diff options
| -rw-r--r-- | rpkid/Makefile.in | 5 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/glue.py | 99 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/templates/rpkigui/asn_view.html | 16 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/templates/rpkigui/child_view.html | 12 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/templates/rpkigui/dashboard.html | 4 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/templates/rpkigui/parent_view.html | 7 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/templates/rpkigui/prefix_view.html | 35 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/urls.py | 1 | ||||
| -rw-r--r-- | rpkid/rpki/gui/app/views.py | 10 |
9 files changed, 150 insertions, 39 deletions
diff --git a/rpkid/Makefile.in b/rpkid/Makefile.in index 11012218..f971b3ad 100644 --- a/rpkid/Makefile.in +++ b/rpkid/Makefile.in @@ -45,7 +45,7 @@ SCRIPTS = rpki-sql-backup rpki-sql-setup rpki-start-servers irbe_cli irdbd myrpk pubd rootd rpkid portal-gui/scripts/rpkigui-load-csv \ portal-gui/scripts/rpkigui-add-user portal-gui/scripts/rpkigui-response -AUX_SCRIPTS = portal-gui/scripts/rpkigui-list-resources +AUX_SCRIPTS = SETTINGS = rpki/gui/settings.py rpki/gui/app/settings.py @@ -224,9 +224,6 @@ rootd: rootd.py rpkid: rpkid.py ${COMPILE_PYWRAP} -portal-gui/scripts/rpkigui-list-resources: portal-gui/scripts/list_resources.py - ${COMPILE_PYTHON} - portal-gui/scripts/rpkigui-load-csv: portal-gui/scripts/load_csv.py ${COMPILE_PYTHON} diff --git a/rpkid/rpki/gui/app/glue.py b/rpkid/rpki/gui/app/glue.py index 70ec255e..9245fa71 100644 --- a/rpkid/rpki/gui/app/glue.py +++ b/rpkid/rpki/gui/app/glue.py @@ -20,6 +20,7 @@ PERFORMANCE OF THIS SOFTWARE. from __future__ import with_statement import os, os.path, csv, stat, sys +from datetime import datetime, timedelta from django.db.models import F @@ -27,7 +28,7 @@ import rpki, rpki.async, rpki.http, rpki.x509, rpki.left_right from rpki.myrpki import CA, IRDB, csv_writer from rpki.gui.app import models, settings -def conf(*handle): +def confpath(*handle): """ Return the absolute pathname to the configuration directory for the given resource handle. If additional arguments are given, they @@ -40,7 +41,7 @@ def conf(*handle): def read_file_from_handle(handle, fname): """read a filename relative to the directory for the given resource handle. returns a tuple of (content, mtime)""" - with open(conf(handle, fname), 'r') as fp: + with open(confpath(handle, fname), 'r') as fp: data = fp.read() mtime = os.fstat(fp.fileno())[stat.ST_MTIME] return data, mtime @@ -81,7 +82,7 @@ def build_rpkid_caller(cfg, verbose=False): """ bpki_servers_dir = cfg.get("bpki_servers_directory") if not bpki_servers_dir.startswith('/'): - bpki_servers_dir = conf(cfg.get('handle'), bpki_servers_dir) + bpki_servers_dir = confpath(cfg.get('handle'), bpki_servers_dir) bpki_servers = CA(cfg.filename, bpki_servers_dir) rpkid_base = "http://%s:%s/" % (cfg.get("rpkid_server_host"), cfg.get("rpkid_server_port")) @@ -129,7 +130,7 @@ def configure_resources(log, handle): files for use with the myrpki.py command line script. """ - path = conf(handle.handle) + path = confpath(handle.handle) cfg = rpki.config.parser(os.path.join(path, 'rpki.conf'), 'myrpki') output_asns(qualify_path(path, cfg.get('asn_csv')), handle) @@ -150,7 +151,7 @@ def configure_resources(log, handle): children = [] for child in handle.children.all(): - asns = rpki.resource_set.resource_set_as(a.as_resource_range() for a in child.asns.all()) + asns = rpki.resource_set.resource_set_as([a.as_resource_range() for a in child.address_range.all()]) v4 = rpki.resource_set.resource_set_ipv4() v6 = rpki.resource_set.resource_set_ipv6() @@ -175,16 +176,96 @@ def configure_resources(log, handle): else: ghostbusters.append((None, vcard)) + # for hosted handles, get the config for the irdbd/rpkid host + if handle.host: + cfg = rpki.config.parser(confpath(handle.host.handle, 'rpki.conf'), 'myrpki') + irdb = IRDB(cfg) irdb.update(handle, roa_requests, children, ghostbusters) irdb.close() - # for hosted handles, get the config for the rpkid host - if handle.host: - cfg = rpki.config.parser(conf(handle.host.handle, 'rpki.conf'), 'myrpki') - # contact rpkid to request immediate update call_rpkid = build_rpkid_caller(cfg) call_rpkid(rpki.left_right.self_elt.make_pdu(action='set', self_handle=handle.handle, run_now=True)) +def list_received_resources(conf): + """ + Query rpkid for this resource handle's children and received resources. + """ + # if this handle is hosted, get the cfg for the host + rpki_conf = conf.host if conf.host else conf + cfg = rpki.config.parser(confpath(rpki_conf.handle, 'rpki.conf'), 'myrpki') + call_rpkid = build_rpkid_caller(cfg) + pdus = call_rpkid(rpki.left_right.list_received_resources_elt.make_pdu(self_handle=conf.handle), + rpki.left_right.child_elt.make_pdu(action="list", self_handle=conf.handle)) + + for pdu in pdus: + if isinstance(pdu, rpki.left_right.child_elt): + # have we seen this child before? + child_set = conf.children.filter(handle=pdu.child_handle) + if not child_set: + # default to 1 year. no easy way to query irdb for the + # current value. + valid_until = datetime.now() + timedelta(days=365) + child = models.Child(conf=conf, handle=pdu.child_handle, + valid_until=valid_until) + child.save() + + elif isinstance(pdu, rpki.left_right.list_received_resources_elt): + + # have we seen this parent before? + parent_set = conf.parents.filter(handle=pdu.parent_handle) + if not parent_set: + parent = models.Parent(conf=conf, handle=pdu.parent_handle) + parent.save() + else: + parent = parent_set[0] + + not_before = datetime.strptime(pdu.notBefore, "%Y-%m-%dT%H:%M:%SZ") + not_after = datetime.strptime(pdu.notAfter, "%Y-%m-%dT%H:%M:%SZ") + + # have we seen this resource cert before? + cert_set = parent.resources.filter(uri=pdu.uri) + if cert_set.count() == 0: + cert = models.ResourceCert(uri=pdu.uri, parent=parent, + not_before=not_before, not_after=not_after) + else: + cert = cert_set[0] + # update timestamps since it could have been modified + cert.not_before = not_before + cert.not_after = not_after + cert.save() + + for asn in rpki.resource_set.resource_set_as(pdu.asn): + # see if this resource is already part of the cert + if cert.asn.filter(lo=asn.min, hi=asn.max).count() == 0: + # ensure this range wasn't seen from another of our parents + for v in models.Asn.objects.filter(lo=asn.min, hi=asn.max): + # determine if resource is delegated from another parent + if v.from_cert.filter(parent__in=conf.parents.all()).count(): + cert.asn.add(v) + break + else: + cert.asn.create(lo=asn.min, hi=asn.max) + cert.save() + + # IPv4/6 - not separated in the django db + def add_missing_address(addr_set): + for ip in addr_set: + lo=str(ip.min) + hi=str(ip.max) + if cert.address_range.filter(lo=lo, hi=hi).count() == 0: + # ensure that this range wasn't previously seen from another of our parents + for v in models.AddressRange.objects.filter(lo=lo, hi=hi): + # determine if this resource is delegated from another parent as well + if v.from_cert.filter(parent__in=conf.parents.all()).count(): + cert.address_range.add(v) + break + else: + cert.address_range.create(lo=lo, hi=hi) + cert.save() + + add_missing_address(rpki.resource_set.resource_set_ipv4(pdu.ipv4)) + add_missing_address(rpki.resource_set.resource_set_ipv6(pdu.ipv6)) + # vim:sw=4 ts=8 expandtab diff --git a/rpkid/rpki/gui/app/templates/rpkigui/asn_view.html b/rpkid/rpki/gui/app/templates/rpkigui/asn_view.html index 4417c576..204a6677 100644 --- a/rpkid/rpki/gui/app/templates/rpkigui/asn_view.html +++ b/rpkid/rpki/gui/app/templates/rpkigui/asn_view.html @@ -6,10 +6,19 @@ th { border: solid 1px; padding: 1em } td { border: solid 1px; text-align: center; padding-left: 1em; padding-right: 1em } {% endblock %} +{% block sidebar %} +<ul class='compact'> + <li> <a href="{{asn.get_absolute_url}}/allocate">give to child</a></li> +</ul> +{% endblock %} + {% block content %} -<p>Handle: <a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle }}</a> -<h1>ASN View</h1> +<p id='breadcrumb'> +<a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle }}</a> > AS View > {{ asn }} +</p> + +<h1>AS View</h1> <table> <tr> <td>ASN:</td><td>{{ asn }}</td> </tr> @@ -81,7 +90,4 @@ td { border: solid 1px; text-align: center; padding-left: 1em; padding-right: 1e </form> {% endif %} -<p>Action: -<a href="{{asn.get_absolute_url}}/allocate">give to child</a> - {% endblock %} diff --git a/rpkid/rpki/gui/app/templates/rpkigui/child_view.html b/rpkid/rpki/gui/app/templates/rpkigui/child_view.html index 9bcdf948..137f27c4 100644 --- a/rpkid/rpki/gui/app/templates/rpkigui/child_view.html +++ b/rpkid/rpki/gui/app/templates/rpkigui/child_view.html @@ -1,10 +1,16 @@ {% extends "base.html" %} {% block content %} -<p>Handle: <a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle.handle }}</a> +<p id='breadcrumb'> +<a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle.handle }}</a> > Child View > {{ child.handle }} +</p> + <h1>Child View</h1> -<p>Child: {{ child.handle }}</p> -<p>Valid until: {{ child.valid_until }}</p> + +<p> +Child: {{ child.handle }}<br/> +Valid until: {{ child.valid_until }} +</p> <h2>Delegated Addresses</h2> {% if child.address_range.all %} diff --git a/rpkid/rpki/gui/app/templates/rpkigui/dashboard.html b/rpkid/rpki/gui/app/templates/rpkigui/dashboard.html index b3e9fab2..d31d01c2 100644 --- a/rpkid/rpki/gui/app/templates/rpkigui/dashboard.html +++ b/rpkid/rpki/gui/app/templates/rpkigui/dashboard.html @@ -20,6 +20,10 @@ h2 { text-align:center; background-color:#dddddd } <li><a href="{% url rpki.gui.app.views.conf_export %}">export identity</a></li> <li><a href="{% url rpki.gui.app.views.conf_list %}">select identity</a></li> </ul> + +<ul class='compact'> + <li><a href="{% url rpki.gui.app.views.refresh %}">refresh</a></li> +</ul> {% endblock %} {% block content %} diff --git a/rpkid/rpki/gui/app/templates/rpkigui/parent_view.html b/rpkid/rpki/gui/app/templates/rpkigui/parent_view.html index 13a9d848..23509311 100644 --- a/rpkid/rpki/gui/app/templates/rpkigui/parent_view.html +++ b/rpkid/rpki/gui/app/templates/rpkigui/parent_view.html @@ -1,9 +1,14 @@ {% extends "base.html" %} {% block content %} -<p>Handle: <a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle.handle }}</a> +<p id='breadcrumb'> +<a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle.handle }}</a> > Parent View > {{ parent.handle }} +</p> + <h1>Parent View</h1> + <p>Parent: {{ parent.handle }} + <h2>Delegated Addresses</h2> <ul> {% for c in parent.resources.all %} diff --git a/rpkid/rpki/gui/app/templates/rpkigui/prefix_view.html b/rpkid/rpki/gui/app/templates/rpkigui/prefix_view.html index 78e9958a..effbfd89 100644 --- a/rpkid/rpki/gui/app/templates/rpkigui/prefix_view.html +++ b/rpkid/rpki/gui/app/templates/rpkigui/prefix_view.html @@ -6,8 +6,27 @@ th { border: solid 1px; padding: 1em } td { border: solid 1px; text-align: center; padding-left: 1em; padding-right: 1em } {% endblock %} +{% block sidebar %} +<ul class='compact'> +{% if not addr.allocated %} +<li><a href="{{addr.get_absolute_url}}/split">split</a></li> +{% endif %} +{% if not addr.roa_requests.all %} +<li><a href="{{addr.get_absolute_url}}/allocate">give to child</a></li> +{% endif %} +{% if addr.is_prefix and not addr.allocated %} +<li><a href="{{ addr.get_absolute_url }}/roa">roa</a></li> +{% endif %} +{% if not addr.allocated and addr.parent %} +<li><a href="{{ addr.get_absolute_url }}/delete">delete</a></li> +{% endif %} +</ul> +{% endblock %} + {% block content %} -<p>Handle: <a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle }}</a> +<p id='breadcrumb'> +<a href="{% url rpki.gui.app.views.dashboard %}">{{ request.session.handle }}</a> > Prefix View > {{ addr }} +</p> <h1>Prefix View</h1> @@ -78,18 +97,4 @@ td { border: solid 1px; text-align: center; padding-left: 1em; padding-right: 1e </form> {% endif %} <!-- form --> -<p>Action:<br> -{% if not addr.allocated %} -<a href="{{addr.get_absolute_url}}/split">split</a><br> -{% endif %} -{% if not addr.roa_requests.all %} -<a href="{{addr.get_absolute_url}}/allocate">give to child</a><br> -{% endif %} -{% if addr.is_prefix and not addr.allocated %} -<a href="{{ addr.get_absolute_url }}/roa">roa</a><br> -{% endif %} -{% if not addr.allocated and addr.parent %} -<a href="{{ addr.get_absolute_url }}/delete">delete</a><br> -{% endif %} - {% endblock %} diff --git a/rpkid/rpki/gui/app/urls.py b/rpkid/rpki/gui/app/urls.py index f2020d0d..c6f06fb8 100644 --- a/rpkid/rpki/gui/app/urls.py +++ b/rpkid/rpki/gui/app/urls.py @@ -38,6 +38,7 @@ urlpatterns = patterns('', (r'^gbr/(?P<pk>\d+)$', views.ghostbuster_view), (r'^gbr/(?P<pk>\d+)/edit$', views.ghostbuster_edit), (r'^gbr/(?P<pk>\d+)/delete$', views.ghostbuster_delete), + (r'^refresh$', views.refresh), (r'^roa/(?P<pk>\d+)$', views.roa_view), (r'^roareq/(?P<pk>\d+)$', views.roa_request_view), (r'^roareq/(?P<pk>\d+)/delete$', views.roa_request_delete_view), diff --git a/rpkid/rpki/gui/app/views.py b/rpkid/rpki/gui/app/views.py index 936a9108..889a1bd3 100644 --- a/rpkid/rpki/gui/app/views.py +++ b/rpkid/rpki/gui/app/views.py @@ -435,7 +435,7 @@ def get_response(conf, request_type): If there is cached response for the given request type, simply return it. Otherwise, look in the outbox mailbox for a response. """ - filename = glue.conf(conf.handle) + '/' + request_type + '.xml' + filename = glue.confpath(conf.handle) + '/' + request_type + '.xml' if not os.path.exists(filename): box = mailbox.Maildir(settings.OUTBOX, factory=None) for key, msg in box.iteritems(): @@ -481,7 +481,7 @@ def myrpki_xml(request, self_handle): log = request.META['wsgi.errors'] if request.method == 'POST': - fname = glue.conf(self_handle) + '/myrpki.xml' + fname = glue.confpath(self_handle) + '/myrpki.xml' if not os.path.exists(fname): print >>log, 'Saving a copy of myrpki.xml for handle %s to inbox' % conf.handle @@ -599,4 +599,10 @@ def ghostbuster_edit(request, pk): def ghostbuster_create(request): return _ghostbuster_edit(request) +@handle_required +def refresh(request): + "Query rpkid, update the db, and redirect back to the dashboard." + glue.list_received_resources(request.session['handle']) + return http.HttpResponseRedirect(reverse(dashboard)) + # vim:sw=4 ts=8 expandtab |