diff options
Diffstat (limited to 'rpki/relaxng.py')
| -rw-r--r-- | rpki/relaxng.py | 597 |
1 files changed, 335 insertions, 262 deletions
diff --git a/rpki/relaxng.py b/rpki/relaxng.py index e43384e7..394c0218 100644 --- a/rpki/relaxng.py +++ b/rpki/relaxng.py @@ -6,7 +6,7 @@ from rpki.relaxng_parser import RelaxNGParser ## Parsed RelaxNG left_right schema left_right = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: left-right-schema.rnc 5902 2014-07-18 16:37:04Z sra $ + $Id: left-right.rnc 5981 2014-10-02 04:54:51Z sra $ RelaxNG schema for RPKI left-right protocol. @@ -967,14 +967,12 @@ left_right = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <ref name="ipv6_list"/> </attribute> </optional> - <optional> - <attribute name="cn"> - <data type="string"> - <param name="maxLength">64</param> - <param name="pattern">[\-0-9A-Za-z_ ]+</param> - </data> - </attribute> - </optional> + <attribute name="cn"> + <data type="string"> + <param name="maxLength">64</param> + <param name="pattern">[\-0-9A-Za-z_ ]+</param> + </data> + </attribute> <optional> <attribute name="sn"> <data type="string"> @@ -1102,7 +1100,7 @@ left_right = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> ## Parsed RelaxNG myrpki schema myrpki = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: myrpki.rnc 5757 2014-04-05 22:42:12Z sra $ + $Id: myrpki.rnc 5876 2014-06-26 19:00:12Z sra $ RelaxNG schema for MyRPKI XML messages. @@ -1481,11 +1479,11 @@ myrpki = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> --> ''') -## @var publication -## Parsed RelaxNG publication schema -publication = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> +## @var publication_control +## Parsed RelaxNG publication_control schema +publication_control = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: publication-schema.rnc 5902 2014-07-18 16:37:04Z sra $ + $Id: publication-control.rnc 5903 2014-07-18 17:08:13Z sra $ RelaxNG schema for RPKI publication protocol. @@ -1506,7 +1504,7 @@ publication = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. --> -<grammar ns="http://www.hactrn.net/uris/rpki/publication-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> +<grammar ns="http://www.hactrn.net/uris/rpki/publication-control/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> <define name="version"> <value>1</value> </define> @@ -1540,26 +1538,12 @@ publication = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> </start> <!-- PDUs allowed in a query --> <define name="query_elt"> - <choice> - <ref name="config_query"/> - <ref name="client_query"/> - <ref name="certificate_query"/> - <ref name="crl_query"/> - <ref name="manifest_query"/> - <ref name="roa_query"/> - <ref name="ghostbuster_query"/> - </choice> + <ref name="client_query"/> </define> <!-- PDUs allowed in a reply --> <define name="reply_elt"> <choice> - <ref name="config_reply"/> <ref name="client_reply"/> - <ref name="certificate_reply"/> - <ref name="crl_reply"/> - <ref name="manifest_reply"/> - <ref name="roa_reply"/> - <ref name="ghostbuster_reply"/> <ref name="report_error_reply"/> </choice> </define> @@ -1603,60 +1587,7 @@ publication = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <param name="pattern">[\-_A-Za-z0-9/]+</param> </data> </define> - <!-- - <config/> element (use restricted to repository operator) - config_handle attribute, create, list, and destroy commands omitted deliberately, see code for details - --> - <define name="config_payload"> - <optional> - <element name="bpki_crl"> - <ref name="base64"/> - </element> - </optional> - </define> - <define name="config_query" combine="choice"> - <element name="config"> - <attribute name="action"> - <value>set</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="config_payload"/> - </element> - </define> - <define name="config_reply" combine="choice"> - <element name="config"> - <attribute name="action"> - <value>set</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - </element> - </define> - <define name="config_query" combine="choice"> - <element name="config"> - <attribute name="action"> - <value>get</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - </element> - </define> - <define name="config_reply" combine="choice"> - <element name="config"> - <attribute name="action"> - <value>get</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="config_payload"/> - </element> - </define> - <!-- <client/> element (use restricted to repository operator) --> + <!-- <client/> element --> <define name="client_handle"> <attribute name="client_handle"> <ref name="object_handle"/> @@ -1801,242 +1732,217 @@ publication = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <ref name="client_handle"/> </element> </define> - <!-- <certificate/> element --> - <define name="certificate_query" combine="choice"> - <element name="certificate"> - <attribute name="action"> - <value>publish</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - <ref name="base64"/> - </element> + <!-- <report_error/> element --> + <define name="error"> + <data type="token"> + <param name="maxLength">1024</param> + </data> </define> - <define name="certificate_reply" combine="choice"> - <element name="certificate"> - <attribute name="action"> - <value>publish</value> - </attribute> + <define name="report_error_reply"> + <element name="report_error"> <optional> <ref name="tag"/> </optional> - <ref name="uri"/> - </element> - </define> - <define name="certificate_query" combine="choice"> - <element name="certificate"> - <attribute name="action"> - <value>withdraw</value> + <attribute name="error_code"> + <ref name="error"/> </attribute> <optional> - <ref name="tag"/> + <data type="string"> + <param name="maxLength">512000</param> + </data> </optional> - <ref name="uri"/> </element> </define> - <define name="certificate_reply" combine="choice"> - <element name="certificate"> - <attribute name="action"> - <value>withdraw</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - </element> +</grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + comment-start: "# " + comment-start-skip: "#[ \t]*" + End: +--> +''') + +## @var publication +## Parsed RelaxNG publication schema +publication = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> +<!-- + $Id: publication.rnc 5896 2014-07-15 19:34:32Z sra $ + + RelaxNG schema for RPKI publication protocol, from current I-D. + + Copyright (c) 2014 IETF Trust and the persons identified as authors + of the code. All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + * Neither the name of Internet Society, IETF or IETF Trust, nor the + names of specific contributors, may be used to endorse or promote + products derived from this software without specific prior written + permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +--> +<grammar ns="http://www.hactrn.net/uris/rpki/publication-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> + <!-- This is version 3 of the protocol. --> + <define name="version"> + <value>3</value> </define> - <!-- <crl/> element --> - <define name="crl_query" combine="choice"> - <element name="crl"> - <attribute name="action"> - <value>publish</value> + <!-- Top level PDU is either a query or a reply. --> + <start combine="choice"> + <element name="msg"> + <attribute name="version"> + <ref name="version"/> </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - <ref name="base64"/> - </element> - </define> - <define name="crl_reply" combine="choice"> - <element name="crl"> - <attribute name="action"> - <value>publish</value> + <attribute name="type"> + <value>query</value> </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> + <zeroOrMore> + <ref name="query_elt"/> + </zeroOrMore> </element> - </define> - <define name="crl_query" combine="choice"> - <element name="crl"> - <attribute name="action"> - <value>withdraw</value> + </start> + <start combine="choice"> + <element name="msg"> + <attribute name="version"> + <ref name="version"/> </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - </element> - </define> - <define name="crl_reply" combine="choice"> - <element name="crl"> - <attribute name="action"> - <value>withdraw</value> + <attribute name="type"> + <value>reply</value> </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> + <zeroOrMore> + <ref name="reply_elt"/> + </zeroOrMore> </element> + </start> + <!-- PDUs allowed in queries and replies. --> + <define name="query_elt"> + <choice> + <ref name="publish_query"/> + <ref name="withdraw_query"/> + <ref name="list_query"/> + </choice> </define> - <!-- <manifest/> element --> - <define name="manifest_query" combine="choice"> - <element name="manifest"> - <attribute name="action"> - <value>publish</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - <ref name="base64"/> - </element> + <define name="reply_elt"> + <choice> + <ref name="publish_reply"/> + <ref name="withdraw_reply"/> + <ref name="list_reply"/> + <ref name="report_error_reply"/> + </choice> </define> - <define name="manifest_reply" combine="choice"> - <element name="manifest"> - <attribute name="action"> - <value>publish</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - </element> + <!-- Tag attributes for bulk operations. --> + <define name="tag"> + <attribute name="tag"> + <data type="token"> + <param name="maxLength">1024</param> + </data> + </attribute> </define> - <define name="manifest_query" combine="choice"> - <element name="manifest"> - <attribute name="action"> - <value>withdraw</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - </element> + <!-- Base64 encoded DER stuff. --> + <define name="base64"> + <data type="base64Binary"/> </define> - <define name="manifest_reply" combine="choice"> - <element name="manifest"> - <attribute name="action"> - <value>withdraw</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - </element> + <!-- Publication URIs. --> + <define name="uri"> + <attribute name="uri"> + <data type="anyURI"> + <param name="maxLength">4096</param> + </data> + </attribute> </define> - <!-- <roa/> element --> - <define name="roa_query" combine="choice"> - <element name="roa"> - <attribute name="action"> - <value>publish</value> - </attribute> - <optional> - <ref name="tag"/> - </optional> - <ref name="uri"/> - <ref name="base64"/> - </element> + <!-- Digest of objects being withdrawn --> + <define name="hash"> + <attribute name="hash"> + <data type="string"> + <param name="pattern">[0-9a-fA-F]+</param> + </data> + </attribute> </define> - <define name="roa_reply" combine="choice"> - <element name="roa"> - <attribute name="action"> - <value>publish</value> - </attribute> + <!-- Error codes. --> + <define name="error"> + <data type="token"> + <param name="maxLength">1024</param> + </data> + </define> + <!-- <publish/> element --> + <define name="publish_query"> + <element name="publish"> <optional> <ref name="tag"/> </optional> <ref name="uri"/> - </element> - </define> - <define name="roa_query" combine="choice"> - <element name="roa"> - <attribute name="action"> - <value>withdraw</value> - </attribute> <optional> - <ref name="tag"/> + <ref name="hash"/> </optional> - <ref name="uri"/> + <ref name="base64"/> </element> </define> - <define name="roa_reply" combine="choice"> - <element name="roa"> - <attribute name="action"> - <value>withdraw</value> - </attribute> + <define name="publish_reply"> + <element name="publish"> <optional> <ref name="tag"/> </optional> <ref name="uri"/> </element> </define> - <!-- <ghostbuster/> element --> - <define name="ghostbuster_query" combine="choice"> - <element name="ghostbuster"> - <attribute name="action"> - <value>publish</value> - </attribute> + <!-- <withdraw/> element --> + <define name="withdraw_query"> + <element name="withdraw"> <optional> <ref name="tag"/> </optional> <ref name="uri"/> - <ref name="base64"/> + <ref name="hash"/> </element> </define> - <define name="ghostbuster_reply" combine="choice"> - <element name="ghostbuster"> - <attribute name="action"> - <value>publish</value> - </attribute> + <define name="withdraw_reply"> + <element name="withdraw"> <optional> <ref name="tag"/> </optional> <ref name="uri"/> </element> </define> - <define name="ghostbuster_query" combine="choice"> - <element name="ghostbuster"> - <attribute name="action"> - <value>withdraw</value> - </attribute> + <!-- <list/> element --> + <define name="list_query"> + <element name="list"> <optional> <ref name="tag"/> </optional> - <ref name="uri"/> </element> </define> - <define name="ghostbuster_reply" combine="choice"> - <element name="ghostbuster"> - <attribute name="action"> - <value>withdraw</value> - </attribute> + <define name="list_reply"> + <element name="list"> <optional> <ref name="tag"/> </optional> <ref name="uri"/> + <ref name="hash"/> </element> </define> <!-- <report_error/> element --> - <define name="error"> - <data type="token"> - <param name="maxLength">1024</param> - </data> - </define> <define name="report_error_reply"> <element name="report_error"> <optional> @@ -2066,7 +1972,7 @@ publication = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> ## Parsed RelaxNG router_certificate schema router_certificate = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: router-certificate-schema.rnc 5757 2014-04-05 22:42:12Z sra $ + $Id: router-certificate.rnc 5881 2014-07-03 16:55:02Z sra $ RelaxNG schema for BGPSEC router certificate interchange format. @@ -2164,11 +2070,178 @@ router_certificate = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> --> ''') +## @var rrdp +## Parsed RelaxNG rrdp schema +rrdp = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> +<!-- + $Id: rrdp.rnc 5888 2014-07-09 05:39:54Z sra $ + + RelaxNG schema for RPKI Repository Delta Protocol (RRDP). + + Copyright (C) 2014 Dragon Research Labs ("DRL") + + Permission to use, copy, modify, and distribute this software for any + purpose with or without fee is hereby granted, provided that the above + copyright notice and this permission notice appear in all copies. + + THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH + REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS. IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT, + INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + PERFORMANCE OF THIS SOFTWARE. +--> +<grammar ns="http://www.ripe.net/rpki/rrdp" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> + <define name="version"> + <data type="positiveInteger"> + <param name="maxInclusive">1</param> + </data> + </define> + <define name="serial"> + <data type="nonNegativeInteger"/> + </define> + <define name="uri"> + <data type="anyURI"/> + </define> + <define name="uuid"> + <data type="string"> + <param name="pattern">[\-0-9a-fA-F]+</param> + </data> + </define> + <define name="hash"> + <data type="string"> + <param name="pattern">[0-9a-fA-F]+</param> + </data> + </define> + <define name="base64"> + <data type="base64Binary"/> + </define> + <!-- Notification file: lists current snapshots and deltas --> + <start combine="choice"> + <element name="notification"> + <attribute name="version"> + <ref name="version"/> + </attribute> + <attribute name="session_id"> + <ref name="uuid"/> + </attribute> + <attribute name="serial"> + <ref name="serial"/> + </attribute> + <element name="snapshot"> + <attribute name="uri"> + <ref name="uri"/> + </attribute> + <attribute name="hash"> + <ref name="hash"/> + </attribute> + </element> + <zeroOrMore> + <element name="delta"> + <attribute name="from"> + <ref name="serial"/> + </attribute> + <attribute name="to"> + <ref name="serial"/> + </attribute> + <attribute name="uri"> + <ref name="uri"/> + </attribute> + <attribute name="hash"> + <ref name="hash"/> + </attribute> + </element> + </zeroOrMore> + </element> + </start> + <!-- Snapshot segment: think DNS AXFR. --> + <start combine="choice"> + <element name="snapshot"> + <attribute name="version"> + <ref name="version"/> + </attribute> + <attribute name="session_id"> + <ref name="uuid"/> + </attribute> + <attribute name="serial"> + <ref name="serial"/> + </attribute> + <zeroOrMore> + <element name="publish"> + <attribute name="uri"> + <ref name="uri"/> + </attribute> + <ref name="base64"/> + </element> + </zeroOrMore> + </element> + </start> + <!-- Delta segment: think DNS IXFR. --> + <start combine="choice"> + <element name="deltas"> + <attribute name="version"> + <ref name="version"/> + </attribute> + <attribute name="session_id"> + <ref name="uuid"/> + </attribute> + <attribute name="from"> + <ref name="serial"/> + </attribute> + <attribute name="to"> + <ref name="serial"/> + </attribute> + <oneOrMore> + <element name="delta"> + <attribute name="serial"> + <ref name="serial"/> + </attribute> + <oneOrMore> + <ref name="delta_element"/> + </oneOrMore> + </element> + </oneOrMore> + </element> + </start> + <define name="delta_element" combine="choice"> + <element name="publish"> + <attribute name="uri"> + <ref name="uri"/> + </attribute> + <optional> + <attribute name="hash"> + <ref name="hash"/> + </attribute> + </optional> + <ref name="base64"/> + </element> + </define> + <define name="delta_element" combine="choice"> + <element name="withdraw"> + <attribute name="uri"> + <ref name="uri"/> + </attribute> + <attribute name="hash"> + <ref name="hash"/> + </attribute> + </element> + </define> +</grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + comment-start: "# " + comment-start-skip: "#[ \t]*" + End: +--> +''') + ## @var up_down ## Parsed RelaxNG up_down schema up_down = RelaxNGParser(r'''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: up-down-schema.rnc 5757 2014-04-05 22:42:12Z sra $ + $Id: up-down.rnc 5881 2014-07-03 16:55:02Z sra $ RelaxNG schema for the up-down protocol, extracted from RFC 6492. |