+The new arguments are 'rrdp-disabled' and 'http.disabled', both are treated as flags.
+Update docs to include: new arguments, rrdp support, new 'libxml2' dependency.
+Update configuration file example to include new arguments.
+Fix bug at arguments whose value is expected to be a path, this '--tal=' was treated as valid when it isn't, so validate that no empty paths are received.
+Update unit tests impersonator with new args.
+Updates at setup script:
- Fix bug: paths that included a space in between, weren't correctly utilized.
- Use wget always.
- Ignore case when accepting ARIN's RPA.
## Status
-Version [{{ site.fort-latest-version }}](https://github.com/NICMx/FORT-validator/releases/tag/v{{ site.fort-latest-version }}){:target="_blank"} is the latest official release, includes minor updates, including:
+Version [{{ site.fort-latest-version }}](https://github.com/NICMx/FORT-validator/releases/tag/v{{ site.fort-latest-version }}){:target="_blank"} is the latest official release, includes several updates, including:
+- RRDP support (see [RFC 8182](https://tools.ietf.org/html/rfc8182)).
+- Support HTTPS URIs at TALs (see [RFC 8630](https://tools.ietf.org/html/rfc8630)).
- Remember last valid SLURM in case of syntax error with a newer version.
- Setup script to fetch ARINs TAL.
- Add incidence to validate signed objects DER encoding.
\ No newline at end of file
2. libcrypto (Either [LibreSSL](http://www.libressl.org/) or [OpenSSL](https://www.openssl.org/) >= 1.1)
3. [rsync](http://rsync.samba.org/)
4. [libcurl](https://curl.haxx.se/libcurl/)
+5. [libxml2](http://www.xmlsoft.org/)
Fort is currently supported in *64-bit* OS. A 32-bit OS may face the [Year 2038 problem](https://en.wikipedia.org/wiki/Year_2038_problem) when handling dates at certificates, and currently there's no work around for this.
### Debian version
{% highlight bash %}
-sudo apt install autoconf automake build-essential libjansson-dev libssl-dev pkg-config rsync libcurl4
+sudo apt install autoconf automake build-essential libjansson-dev libssl-dev pkg-config rsync libcurl4 libxml2
wget https://github.com/NICMx/FORT-validator/releases/download/v{{ site.fort-latest-version }}/fort-{{ site.fort-latest-version }}.tar.gz
tar xvzf fort-{{ site.fort-latest-version }}.tar.gz
{% highlight bash %}
su
-pkg_add jansson libexecinfo rsync # OpenBSD already ships with LibreSSL
+pkg_add jansson libexecinfo rsync libxml # OpenBSD already ships with LibreSSL
exit
ftp https://github.com/NICMx/FORT-validator/releases/download/v{{ site.fort-latest-version }}/fort-{{ site.fort-latest-version }}.tar.gz
OpenSSL devel (openssl-devel) package isn't necessary, if it's previously installed remove it to avoid future conflicts with newer OpenSSL versions.
{% highlight bash %}
-sudo yum install autoconf automake git jansson-devel pkgconfig rsync
+sudo yum install autoconf automake git jansson-devel pkgconfig rsync libxml2
# Install supported GCC to compile OpenSSL
sudo yum groupinstall "Development Tools"
{% endhighlight %}
The following steps are for Fedora 30.
{% highlight bash %}
-sudo yum install autoconf automake gcc make openssl-devel jansson-devel
+sudo yum install autoconf automake gcc make openssl-devel jansson-devel libxml2
wget https://github.com/NICMx/FORT-validator/releases/download/v{{ site.fort-latest-version }}/fort-{{ site.fort-latest-version }}.tar.gz
tar xvzf fort-{{ site.fort-latest-version }}.tar.gz
The following steps are for openSUSE Leap 15.1.
{% highlight bash %}
-sudo zypper install autoconf automake gcc libopenssl-devel libjansson-devel
+sudo zypper install autoconf automake gcc libopenssl-devel libjansson-devel libxml2
wget https://github.com/NICMx/FORT-validator/releases/download/v{{ site.fort-latest-version }}/fort-{{ site.fort-latest-version }}.tar.gz
tar xvzf fort-{{ site.fort-latest-version }}.tar.gz
{% highlight bash %}
su
-pkg install autoconf automake gcc jansson pkgconf rsync
+pkg install autoconf automake gcc jansson pkgconf rsync libxml2
exit
curl -L https://github.com/NICMx/FORT-validator/releases/download/v{{ site.fort-latest-version }}/fort-{{ site.fort-latest-version }}.tar.gz --output fort-{{ site.fort-latest-version }}.tar.gz
The following example is the processo to clone, compile and install in Debian OS.
{% highlight bash %}
-sudo apt install autoconf automake build-essential git libjansson-dev libssl-dev pkg-config rsync libcurl4-openssl-dev
+sudo apt install autoconf automake build-essential git libjansson-dev libssl-dev pkg-config rsync libcurl4-openssl-dev libxml2-dev
git clone https://github.com/NICMx/FORT-validator.git
cd FORT-validator/
| [6810](https://tools.ietf.org/html/rfc6810) (RTR Version 0) | 100% |
| [7318](https://tools.ietf.org/html/rfc7318) (Policy Qualifiers) | 100% |
| [7935](https://tools.ietf.org/html/rfc7935) (RPKI algorithms) | 100% |
-| [8182](https://tools.ietf.org/html/rfc8182) (RRDP) | 0% |
+| [8182](https://tools.ietf.org/html/rfc8182) (RRDP) | 100% |
| [8209](https://tools.ietf.org/html/rfc8209) (BGPSec Certificates) | 100% |
| [8210](https://tools.ietf.org/html/rfc8210) (RTR Version 1) | 100% |
| [8360](https://tools.ietf.org/html/rfc8360) (Validation Reconsidered) | 100% |
These constitute the approximate missing 25%.
-### RFC 8182 (RRDP)
-
-RRDP is a protocol intended to replace RSYNC in the RPKI. Fort only implements RSYNC, currently.
-
## TO-DO
- Reach 100% RFC compliance
2. [`strict`](#strict)
3. [`root`](#root)
4. [`root-except-ta`](#root-except-ta)
- 7. [`--shuffle-uris`](#--shuffle-uris)
- 8. [`--maximum-certificate-depth`](#--maximum-certificate-depth)
- 9. [`--mode`](#--mode)
- 10. [`--server.address`](#--serveraddress)
- 11. [`--server.port`](#--serverport)
- 12. [`--server.backlog`](#--serverbacklog)
- 13. [`--server.interval.validation`](#--serverintervalvalidation)
- 14. [`--server.interval.refresh`](#--serverintervalrefresh)
- 15. [`--server.interval.retry`](#--serverintervalretry)
- 16. [`--server.interval.expire`](#--serverintervalexpire)
- 17. [`--slurm`](#--slurm)
- 18. [`--log.level`](#--loglevel)
- 19. [`--log.output`](#--logoutput)
- 20. [`--log.color-output`](#--logcolor-output)
- 21. [`--log.file-name-format`](#--logfile-name-format)
- 22. [`--http.user-agent`](#--httpuser-agent)
- 23. [`--http.connect-timeout`](#--httpconnect-timeout)
- 24. [`--http.transfer-timeout`](#--httptransfer-timeout)
- 25. [`--http.ca-path`](#--httpca-path)
- 26. [`--output.roa`](#--outputroa)
- 27. [`--output.bgpsec`](#--outputbgpsec)
- 28. [`--asn1-decode-max-stack`](#--asn1-decode-max-stack)
- 29. [`--configuration-file`](#--configuration-file)
- 30. [`rsync.program`](#rsyncprogram)
- 31. [`rsync.arguments-recursive`](#rsyncarguments-recursive)
- 32. [`rsync.arguments-flat`](#rsyncarguments-flat)
- 33. [`incidences`](#incidences)
+ 7. [`--rrdp-disabled`](#--rrdp-disabled)
+ 8. [`--shuffle-uris`](#--shuffle-uris)
+ 9. [`--maximum-certificate-depth`](#--maximum-certificate-depth)
+ 10. [`--mode`](#--mode)
+ 11. [`--server.address`](#--serveraddress)
+ 12. [`--server.port`](#--serverport)
+ 13. [`--server.backlog`](#--serverbacklog)
+ 14. [`--server.interval.validation`](#--serverintervalvalidation)
+ 15. [`--server.interval.refresh`](#--serverintervalrefresh)
+ 16. [`--server.interval.retry`](#--serverintervalretry)
+ 17. [`--server.interval.expire`](#--serverintervalexpire)
+ 18. [`--slurm`](#--slurm)
+ 19. [`--log.level`](#--loglevel)
+ 20. [`--log.output`](#--logoutput)
+ 21. [`--log.color-output`](#--logcolor-output)
+ 22. [`--log.file-name-format`](#--logfile-name-format)
+ 23. [`--http.user-agent`](#--httpuser-agent)
+ 24. [`--http.connect-timeout`](#--httpconnect-timeout)
+ 25. [`--http.transfer-timeout`](#--httptransfer-timeout)
+ 26. [`--http.ca-path`](#--httpca-path)
+ 27. [`--http.disabled`](#--httpdisabled)
+ 28. [`--output.roa`](#--outputroa)
+ 29. [`--output.bgpsec`](#--outputbgpsec)
+ 30. [`--asn1-decode-max-stack`](#--asn1-decode-max-stack)
+ 31. [`--configuration-file`](#--configuration-file)
+ 32. [`rsync.program`](#rsyncprogram)
+ 33. [`rsync.arguments-recursive`](#rsyncarguments-recursive)
+ 34. [`rsync.arguments-flat`](#rsyncarguments-flat)
+ 35. [`incidences`](#incidences)
## Syntax
[--tal=<file>|<directory>]
[--local-repository=<directory>]
[--sync-strategy=off|strict|root|root-except-ta]
+ [--rrdp-disabled]
[--shuffle-uris]
[--maximum-certificate-depth=<unsigned integer>]
[--mode=server|standalone]
[--http.connect-timeout=<unsigned integer>]
[--http.transfer-timeout=<unsigned integer>]
[--http.ca-path=<directory>]
+ [--http.disabled]
[--output.roa=<file>]
[--output.bgpsec=<file>]
```
Path to the directory where Fort will store a local cache of the repository.
-Right now, Fort accesses RPKI repositories by way of [rsync](https://en.wikipedia.org/wiki/Rsync). (The alternate protocol [RRDP](https://tools.ietf.org/html/rfc8182) is in the road map.) During each validation cycle, Fort will literally invoke an `rsync` command (see [`rsync.program`](#rsyncprogram) and [`rsync.arguments-recursive`](#rsyncarguments-recursive)), which will download the files into `--local-repository`. Fort's entire validation process operates on the resulting copy.
+Fort accesses RPKI repositories either with [rsync](https://en.wikipedia.org/wiki/Rsync) or [RRDP](https://tools.ietf.org/html/rfc8182). During each validation cycle, and depending on the preferred access methods defined by the CAs, Fort can do two things:
+- Literally invoke an `rsync` command (see [`rsync.program`](#rsyncprogram) and [`rsync.arguments-recursive`](#rsyncarguments-recursive)), which will download the files into `--local-repository`.
+- Fetch the RRDP Update Notification file (which implies an HTTP request) and fetch the files from there on (can be obtained from a Snapshot file or Delta files). The files will be downloaed into `--local-repository`.
+
+Fort's entire validation process operates on the resulting copy of the files (doesn't matter if the files where fetched by rsync of https).
Because rsync uses delta encoding, you're advised to keep this cache around. It significantly speeds up subsequent validation cycles.
Useful if you want `root`, but the root certificate is separated from the rest of the repository. Also useful if you don't want the validator to download the entire repository without first confirming the integrity and legitimacy of the root certificate.
+### `--rrdp-disabled`
+
+- **Type:** None
+- **Availability:** `argv` and JSON
+
+If this flag is activated, Fort will utilize always RSYNC as the preferred access method.
+
+Otherwise, Fort will utilize RRDP when the preferred access method for a certificate repository is an Update Notification file URI.
+
### `--shuffle-uris`
- **Type:** None
The value specified is utilized in libcurl's option [CURLOPT_CAPATH](https://curl.haxx.se/libcurl/c/CURLOPT_CAPATH.html).
+### `--http.disabled`
+
+- **Type:** None
+- **Availability:** `argv` and JSON
+
+If the flag is activated, HTTP requests won't be performed and the files that should have been fetched are searched locally at [`--local-repository`](#--local-repository).
+
+Otherwise, Fort will perform HTTP requests when needed (eg. an HTTPS URI at a TAL, RRDP URIs).
+
### `--output.roa`
- **Type:** String (Path to file)
"<a href="#--tal">tal</a>": "/tmp/fort/tal/",
"<a href="#--local-repository">local-repository</a>": "/tmp/fort/repository/",
"<a href="#--sync-strategy">sync-strategy</a>": "root",
+ "<a href="#--rrdp-disabled">rrdp-disabled</a>": false,
"<a href="#--shuffle-uris">shuffle-uris</a>": true,
"<a href="#--maximum-certificate-depth">maximum-certificate-depth</a>": 32,
"<a href="#--slurm">slurm</a>": "/tmp/fort/test.slurm",
"<a href="#--httpuser-agent">user-agent</a>": "{{ page.command }}/{{ site.fort-latest-version }}",
"<a href="#--httpconnect-timeout">connect-timeout</a>": 30,
"<a href="#--httptransfer-timeout">transfer-timeout</a>": 30,
- "<a href="#--httpca-path">ca-path</a>": "/usr/local/ssl/certs"
+ "<a href="#--httpca-path">ca-path</a>": "/usr/local/ssl/certs",
+ "<a href="#--httpdisabled">disabled</a>": false
},
"rsync": {
"tal": "/tmp/fort/tal/",
"local-repository": "/tmp/fort/repository/",
"sync-strategy": "root",
+ "rrdp-disabled": false,
"shuffle-uris": false,
"maximum-certificate-depth": 32,
"mode": "server",
"user-agent": "fort/1.2.0",
"connect-timeout": 30,
"transfer-timeout": 30,
- "ca-path": "/usr/local/ssl/certs"
+ "ca-path": "/usr/local/ssl/certs",
+ "disabled": false
},
"rsync": {
"program": "rsync",
fi
}
-# Request program (0=wget, 1=curl, 2=ftp)
-DOWN_OPT=0
# Timeout for http requests
DOWN_TIME=20
{
echo ""
echo "Fetching $1 TAL..."
- case $DOWN_OPT in
- 0)
- wget -O $2 -T $DOWN_TIME $3
- RES=$?
- break
- ;;
- 1)
- curl --output $2 --connect-timeout $DOWN_TIME -L $3
- RES=$?
- break
- ;;
- 2)
- # Just in case, specific for OpenBSD, older versions may not support -o or -w
- ftp -o $2 -w $DOWN_TIME $3
- RES=$?
- break
- ;;
- *)
- echo "Please check the script, there's a programming error."
- exit 1
- ;;
- esac
+ wget -O "$2" -T $DOWN_TIME $3
+ RES=$?
exit_on_err "\"$RES\" = \"0\"" "Couldn't fetch $1 TAL, try again."
}
# Validate expected args
exit_on_err "$# -gt 0" 'Usage: '"$0"' TALS_PATH.\nTALS_PATH must be an existent directory path.'
-exit_on_err "-d $1" "Path $1 isn't a directory."
-exit_on_err "-w $1" "Write permission denied on path $1."
+TMP=`echo "$1"`
+if ! [ -d "$TMP" ] ; then
+ echo "Path '$TMP' isn't a directory."
+ exit 1
+fi
+if ! [ -w "$TMP" ] ; then
+ echo "Write permission denied on path '$TMP'."
+ exit 1
+fi
# Define download command
if type wget >/dev/null 2>&1 ; then
- DOWN_OPT=0
-elif type curl >/dev/null 2>&1 ; then
- DOWN_OPT=1
-elif type ftp >/dev/null 2>&1 ; then
- DOWN_OPT=2
+ echo ""
else
- echo "Couldn't found 'wget', 'curl' nor 'ftp' programs; I need at least one of them to fetch the TALs."
+ echo "Couldn't find 'wget' program; I need it to fetch the TALs."
exit 1
fi
+# Get the absolute path, in case the configuration file is placed elsewhere
+TALS_LOC=$TMP
+TMP=$(readlink -f "$TALS_LOC")
+if [ "$?" = "0" ] ; then
+ TALS_LOC="$TMP"
+ TMP=""
+fi
+
# Declare variables
-TALS_LOC=$1
GITHUB_TALS="https://raw.githubusercontent.com/NICMx/FORT-validator/master/examples/tal"
ACCEPT="no"
REPO_DIR="/var/cache/fort/repository"
ARIN_TAL="https://www.arin.net/resources/manage/rpki/arin-rfc7730.tal"
# Agree ARIN RPA. Exit on denial or unknown response, download otherwise.
-echo ""
echo "Please download and read ARIN Relying Party Agreement (RPA) from https://www.arin.net/resources/manage/rpki/rpa.pdf"
echo ""
echo -n "Once you've read and if you agree ARIN RPA, type \"yes\" to proceed with ARIN's TAL download: "
read ACCEPT
-exit_on_err "\"$ACCEPT\" = \"yes\"" '\nYou haven'"'"'t agreed ARIN RPA! You can manually download its TAL or try running this script again.\n\nWe strongly advise to download ARIN TAL so that the Relying Party (validator) can validate the whole RPKI.'
+exit_on_err "\"$(echo $ACCEPT | tr '[:upper:]' '[:lower:]')\" = \"yes\"" '\nYou haven'"'"'t agreed ARIN RPA! You can manually download its TAL or try running this script again.\n\nWe strongly advise to download ARIN TAL so that the Relying Party (validator) can validate the whole RPKI.'
-get_tal "ARIN" $TALS_LOC/arin-rfc7730.tal $ARIN_TAL
+get_tal "ARIN" "$TALS_LOC/arin-rfc7730.tal" $ARIN_TAL
# Get the rest of the TALs
echo ""
fi
fi
-# Get the absolute path, in case the configuration file is placed elsewhere
-TMP=$(readlink -f $TALS_LOC)
-if [ "$?" = "0" ] ; then
- TALS_LOC=$TMP
- TMP=""
-fi
-
# Create or overwrite configuration file
touch $CONF_FILE
echo "{ " > $CONF_FILE
fi
echo "------------------------------------------------------"
echo ""
-echo "- The five RIRs TAL's were downloaded to $TALS_LOC."
+echo "- The five RIRs TAL's were downloaded to '$TALS_LOC'."
if ! [ -z "$REPO_DIR" ] ; then
echo "- The directory $REPO_DIR was created, so it can be used as the local repository."
fi
Path to a directory where the local cache of the repository will be stored
and/or read.
.P
-Right now, FORT accesses RPKI repositories by way of \fIrsync\fR. During each
-validation cycle, FORT will literally invoke an rsync command (see
-\fBrsync.program\fR and \fBrsync.arguments-recursive\fR), which will download
-the files into \fB--local-repository\fR. FORT’s validation operates on the
-resulting copy.
+FORT accesses RPKI repositories either with \fIrsync\fR or \fIRRDP\fR (see RFC
+8182). During each validation cycle, and depending on the preferred access
+methods defined by the CAs, Fort can do two things:
+.RS 4
+.br
+- Literally invoke an rsync command (see \fBrsync.program\fR and
+\fBrsync.arguments-recursive\fR), which will download the files into
+\fB--local-repository\fR.
+.br
+- Fetch the RRDP Update Notification file (which implies an HTTP request) and
+fetch the files from there on (can be obtained from a Snapshot file or Delta
+files). The files will be downloaed into \fB--local-repository\fR.
+.RE
+.P
+Fort's entire validation process operates on the resulting copy of the files
+(doesn't matter if the files where fetched by rsync of https).
.P
Because rsync uses delta encoding, you’re advised to keep this cache around. It
significantly speeds up subsequent validation cycles.
.RE
.P
+.B \-\-rrdp-disabled
+.RS 4
+If this flag is activated, Fort will utilize always RSYNC as the preferred
+access method.
+.P
+Otherwise, Fort will utilize RRDP when the preferred access method for a
+certificate repository is an Update Notification file URI.
+.RE
+.P
+
.B \-\-shuffle-uris
.RS 4
If enabled, FORT will access TAL URLs in random order. This is meant for load
.RE
.P
+.B \-\-http.disabled
+.RS 4
+If this flag is activated, HTTP requests won't be performed and the files that
+should have been fetched are searched locally at \fB--local-repository\fR.
+.P
+Otherwise, Fort will perform HTTP requests when needed (eg. an HTTPS URI at a
+TAL, RRDP URIs).
+.RE
+.P
+
.B \-\-output.roa=\fIFILE\fR
.RS 4
File where the ROAs will be printed in CSV format.
"tal": "/tmp/fort/tal/",
"local-repository": "/tmp/fort/repository/",
"sync-strategy": "root",
+ "rrdp-disabled": false,
"shuffle-uris": true,
"maximum-certificate-depth": 32,
"mode": "server",
"user-agent": "fort/1.2.0",
"connect-timeout": 30,
"transfer-timeout": 30,
- "ca-path": "/usr/local/ssl/certs"
+ "ca-path": "/usr/local/ssl/certs",
+ "disabled": false
},
"rsync": {
"program": "rsync",
char *local_repository;
/** Synchronization (currently only RSYNC) download strategy. */
enum sync_strategy sync_strategy;
+ /* Disable RRDP file processing */
+ bool rrdp_disabled;
/**
* Handle TAL URIs in random order?
* (https://tools.ietf.org/html/rfc8630#section-3, last
unsigned int transfer_timeout;
/* Directory where CA certs to verify peers are found */
char *ca_path;
+ /*
+ * Disable HTTP requests, if 'true' uses local files located at
+ * local-repository.
+ */
+ bool disabled;
} http;
struct {
.doc = "RSYNC download strategy",
}, {
.id = 2000,
+ .name = "rrdp-disabled",
+ .type = >_bool,
+ .offset = offsetof(struct rpki_config, rrdp_disabled),
+ .doc = "Disable RRDP file(s) processing",
+ }, {
+ .id = 2001,
.name = "shuffle-uris",
.type = >_bool,
.offset = offsetof(struct rpki_config, shuffle_tal_uris),
.doc = "Directory where CA certificates are found, used to verify the peer",
.arg_doc = "<directory>",
},
+ {
+ .id = 9004,
+ .name = "http.disabled",
+ .type = >_bool,
+ .offset = offsetof(struct rpki_config, http.disabled),
+ .doc = "Enable or disable HTTP requests",
+ },
/* Logging fields */
{
goto revert_port;
}
+ rpki_config.rrdp_disabled = false;
rpki_config.sync_strategy = SYNC_ROOT;
rpki_config.shuffle_tal_uris = false;
rpki_config.maximum_certificate_depth = 32;
rpki_config.http.connect_timeout = 30;
rpki_config.http.transfer_timeout = 30;
rpki_config.http.ca_path = NULL; /* Use system default */
+ rpki_config.http.disabled = false;
rpki_config.log.color = false;
rpki_config.log.filename_format = FNF_GLOBAL;
return rpki_config.sync_strategy;
}
+bool
+config_get_rrdp_disabled(void)
+{
+ return rpki_config.rrdp_disabled;
+}
+
bool
config_get_shuffle_tal_uris(void)
{
return rpki_config.http.ca_path;
}
+bool
+config_get_http_disabled(void)
+{
+ return rpki_config.http.disabled;
+}
+
char const *
config_get_output_roa(void)
{
char const *config_get_tal(void);
char const *config_get_local_repository(void);
enum sync_strategy config_get_sync_strategy(void);
+bool config_get_rrdp_disabled(void);
bool config_get_shuffle_tal_uris(void);
unsigned int config_get_max_cert_depth(void);
enum mode config_get_mode(void);
unsigned int config_get_http_connect_timeout(void);
unsigned int config_get_http_transfer_timeout(void);
char const *config_get_http_ca_path(void);
+bool config_get_http_disabled(void);
uint8_t config_get_log_level(void);
enum log_output config_get_log_output(void);
char *config_get_rsync_program(void);
string_parse_argv(struct option_field const *field, char const *str,
void *result)
{
- if (field->type->has_arg != required_argument || str == NULL) {
+ if (field->type->has_arg != required_argument || str == NULL ||
+ strlen(str) == 0) {
return pr_err("String options ('%s' in this case) require an argument.",
field->name);
}
FILE *out;
int error;
+ if (config_get_http_disabled()) {
+ response_code = 0; /* Not 200 code, but also not an error */
+ return 0;
+ }
+
error = create_dir_recursive(uri_get_local(uri));
if (error)
return error;
* RSYNC will always be present (at least for now, see
* rfc6487#section-4.8.8.1)
*/
- if (sia_uris->rpkiNotify.uri == NULL)
+ if (sia_uris->rpkiNotify.uri == NULL || config_get_rrdp_disabled())
return rsync_cb(sia_uris);
/* Get the preferred */
return SYNC_ROOT;
}
+bool
+config_get_rrdp_disabled(void)
+{
+ return true;
+}
+
bool
config_get_color_output(void)
{
{
return NULL;
}
+
+bool
+config_get_http_disabled(void)
+{
+ return true;
+}
projects / thirdparty / FORT-validator.git / commitdiff
