CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2023/06/23 05:36:24
Modified files:
usr.sbin/rpki-client: extern.h main.c repo.c rrdp.c
rrdp_notification.c
Log message:
Improve detection of RRDP session desynchronization
According to RFC 8182, a given session_id and serial number represent an
immutable record of the state of the Repository Server at a certain
point in time.
Add a check to the RRDP notification file processing to compare whether
the delta hashes associated to previously seen serials are different in
newly fetched notification files. Fall back to a snapshot if a difference
is detected, because such a mutation is a strong desynchronization
indicator.
Idea from Ties de Kock (RIPE NCC).
Based on a diff by job@
With and OK job@ tb@
