Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Panic in routes/analysis/full #1251

Open
DeD1rk opened this issue Feb 7, 2025 · 1 comment
Open

Panic in routes/analysis/full #1251

DeD1rk opened this issue Feb 7, 2025 · 1 comment

Comments

@DeD1rk
Copy link

DeD1rk commented Feb 7, 2025

While trying to make some changes to krill, the following happened:

After making a 'online' CA under krillta, GET /api/v1/cas/online/routes/analysis/full causes issues.
When running with a normal krill (as installed with cargo install --git https://github.com/NLnetLabs/krill.git --branch main) my vscode window with the terminal krill was running from crashed after becoming unresponsive.

When running the same thing with a debug build (cargo install --git https://github.com/NLnetLabs/krill.git --branch main --debug), the following gets logged to the terminal (not the krill.log file) multiple times:

thread 'tokio-runtime-worker' panicked at /home/dirkdoesburg/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/num/mod.rs:1199:5:
attempt to multiply with overflow

To set up the ta and reproducibly, I'm using this script:


LOCATION="${KRILL_LOCATION:-/home/dirkdoesburg/poc/data}"
TA_CONF="$LOCATION/krillta.conf"

# This allows using 'localhost' in URIs in resource certificates.
export KRILL_TEST=true

echo "Setting up TA and tree of CAs in $LOCATION"
rm -rfI $LOCATION
mkdir -p $LOCATION/messages

echo "Killing any running krill instances..."
killall krill || true

# Write config files
cat > $LOCATION/krill.conf <<EOF
storage_uri = "$LOCATION/krill-data"
ta_support_enabled = true

log_level = "debug"
log_type = "file"
log_file = "$LOCATION/krill.log"

admin_token = "foo"

https_mode = "disable"
service_uri = "https://localhost:3000/"

EOF

cat > $LOCATION/krillta.conf <<EOF

data_dir = "$LOCATION/krillta-data"
log_level = "debug"
log_type = "file"
log_file = "$LOCATION/krillta.log"

EOF

echo "Starting krill in background..."
krill -c $LOCATION/krill.conf &

export KRILL_CLI_SERVER="http://localhost:3000" \
    KRILL_CLI_TOKEN="foo"

sleep 1

echo "Checking krill status..."
krillc info > /dev/null

echo "Ready :)\n\nStarting TA setup..."

krillta proxy init

krillc pubserver server init --rrdp "https://localhost:3000/rrdp/" --rsync "rsync://localhost/repo/"

echo "TA Proxy repo setup..."
krillta proxy repo request 2> $LOCATION/messages/ta-pub-req.xml
krillc pubserver publishers add --request $LOCATION/messages/ta-pub-req.xml 2> $LOCATION/messages/ta-repo-res.xml
krillta proxy repo configure --response $LOCATION/messages/ta-repo-res.xml

echo "TA Signer init..."
krillta proxy --format json id 2> $LOCATION/messages/ta-proxy-id.json
krillta proxy --format json repo contact 2> $LOCATION/messages/ta-proxy-repo-contact.json
krillta signer -c $TA_CONF init --proxy-id $LOCATION/messages/ta-proxy-id.json \
                    --proxy-repository-contact $LOCATION/messages/ta-proxy-repo-contact.json \
                    --tal-https "https://localhost:3000/ta/ta.cer" \
                    --tal-rsync "rsync://localhost/ta/ta.cer"

echo "TA Proxy-Signer association..."
krillta signer -c $TA_CONF --format json show 2> $LOCATION/messages/ta-signer-info.json
krillta proxy signer init --info $LOCATION/messages/ta-signer-info.json

echo "Create 'online' CA..."
krillc add --ca online
krillc --format json show --ca online 2> $LOCATION/messages/online.json
krillta proxy children add --info $LOCATION/messages/online.json 2> $LOCATION/messages/online-add-res.xml
krillta proxy children response --child online 2> $LOCATION/messages/online-parent-res.xml
krillc parents add --ca online --parent ta --response $LOCATION/messages/online-parent-res.xml

echo "Configure 'online' repo..."
krillc repo request --ca online 2> $LOCATION/messages/online-repo-req.xml
krillc pubserver publishers add --request $LOCATION/messages/online-repo-req.xml 2> $LOCATION/messages/online-repo-res.xml
krillc repo configure --ca online --response $LOCATION/messages/online-repo-res.xml

sleep 1

echo "Request a cert from the TA..."
krillta proxy signer make-request 2> /dev/null
krillta proxy --format json signer show-request 2> $LOCATION/messages/ta-signer-req.json
krillta signer -c $TA_CONF process --request $LOCATION/messages/ta-signer-req.json 2> /dev/null
krillta signer -c $TA_CONF --format json last 2> $LOCATION/messages/ta-signer-res.json
krillta proxy signer process-response --response $LOCATION/messages/ta-signer-res.json

echo "\n\nThe 'online' CA should soon have a resource cert for everything :)\n\n"
echo "Waiting a few seconds...\n"

sleep 1

echo "Adding a CA 'child' under 'online' without any resources..."
krillc add --ca child

krillc repo request --ca child 2> $LOCATION/messages/child-repo-req.xml
krillc pubserver publishers add --request $LOCATION/messages/child-repo-req.xml 2> $LOCATION/messages/child-repo-res.xml
krillc repo configure --ca child --response $LOCATION/messages/child-repo-res.xml

krillc parents request --ca child 2> $LOCATION/messages/child-parent-req.xml
krillc children add --ca online --child child --ipv4 123.12.23.0/24 \
    --request $LOCATION/messages/child-parent-req.xml \
    2> $LOCATION/messages/child-parent-res.xml
krillc parents add --ca child --parent online --response $LOCATION/messages/child-parent-res.xml

echo "Now we can update 'child' to get different resources...\nGiving it 123.12.0.0/16."
krillc children update --ca online --child child --ipv4 123.12.0.0/16

sleep 1
echo "\nFinally, let's add a ROA to be sure it all works..."
krillc roas update --ca child --add "123.12.0.0/16-16 => 5"

Here's the krill.log, which shows nothing about the issue.

krill.log 

2025-02-07 14:09:57 [INFO] [krill::daemon::config] Krill uses configuration file: /home/dirkdoesburg/poc/test1/krill.conf
2025-02-07 14:09:57 [INFO] [krill::upgrades] Mapping OpenSSL signer keys, using uri: local:///home/dirkdoesburg/poc/test1/krill-data/
2025-02-07 14:09:57 [INFO] [krill::commons::crypto::signing::dispatch::krillsigner] Configuring signer 'Default OpenSSL signer' (type: OpenSSL, default: true, one_off: true)
2025-02-07 14:09:57 [INFO] [krill::upgrades] Recorded 0 key identifiers in the signer store
2025-02-07 14:09:57 [INFO] [krill::daemon::krillserver] Starting Krill v0.14.5-dev
2025-02-07 14:09:57 [INFO] [krill::daemon::krillserver] Krill uses service uri: https://localhost:3000/
2025-02-07 14:09:57 [INFO] [krill::commons::crypto::signing::dispatch::krillsigner] Configuring signer 'Default OpenSSL signer' (type: OpenSSL, default: true, one_off: true)
2025-02-07 14:09:57 [INFO] [krill::commons::eventsourcing::store] Cache for CAs has been warmed.
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: queue_start_tasks with priority: 2025-02-07T13:09:57+00:00
2025-02-07 14:09:57 [DEBUG] [krill::daemon::scheduler] Adding missing tasks at start up
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: all_cas_republish_if_needed with priority: 2025-02-07T13:09:57+00:00
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: all_cas_renew_objects_if_needed with priority: 2025-02-07T13:09:57+00:00
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:10:57+00:00
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: update_stored_snapshots with priority: 2025-02-07T13:09:57+00:00
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] Finish task: running/1738933797066-queue_start_tasks
2025-02-07 14:09:57 [INFO] [krill::daemon::scheduler] Updated snapshots for cas
2025-02-07 14:09:57 [INFO] [krill::daemon::scheduler] Updated snapshots for signers
2025-02-07 14:09:57 [INFO] [krill::daemon::scheduler] Updated snapshots for properties
2025-02-07 14:09:57 [INFO] [krill::daemon::scheduler] Updated snapshots for pubd
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: update_stored_snapshots with priority: 2025-02-08T13:09:57+00:00
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: all_cas_renew_objects_if_needed with priority: 2025-02-07T14:09:57+00:00
2025-02-07 14:09:57 [DEBUG] [krill::daemon::mq] add task: all_cas_republish_if_needed with priority: 2025-02-07T13:14:57+00:00
2025-02-07 14:09:58 [DEBUG] [krill::commons::crypto::signing::dispatch::signerrouter] Signer 'Default OpenSSL signer' is ready and new, binding
2025-02-07 14:09:58 [DEBUG] [krill::commons::crypto::signing::dispatch::signerrouter] Signer 'Default OpenSSL signer' bound to signer handle '05cec0a3-da25-4c95-ae18-7fd5c15ba9cc'
2025-02-07 14:09:58 [INFO] [krill::commons::crypto::signing::dispatch::signerrouter] Signer 'Default OpenSSL signer' is ready for use
2025-02-07 14:09:58 [INFO] [krill::pubd::manager] Initializing repository
2025-02-07 14:09:58 [DEBUG] [krill::pubd::repository] Write updated RRDP state to disk - if there are any updates that is.
2025-02-07 14:09:58 [DEBUG] [krill::pubd::repository] No old notification file found
2025-02-07 14:09:58 [DEBUG] [krill::pubd::repository] Write snapshot file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/1/0ad24edf515ee150/snapshot.xml
2025-02-07 14:09:58 [INFO] [krill::pubd::repository] Sending command to publisher '0', version: 1: id '0' version 'any' details 'Added publisher 'ta''
2025-02-07 14:09:59 [INFO] [krill::daemon::ca::manager] CA 'ta' process add child request: handle 'online' resources 'asn: 'AS0-AS4294967295', ipv4: '0.0.0.0/0', ipv6: '::/0''
2025-02-07 14:09:59 [DEBUG] [krill::daemon::ca::manager] Getting entitlements for CA 'online' from parent 'ta'
2025-02-07 14:09:59 [INFO] [krill::daemon::ca::certauth] CA 'online' added parent 'ta'
2025-02-07 14:09:59 [DEBUG] [krill::daemon::mq] Seen event for CA online version 2: 'added parent 'ta' '
2025-02-07 14:09:59 [WARN] [krill::daemon::mq] Synchronisation of CA 'online' with parent 'ta' postponed until repository is configured.
2025-02-07 14:09:59 [INFO] [krill::pubd::repository] Sending command to publisher '0', version: 2: id '0' version 'any' details 'Added publisher 'online''
2025-02-07 14:09:59 [DEBUG] [krill::pubd::manager] Received RFC 8181 list query for online
2025-02-07 14:09:59 [INFO] [krill::daemon::ca::certauth] CA 'online' updated repository. Service URI will be: https://localhost:3000/rfc8181/online/
2025-02-07 14:09:59 [DEBUG] [krill::daemon::mq] Seen event for CA online version 3: 'updated repository to remote server: https://localhost:3000/rfc8181/online/'
2025-02-07 14:09:59 [DEBUG] [krill::daemon::mq] add task: sync_online_with_parent_ta with priority: 2025-02-07T13:09:59+00:00
2025-02-07 14:10:00 [INFO] [krill::daemon::scheduler] Synchronize CA 'online' with its parent 'ta'
2025-02-07 14:10:00 [DEBUG] [krill::daemon::ca::manager] Getting entitlements for CA 'online' from parent 'ta'
2025-02-07 14:10:00 [INFO] [krill::daemon::ca::certauth] CA 'online' received entitlement under parent 'ta', created resource class '0' and made certificate request
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] Seen event for CA online version 4: 'added resource class with name '0''
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] Seen event for CA online version 4: 'requested certificate for key (hash) '74F88854038CE0A19889C8A88AD92E5DD0AAE450' under resource class '0''
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] CA online requested certificate for RC 0
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] CA online will schedule sync for parent ta when CA is version 4
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] add task: sync_online_with_parent_ta with priority: 2025-02-07T13:10:00+00:00
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] add task: sync_online_with_parent_ta with priority: 2025-02-09T00:25:48+00:00
2025-02-07 14:10:00 [INFO] [krill::daemon::scheduler] Synchronize CA 'online' with its parent 'ta'
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] add task: sync_ta_proxy_signer with priority: 2025-02-07T13:10:00+00:00
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] add task: sync_online_with_parent_ta with priority: 2025-02-09T00:20:48+00:00
2025-02-07 14:10:00 [DEBUG] [krill::daemon::scheduler] Synchronise Trust Anchor Proxy with Signer - if Signer is local.
2025-02-07 14:10:00 [WARN] [krill::daemon::ca::manager] There is at least one pending request for the TA signer. Plan a signing session!
2025-02-07 14:10:00 [DEBUG] [krill::daemon::mq] Finish task: running/1738933800353-sync_ta_proxy_signer
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] add task: sync_repo_ta with priority: 2025-02-07T13:10:01+00:00
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] add task: sync_online_with_parent_ta with priority: 2025-02-07T13:10:01+00:00
2025-02-07 14:10:01 [INFO] [krill::daemon::scheduler] Synchronize CA ta with repository
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::manager] CA 'ta' sends list query to repo
2025-02-07 14:10:01 [DEBUG] [krill::pubd::manager] Received RFC 8181 list query for ta
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::manager] CA 'ta' sends delta
2025-02-07 14:10:01 [DEBUG] [krill::pubd::manager] Received RFC 8181 delta query for ta
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Publish delta for ta
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] add task: update_rrdp_if_needed with priority: 2025-02-07T13:10:01+00:00
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::manager] CA 'ta' sent delta
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] Finish task: running/1738933801858-sync_repo_ta
2025-02-07 14:10:01 [INFO] [krill::daemon::scheduler] Synchronize CA 'online' with its parent 'ta'
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::certauth] CA online: Updating received cert for class: 0
2025-02-07 14:10:01 [INFO] [krill::daemon::ca::rc] Received certificate for CA 'online' under RC '0', with resources: 'asn: 'AS0-AS4294967295', ipv4: '0.0.0.0/0', ipv6: '::/0'' valid until: '2026-02-06T13:10:01+00:00'
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::routes] Selecting ROA publication mode: Simple
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] Seen event for CA online version 5: 'activating pending key '74F88854038CE0A19889C8A88AD92E5DD0AAE450' under resource class '0''
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] add task: sync_repo_online with priority: 2025-02-07T13:10:01+00:00
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] add task: sync_online_with_parent_ta with priority: 2025-02-08T23:00:53+00:00
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Write updated RRDP state to disk - if there are any updates that is.
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Found existing notification file for current session with deltas.
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Write delta file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/2/94ed697f745ca916/delta.xml
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Write snapshot file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/2/0ad24edf515ee150/snapshot.xml
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] Finish task: running/1738933801989-update_rrdp_if_needed
2025-02-07 14:10:01 [INFO] [krill::daemon::scheduler] Synchronize CA online with repository
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::manager] CA 'online' sends list query to repo
2025-02-07 14:10:01 [DEBUG] [krill::pubd::manager] Received RFC 8181 list query for online
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::manager] CA 'online' sends delta
2025-02-07 14:10:01 [DEBUG] [krill::pubd::manager] Received RFC 8181 delta query for online
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Publish delta for online
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] add task: update_rrdp_if_needed with priority: 2025-02-07T13:10:01+00:00
2025-02-07 14:10:01 [DEBUG] [krill::daemon::ca::manager] CA 'online' sent delta
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] Finish task: running/1738933801990-sync_repo_online
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Write updated RRDP state to disk - if there are any updates that is.
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Found existing notification file for current session with deltas.
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Write delta file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/3/8bdfa88708444c46/delta.xml
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Skip writing delta for serial 2. File should exist.
2025-02-07 14:10:01 [DEBUG] [krill::pubd::repository] Write snapshot file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/3/0ad24edf515ee150/snapshot.xml
2025-02-07 14:10:01 [DEBUG] [krill::daemon::mq] Finish task: running/1738933801991-update_rrdp_if_needed
2025-02-07 14:10:02 [INFO] [krill::pubd::repository] Sending command to publisher '0', version: 3: id '0' version 'any' details 'Added publisher 'child''
2025-02-07 14:10:02 [DEBUG] [krill::pubd::manager] Received RFC 8181 list query for child
2025-02-07 14:10:02 [INFO] [krill::daemon::ca::certauth] CA 'child' updated repository. Service URI will be: https://localhost:3000/rfc8181/child/
2025-02-07 14:10:02 [DEBUG] [krill::daemon::mq] Seen event for CA child version 2: 'updated repository to remote server: https://localhost:3000/rfc8181/child/'
2025-02-07 14:10:02 [INFO] [krill::daemon::ca::manager] CA 'online' process add child request: handle 'child' resources 'asn: '', ipv4: '123.12.23.0/24', ipv6: '''
2025-02-07 14:10:02 [INFO] [krill::daemon::ca::certauth] CA 'online' added child 'child' with resources 'asn: '', ipv4: '123.12.23.0/24', ipv6: '''
2025-02-07 14:10:02 [DEBUG] [krill::daemon::mq] Seen event for CA online version 6: 'added child 'child' with resources 'asn: '', ipv4: '123.12.23.0/24', ipv6: '', id (hash): 2FA1E52E92C8A5AB302D832953EA0893FDB8EFCC'
2025-02-07 14:10:02 [DEBUG] [krill::daemon::ca::manager] Getting entitlements for CA 'child' from parent 'online'
2025-02-07 14:10:02 [INFO] [krill::daemon::ca::certauth] CA 'child' added parent 'online'
2025-02-07 14:10:02 [DEBUG] [krill::daemon::mq] Seen event for CA child version 3: 'added parent 'online' '
2025-02-07 14:10:02 [DEBUG] [krill::daemon::mq] Parent online added to CA child, scheduling sync
2025-02-07 14:10:02 [DEBUG] [krill::daemon::mq] add task: sync_child_with_parent_online with priority: 2025-02-07T13:10:02+00:00
2025-02-07 14:10:03 [INFO] [krill::daemon::ca::certauth] CA 'online' update child 'child' resources: Added: ipv4: 123.12.0.0-123.12.22.255, 123.12.24.0-123.12.255.255
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Seen event for CA online version 7: 'updated child 'child' resources to 'asn: '', ipv4: '123.12.0.0/16', ipv6: ''''
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Schedule a sync from the child to this CA as their parent. This will be a no-op for remote children.
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: sync_child_with_parent_online with priority: 2025-02-07T13:10:03+00:00
2025-02-07 14:10:03 [INFO] [krill::daemon::scheduler] Synchronize CA 'child' with its parent 'online'
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::manager] Getting entitlements for CA 'child' from parent 'online'
2025-02-07 14:10:03 [INFO] [krill::daemon::ca::certauth] CA 'child' received entitlement under parent 'online', created resource class '0' and made certificate request
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Seen event for CA child version 4: 'added resource class with name '0''
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Seen event for CA child version 4: 'requested certificate for key (hash) '29C0DC6CDC8355DC0C1865B96BBA204C1F326401' under resource class '0''
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] CA child requested certificate for RC 0
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] CA child will schedule sync for parent online when CA is version 4
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: sync_child_with_parent_online with priority: 2025-02-07T13:10:03+00:00
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: sync_child_with_parent_online with priority: 2025-02-08T23:25:29+00:00
2025-02-07 14:10:03 [INFO] [krill::daemon::scheduler] Synchronize CA 'child' with its parent 'online'
2025-02-07 14:10:03 [INFO] [krill::daemon::ca::certauth] CA 'online' issued certificate '29C0DC6CDC8355DC0C1865B96BBA204C1F326401.cer' to child 'child'
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::publishing] Will re-issue for key: 74F88854038CE0A19889C8A88AD92E5DD0AAE450. Current revision: 1 and next update: 2025-02-08T15:41:01.865871417+00:00
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Seen event for CA online version 8: 'issued certificate to child 'child' for class '0' and pub key '29C0DC6CDC8355DC0C1865B96BBA204C1F326401''
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Seen event for CA online version 8: 'updated child certificates in resource class 0 issued keys:  29C0DC6CDC8355DC0C1865B96BBA204C1F326401'
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: sync_repo_online with priority: 2025-02-07T13:10:03+00:00
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::certauth] CA child: Updating received cert for class: 0
2025-02-07 14:10:03 [INFO] [krill::daemon::ca::rc] Received certificate for CA 'child' under RC '0', with resources: 'asn: '', ipv4: '123.12.0.0/16', ipv6: ''' valid until: '2026-02-06T13:10:03+00:00'
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::routes] Selecting ROA publication mode: Simple
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Seen event for CA child version 5: 'activating pending key '29C0DC6CDC8355DC0C1865B96BBA204C1F326401' under resource class '0''
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: sync_repo_child with priority: 2025-02-07T13:10:03+00:00
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: sync_child_with_parent_online with priority: 2025-02-09T00:16:30+00:00
2025-02-07 14:10:03 [INFO] [krill::daemon::scheduler] Synchronize CA child with repository
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::manager] CA 'child' sends list query to repo
2025-02-07 14:10:03 [DEBUG] [krill::pubd::manager] Received RFC 8181 list query for child
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::manager] CA 'child' sends delta
2025-02-07 14:10:03 [DEBUG] [krill::pubd::manager] Received RFC 8181 delta query for child
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Publish delta for child
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: update_rrdp_if_needed with priority: 2025-02-07T13:10:03+00:00
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::manager] CA 'child' sent delta
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Finish task: running/1738933803857-sync_repo_child
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Write updated RRDP state to disk - if there are any updates that is.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Found existing notification file for current session with deltas.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Write delta file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/4/b73618e1604e8809/delta.xml
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Skip writing delta for serial 3. File should exist.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Skip writing delta for serial 2. File should exist.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Write snapshot file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/4/0ad24edf515ee150/snapshot.xml
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Finish task: running/1738933803859-update_rrdp_if_needed
2025-02-07 14:10:03 [INFO] [krill::daemon::scheduler] Synchronize CA online with repository
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::manager] CA 'online' sends list query to repo
2025-02-07 14:10:03 [DEBUG] [krill::pubd::manager] Received RFC 8181 list query for online
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::manager] CA 'online' sends delta
2025-02-07 14:10:03 [DEBUG] [krill::pubd::manager] Received RFC 8181 delta query for online
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Publish delta for online
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] add task: update_rrdp_if_needed with priority: 2025-02-07T13:10:03+00:00
2025-02-07 14:10:03 [DEBUG] [krill::daemon::ca::manager] CA 'online' sent delta
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Finish task: running/1738933803860-sync_repo_online
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Write updated RRDP state to disk - if there are any updates that is.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Found existing notification file for current session with deltas.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Write delta file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/5/4445853e5de2dba0/delta.xml
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Skip writing delta for serial 4. File should exist.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Skip writing delta for serial 3. File should exist.
2025-02-07 14:10:03 [DEBUG] [krill::pubd::repository] Write snapshot file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/5/0ad24edf515ee150/snapshot.xml
2025-02-07 14:10:03 [DEBUG] [krill::daemon::mq] Finish task: running/1738933803862-update_rrdp_if_needed
2025-02-07 14:10:04 [DEBUG] [krill::daemon::ca::routes] Selecting ROA publication mode: Simple
2025-02-07 14:10:04 [INFO] [krill::daemon::ca::certauth] CA 'child' under RC '0' updated ROAs: Updated single VRP ROAs: 3132332e31322e302e302f31362d3136203d3e2035.roa 
2025-02-07 14:10:04 [DEBUG] [krill::daemon::ca::publishing] Will re-issue for key: 29C0DC6CDC8355DC0C1865B96BBA204C1F326401. Current revision: 1 and next update: 2025-02-08T16:04:03.651316013+00:00
2025-02-07 14:10:04 [DEBUG] [krill::daemon::mq] Seen event for CA child version 6: 'added ROA: '123.12.0.0/16-16 => 5''
2025-02-07 14:10:04 [DEBUG] [krill::daemon::mq] Seen event for CA child version 6: 'updated ROA objects under resource class '0' added: 3132332e31322e302e302f31362d3136203d3e2035.roa '
2025-02-07 14:10:04 [DEBUG] [krill::daemon::mq] add task: sync_repo_child with priority: 2025-02-07T13:10:04+00:00
2025-02-07 14:10:04 [INFO] [krill::daemon::scheduler] Synchronize CA child with repository
2025-02-07 14:10:04 [DEBUG] [krill::daemon::ca::manager] CA 'child' sends list query to repo
2025-02-07 14:10:04 [DEBUG] [krill::pubd::manager] Received RFC 8181 list query for child
2025-02-07 14:10:04 [DEBUG] [krill::daemon::ca::manager] CA 'child' sends delta
2025-02-07 14:10:04 [DEBUG] [krill::pubd::manager] Received RFC 8181 delta query for child
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] Publish delta for child
2025-02-07 14:10:04 [DEBUG] [krill::daemon::mq] add task: update_rrdp_if_needed with priority: 2025-02-07T13:10:04+00:00
2025-02-07 14:10:04 [DEBUG] [krill::daemon::ca::manager] CA 'child' sent delta
2025-02-07 14:10:04 [DEBUG] [krill::daemon::mq] Finish task: running/1738933804364-sync_repo_child
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] RRDP update is needed
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] Write updated RRDP state to disk - if there are any updates that is.
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] Found existing notification file for current session with deltas.
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] Write delta file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/6/0fc6ab7583e7e8ae/delta.xml
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] Skip writing delta for serial 5. File should exist.
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] Skip writing delta for serial 4. File should exist.
2025-02-07 14:10:04 [DEBUG] [krill::pubd::repository] Write snapshot file to: /home/dirkdoesburg/poc/test1/krill-data/repo/rrdp/07548bde-c21a-4735-80b5-7c79024a24a4/6/0ad24edf515ee150/snapshot.xml
2025-02-07 14:10:04 [DEBUG] [krill::daemon::mq] Finish task: running/1738933804367-update_rrdp_if_needed
2025-02-07 14:10:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:11:57+00:00
2025-02-07 14:11:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:12:57+00:00
2025-02-07 14:12:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:13:57+00:00
2025-02-07 14:13:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:14:57+00:00
2025-02-07 14:14:57 [DEBUG] [krill::daemon::ca::publishing] Re-issue for CA online using force: false
2025-02-07 14:14:57 [DEBUG] [krill::daemon::ca::publishing] Re-issue for CA child using force: false
2025-02-07 14:14:57 [DEBUG] [krill::daemon::mq] add task: all_cas_republish_if_needed with priority: 2025-02-07T13:19:57+00:00
2025-02-07 14:14:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:15:57+00:00
2025-02-07 14:15:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:16:57+00:00
2025-02-07 14:16:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:17:57+00:00
2025-02-07 14:17:57 [DEBUG] [krill::daemon::mq] add task: sweep_login_cache with priority: 2025-02-07T13:18:57+00:00

@partim
Copy link
Member

partim commented Feb 7, 2025

Thank you for the report, in particular the details!

I’ve run your script with RUST_BACKTRACE=1 which reveals the culprit:

   3: core::num::<impl u32>::pow
             at /rustc/e71f9a9a98b0faf423844bf0ba7438f29dc27d58/library/core/src/num/uint_macros.rs:2828:28
   4: rpki::repository::resources::ipres::AddressRange::to_v4_prefixes::{{closure}}
             at /home/m/.cargo/git/checkouts/rpki-rs-a43ad3b5562cba05/3cbda55/src/repository/resources/ipres.rs:1113:22

We’re going to have a look and will fix the issue.

@Koenvh1 Koenvh1 mentioned this issue Feb 13, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@partim @DeD1rk