diff options
Diffstat (limited to 'rpkid/rpki')
| -rw-r--r-- | rpkid/rpki/gctx.py | 2 | ||||
| -rw-r--r-- | rpkid/rpki/left_right.py | 6 | ||||
| -rw-r--r-- | rpkid/rpki/relaxng.py | 12 | ||||
| -rw-r--r-- | rpkid/rpki/resource_set.py | 38 | ||||
| -rw-r--r-- | rpkid/rpki/sql.py | 17 | ||||
| -rw-r--r-- | rpkid/rpki/up_down.py | 2 | ||||
| -rw-r--r-- | rpkid/rpki/x509.py | 7 |
7 files changed, 43 insertions, 41 deletions
diff --git a/rpkid/rpki/gctx.py b/rpkid/rpki/gctx.py index 64aecd87..4a1282bb 100644 --- a/rpkid/rpki/gctx.py +++ b/rpkid/rpki/gctx.py @@ -79,7 +79,7 @@ class global_context(object): if len(r_msg) == 0 or not isinstance(r_msg[0], rpki.left_right.list_resources_elt) or r_msg[0].type != "reply": raise rpki.exceptions.BadIRDBReply, "Unexpected response to IRDB query: %s" % lxml.etree.tostring(r_msg.toXML(), pretty_print = True, encoding = "us-ascii") return rpki.resource_set.resource_bag( - as = r_msg[0].as, + asn = r_msg[0].asn, v4 = r_msg[0].ipv4, v6 = r_msg[0].ipv6, valid_until = r_msg[0].valid_until) diff --git a/rpkid/rpki/left_right.py b/rpkid/rpki/left_right.py index 7e7a7745..e9bb7a92 100644 --- a/rpkid/rpki/left_right.py +++ b/rpkid/rpki/left_right.py @@ -1038,7 +1038,7 @@ class list_resources_elt(base_elt): """<list_resources/> element.""" element_name = "list_resources" - attributes = ("type", "self_id", "tag", "child_id", "valid_until", "as", "ipv4", "ipv6", "subject_name") + attributes = ("type", "self_id", "tag", "child_id", "valid_until", "asn", "ipv4", "ipv6", "subject_name") valid_until = None def startElement(self, stack, name, attrs): @@ -1047,8 +1047,8 @@ class list_resources_elt(base_elt): self.read_attrs(attrs) if isinstance(self.valid_until, str): self.valid_until = rpki.sundial.datetime.fromXMLtime(self.valid_until) - if self.as is not None: - self.as = rpki.resource_set.resource_set_as(self.as) + if self.asn is not None: + self.asn = rpki.resource_set.resource_set_as(self.asn) if self.ipv4 is not None: self.ipv4 = rpki.resource_set.resource_set_ipv4(self.ipv4) if self.ipv6 is not None: diff --git a/rpkid/rpki/relaxng.py b/rpkid/rpki/relaxng.py index e953b3d9..de1bbb36 100644 --- a/rpkid/rpki/relaxng.py +++ b/rpkid/rpki/relaxng.py @@ -959,7 +959,7 @@ left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" enc </attribute> </optional> <optional> - <attribute name="as"> + <attribute name="asn"> <ref name="asn_list"/> </attribute> </optional> @@ -995,6 +995,11 @@ left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" enc </element> </define> </grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + End: +--> ''')) ## @var up_down @@ -1244,4 +1249,9 @@ up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodi </optional> </define> </grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + End: +--> ''')) diff --git a/rpkid/rpki/resource_set.py b/rpkid/rpki/resource_set.py index 2b050ad3..cd8a68d6 100644 --- a/rpkid/rpki/resource_set.py +++ b/rpkid/rpki/resource_set.py @@ -323,7 +323,7 @@ class resource_set_as(resource_set): range_type = resource_range_as def parse_str(self, x): - """Parse AS resource sets from text (eg, XML attributes).""" + """Parse ASN resource sets from text (eg, XML attributes).""" r = re.match("^([0-9]+)-([0-9]+)$", x) if r: return resource_range_as(long(r.group(1)), long(r.group(2))) @@ -331,7 +331,7 @@ class resource_set_as(resource_set): return resource_range_as(long(x), long(x)) def parse_rfc3779_tuple(self, x): - """Parse AS resource from tuple format generated by RFC 3779 ASN.1 decoder.""" + """Parse ASN resource from tuple format generated by RFC 3779 ASN.1 decoder.""" if x[0] == "asIdsOrRanges": for aor in x[1]: if aor[0] == "range": @@ -346,7 +346,7 @@ class resource_set_as(resource_set): self.inherit = True def to_rfc3779_tuple(self): - """Convert AS resource set into tuple format used for RFC 3779 ASN.1 encoding.""" + """Convert ASN resource set into tuple format used for RFC 3779 ASN.1 encoding.""" if self: return ("asIdsOrRanges", tuple(a.to_rfc3779_tuple() for a in self)) elif self.inherit: @@ -448,11 +448,11 @@ def _long2bs(number, addrlen, prefixlen = None, strip = None): return tuple(bs) class resource_bag(object): - """Container to simplify passing around the usual triple of AS, + """Container to simplify passing around the usual triple of ASN, IPv4, and IPv6 resource sets. """ - ## @var as + ## @var asn # Set of Autonomous System Number resources. ## @var v4 @@ -464,35 +464,35 @@ class resource_bag(object): ## @var valid_until # Expiration date of resources, for setting certificate notAfter field. - def __init__(self, as = None, v4 = None, v6 = None, valid_until = None): - self.as = as or resource_set_as() + def __init__(self, asn = None, v4 = None, v6 = None, valid_until = None): + self.asn = asn or resource_set_as() self.v4 = v4 or resource_set_ipv4() self.v6 = v6 or resource_set_ipv6() self.valid_until = valid_until def oversized(self, other): """True iff self is oversized with respect to other.""" - return not self.as.issubset(other.as) or \ + return not self.asn.issubset(other.asn) or \ not self.v4.issubset(other.v4) or \ not self.v6.issubset(other.v6) def undersized(self, other): """True iff self is undersized with respect to other.""" - return not other.as.issubset(self.as) or \ + return not other.asn.issubset(self.asn) or \ not other.v4.issubset(self.v4) or \ not other.v6.issubset(self.v6) @classmethod def from_rfc3779_tuples(cls, exts): """Build a resource_bag from intermediate form generated by RFC 3779 ASN.1 decoder.""" - as = None + asn = None v4 = None v6 = None for x in exts: if x[0] == rpki.oids.name2oid["sbgp-autonomousSysNum"]: # assert len(x[2]) == 1 or x[2][1] is None, "RDI not implemented: %s" % (str(x)) - assert as is None - as = resource_set_as(x[2][0]) + assert asn is None + asn = resource_set_as(x[2][0]) if x[0] == rpki.oids.name2oid["sbgp-ipAddrBlock"]: for fam in x[2]: if fam[0] == resource_set_ipv4.afi: @@ -501,14 +501,14 @@ class resource_bag(object): if fam[0] == resource_set_ipv6.afi: assert v6 is None v6 = resource_set_ipv6(fam[1]) - return cls(as, v4, v6) + return cls(asn, v4, v6) def empty(self): """Return True iff all resource sets in this bag are empty.""" - return not self.as and not self.v4 and not self.v6 + return not self.asn and not self.v4 and not self.v6 def __eq__(self, other): - return self.as == other.as and \ + return self.asn == other.asn and \ self.v4 == other.v4 and \ self.v6 == other.v6 and \ self.valid_until == other.valid_until @@ -520,7 +520,7 @@ class resource_bag(object): """Compute intersection with another resource_bag. valid_until attribute (if any) inherits from self. """ - return self.__class__(self.as.intersection(other.as), + return self.__class__(self.asn.intersection(other.asn), self.v4.intersection(other.v4), self.v6.intersection(other.v6), self.valid_until) @@ -529,15 +529,15 @@ class resource_bag(object): """Compute union with another resource_bag. valid_until attribute (if any) inherits from self. """ - return self.__class__(self.as.union(other.as), + return self.__class__(self.asn.union(other.asn), self.v4.union(other.v4), self.v6.union(other.v6), self.valid_until) def __str__(self): s = "" - if self.as: - s += "AS: %s" % self.as + if self.asn: + s += "ASN: %s" % self.asn if self.v4: if s: s += ", " diff --git a/rpkid/rpki/sql.py b/rpkid/rpki/sql.py index 791bc7d8..35cdeb05 100644 --- a/rpkid/rpki/sql.py +++ b/rpkid/rpki/sql.py @@ -368,17 +368,10 @@ class ca_obj(sql_persistant): return self.last_crl_sn def rekey(self): - """Initiate a rekey operation for this ca. - - Tasks: - - - Generate a new keypair. - - - Request cert from parent using new keypair. - - - Mark result as our active ca_detail. - - - Reissue all child certs issued by this ca using the new ca_detail. + """Initiate a rekey operation for this ca. Generate a new + keypair. Request cert from parent using new keypair. Mark result + as our active ca_detail. Reissue all child certs issued by this + ca using the new ca_detail. """ rpki.log.trace() @@ -596,7 +589,7 @@ class ca_detail_obj(sql_persistant): """Generate a new manifest certificate for this ca_detail.""" resources = rpki.resource_set.resource_bag( - as = rpki.resource_set.resource_set_as("<inherit>"), + asn = rpki.resource_set.resource_set_as("<inherit>"), v4 = rpki.resource_set.resource_set_ipv4("<inherit>"), v6 = rpki.resource_set.resource_set_ipv6("<inherit>")) diff --git a/rpkid/rpki/up_down.py b/rpkid/rpki/up_down.py index 2de62a56..fb7def4d 100644 --- a/rpkid/rpki/up_down.py +++ b/rpkid/rpki/up_down.py @@ -172,7 +172,7 @@ class class_elt(base_elt): def from_resource_bag(self, bag): """Set resources of this class element from a resource_bag.""" - self.resource_set_as = bag.as + self.resource_set_as = bag.asn self.resource_set_ipv4 = bag.v4 self.resource_set_ipv6 = bag.v6 self.resource_set_notafter = bag.valid_until diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py index 22b57c4d..09238370 100644 --- a/rpkid/rpki/x509.py +++ b/rpkid/rpki/x509.py @@ -372,8 +372,8 @@ class X509(DER_object): else: assert not is_ca - if resources is not None and resources.as: - exts.append(["sbgp-autonomousSysNum", True, (resources.as.to_rfc3779_tuple(), None)]) + if resources is not None and resources.asn: + exts.append(["sbgp-autonomousSysNum", True, (resources.asn.to_rfc3779_tuple(), None)]) if resources is not None and (resources.v4 or resources.v6): exts.append(["sbgp-ipAddrBlock", True, [x for x in (resources.v4.to_rfc3779_tuple(), resources.v6.to_rfc3779_tuple()) if x is not None]]) @@ -709,8 +709,7 @@ class CMS_object(DER_object): dbg = self.dumpasn1() else: dbg = cms.pprint() - print "CMS verification failed, dumping ASN.1 (%d octets):\n%s" \ - % (len(self.get_DER()), dbg) + print "CMS verification failed, dumping ASN.1 (%d octets):\n%s" % (len(self.get_DER()), dbg) raise rpki.exceptions.CMSVerificationFailed, "CMS verification failed" self.decode(content) |