aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--scripts/Makefile6
-rw-r--r--scripts/README11
-rwxr-xr-xscripts/irbe-cli.py6
-rw-r--r--scripts/make-relaxng.py11
-rw-r--r--scripts/rpki/relaxng.py1150
-rwxr-xr-xscripts/rpkid.py7
-rwxr-xr-xscripts/xml-parse-test.py7
7 files changed, 1164 insertions, 34 deletions
diff --git a/scripts/Makefile b/scripts/Makefile
index 7003b602..11039603 100644
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -43,3 +43,9 @@ doxygen:
tags:
find . -type f -name '*.py' | etags -
+
+all:: rpki/relaxng.py
+
+rpki/relaxng.py: left-right-schema.rng up-down-schema.rng make-relaxng.py
+ python make-relaxng.py >$@.tmp
+ mv $@.tmp $@
diff --git a/scripts/README b/scripts/README
index 2d7fb7d0..0431331c 100644
--- a/scripts/README
+++ b/scripts/README
@@ -49,17 +49,6 @@ Hmm, do we really need .sql_dirty at all? Maybe just inserting the
object into the dirty set (above) would suffice? One less thing to
screw up.
-RelaxNG schemas probably ought to be internal rather than files with
-magic names or config variables pointing at files. Makefile hack to
-put a Python wrapper around a .rng file, and automatically convert
-.rng to lxml internal form while we're at it?
-
-Have started on RPKI-specific exception hierarchy (well, it might be
-flat) and conversion of inappropriate uses of assert and standard
-exceptions to use rpki-specific exceptions. Top level of protocol
-handlers needs to include exception catches that translate these
-exceptions into appropriate protocol error messages.
-
Use generalized serve_*_hook() methods to handle actions signaled by
the various left-right boolean controls. One fun test case for this
should be bsc keypair generation. Some of the defined actions will be
diff --git a/scripts/irbe-cli.py b/scripts/irbe-cli.py
index 413eb068..c2377022 100755
--- a/scripts/irbe-cli.py
+++ b/scripts/irbe-cli.py
@@ -35,8 +35,6 @@ def main():
cfg = rpki.config.parser("irbe.conf")
section = "irbe-cli"
- rng = rpki.relaxng.RelaxNG(cfg.get(section, "rng-schema"))
-
privateKey = rpki.x509.RSA_Keypair(PEM_file = cfg.get(section, "https-key"))
certChain = rpki.x509.X509_chain()
@@ -63,7 +61,7 @@ def main():
q_elt = q_msg.toXML()
q_xml = lxml.etree.tostring(q_elt, pretty_print=True, encoding="us-ascii", xml_declaration=True)
try:
- rng.assertValid(q_elt)
+ rpki.relaxng.left_right.assertValid(q_elt)
except lxml.etree.DocumentInvalid:
print "Generated request document doesn't pass schema check:"
print q_xml
@@ -81,7 +79,7 @@ def main():
r_elt = lxml.etree.fromstring(r_xml)
try:
- rng.assertValid(r_elt)
+ rpki.relaxng.left_right.assertValid(r_elt)
except lxml.etree.DocumentInvalid:
print "Received reply document doesn't pass schema check:"
print r_xml
diff --git a/scripts/make-relaxng.py b/scripts/make-relaxng.py
new file mode 100644
index 00000000..f7ee9dac
--- /dev/null
+++ b/scripts/make-relaxng.py
@@ -0,0 +1,11 @@
+# $Id$
+
+print "# Automatically generated, do not edit."
+print
+print "import lxml.etree"
+
+for varname, filename in (("left_right", "left-right-schema.rng"),
+ ("up_down", "up-down-schema.rng")):
+ f = open(filename)
+ print "\n%s = lxml.etree.RelaxNG(lxml.etree.fromstring('''%s'''))" % (varname, f.read())
+ f.close()
diff --git a/scripts/rpki/relaxng.py b/scripts/rpki/relaxng.py
index ebf78ecd..e43e1bcb 100644
--- a/scripts/rpki/relaxng.py
+++ b/scripts/rpki/relaxng.py
@@ -1,14 +1,1144 @@
-# $Id$
-
-"""Trivial wrapper around lxml.etree.RelaxNG."""
+# Automatically generated, do not edit.
import lxml.etree
-class RelaxNG(lxml.etree.RelaxNG):
- """Minor customizations of lxml.etreeRelaxNG."""
+left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ $Id: left-right-schema.rng 995 2007-09-19 20:42:31Z sra $
+
+ RelaxNG (Compact Syntax) Schema for RPKI left-right protocol.
+
+ libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
+ run the compact syntax through trang to get XML syntax.
+-->
+<grammar ns="http://www.hactrn.net/uris/rpki/left-right-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
+ <!-- Top level PDU -->
+ <start>
+ <element name="msg">
+ <attribute name="version">
+ <data type="positiveInteger">
+ <param name="maxInclusive">1</param>
+ </data>
+ </attribute>
+ <zeroOrMore>
+ <choice>
+ <ref name="self_elt"/>
+ <ref name="bsc_elt"/>
+ <ref name="parent_elt"/>
+ <ref name="child_elt"/>
+ <ref name="repository_elt"/>
+ <ref name="ro_elt"/>
+ <ref name="list_resources_elt"/>
+ <ref name="report_error_elt"/>
+ </choice>
+ </zeroOrMore>
+ </element>
+ </start>
+ <!--
+ Combinations of action and type attributes used in later definitions.
+ The same patterns repeat in most of the elements in this protocol.
+ -->
+ <define name="ctl_cq">
+ <attribute name="action">
+ <value>create</value>
+ </attribute>
+ <attribute name="type">
+ <value>query</value>
+ </attribute>
+ </define>
+ <define name="ctl_sq">
+ <attribute name="action">
+ <value>set</value>
+ </attribute>
+ <attribute name="type">
+ <value>query</value>
+ </attribute>
+ </define>
+ <define name="ctl_gq">
+ <attribute name="action">
+ <value>get</value>
+ </attribute>
+ <attribute name="type">
+ <value>query</value>
+ </attribute>
+ </define>
+ <define name="ctl_lq">
+ <attribute name="action">
+ <value>list</value>
+ </attribute>
+ <attribute name="type">
+ <value>query</value>
+ </attribute>
+ </define>
+ <define name="ctl_dq">
+ <attribute name="action">
+ <value>destroy</value>
+ </attribute>
+ <attribute name="type">
+ <value>query</value>
+ </attribute>
+ </define>
+ <define name="ctl_cr">
+ <attribute name="action">
+ <value>create</value>
+ </attribute>
+ <attribute name="type">
+ <value>reply</value>
+ </attribute>
+ </define>
+ <define name="ctl_sr">
+ <attribute name="action">
+ <value>set</value>
+ </attribute>
+ <attribute name="type">
+ <value>reply</value>
+ </attribute>
+ </define>
+ <define name="ctl_gr">
+ <attribute name="action">
+ <value>get</value>
+ </attribute>
+ <attribute name="type">
+ <value>reply</value>
+ </attribute>
+ </define>
+ <define name="ctl_lr">
+ <attribute name="action">
+ <value>list</value>
+ </attribute>
+ <attribute name="type">
+ <value>reply</value>
+ </attribute>
+ </define>
+ <define name="ctl_dr">
+ <attribute name="action">
+ <value>destroy</value>
+ </attribute>
+ <attribute name="type">
+ <value>reply</value>
+ </attribute>
+ </define>
+ <!-- Base64 encoded DER stuff -->
+ <define name="base64">
+ <data type="base64Binary">
+ <param name="maxLength">512000</param>
+ </data>
+ </define>
+ <!-- How we wrap peer_ta fields (separate element or inline?) -->
+ <define name="peer_ta">
+ <element name="peer_ta">
+ <ref name="base64"/>
+ </element>
+ </define>
+ <!-- Base definition for all fields that are really just SQL primary indices -->
+ <define name="sql_id">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </define>
+ <!-- <self/> element -->
+ <define name="self_bool">
+ <optional>
+ <attribute name="rekey">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="reissue">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="revoke">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="run_now">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="publish_world_now">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="clear_extension_preferences">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ </define>
+ <define name="self_payload">
+ <zeroOrMore>
+ <element name="extension_preference">
+ <attribute name="name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <data type="string">
+ <param name="maxLength">512000</param>
+ </data>
+ </element>
+ </zeroOrMore>
+ </define>
+ <define name="self_id">
+ <attribute name="self_id">
+ <ref name="sql_id"/>
+ </attribute>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_cq"/>
+ <ref name="self_bool"/>
+ <ref name="self_payload"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_cr"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_sq"/>
+ <ref name="self_id"/>
+ <ref name="self_bool"/>
+ <ref name="self_payload"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_sr"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_gq"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_gr"/>
+ <ref name="self_id"/>
+ <ref name="self_payload"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_lq"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_lr"/>
+ <ref name="self_id"/>
+ <ref name="self_payload"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_dq"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="self_elt" combine="choice">
+ <element name="self">
+ <ref name="ctl_dr"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <!-- <bsc/> element. Key parameters hardwired for now. -->
+ <define name="bsc_bool">
+ <optional>
+ <attribute name="generate_keypair">
+ <value>yes</value>
+ </attribute>
+ <optional>
+ <attribute name="key_type">
+ <value>rsa</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="hash_alg">
+ <value>sha256</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="key_length">
+ <value>2048</value>
+ </attribute>
+ </optional>
+ </optional>
+ <optional>
+ <attribute name="clear_signing_certs">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ </define>
+ <define name="bsc_id">
+ <attribute name="bsc_id">
+ <ref name="sql_id"/>
+ </attribute>
+ </define>
+ <define name="bsc_payload">
+ <zeroOrMore>
+ <element name="signing_cert">
+ <ref name="base64"/>
+ </element>
+ </zeroOrMore>
+ <optional>
+ <element name="public_key">
+ <ref name="base64"/>
+ </element>
+ </optional>
+ </define>
+ <define name="bsc_pkcs10">
+ <optional>
+ <element name="pkcs10_cert_request">
+ <ref name="base64"/>
+ </element>
+ </optional>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_cq"/>
+ <ref name="self_id"/>
+ <ref name="bsc_bool"/>
+ <ref name="bsc_payload"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_cr"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ <ref name="bsc_pkcs10"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_sq"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ <ref name="bsc_bool"/>
+ <ref name="bsc_payload"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_sr"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ <ref name="bsc_pkcs10"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_gq"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_gr"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ <ref name="bsc_payload"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_lq"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_lr"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ <ref name="bsc_payload"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_dq"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ </element>
+ </define>
+ <define name="bsc_elt" combine="choice">
+ <element name="bsc">
+ <ref name="ctl_dr"/>
+ <ref name="self_id"/>
+ <ref name="bsc_id"/>
+ </element>
+ </define>
+ <!-- <parent/> element -->
+ <define name="parent_id">
+ <attribute name="parent_id">
+ <ref name="sql_id"/>
+ </attribute>
+ </define>
+ <define name="parent_bool">
+ <optional>
+ <attribute name="rekey">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="reissue">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="revoke">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ </define>
+ <define name="parent_payload">
+ <optional>
+ <attribute name="peer_contact_uri">
+ <data type="anyURI">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="sia_base">
+ <data type="anyURI">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="bsc_id">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="repository_id">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <ref name="peer_ta"/>
+ </optional>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_cq"/>
+ <ref name="self_id"/>
+ <ref name="parent_bool"/>
+ <ref name="parent_payload"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_cr"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_sq"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ <ref name="parent_bool"/>
+ <ref name="parent_payload"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_sr"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_gq"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_gr"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ <ref name="parent_payload"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_lq"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_lr"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ <ref name="parent_payload"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_dq"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ </element>
+ </define>
+ <define name="parent_elt" combine="choice">
+ <element name="parent">
+ <ref name="ctl_dr"/>
+ <ref name="self_id"/>
+ <ref name="parent_id"/>
+ </element>
+ </define>
+ <!-- <child/> element -->
+ <define name="child_id">
+ <attribute name="child_id">
+ <ref name="sql_id"/>
+ </attribute>
+ </define>
+ <define name="child_bool">
+ <optional>
+ <attribute name="reissue">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ </define>
+ <define name="child_payload">
+ <optional>
+ <attribute name="bsc_id">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <ref name="peer_ta"/>
+ </optional>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_cq"/>
+ <ref name="self_id"/>
+ <ref name="child_bool"/>
+ <ref name="child_payload"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_cr"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_sq"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ <ref name="child_bool"/>
+ <ref name="child_payload"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_sr"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_gq"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_gr"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ <ref name="child_payload"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_lq"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_lr"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ <ref name="child_payload"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_dq"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ </element>
+ </define>
+ <define name="child_elt" combine="choice">
+ <element name="child">
+ <ref name="ctl_dr"/>
+ <ref name="self_id"/>
+ <ref name="child_id"/>
+ </element>
+ </define>
+ <!-- <repository/> element -->
+ <define name="repository_id">
+ <attribute name="repository_id">
+ <ref name="sql_id"/>
+ </attribute>
+ </define>
+ <define name="repository_payload">
+ <optional>
+ <attribute name="peer_contact_uri">
+ <data type="anyURI">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="bsc_id">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <ref name="peer_ta"/>
+ </optional>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_cq"/>
+ <ref name="self_id"/>
+ <ref name="repository_payload"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_cr"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_sq"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ <ref name="repository_payload"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_sr"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_gq"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_gr"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ <ref name="repository_payload"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_lq"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_lr"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ <ref name="repository_payload"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_dq"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ </element>
+ </define>
+ <define name="repository_elt" combine="choice">
+ <element name="repository">
+ <ref name="ctl_dr"/>
+ <ref name="self_id"/>
+ <ref name="repository_id"/>
+ </element>
+ </define>
+ <!-- <route_origin/> element -->
+ <define name="ro_id">
+ <attribute name="route_origin_id">
+ <ref name="sql_id"/>
+ </attribute>
+ </define>
+ <define name="ro_bool">
+ <optional>
+ <attribute name="suppress_publication">
+ <value>yes</value>
+ </attribute>
+ </optional>
+ </define>
+ <define name="ro_payload">
+ <optional>
+ <attribute name="as_number">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="ipv4">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="ipv6">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_cq"/>
+ <ref name="self_id"/>
+ <ref name="ro_bool"/>
+ <ref name="ro_payload"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_cr"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_sq"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ <ref name="ro_bool"/>
+ <ref name="ro_payload"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_sr"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_gq"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_gr"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ <ref name="ro_payload"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_lq"/>
+ <ref name="self_id"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_lr"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ <ref name="ro_payload"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_dq"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ </element>
+ </define>
+ <define name="ro_elt" combine="choice">
+ <element name="route_origin">
+ <ref name="ctl_dr"/>
+ <ref name="self_id"/>
+ <ref name="ro_id"/>
+ </element>
+ </define>
+ <!-- <list_resources/> element -->
+ <define name="list_resources_elt">
+ <element name="list_resources">
+ <choice>
+ <group>
+ <attribute name="type">
+ <value>query</value>
+ </attribute>
+ <ref name="self_id"/>
+ <optional>
+ <ref name="child_id"/>
+ </optional>
+ </group>
+ <group>
+ <attribute name="type">
+ <value>reply</value>
+ </attribute>
+ <ref name="self_id"/>
+ <optional>
+ <ref name="child_id"/>
+ </optional>
+ <optional>
+ <attribute name="valid_until">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <zeroOrMore>
+ <element name="resource_class">
+ <optional>
+ <attribute name="subject_name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="as">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="ipv4">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="ipv6">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ </element>
+ </zeroOrMore>
+ </group>
+ </choice>
+ </element>
+ </define>
+ <!-- <report_error/> element -->
+ <define name="report_error_elt">
+ <element name="report_error">
+ <ref name="self_id"/>
+ <attribute name="error_code">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <optional>
+ <data type="string">
+ <param name="maxLength">512000</param>
+ </data>
+ </optional>
+ </element>
+ </define>
+</grammar>
+'''))
- def __init__(self, filename):
- """
- Initialize a RelaxNG validator from a file.
- """
- lxml.etree.RelaxNG.__init__(self, lxml.etree.parse(filename))
+up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ $Id: up-down-schema.rnc 974 2007-09-16 19:37:23Z sra $
+
+ RelaxNG (Compact Syntax) Scheme for up-down protocol, extracted
+ from APNIC Wiki.
+
+ libxml2 (including xmllint) only groks the XML syntax of RelaxNG,
+ so run this through a converter like /usr/ports/textproc/trang to get
+ XML syntax:
+
+ $ trang up-down-schema.rnc up-down-schema.rng
+-->
+<grammar ns="http://www.apnic.net/specs/rescerts/up-down/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
+ <start>
+ <element name="message">
+ <attribute name="version">
+ <data type="positiveInteger">
+ <param name="maxInclusive">1</param>
+ </data>
+ </attribute>
+ <attribute name="sender">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="recipient">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <ref name="payload"/>
+ </element>
+ </start>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>list</value>
+ </attribute>
+ <ref name="list_request"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>list_response</value>
+ </attribute>
+ <ref name="list_response"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>issue</value>
+ </attribute>
+ <ref name="issue_request"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>issue_response</value>
+ </attribute>
+ <ref name="issue_response"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>revoke</value>
+ </attribute>
+ <ref name="revoke_request"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>revoke_response</value>
+ </attribute>
+ <ref name="revoke_response"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>error_response</value>
+ </attribute>
+ <ref name="error_response"/>
+ </define>
+ <define name="list_request">
+ <empty/>
+ </define>
+ <define name="list_response">
+ <zeroOrMore>
+ <ref name="class"/>
+ </zeroOrMore>
+ </define>
+ <define name="class">
+ <element name="class">
+ <attribute name="class_name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="cert_url">
+ <data type="string">
+ <param name="maxLength">4096</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_as">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,0-9]*</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_ipv4">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/.0-9]*</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_ipv6">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/:0-9a-fA-F]*</param>
+ </data>
+ </attribute>
+ <optional>
+ <attribute name="suggested_sia_head">
+ <data type="anyURI">
+ <param name="maxLength">1024</param>
+ <param name="pattern">rsync://.+</param>
+ </data>
+ </attribute>
+ </optional>
+ <zeroOrMore>
+ <element name="certificate">
+ <attribute name="cert_url">
+ <data type="string">
+ <param name="maxLength">4096</param>
+ </data>
+ </attribute>
+ <optional>
+ <attribute name="req_resource_set_as">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv4">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/.0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv6">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/:0-9a-fA-F]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <data type="base64Binary">
+ <param name="maxLength">512000</param>
+ </data>
+ </element>
+ </zeroOrMore>
+ <element name="issuer">
+ <data type="base64Binary">
+ <param name="maxLength">512000</param>
+ </data>
+ </element>
+ </element>
+ </define>
+ <define name="issue_request">
+ <element name="request">
+ <attribute name="class_name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <optional>
+ <attribute name="req_resource_set_as">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv4">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/.0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv6">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/:0-9a-fA-F]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <data type="base64Binary">
+ <param name="maxLength">512000</param>
+ </data>
+ </element>
+ </define>
+ <define name="issue_response">
+ <ref name="class"/>
+ </define>
+ <define name="revoke_request">
+ <ref name="revocation"/>
+ </define>
+ <define name="revoke_response">
+ <ref name="revocation"/>
+ </define>
+ <define name="revocation">
+ <element name="key">
+ <attribute name="class_name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="ski">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </element>
+ </define>
+ <define name="error_response">
+ <element name="status">
+ <data type="positiveInteger">
+ <param name="maxInclusive">999999999999999</param>
+ </data>
+ </element>
+ <optional>
+ <element name="description">
+ <attribute name="xml:lang">
+ <data type="language"/>
+ </attribute>
+ <data type="string">
+ <param name="maxLength">1024</param>
+ </data>
+ </element>
+ </optional>
+ </define>
+</grammar>
+'''))
diff --git a/scripts/rpkid.py b/scripts/rpkid.py
index 4abc93ae..22b6bf6c 100755
--- a/scripts/rpkid.py
+++ b/scripts/rpkid.py
@@ -17,7 +17,7 @@ def encode(msg, cms_key, cms_certs):
def left_right_handler(query, path):
try:
q_elt = decode(query, cms_ta_irbe)
- lr_rng.assertValid(q_elt)
+ rpki.relaxng.left_right.assertValid(q_elt)
saxer = rpki.left_right.sax_handler()
lxml.sax.saxify(q_elt, saxer)
q_msg = saxer.result
@@ -26,7 +26,7 @@ def left_right_handler(query, path):
q_pdu.serve_dispatch(db, cur, r_msg)
r_elt = r_msg.toXML()
try:
- lr_rng.assertValid(r_elt)
+ rpki.relaxng.left_right.assertValid(r_elt)
except lxml.etree.DocumentInvalid:
print lxml.etree.tostring(r_elt, pretty_print=True, encoding="us-ascii", xml_declaration=True)
raise
@@ -50,9 +50,6 @@ db = MySQLdb.connect(user = cfg.get(section, "sql-username"),
cur = db.cursor()
-lr_rng = rpki.relaxng.RelaxNG("left-right-schema.rng")
-ud_rng = rpki.relaxng.RelaxNG("up-down-schema.rng")
-
cms_ta_irdb = cfg.get(section, "cms-ta-irdb")
cms_ta_irbe = cfg.get(section, "cms-ta-irbe")
cms_key = cfg.get(section, "cms-key")
diff --git a/scripts/xml-parse-test.py b/scripts/xml-parse-test.py
index 73ab295d..bf8646a9 100755
--- a/scripts/xml-parse-test.py
+++ b/scripts/xml-parse-test.py
@@ -4,8 +4,7 @@ import glob, rpki.up_down, rpki.left_right, rpki.relaxng, xml.sax, lxml.etree, l
verbose = False
-def test(fileglob, schema, sax_handler, encoding, tester=None):
- rng = rpki.relaxng.RelaxNG(schema)
+def test(fileglob, rng, sax_handler, encoding, tester=None):
files = glob.glob(fileglob)
files.sort()
for f in files:
@@ -42,13 +41,13 @@ def lr_tester(elt_in, elt_out, msg):
pprint_cert(cert)
test(fileglob="up-down-protocol-samples/*.xml",
- schema="up-down-schema.rng",
+ rng=rpki.relaxng.up_down,
sax_handler=rpki.up_down.sax_handler,
encoding="utf-8",
tester=ud_tester)
test(fileglob="left-right-protocol-samples/*.xml",
- schema="left-right-schema.rng",
+ rng=rpki.relaxng.left_right,
sax_handler=rpki.left_right.sax_handler,
encoding="us-ascii",
tester=lr_tester)
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-14 07:53:02 +0000