diff options
| -rw-r--r-- | scripts/Makefile | 4 | ||||
| -rw-r--r-- | scripts/Old/test-sql.py | 8 | ||||
| -rw-r--r-- | scripts/biz-certs/Bob-CA.srl | 2 | ||||
| -rw-r--r-- | scripts/http-client.py | 11 | ||||
| -rw-r--r-- | scripts/http-server.py | 9 | ||||
| -rwxr-xr-x | scripts/irbe-cli.py | 17 | ||||
| -rw-r--r-- | scripts/irbe-setup.py | 20 | ||||
| -rwxr-xr-x | scripts/irdb.py | 26 | ||||
| -rwxr-xr-x | scripts/rootd.py | 25 | ||||
| -rw-r--r-- | scripts/rpki/config.py | 13 | ||||
| -rw-r--r-- | scripts/rpki/sql.py | 8 | ||||
| -rwxr-xr-x | scripts/rpkid.py | 40 | ||||
| -rw-r--r-- | scripts/testbed.1.yaml | 1 | ||||
| -rw-r--r-- | scripts/testbed.py | 41 |
14 files changed, 113 insertions, 112 deletions
diff --git a/scripts/Makefile b/scripts/Makefile index f582c06e..d34bf46d 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -51,4 +51,6 @@ rpki/relaxng.py: left-right-schema.rng up-down-schema.rng make-relaxng.py python make-relaxng.py >$@.tmp mv $@.tmp $@ -test:: all ; sh -x rootd.sh run +#test:: all ; sh -x rootd.sh run + +test:: all ; python testbed.py diff --git a/scripts/Old/test-sql.py b/scripts/Old/test-sql.py index 6357ed42..1989906f 100644 --- a/scripts/Old/test-sql.py +++ b/scripts/Old/test-sql.py @@ -6,11 +6,11 @@ def test(filename, section): print "[Checking " + filename + "]\n" - cfg = rpki.config.parser(filename) + cfg = rpki.config.parser(filename, section) - db = MySQLdb.connect(user = cfg.get(section, "sql-username"), - db = cfg.get(section, "sql-database"), - passwd = cfg.get(section, "sql-password")) + db = MySQLdb.connect(user = cfg.get("sql-username"), + db = cfg.get("sql-database"), + passwd = cfg.get("sql-password")) cur = db.cursor() diff --git a/scripts/biz-certs/Bob-CA.srl b/scripts/biz-certs/Bob-CA.srl index 29ac2a7a..801e87d0 100644 --- a/scripts/biz-certs/Bob-CA.srl +++ b/scripts/biz-certs/Bob-CA.srl @@ -1 +1 @@ -90801F1ED194555C +90801F1ED194555E diff --git a/scripts/http-client.py b/scripts/http-client.py index 3e5ec618..5829ac4b 100644 --- a/scripts/http-client.py +++ b/scripts/http-client.py @@ -27,11 +27,10 @@ if argv: print __doc__ raise RuntimeError, "Unexpected arguments %s" % argv -cfg = rpki.config.parser(cfg_file) -section = "client" +cfg = rpki.config.parser(cfg_file, "client") -print rpki.https.client(privateKey = rpki.x509.RSA(Auto_file = cfg.get( section, "https-key")), - certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget(section, "https-cert")), - x509TrustList = rpki.x509.X509_chain(Auto_files = cfg.multiget(section, "https-ta")), - url = cfg.get(section, "https-url"), +print rpki.https.client(privateKey = rpki.x509.RSA(Auto_file = cfg.get("https-key")), + certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert")), + x509TrustList = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta")), + url = cfg.get("https-url"), msg = msg) diff --git a/scripts/http-server.py b/scripts/http-server.py index 7716d5ed..a966f6fa 100644 --- a/scripts/http-server.py +++ b/scripts/http-server.py @@ -2,15 +2,14 @@ import rpki.https, tlslite.api, rpki.config -cfg = rpki.config.parser("http-demo.conf") -section = "server" +cfg = rpki.config.parser("http-demo.conf", "server") -privateKey = rpki.x509.RSA(PEM_file = cfg.get(section, "https-key")) +privateKey = rpki.x509.RSA(PEM_file = cfg.get("https-key")) certChain = rpki.x509.X509_chain() -certChain.load_from_PEM(cfg.multiget(section, "https-cert")) +certChain.load_from_PEM(cfg.multiget("https-cert")) def handler(query, path): return 200, "Path: %s\nQuery: %s" % (path, query) -rpki.https.server(privateKey=privateKey, certChain=certChain, handlers=handler) +rpki.https.server(privateKey = privateKey, certChain = certChain, handlers = handler) diff --git a/scripts/irbe-cli.py b/scripts/irbe-cli.py index 8ac8dc74..21c24c70 100755 --- a/scripts/irbe-cli.py +++ b/scripts/irbe-cli.py @@ -137,8 +137,7 @@ for o, a in opts: if not argv: usage(1) -cfg = rpki.config.parser(cfg_file) -cfg_section = "irbe-cli" +cfg = rpki.config.parser(cfg_file, "irbe-cli") q_msg = rpki.left_right.msg() @@ -165,16 +164,16 @@ except lxml.etree.DocumentInvalid: raise q_cms = rpki.cms.sign(q_xml, - rpki.x509.RSA(Auto_file = cfg.get(cfg_section, "cms-key")), - rpki.x509.X509_chain(Auto_files = cfg.multiget(cfg_section, "cms-cert"))) + rpki.x509.RSA(Auto_file = cfg.get("cms-key")), + rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-cert"))) -r_cms = rpki.https.client(privateKey = rpki.x509.RSA(Auto_file = cfg.get(cfg_section, "https-key")), - certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget(cfg_section, "https-cert")), - x509TrustList = rpki.x509.X509_chain(Auto_files = cfg.multiget(cfg_section, "https-ta")), - url = cfg.get(cfg_section, "https-url"), +r_cms = rpki.https.client(privateKey = rpki.x509.RSA(Auto_file = cfg.get("https-key")), + certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert")), + x509TrustList = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta")), + url = cfg.get("https-url"), msg = q_cms) -r_xml = rpki.cms.verify(r_cms, rpki.x509.X509(Auto_file = cfg.get(cfg_section, "cms-ta"))) +r_xml = rpki.cms.verify(r_cms, rpki.x509.X509(Auto_file = cfg.get("cms-ta"))) r_elt = lxml.etree.fromstring(r_xml) try: diff --git a/scripts/irbe-setup.py b/scripts/irbe-setup.py index 36d17635..aa96607f 100644 --- a/scripts/irbe-setup.py +++ b/scripts/irbe-setup.py @@ -13,18 +13,18 @@ rpki.log.init("irbe-setup") cfg = rpki.config.parser("irbe.conf") -db = MySQLdb.connect(user = cfg.get("irdb", "sql-username"), - db = cfg.get("irdb", "sql-database"), - passwd = cfg.get("irdb", "sql-password")) +db = MySQLdb.connect(user = cfg.get("sql-username", section = "irdb"), + db = cfg.get("sql-database", section = "irdb"), + passwd = cfg.get("sql-password", section = "irdb")) cur = db.cursor() -cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("irbe-cli", "cms-cert")) -cms_key = rpki.x509.RSA( Auto_file = cfg.get( "irbe-cli", "cms-key")) -cms_ta = rpki.x509.X509( Auto_file = cfg.get( "irbe-cli", "cms-ta")) -https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("irbe-cli", "https-cert")) -https_key = rpki.x509.RSA( Auto_file = cfg.get( "irbe-cli", "https-key")) -https_tas = rpki.x509.X509_chain(Auto_files = cfg.multiget("irbe-cli", "https-ta")) -https_url = cfg.get( "irbe-cli", "https-url") +cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-cert", section = "irbe-cli")) +cms_key = rpki.x509.RSA( Auto_file = cfg.get( "cms-key", section = "irbe-cli")) +cms_ta = rpki.x509.X509( Auto_file = cfg.get( "cms-ta", section = "irbe-cli")) +https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert", section = "irbe-cli")) +https_key = rpki.x509.RSA( Auto_file = cfg.get( "https-key", section = "irbe-cli")) +https_tas = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta", section = "irbe-cli")) +https_url = cfg.get( "https-url", section = "irbe-cli") def call_rpkid(pdu): """Hand a PDU to rpkid and get back the response. Just throw an diff --git a/scripts/irdb.py b/scripts/irdb.py index 3500594c..75cb9df8 100755 --- a/scripts/irdb.py +++ b/scripts/irdb.py @@ -85,23 +85,23 @@ for o,a in opts: if argv: raise RuntimeError, "Unexpected arguments %s" % argv -cfg = rpki.config.parser(cfg_file) -cfg_section = "irdb" +cfg = rpki.config.parser(cfg_file, "irdb") -if cfg.has_option(cfg_section, "startup-message"): - rpki.log.info(cfg.get(cfg_section, "startup-message")) +startup_msg = cfg.get("startup-message", "") +if startup_msg: + rpki.log.info(startup_msg) -db = MySQLdb.connect(user = cfg.get(cfg_section, "sql-username"), - db = cfg.get(cfg_section, "sql-database"), - passwd = cfg.get(cfg_section, "sql-password")) +db = MySQLdb.connect(user = cfg.get("sql-username"), + db = cfg.get("sql-database"), + passwd = cfg.get("sql-password")) cur = db.cursor() -cms_ta = rpki.x509.X509(Auto_file = cfg.get(cfg_section, "cms-ta")) -cms_key = rpki.x509.RSA(Auto_file = cfg.get(cfg_section, "cms-key")) -cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget(cfg_section, "cms-cert")) +cms_ta = rpki.x509.X509(Auto_file = cfg.get("cms-ta")) +cms_key = rpki.x509.RSA(Auto_file = cfg.get("cms-key")) +cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-cert")) -u = urlparse.urlparse(cfg.get(cfg_section, "https-url")) +u = urlparse.urlparse(cfg.get("https-url")) assert u.scheme in ("", "https") and \ u.username is None and \ @@ -110,8 +110,8 @@ assert u.scheme in ("", "https") and \ u.query == "" and \ u.fragment == "" -rpki.https.server(privateKey = rpki.x509.RSA(Auto_file = cfg.get(cfg_section, "https-key")), - certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget(cfg_section, "https-cert")), +rpki.https.server(privateKey = rpki.x509.RSA(Auto_file = cfg.get("https-key")), + certChain = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert")), host = u.hostname or "localhost", port = u.port or 443, handlers = ((u.path, handler),)) diff --git a/scripts/rootd.py b/scripts/rootd.py index 02d6322b..bfb782dc 100755 --- a/scripts/rootd.py +++ b/scripts/rootd.py @@ -152,25 +152,24 @@ for o,a in opts: if argv: raise RuntimeError, "Unexpected arguments %s" % argv -cfg = rpki.config.parser(cfg_file) -section = "rootd" +cfg = rpki.config.parser(cfg_file, "rootd") -cms_ta = rpki.x509.X509(Auto_file = cfg.get(section, "cms-ta")) -cms_key = rpki.x509.RSA(Auto_file = cfg.get(section, "cms-key")) -cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget(section, "cms-cert")) +cms_ta = rpki.x509.X509(Auto_file = cfg.get("cms-ta")) +cms_key = rpki.x509.RSA(Auto_file = cfg.get("cms-key")) +cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-cert")) -https_key = rpki.x509.RSA(Auto_file = cfg.get(section, "https-key")) -https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget(section, "https-cert")) +https_key = rpki.x509.RSA(Auto_file = cfg.get("https-key")) +https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert")) -https_server_host = cfg.get(section, "server-host", "") -https_server_port = int(cfg.get(section, "server-port")) +https_server_host = cfg.get("server-host", "") +https_server_port = int(cfg.get("server-port")) -rpki_key = rpki.x509.RSA(Auto_file = cfg.get(section, "rpki-key")) -rpki_issuer = rpki.x509.X509(Auto_file = cfg.get(section, "rpki-issuer")) +rpki_key = rpki.x509.RSA(Auto_file = cfg.get("rpki-key")) +rpki_issuer = rpki.x509.X509(Auto_file = cfg.get("rpki-issuer")) -rpki_subject_filename = cfg.get(section, "rpki-subject-filename") +rpki_subject_filename = cfg.get("rpki-subject-filename") -rpki_pkcs10_filename = cfg.get(section, "rpki-pkcs10-filename", "") +rpki_pkcs10_filename = cfg.get("rpki-pkcs10-filename", "") rpki.https.server(privateKey = https_key, certChain = https_certs, diff --git a/scripts/rpki/config.py b/scripts/rpki/config.py index 962f28fd..7a60f95b 100644 --- a/scripts/rpki/config.py +++ b/scripts/rpki/config.py @@ -9,20 +9,23 @@ import ConfigParser class parser(ConfigParser.RawConfigParser): - def __init__(self, file=None): + def __init__(self, file = None, section = None): """Initialize this parser.""" ConfigParser.RawConfigParser.__init__(self) if file: self.read(file) + self.default_section = section - def multiget(self, section, option): + def multiget(self, option, section = None): """Parse OpenSSL-style foo.0, foo.1, ... subscripted options. Returns a list of values matching the specified option name. """ matches = [] + if section is None: + section = self.default_section if self.has_option(section, option): - matches.append((-1, self.get(section, option))) + matches.append((-1, self.get(option, section = section))) for key, value in self.items(section): s = key.rsplit(".", 1) if len(s) == 2 and s[0] == option and s[1].isdigit(): @@ -30,8 +33,10 @@ class parser(ConfigParser.RawConfigParser): matches.sort() return [match[1] for match in matches] - def get(self, section, option, default=None): + def get(self, option, default = None, section = None): """Get an option, perhaps with a default value.""" + if section is None: + section = self.default_section if default is None or self.has_option(section, option): return ConfigParser.RawConfigParser.get(self, section, option) else: diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py index b461a38c..6360fc83 100644 --- a/scripts/rpki/sql.py +++ b/scripts/rpki/sql.py @@ -3,13 +3,13 @@ import MySQLdb, time, traceback import rpki.x509, rpki.resource_set, rpki.sundial -def connect(cfg, section="sql"): +def connect(cfg): """Connect to a MySQL database using connection parameters from an rpki.config.parser object. """ - return MySQLdb.connect(user = cfg.get(section, "sql-username"), - db = cfg.get(section, "sql-database"), - passwd = cfg.get(section, "sql-password")) + return MySQLdb.connect(user = cfg.get("sql-username"), + db = cfg.get("sql-database"), + passwd = cfg.get("sql-password")) class template(object): """SQL template generator.""" diff --git a/scripts/rpkid.py b/scripts/rpkid.py index cbfe1359..6518a112 100755 --- a/scripts/rpkid.py +++ b/scripts/rpkid.py @@ -66,28 +66,28 @@ def cronjob_handler(query, path): class global_context(object): """A container for various global parameters.""" - def __init__(self, cfg, section): + def __init__(self, cfg): - self.db = MySQLdb.connect(user = cfg.get(section, "sql-username"), - db = cfg.get(section, "sql-database"), - passwd = cfg.get(section, "sql-password")) + self.db = MySQLdb.connect(user = cfg.get("sql-username"), + db = cfg.get("sql-database"), + passwd = cfg.get("sql-password")) self.cur = self.db.cursor() - self.cms_ta_irdb = rpki.x509.X509(Auto_file = cfg.get(section, "cms-ta-irdb")) - self.cms_ta_irbe = rpki.x509.X509(Auto_file = cfg.get(section, "cms-ta-irbe")) - self.cms_key = rpki.x509.RSA(Auto_file = cfg.get(section, "cms-key")) - self.cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget(section, "cms-cert")) + self.cms_ta_irdb = rpki.x509.X509(Auto_file = cfg.get("cms-ta-irdb")) + self.cms_ta_irbe = rpki.x509.X509(Auto_file = cfg.get("cms-ta-irbe")) + self.cms_key = rpki.x509.RSA(Auto_file = cfg.get("cms-key")) + self.cms_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("cms-cert")) - self.https_key = rpki.x509.RSA(Auto_file = cfg.get(section, "https-key")) - self.https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget(section, "https-cert")) - self.https_tas = rpki.x509.X509_chain(Auto_files = cfg.multiget(section, "https-ta")) + self.https_key = rpki.x509.RSA(Auto_file = cfg.get("https-key")) + self.https_certs = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-cert")) + self.https_tas = rpki.x509.X509_chain(Auto_files = cfg.multiget("https-ta")) - self.irdb_url = cfg.get(section, "irdb-url") + self.irdb_url = cfg.get("irdb-url") - self.https_server_host = cfg.get(section, "server-host", "") - self.https_server_port = int(cfg.get(section, "server-port", "4433")) + self.https_server_host = cfg.get("server-host", "") + self.https_server_port = int(cfg.get("server-port", "4433")) - self.publication_kludge_base = cfg.get(section, "publication-kludge-base", "publication/") + self.publication_kludge_base = cfg.get("publication-kludge-base", "publication/") os.environ["TZ"] = "UTC" time.tzset() @@ -106,13 +106,13 @@ for o,a in opts: if argv: raise RuntimeError, "Unexpected arguments %s" % argv -cfg = rpki.config.parser(cfg_file) -cfg_section = "rpkid" +cfg = rpki.config.parser(cfg_file, "rpkid") -if cfg.has_option(cfg_section, "startup-message"): - rpki.log.info(cfg.get(cfg_section, "startup-message")) +startup_msg = cfg.get("startup-message", "") +if startup_msg: + rpki.log.info(startup_msg) -gctx = global_context(cfg = cfg, section = cfg_section) +gctx = global_context(cfg) rpki.https.server(privateKey = gctx.https_key, certChain = gctx.https_certs, diff --git a/scripts/testbed.1.yaml b/scripts/testbed.1.yaml index 9ec14af9..fa8bd6f8 100644 --- a/scripts/testbed.1.yaml +++ b/scripts/testbed.1.yaml @@ -14,7 +14,6 @@ kids: - name: Alice valid_add: 10 --- -- sleep 1M - name: Alice add_as: 33 valid_add: 2d diff --git a/scripts/testbed.py b/scripts/testbed.py index 06daed15..65b9b968 100644 --- a/scripts/testbed.py +++ b/scripts/testbed.py @@ -40,35 +40,34 @@ if argv: print __doc__ raise RuntimeError, "Unexpected arguments %s" % argv -cfg = rpki.config.parser(cfg_file) -cfg_section = "testbed" +cfg = rpki.config.parser(cfg_file, "testbed") if yaml_script is None: - yaml_script = cfg.get(cfg_section, "yaml_script", "../testbed.1.yaml") + yaml_script = cfg.get("yaml_script", "../testbed.1.yaml") -testbed_name = cfg.get(cfg_section, "testbed_name", "testbed") -testbed_dir = cfg.get(cfg_section, "testbed_dir", testbed_name + ".dir") +testbed_name = cfg.get("testbed_name", "testbed") +testbed_dir = cfg.get("testbed_dir", testbed_name + ".dir") -irdb_db_pass = cfg.get(cfg_section, "irdb_db_pass", "fnord") -rpki_db_pass = cfg.get(cfg_section, "rpki_db_pass", "fnord") +irdb_db_pass = cfg.get("irdb_db_pass", "fnord") +rpki_db_pass = cfg.get("rpki_db_pass", "fnord") -max_engines = cfg.get(cfg_section, "max_engines", 11) -irdb_base_port = cfg.get(cfg_section, "irdb_base_port", 4400) -rpki_base_port = cfg.get(cfg_section, "rpki_base_port", irdb_base_port + max_engines) +max_engines = cfg.get("max_engines", 11) +irdb_base_port = cfg.get("irdb_base_port", 4400) +rpki_base_port = cfg.get("rpki_base_port", irdb_base_port + max_engines) -rootd_port = cfg.get(cfg_section, "rootd_port", rpki_base_port + max_engines) -rootd_name = cfg.get(cfg_section, "rootd_name", "rootd") -rootd_sia = cfg.get(cfg_section, "rootd_sia", "rsync://wombat.invalid/") +rootd_port = cfg.get("rootd_port", rpki_base_port + max_engines) +rootd_name = cfg.get("rootd_name", "rootd") +rootd_sia = cfg.get("rootd_sia", "rsync://wombat.invalid/") -prog_python = cfg.get(cfg_section, "prog_python", "python") -prog_rpkid = cfg.get(cfg_section, "prog_rpkid", "../rpkid.py") -prog_irdbd = cfg.get(cfg_section, "prog_irdbd", "../irdb.py") -prog_poke = cfg.get(cfg_section, "prog_poke", "../testpoke.py") -prog_rootd = cfg.get(cfg_section, "prog_rootd", "../rootd.py") -prog_openssl = cfg.get(cfg_section, "prog_openssl", "../../openssl/openssl/apps/openssl") +prog_python = cfg.get("prog_python", "python") +prog_rpkid = cfg.get("prog_rpkid", "../rpkid.py") +prog_irdbd = cfg.get("prog_irdbd", "../irdb.py") +prog_poke = cfg.get("prog_poke", "../testpoke.py") +prog_rootd = cfg.get("prog_rootd", "../rootd.py") +prog_openssl = cfg.get("prog_openssl", "../../openssl/openssl/apps/openssl") -rpki_sql_file = cfg.get(cfg_section, "rpki_sql_file", "../docs/rpki-db-schema.sql") -irdb_sql_file = cfg.get(cfg_section, "irdb_sql_file", "../docs/sample-irdb.sql") +rpki_sql_file = cfg.get("rpki_sql_file", "../docs/rpki-db-schema.sql") +irdb_sql_file = cfg.get("irdb_sql_file", "../docs/sample-irdb.sql") rpki_sql = open(rpki_sql_file).read() irdb_sql = open(irdb_sql_file).read() |