aboutsummaryrefslogtreecommitdiff
path: root/portal-gui/scripts/list_resources.py
diff options
context:
space:
mode:
Diffstat (limited to 'portal-gui/scripts/list_resources.py')
-rwxr-xr-xportal-gui/scripts/list_resources.py162
1 files changed, 79 insertions, 83 deletions
diff --git a/portal-gui/scripts/list_resources.py b/portal-gui/scripts/list_resources.py
index ae95228b..acd97847 100755
--- a/portal-gui/scripts/list_resources.py
+++ b/portal-gui/scripts/list_resources.py
@@ -1,6 +1,9 @@
#!/usr/bin/env python
+import sys
import os
+from datetime import datetime
+
from rpki.myrpki import EntityDB, CA
import rpki.config
import rpki.x509
@@ -12,20 +15,6 @@ import rpki.ipaddrs
from rpkigui.myrpki import models
-class ReceivedResources(object):
- def __init__(self, self_handle, parent_handle, asn, ipv4, ipv6, uri, not_before, not_after):
- self.self_handle = self_handle
- self.parent_handle = parent_handle
- self.asn = asn
- self.ipv4 = ipv4
- self.ipv6 = ipv6
- self.uri = uri
- self.not_before = not_before
- self.not_after = not_after
-
- def __str__(self):
- return "%s's received resources from parent %s" % (self.self_handle, self.parent_handle, )
-
def query_rpkid(handle=None):
"""Fetch our received resources from the local rpkid using the myrpki.conf in the current directory."""
cfg_file = os.getenv("MYRPKI_CONF", "myrpki.conf")
@@ -46,87 +35,94 @@ def query_rpkid(handle=None):
url = rpkid_base + "left-right",
debug = True))
- print 'calling rpkid...'
+ print 'calling rpkid... for self_handle=', handle
rpkid_reply = call_rpkid(
#rpki.left_right.parent_elt.make_pdu(action="list", tag="parents", self_handle=handle),
#rpki.left_right.list_roa_requests_elt.make_pdu(tag='roas', self_handle=handle),
+ rpki.left_right.child_elt.make_pdu(action="list", tag="children",
+ self_handle = handle),
rpki.left_right.list_received_resources_elt.make_pdu(tag = "resources",
self_handle = handle))
print 'done'
- resources = []
- for x in rpkid_reply:
- if isinstance(x, rpki.left_right.parent_elt):
- print x.parent_handle, x.sia_base, x.sender_name, x.recipient_name, \
- x.peer_contact_uri
- #elif isinstance(x, rpki.left_right.list_roa_requests_elt):
- # print x.asn, x.ipv4, x.ipv6
- if isinstance(x, rpki.left_right.list_received_resources_elt):
- resources.append(ReceivedResources(self_handle=handle,
- parent_handle=x.parent_handle,
- asn=rpki.resource_set.resource_set_as(x.asn),
- ipv4=rpki.resource_set.resource_set_ipv4(x.ipv4),
- ipv6=rpki.resource_set.resource_set_ipv6(x.ipv6),
- uri=x.uri,
- not_after=x.notAfter,
- not_before=x.notBefore))
- return resources
-
-x = query_rpkid()
-for y in x:
- conf = models.Conf.objects.filter(handle=y.self_handle)[0]
+ return rpkid_reply
- parent_set = conf.parents.filter(handle=y.parent_handle)
- if not parent_set:
- print 'have not yet seen parent %s, creating...' % (y.parent_handle, )
- # have not seen this parent before
- parent = models.Parent(conf=conf, handle=y.parent_handle)
- parent.save()
+for pdu in query_rpkid(None if len(sys.argv) == 1 else sys.argv[1]):
+ conf_set = models.Conf.objects.filter(handle=pdu.self_handle)
+ if conf_set.count():
+ conf = conf_set[0]
else:
- parent = parent_set[0]
+ print 'creating new conf for %s' % (pdu.self_handle,)
+ conf = models.Conf.objects.create(handle=pdu.self_handle)
- # have we seen this resource cert before?
- cert_set = conf.resources.filter(uri=y.uri)
- if cert_set.count() == 0:
- # no
- cert = models.ResourceCert(uri=uri, parent=parent, not_before=x.not_before,
- not_after=x.not_after)
- else:
- # yes
- cert = cert_set[0]
+ #if isinstance(pdu, rpki.left_right.parent_elt):
+# print x.parent_handle, x.sia_base, x.sender_name, x.recipient_name, \
+# x.peer_contact_uri
+ if isinstance(pdu, rpki.left_right.child_elt):
+ # have we seen this parent before?
+ child_set = conf.children.filter(handle=pdu.child_handle)
+ if not child_set:
+ print 'creating new child %s' % (pdu.child_handle,)
+ child = models.Child(conf=conf, handle=pdu.child_handle)
+ child.save()
+ #elif isinstance(x, rpki.left_right.list_roa_requests_elt):
+ # print x.asn, x.ipv4, x.ipv6
+ elif isinstance(pdu, rpki.left_right.list_received_resources_elt):
+ # have we seen this parent before?
+ parent_set = conf.parents.filter(handle=pdu.parent_handle)
+ if not parent_set:
+ parent = models.Parent(conf=conf, handle=pdu.parent_handle)
+ parent.save()
+ else:
+ parent = parent_set[0]
+
+ not_before = datetime.strptime(pdu.notBefore, "%Y-%m-%dT%H:%M:%SZ")
+ not_after = datetime.strptime(pdu.notAfter, "%Y-%m-%dT%H:%M:%SZ")
+
+ # have we seen this resource cert before?
+ cert_set = parent.resources.filter(uri=pdu.uri)
+ if cert_set.count() == 0:
+ cert = models.ResourceCert(uri=pdu.uri, parent=parent,
+ not_before=not_before, not_after=not_after)
+ else:
+ cert = cert_set[0]
+ # update timestamps since it could have been modified
+ cert.not_before = not_before
+ cert.not_after = not_after
+ cert.save()
- for asn in y.asn:
- # see if this resource is already part of the cert
- if cert.asn.get(lo=asn.min, hi=asn.max) is None:
- # ensure that this range wasn't previously seen from another of our parents
- for v in models.Asn.objects.filter(lo=asn.min, hi=asn.max):
- # determine if this resource is delegated from another parent as well
- if v.from_cert.filter(parent__in=conf.parents.all()).count():
- cert.asn.add(v)
- break
- else:
- print 'could not find ASN %s in known set' % ( asn, )
- cert.asn.create(lo=asn.min, hi=asn.max)
- cert.save()
+ for asn in rpki.resource_set.resource_set_as(pdu.asn):
+ # see if this resource is already part of the cert
+ if cert.asn.filter(lo=asn.min, hi=asn.max).count() == 0:
+ # ensure this range wasn't seen from another of our parents
+ for v in models.Asn.objects.filter(lo=asn.min, hi=asn.max):
+ # determine if resource is delegated from another parent
+ if v.from_cert.filter(parent__in=conf.parents.all()).count():
+ cert.asn.add(v)
+ break
+ else:
+ print 'could not find ASN %s in known set' % ( asn, )
+ cert.asn.create(lo=asn.min, hi=asn.max)
+ cert.save()
- # IPv4/6 - not separated in the django db
- def add_missing_address(addr_set):
- for ip in addr_set:
- lo=str(ip.min)
- hi=str(ip.max)
- if cert.address_range.get(lo=lo, hi=hi) is None:
- # ensure that this range wasn't previously seen from another of our parents
- for v in models.AddressRange.objects.filter(lo=lo, hi=hi):
- # determine if this resource is delegated from another parent as well
- if v.from_cert.filter(parent__in=conf.parents.all()).count():
- cert.address_range.add(v)
- break
- else:
- print 'could not find address range %s in known set' % ( ip, )
- cert.address_range.create(lo=lo, hi=hi)
- cert.save()
+ # IPv4/6 - not separated in the django db
+ def add_missing_address(addr_set):
+ for ip in addr_set:
+ lo=str(ip.min)
+ hi=str(ip.max)
+ if cert.address_range.filter(lo=lo, hi=hi).count() == 0:
+ # ensure that this range wasn't previously seen from another of our parents
+ for v in models.AddressRange.objects.filter(lo=lo, hi=hi):
+ # determine if this resource is delegated from another parent as well
+ if v.from_cert.filter(parent__in=conf.parents.all()).count():
+ cert.address_range.add(v)
+ break
+ else:
+ print 'could not find address range %s in known set' % (ip,)
+ cert.address_range.create(lo=lo, hi=hi)
+ cert.save()
- add_missing_address(y.ipv4)
- add_missing_address(y.ipv6)
+ add_missing_address(rpki.resource_set.resource_set_ipv4(pdu.ipv4))
+ add_missing_address(rpki.resource_set.resource_set_ipv6(pdu.ipv6))
# vim:sw=4 expandtab ts=4
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-22 03:33:24 +0000