diff options
Diffstat (limited to 'ca')
| -rwxr-xr-x | ca/irbe_cli | 31 | ||||
| -rw-r--r-- | ca/rpki-confgen.xml | 32 | ||||
| -rwxr-xr-x | ca/rpki-manage | 17 | ||||
| -rwxr-xr-x | ca/rpki-sql-backup | 2 | ||||
| -rwxr-xr-x | ca/rpki-sql-setup | 4 | ||||
| -rwxr-xr-x | ca/rpki-start-servers | 4 | ||||
| -rw-r--r-- | ca/rpki.wsgi | 3 | ||||
| -rw-r--r-- | ca/tests/smoketest.py | 19 | ||||
| -rw-r--r-- | ca/tests/sql-cleaner.py | 2 | ||||
| -rw-r--r-- | ca/tests/sql-dumper.py | 2 | ||||
| -rwxr-xr-x | ca/tests/test-rrdp.py | 2 | ||||
| -rw-r--r-- | ca/tests/yamlconf.py | 29 | ||||
| -rw-r--r-- | ca/tests/yamltest.py | 107 |
13 files changed, 169 insertions, 85 deletions
diff --git a/ca/irbe_cli b/ca/irbe_cli index 1becd403..cd9c2165 100755 --- a/ca/irbe_cli +++ b/ca/irbe_cli @@ -305,7 +305,7 @@ for o, a in opts: if not argv: usage(1) -cfg = rpki.config.parser(cfg_file, "irbe_cli") +cfg = rpki.config.parser(set_filename = cfg_file, section = "irbe_cli") q_msg_left_right = [] q_msg_publication = [] @@ -322,19 +322,22 @@ while argv: argv = q_pdu.client_getopt(argv[1:]) q_msg.append(q_pdu) -from django.conf import settings - -settings.configure( - DATABASES = { "default" : { - "ENGINE" : "django.db.backends.mysql", - "NAME" : cfg.get("sql-database", section = "irdbd"), - "USER" : cfg.get("sql-username", section = "irdbd"), - "PASSWORD" : cfg.get("sql-password", section = "irdbd"), - "HOST" : "", - "PORT" : "", - "OPTIONS" : { "init_command": "SET storage_engine=INNODB" }}}, - INSTALLED_APPS = ("rpki.irdb",), -) +if True: + os.environ.update(DJANGO_SETTINGS_MODULE = "rpki.django_settings") + +else: + from django.conf import settings + settings.configure( + DATABASES = { "default" : { + "ENGINE" : "django.db.backends.mysql", + "NAME" : cfg.get("sql-database", section = "irdbd"), + "USER" : cfg.get("sql-username", section = "irdbd"), + "PASSWORD" : cfg.get("sql-password", section = "irdbd"), + "HOST" : "", + "PORT" : "", + "OPTIONS" : { "init_command": "SET storage_engine=INNODB" }}}, + INSTALLED_APPS = ("rpki.irdb",), + ) import rpki.irdb diff --git a/ca/rpki-confgen.xml b/ca/rpki-confgen.xml index 1928c2db..b3e50823 100644 --- a/ca/rpki-confgen.xml +++ b/ca/rpki-confgen.xml @@ -862,30 +862,18 @@ <section name = "web_portal"> <doc> - Glue to allow the Django application to pull user configuration - from this file rather than directly editing settings.py. + Glue to allow Django to pull user configuration from this file + rather than requiring the user to edit settings.py. </doc> - <option name = "sql-database" - value = "${myrpki::irdbd_sql_database}"> - <doc> - SQL database name the web portal should use. - </doc> - </option> - - <option name = "sql-username" - value = "${myrpki::irdbd_sql_username}"> - <doc> - SQL user name the web portal should use. - </doc> - </option> - - <option name = "sql-password" - value = "${myrpki::irdbd_sql_password}"> - <doc> - SQL password the web portal should use. - </doc> - </option> + <!-- + We used to have SQL settings for the GUI here, but since + they're pretty much required to be identical to the ones for + irdbd at this point, the duplicate entries were just another + chance to misconfigure something, so I removed them. Not yet + sure whether this was the right approach. Too much historical + baggage in this file. + --> <option name = "secret-key"> <doc> diff --git a/ca/rpki-manage b/ca/rpki-manage index 0d581ce9..db1e9ce3 100755 --- a/ca/rpki-manage +++ b/ca/rpki-manage @@ -5,9 +5,20 @@ from django.core.management import execute_from_command_line # django-admin seems to have problems creating the superuser account when # $LANG is unset or is set to something totally incompatible with UTF-8. -if os.environ.get('LANG') in (None, "", "C"): - os.environ['LANG'] = 'en_US.UTF-8' -os.environ['DJANGO_SETTINGS_MODULE'] = 'rpki.gui.default_settings' +if os.environ.get("LANG") in (None, "", "C"): + os.environ["LANG"] = "en_US.UTF-8" + +# Where to find the Django settings module + +os.environ.update(DJANGO_SETTINGS_MODULE = "rpki.django_settings") + +# We don't know whether we're being used to configure the GUI or not +# (well, not without examining the specific command, which we'd like +# to avoid). Default to enabling the GUI so that such commands will +# work, but allow the user to override via the environment variable. + +if not os.environ.get("RPKI_GUI_ENABLE"): + os.environ["RPKI_GUI_ENABLE"] = "yes" execute_from_command_line() diff --git a/ca/rpki-sql-backup b/ca/rpki-sql-backup index e60f9ae3..02835956 100755 --- a/ca/rpki-sql-backup +++ b/ca/rpki-sql-backup @@ -41,7 +41,7 @@ parser.add_argument("-o", "--output", help = "destination for SQL dump (default: stdout)") args = parser.parse_args() -cfg = rpki.config.parser(args.config, "myrpki") +cfg = rpki.config.parser(set_filename = args.config, section = "myrpki") for name in ("rpkid", "irdbd", "pubd"): if cfg.getboolean("start_" + name, False): diff --git a/ca/rpki-sql-setup b/ca/rpki-sql-setup index edc2c242..848e3d0f 100755 --- a/ca/rpki-sql-setup +++ b/ca/rpki-sql-setup @@ -54,7 +54,7 @@ class RootDB(object): user = "root", passwd = getpass.getpass("Please enter your MySQL root password: ")) else: - mysql_cfg = rpki.config.parser(self.mysql_defaults, "client") + mysql_cfg = rpki.config.parser(set_filename = self.mysql_defaults, section = "client") self.db = MySQLdb.connect(db = "mysql", user = mysql_cfg.get("user"), passwd = mysql_cfg.get("password")) @@ -299,7 +299,7 @@ parser.set_defaults(dispatch = do_create_if_missing) args = parser.parse_args() try: - cfg = rpki.config.parser(args.config, "myrpki") + cfg = rpki.config.parser(set_filename = args.config, section = "myrpki") root = RootDB(args.mysql_defaults) current_version = Version(rpki.version.VERSION) for program_name in ("irdbd", "rpkid", "pubd"): diff --git a/ca/rpki-start-servers b/ca/rpki-start-servers index 8a745896..f1f70aa8 100755 --- a/ca/rpki-start-servers +++ b/ca/rpki-start-servers @@ -64,13 +64,13 @@ group.add_argument("--log-syslog", default = "daemon", nargs = "?", help = "log syslog") args = parser.parse_args() -cfg = rpki.config.parser(args.config, "myrpki") +cfg = rpki.config.parser(set_filename = args.config, section = "myrpki") def run(name, old_flag = None): if cfg.getboolean("start_" + name, cfg.getboolean("run_" + name if old_flag is None else old_flag, False)): # pylint: disable=E1103 log_file = os.path.join(args.log_directory, name + ".log") - cmd = (os.path.join(rpki.autoconf.libexecdir, name), "--config", cfg.filename, "--log-level", args.log_level) + cmd = (os.path.join(rpki.autoconf.libexecdir, name), "--log-level", args.log_level) if args.log_file: cmd += ("--log-file", log_file) elif args.log_rotating_file_kbytes: diff --git a/ca/rpki.wsgi b/ca/rpki.wsgi index 72ba75ac..7fa85d73 100644 --- a/ca/rpki.wsgi +++ b/ca/rpki.wsgi @@ -21,7 +21,8 @@ import sys import os import rpki.autoconf -os.environ['DJANGO_SETTINGS_MODULE'] = 'rpki.gui.default_settings' +os.environ.update(DJANGO_SETTINGS_MODULE = "rpki.django_settings", + RPKI_GUI_ENABLE = "yes") # Needed for local_settings.py sys.path.insert(1, rpki.autoconf.sysconfdir + '/rpki') diff --git a/ca/tests/smoketest.py b/ca/tests/smoketest.py index 28905d90..bf949a97 100644 --- a/ca/tests/smoketest.py +++ b/ca/tests/smoketest.py @@ -68,7 +68,7 @@ parser.add_argument("yaml_file", type = argparse.FileType("r"), help = "YAML description of test network") args = parser.parse_args() -cfg = rpki.config.parser(args.config, "smoketest", allow_missing = True) +cfg = rpki.config.parser(set_filename = args.config, section = "smoketest", allow_missing = True) # Load the YAML script early, so we can report errors ASAP @@ -233,11 +233,13 @@ def main(): try: logger.info("Starting rootd") - rootd_process = subprocess.Popen((prog_python, prog_rootd, "--foreground", "--log-stdout", "--log-level", "debug", "--config", rootd_name + ".conf")) + rootd_process = subprocess.Popen((prog_python, prog_rootd, "--foreground", "--log-stdout", "--log-level", "debug"), + env = dict(os.environ, RPKI_CONF = rootd_name + ".conf")) logger.info("Starting pubd") - pubd_process = subprocess.Popen((prog_python, prog_pubd, "--foreground", "--log-stdout", "--log-level", "debug", "--config", pubd_name + ".conf") + - (("-p", pubd_name + ".prof") if args.profile else ())) + pubd_process = subprocess.Popen((prog_python, prog_pubd, "--foreground", "--log-stdout", "--log-level", "debug") + + (("-p", pubd_name + ".prof") if args.profile else ()), + env = dict(os.environ, RPKI_CONF = pubd_name + ".conf")) logger.info("Starting rsyncd") rsyncd_process = subprocess.Popen((prog_rsyncd, "--daemon", "--no-detach", "--config", rsyncd_name + ".conf")) @@ -864,9 +866,12 @@ class allocation(object): """ logger.info("Running daemons for %s", self.name) - self.rpkid_process = subprocess.Popen((prog_python, prog_rpkid, "--foreground", "--log-stdout", "--log-level", "debug", "--config", self.name + ".conf") + - (("--profile", self.name + ".prof") if args.profile else ())) - self.irdbd_process = subprocess.Popen((prog_python, prog_irdbd, "--foreground", "--log-stdout", "--log-level", "debug", "--config", self.name + ".conf")) + env = dict(os.environ, RPKI_CONF = self.name + ".conf") + self.rpkid_process = subprocess.Popen((prog_python, prog_rpkid, "--foreground", "--log-stdout", "--log-level", "debug") + + (("--profile", self.name + ".prof") if args.profile else ()), + env = env) + self.irdbd_process = subprocess.Popen((prog_python, prog_irdbd, "--foreground", "--log-stdout", "--log-level", "debug"), + env = env) def kill_daemons(self): """ diff --git a/ca/tests/sql-cleaner.py b/ca/tests/sql-cleaner.py index ca88d456..0f0b55b1 100644 --- a/ca/tests/sql-cleaner.py +++ b/ca/tests/sql-cleaner.py @@ -22,7 +22,7 @@ import rpki.config import rpki.sql_schemas from rpki.mysql_import import MySQLdb -cfg = rpki.config.parser(None, "yamltest", allow_missing = True) +cfg = rpki.config.parser(section = "yamltest", allow_missing = True) for name in ("rpkid", "irdbd", "pubd"): diff --git a/ca/tests/sql-dumper.py b/ca/tests/sql-dumper.py index 19cc1b34..d0fe3489 100644 --- a/ca/tests/sql-dumper.py +++ b/ca/tests/sql-dumper.py @@ -22,7 +22,7 @@ import subprocess import rpki.config from rpki.mysql_import import MySQLdb -cfg = rpki.config.parser(None, "yamltest", allow_missing = True) +cfg = rpki.config.parser(section = "yamltest", allow_missing = True) for name in ("rpkid", "irdbd", "pubd"): diff --git a/ca/tests/test-rrdp.py b/ca/tests/test-rrdp.py index de30a0f4..98918bad 100755 --- a/ca/tests/test-rrdp.py +++ b/ca/tests/test-rrdp.py @@ -52,7 +52,7 @@ def snapshot_to_serial(fn): def delta_to_serial(fn): return int(os.path.splitext(os.path.basename(fn))[0].split("-")[1]) -top = os.path.expanduser("~/rpki/subvert-rpki.hactrn.net/branches/tk705") +top = os.path.abspath(os.path.join(os.path.dirname(sys.argv[0]), "..", "..")) rrdp_test_tool = os.path.join(top, "potpourri/rrdp-test-tool") rcynic = os.path.join(top, "rp/rcynic/rcynic") diff --git a/ca/tests/yamlconf.py b/ca/tests/yamlconf.py index 8f956c6b..bb82ef74 100644 --- a/ca/tests/yamlconf.py +++ b/ca/tests/yamlconf.py @@ -125,7 +125,7 @@ class router_cert(object): def __init__(self, asn, router_id): self.asn = rpki.resource_set.resource_set_as("".join(str(asn).split())) self.router_id = router_id - self.keypair = rpki.x509.ECDSA.generate(self.ecparams()) + self.keypair = rpki.x509.ECDSA.generate(params = self.ecparams(), quiet = True) self.pkcs10 = rpki.x509.PKCS10.create(keypair = self.keypair) self.gski = self.pkcs10.gSKI() @@ -491,16 +491,18 @@ class allocation(object): def syncdb(self): import django.core.management assert not self.is_hosted - django.core.management.call_command("syncdb", - database = self.irdb_name, - load_initial_data = False, - interactive = False, - verbosity = 0) + django.core.management.call_command( + "syncdb", + verbosity = 0, + database = self.irdb_name, + migrate = True, + load_initial_data = False, + interactive = False) def hire_zookeeper(self): assert not self.is_hosted self._zoo = rpki.irdb.Zookeeper( - cfg = rpki.config.parser(self.path("rpki.conf")), + cfg = rpki.config.parser(filename = self.path("rpki.conf")), logstream = None if quiet else sys.stdout) @property @@ -681,7 +683,7 @@ def main(): # passwords: this is mostly so that I can show a complete working # example without publishing my own server's passwords. - cfg = rpki.config.parser(args.config, "yamlconf", allow_missing = True) + cfg = rpki.config.parser(set_filename = args.config, section = "yamlconf", allow_missing = True) try: cfg.set_global_flags() except: @@ -755,9 +757,13 @@ def body(): pre_django_sql_setup(set(d.irdb_name for d in db if not d.is_hosted)) # Now ready for fun with multiple databases in Django! - + # # https://docs.djangoproject.com/en/1.4/topics/db/multi-db/ # https://docs.djangoproject.com/en/1.4/topics/db/sql/ + # + # This program's use of the ORM is sufficiently different that it's + # not worth straining to use rpki.django_settings, so we just use + # Django's settings API directly. database_template = { "ENGINE" : "django.db.backends.mysql", @@ -767,8 +773,7 @@ def body(): "PORT" : "", "OPTIONS" : { "init_command": "SET storage_engine=INNODB" }} - databases = dict((d.irdb_name, - dict(database_template, NAME = d.irdb_name)) + databases = dict((d.irdb_name, dict(database_template, NAME = d.irdb_name)) for d in db if not d.is_hosted) databases["default"] = databases[db.root.irdb_name] @@ -778,7 +783,7 @@ def body(): settings.configure( DATABASES = databases, DATABASE_ROUTERS = ["rpki.irdb.router.DBContextRouter"], - INSTALLED_APPS = ("rpki.irdb",)) + INSTALLED_APPS = ("rpki.irdb", "south")) import rpki.irdb diff --git a/ca/tests/yamltest.py b/ca/tests/yamltest.py index 67758e82..84355e59 100644 --- a/ca/tests/yamltest.py +++ b/ca/tests/yamltest.py @@ -43,6 +43,7 @@ import re import os import logging import argparse +import webbrowser import sys import yaml import signal @@ -74,13 +75,14 @@ def cleanpath(*names): this_dir = os.getcwd() test_dir = cleanpath(this_dir, "yamltest.dir") -rpkid_dir = cleanpath(this_dir, "..") +ca_dir = cleanpath(this_dir, "..") -prog_rpkic = cleanpath(rpkid_dir, "rpkic") -prog_rpkid = cleanpath(rpkid_dir, "rpkid") -prog_irdbd = cleanpath(rpkid_dir, "irdbd") -prog_pubd = cleanpath(rpkid_dir, "pubd") -prog_rootd = cleanpath(rpkid_dir, "rootd") +prog_rpkic = cleanpath(ca_dir, "rpkic") +prog_rpkid = cleanpath(ca_dir, "rpkid") +prog_irdbd = cleanpath(ca_dir, "irdbd") +prog_pubd = cleanpath(ca_dir, "pubd") +prog_rootd = cleanpath(ca_dir, "rootd") +prog_rpki_manage = cleanpath(ca_dir, "rpki-manage") class roa_request(object): """ @@ -131,7 +133,7 @@ class router_cert(object): def __init__(self, asn, router_id): self.asn = rpki.resource_set.resource_set_as("".join(str(asn).split())) self.router_id = router_id - self.keypair = rpki.x509.ECDSA.generate(self.ecparams()) + self.keypair = rpki.x509.ECDSA.generate(params = self.ecparams(), quiet = True) self.pkcs10 = rpki.x509.PKCS10.create(keypair = self.keypair) self.gski = self.pkcs10.gSKI() @@ -156,7 +158,7 @@ class allocation_db(list): def __init__(self, yaml): list.__init__(self) self.root = allocation(yaml, self) - assert self.root.is_root + assert self.root.is_root and not any(a.is_root for a in self if a is not self.root) and self[0] is self.root if self.root.crl_interval is None: self.root.crl_interval = 60 * 60 if self.root.regen_margin is None: @@ -506,7 +508,7 @@ class allocation(object): print "Writing", f.name section = None - for line in open(cleanpath(rpkid_dir, "examples/rpki.conf")): + for line in open(cleanpath(ca_dir, "examples/rpki.conf")): m = section_regexp.match(line) if m: section = m.group(1) @@ -551,16 +553,42 @@ class allocation(object): Run rpkic for this entity. """ - cmd = [prog_rpkic, "-i", self.name, "-c", self.path("rpki.conf")] + cmd = [prog_rpkic, "-i", self.name] if args.profile: cmd.append("--profile") cmd.append(self.path("rpkic.%s.prof" % rpki.sundial.now())) cmd.extend(str(a) for a in argv if a is not None) print 'Running "%s"' % " ".join(cmd) - env = os.environ.copy() - env["YAMLTEST_RPKIC_COUNTER"] = self.next_rpkic_counter() + env = dict(os.environ, + YAMLTEST_RPKIC_COUNTER = self.next_rpkic_counter(), + RPKI_CONF = self.path("rpki.conf")) subprocess.check_call(cmd, cwd = self.host.path(), env = env) + def syncdb(self, run_gui): + """ + Run whatever Django ORM commands are necessary to set up the + database this week. + + This may end up moving back into rpkic as an explicit command, but + for the moment I'm assuming that production use handle this via + rpki-sql-setup and that we therefore must do it ourselves for + testing. We'll see. + """ + + if not os.fork(): + os.environ.update(RPKI_CONF = self.path("rpki.conf"), + RPKI_GUI_ENABLE = "yes") + logging.getLogger().setLevel(logging.WARNING) + import django.core.management + django.core.management.call_command("syncdb", migrate = True, verbosity = 0, + load_initial_data = False, interactive = False) + from django.contrib.auth.models import User + User.objects.create_superuser("root", "root@example.org", "fnord") + sys.exit(0) + + if os.wait()[1]: + raise RuntimeError("Django setup failed for %s" % self.name) + def run_python_daemon(self, prog): """ Start a Python daemon and return a subprocess.Popen object @@ -569,13 +597,13 @@ class allocation(object): basename = os.path.splitext(os.path.basename(prog))[0] cmd = [prog, "--foreground", "--log-level", "debug", - "--log-file", self.path(basename + ".log"), - "--config", self.path("rpki.conf")] + "--log-file", self.path(basename + ".log")] if args.profile and basename != "rootd": cmd.extend(( "--profile", self.path(basename + ".prof"))) - p = subprocess.Popen(cmd, cwd = self.path()) - print 'Running %s for %s: pid %d process %r' % (" ".join(cmd), self.name, p.pid, p) + env = dict(os.environ, RPKI_CONF = self.path("rpki.conf")) + p = subprocess.Popen(cmd, cwd = self.path(), env = env) + print "Running %s for %s: pid %d process %r" % (" ".join(cmd), self.name, p.pid, p) return p def run_rpkid(self): @@ -616,6 +644,24 @@ class allocation(object): print "Running rsyncd for %s: pid %d process %r" % (self.name, p.pid, p) return p + def run_gui(self): + """ + Start an instance of the RPKI GUI under the Django test server and + return a subprocess.Popen object representing the running daemon. + """ + + port = 8000 + self.engine + cmd = (prog_rpki_manage, "runserver", str(port)) + env = dict(os.environ, + RPKI_CONF = self.path("rpki.conf"), + RPKI_DJANGO_DEBUG = "yes", + ALLOW_PLAIN_HTTP_FOR_TESTING = "I solemnly swear that I am not running this in production") + p = subprocess.Popen(cmd, cwd = self.path(), env = env, + stdout = open(self.path("gui.log"), "w"), stderr = subprocess.STDOUT) + print "Running %s for %s: pid %d process %r" % (" ".join(cmd), self.name, p.pid, p) + return p + + def create_root_certificate(db_root): print "Creating rootd RPKI root certificate" @@ -650,8 +696,10 @@ def create_root_certificate(db_root): f.write(root_key.get_public().get_Base64()) +logger = logging.getLogger(__name__) -os.environ["TZ"] = "UTC" +os.environ.update(DJANGO_SETTINGS_MODULE = "rpki.django_settings", + TZ = "UTC") time.tzset() parser = argparse.ArgumentParser(description = __doc__) @@ -671,6 +719,10 @@ parser.add_argument("--synchronize", action = "store_true", help = "synchronize IRDB with daemons") parser.add_argument("--profile", action = "store_true", help = "enable profiling") +parser.add_argument("-g", "--run_gui", action = "store_true", + help = "enable GUI using django-admin runserver") +parser.add_argument("--browser", action = "store_true", + help = "create web browser tabs for GUI") parser.add_argument("yaml_file", type = argparse.FileType("r"), help = "YAML description of test network") args = parser.parse_args() @@ -687,7 +739,7 @@ try: # passwords: this is mostly so that I can show a complete working # example without publishing my own server's passwords. - cfg = rpki.config.parser(args.config, "yamltest", allow_missing = True) + cfg = rpki.config.parser(set_filename = args.config, section = "yamltest", allow_missing = True) only_one_pubd = cfg.getboolean("only_one_pubd", True) allocation.base_port = cfg.getint("base_port", 4400) @@ -728,6 +780,7 @@ try: for d in db: if not d.is_hosted: + print "Initializing", d.name os.makedirs(d.path()) d.dump_conf() if d.runs_pubd: @@ -735,7 +788,9 @@ try: d.dump_rsyncd() if d.is_root: os.makedirs(d.path("publication.root")) + d.syncdb(args.run_gui) d.run_rpkic("initialize_server_bpki") + print # Initialize resource holding BPKI and generate self-descriptor # for each entity. @@ -773,6 +828,8 @@ try: if d.runs_pubd: progs.append(d.run_pubd()) progs.append(d.run_rsyncd()) + if args.run_gui: + progs.append(d.run_gui()) if args.synchronize or not args.skip_config: @@ -841,6 +898,20 @@ try: d.dump_ghostbusters() d.dump_router_certificates() + if args.run_gui: + print + print 'GUI user "root", password "fnord"' + for d in db: + if not d.is_hosted: + url = "http://127.0.0.1:%d/rpki/" % (8000 + d.engine) + print "GUI URL", url, "for", d.name + if args.browser: + if d is db.root: + webbrowser.open_new(url) + else: + webbrowser.open_new_tab(url) + time.sleep(2) + # Wait until something terminates. if not args.stop_after_config or args.keep_going: |