rsync download any files/directories included in the TAL's URI

[TheRedTrainer]

If the rsync URI included in TAL file references any file or directory that isn't a valid RPKI certificate, the rpki validator allows to download all the content located on that URI

For example, if the TAL file contains the following URI:

rsync://rsync.kernel.org/pub/software/

MIBBIjANB...
...DAQAB

and the user executes the following command

rpki_validator --tal rsyncdirectory.tal --local-repository repository

the rpki validator starts to download all the content from that URI.

According to RFC 6490:

the rsync URI in the TAL MUST reference a single object. It MUST NOT reference a directory or any other form of collection of objects

so rpki validator should prevent to download any directories o collections from rsync URI

[ydahhrk]

Oops, shouldn't have closed this.

The code no longer tries to download the root of the repository, but the "single object" validation is not properly implemented yet. (That particular RSYNC should not be recursive.)

[TheRedTrainer]

Discussing about this issue and the corresponding fix, @ydahhrk and I agreed that solving this issue could affect the performance for rpki-validator in a way that is more harmful than the risk of downloading a bad rsync repository, so it is better to undo the changes.