freebsd/ports
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ports/net/krill/files
History
Jaap Akkerhuis 333c57ca78 net/krill: update to 0.15.0 
Changelog: https://nlnetlabs.nl/news/2025/Aug/12/krill-0.15.0-released/

Breaking Changes
  * Refactored command line options processing for all binaries. As a result, options for both krillc and krillta have slightly changed. For
    krillc, the --server, --token, --format, and --api options are now before the first subcommand (since they affect all commands). For krillta,
    those options are now after krillta proxy but before the next subcommand, while --format is now after krillta signer. (#1228)
  * Removed support for RTA in krillc. Support is currently still present in the Krill server, though behind a (non-default) feature flag. (#1228)
  * Changed how authorization works with OpenID Connect and configuration files. Custom profiles have been replaced with a straightforward mapping
    from access permission to roles and assigning roles to users. For configuration file-based authentication, the file format has slightly changed
    but the current format is still accepted. If you are using OpenID Connect, you will have to update your configuration. Please, see the manual
    for details. (#1232)
  * Replaced downloading of RISwhois file for ROA analysis with calls to the Roto API. This can be controlled via new configuration settings
    bgp_api_enabled, bgp_api_uri, and bgp_api_cache_seconds. (#1233, #1266)

New
  * Added a command to re-initialize the trust anchor signer with different timing values or TAL URLs. (#1255)
  * Disables the protection against early re-issuance for CA certificates that have the full resource set, typically TA certificates. (#1281)

Bug Fixes
  * Fixed a potential infinite recursion in PKCS11 error handling. (#1215)
  * Open ID connect: Re-initialize the connection after 60s to pick up configuration changes at the provider. (#1226)
  * Fixed the naming of the trust anchor timing configuration. It was expected to be timing_config for the config used by Krill and ta_timing if
    used by the Krill TA signer. It is now ta_timing in both cases while timing_config is accepted as an alias in both cases. (#1241)
  * Improve performance by using buffered reading and writing in the store. (#1300, #1301)

Other changes
  * Refactored Prometheus metrics generation which resulted in a slightly different formatting but should still be syntactically correct. (#1249)
  * Upgraded the bundled Krill UI to release 0.9.0. (#1295)
  * Added packaging support for Ubuntu Noble, RHEL 10, Debian Trixie; removed packaging support for Ubuntu Xenial and Bionic, and Debian Stretch.
    (#1239, #1297, #1308)
  * The minimum supported Rust version is now 1.85. (#1288)

PR:		288837
Reported by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
2025-08-14 12:06:50 +09:00
..
krill.in
patch-defaults_krill.conf