Protocolary updates for release 1.6.0

Author: ydahhrk

README.md

@@ -1,20 +1,14 @@
 # FORT Validator
 
-An RPKI Validator and RTR Server, part of the [FORT project](https://www.fortproject.net).
+An RPKI Relying Party and RTR Server.
 
 ## Documentation
 
-FORT Validator's documentation (installation, usage, etc.) can be found at [https://nicmx.github.io/FORT-validator/](https://nicmx.github.io/FORT-validator/).
-
-If you wish to generate the docs by yourself, visit the [docs directory](docs/).
+- [Home](https://nicmx.github.io/FORT-validator/index.html)
+- [Installation](https://nicmx.github.io/FORT-validator/installation.html)
+- [Usage](https://nicmx.github.io/FORT-validator/run.html)
+- [Arguments](https://nicmx.github.io/FORT-validator/usage.html)
 
 ## Docker image
 
-A Dockerfile to build the image is located at the [docker directory](docker/).
-
-## Quick start
-
-TL;DR all the docs, probably you just want to read:
-- How to install? Visit [Compilation and Installation](https://nicmx.github.io/FORT-validator/installation.html).
-- How to execute? Visit [Basic Usage](https://nicmx.github.io/FORT-validator/run.html) and [Program Arguments](https://nicmx.github.io/FORT-validator/usage.html).
-- How to configure the router(s)? Visit [Routers](https://nicmx.github.io/FORT-validator/routers.html).
+See the [docker/ directory](docker/).

docs/usage.md

@@ -86,8 +86,6 @@ description: Guide to use arguments of FORT Validator.
 	[--configuration-file=<file>]
 	[--tal=<file>|<directory>]
 	[--local-repository=<directory>]
-	[--sync-strategy=off|root|root-except-ta]
-	[--shuffle-uris=true|false]
 	[--maximum-certificate-depth=<unsigned integer>]
 	[--slurm=<file>|<directory>]
 	[--mode=server|standalone]
@@ -102,19 +100,15 @@ description: Guide to use arguments of FORT Validator.
 	[--server.interval.expire=<unsigned integer>]
 	[--server.deltas.lifetime=<unsigned integer>]
 	[--rsync.enabled=true|false]
-	[--rsync.priority=<32-bit unsigned integer>]
-	[--rsync.strategy=root|root-except-ta]
+	[--rsync.priority=<unsigned integer>]
 	[--rsync.retry.count=<unsigned integer>]
 	[--rsync.retry.interval=<unsigned integer>]
-	[--rrdp.enabled=true|false]
-	[--rrdp.priority=<32-bit unsigned integer>]
-	[--rrdp.retry.count=<unsigned integer>]
-	[--rrdp.retry.interval=<unsigned integer>]
 	[--http.enabled=true|false]
-	[--http.priority=<32-bit unsigned integer>]
+	[--http.priority=<unsigned integer>]
 	[--http.retry.count=<unsigned integer>]
 	[--http.retry.interval=<unsigned integer>]
 	[--http.user-agent=<string>]
+	[--http.max-redirs=<unsigned integer>]
 	[--http.connect-timeout=<unsigned integer>]
 	[--http.transfer-timeout=<unsigned integer>]
 	[--http.low-speed-limit=<unsigned integer>]
@@ -139,11 +133,9 @@ description: Guide to use arguments of FORT Validator.
 	[--output.bgpsec=<file>]
 	[--output.format=csv|json]
 	[--asn1-decode-max-stack=<unsigned integer>]
-	[--stale-repository-period=<unsigned integer>]
 	[--init-tals=true|false]
 	[--init-as0-tals=true|false]
 	[--thread-pool.server.max=<unsigned integer>]
-	[--thread-pool.validation.max=<unsigned integer>]
 ```
 
 If an argument is specified more than once, the last one takes precedence:
@@ -942,91 +934,91 @@ The configuration options are mostly the same as the ones from the `argv` interf
 
 <pre><code>{
 	"<a href="#--tal">tal</a>": "/tmp/fort/tal/",
-	"<a href="#--local-repository">local-repository</a>": "/tmp/fort/repository/",
+	"<a href="#--local-repository">local-repository</a>": "/tmp/fort/repository",
 	"<a href="#--work-offline">work-offline</a>": false,
-	"<a href="#--shuffle-uris">shuffle-uris</a>": true,
 	"<a href="#--maximum-certificate-depth">maximum-certificate-depth</a>": 32,
 	"<a href="#--mode">mode</a>": "server",
 	"<a href="#--daemon">daemon</a>": false,
 	"<a href="#--slurm">slurm</a>": "/tmp/fort/test.slurm",
+	"<a href="#--asn1-decode-max-stack">asn1-decode-max-stack</a>": 4096,
 
 	"server": {
 		"<a href="#--serveraddress">address</a>": [
 			"192.0.2.1",
 			"2001:db8::1"
 		],
 		"<a href="#--serverport">port</a>": "8323",
-		"<a href="#--serverbacklog">backlog</a>": 16,
+		"<a href="#--serverbacklog">backlog</a>": 4096,
 		"interval": {
 			"<a href="#--serverintervalvalidation">validation</a>": 3600,
 			"<a href="#--serverintervalrefresh">refresh</a>": 3600,
 			"<a href="#--serverintervalretry">retry</a>": 600,
 			"<a href="#--serverintervalexpire">expire</a>": 7200
 		},
 		"deltas": {
-			"<a href="#--serverdeltaslifetime">lifetime</a>": 4
+			"<a href="#--serverdeltaslifetime">lifetime</a>": 2
 		}
 	},
 
 	"log": {
 		"<a href="#--logenabled">enabled</a>": true,
-		"<a href="#--loglevel">level</a>": "warning",
 		"<a href="#--logoutput">output</a>": "console",
-		"<a href="#--logcolor-output">color-output</a>": true,
-		"<a href="#--logfile-name-format">file-name-format</a>": "file-name",
+		"<a href="#--loglevel">level</a>": "info",
+		"<a href="#--logtag">tag</a>": "Operation",
 		"<a href="#--logfacility">facility</a>": "daemon",
-		"<a href="#--logtag">tag</a>": "Operation"
+		"<a href="#--logfile-name-format">file-name-format</a>": "global-url",
+		"<a href="#--logcolor-output">color-output</a>": false
 	},
 
 	"validation-log": {
 		"<a href="#--validation-logenabled">enabled</a>": false,
-		"<a href="#--validation-loglevel">level</a>": "warning",
 		"<a href="#--validation-logoutput">output</a>": "console",
-		"<a href="#--validation-logcolor-output">color-output</a>": true,
-		"<a href="#--validation-logfile-name-format">file-name-format</a>": "global-url",
+		"<a href="#--validation-loglevel">level</a>": "warning",
+		"<a href="#--validation-logtag">tag</a>": "Validation",
 		"<a href="#--validation-logfacility">facility</a>": "daemon",
-		"<a href="#--validation-logtag">tag</a>": "Validation"
+		"<a href="#--validation-logfile-name-format">file-name-format</a>": "global-url",
+		"<a href="#--validation-logcolor-output">color-output</a>": false
 	},
 
 	"http": {
 		"<a href="#--httpenabled">enabled</a>": true,
 		"<a href="#--httppriority">priority</a>": 60,
 		"retry": {
-			"<a href="#--httpretrycount">count</a>": 2,
-			"<a href="#--httpretryinterval">interval</a>": 5
+			"<a href="#--httpretrycount">count</a>": 1,
+			"<a href="#--httpretryinterval">interval</a>": 4
 		},
 		"<a href="#--httpuser-agent">user-agent</a>": "{{ page.command }}/{{ site.fort-latest-version }}",
+		"<a href="#--httpconnect-timeout">max-redirs</a>": 10,
 		"<a href="#--httpconnect-timeout">connect-timeout</a>": 30,
 		"<a href="#--httptransfer-timeout">transfer-timeout</a>": 0,
-		"<a href="#--httplow-speed-limit">low-speed-limit</a>": 30,
+		"<a href="#--httplow-speed-limit">low-speed-limit</a>": 100000,
 		"<a href="#--httplow-speed-time">low-speed-time</a>": 10,
-		"<a href="#--httpmax-file-size">max-file-size</a>": 10000000,
+		"<a href="#--httpmax-file-size">max-file-size</a>": 1000000000,
 		"<a href="#--httpca-path">ca-path</a>": "/usr/local/ssl/certs"
 	},
 
 	"rsync": {
 		"<a href="#--rsyncenabled">enabled</a>": true,
 		"<a href="#--rsyncpriority">priority</a>": 50,
-		"<a href="#--rsyncstrategy">strategy</a>": "root-except-ta",
 		"retry": {
-			"<a href="#--rsyncretrycount">count</a>": 2,
-			"<a href="#--rsyncretryinterval">interval</a>": 5
+			"<a href="#--rsyncretrycount">count</a>": 1,
+			"<a href="#--rsyncretryinterval">interval</a>": 4
 		},
 		"<a href="#rsyncprogram">program</a>": "rsync",
 		"<a href="#rsyncarguments-recursive">arguments-recursive</a>": [
-			"--recursive",
+			"-rtz",
 			"--delete",
-			"--times",
+			"--omit-dir-times",
 			"--contimeout=20",
+			"--max-size=20MB",
 			"--timeout=15",
-			"$REMOTE",
-			"$LOCAL"
-		],
-		"<a href="#rsyncarguments-flat">arguments-flat</a>": [
-			"--times",
-			"--contimeout=20",
-			"--timeout=15",
-			"--dirs",
+			"--include=*/",
+			"--include=*.cer",
+			"--include=*.crl",
+			"--include=*.gbr",
+			"--include=*.mft",
+			"--include=*.roa",
+			"--exclude=*",
 			"$REMOTE",
 			"$LOCAL"
 		]
@@ -1068,14 +1060,8 @@ The configuration options are mostly the same as the ones from the `argv` interf
 	"thread-pool": {
 		"server": {
 			"<a href="#--thread-poolservermax">max</a>": 20
-		},
-		"validation": {
-			"<a href="#--thread-poolvalidationmax">max</a>": 5
 		}
-	},
-
-	"<a href="#--asn1-decode-max-stack">asn1-decode-max-stack</a>": 4096,
-	"<a href="#--stale-repository-period">stale-repository-period</a>": 43200
+	}
 }
 </code></pre>
 

man/fort.8

@@ -1,4 +1,4 @@
-.TH fort 8 "2023-11-16" "v1.6.0" "FORT validator"
+.TH fort 8 "2023-11-30" "v1.6.0" "FORT validator"
 
 .SH NAME
 fort \- RPKI validator and RTR server
@@ -1187,91 +1187,98 @@ validating every 30 minutes, and printing the ROAs CSV in a file.
 This is an example of a valid JSON configuration file with all its members set
 to a specific value:
 .nf
-
 {
   "tal": "/tmp/fort/tal/",
-  "local-repository": "/tmp/fort/repository/",
+  "local-repository": "/tmp/fort/repository",
   "work-offline": false,
-  "shuffle-uris": true,
   "maximum-certificate-depth": 32,
   "mode": "server",
   "daemon": false,
   "slurm": "/tmp/fort/test.slurm",
+  "asn1-decode-max-stack": 4096,
+
   "server": {
     "address": [
       "192.0.2.1",
       "2001:db8::1"
     ],
     "port": "8323",
-    "backlog": 64,
+    "backlog": 4096,
     "interval": {
       "validation": 3600,
       "refresh": 3600,
       "retry": 600,
       "expire": 7200
     },
     "deltas": {
-      "lifetime": 4
+      "lifetime": 2
     }
   },
+
   "log": {
     "enabled": true,
-    "level": "warning",
     "output": "console",
-    "color-output": true,
-    "file-name-format": "local-path",
+    "level": "info",
+    "tag": "Operation",
     "facility": "daemon",
-    "tag": "Operation"
+    "file-name-format": "global-url",
+    "color-output": false
   },
+
   "validation-log": {
     "enabled": false,
-    "level": "warning",
     "output": "console",
-    "color-output": true,
-    "file-name-format": "local-path",
+    "level": "warning",
+    "tag": "Validation",
     "facility": "daemon",
-    "tag": "Validation"
+    "file-name-format": "global-url",
+    "color-output": false
   },
+
   "http": {
     "enabled": true,
     "priority": 60,
     "retry": {
-      "count": 2,
-      "interval": 5
+      "count": 1,
+      "interval": 4
     },
-    "user-agent": "fort/1.5.1",
+    "user-agent": "fort/1.6.0",
+    "max-redirs": 10,
     "connect-timeout": 30,
     "transfer-timeout": 0,
-    "idle-timeout": 15,
+    "low-speed-limit": 100000,
+    "low-speed-time": 10,
+    "max-file-size": 1000000000,
     "ca-path": "/usr/local/ssl/certs"
   },
+
   "rsync": {
     "enabled": true,
     "priority": 50,
-    "strategy": "root-except-ta",
     "retry": {
-      "count": 2,
-      "interval": 5
+      "count": 1,
+      "interval": 4
     },
     "program": "rsync",
     "arguments-recursive": [
-      "--recursive",
+      "-rtz",
       "--delete",
-      "--times",
-      "--contimeout=20",
-      "--timeout=15",
-      "$REMOTE",
-      "$LOCAL"
-    ],
-    "arguments-flat": [
-      "--times",
+      "--omit-dir-times",
       "--contimeout=20",
+      "--max-size=20MB",
       "--timeout=15",
-      "--dirs",
+      "--include=*/",
+      "--include=*.cer",
+      "--include=*.crl",
+      "--include=*.gbr",
+      "--include=*.mft",
+      "--include=*.roa",
+      "--exclude=*",
       "$REMOTE",
       "$LOCAL"
     ]
   },
+
   "incidences": [
     {
       "name": "incid-hashalg-has-params",
@@ -1298,20 +1305,18 @@ to a specific value:
       "action": "error"
     }
   ],
+
   "output": {
     "roa": "/tmp/fort/roas.csv",
     "bgpsec": "/tmp/fort/bgpsec.csv",
     "format": "csv"
   },
+
   "thread-pool": {
     "server": {
       "max": 20
-    },
-    "validation": {
-      "max": 5
     }
-  },
-  "asn1-decode-max-stack": 4096
+  }
 }
 .fi
 .RE

test/Makefile.am

@@ -92,7 +92,7 @@ vrps_test_LDADD = ${MY_LDADD} ${JANSSON_LIBS}
 xml_test_SOURCES = xml_test.c
 xml_test_LDADD = ${MY_LDADD} ${XML2_LIBS}
 
-EXTRA_DIST  = mock.c
+EXTRA_DIST  = mock.c mock.h
 EXTRA_DIST += line_file/core.txt
 EXTRA_DIST += line_file/empty.txt
 EXTRA_DIST += line_file/error.txt