diff options
| -rw-r--r-- | scripts/Makefile | 6 | ||||
| -rw-r--r-- | scripts/biz-certs/Bob-CA.srl | 2 | ||||
| -rw-r--r-- | scripts/rpki/left_right.py | 48 | ||||
| -rw-r--r-- | scripts/rpki/sql.py | 8 | ||||
| -rwxr-xr-x | scripts/rpkid.py | 2 |
5 files changed, 46 insertions, 20 deletions
diff --git a/scripts/Makefile b/scripts/Makefile index f7e17ca2..60deeb3c 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -16,8 +16,7 @@ all:: up-down-schema.rng up-down-schema.rng: up-down-schema.rnc trang up-down-schema.rnc up-down-schema.rng -test:: all - python xml-parse-test.py +#test:: all ; python xml-parse-test.py dont-run-trang: touch *.rng @@ -50,5 +49,4 @@ rpki/relaxng.py: left-right-schema.rng up-down-schema.rng make-relaxng.py python make-relaxng.py >$@.tmp mv $@.tmp $@ -test:: - sh -x testroot.sh run +test:: all ; sh -x testroot.sh run diff --git a/scripts/biz-certs/Bob-CA.srl b/scripts/biz-certs/Bob-CA.srl index 0e9c9092..1c75f5ce 100644 --- a/scripts/biz-certs/Bob-CA.srl +++ b/scripts/biz-certs/Bob-CA.srl @@ -1 +1 @@ -90801F1ED19454B6 +90801F1ED19454C2 diff --git a/scripts/rpki/left_right.py b/scripts/rpki/left_right.py index 59032f17..63ebc385 100644 --- a/scripts/rpki/left_right.py +++ b/scripts/rpki/left_right.py @@ -2,7 +2,7 @@ """RPKI "left-right" protocol.""" -import base64, lxml.etree, time, traceback +import base64, lxml.etree, time, traceback, os import rpki.sax_utils, rpki.resource_set, rpki.x509, rpki.sql, rpki.exceptions import rpki.https, rpki.up_down, rpki.relaxng, rpki.sundial @@ -546,15 +546,43 @@ class repository_elt(data_elt): self.make_b64elt(elt, "https_ta", self.https_ta.get_DER()) return elt - def publish(self, *things): - """Placeholder for publication operation (not yet written).""" - for thing in things: - print "Should publish %s to repository %s" % (repr(thing), repr(self)) - - def withdraw(self, *things): - """Placeholder for publication withdrawal operation (not yet written).""" - for thing in things: - print "Should withdraw %s from repository %s" % (repr(thing), repr(self)) + @staticmethod + def uri_to_filename(base, uri): + """Convert a URI to a filename. [TEMPORARY]""" + if not uri.startswith("rsync://"): + raise rpki.exceptions.BadURISyntax + filename = base + uri[len("rsync://"):] + if filename.find("//") >= 0 or filename.find("/../") >= 0 or filename.endswith("/.."): + raise rpki.exceptions.BadURISyntax + return filename + + @classmethod + def object_write(cls, base, uri, obj): + """Write an object to disk. [TEMPORARY]""" + filename = cls.uri_to_filename(base, uri) + dirname = os.path.dirname(filename) + if not os.path.isdir(dirname): + os.makedirs(dirname) + f = open(filename, "wb") + f.write(obj.get_DER()) + f.close() + + @classmethod + def object_delete(cls, base, uri): + """Delete an object from disk. [TEMPORARY]""" + os.remove(cls.uri_to_filename(base, uri)) + + def publish(self, gctx, *things): + """Placeholder for publication operation. [TEMPORARY]""" + for obj, uri in things: + print "Pretending to publish %s to repository %s at %s" % (repr(obj), repr(self), repr(uri)) + self.object_write(gctx.publication_kludge_base, uri, obj) + + def withdraw(self, gctx, *things): + """Placeholder for publication withdrawal operation. [TEMPORARY]""" + for obj, uri in things: + print "Pretending to withdraw %s from repository %s at %s" % (repr(obj), repr(self), repr(uri)) + self.object_delete(gctx.publication_kludge_base, uri) class route_origin_elt(data_elt): """<route_origin/> element.""" diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py index e6b86b57..b40bb672 100644 --- a/scripts/rpki/sql.py +++ b/scripts/rpki/sql.py @@ -293,10 +293,9 @@ class ca_obj(sql_persistant): repository = rpki.left_right.repository_elt.sql_fetch(gctx, parent.repository_id) for ca_detail in ca_detail_obj.sql_fetch_where(gctx, "ca_id = %s" % self.ca_id): for child_cert in child_cert_obj.sql_fetch_where(gctx, "ca_detail_id = %s" % ca_detail.ca_detail_id): - repository.withdraw((child_cert.cert, child_cert.uri(self))) + repository.withdraw(gctx, (child_cert.cert, child_cert.uri(self))) child_cert.sql_delete(gctx) - repository.withdraw((ca_detail.latest_crl, ca_detail.crl_uri()), - (ca_detail.latest_manifest, ca_detail.manifest_uri(self))) + repository.withdraw(gctx, (ca_detail.latest_crl, ca_detail.crl_uri()), (ca_detail.latest_manifest, ca_detail.manifest_uri(self))) ca_detail.sql_delete(gctx) self.sql_delete(gctx) @@ -465,8 +464,7 @@ class ca_detail_obj(sql_persistant): parent = rpki.left_right.parent_elt.sql_fetch(gctx, ca.parent_id) repository = rpki.left_right.repository_elt.sql_fetch(gctx, parent.repository_id) - repository.publish((child_cert.cert, child_cert.uri(ca)), - (self.latest_manifest, self.manifest_uri(ca))) + repository.publish(gctx, (child_cert.cert, child_cert.uri(ca)), (self.latest_manifest, self.manifest_uri(ca))) return child_cert diff --git a/scripts/rpkid.py b/scripts/rpkid.py index ec191665..71b7f389 100755 --- a/scripts/rpkid.py +++ b/scripts/rpkid.py @@ -67,6 +67,8 @@ class global_context(object): self.https_server_host = cfg.get(section, "server-host", "") self.https_server_port = int(cfg.get(section, "server-port", "4433")) + self.publication_kludge_base = cfg.get(section, "publication-kludge-base", "rpki-publication/") + os.environ["TZ"] = "UTC" time.tzset() |