Add the RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
The code should work properly with one cache server per protocol.
A compilation has to be hacked with:
$ ./configure LIBS='-lssh' ...
Example configuration of bird.conf:
...
roa table roatable;
protocol rpki {
roa table roatable;
cache "rpki-validator.realmv6.org";
}
protocol rpki {
roa table roatable;
cache "localhost" {
port 2222;
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
cache public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
};
}
...
TODO list:
- load libssh2 using dlopen
- support more cache servers per protocol
Adds two new default GCC options related to optimizations
(-fno-strict-aliasing and -fno-strict-overflow). This
should fix some hyperaggressive GCC optimizations.
Also updates autoconf option detection.
Restructure client/ subdir. Add two different flavors of client.
The full featured birdc client code is in client/birdc/.
The new light client birtcl is in client/birdcl/.
Common sources of both clients are directly in client/.
Rework on-line auto-completion in client/command.c to conditionally turn off
ncurses-specific code.
Add lightweight client without libreadline and ncurses dependencies - birdcl.
The birdcl lacks support of history, on-line auto-completion and there
are different implementations of "more" functionality and help on '?' press.
New client operates in canonical terminal mode (apart from "more" display)
and therefore all commands have to be executed by a return key including help
commands (called by '?' character in the end of the line).
Apart from these limitations the interaction style should be the same as
for the full client - birdc.
Build of birdcl is always on (independent on --enable-client parameter).
C includes as they contain substitutions specific to make.
Worked around by creating sysconf/paths.h which is created from
the Makefile instead of by the configure script.
(the current version UNIX-specific) anyway, so it's useless to try splitting it
to sysdep and generic part. Instead of this, configure script decides (based on
system type and user's wish) what (if any) client should be built and what
autoconfiguration it requires. Also, the client provides its own die/bug/...
functions.
you need to have your kernel compiled with netlink routing messages enabled.
If it doesn't work for you, use --with-sysconfig=linux-21 and let me know
what's going wrong.
reside, so that you can easily switch between 2.0 and 2.2 ones.
Check existence of <linux/rtnetlink.h> for linux-22 configs to make sure
we're using the correct set of includes.