This was in the tweakables wishlist. Previously hardcoded as 64.
It had to skip the line because it's needed by the upcoming session
desync commit.
.RE
.P
+.B \-\-rrdp.delta-threshold=\fIUNSIGNED_INTEGER\fR
+.RS 4
+Maximum deltas to explode per RRDP session, per iteration.
+.P
+(If the RRDP notification lists more than this amount of unprocessed deltas,
+Fort will reset the session, exploding the snapshot instead.)
+.RE
+.P
+
.B \-\-rsync.enabled=\fItrue\fR|\fIfalse\fR
.RS 4
Enables RSYNC requests.
char *ca_path;
} http;
+ struct {
+ /*
+ * Maximum deltas to explode per RRDP session, per iteration.
+ *
+ * (If the RRDP notification lists more than this amount of
+ * unprocessed deltas, Fort will reset the session, exploding
+ * the snapshot instead.)
+ */
+ unsigned int delta_threshold;
+ } rrdp;
+
struct {
/** Enables operation logs **/
bool enabled;
.json_null_allowed = false,
},
+ /* RRDP */
+ {
+ .id = 10000,
+ .name = "rrdp.delta-threshold",
+ .type = >_uint,
+ .offset = offsetof(struct rpki_config, rrdp.delta_threshold),
+ .doc = "Maximum deltas to explode per RRDP session, per iteration. "
+ "(Fall back to snapshot if threshold exceeded.)",
+ .min = 1,
+ .max = 128,
+ },
+
/* Logging fields */
{
.id = 4000,
rpki_config.http.max_file_size = 1000000000;
rpki_config.http.ca_path = NULL; /* Use system default */
+ /* TODO (fine) 64 may be too much; optimize it. */
+ rpki_config.rrdp.delta_threshold = 64;
+
rpki_config.log.enabled = true;
rpki_config.log.tag = NULL;
rpki_config.log.color = false;
return rpki_config.http.ca_path;
}
+unsigned int
+config_get_rrdp_delta_threshold(void)
+{
+ return rpki_config.rrdp.delta_threshold;
+}
+
char const *
config_get_output_roa(void)
{
long config_get_http_low_speed_time(void);
long config_get_http_max_file_size(void);
char const *config_get_http_ca_path(void);
+unsigned int config_get_rrdp_delta_threshold(void);
bool config_get_rsync_enabled(void);
unsigned int config_get_rsync_priority(void);
unsigned int config_get_rsync_retry_count(void);
#include "alloc.h"
#include "common.h"
+#include "config.h"
#include "file.h"
#include "log.h"
#include "thread_var.h"
}
diff = BN_get_word(diff_bn);
BN_free(diff_bn);
- /* TODO (fine) 64 may be too much; optimize it. */
- if (diff > 64ul || diff > notif->deltas.len)
+ if (diff > config_get_rrdp_delta_threshold() || diff > notif->deltas.len)
return pr_val_err("Cached RPP is too old. (Cached serial: %s; current serial: %s)",
serial->str, notif->session.serial.str);
MOCK(state_retrieve, struct validation *, NULL, void)
MOCK(validation_tal, struct tal *, NULL, struct validation *state)
MOCK(tal_get_file_name, char const *, "", struct tal *tal)
+MOCK_UINT(config_get_rrdp_delta_threshold, 64, void)
/* Mocks end */
projects / thirdparty / FORT-validator.git / commitdiff
