diff options
| -rw-r--r-- | ca/rpki.wsgi | 4 | ||||
| -rw-r--r-- | rpki/django_settings/common.py | 4 | ||||
| -rw-r--r-- | rpki/irdb/__init__.py | 1 | ||||
| -rw-r--r-- | rpki/irdb/models.py | 10 | ||||
| -rw-r--r-- | rpki/irdb/router.py | 2 | ||||
| -rw-r--r-- | rpki/irdb/zookeeper.py | 116 | ||||
| -rw-r--r-- | rpki/irdbd.py | 12 | ||||
| -rw-r--r-- | rpki/pubd.py | 18 | ||||
| -rw-r--r-- | rpki/pubdb/__init__.py | 21 | ||||
| -rw-r--r-- | rpki/pubdb/models.py | 2 | ||||
| -rw-r--r-- | rpki/rpkic.py | 32 | ||||
| -rw-r--r-- | rpki/x509.py | 1 |
12 files changed, 102 insertions, 121 deletions
diff --git a/ca/rpki.wsgi b/ca/rpki.wsgi index 8c3481ef..487650f7 100644 --- a/ca/rpki.wsgi +++ b/ca/rpki.wsgi @@ -39,7 +39,7 @@ os.environ['DISABLE_SETPROCTITLE'] = 'yes' if not os.environ.get('PYTHON_EGG_CACHE') and rpki.autoconf.WSGI_PYTHON_EGG_CACHE_DIR: os.environ['PYTHON_EGG_CACHE'] = rpki.autoconf.WSGI_PYTHON_EGG_CACHE_DIR -import django.core.handlers.wsgi -application = django.core.handlers.wsgi.WSGIHandler() +from django.core.wsgi import get_wsgi_application +application = get_wsgi_application() # vim:ft=python diff --git a/rpki/django_settings/common.py b/rpki/django_settings/common.py index a1d54c71..d410d984 100644 --- a/rpki/django_settings/common.py +++ b/rpki/django_settings/common.py @@ -61,6 +61,10 @@ if os.getenv("RPKI_DJANGO_DEBUG") == "yes": # we don't require South. +# Silence whining about MIDDLEWARE_CLASSES + +MIDDLEWARE_CLASSES = () + # That would be it if we just need the ORM, but Django throws a hissy # fit if SECRET_KEY isn't set, whether we use it for anything or not. # diff --git a/rpki/irdb/__init__.py b/rpki/irdb/__init__.py index 7f3b880e..25dedfe3 100644 --- a/rpki/irdb/__init__.py +++ b/rpki/irdb/__init__.py @@ -21,6 +21,5 @@ Python package, so humor it. # pylint: disable=W0401 -from rpki.irdb.models import * from rpki.irdb.zookeeper import Zookeeper from rpki.irdb.router import DBContextRouter, database diff --git a/rpki/irdb/models.py b/rpki/irdb/models.py index b88b0ad8..ac65f0bc 100644 --- a/rpki/irdb/models.py +++ b/rpki/irdb/models.py @@ -405,12 +405,12 @@ class Child(CrossCertification, ResourceSet): name = django.db.models.TextField(null = True, blank = True) def _select_resource_bag(self): - child_asn = rpki.irdb.ChildASN.objects.raw(""" + child_asn = rpki.irdb.models.ChildASN.objects.raw(""" SELECT * FROM irdb_childasn WHERE child_id = %s """, [self.id]) - child_net = list(rpki.irdb.ChildNet.objects.raw(""" + child_net = list(rpki.irdb.models.ChildNet.objects.raw(""" SELECT * FROM irdb_childnet WHERE child_id = %s @@ -450,7 +450,7 @@ class ROARequest(django.db.models.Model): @property def roa_prefix_bag(self): - prefixes = list(rpki.irdb.ROARequestPrefix.objects.raw(""" + prefixes = list(rpki.irdb.models.ROARequestPrefix.objects.raw(""" SELECT * FROM irdb_roarequestprefix WHERE roa_request_id = %s @@ -496,12 +496,12 @@ class EECertificateRequest(ResourceSet): eku = django.db.models.TextField(null = True) def _select_resource_bag(self): - ee_asn = rpki.irdb.EECertificateRequestASN.objects.raw(""" + ee_asn = rpki.irdb.models.EECertificateRequestASN.objects.raw(""" SELECT * FROM irdb_eecertificaterequestasn WHERE ee_certificate_request_id = %s """, [self.id]) - ee_net = rpki.irdb.EECertificateRequestNet.objects.raw(""" + ee_net = rpki.irdb.models.EECertificateRequestNet.objects.raw(""" SELECT * FROM irdb_eecertificaterequestnet WHERE ee_certificate_request_id = %s diff --git a/rpki/irdb/router.py b/rpki/irdb/router.py index 97e3d0b7..0aaf53ce 100644 --- a/rpki/irdb/router.py +++ b/rpki/irdb/router.py @@ -58,7 +58,7 @@ class DBContextRouter(object): else: return None - def allow_syncdb(self, db, model): + def allow_migrate(self, db, model): if db == self._database and model._meta.app_label == self._app: return True else: diff --git a/rpki/irdb/zookeeper.py b/rpki/irdb/zookeeper.py index 015661b9..c1e67474 100644 --- a/rpki/irdb/zookeeper.py +++ b/rpki/irdb/zookeeper.py @@ -258,7 +258,7 @@ class Zookeeper(object): if self.handle is None: raise HandleNotSet - return rpki.irdb.ResourceHolderCA.objects.get(handle = self.handle) + return rpki.irdb.models.ResourceHolderCA.objects.get(handle = self.handle) @property @@ -267,7 +267,7 @@ class Zookeeper(object): Get ServerCA object. """ - return rpki.irdb.ServerCA.objects.get() + return rpki.irdb.models.ServerCA.objects.get() @django.db.transaction.atomic @@ -279,15 +279,15 @@ class Zookeeper(object): """ if self.run_rpkid or self.run_pubd: - server_ca, created = rpki.irdb.ServerCA.objects.get_or_certify() - rpki.irdb.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "irbe") + server_ca, created = rpki.irdb.models.ServerCA.objects.get_or_certify() + rpki.irdb.models.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "irbe") if self.run_rpkid: - rpki.irdb.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "rpkid") - rpki.irdb.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "irdbd") + rpki.irdb.models.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "rpkid") + rpki.irdb.models.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "irdbd") if self.run_pubd: - rpki.irdb.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "pubd") + rpki.irdb.models.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "pubd") @django.db.transaction.atomic @@ -304,7 +304,7 @@ class Zookeeper(object): resource-holding BPKI idenity if needed. """ - resource_ca, created = rpki.irdb.ResourceHolderCA.objects.get_or_certify(handle = self.handle) + resource_ca, created = rpki.irdb.models.ResourceHolderCA.objects.get_or_certify(handle = self.handle) return self.generate_identity() @@ -353,7 +353,7 @@ class Zookeeper(object): assert self.run_rpkid and self.run_pubd and self.run_rootd - rpki.irdb.Rootd.objects.get_or_certify( + rpki.irdb.models.Rootd.objects.get_or_certify( issuer = self.resource_ca, service_uri = "http://localhost:%s/" % self.cfg.get("rootd_server_port", section = myrpki_section)) @@ -374,7 +374,7 @@ class Zookeeper(object): self.resource_ca.repositories.get(handle = self.handle) return None - except rpki.irdb.Repository.DoesNotExist: + except rpki.irdb.models.Repository.DoesNotExist: e = Element("repository", type = "offer", handle = self.handle, parent_handle = self.handle) B64Element(e, "bpki_client_ta", self.resource_ca.certificate) return etree_wrapper(e, msg = 'This is the "repository offer" file for you to use if you want to publish in your own repository') @@ -408,15 +408,15 @@ class Zookeeper(object): if self.run_rootd: try: - rootd = rpki.irdb.ResourceHolderCA.objects.get(handle = self.handle).rootd + rootd = rpki.irdb.models.ResourceHolderCA.objects.get(handle = self.handle).rootd writer(self.cfg.get("bpki-ta", section = rootd_section), self.server_ca.certificate) writer(self.cfg.get("rootd-bpki-crl", section = rootd_section), self.server_ca.latest_crl) writer(self.cfg.get("rootd-bpki-key", section = rootd_section), rootd.private_key) writer(self.cfg.get("rootd-bpki-cert", section = rootd_section), rootd.certificate) writer(self.cfg.get("child-bpki-cert", section = rootd_section), rootd.issuer.certificate) - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: self.log("rootd enabled but resource holding entity not yet configured, skipping rootd setup") - except rpki.irdb.Rootd.DoesNotExist: + except rpki.irdb.models.Rootd.DoesNotExist: self.log("rootd enabled but not yet configured, skipping rootd setup") @@ -434,17 +434,17 @@ class Zookeeper(object): Most likely this should be run under cron. """ - for model in (rpki.irdb.ServerCA, - rpki.irdb.ResourceHolderCA, - rpki.irdb.ServerEE, - rpki.irdb.Referral, - rpki.irdb.Rootd, - rpki.irdb.HostedCA, - rpki.irdb.BSC, - rpki.irdb.Child, - rpki.irdb.Parent, - rpki.irdb.Client, - rpki.irdb.Repository): + for model in (rpki.irdb.models.ServerCA, + rpki.irdb.models.ResourceHolderCA, + rpki.irdb.models.ServerEE, + rpki.irdb.models.Referral, + rpki.irdb.models.Rootd, + rpki.irdb.models.HostedCA, + rpki.irdb.models.BSC, + rpki.irdb.models.Child, + rpki.irdb.models.Parent, + rpki.irdb.models.Client, + rpki.irdb.models.Repository): for obj in model.objects.all(): self.log("Regenerating BPKI certificate %s" % obj.certificate.getSubject()) obj.avow() @@ -454,7 +454,7 @@ class Zookeeper(object): self.server_ca.generate_crl() self.server_ca.save() - for ca in rpki.irdb.ResourceHolderCA.objects.all(): + for ca in rpki.irdb.models.ResourceHolderCA.objects.all(): self.log("Regenerating BPKI CRL for Resource Holder %s" % ca.handle) ca.generate_crl() ca.save() @@ -493,14 +493,14 @@ class Zookeeper(object): if self.run_rpkid: q_msg = self._compose_left_right_query() - for ca in rpki.irdb.ResourceHolderCA.objects.all(): + for ca in rpki.irdb.models.ResourceHolderCA.objects.all(): q_pdu = SubElement(q_msg, rpki.left_right.tag_self, action = "set", tag = "%s__self" % ca.handle, self_handle = ca.handle) SubElement(q_pdu, rpki.left_right.tag_bpki_cert).text = ca.certificate.get_Base64() - for bsc in rpki.irdb.BSC.objects.all(): + for bsc in rpki.irdb.models.BSC.objects.all(): q_pdu = SubElement(q_msg, rpki.left_right.tag_bsc, action = "set", tag = "%s__bsc__%s" % (bsc.issuer.handle, bsc.handle), @@ -509,7 +509,7 @@ class Zookeeper(object): SubElement(q_pdu, rpki.left_right.tag_signing_cert).text = bsc.certificate.get_Base64() SubElement(q_pdu, rpki.left_right.tag_signing_cert_crl).text = bsc.issuer.latest_crl.get_Base64() - for repository in rpki.irdb.Repository.objects.all(): + for repository in rpki.irdb.models.Repository.objects.all(): q_pdu = SubElement(q_msg, rpki.left_right.tag_repository, action = "set", tag = "%s__repository__%s" % (repository.issuer.handle, repository.handle), @@ -517,7 +517,7 @@ class Zookeeper(object): repository_handle = repository.handle) SubElement(q_pdu, rpki.left_right.tag_bpki_cert).text = repository.certificate.get_Base64() - for parent in rpki.irdb.Parent.objects.all(): + for parent in rpki.irdb.models.Parent.objects.all(): q_pdu = SubElement(q_msg, rpki.left_right.tag_parent, action = "set", tag = "%s__parent__%s" % (parent.issuer.handle, parent.handle), @@ -525,7 +525,7 @@ class Zookeeper(object): parent_handle = parent.handle) SubElement(q_pdu, rpki.left_right.tag_bpki_cms_cert).text = parent.certificate.get_Base64() - for rootd in rpki.irdb.Rootd.objects.all(): + for rootd in rpki.irdb.models.Rootd.objects.all(): q_pdu = SubElement(q_msg, rpki.left_right.tag_parent, action = "set", tag = "%s__rootd" % rootd.issuer.handle, @@ -533,7 +533,7 @@ class Zookeeper(object): parent_handle = rootd.issuer.handle) SubElement(q_pdu, rpki.left_right.tag_bpki_cms_cert).text = rootd.certificate.get_Base64() - for child in rpki.irdb.Child.objects.all(): + for child in rpki.irdb.models.Child.objects.all(): q_pdu = SubElement(q_msg, rpki.left_right.tag_child, action = "set", tag = "%s__child__%s" % (child.issuer.handle, child.handle), @@ -580,7 +580,7 @@ class Zookeeper(object): self.log("Child calls itself %r, we call it %r" % (c.get("handle"), child_handle)) - child, created = rpki.irdb.Child.objects.get_or_certify( + child, created = rpki.irdb.models.Child.objects.get_or_certify( issuer = self.resource_ca, handle = child_handle, ta = rpki.x509.X509(Base64 = c.findtext("bpki_ta")), @@ -611,7 +611,7 @@ class Zookeeper(object): repo = self.resource_ca.repositories.get(handle = self.default_repository) else: repo = self.resource_ca.repositories.get() - except rpki.irdb.Repository.DoesNotExist: + except rpki.irdb.models.Repository.DoesNotExist: repo = None if repo is None: @@ -622,7 +622,7 @@ class Zookeeper(object): else: proposed_sia_base = repo.sia_base + child.handle + "/" - referral_cert, created = rpki.irdb.Referral.objects.get_or_certify(issuer = self.resource_ca) + referral_cert, created = rpki.irdb.models.Referral.objects.get_or_certify(issuer = self.resource_ca) auth = rpki.x509.SignedReferral() auth.set_content(B64Element(None, myrpki_xmlns + "referral", child.ta, version = myrpki_version, @@ -681,7 +681,7 @@ class Zookeeper(object): self.log("Parent calls itself %r, we call it %r" % (p.get("parent_handle"), parent_handle)) self.log("Parent calls us %r" % p.get("child_handle")) - parent, created = rpki.irdb.Parent.objects.get_or_certify( + parent, created = rpki.irdb.models.Parent.objects.get_or_certify( issuer = self.resource_ca, handle = parent_handle, child_handle = p.get("child_handle"), @@ -755,25 +755,25 @@ class Zookeeper(object): if rpki.x509.X509(Base64 = referral_xml.text) != client_ta: raise BadXMLMessage("Referral trust anchor does not match") sia_base = referral_xml.get("authorized_sia_base") - except rpki.irdb.Client.DoesNotExist: + except rpki.irdb.models.Client.DoesNotExist: self.log("We have no record of the client (%s) alleged to have made this referral" % auth.get("referrer")) if sia_base is None and client.get("type") == "offer": self.log("This looks like an offer, checking") try: - parent = rpki.irdb.ResourceHolderCA.objects.get(children__ta__exact = client_ta) + parent = rpki.irdb.models.ResourceHolderCA.objects.get(children__ta__exact = client_ta) if "/" in parent.repositories.get(ta = self.server_ca.certificate).client_handle: self.log("Client's parent is not top-level, this is not a valid offer") else: self.log("Found client and its parent, nesting") sia_base = "rsync://%s/%s/%s/%s/" % (self.rsync_server, self.rsync_module, parent.handle, client.get("handle")) - except rpki.irdb.Repository.DoesNotExist: + except rpki.irdb.models.Repository.DoesNotExist: self.log("Found client's parent, but repository isn't set, this shouldn't happen!") - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: try: - rpki.irdb.Rootd.objects.get(issuer__certificate__exact = client_ta) - except rpki.irdb.Rootd.DoesNotExist: + rpki.irdb.models.Rootd.objects.get(issuer__certificate__exact = client_ta) + except rpki.irdb.models.Rootd.DoesNotExist: self.log("We don't host this client's parent, so we didn't make this offer") else: self.log("This client's parent is rootd") @@ -792,7 +792,7 @@ class Zookeeper(object): self.log("Client calls itself %r, we call it %r" % (client.get("handle"), client_handle)) self.log("Client says its parent handle is %r" % parent_handle) - client, created = rpki.irdb.Client.objects.get_or_certify( + client, created = rpki.irdb.models.Client.objects.get_or_certify( issuer = self.server_ca, handle = client_handle, parent_handle = parent_handle, @@ -857,11 +857,11 @@ class Zookeeper(object): else: turtle = self.resource_ca.parents.get(handle = parent_handle) - except (rpki.irdb.Parent.DoesNotExist, rpki.irdb.Rootd.DoesNotExist): + except (rpki.irdb.models.Parent.DoesNotExist, rpki.irdb.models.Rootd.DoesNotExist): self.log("Could not find parent %r in our database" % parent_handle) else: - rpki.irdb.Repository.objects.get_or_certify( + rpki.irdb.models.Repository.objects.get_or_certify( issuer = self.resource_ca, handle = parent_handle, client_handle = r.get("client_handle"), @@ -928,19 +928,19 @@ class Zookeeper(object): for handle, prefixes in grouped.iteritems(): try: child = self.resource_ca.children.get(handle = handle) - except rpki.irdb.Child.DoesNotExist: + except rpki.irdb.models.Child.DoesNotExist: if not ignore_missing_children: raise else: for prefix in rset(",".join(prefixes)): - obj, created = rpki.irdb.ChildNet.objects.get_or_create( + obj, created = rpki.irdb.models.ChildNet.objects.get_or_create( child = child, start_ip = str(prefix.min), end_ip = str(prefix.max), version = version) primary_keys.append(obj.pk) - q = rpki.irdb.ChildNet.objects + q = rpki.irdb.models.ChildNet.objects q = q.filter(child__issuer__exact = self.resource_ca) q = q.exclude(pk__in = primary_keys) q.delete() @@ -964,18 +964,18 @@ class Zookeeper(object): for handle, asns in grouped.iteritems(): try: child = self.resource_ca.children.get(handle = handle) - except rpki.irdb.Child.DoesNotExist: + except rpki.irdb.models.Child.DoesNotExist: if not ignore_missing_children: raise else: for asn in rpki.resource_set.resource_set_as(",".join(asns)): - obj, created = rpki.irdb.ChildASN.objects.get_or_create( + obj, created = rpki.irdb.models.ChildASN.objects.get_or_create( child = child, start_as = str(asn.min), end_as = str(asn.max)) primary_keys.append(obj.pk) - q = rpki.irdb.ChildASN.objects + q = rpki.irdb.models.ChildASN.objects q = q.filter(child__issuer__exact = self.resource_ca) q = q.exclude(pk__in = primary_keys) q.delete() @@ -1142,7 +1142,7 @@ class Zookeeper(object): if self.run_rpkid: q_msg = self._compose_left_right_query() - for ca in rpki.irdb.ResourceHolderCA.objects.all(): + for ca in rpki.irdb.models.ResourceHolderCA.objects.all(): SubElement(q_msg, rpki.left_right.tag_self, action = "set", self_handle = ca.handle, clear_replay_protection = "yes") self.call_rpkid(q_msg) @@ -1214,7 +1214,7 @@ class Zookeeper(object): <self run_now="yes"/> operation. """ - for ca in rpki.irdb.ResourceHolderCA.objects.all(): + for ca in rpki.irdb.models.ResourceHolderCA.objects.all(): self.synchronize_rpkid_one_ca_core(ca, ca.handle in handles_to_poke) self.synchronize_pubd_core() self.synchronize_rpkid_deleted_core() @@ -1320,7 +1320,7 @@ class Zookeeper(object): q_msg = self._compose_left_right_query() - self_cert, created = rpki.irdb.HostedCA.objects.get_or_certify( + self_cert, created = rpki.irdb.models.HostedCA.objects.get_or_certify( issuer = self.server_ca, hosted = ca) @@ -1373,7 +1373,7 @@ class Zookeeper(object): bsc_pkcs10 = bsc_pdu.find(rpki.left_right.tag_pkcs10_request) assert bsc_pkcs10 is not None - bsc, created = rpki.irdb.BSC.objects.get_or_certify( + bsc, created = rpki.irdb.models.BSC.objects.get_or_certify( issuer = ca, handle = bsc_handle, pkcs10 = rpki.x509.PKCS10(Base64 = bsc_pkcs10.text)) @@ -1449,7 +1449,7 @@ class Zookeeper(object): recipient_name = parent.parent_handle) SubElement(q_pdu, rpki.left_right.tag_bpki_cms_cert).text = parent.certificate.get_Base64() - except rpki.irdb.Repository.DoesNotExist: + except rpki.irdb.models.Repository.DoesNotExist: pass try: @@ -1477,7 +1477,7 @@ class Zookeeper(object): recipient_name = ca.handle) SubElement(q_pdu, rpki.left_right.tag_bpki_cms_cert).text = ca.rootd.certificate.get_Base64() - except rpki.irdb.Rootd.DoesNotExist: + except rpki.irdb.models.Rootd.DoesNotExist: pass for parent_handle in parent_pdus: @@ -1562,7 +1562,7 @@ class Zookeeper(object): # rootd instances are also a weird sort of client - for rootd in rpki.irdb.Rootd.objects.all(): + for rootd in rpki.irdb.models.Rootd.objects.all(): client_handle = rootd.issuer.handle + "-root" client_pdu = client_pdus.pop(client_handle, None) @@ -1601,7 +1601,7 @@ class Zookeeper(object): self.call_rpkid(q_msg) self_handles = set(s.get("self_handle") for s in r_msg) - ca_handles = set(ca.handle for ca in rpki.irdb.ResourceHolderCA.objects.all()) + ca_handles = set(ca.handle for ca in rpki.irdb.models.ResourceHolderCA.objects.all()) assert ca_handles <= self_handles q_msg = self._compose_left_right_query() diff --git a/rpki/irdbd.py b/rpki/irdbd.py index 4196f346..703e551c 100644 --- a/rpki/irdbd.py +++ b/rpki/irdbd.py @@ -45,7 +45,7 @@ class main(object): def handle_list_resources(self, q_pdu, r_msg): self_handle = q_pdu.get("self_handle") child_handle = q_pdu.get("child_handle") - child = rpki.irdb.Child.objects.get( + child = rpki.irdb.models.Child.objects.get( issuer__handle__exact = self_handle, handle = child_handle) resources = child.resource_bag @@ -60,7 +60,7 @@ class main(object): def handle_list_roa_requests(self, q_pdu, r_msg): self_handle = q_pdu.get("self_handle") - for request in rpki.irdb.ROARequest.objects.raw(""" + for request in rpki.irdb.models.ROARequest.objects.raw(""" SELECT irdb_roarequest.* FROM irdb_roarequest, irdb_resourceholderca WHERE irdb_roarequest.issuer_id = irdb_resourceholderca.id @@ -77,11 +77,11 @@ class main(object): def handle_list_ghostbuster_requests(self, q_pdu, r_msg): self_handle = q_pdu.get("self_handle") parent_handle = q_pdu.get("parent_handle") - ghostbusters = rpki.irdb.GhostbusterRequest.objects.filter( + ghostbusters = rpki.irdb.models.GhostbusterRequest.objects.filter( issuer__handle__exact = self_handle, parent__handle__exact = parent_handle) if ghostbusters.count() == 0: - ghostbusters = rpki.irdb.GhostbusterRequest.objects.filter( + ghostbusters = rpki.irdb.models.GhostbusterRequest.objects.filter( issuer__handle__exact = self_handle, parent = None) for ghostbuster in ghostbusters: @@ -92,7 +92,7 @@ class main(object): def handle_list_ee_certificate_requests(self, q_pdu, r_msg): self_handle = q_pdu.get("self_handle") - for ee_req in rpki.irdb.EECertificateRequest.objects.filter(issuer__handle__exact = self_handle): + for ee_req in rpki.irdb.models.EECertificateRequest.objects.filter(issuer__handle__exact = self_handle): resources = ee_req.resource_bag r_pdu = SubElement(r_msg, q_pdu.tag, self_handle = self_handle, gski = ee_req.gski, valid_until = ee_req.valid_until.strftime("%Y-%m-%dT%H:%M:%SZ"), @@ -111,7 +111,7 @@ class main(object): from django.db import connection connection.cursor() # Reconnect to mysqld if necessary self.start_new_transaction() - serverCA = rpki.irdb.ServerCA.objects.get() + serverCA = rpki.irdb.models.ServerCA.objects.get() rpkid = serverCA.ee_certificates.get(purpose = "rpkid") irdbd = serverCA.ee_certificates.get(purpose = "irdbd") q_cms = rpki.left_right.cms_msg_no_sax(DER = q_der) diff --git a/rpki/pubd.py b/rpki/pubd.py index 335e9174..21f36be4 100644 --- a/rpki/pubd.py +++ b/rpki/pubd.py @@ -119,9 +119,9 @@ class main(object): "rrdp-publication/") try: - self.session = rpki.pubdb.Session.objects.get() - except rpki.pubdb.Session.DoesNotExist: - self.session = rpki.pubdb.Session.objects.create(uuid = str(uuid.uuid4()), serial = 0) + self.session = rpki.pubdb.models.Session.objects.get() + except rpki.pubdb.models.Session.DoesNotExist: + self.session = rpki.pubdb.models.Session.objects.create(uuid = str(uuid.uuid4()), serial = 0) rpki.http_simple.server( host = self.http_server_host, @@ -163,9 +163,9 @@ class main(object): if action in ("get", "list"): if action == "get": - clients = rpki.pubdb.Client.objects.get(client_handle = client_handle), + clients = rpki.pubdb.models.Client.objects.get(client_handle = client_handle), else: - clients = rpki.pubdb.Client.objects.all() + clients = rpki.pubdb.models.Client.objects.all() for client in clients: r_pdu = SubElement(r_msg, q_pdu.tag, action = action, client_handle = client.client_handle, base_uri = client.base_uri) @@ -177,9 +177,9 @@ class main(object): if action in ("create", "set"): if action == "create": - client = rpki.pubdb.Client(client_handle = client_handle) + client = rpki.pubdb.models.Client(client_handle = client_handle) else: - client = rpki.pubdb.Client.objects.get(client_handle = client_handle) + client = rpki.pubdb.models.Client.objects.get(client_handle = client_handle) if q_pdu.get("base_uri"): client.base_uri = q_pdu.get("base_uri") bpki_cert = q_pdu.find(rpki.publication_control.tag_bpki_cert) @@ -199,7 +199,7 @@ class main(object): r_pdu.set("tag", q_pdu.get("tag")) if action == "destroy": - rpki.pubdb.Client.objects.filter(client_handle = client_handle).delete() + rpki.pubdb.models.Client.objects.filter(client_handle = client_handle).delete() r_pdu = SubElement(r_msg, q_pdu.tag, action = action, client_handle = client_handle) if q_pdu.get("tag"): r_pdu.set("tag", q_pdu.get("tag")) @@ -232,7 +232,7 @@ class main(object): match = self.client_url_regexp.search(request.path) if match is None: raise rpki.exceptions.BadContactURL("Bad path: %s" % request.path) - client = rpki.pubdb.Client.objects.get(client_handle = match.group(1)) + client = rpki.pubdb.models.Client.objects.get(client_handle = match.group(1)) q_cms = rpki.publication.cms_msg_no_sax(DER = q_der) q_msg = q_cms.unwrap((self.bpki_ta, client.bpki_cert, client.bpki_glue)) client.last_cms_timestamp = q_cms.check_replay(client.last_cms_timestamp, client.client_handle) diff --git a/rpki/pubdb/__init__.py b/rpki/pubdb/__init__.py index 2c83051f..e69de29b 100644 --- a/rpki/pubdb/__init__.py +++ b/rpki/pubdb/__init__.py @@ -1,21 +0,0 @@ -# $Id$ -# -# Copyright (C) 2014 Dragon Research Labs ("DRL") -# -# Permission to use, copy, modify, and/or distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -""" -Package for Django ORM models relating to pubd. -""" - -from rpki.pubdb.models import * diff --git a/rpki/pubdb/models.py b/rpki/pubdb/models.py index ce42c688..c6196eab 100644 --- a/rpki/pubdb/models.py +++ b/rpki/pubdb/models.py @@ -249,7 +249,7 @@ class Delta(models.Model): raise rpki.exceptions.ExistingObjectAtURI("Object already published at %s" % uri) else: raise rpki.exceptions.DifferentObjectAtURI("Found different object at %s (old %s, new %s)" % (uri, obj.hash, hash)) - except rpki.pubdb.PublishedObject.DoesNotExist: + except rpki.pubdb.models.PublishedObject.DoesNotExist: pass logger.debug("Publishing %s", uri) PublishedObject.objects.create(session = self.session, client = client, der = der, uri = uri, diff --git a/rpki/rpkic.py b/rpki/rpkic.py index 33f9e03e..3f899f45 100644 --- a/rpki/rpkic.py +++ b/rpki/rpkic.py @@ -206,7 +206,7 @@ class main(Cmd): self.zoo.reset_identity(args.handle) def complete_select_identity(self, *args): - return self.irdb_handle_complete(rpki.irdb.ResourceHolderCA.objects, *args) + return self.irdb_handle_complete(rpki.irdb.models.ResourceHolderCA.objects, *args) @parsecmd(argsubparsers) @@ -317,9 +317,9 @@ class main(Cmd): try: self.zoo.delete_child(args.child_handle) self.zoo.synchronize_ca() - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: print "No such resource holder \"%s\"" % self.zoo.handle - except rpki.irdb.Child.DoesNotExist: + except rpki.irdb.models.Child.DoesNotExist: print "No such child \"%s\"" % args.child_handle def complete_delete_child(self, *args): @@ -362,9 +362,9 @@ class main(Cmd): try: self.zoo.delete_parent(args.parent_handle) self.zoo.synchronize_ca() - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: print "No such resource holder \"%s\"" % self.zoo.handle - except rpki.irdb.Parent.DoesNotExist: + except rpki.irdb.models.Parent.DoesNotExist: print "No such parent \"%s\"" % args.parent_handle def complete_delete_parent(self, *args): @@ -398,9 +398,9 @@ class main(Cmd): try: self.zoo.delete_rootd() self.zoo.synchronize_ca() - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: print "No such resource holder \"%s\"" % self.zoo.handle - except rpki.irdb.Rootd.DoesNotExist: + except rpki.irdb.models.Rootd.DoesNotExist: print "No associated rootd" @@ -421,7 +421,7 @@ class main(Cmd): r.save("%s.repository-response.xml" % client_handle.replace("/", "."), sys.stdout) try: self.zoo.synchronize_pubd() - except rpki.irdb.Repository.DoesNotExist: + except rpki.irdb.models.Repository.DoesNotExist: pass @@ -435,9 +435,9 @@ class main(Cmd): try: self.zoo.delete_publication_client(args.client_handle) self.zoo.synchronize_pubd() - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: print "No such resource holder \"%s\"" % self.zoo.handle - except rpki.irdb.Client.DoesNotExist: + except rpki.irdb.models.Client.DoesNotExist: print "No such client \"%s\"" % args.client_handle def complete_delete_publication_client(self, *args): @@ -471,9 +471,9 @@ class main(Cmd): try: self.zoo.delete_repository(args.repository_handle) self.zoo.synchronize_ca() - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: print "No such resource holder \"%s\"" % self.zoo.handle - except rpki.irdb.Repository.DoesNotExist: + except rpki.irdb.models.Repository.DoesNotExist: print "No such repository \"%s\"" % args.repository_handle def complete_delete_repository(self, *args): @@ -489,7 +489,7 @@ class main(Cmd): try: self.zoo.delete_self() self.zoo.synchronize_deleted_ca() - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: print "No such resource holder \"%s\"" % self.zoo.handle @@ -718,9 +718,9 @@ class main(Cmd): self.zoo.delete_router_certificate_request(args.gski) if self.autosync: self.zoo.run_rpkid_now() - except rpki.irdb.ResourceHolderCA.DoesNotExist: + except rpki.irdb.models.ResourceHolderCA.DoesNotExist: print "No such resource holder \"%s\"" % self.zoo.handle - except rpki.irdb.EECertificateRequest.DoesNotExist: + except rpki.irdb.models.EECertificateRequest.DoesNotExist: print "No certificate request matching g(SKI) \"%s\"" % args.gski def complete_delete_router_certificate_request(self, text, line, begidx, endidx): @@ -862,6 +862,6 @@ class main(Cmd): List all <self/> handles in this rpkid instance. """ - for ca in rpki.irdb.ResourceHolderCA.objects.all(): + for ca in rpki.irdb.models.ResourceHolderCA.objects.all(): print ca.handle diff --git a/rpki/x509.py b/rpki/x509.py index 686ddf88..34cf6726 100644 --- a/rpki/x509.py +++ b/rpki/x509.py @@ -822,7 +822,6 @@ class X509(DER_object): assert sia is not None or not is_ca if sia is not None: - logger.debug("_issue() sia: %r", sia) caRepository, rpkiManifest, signedObject, rpkiNotify = sia cert.setSIA( (caRepository,) if isinstance(caRepository, str) else caRepository, |