diff options
Diffstat (limited to 'rpkid/rpki')
| -rw-r--r-- | rpkid/rpki/gui/app/glue.py | 140 |
1 files changed, 84 insertions, 56 deletions
diff --git a/rpkid/rpki/gui/app/glue.py b/rpkid/rpki/gui/app/glue.py index 687af268..c796c148 100644 --- a/rpkid/rpki/gui/app/glue.py +++ b/rpkid/rpki/gui/app/glue.py @@ -28,17 +28,22 @@ from rpki.gui.app import models, settings def confpath(*handle): """ - Return the absolute pathname to the configuration directory for - the given resource handle. If additional arguments are given, they - are taken to mean files/subdirectories. + Return the absolute pathname to the configuration directory for the + given resource handle. If additional arguments are given, they are + taken to mean files/subdirectories relative to the configuration + directory. + """ argv = [ settings.CONFDIR ] argv.extend(handle) return os.path.join(*argv) def read_file_from_handle(handle, fname): - """read a filename relative to the directory for the given resource handle. returns - a tuple of (content, mtime)""" + """ + read a filename relative to the directory for the given resource + handle. returns a tuple of (content, mtime) + + """ with open(confpath(handle, fname), 'r') as fp: data = fp.read() mtime = os.fstat(fp.fileno())[stat.ST_MTIME] @@ -47,21 +52,21 @@ def read_file_from_handle(handle, fname): read_identity = lambda h: read_file_from_handle(h, 'entitydb/identity.xml')[0] def output_asns(path, handle): - '''Write out csv file containing asns delegated to my children.''' + """Write out csv file containing asns delegated to my children.""" qs = models.Asn.objects.filter(lo=F('hi'), allocated__in=handle.children.all()) w = rpki.myrpki.csv_writer(path) w.writerows([asn.allocated.handle, asn.lo] for asn in qs) w.close() def output_prefixes(path, handle): - '''Write out csv file containing prefixes delegated to my children.''' + """Write out csv file containing prefixes delegated to my children.""" qs = models.AddressRange.objects.filter(allocated__in=handle.children.all()) w = rpki.myrpki.csv_writer(path) w.writerows([p.allocated.handle, p.as_resource_range()] for p in qs) w.close() def output_roas(path, handle): - '''Write out csv file containing my roas.''' + """Write out csv file containing my roas.""" qs = models.RoaRequest.objects.filter(roa__in=handle.roas.all()) w = rpki.myrpki.csv_writer(path) w.writerows([req.as_roa_prefix(), req.roa.asn, @@ -77,6 +82,7 @@ def build_rpkid_caller(cfg, verbose=False): Returns a function suitable for calling rpkid using the configuration information specified in the rpki.config.parser object. + """ bpki_servers_dir = cfg.get("bpki_servers_directory") if not bpki_servers_dir.startswith('/'): @@ -111,9 +117,7 @@ def build_pubd_caller(cfg): url = pubd_base + "control")) def ghostbuster_to_vcard(gbr): - """ - Convert a Ghostbuster object into a vCard object. - """ + """Convert a Ghostbuster object into a vCard object.""" import vobject vcard = vobject.vCard() @@ -139,11 +143,13 @@ def ghostbuster_to_vcard(gbr): return vcard.serialize() def qualify_path(pfx, fname): - """ - Ensure 'path' is an absolute filename. - """ + """Ensure 'path' is an absolute filename.""" return fname if fname.startswith('/') else os.path.join(pfx, fname) +def get_system_config(): + """Returns an rpki.config.parser object for the system rpki.conf.""" + return rpki.config.parser(section='myrpki') + def configure_resources(log, handle): """ This function should be called when resources for this resource @@ -153,10 +159,16 @@ def configure_resources(log, handle): For backwards compatability (and backups), it also writes the csv files for use with the myrpki.py command line script. - """ + """ path = confpath(handle.handle) - cfg = rpki.config.parser(os.path.join(path, 'rpki.conf'), 'myrpki') + + # Read rpki.conf to determine the paths for the csv files. + if handle.host: + cfg = rpki.config.parser(os.path.join(path, 'rpki.conf'), section='myrpki') + else: + # Use the system rpki.conf for the self-hosted handle. + cfg = get_system_config() output_asns(qualify_path(path, cfg.get('asn_csv')), handle) output_prefixes(qualify_path(path, cfg.get('prefix_csv')), handle) @@ -187,7 +199,7 @@ def configure_resources(log, handle): else: v6.append(rng) - # convert from datetime.datetime to rpki.sundial.datetime + # Convert from datetime.datetime to rpki.sundial.datetime valid_until = rpki.sundial.datetime.fromdatetime(child.valid_until) children.append((child.handle, asns, v4, v6, valid_until)) @@ -201,24 +213,23 @@ def configure_resources(log, handle): else: ghostbusters.append((None, vcard)) - # for hosted handles, get the config for the irdbd/rpkid host + # For hosted handles, get the config for the irdbd/rpkid host, which + # contains the information needed to talk to the daemons. if handle.host: - cfg = rpki.config.parser(confpath(handle.host.handle, 'rpki.conf'), 'myrpki') + cfg = get_system_config() irdb = rpki.myrpki.IRDB(cfg) irdb.update(handle, roa_requests, children, ghostbusters) irdb.close() - # contact rpkid to request immediate update + # Contact rpkid to request immediate update. call_rpkid = build_rpkid_caller(cfg) call_rpkid(rpki.left_right.self_elt.make_pdu(action='set', self_handle=handle.handle, run_now=True)) def list_received_resources(log, conf): - "Query rpkid for this resource handle's children and received resources." - - # if this handle is hosted, get the cfg for the host - rpki_conf = conf.host if conf.host else conf - cfg = rpki.config.parser(confpath(rpki_conf.handle, 'rpki.conf'), 'myrpki') + """Query rpkid for this resource handle's children and received resources.""" + # always use the system rpki.conf for talking to the daemons + cfg = get_system_config() call_rpkid = build_rpkid_caller(cfg) pdus = call_rpkid(rpki.left_right.list_received_resources_elt.make_pdu(self_handle=conf.handle), rpki.left_right.child_elt.make_pdu(action="list", self_handle=conf.handle), @@ -307,6 +318,7 @@ def config_from_template(dest, a): Create a new rpki.conf file from a generic template. Go line by line through the template and substitute directives from the dictionary 'a'. + """ with open(dest, 'w') as f: for r in open(settings.RPKI_CONF_TEMPLATE): @@ -322,26 +334,36 @@ def config_from_template(dest, a): class Myrpki(rpki.myrpki.main): """ - wrapper around rpki.myrpki.main to force the config file to what i want, + Wrapper around rpki.myrpki.main to force the config file to what I want, and avoid cli arg parsing. + """ def __init__(self, handle): self.cfg_file = confpath(handle, 'rpki.conf') self.read_config() +def get_myrpki(conf): + """ + Return a rpki.myrpki.main() or subclass thereof depending on + whether the 'conf' argument refers to the rpki host, or to a + hosted conf. When refering to a hosted conf, we use the wrapper + subclass to force use of the stub rpki.conf located in the conf + directory. For the rpkid host, we use the system rpki.conf. + + """ + return Myrpki(conf.handle) if conf.host else rpki.myrpki.main() + def configure_daemons(log, conf, m): if conf.host: m.configure_resources_main() - host = Myrpki(conf.host.handle) + host = get_myrpki(conf.host) host.do_configure_daemons(m.cfg.get('xml_filename')) else: m.do_configure_daemons('') def initialize_handle(log, handle, host, owner=None, commit=True): - """ - Create a new Conf object for this user. - """ + """Create a new Conf object for this user.""" print >>log, "initializing new resource handle %s" % handle qs = models.Conf.objects.filter(handle=handle) @@ -353,28 +375,35 @@ def initialize_handle(log, handle, host, owner=None, commit=True): else: conf = qs[0] - # create the config directory if it doesn't already exist + # Create the config directory if it doesn't already exist top = confpath(conf.handle) if not os.path.exists(top): os.makedirs(top) cfg_file = confpath(conf.handle, 'rpki.conf') - # create rpki.conf file if it doesn't exist + # Create rpki.conf file if it doesn't exist if not os.path.exists(cfg_file): print >>log, "generating rpki.conf for %s" % conf.handle - config_from_template(cfg_file, { 'handle': conf.handle, - 'configuration_directory': top, 'run_rpkid': 'false'}) - - # create stub csv files + config_from_template(cfg_file, + { + 'handle' : conf.handle, + 'configuration_directory': top, + 'run_rpkid' : 'false', + 'run_pubd' : 'false', + 'run_rootd' : 'false', + 'openssl' : get_system_config().get('openssl') + }) + + # Create stub csv files for f in ('asns', 'prefixes', 'roas'): p = confpath(conf.handle, f + '.csv') if not os.path.exists(p): f = open(p, 'w') f.close() - # load configuration for self - m = Myrpki(conf.handle) + # Load configuration for self + m = get_myrpki(conf) m.do_initialize('') if commit: @@ -385,36 +414,35 @@ def initialize_handle(log, handle, host, owner=None, commit=True): return conf, m def import_child(log, conf, child_handle, xml_file): - """ - Import a child's identity.xml. - """ - m = Myrpki(conf.handle) + """Import a child's identity.xml.""" + m = get_myrpki(conf) m.do_configure_child(xml_file) configure_daemons(log, conf, m) def import_parent(log, conf, parent_handle, xml_file): - m = Myrpki(conf.handle) + m = get_myrpki(conf) m.do_configure_parent(xml_file) configure_daemons(log, conf, m) def import_pubclient(log, conf, xml_file): - m = Myrpki(conf.handle) + m = get_myrpki(conf) m.do_configure_publication_client(xml_file) configure_daemons(log, conf, m) def import_repository(log, conf, xml_file): - m = Myrpki(conf.handle) + m = get_myrpki(conf) m.do_configure_repository(xml_file) configure_daemons(log, conf, m) def create_child(log, parent_conf, child_handle): """ - implements the child create wizard to create a new locally hosted child + Implements the child create wizard to create a new locally hosted child + """ child_conf, child = initialize_handle(log, handle=child_handle, host=parent_conf, commit=False) parent_handle = parent_conf.handle - parent = Myrpki(parent_handle) + parent = get_myrpki(parent_conf) child_identity_xml = os.path.join(child.cfg.get("entitydb_dir"), 'identity.xml') parent_response_xml = os.path.join(parent.cfg.get("entitydb_dir"), 'children', child_handle + '.xml') @@ -460,7 +488,7 @@ def destroy_handle(log, handle): shutil.remove(confpath(handle)) def read_child_response(log, conf, child_handle): - m = Myrpki(conf.handle) + m = get_myrpki(conf) bname = child_handle + '.xml' return open(os.path.join(m.cfg.get('entitydb_dir'), 'children', bname)).read() @@ -471,16 +499,16 @@ def read_child_repo_response(log, conf, child_handle): Note: the current model assumes the publication client is a child of this handle. - """ - m = Myrpki(conf.handle) + """ + m = get_myrpki(conf) return open(os.path.join(m.cfg.get('entitydb_dir'), 'pubclients', '%s.%s.xml' % (conf.handle, child_handle))).read() def update_bpki(log, conf): - m = Myrpki(conf.handle) + m = get_myrpki(conf) - # automatically runs configure_daemons when self-hosted - # otherwise runs configure_resources + # Automatically runs configure_daemons when self-hosted otherwise runs + # configure_resources. m.do_update_bpki('') # when hosted, ship off to rpkid host @@ -488,13 +516,13 @@ def update_bpki(log, conf): configure_daemons(log, conf, m) def delete_child(log, conf, child_handle): - m = Myrpki(conf.handle) + m = get_myrpki(conf) m.do_delete_child(child_handle) configure_daemons(log, conf, m) def delete_parent(log, conf, parent_handle): - m = Myrpki(conf.handle) + m = get_myrpki(conf) m.do_delete_parent(parent_handle) configure_daemons(log, conf, m) -# vim:sw=4 ts=8 expandtab +# vim:sw=4 ts=8 expandtab tw=79 |