diff options
| -rw-r--r-- | rpki/pubd.py | 47 | ||||
| -rw-r--r-- | rpki/publication.py | 38 | ||||
| -rw-r--r-- | rpki/relaxng.py | 4 | ||||
| -rw-r--r-- | schemas/relaxng/left-right.rng | 2 | ||||
| -rw-r--r-- | schemas/relaxng/publication-control.rng | 2 |
5 files changed, 55 insertions, 38 deletions
diff --git a/rpki/pubd.py b/rpki/pubd.py index 647b0f68..96a2bb72 100644 --- a/rpki/pubd.py +++ b/rpki/pubd.py @@ -126,8 +126,6 @@ class main(object): self.publication_base = self.cfg.get("publication-base", "publication/") - self.publication_multimodule = self.cfg.getboolean("publication-multimodule", False) - self.rrdp_uri_base = self.cfg.get("rrdp-uri-base", "http://%s/" % socket.getfqdn()) self.rrdp_expiration_interval = rpki.sundial.timedelta.parse(self.cfg.get("rrdp-expiration-interval", "6h")) self.rrdp_publication_base = self.cfg.get("rrdp-publication-base", "rrdp-publication/") @@ -210,17 +208,32 @@ class main(object): if not isinstance(e, rpki.exceptions.NotFound): logger.exception("Exception processing PDU %r", q_pdu) r_msg.append(rpki.publication.report_error_elt.from_exception(e, q_pdu.tag)) - delta.sql_delete() failed = True # - # Need to check "failed" flag here? + # This isn't really right as long as we're using SQL autocommit # - delta.activate() - self.sql.sweep() - self.session.generate_snapshot() - self.session.write_snapshot() - self.session.write_deltas() - self.session.write_notification() + if failed: + # This should SQL rollback + # + # Under current scheme I don't think delta is in SQL yet so this may be wrong + delta.sql_delete() + else: + delta.activate() + self.sql.sweep() + self.session.generate_snapshot() + + # Should SQL commit here + + # These could be merged, and perhaps should be. + self.session.write_snapshot() + self.session.write_deltas() + self.session.write_notification() + + # Somewhere around here is also where we should finally write + # stuff out to rsync store, now that SQL is the publication + # database of record. This may require doing the filesystem + # updates from the delta, but that should be straightforward. + cb(code = 200, body = rpki.publication.cms_msg().wrap(r_msg, self.pubd_key, self.pubd_cert, self.pubd_crl)) except (rpki.async.ExitNow, SystemExit): @@ -230,6 +243,20 @@ class main(object): cb(code = 500, reason = "Could not process PDU: %s" % e) + def uri_to_filename(self, uri): + """ + Convert a URI to a local filename. + """ + + if not uri.startswith("rsync://"): + raise rpki.exceptions.BadURISyntax(uri) + path = uri.split("/")[4:] + path.insert(0, self.publication_base.rstrip("/")) + filename = "/".join(path) + if "/../" in filename or filename.endswith("/.."): + raise rpki.exceptions.BadURISyntax(filename) + return filename + class session_obj(rpki.sql.sql_persistent): """ diff --git a/rpki/publication.py b/rpki/publication.py index 8970ff7a..b28a7421 100644 --- a/rpki/publication.py +++ b/rpki/publication.py @@ -66,25 +66,9 @@ class base_publication_elt(rpki.xml_utils.base_elt, publication_namespace): self._payload = rpki.x509.uri_dispatch(self.uri)(DER = self.der) return self._payload - def uri_to_filename(self): - """ - Convert a URI to a local filename. - """ - - if not self.uri.startswith("rsync://"): - raise rpki.exceptions.BadURISyntax(self.uri) - path = self.uri.split("/")[3:] - if not self.gctx.publication_multimodule: - del path[0] - path.insert(0, self.gctx.publication_base.rstrip("/")) - filename = "/".join(path) - if "/../" in filename or filename.endswith("/.."): - raise rpki.exceptions.BadURISyntax(filename) - return filename - def raise_if_error(self): """ - No-op, since this is not a <report_error/> PDU. + No-op unless this is a <report_error/> PDU. """ pass @@ -124,7 +108,9 @@ class publish_elt(base_publication_elt): logger.info("Publishing %s", self.payload.tracking_data(self.uri)) delta.publish(self.client, self.der, self.uri, self.hash) - filename = self.uri_to_filename() + + # The rest of this shouldn't happen until after the SQL commit + filename = self.gctx.uri_to_filename(self.uri) filename_tmp = filename + ".tmp" dirname = os.path.dirname(filename) if not os.path.isdir(dirname): @@ -148,7 +134,9 @@ class withdraw_elt(base_publication_elt): logger.info("Withdrawing %s", self.uri) delta.withdraw(self.client, self.uri, self.hash) - filename = self.uri_to_filename() + + # The rest of this shouldn't happen until after the SQL commit + filename = self.gctx.uri_to_filename(self.uri) try: os.remove(filename) except OSError, e: @@ -216,11 +204,13 @@ class report_error_elt(rpki.xml_utils.text_elt, publication_namespace): Raise exception associated with this <report_error/> PDU. """ - t = rpki.exceptions.__dict__.get(self.error_code) - if isinstance(t, type) and issubclass(t, rpki.exceptions.RPKI_Exception): - raise t(getattr(self, "text", None)) - else: - raise rpki.exceptions.BadPublicationReply("Unexpected response from pubd: %s" % self) + try: + e = getattr(rpki.exceptions, self.error_code) + if issubclass(e, rpki.exceptions.RPKI_Exception): + raise e(getattr(self, "text", None)) + except (TypeError, AttributeError): + pass + raise rpki.exceptions.BadPublicationReply("Unexpected response from pubd: %s" % self) class msg(rpki.xml_utils.msg, publication_namespace): diff --git a/rpki/relaxng.py b/rpki/relaxng.py index a7bc7578..71e8ade4 100644 --- a/rpki/relaxng.py +++ b/rpki/relaxng.py @@ -6,7 +6,7 @@ from rpki.relaxng_parser import RelaxNGParser ## Parsed RelaxNG left_right schema left_right = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: left-right.rnc 5881 2014-07-03 16:55:02Z sra $ + $Id: left-right.rnc 5903 2014-07-18 17:08:13Z sra $ RelaxNG schema for RPKI left-right protocol. @@ -1485,7 +1485,7 @@ myrpki = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> ## Parsed RelaxNG publication_control schema publication_control = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: publication-control.rnc 5883 2014-07-03 19:21:31Z sra $ + $Id: publication-control.rnc 5903 2014-07-18 17:08:13Z sra $ RelaxNG schema for RPKI publication protocol. diff --git a/schemas/relaxng/left-right.rng b/schemas/relaxng/left-right.rng index 31bea740..15dd2fa1 100644 --- a/schemas/relaxng/left-right.rng +++ b/schemas/relaxng/left-right.rng @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: left-right.rnc 5881 2014-07-03 16:55:02Z sra $ + $Id: left-right.rnc 5903 2014-07-18 17:08:13Z sra $ RelaxNG schema for RPKI left-right protocol. diff --git a/schemas/relaxng/publication-control.rng b/schemas/relaxng/publication-control.rng index 16ec2371..606deb53 100644 --- a/schemas/relaxng/publication-control.rng +++ b/schemas/relaxng/publication-control.rng @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: publication-control.rnc 5883 2014-07-03 19:21:31Z sra $ + $Id: publication-control.rnc 5903 2014-07-18 17:08:13Z sra $ RelaxNG schema for RPKI publication protocol. |