diff options
| -rw-r--r-- | myrpki/myirbe.py | 9 | ||||
| -rw-r--r-- | myrpki/myrpki.py | 37 | ||||
| -rw-r--r-- | myrpki/schema.py | 5 | ||||
| -rw-r--r-- | myrpki/schema.rnc | 1 | ||||
| -rw-r--r-- | myrpki/schema.rng | 5 | ||||
| -rw-r--r-- | myrpki/yamltest.py | 18 |
6 files changed, 60 insertions, 15 deletions
diff --git a/myrpki/myirbe.py b/myrpki/myirbe.py index a38edb67..d3b81407 100644 --- a/myrpki/myirbe.py +++ b/myrpki/myirbe.py @@ -410,7 +410,9 @@ for xmlfile in xmlfiles: else: pubd_base_uri = rsync_base + my_handle + "/" + handle + "/" - if isinstance(client_pdu, rpki.publication.report_error_elt) or client_pdu.base_uri != pubd_base_uri or client_pdu.bpki_cert != pubd_xcert: + if (isinstance(client_pdu, rpki.publication.report_error_elt) or + client_pdu.base_uri != pubd_base_uri or + client_pdu.bpki_cert != pubd_xcert): pubd_query.append(rpki.publication.client_elt.make_pdu( action = "create" if isinstance(client_pdu, rpki.publication.report_error_elt) else "set", client_handle = handle, @@ -422,6 +424,7 @@ for xmlfile in xmlfiles: parent_handle = parent.get("handle") parent_pdu = parent_pdus.pop(parent_handle, None) parent_uri = parent.get("service_uri") + parent_myhandle = parent.get("myhandle") parent_cms_cert = findbase64(parent, "bpki_cms_certificate") parent_https_cert = findbase64(parent, "bpki_https_certificate") @@ -435,7 +438,7 @@ for xmlfile in xmlfiles: parent_pdu.repository_handle != repository_handle or parent_pdu.peer_contact_uri != parent_uri or parent_pdu.sia_base != parent_sia_base or - parent_pdu.sender_name != handle or + parent_pdu.sender_name != parent_myhandle or parent_pdu.recipient_name != parent_handle or parent_pdu.bpki_cms_cert != parent_cms_cert or parent_pdu.bpki_https_cert != parent_https_cert): @@ -448,7 +451,7 @@ for xmlfile in xmlfiles: repository_handle = repository_handle, peer_contact_uri = parent_uri, sia_base = parent_sia_base, - sender_name = handle, + sender_name = parent_myhandle, recipient_name = parent_handle, bpki_cms_cert = parent_cms_cert, bpki_https_cert = parent_https_cert)) diff --git a/myrpki/myrpki.py b/myrpki/myrpki.py index 504137aa..b1a41b01 100644 --- a/myrpki/myrpki.py +++ b/myrpki/myrpki.py @@ -238,12 +238,20 @@ class parent(object): self.service_uri = None self.bpki_cms_certificate = None self.bpki_https_certificate = None + self.myhandle = None def __repr__(self): - return "<%s uri %s cms %s https %s>" % (self.__class__.__name__, self.service_uri, - self.bpki_cms_certificate, self.bpki_https_certificate) - - def add(self, service_uri = None, bpki_cms_certificate = None, bpki_https_certificate = None): + return "<%s handle %s myhandle %s uri %s cms %s https %s>" % (self.__class__.__name__, + self.handle, + self.myhandle, + self.service_uri, + self.bpki_cms_certificate, + self.bpki_https_certificate) + + def add(self, service_uri = None, + bpki_cms_certificate = None, + bpki_https_certificate = None, + myhandle = None): """ Add service URI or BPKI certificates to this parent object. """ @@ -253,6 +261,8 @@ class parent(object): self.bpki_cms_certificate = bpki_cms_certificate if bpki_https_certificate is not None: self.bpki_https_certificate = bpki_https_certificate + if myhandle is not None: + self.myhandle = myhandle def xml(self, e): """ @@ -260,6 +270,7 @@ class parent(object): """ e2 = SubElement(e, "parent", handle = self.handle, + myhandle = self.myhandle, service_uri = self.service_uri) if self.bpki_cms_certificate: PEMElement(e2, "bpki_cms_certificate", self.bpki_cms_certificate) @@ -272,13 +283,20 @@ class parents(dict): Database of parent objects. """ - def add(self, handle, service_uri = None, bpki_cms_certificate = None, bpki_https_certificate = None): + def add(self, handle, + service_uri = None, + bpki_cms_certificate = None, + bpki_https_certificate = None, + myhandle = None): """ Add service URI or certificates to parent object, creating it if necessary. """ if handle not in self: self[handle] = parent(handle) - self[handle].add(service_uri = service_uri, bpki_cms_certificate = bpki_cms_certificate, bpki_https_certificate = bpki_https_certificate) + self[handle].add(service_uri = service_uri, + bpki_cms_certificate = bpki_cms_certificate, + bpki_https_certificate = bpki_https_certificate, + myhandle = myhandle) def xml(self, e): for c in self.itervalues(): @@ -291,9 +309,12 @@ class parents(dict): """ self = cls() # parentname service_uri parent_bpki_cms_pemfile parent_bpki_https_pemfile - for handle, service_uri, parent_cms_pemfile, parent_https_pemfile in csv_open(parents_csv_file): + for handle, service_uri, parent_cms_pemfile, parent_https_pemfile, myhandle in csv_open(parents_csv_file): self.add(handle = handle, - service_uri = service_uri, bpki_cms_certificate = xcert(parent_cms_pemfile), bpki_https_certificate = xcert(parent_https_pemfile)) + service_uri = service_uri, + bpki_cms_certificate = xcert(parent_cms_pemfile), + bpki_https_certificate = xcert(parent_https_pemfile), + myhandle = myhandle) return self def csv_open(filename): diff --git a/myrpki/schema.py b/myrpki/schema.py index bed5e0df..c3fc3306 100644 --- a/myrpki/schema.py +++ b/myrpki/schema.py @@ -135,6 +135,11 @@ myrpki = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodin </attribute> </optional> <optional> + <attribute name="myhandle"> + <ref name="object_handle"/> + </attribute> + </optional> + <optional> <element name="bpki_cms_certificate"> <ref name="base64"/> </element> diff --git a/myrpki/schema.rnc b/myrpki/schema.rnc index da5f9a12..d19b2023 100644 --- a/myrpki/schema.rnc +++ b/myrpki/schema.rnc @@ -45,6 +45,7 @@ child_elt = element child { parent_elt = element parent { attribute handle { object_handle }, attribute service_uri { uri }?, + attribute myhandle { object_handle }?, element bpki_cms_certificate { base64 }?, element bpki_https_certificate { base64 }? } diff --git a/myrpki/schema.rng b/myrpki/schema.rng index 3d5a94b2..5d60592e 100644 --- a/myrpki/schema.rng +++ b/myrpki/schema.rng @@ -134,6 +134,11 @@ </attribute> </optional> <optional> + <attribute name="myhandle"> + <ref name="object_handle"/> + </attribute> + </optional> + <optional> <element name="bpki_cms_certificate"> <ref name="base64"/> </element> diff --git a/myrpki/yamltest.py b/myrpki/yamltest.py index f1c34b06..1bc6b57c 100644 --- a/myrpki/yamltest.py +++ b/myrpki/yamltest.py @@ -314,17 +314,26 @@ class allocation(object): """ Write children CSV file. """ - self.csvout(fn).writerows((k.name, k.resources.valid_until, k.path("bpki.myrpki/ca.cer")) for k in self.kids) + self.csvout(fn).writerows((k.name, k.resources.valid_until, k.path("bpki.myrpki/ca.cer")) + for k in self.kids) def dump_parents(self, fn): """ Write parents CSV file. """ if self.is_root(): - self.csvout(fn).writerow(("rootd", "https://localhost:%d/" % self.rootd_port, self.path("bpki.rootd/ca.cer"), self.path("bpki.rootd/ca.cer"))) + self.csvout(fn).writerow(("rootd", + "https://localhost:%d/" % self.rootd_port, + self.path("bpki.rootd/ca.cer"), + self.path("bpki.rootd/ca.cer"), + self.name)) else: parent_host = self.parent.hosted_by if self.parent.is_hosted() else self.parent - self.csvout(fn).writerow((self.parent.name, self.up_down_url(), self.parent.path("bpki.myrpki/ca.cer"), parent_host.path("bpki.rpkid/ca.cer"))) + self.csvout(fn).writerow((self.parent.name, + self.up_down_url(), + self.parent.path("bpki.myrpki/ca.cer"), + parent_host.path("bpki.rpkid/ca.cer"), + self.name)) def dump_prefixes(self, fn): """ @@ -368,7 +377,8 @@ class allocation(object): r["rootd", "rpki-base-uri"] = "rsync://localhost:%d/" % self.rsync_port r["rootd", "rpki-root-cert-uri"] = "rsync://localhost:%d/rootd.cer" % self.rsync_port r["rpki_x509_extensions", "subjectInfoAccess"] = ( - "1.3.6.1.5.5.7.48.5;URI:rsync://localhost:%d/,1.3.6.1.5.5.7.48.10;URI:rsync://localhost:%d/Bandicoot.mnf" % + ("1.3.6.1.5.5.7.48.5;URI:rsync://localhost:%d/," + "1.3.6.1.5.5.7.48.10;URI:rsync://localhost:%d/Bandicoot.mnf") % (self.rsync_port, self.rsync_port)) if self.is_root(): |