Created attachment 230493 [details] patch to upgrade Release v0.9.4 - One shall be the number thou shalt count from This release fixes the following issues: - RRDP serial should start from 1, not 0 (#741) - Allow configuring RFC6492/8181 client timeouts (#743) The first addresses a non-critical bug found when running Krill as a Publication Server present in all Krill versions before this release. The second addresses an issue seen in Krill 0.7.3 running with 100s of CAs in a single Krill instance - such timeouts have not been seen in Krill 0.9.x - but it does not hurt to give operators control over this configuration. If you are using Krill for RPKI CA functions only, and you have already upgraded to version 0.9.3 then there is no immediate need to upgrade to this version. If you are running a version from before 0.9.3, then you are still advised to upgrade to this version for the reasons list under version 0.9.3. Notes for update to release 0.9.3 -- Thundering Herd This release adds a (configurable) extra random 'jitter' time between 0 and 240 minutes, by default, for scheduled re-issuing of manifest and CRLs. The reason for this change is that with many Krill CAs publishing at a Publication Server every 10 minutes we frequently see that many CAs re-publish at exactly the same time of day. With this change this load should be spread out. Note that this does not affect publishing changes to content, such as ROAs. Such changes are still published immediately. This release adds the following features and fixes: - Prevent a thundering herd of hosted CAs publishing at the same time (#436) - Re-issue ROAs to ensure that short EE subject names are used (#700) - Handle rate limits when updating parents (#680) - Support experimental ASPA objects through CLI (#685) - Re-issue ASPA objects on when a key roll is performed (#717) - Use the official OIDs for ASPA objects, now they have been assigned (#719) Note that ASPA objects are not intended for use in production environments just yet. We have added experimental support for this to support the development of the ASPA standards in the IETF. Information on how to use Krill to manage ASPA objects can be found [here](https://krill.docs.nlnetlabs.nl/en/prototype-aspa-support/manage-aspas.html).
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=baa1de4a69169d63032fbf81829af12c4133c1a9 commit baa1de4a69169d63032fbf81829af12c4133c1a9 Author: Jaap Akkerhuis <jaap@NLnetLabs.nl> AuthorDate: 2021-12-30 08:24:21 +0000 Commit: Hiroki Tagato <tagattie@FreeBSD.org> CommitDate: 2021-12-30 08:24:21 +0000 net/krill: update to 0.9.4 Changelog: - https://github.com/NLnetLabs/krill/releases/tag/v0.9.3 - https://github.com/NLnetLabs/krill/releases/tag/v0.9.4 PR: 260756 Reported by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) net/krill/Makefile | 102 +++++++++---------- net/krill/distinfo | 206 ++++++++++++++++++++------------------- net/krill/files/patch-Cargo.toml | 10 +- 3 files changed, 165 insertions(+), 153 deletions(-)
Committed, thanks!