diff options
| author | Rob Austein <sra@hactrn.net> | 2014-05-29 22:31:15 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2014-05-29 22:31:15 +0000 |
| commit | 35c1ca65ac2b5cbd943248d59b3e02c6220b232f (patch) | |
| tree | bf2daf07febf7cb352b8fcd530e62a1e5df89626 /rpki/rpkid.py | |
| parent | 07a045d1259f30878abba416b86373c05c929965 (diff) | |
PyLint
svn path=/trunk/; revision=5845
Diffstat (limited to 'rpki/rpkid.py')
| -rw-r--r-- | rpki/rpkid.py | 239 |
1 files changed, 119 insertions, 120 deletions
diff --git a/rpki/rpkid.py b/rpki/rpkid.py index 228e52a1..5e7d2a79 100644 --- a/rpki/rpkid.py +++ b/rpki/rpkid.py @@ -1,13 +1,13 @@ # $Id$ -# +# # Copyright (C) 2013--2014 Dragon Research Labs ("DRL") # Portions copyright (C) 2009--2012 Internet Systems Consortium ("ISC") # Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# +# # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notices and this permission notice appear in all copies. -# +# # THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL # WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, @@ -22,13 +22,12 @@ RPKI CA engine. """ import os -import time -import logging -import argparse -import sys import re +import time import random import base64 +import logging +import argparse import rpki.resource_set import rpki.up_down import rpki.left_right @@ -89,7 +88,7 @@ class main(object): prof.runcall(self.main) finally: prof.dump_stats(self.profile) - logger.info("Dumped profile data to %s" % self.profile) + logger.info("Dumped profile data to %s", self.profile) else: self.main() @@ -100,7 +99,7 @@ class main(object): logger.info(startup_msg) if self.profile: - logger.info("Running in profile mode with output to %s" % self.profile) + logger.info("Running in profile mode with output to %s", self.profile) self.sql = rpki.sql.session(self.cfg) @@ -158,7 +157,7 @@ class main(object): if self.use_internal_cron: self.cron_timer = rpki.async.timer(handler = self.cron) when = rpki.sundial.now() + rpki.sundial.timedelta(seconds = self.initial_delay) - logger.debug("Scheduling initial cron pass at %s" % when) + logger.debug("Scheduling initial cron pass at %s", when) self.cron_timer.set(when) else: logger.debug("Not using internal clock, start_cron() call ignored") @@ -327,11 +326,11 @@ class main(object): Add a task to the scheduler task queue, unless it's already queued. """ if task not in self.task_queue: - logger.debug("Adding %r to task queue" % task) + logger.debug("Adding %r to task queue", task) self.task_queue.append(task) return True else: - logger.debug("Task %r was already in the task queue" % task) + logger.debug("Task %r was already in the task queue", task) return False def task_next(self): @@ -366,15 +365,15 @@ class main(object): def done(): self.sql.sweep() self.cron_timeout = None - logger.info("Finished cron run started at %s" % now) + logger.info("Finished cron run started at %s", now) if cb is not None: cb() completion = rpki.rpkid_tasks.CompletionHandler(done) try: selves = rpki.left_right.self_elt.sql_fetch_all(self) - except Exception, e: - logger.warning("Error pulling self_elts from SQL, maybe SQL server is down? (%s)" % e) + except Exception: + logger.exception("Error pulling self_elts from SQL, maybe SQL server is down?") else: for s in selves: s.schedule_cron_tasks(completion) @@ -383,12 +382,12 @@ class main(object): assert self.use_internal_cron or self.cron_timeout is None if self.cron_timeout is not None and self.cron_timeout < now: - logger.warning("cron keepalive threshold %s has expired, breaking lock" % self.cron_timeout) + logger.warning("cron keepalive threshold %s has expired, breaking lock", self.cron_timeout) self.cron_timeout = None if self.use_internal_cron: when = now + self.cron_period - logger.debug("Scheduling next cron run at %s" % when) + logger.debug("Scheduling next cron run at %s", when) self.cron_timer.set(when) if self.cron_timeout is None: @@ -396,7 +395,7 @@ class main(object): self.task_run() elif self.use_internal_cron: - logger.warning("cron already running, keepalive will expire at %s" % self.cron_timeout) + logger.warning("cron already running, keepalive will expire at %s", self.cron_timeout) if nothing_queued: done() @@ -528,7 +527,7 @@ class ca_obj(rpki.sql.sql_persistent): sia_uri = self.construct_sia_uri(parent, rc) sia_uri_changed = self.sia_uri != sia_uri if sia_uri_changed: - logger.debug("SIA changed: was %s now %s" % (self.sia_uri, sia_uri)) + logger.debug("SIA changed: was %s now %s", self.sia_uri, sia_uri) self.sia_uri = sia_uri self.sql_mark_dirty() @@ -543,8 +542,8 @@ class ca_obj(rpki.sql.sql_persistent): if rc_cert is None: - logger.warning("SKI %s in resource class %s is in database but missing from list_response to %s from %s, maybe parent certificate went away?" - % (ca_detail.public_key.gSKI(), rc.class_name, parent.self.self_handle, parent.parent_handle)) + logger.warning("SKI %s in resource class %s is in database but missing from list_response to %s from %s, maybe parent certificate went away?", + ca_detail.public_key.gSKI(), rc.class_name, parent.self.self_handle, parent.parent_handle) publisher = publication_queue() ca_detail.delete(ca = ca_detail.ca, publisher = publisher) return publisher.call_pubd(iterator, eb) @@ -552,7 +551,7 @@ class ca_obj(rpki.sql.sql_persistent): else: if ca_detail.state == "active" and ca_detail.ca_cert_uri != rc_cert.cert_url.rsync(): - logger.debug("AIA changed: was %s now %s" % (ca_detail.ca_cert_uri, rc_cert.cert_url.rsync())) + logger.debug("AIA changed: was %s now %s", ca_detail.ca_cert_uri, rc_cert.cert_url.rsync()) ca_detail.ca_cert_uri = rc_cert.cert_url.rsync() ca_detail.sql_mark_dirty() @@ -582,11 +581,10 @@ class ca_obj(rpki.sql.sql_persistent): def done(): if cert_map: - logger.warning("Unknown certificate SKI%s %s in resource class %s in list_response " - "to %s from %s, maybe you want to \"revoke_forgotten\"?" - % ("" if len(cert_map) == 1 else "s", - ", ".join(c.cert.gSKI() for c in cert_map.values()), - rc.class_name, parent.self.self_handle, parent.parent_handle)) + logger.warning("Unknown certificate SKI%s %s in resource class %s in list_response to %s from %s, maybe you want to \"revoke_forgotten\"?", + "" if len(cert_map) == 1 else "s", + ", ".join(c.cert.gSKI() for c in cert_map.values()), + rc.class_name, parent.self.self_handle, parent.parent_handle) self.gctx.sql.sweep() self.gctx.checkpoint() cb() @@ -600,20 +598,20 @@ class ca_obj(rpki.sql.sql_persistent): for x in ca_details if x.latest_ca_cert is not None) for ski in skis_parent & skis_me: - logger.debug("Parent %s agrees that %s has SKI %s in resource class %s" - % (parent.parent_handle, parent.self.self_handle, ski, rc.class_name)) + logger.debug("Parent %s agrees that %s has SKI %s in resource class %s", + parent.parent_handle, parent.self.self_handle, ski, rc.class_name) for ski in skis_parent - skis_me: - logger.debug("Parent %s thinks %s has SKI %s in resource class %s but I don't think so" - % (parent.parent_handle, parent.self.self_handle, ski, rc.class_name)) + logger.debug("Parent %s thinks %s has SKI %s in resource class %s but I don't think so", + parent.parent_handle, parent.self.self_handle, ski, rc.class_name) for ski in skis_me - skis_parent: - logger.debug("I think %s has SKI %s in resource class %s but parent %s doesn't think so" - % (parent.self.self_handle, ski, rc.class_name, parent.parent_handle)) + logger.debug("I think %s has SKI %s in resource class %s but parent %s doesn't think so", + parent.self.self_handle, ski, rc.class_name, parent.parent_handle) if ca_details: rpki.async.iterator(ca_details, loop, done) else: - logger.warning("Existing resource class %s to %s from %s with no certificates, rekeying" % - (rc.class_name, parent.self.self_handle, parent.parent_handle)) + logger.warning("Existing resource class %s to %s from %s with no certificates, rekeying", + rc.class_name, parent.self.self_handle, parent.parent_handle) self.gctx.checkpoint() self.rekey(cb, eb) @@ -638,7 +636,7 @@ class ca_obj(rpki.sql.sql_persistent): def done(issue_response): c = issue_response.payload.classes[0].certs[0] - logger.debug("CA %r received certificate %s" % (self, c.cert_url)) + logger.debug("CA %r received certificate %s", self, c.cert_url) ca_detail.activate( ca = self, cert = c.cert, @@ -646,7 +644,7 @@ class ca_obj(rpki.sql.sql_persistent): callback = cb, errback = eb) - logger.debug("Sending issue request to %r from %r" % (parent, self.create)) + logger.debug("Sending issue request to %r from %r", parent, self.create) rpki.up_down.issue_pdu.query(parent, self, ca_detail, done, eb) def delete(self, parent, callback): @@ -666,8 +664,8 @@ class ca_obj(rpki.sql.sql_persistent): callback() def done(): - logger.debug("Deleting %r" % self) - self.sql_delete() + logger.debug("Deleting %r", self) + self.sql_delete() callback() publisher = publication_queue() @@ -713,7 +711,7 @@ class ca_obj(rpki.sql.sql_persistent): def done(issue_response): c = issue_response.payload.classes[0].certs[0] - logger.debug("CA %r received certificate %s" % (self, c.cert_url)) + logger.debug("CA %r received certificate %s", self, c.cert_url) new_detail.activate( ca = self, cert = c.cert, @@ -722,7 +720,7 @@ class ca_obj(rpki.sql.sql_persistent): callback = cb, errback = eb) - logger.debug("Sending issue request to %r from %r" % (parent, self.rekey)) + logger.debug("Sending issue request to %r from %r", parent, self.rekey) rpki.up_down.issue_pdu.query(parent, self, new_detail, done, eb) def revoke(self, cb, eb, revoke_all = False): @@ -770,7 +768,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): "state", "ca_cert_uri", "ca_id") - + crl_published = None manifest_published = None latest_ca_cert = None @@ -942,7 +940,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): handler = handler) child_cert.sql_mark_deleted() for roa in self.roas: - roa.revoke(publisher = publisher, allow_failure = allow_failure, fast = True) + roa.revoke(publisher = publisher, allow_failure = allow_failure, fast = True) for ghostbuster in self.ghostbusters: ghostbuster.revoke(publisher = publisher, allow_failure = allow_failure, fast = True) try: @@ -967,9 +965,9 @@ class ca_detail_obj(rpki.sql.sql_persistent): handler = handler) self.gctx.sql.sweep() for cert in self.revoked_certs: # + self.child_certs - logger.debug("Deleting %r" % cert) + logger.debug("Deleting %r", cert) cert.sql_delete() - logger.debug("Deleting %r" % self) + logger.debug("Deleting %r", self) self.sql_delete() def revoke(self, cb, eb): @@ -1003,7 +1001,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): if r_msg.payload.ski != self.latest_ca_cert.gSKI(): raise rpki.exceptions.SKIMismatch - logger.debug("Parent revoked %s, starting cleanup" % self.latest_ca_cert.gSKI()) + logger.debug("Parent revoked %s, starting cleanup", self.latest_ca_cert.gSKI()) crl_interval = rpki.sundial.timedelta(seconds = parent.self.crl_interval) @@ -1041,7 +1039,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): self.sql_mark_dirty() publisher.call_pubd(cb, eb) - logger.debug("Asking parent to revoke CA certificate %s" % self.latest_ca_cert.gSKI()) + logger.debug("Asking parent to revoke CA certificate %s", self.latest_ca_cert.gSKI()) rpki.up_down.revoke_pdu.query(ca, self.latest_ca_cert.gSKI(), parent_revoked, eb) def update(self, parent, ca, rc, sia_uri_changed, old_resources, callback, errback): @@ -1052,7 +1050,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): def issued(issue_response): c = issue_response.payload.classes[0].certs[0] - logger.debug("CA %r received certificate %s" % (self, c.cert_url)) + logger.debug("CA %r received certificate %s", self, c.cert_url) if self.state == "pending": return self.activate( @@ -1094,7 +1092,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): publisher.call_pubd(callback, errback) - logger.debug("Sending issue request to %r from %r" % (parent, self.update)) + logger.debug("Sending issue request to %r from %r", parent, self.update) rpki.up_down.issue_pdu.query(parent, ca, self, issued, errback) @classmethod @@ -1179,12 +1177,12 @@ class ca_detail_obj(rpki.sql.sql_persistent): child_id = child.child_id, ca_detail_id = self.ca_detail_id, cert = cert) - logger.debug("Created new child_cert %r" % child_cert) + logger.debug("Created new child_cert %r", child_cert) else: child_cert.cert = cert del child_cert.ca_detail child_cert.ca_detail_id = self.ca_detail_id - logger.debug("Reusing existing child_cert %r" % child_cert) + logger.debug("Reusing existing child_cert %r", child_cert) child_cert.ski = cert.get_SKI() child_cert.published = rpki.sundial.now() @@ -1265,19 +1263,19 @@ class ca_detail_obj(rpki.sql.sql_persistent): nextUpdate = now + crl_interval if self.latest_manifest_cert is None or self.latest_manifest_cert.getNotAfter() < nextUpdate: - logger.debug("Generating EE certificate for %s" % uri) + logger.debug("Generating EE certificate for %s", uri) self.generate_manifest_cert() - logger.debug("Latest CA cert notAfter %s, new %s EE notAfter %s" % ( - self.latest_ca_cert.getNotAfter(), uri, self.latest_manifest_cert.getNotAfter())) + logger.debug("Latest CA cert notAfter %s, new %s EE notAfter %s", + self.latest_ca_cert.getNotAfter(), uri, self.latest_manifest_cert.getNotAfter()) - logger.debug("Constructing manifest object list for %s" % uri) + logger.debug("Constructing manifest object list for %s", uri) objs = [(self.crl_uri_tail, self.latest_crl)] objs.extend((c.uri_tail, c.cert) for c in self.child_certs) objs.extend((r.uri_tail, r.roa) for r in self.roas if r.roa is not None) objs.extend((g.uri_tail, g.ghostbuster) for g in self.ghostbusters) objs.extend((e.uri_tail, e.cert) for e in self.ee_certificates) - logger.debug("Building manifest object %s" % uri) + logger.debug("Building manifest object %s", uri) self.latest_manifest = rpki.x509.SignedManifest.build( serial = ca.next_manifest_number(), thisUpdate = now, @@ -1286,7 +1284,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): keypair = self.manifest_private_key_id, certs = self.latest_manifest_cert) - logger.debug("Manifest generation took %s" % (rpki.sundial.now() - now)) + logger.debug("Manifest generation took %s", rpki.sundial.now() - now) self.manifest_published = rpki.sundial.now() self.sql_mark_dirty() @@ -1352,7 +1350,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): should become configurable. """ - logger.debug("Checking for failed publication for %r" % self) + logger.debug("Checking for failed publication for %r", self) stale = rpki.sundial.now() - rpki.sundial.timedelta(seconds = 60) repository = self.ca.parent.repository @@ -1360,7 +1358,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): if self.latest_crl is not None and \ self.crl_published is not None and \ self.crl_published < stale: - logger.debug("Retrying publication for %s" % self.crl_uri) + logger.debug("Retrying publication for %s", self.crl_uri) publisher.publish(cls = rpki.publication.crl_elt, uri = self.crl_uri, obj = self.latest_crl, @@ -1370,7 +1368,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): if self.latest_manifest is not None and \ self.manifest_published is not None and \ self.manifest_published < stale: - logger.debug("Retrying publication for %s" % self.manifest_uri) + logger.debug("Retrying publication for %s", self.manifest_uri) publisher.publish(cls = rpki.publication.manifest_elt, uri = self.manifest_uri, obj = self.latest_manifest, @@ -1384,7 +1382,7 @@ class ca_detail_obj(rpki.sql.sql_persistent): # date, but let's avoid premature optimization for child_cert in self.unpublished_child_certs(stale): - logger.debug("Retrying publication for %s" % child_cert) + logger.debug("Retrying publication for %s", child_cert) publisher.publish( cls = rpki.publication.certificate_elt, uri = child_cert.uri, @@ -1393,16 +1391,16 @@ class ca_detail_obj(rpki.sql.sql_persistent): handler = child_cert.published_callback) for roa in self.unpublished_roas(stale): - logger.debug("Retrying publication for %s" % roa) + logger.debug("Retrying publication for %s", roa) publisher.publish( cls = rpki.publication.roa_elt, uri = roa.uri, obj = roa.roa, repository = repository, handler = roa.published_callback) - + for ghostbuster in self.unpublished_ghostbusters(stale): - logger.debug("Retrying publication for %s" % ghostbuster) + logger.debug("Retrying publication for %s", ghostbuster) publisher.publish( cls = rpki.publication.ghostbuster_elt, uri = ghostbuster.uri, @@ -1428,7 +1426,7 @@ class child_cert_obj(rpki.sql.sql_persistent): args = [self] try: args.append(self.uri) - except: + except: # pylint: disable=W0702 pass return rpki.log.log_repr(*args) @@ -1452,7 +1450,7 @@ class child_cert_obj(rpki.sql.sql_persistent): Fetch child object to which this child_cert object links. """ return rpki.left_right.child_elt.sql_fetch(self.gctx, self.child_id) - + @property @rpki.sql.cache_reference def ca_detail(self): @@ -1489,7 +1487,7 @@ class child_cert_obj(rpki.sql.sql_persistent): ca_detail = self.ca_detail ca = ca_detail.ca - logger.debug("Revoking %r %r" % (self, self.uri)) + logger.debug("Revoking %r %r", self, self.uri) revoked_cert_obj.revoke(cert = self.cert, ca_detail = ca_detail) publisher.withdraw( cls = rpki.publication.certificate_elt, @@ -1531,42 +1529,42 @@ class child_cert_obj(rpki.sql.sql_persistent): assert resources.valid_until is not None and old_resources.valid_until is not None if resources.asn != old_resources.asn or resources.v4 != old_resources.v4 or resources.v6 != old_resources.v6: - logger.debug("Resources changed for %r: old %s new %s" % (self, old_resources, resources)) + logger.debug("Resources changed for %r: old %s new %s", self, old_resources, resources) needed = True if resources.valid_until != old_resources.valid_until: - logger.debug("Validity changed for %r: old %s new %s" % ( - self, old_resources.valid_until, resources.valid_until)) + logger.debug("Validity changed for %r: old %s new %s", + self, old_resources.valid_until, resources.valid_until) needed = True if sia != old_sia: - logger.debug("SIA changed for %r: old %r new %r" % (self, old_sia, sia)) + logger.debug("SIA changed for %r: old %r new %r", self, old_sia, sia) needed = True if ca_detail != old_ca_detail: - logger.debug("Issuer changed for %r: old %r new %r" % (self, old_ca_detail, ca_detail)) + logger.debug("Issuer changed for %r: old %r new %r", self, old_ca_detail, ca_detail) needed = True if ca_detail.ca_cert_uri != old_aia: - logger.debug("AIA changed for %r: old %r new %r" % (self, old_aia, ca_detail.ca_cert_uri)) + logger.debug("AIA changed for %r: old %r new %r", self, old_aia, ca_detail.ca_cert_uri) needed = True must_revoke = old_resources.oversized(resources) or old_resources.valid_until > resources.valid_until if must_revoke: - logger.debug("Must revoke any existing cert(s) for %r" % self) + logger.debug("Must revoke any existing cert(s) for %r", self) needed = True if not needed and force: - logger.debug("No change needed for %r, forcing reissuance anyway" % self) + logger.debug("No change needed for %r, forcing reissuance anyway", self) needed = True if not needed: - logger.debug("No change to %r" % self) + logger.debug("No change to %r", self) return self if must_revoke: for x in child.fetch_child_certs(ca_detail = ca_detail, ski = self.ski): - logger.debug("Revoking child_cert %r" % x) + logger.debug("Revoking child_cert %r", x) x.revoke(publisher = publisher) ca_detail.generate_crl(publisher = publisher) ca_detail.generate_manifest(publisher = publisher) @@ -1580,7 +1578,7 @@ class child_cert_obj(rpki.sql.sql_persistent): child_cert = None if must_revoke else self, publisher = publisher) - logger.debug("New child_cert %r uri %s" % (child_cert, child_cert.uri)) + logger.debug("New child_cert %r uri %s", child_cert, child_cert.uri) return child_cert @@ -1759,7 +1757,7 @@ class roa_obj(rpki.sql.sql_persistent): args = [self, self.asn, self.ipv4, self.ipv6] try: args.append(self.uri) - except: + except: # pylint: disable=W0702 pass return rpki.log.log_repr(*args) @@ -1785,38 +1783,38 @@ class roa_obj(rpki.sql.sql_persistent): v6 = self.ipv6.to_resource_set() if self.ipv6 is not None else rpki.resource_set.resource_set_ipv6() if self.roa is None: - logger.debug("%r doesn't exist, generating" % self) + logger.debug("%r doesn't exist, generating", self) return self.generate(publisher = publisher, fast = fast) ca_detail = self.ca_detail if ca_detail is None: - logger.debug("%r has no associated ca_detail, generating" % self) + logger.debug("%r has no associated ca_detail, generating", self) return self.generate(publisher = publisher, fast = fast) if ca_detail.state != "active": - logger.debug("ca_detail associated with %r not active (state %s), regenerating" % (self, ca_detail.state)) + logger.debug("ca_detail associated with %r not active (state %s), regenerating", self, ca_detail.state) return self.regenerate(publisher = publisher, fast = fast) regen_time = self.cert.getNotAfter() - rpki.sundial.timedelta(seconds = self.self.regen_margin) if rpki.sundial.now() > regen_time: - logger.debug("%r past threshold %s, regenerating" % (self, regen_time)) + logger.debug("%r past threshold %s, regenerating", self, regen_time) return self.regenerate(publisher = publisher, fast = fast) ca_resources = ca_detail.latest_ca_cert.get_3779resources() ee_resources = self.cert.get_3779resources() if ee_resources.oversized(ca_resources): - logger.debug("%r oversized with respect to CA, regenerating" % self) + logger.debug("%r oversized with respect to CA, regenerating", self) return self.regenerate(publisher = publisher, fast = fast) if ee_resources.v4 != v4 or ee_resources.v6 != v6: - logger.debug("%r resources do not match EE, regenerating" % self) + logger.debug("%r resources do not match EE, regenerating", self) return self.regenerate(publisher = publisher, fast = fast) if self.cert.get_AIA()[0] != ca_detail.ca_cert_uri: - logger.debug("%r AIA changed, regenerating" % self) + logger.debug("%r AIA changed, regenerating", self) return self.regenerate(publisher = publisher, fast = fast) def generate(self, publisher, fast = False): @@ -1852,7 +1850,7 @@ class roa_obj(rpki.sql.sql_persistent): ca_detail = self.ca_detail if ca_detail is None or ca_detail.state != "active" or ca_detail.has_expired(): - logger.debug("Searching for new ca_detail for ROA %r" % self) + logger.debug("Searching for new ca_detail for ROA %r", self) ca_detail = None for parent in self.self.parents: for ca in parent.cas: @@ -1866,13 +1864,13 @@ class roa_obj(rpki.sql.sql_persistent): if ca_detail is not None: break else: - logger.debug("Keeping old ca_detail for ROA %r" % self) + logger.debug("Keeping old ca_detail for ROA %r", self) if ca_detail is None: raise rpki.exceptions.NoCoveringCertForROA("Could not find a certificate covering %r" % self) - logger.debug("Using new ca_detail %r for ROA %r, ca_detail_state %s" % ( - ca_detail, self, ca_detail.state)) + logger.debug("Using new ca_detail %r for ROA %r, ca_detail_state %s", + ca_detail, self, ca_detail.state) ca = ca_detail.ca resources = rpki.resource_set.resource_bag(v4 = v4, v6 = v6) @@ -1889,7 +1887,7 @@ class roa_obj(rpki.sql.sql_persistent): self.published = rpki.sundial.now() self.sql_store() - logger.debug("Generating %r URI %s" % (self, self.uri)) + logger.debug("Generating %r URI %s", self, self.uri) publisher.publish( cls = rpki.publication.roa_elt, uri = self.uri, @@ -1929,14 +1927,14 @@ class roa_obj(rpki.sql.sql_persistent): roa = self.roa uri = self.uri - logger.debug("%s %r, ca_detail %r state is %s" % ( - "Regenerating" if regenerate else "Not regenerating", - self, ca_detail, ca_detail.state)) + logger.debug("%s %r, ca_detail %r state is %s", + "Regenerating" if regenerate else "Not regenerating", + self, ca_detail, ca_detail.state) if regenerate: self.generate(publisher = publisher, fast = fast) - logger.debug("Withdrawing %r %s and revoking its EE cert" % (self, uri)) + logger.debug("Withdrawing %r %s and revoking its EE cert", self, uri) rpki.rpkid.revoked_cert_obj.revoke(cert = cert, ca_detail = ca_detail) publisher.withdraw(cls = rpki.publication.roa_elt, uri = uri, obj = roa, repository = ca_detail.ca.parent.repository, @@ -2006,11 +2004,11 @@ class ghostbuster_obj(rpki.sql.sql_persistent): args = [self] try: args.extend(self.vcard.splitlines()[2:-1]) - except: + except: # pylint: disable=W0702 pass try: args.append(self.uri) - except: + except: # pylint: disable=W0702 pass return rpki.log.log_repr(*args) @@ -2052,11 +2050,11 @@ class ghostbuster_obj(rpki.sql.sql_persistent): regen_time = self.cert.getNotAfter() - rpki.sundial.timedelta(seconds = self.self.regen_margin) if rpki.sundial.now() > regen_time: - logger.debug("%r past threshold %s, regenerating" % (self, regen_time)) + logger.debug("%r past threshold %s, regenerating", self, regen_time) return self.regenerate(publisher = publisher, fast = fast) if self.cert.get_AIA()[0] != self.ca_detail.ca_cert_uri: - logger.debug("%r AIA changed, regenerating" % self) + logger.debug("%r AIA changed, regenerating", self) return self.regenerate(publisher = publisher, fast = fast) def generate(self, publisher, fast = False): @@ -2088,7 +2086,7 @@ class ghostbuster_obj(rpki.sql.sql_persistent): self.published = rpki.sundial.now() self.sql_store() - logger.debug("Generating Ghostbuster record %r" % self.uri) + logger.debug("Generating Ghostbuster record %r", self.uri) publisher.publish( cls = rpki.publication.ghostbuster_elt, uri = self.uri, @@ -2127,14 +2125,14 @@ class ghostbuster_obj(rpki.sql.sql_persistent): ghostbuster = self.ghostbuster uri = self.uri - logger.debug("%s %r, ca_detail %r state is %s" % ( - "Regenerating" if regenerate else "Not regenerating", - self, ca_detail, ca_detail.state)) + logger.debug("%s %r, ca_detail %r state is %s", + "Regenerating" if regenerate else "Not regenerating", + self, ca_detail, ca_detail.state) if regenerate: self.generate(publisher = publisher, fast = fast) - logger.debug("Withdrawing %r %s and revoking its EE cert" % (self, uri)) + logger.debug("Withdrawing %r %s and revoking its EE cert", self, uri) rpki.rpkid.revoked_cert_obj.revoke(cert = cert, ca_detail = ca_detail) publisher.withdraw(cls = rpki.publication.ghostbuster_elt, uri = uri, obj = ghostbuster, repository = ca_detail.ca.parent.repository, @@ -2242,7 +2240,7 @@ class ee_cert_obj(rpki.sql.sql_persistent): @gski.setter def gski(self, val): - self.ski = base64.urlsafe_b64decode(s + ("=" * ((4 - len(s)) % 4))) + self.ski = base64.urlsafe_b64decode(val + ("=" * ((4 - len(val)) % 4))) @property def uri(self): @@ -2295,7 +2293,7 @@ class ee_cert_obj(rpki.sql.sql_persistent): ca_detail.generate_manifest(publisher = publisher) - logger.debug("New ee_cert %r" % self) + logger.debug("New ee_cert %r", self) return self @@ -2306,7 +2304,7 @@ class ee_cert_obj(rpki.sql.sql_persistent): ca_detail = self.ca_detail ca = ca_detail.ca - logger.debug("Revoking %r %r" % (self, self.uri)) + logger.debug("Revoking %r %r", self, self.uri) revoked_cert_obj.revoke(cert = self.cert, ca_detail = ca_detail) publisher.withdraw(cls = rpki.publication.certificate_elt, uri = self.uri, @@ -2346,37 +2344,37 @@ class ee_cert_obj(rpki.sql.sql_persistent): assert ca_detail.covers(resources) if ca_detail != self.ca_detail: - logger.debug("ca_detail changed for %r: old %r new %r" % ( - self, self.ca_detail, ca_detail)) + logger.debug("ca_detail changed for %r: old %r new %r", + self, self.ca_detail, ca_detail) needed = True if ca_detail.ca_cert_uri != old_cert.get_AIA()[0]: - logger.debug("AIA changed for %r: old %s new %s" % ( - self, old_cert.get_AIA()[0], ca_detail.ca_cert_uri)) + logger.debug("AIA changed for %r: old %s new %s", + self, old_cert.get_AIA()[0], ca_detail.ca_cert_uri) needed = True if resources.valid_until != old_resources.valid_until: - logger.debug("Validity changed for %r: old %s new %s" % ( - self, old_resources.valid_until, resources.valid_until)) + logger.debug("Validity changed for %r: old %s new %s", + self, old_resources.valid_until, resources.valid_until) needed = True if resources.asn != old_resources.asn or resources.v4 != old_resources.v4 or resources.v6 != old_resources.v6: - logger.debug("Resources changed for %r: old %s new %s" % ( - self, old_resources, resources)) + logger.debug("Resources changed for %r: old %s new %s", + self, old_resources, resources) needed = True must_revoke = (old_resources.oversized(resources) or old_resources.valid_until > resources.valid_until) if must_revoke: - logger.debug("Must revoke existing cert(s) for %r" % self) + logger.debug("Must revoke existing cert(s) for %r", self) needed = True if not needed and force: - logger.debug("No change needed for %r, forcing reissuance anyway" % self) + logger.debug("No change needed for %r, forcing reissuance anyway", self) needed = True if not needed: - logger.debug("No change to %r" % self) + logger.debug("No change to %r", self) return cn, sn = self.cert.getSubject().extract_cn_and_sn() @@ -2449,7 +2447,8 @@ class publication_queue(object): self.repositories[rid] = repository self.msgs[rid] = rpki.publication.msg.query() if self.replace and uri in self.uris: - logger.debug("Removing publication duplicate <%s %r %r>" % (self.uris[uri].action, self.uris[uri].uri, self.uris[uri].payload)) + logger.debug("Removing publication duplicate <%s %r %r>", + self.uris[uri].action, self.uris[uri].uri, self.uris[uri].payload) self.msgs[rid].remove(self.uris.pop(uri)) pdu = make_pdu(uri = uri, obj = obj) if handler is not None: @@ -2467,7 +2466,7 @@ class publication_queue(object): def call_pubd(self, cb, eb): def loop(iterator, rid): - logger.debug("Calling pubd[%r]" % self.repositories[rid]) + logger.debug("Calling pubd[%r]", self.repositories[rid]) self.repositories[rid].call_pubd(iterator, eb, self.msgs[rid], self.handlers) def done(): self.clear() |