviations file.
- Patch unit tests (broken in the last commit).
- Some TODOs patched or discarded.
It's a configurable means to define the outcome of a validation
error.
At present, it has only been coded to handle the signature
algorithm having parameters error, since it's technically a
profile violation, and yet there's an insurmountable amount of
certificates breaking it at present.
Unrelatedly, the commit also prevents some RTR errors from being
responded to RTR errors.
- Add several validations
- Some error pipelines were missing error responses
- Patch "Erroneous PDU" fields. (The server was writing only headers,
not as much of the offending PDU as possible.)
pcarana [Fri, 10 May 2019 22:44:20 +0000 (17:44 -0500)]
Simplify PDUs sender.
-Remove data_buffer struct since isn't really needed.
-Move BUFFER_SIZE (now MAX_BUFFER_SIZE) to pdu_serializer, and increment to 1024.
-The static sender function (send_response) just sends whatever data it receives, since every other PDU sender function and the serializer are responsible to set the data length to the exact size of the data that'll be sent.
pcarana [Fri, 10 May 2019 18:06:58 +0000 (13:06 -0500)]
Remove some TODOs and re-classify others
-Move directory loading and file filtering to common.h.
-Accept a TALs directory in configuration.
-Don't check for overriden PDUs if there's only 1 delta to send.
-Add roa_table merge function, this allows to merge distinct roa tables so that the VRPs base can have all the data from multiple TALs.
-Remove 'loop' var (isn't necessary) and make 'sigaction act' a global var.
- New typedef: `serial_t`. Because I keep forgetting the serial data
type we're using.
- Remove `enum delta_op` in favor of `FLAG_*`. The latter still should
probably be converted into an enum and renamed though, especially
since its instances are never actually used as bitwise flags.
- Moved `struct vrp`'s `flag` field into `struct delta`, because it's
not always used in `vrp`.
Also, to improve performance a little, we're no longer canceling deltas
on cache responses when there's only one serial, because the ROA hash
table already guarantees their uniqueness.
The cache server MUST ensure that it has told the router client to
have one and only one IPvX PDU for a unique {Prefix, Len, Max-Len,
ASN} at any one point in time. Should the router client receive an
IPvX PDU with a {Prefix, Len, Max-Len, ASN} identical to one it
already has active, it SHOULD raise a Duplicate Announcement Received
error.
Though sometimes we can't do anything meaningful with the errors,
but panicking is probably better than ignoring them and subtly
doing the wrong thing.
The code was underperforming on lookups (which also meant it
was underperforming on adds and removals), and had incorrect
locking.
Also, adds and removes had inconsistent keys (adds used addresses
and removes used file descriptors). This wasn't necessarily
a bug, but added needless complexity.
-Remove slurm_check_interval configuration parameter since is unnecessary.
-Load multiple SLURM files from a configured location (must be a directory).
-Add Router Key PDU (structs, serializer, sender function with pending work to do).
-Set buffers as unsigned char buffers.
-Prepare to send large PDUs (beta).
-Increment default buffer size to 512.
pcarana [Wed, 27 Mar 2019 17:41:34 +0000 (11:41 -0600)]
Remove some memleaks reported by Valgrind
-Make threads joinable and implement a destroy function used by the main thread (here all the threads are joined).
-Start the updates_daemon until the server socket is correctly binded.
-Valgrind reports some leaks on abnormal termination, so these will be handled later.
After discussing it further still, we decided to add another
synchronization strategy, which behaves as requested in the issue.
The new strategy is `root-except-ta`. As its name implies, it
behaves as `root` mode, except for the root certificate, which is
synchronized in `strict` mode.
This way we get the best of both worlds: If the root certificate
is known to reside in the same repository as everything else, the
user can choose `root` and synchronize as fast as possible.
On the other hand, if the user does not want to download the entire
repository until the root certificate has been validated, they can
choose `root-except-ta`.
pcarana [Fri, 22 Mar 2019 16:08:42 +0000 (10:08 -0600)]
Remove some TODOs and add some fixes.
-Deltas creation is responsibility of vrps.c, so remove it from csv.c
-Remove unnecessary storage from heap (vrp structs, base DB an delta DB) and avoid some mem leaks.
-Change 'delta_resume' to 'delta_summary'.
-Handle error codes that were ignored.
pcarana [Thu, 21 Mar 2019 00:46:46 +0000 (18:46 -0600)]
Format line width (80) and 4 spaces indentation when needed, remove some TODOs
-Align definition of constants.
-csv.h and .c: add void param to 'csv_parse_vrps_file'.
-line_file.h: add missing param of 'lfile_close'.
-main.c: comment 'TODO This will be overriden [..]' was for developer, isn't valid since the conf will be loaded from the JSON file.
-notify.h and .c: add void param to 'notify_clients'.
-vrps.c: explain VRP meaning, how session ID is the existent solution to avoid serial desynchronization, and remove bad comment style.
pcarana [Fri, 15 Mar 2019 15:41:08 +0000 (09:41 -0600)]
Calculate and get changes between serials.
Use a base serial, the base will always be the last DB update.
Calculate the difference between the latest version and the past, and store it as delta.
Save pointers to deltas, increment last serial number when the update ops are complete.
Avoid to send duplicate announcements/withdrawals.
- They need the Check framework, which should not be a dependency
for everyone.
- Check itself is the only dependency managed by pkg-config, so we
don't want to force everyone to install that either.
No idea if any of this is good practice. But it's much easier to
explain in the documentation, so there you go.
projects / thirdparty / FORT-validator.git / log
