Debug rpki-rtr BGPSEC test case and rpki-rtr-replay script.

svn path=/trunk/; revision=5894

4 files changed, 88 insertions, 29 deletions

diff --git a/ca/tests/bgpsec-yaml.py b/ca/tests/bgpsec-yaml.py
index fafaf7bd..49588258 100755
--- a/ca/tests/bgpsec-yaml.py
+++ b/ca/tests/bgpsec-yaml.py
@@ -28,26 +28,61 @@ import yaml
 
 root = "Root"
 
-def kid(n):
-  name = "ISP-%03d" % n
-  ipv4 = "10.%d.0.0/16" % n
-  asn  = n
-  router_id = n * 10000
-
-  return dict(name = name,
-              ipv4 = ipv4,
-              asn  = asn,
-              hosted_by   = root,
-              roa_request = [dict(asn = asn, ipv4 = ipv4)],
-              router_cert = [dict(asn = asn, router_id = router_id)])
+class Kid(object):
+
+  def __init__(self, n):
+    self.name = "ISP-%03d" % n
+    self.ipv4 = "10.%d.0.0/16" % n
+    self.asn  = n
+    self.router_id = n * 10000
+
+  @property
+  def declare(self):
+    return dict(name = self.name,
+                ipv4 = self.ipv4,
+                asn  = self.asn,
+                hosted_by   = root,
+                roa_request = [dict(asn = self.asn, ipv4 = self.ipv4)],
+                router_cert = [dict(asn = self.asn, router_id = self.router_id)])
+
+  @property
+  def del_routercert(self):
+    return dict(name = self.name, router_cert_del = [dict(asn = self.asn, router_id = self.router_id)])
+
+  @property
+  def add_routercert(self):
+    return dict(name = self.name, router_cert_add = [dict(asn = self.asn, router_id = self.router_id)])
+
+
+kids = [Kid(n + 1) for n in xrange(200)]
+
+shell_fmt = "shell set -x; ../../../rp/rpki-rtr/rpki-rtr cronjob rcynic-data/authenticated && tar %svf rpki-rtr.tar *.[ai]x.v*"
+shell_first = shell_fmt % "c"
+shell_next  = shell_fmt % "u"
+
+sleeper = "sleep 30"
+
+docs = [dict(name         = root,
+             valid_for    = "1y",
+             kids         = [kid.declare for kid in kids])]
+
+docs.append([shell_first,
+             sleeper])
+
+gym = kids[50:70]
+
+for kid in gym:
+  docs.append([shell_next, 
+               kid.del_routercert,
+               sleeper])
+
+for kid in gym:
+  docs.append([shell_next, 
+               kid.add_routercert,
+               sleeper])
 
 print '''\
 # This configuration was generated by a script.  Edit at your own risk.
 '''
 
-print yaml.dump(dict(name         = root,
-                     crl_interval = "1h",
-                     regen_margin = "20m",
-                     valid_for    = "1y",
-                     kids         = [kid(n + 1) for n in xrange(200)]))
-
+print yaml.safe_dump_all(docs, default_flow_style = False, allow_unicode = False)
diff --git a/ca/tests/smoketest.py b/ca/tests/smoketest.py
index 7f56843f..32f11cc3 100644
--- a/ca/tests/smoketest.py
+++ b/ca/tests/smoketest.py
@@ -162,6 +162,8 @@ def main():
                                                    log_handler = lambda: logging.StreamHandler(sys.stdout)))
   logger.info("Starting")
 
+  rpki.http.http_client.timeout = rpki.sundial.timedelta(hours = 1)
+
   pubd_process = None
   rootd_process = None
   rsyncd_process = None
@@ -383,6 +385,9 @@ class router_cert(object):
   """
 
   _ecparams = None
+  _keypair  = None
+  _pkcs10   = None
+  _gski     = None
 
   @classmethod
   def ecparams(cls):
@@ -393,18 +398,33 @@ class router_cert(object):
   def __init__(self, asn, router_id):
     self.asn = rpki.resource_set.resource_set_as("".join(str(asn).split()))
     self.router_id = router_id
-    self.keypair = rpki.x509.ECDSA.generate(self.ecparams())
-    self.pkcs10 = rpki.x509.PKCS10.create(keypair = self.keypair)
-    self.gski = self.pkcs10.gSKI()
     self.cn   = "ROUTER-%08x" % self.asn[0].min
     self.sn   = "%08x" % self.router_id
     self.eku  = rpki.oids.id_kp_bgpsec_router
 
+  @property
+  def keypair(self):
+    if self._keypair is None:
+       self._keypair = rpki.x509.ECDSA.generate(self.ecparams())
+    return self._keypair
+
+  @property
+  def pkcs10(self):
+    if self._pkcs10 is None:
+      self._pkcs10 = rpki.x509.PKCS10.create(keypair = self.keypair)
+    return self._pkcs10
+
+  @property
+  def gski(self):
+    if self._gski is None:
+      self._gski = self.pkcs10.gSKI()
+    return self._gski
+
   def __eq__(self, other):
-    return self.asn == other.asn and self.sn == other.sn and self.gski == other.gski
+    return self.asn == other.asn and self.sn == other.sn
 
   def __hash__(self):
-    return tuple(self.asn).__hash__() + self.cn.__hash__() + self.sn.__hash__() + self.gski.__hash__()
+    return tuple(self.asn).__hash__() + self.cn.__hash__() + self.sn.__hash__()
 
   def __str__(self):
     return "%s: %s,%s: %s" % (self.asn, self.cn, self.sn, self.gski)
diff --git a/potpourri/rpki-rtr-replay b/potpourri/rpki-rtr-replay
index be0de062..6f8de99e 100755
--- a/potpourri/rpki-rtr-replay
+++ b/potpourri/rpki-rtr-replay
@@ -56,17 +56,21 @@ class ReplayClock(object):
     self.timestamps = dict((v, sorted(set(Timestamp(int(f.split(".")[0]))
                                           for f in glob.iglob("*.ax.v%d" % v))))
                            for v in rpki.rtr.pdus.PDU.version_map)
-    self.offset = min(t[0] for t in self.timestamps.itervalues()) - Timestamp.now()
-    self.nonce = rpki.rtr.generator.new_nonce()
+    self.epoch =  min(t[0] for t in self.timestamps.itervalues())
+    self.offset = self.epoch - Timestamp.now()
+    self.nonce = rpki.rtr.generator.AXFRSet.new_nonce(0)
 
   def __nonzero__(self):
     return sum(len(t) for t in self.timestamps.itervalues()) > 0
 
   def now(self):
-    return Timestamp.now(self.offset)
+    now = Timestamp.now(self.offset)
+    return now
 
   def read_current(self, version):
     now = self.now()
+    if version is None:
+      return self.epoch, self.nonce
     while len(self.timestamps[version]) > 1 and now >= self.timestamps[version][1]:
       del self.timestamps[version][0]
     return self.timestamps[version][0], self.nonce
@@ -120,7 +124,7 @@ def server_main(args):
       new_serial = server.get_serial()
       if old_serial != new_serial:
         logger.debug("[Serial bumped from %d (%s) to %d (%s)]", old_serial, old_serial, new_serial, new_serial)
-        server.notify()
+        server.notify(force = True)
         old_serial = new_serial
       asyncore.loop(timeout = clock.siesta(), count = 1)
   except KeyboardInterrupt:
diff --git a/rpki/rtr/server.py b/rpki/rtr/server.py
index b3e4fd7c..1c7a5e78 100644
--- a/rpki/rtr/server.py
+++ b/rpki/rtr/server.py
@@ -324,7 +324,7 @@ class ServerChannel(rpki.rtr.channels.PDUChannel):
     old_serial = self.current_serial
     return old_serial != self.get_serial()
 
-  def notify(self, data = None):
+  def notify(self, data = None, force = False):
     """
     Cronjob instance kicked us: check whether our serial number has
     changed, and send a notify message if so.
@@ -335,7 +335,7 @@ class ServerChannel(rpki.rtr.channels.PDUChannel):
     whether we care about a particular change set or not.
     """
 
-    if self.check_serial():
+    if force or self.check_serial():
       self.push_pdu(SerialNotifyPDU(version = self.version,
                                     serial  = self.current_serial,
                                     nonce   = self.current_nonce))