diff options
Diffstat (limited to 'rpki/gui/cacheview')
| -rw-r--r-- | rpki/gui/cacheview/models.py | 8 | ||||
| -rw-r--r-- | rpki/gui/cacheview/tests.py | 1 | ||||
| -rw-r--r-- | rpki/gui/cacheview/util.py | 27 | ||||
| -rw-r--r-- | rpki/gui/cacheview/views.py | 1 |
4 files changed, 26 insertions, 11 deletions
diff --git a/rpki/gui/cacheview/models.py b/rpki/gui/cacheview/models.py index c3ee8421..08acfa2d 100644 --- a/rpki/gui/cacheview/models.py +++ b/rpki/gui/cacheview/models.py @@ -58,6 +58,7 @@ class ValidationLabel(models.Model): Represents a specific error condition defined in the rcynic XML output file. """ + label = models.CharField(max_length=79, db_index=True, unique=True) status = models.CharField(max_length=255) kind = models.PositiveSmallIntegerField(choices=kinds) @@ -70,6 +71,7 @@ class RepositoryObject(models.Model): """ Represents a globally unique RPKI repository object, specified by its URI. """ + uri = models.URLField(unique=True, db_index=True) generations = list(enumerate(('current', 'backup'))) @@ -89,6 +91,7 @@ class SignedObject(models.Model): The signing certificate is ommitted here in order to give a proper value for the 'related_name' attribute. """ + repo = models.ForeignKey(RepositoryObject, related_name='cert', unique=True) # on-disk file modification time @@ -108,6 +111,7 @@ class SignedObject(models.Model): """ convert the local timestamp to UTC and convert to a datetime object """ + return datetime.utcfromtimestamp(self.mtime + time.timezone) def status_id(self): @@ -116,6 +120,7 @@ class SignedObject(models.Model): The selector is chosen based on the current generation only. If there is any bad status, return bad, else if there are any warn status, return warn, else return good. """ + for x in reversed(kinds): if self.repo.statuses.filter(generation=generations_dict['current'], status__kind=x[0]): return x[1] @@ -129,6 +134,7 @@ class Cert(SignedObject): """ Object representing a resource certificate. """ + addresses = models.ManyToManyField(AddressRange, related_name='certs') addresses_v6 = models.ManyToManyField(AddressRangeV6, related_name='certs') asns = models.ManyToManyField(ASRange, related_name='certs') @@ -141,6 +147,7 @@ class Cert(SignedObject): def get_cert_chain(self): """Return a list containing the complete certificate chain for this certificate.""" + cert = self x = [cert] while cert != cert.issuer: @@ -180,6 +187,7 @@ class ROAPrefixV4(ROAPrefix, rpki.gui.models.PrefixV4): @property def routes(self): """return all routes covered by this roa prefix""" + return RouteOrigin.objects.filter(prefix_min__gte=self.prefix_min, prefix_max__lte=self.prefix_max) diff --git a/rpki/gui/cacheview/tests.py b/rpki/gui/cacheview/tests.py index 2247054b..daca07bf 100644 --- a/rpki/gui/cacheview/tests.py +++ b/rpki/gui/cacheview/tests.py @@ -12,6 +12,7 @@ class SimpleTest(TestCase): """ Tests that 1 + 1 always equals 2. """ + self.failUnlessEqual(1 + 1, 2) __test__ = {"doctest": """ diff --git a/rpki/gui/cacheview/util.py b/rpki/gui/cacheview/util.py index 9e8748bf..21430091 100644 --- a/rpki/gui/cacheview/util.py +++ b/rpki/gui/cacheview/util.py @@ -32,6 +32,7 @@ from django.db import transaction import django.db.models import rpki +import rpki.left_right import rpki.gui.app.timestamp from rpki.gui.app.models import Conf, Alert from rpki.gui.cacheview import models @@ -39,6 +40,8 @@ from rpki.rcynic import rcynic_xml_iterator, label_iterator from rpki.sundial import datetime from rpki.irdb.zookeeper import Zookeeper +from lxml.etree import Element, SubElement + logger = logging.getLogger(__name__) @@ -310,23 +313,26 @@ def fetch_published_objects(): """Query rpkid for all objects published by local users, and look up the current validation status of each object. The validation status is used later to send alerts for objects which have transitioned to invalid. - """ + logger.info('querying for published objects') handles = [conf.handle for conf in Conf.objects.all()] - req = [rpki.left_right.list_published_objects_elt.make_pdu(action='list', self_handle=h, tag=h) for h in handles] + q_msg = Element(rpki.left_right.tag_msg, nsmap = rpki.left_right.nsmap, + type = "query", version = rpki.left_right.version) + for h in handles: + SubElement(q_msg, rpki.left_right.tag_list_published_objects, action="list", self_handle=h, tag=h) z = Zookeeper() - pdus = z.call_rpkid(*req) - for pdu in pdus: - if isinstance(pdu, rpki.left_right.list_published_objects_elt): + r_msg = z.call_rpkid(q_msg) + for r_pdu in r_msg: + if r_pdu.tag == rpki.left_right.tag_list_published_objects: # Look up the object in the rcynic cache - qs = models.RepositoryObject.objects.filter(uri=pdu.uri) + qs = models.RepositoryObject.objects.filter(uri=r_pdu.get("uri")) if qs: # get the current validity state valid = qs[0].statuses.filter(status=object_accepted).exists() - uris[pdu.uri] = (pdu.self_handle, valid, False, None) - logger.debug('adding ' + pdu.uri) + uris[r_pdu.get("uri")] = (r_pdu.get("self_handle"), valid, False, None) + logger.debug('adding %s', r_pdu.get("uri")) else: # this object is not in the cache. it was either published # recently, or disappared previously. if it disappeared @@ -334,8 +340,8 @@ def fetch_published_objects(): # omit the uri from the list since we are interested only in # objects which were valid and are no longer valid pass - elif isinstance(pdu, rpki.left_right.report_error_elt): - logging.error('rpkid reported an error: %s', pdu.error_code) + elif r_pdu.tag == rpki.left_right.tag_report_error: + logging.error('rpkid reported an error: %s', r_pdu.get("error_code")) class Handle(object): @@ -353,7 +359,6 @@ class Handle(object): def notify_invalid(): """Send email alerts to the addresses registered in ghostbuster records for any invalid objects that were published by users of this system. - """ logger.info('sending notifications for invalid objects') diff --git a/rpki/gui/cacheview/views.py b/rpki/gui/cacheview/views.py index 94870eb2..451c0d1e 100644 --- a/rpki/gui/cacheview/views.py +++ b/rpki/gui/cacheview/views.py @@ -29,6 +29,7 @@ def cert_chain(obj): """ returns an iterator covering all certs from the root cert down to the EE. """ + chain = [obj] while obj != obj.issuer: obj = obj.issuer |