diff options
Diffstat (limited to 'rpkid/tests')
41 files changed, 0 insertions, 8178 deletions
diff --git a/rpkid/tests/Makefile.in b/rpkid/tests/Makefile.in deleted file mode 100644 index b63e8dc3..00000000 --- a/rpkid/tests/Makefile.in +++ /dev/null @@ -1,91 +0,0 @@ -# $Id$ - -PYTHON = @PYTHON@ -abs_top_builddir = @abs_top_builddir@ - -all: protocol-samples - -clean: - rm -rf smoketest.dir left-right-protocol-samples publication-protocol-samples yamltest.dir rcynic.xml rcynic-data - -protocol-samples: left-right-protocol-samples/.stamp publication-protocol-samples/.stamp - -left-right-protocol-samples/.stamp: left-right-protocol-samples.xml split-protocol-samples.xsl - rm -rf left-right-protocol-samples - mkdir left-right-protocol-samples - xsltproc --param verbose 0 --stringparam dir left-right-protocol-samples split-protocol-samples.xsl left-right-protocol-samples.xml - touch $@ - -publication-protocol-samples/.stamp: publication-protocol-samples.xml split-protocol-samples.xsl - rm -rf publication-protocol-samples - mkdir publication-protocol-samples - xsltproc --param verbose 0 --stringparam dir publication-protocol-samples split-protocol-samples.xsl publication-protocol-samples.xml - touch $@ - -parse-test: protocol-samples - ${PYTHON} xml-parse-test.py - -all-tests:: parse-test - -all-tests:: - ${PYTHON} smoketest.py smoketest.1.yaml - -all-tests:: - ${PYTHON} smoketest.py smoketest.2.yaml - -test all-tests:: - ${PYTHON} smoketest.py smoketest.3.yaml - -all-tests:: - ${PYTHON} smoketest.py smoketest.4.yaml - -all-tests:: - ${PYTHON} smoketest.py smoketest.5.yaml - -test all-tests:: - ${PYTHON} smoketest.py smoketest.6.yaml - -all-tests:: - ${PYTHON} smoketest.py smoketest.7.yaml - -profile: all - find smoketest.dir -name '*.prof' -delete - ${PYTHON} smoketest.py smoketest.2.yaml -p - for i in smoketest.dir/*.prof; do ${PYTHON} -c "import pstats;pstats.Stats('$$i').sort_stats('time').print_stats()"; done - -# This isn't a full exercise of the yamltest framework, but is -# probably as good as we can do under make. - -YAMLTEST_CONFIG = smoketest.1.yaml - -yamltest: - rm -rf yamltest.dir rcynic-data - ${PYTHON} sql-cleaner.py - ${PYTHON} yamltest.py ${YAMLTEST_CONFIG} - -YAMLCONF_CONFIG = ${YAMLTEST_CONFIG} - -yamlconf: - rm -rf yamltest.dir rcynic-data - ${PYTHON} sql-cleaner.py - ${PYTHON} yamlconf.py --loopback ${YAMLCONF_CONFIG} - @echo - ${PYTHON} yamltest.py --skip_config --synchronize ${YAMLCONF_CONFIG} - -yamltest-resume yamlconf-resume: - ${PYTHON} yamltest.py --skip_config ${YAMLCONF_CONFIG} - -yamlconf-profile: - rm -rf yamltest.dir rcynic-data - ${PYTHON} sql-cleaner.py - ${PYTHON} yamlconf.py --loopback --profile yamlconf.prof ${YAMLCONF_CONFIG} - @echo - ${PYTHON} yamltest.py --skip_config --synchronize --profile ${YAMLCONF_CONFIG} - -backup: - ${PYTHON} sql-dumper.py - tar cvvJf yamltest.backup.$$(TZ='' date +%Y.%m.%d.%H.%M.%S).txz screenlog.* yamltest.dir backup.*.sql - rm backup.*.sql - -distclean: clean - rm -f rcynic.xml Makefile diff --git a/rpkid/tests/left-right-protocol-samples.xml b/rpkid/tests/left-right-protocol-samples.xml deleted file mode 100644 index 7b97386d..00000000 --- a/rpkid/tests/left-right-protocol-samples.xml +++ /dev/null @@ -1,1093 +0,0 @@ -<!-- -*- SGML -*- - - $Id$ - - - - Copyright (C) 2010 Internet Systems Consortium ("ISC") - - - - Permission to use, copy, modify, and distribute this software for any - - purpose with or without fee is hereby granted, provided that the above - - copyright notice and this permission notice appear in all copies. - - - - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH - - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, - - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - - PERFORMANCE OF THIS SOFTWARE. - - - - Portions copyright (C) 2007-2008 American Registry for Internet Numbers ("ARIN") - - - - Permission to use, copy, modify, and distribute this software for any - - purpose with or without fee is hereby granted, provided that the above - - copyright notice and this permission notice appear in all copies. - - - - THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH - - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - - AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, - - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - - PERFORMANCE OF THIS SOFTWARE. - - - - - - This is a collection of sample left-right protocol PDU samples - - to use as test cases for the left-right protocol RelaxNG schema. - --> - -<completely_gratuitous_wrapper_element_to_let_me_run_this_through_xmllint> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="create" tag="a000" self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="create" tag="a000" self_handle="42"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="set" self_handle="42" - rekey="yes" - reissue="yes" - revoke="yes" - run_now="yes" - publish_world_now="yes" - crl_interval="3600" - regen_margin="86400" - use_hsm="no"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </self> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="set" self_handle="42"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="get" self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="get" self_handle="42"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </self> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="list"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="list" self_handle="42"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </self> - <self action="list" self_handle="99"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="destroy" self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <self action="destroy" self_handle="42"/> - </msg> - - <!-- ==== --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="create" self_handle="42" bsc_handle="17" - generate_keypair="yes" - key_type="rsa" - hash_alg="sha256" - key_length="2048"> - <signing_cert> - MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV - BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda - Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp - Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd - IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr - 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn - 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v - 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht - O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT - 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s - vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G - CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk - ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu - ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO - jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO - vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/ - 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S - </signing_cert> - </bsc> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="create" self_handle="42" bsc_handle="17"> - <pkcs10_request>cmVxdWVzdAo=</pkcs10_request> - </bsc> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="set" self_handle="42" bsc_handle="17"> - <signing_cert> - MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV - BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda - Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp - Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd - IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr - 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn - 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v - 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht - O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT - 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s - vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G - CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk - ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu - ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO - jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO - vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/ - 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S - </signing_cert> - <signing_cert_crl> - MIIBfjBoAgEBMA0GCSqGSIb3DQEBCwUAMCYxJDAiBgNVBAMTG1Rlc3QgQ2VydGlm - aWNhdGUgUklSIFNFTEYtMRcNMDgwNTAxMDQ1MjAxWhcNMDgwNTMxMDQ1MjAxWqAO - MAwwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADggEBACTbbaYh+f4EtXFIKPwH - K2NYq/MrhE2BnHDyA43siryddtac1E2bOtXPkC74nY5yGm4wZU07qPovJNGu1McG - J2hV2uUyAN00lJU3EikrS1ewz7vqjINar1ZUMDkh0wMYKLB9S8SdwNvCf1vcjshz - yasBRse9PCH1R0bmDaP8FZM47P55dKiijaN87HQKyZPOExFslnWH+Nr+mAF1xost - pwGcc3jreVZWbtQ2RdUDJYcNrSSCH8JYqd5ZgAYcE53xxy43rKcULz054GDFcS/B - rprwJgfrjkPttAl80cfrVOUl77ZFfFxzOeHCmQMl9VSoCxmWvnBCBBO4H7meJ7NO - gyc= - </signing_cert_crl> - </bsc> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="set" self_handle="42" bsc_handle="17"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="get" self_handle="42" bsc_handle="17"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="get" self_handle="42" bsc_handle="17"> - <signing_cert> - MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV - BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda - Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp - Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd - IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr - 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn - 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v - 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht - O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT - 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s - vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G - CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk - ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu - ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO - jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO - vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/ - 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S - </signing_cert> - </bsc> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="list" self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="get" self_handle="42" bsc_handle="17"> - <signing_cert> - MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV - BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda - Fw0wNzA4MzExOTUzMDdaMCQxIjAgBgNVBAMTGVRlc3QgQ2VydGlmaWNhdGUgQWxp - Y2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmLngkGT5kWsXd - IgLeV+5zNvcDt0+D4cds1cu+bw6Y/23z1+ooA8fU1gXQ28bl6ELM8WRLHgcntqzr - 5UX6S1xPdNfFYt8z4E1ZuvwCPsxcSwVdlYRvzAGNQivDpcJ75Mf5DTeDpr6wm7yn - 2pzxvQIet5djOX51RVGA3hOwCbhq2ceHs0ZruWG3T70H3Sa1ZVxP7m0DJlsSZa6v - 3oEeFOKZQlqrgeU74mJyLAGx/fNbIw+UBrvejfjZobIv985vQ06DZ5S2AquQ2bht - O/2bW3yqeOjH98YK0zlOpYtaZ2fyx4JLjHCspoki6+4W9UG+TuqdkB20mRsr25XT - 9kLuwIGZAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF6I4IR33h/s - vOa4Vsw2icPo8TgaMB8GA1UdIwQYMBaAFG9ed1KlOQDyB+k7Yeb8LSjG5FDtMA0G - CSqGSIb3DQEBBQUAA4IBAQDVzBuGyXIq/rfMjoNKIHTUgppkc+FjS02cFASpB5mk - ksSpGWYHMZKlqz47qDi44KAG+kmPIPOT0em81+/VGeY1oizJyKSeNDhNboth5oTu - ShDr4flTQCoYvRxm1wh8WIIg09nwibzGztuV1XxtdzfQV5kK5bMBlDXnUfAYydsO - jc52x5f4tgdcfBhjnMzkCAx2kvw5Wp3NekkOKl5YYnPK++zT9IBwqrqJmsJvyLPO - vvqVBYkoBWRbmcy6wVU8JpYegNNgVRbi6zeAq33gS75m9uy+4z8Ql6DqVF0s/y+/ - 240tLCW62X98EzrALKsxhkqVZCtdc5HSRaOQr0K3I03S - </signing_cert> - </bsc> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="destroy" self_handle="42" bsc_handle="17"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <bsc action="destroy" self_handle="42" bsc_handle="17"/> - </msg> - - <!-- ==== --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="create" self_handle="42" parent_handle="666" - peer_contact_uri="https://re.bar.example/bandicoot/" - sia_base="rsync://repo.foo.example/wombat/" - bsc_handle="17" - repository_handle="120" - sender_name="tweedledee" - recipient_name="tweedledum"> - <bpki_cms_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_cert> - <bpki_cms_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_glue> - </parent> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="create" self_handle="42" parent_handle="666"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="set" self_handle="42" parent_handle="666" - peer_contact_uri="https://re.bar.example/bandicoot/" - sia_base="rsync://repo.foo.example/wombat/" - bsc_handle="17" - repository_handle="120" - rekey="yes" - reissue="yes" - revoke="yes"> - <bpki_cms_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_cert> - <bpki_cms_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_glue> - </parent> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="set" self_handle="42" parent_handle="666"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="get" self_handle="42" parent_handle="666"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="get" self_handle="42" parent_handle="666" - peer_contact_uri="https://re.bar.example/bandicoot/" - sia_base="rsync://repo.foo.example/wombat/" - bsc_handle="17" - repository_handle="120"> - <bpki_cms_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_cert> - <bpki_cms_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_glue> - </parent> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="list" self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="list" self_handle="42" parent_handle="666" - peer_contact_uri="https://re.bar.example/bandicoot/" - sia_base="rsync://repo.foo.example/wombat/" - bsc_handle="17" - repository_handle="120"> - <bpki_cms_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_cert> - <bpki_cms_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cms_glue> - </parent> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="destroy" self_handle="42" - parent_handle="666"/> </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <parent action="destroy" self_handle="42" parent_handle="666"/> - </msg> - - <!-- ==== --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="create" self_handle="42" child_handle="3" - bsc_handle="17"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - </child> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="create" self_handle="42" child_handle="3"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="set" self_handle="42" child_handle="3" - bsc_handle="17" - reissue="yes"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - </child> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="set" self_handle="42" child_handle="3"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="get" self_handle="42" child_handle="3"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="get" self_handle="42" child_handle="3" - bsc_handle="17"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - </child> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="list" self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="list" self_handle="42" child_handle="3" - bsc_handle="17"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - </child> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="destroy" self_handle="42" child_handle="3"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <child action="destroy" self_handle="42" child_handle="3"/> - </msg> - - <!-- ==== --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="create" self_handle="42" repository_handle="120" - peer_contact_uri="https://re.bar.example/bandicoot/" - bsc_handle="17"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </repository> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="create" self_handle="42" repository_handle="120"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="set" self_handle="42" repository_handle="120" - peer_contact_uri="https://re.bar.example/bandicoot/" - bsc_handle="17"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </repository> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="set" self_handle="42" repository_handle="120"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="get" self_handle="42" repository_handle="120"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="get" self_handle="42" repository_handle="120" - peer_contact_uri="https://re.bar.example/bandicoot/" - bsc_handle="17"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </repository> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="list" self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="list" self_handle="42" repository_handle="120" - peer_contact_uri="https://re.bar.example/bandicoot/" - bsc_handle="17"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </repository> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="destroy" self_handle="42" repository_handle="120"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <repository action="destroy" self_handle="42" repository_handle="120"/> - </msg> - - <!-- ==== --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_resources self_handle="42" child_handle="289"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_resources self_handle="42" child_handle="289" - valid_until="2008-04-01T00:00:00Z" - ipv4="10.0.0.44/32,10.3.0.44/32" - ipv6="fe80:deed:f00d::/48,fe80:dead:beef:2::-fe80:dead:beef:2::49" - asn="666"/> - </msg> - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_roa_requests self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_roa_requests self_handle="42" - asn="666" - ipv4="10.0.0.44/32,10.3.0.44/32" - ipv6="fe80:deed:f00d::/48,fe80:dead:beef::/48-56" - /> - <list_roa_requests self_handle="42" - asn="12345" - ipv4="10.0.0.44/32" - ipv6="2002:a00::/48-56" - /> - </msg> - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_received_resources self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_received_resources self_handle="42" - parent_handle="Alice" - notBefore="2010-02-22T03:44:23Z" - notAfter="2011-02-21T11:03:49Z" - uri="rsync://arin.rpki.net/arin/1/Du4MhiSkjd_3bPL7c2trEkJBZ-U.cer" - sia_uri="rsync://arin.rpki.net/arin/isc/ISC-94-Z/2/" - aia_uri="rsync://arin.rpki.net/arin/arin.cer" - asn="1280,3557" - ipv4="149.20.0.0/16,192.5.4.0/23,204.152.184.0/21"/> - <list_received_resources self_handle="42" - parent_handle="Bob" - uri="rsync://arin.rpki.net/arin/1/uWqpa8GkcEDBZkEsmOEofeDKk9s.cer" - notBefore="2010-02-22T03:44:20Z" - notAfter="2011-02-21T11:03:49Z" - sia_uri="rsync://arin.rpki.net/arin/isc/ISC-94/1/" - aia_uri="rsync://arin.rpki.net/arin/arin.cer" - asn="27318-27322,30122-30134,33071-33082,53459,393221" - ipv4="192.158.248.0-192.158.252.255,192.228.80.0-192.228.92.255,199.6.0.0-199.6.14.255,199.254.27.0/24" - ipv6="2001:4f8::/32,2001:500::/48,2001:500:2e::/47,2001:500:60::-2001:500:7c:ffff:ffff:ffff:ffff:ffff,2001:500:85::/48"/> - </msg> - - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_published_objects self_handle="42"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <list_published_objects self_handle="42" uri="rsync://rpki.example.org/rpki/DEMEtlxZrZes7TNGbe7XwVSMgW0.crl"> - MIIBrjCBlwIBATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwQzQzMDRCNjVDNTlBRDk3 - QUNFRDMzNDY2REVFRDdDMTU0OEM4MTZEFw0wOTA5MjgyMDUxNDlaFw0wOTA5MjgyMTUxNDla - oDAwLjAfBgNVHSMEGDAWgBQMQwS2XFmtl6ztM0Zt7tfBVIyBbTALBgNVHRQEBAICAWkwDQYJ - KoZIhvcNAQELBQADggEBAIRT1nriWsvZO9QtLKEiO7SZE3YZqMqDXS1auGBxEZtcLyF93ct6 - dstbiWHXjlHLztgePXh970BsTYhiVbKKnZvS0pjI8a9vr9b2Dyia3QG8ArV0zXVKhAGku5v+ - RG9d+f/VH0GMQ8ITcjJOKOaK0afv1KmQsydAb8KLKAGhCs7zeuztQG2k3YP6BE2OOPYK9fYk - EGHz0kPGp/oD/PJJfmPlKD4Uk4mSvM6e5ksgKg0BnxoU9RMkWjAeGVxk0F+SDG5sPmCsVOgB - fBk4i7H945v/zs7bLLMJxTs8+ao4iCDuknjbGhjWmi9xrTXDtcCXx607rPDkJQcJE2WnRS/U - HIA= - </list_published_objects> - <list_published_objects self_handle="42" uri="rsync://rpki.example.org/rpki/DEMEtlxZrZes7TNGbe7XwVSMgW0.mft"> - MIIHBQYJKoZIhvcNAQcCoIIG9jCCBvICAQMxDTALBglghkgBZQMEAgEwggEfBgsqhkiG9w0B - CRABGqCCAQ4EggEKMIIBBgICAWoYDzIwMDkwOTI4MjA1MTQ5WhgPMjAwOTA5MjgyMTUxNDla - BglghkgBZQMEAgEwgdIwRBYfREVNRXRseFpyWmVzN1ROR2JlN1h3VlNNZ1cwLmNybAMhAPgd - nO/fVdSWmPrnxJAf4JXrf0J/dHv9en+Tsqrz4WjcMEQWH2xkdnhjSEdkcjNvS0hjUGotZ3Vr - bWV0TlJaMC5yb2EDIQAxseZlGDtfsvDOBv1X2ElR8k/V78ynwSBGM22F5DYXUTBEFh94b3BO - R2NzQl9wN2VhZllxWGF0bVZWOEhaZDAucm9hAyEAKIKdRZhS1tawepRzVXtdP1imh6zPymWp - dCjYJUDqzY2gggQLMIIEBzCCAu+gAwIBAgIBATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQD - EygwQzQzMDRCNjVDNTlBRDk3QUNFRDMzNDY2REVFRDdDMTU0OEM4MTZEMB4XDTA5MDkxODIx - NDE1NFoXDTEwMDkxMzExMDcwOVowMzExMC8GA1UEAxMoMEQ3MjU5REEyNEY5OTRFNTVCN0E2 - NkQxMDBEOUE5REJFMURGODIwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwo - COG8kQMKuAVMOe5eTlasUpFQ2OT2VNmJtJ7NPQ1rLm1ahVUcTXUn7p+ikmJYpwFRACZ6htgF - n51RL43lm/pITTSVc1A6fofkrnoNImwMG8Pj8Z46H6kbJOM69NW5asjvA5DfSu73cltGHPRg - DQqt1k/3+aWqPWiYS7OGbQdDYGmy3T5VNlc+DBzyAM2VxNrLNF5Imv1NbfLw0Bp/gvayeApe - AjhjraCP7ZQxyXesLbBZrjQz1MXpi4DOZtY8gYwaMNgeU56jR9tpM5IDY5zSPHKZyJVvLQnT - iQfMKasHYMcFDtDrRH7t+YQlmt40uby0YsIIcv5FWJf1OBHnyYcCAwEAAaOCASQwggEgMB0G - A1UdDgQWBBQNclnaJPmU5Vt6ZtEA2anb4d+CBzAfBgNVHSMEGDAWgBQMQwS2XFmtl6ztM0Zt - 7tfBVIyBbTBaBgNVHR8EUzBRME+gTaBLhklyc3luYzovL2FyaW4ucnBraS5uZXQvYXJpbi9p - c2MvSVNDLTk0LVovMi9ERU1FdGx4WnJaZXM3VE5HYmU3WHdWU01nVzAuY3JsMFgGCCsGAQUF - BwEBBEwwSjBIBggrBgEFBQcwAoY8cnN5bmM6Ly9hcmluLnJwa2kubmV0L2FyaW4vMS9ERU1F - dGx4WnJaZXM3VE5HYmU3WHdWU01nVzAuY2VyMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw - DgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCZtr0XdjKRitItHi7UfUx6hTp2 - BOwoaNoOCEKw+dRMDYEgfRKbWSRd3gyVR3F1DV41aT1vDm56+WoN2Td1WEi2H0q22f1iIKuS - m0MkOpdqVZGOYHLTErv22XzDf7ifdGo3RkW7QOQ3D1n6Qraft5AB3aHskCofvPx3CBGFHKWh - N5HXnh+J/Bly2EwxPYs4yibx6K8stnxwIwsmo7DvjdPwv+VnrmIb7pxOpvqHjEQEs7Wy9Y47 - NP3Ym2YLwbIqAuN6F9kF7DeCanBt0HeFqMsOowz11ll1xBAwcpz/bxVwyAwWUoJNncoJCrjz - n2gPGYKqW80qgQwL8vBLFtBevZbyMYIBqjCCAaYCAQOAFA1yWdok+ZTlW3pm0QDZqdvh34IH - MAsGCWCGSAFlAwQCAaBrMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABGjAcBgkqhkiG9w0B - CQUxDxcNMDkwOTI4MjA1MTQ5WjAvBgkqhkiG9w0BCQQxIgQgYA8+0xE+taAr6cM6tEAt4Wh6 - BWT8Xu76a6YSZt9hb2kwDQYJKoZIhvcNAQEBBQAEggEAmD/WNppqwMtpQw+RkqIbcg3HT7fg - RRK+ehJfcyCqP/t7vUu65cAcz02gbT3LHZDkqtGD9WjgjoxSVNrYiS+4TEQbt0AXrSQFqr9F - ud2eujpeGpx56VVYgE/Jef9MfiYXSjWj9oveEWR1OdRFVCn6TW6+t1n6OMTNhnDxYt9t4NZV - OCK95aHm9vi7d8CMZfPnZMQuXiNmHberYkxLu5LZJ84C2GqGbyBllkFp2KUGKoWgMyeKkk0q - yML8lQJAFAyjnXJ+doGbqfTUpVH4q4drqRb73WbL0zf/Z2HGwhDlTmsAdjparWdQcfXIVrJF - ynS1fab9XZfj+VtBFKjooDjaLw== - </list_published_objects> - <list_published_objects self_handle="42" uri="rsync://rpki.example.org/rpki/ldvxcHGdr3oKHcPj-gukmetNRZ0.roa"> - MIIGnQYJKoZIhvcNAQcCoIIGjjCCBooCAQMxDTALBglghkgBZQMEAgEwMQYLKoZIhvcNAQkQ - ARigIgQgMB4CAg3lMBgwFgQCAAEwEDAGAwQAwAUEMAYDBADABQWgggSTMIIEjzCCA3egAwIB - AgIBAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwQzQzMDRCNjVDNTlBRDk3QUNFRDMz - NDY2REVFRDdDMTU0OEM4MTZEMB4XDTA5MDkxODIyNTkzM1oXDTEwMDkxMzExMDcwOVowMzEx - MC8GA1UEAxMoOTVEQkYxNzA3MTlEQUY3QTBBMURDM0UzRkEwQkE0OTlFQjRENDU5RDCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALpn7TNbq1aYIa9fQG660Rz3dUfpx/dZEOJc - /PD5sxLSBCgcMJKGUb7RGajyI4pbIwVax1w+A4Ie38YjSl6p95FdwBMDX2w6OwePdLwDC+0R - zCf2p/F4Go79glYssEKjFGYvUDwm8SwJ3dr8XdlgdjbT4zIrMZj9SVOgreeNGOU+jcn8HvX3 - 94/0w49JDzPwKmHzGSlBTunzQ4pYZyZ2R+rDKuTJqRslEdD5KOFjNV2s4owWkhJzCermBj2u - CFExS+0Fc0In9Q3X5PcTMp2L1Gj4sdgc2Kbc8VTWU7kgF5M/15HThgRy+Ldx/b05w22mJV7L - 6yMkNGfRpn4CxLFD0U8CAwEAAaOCAawwggGoMB0GA1UdDgQWBBSV2/FwcZ2vegodw+P6C6SZ - 601FnTAfBgNVHSMEGDAWgBQMQwS2XFmtl6ztM0Zt7tfBVIyBbTBaBgNVHR8EUzBRME+gTaBL - hklyc3luYzovL2FyaW4ucnBraS5uZXQvYXJpbi9pc2MvSVNDLTk0LVovMi9ERU1FdGx4WnJa - ZXM3VE5HYmU3WHdWU01nVzAuY3JsMFgGCCsGAQUFBwEBBEwwSjBIBggrBgEFBQcwAoY8cnN5 - bmM6Ly9hcmluLnJwa2kubmV0L2FyaW4vMS9ERU1FdGx4WnJaZXM3VE5HYmU3WHdWU01nVzAu - Y2VyMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwDgYDVR0PAQH/BAQDAgeAMGUGCCsGAQUF - BwELBFkwVzBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9hcmluLnJwa2kubmV0L2FyaW4vaXNjL0lT - Qy05NC1aLzIvbGR2eGNIR2RyM29LSGNQai1ndWttZXROUlowLnJvYTAfBggrBgEFBQcBBwEB - /wQQMA4wDAQCAAEwBgMEAcAFBDANBgkqhkiG9w0BAQsFAAOCAQEAIjdpXxwxe9sK9RkqzvDP - to3zdDhpLf29XqKKkNhux2pXXeMcRR5vNN13mguuxaO/uQtrFTBgk8EJn7CfhmIoZpZClcAS - cvIyYSBbc/VspOdmPH2DnQGFjBk/qpEUs3W3Us5/w6x2BnjuUtRBj5eQQ5kydtHTy/URSX7i - K76ngiTsDL6e77UVu8KY+EutZU3b2HH73qfeP8L4HJ2rpm5tnHZEECcAHS20bhqTqyuECcuK - FBhQA2Ye8LtVg/CbZixZNqb5bfcCj72HzsZAKC57gzu/ROJ43wINcwgCkYUeWM8eoFJoYCaQ - z1avg/vDGBrZtkNQQJt9mXoxaJF25YEuRDGCAaowggGmAgEDgBSV2/FwcZ2vegodw+P6C6SZ - 601FnTALBglghkgBZQMEAgGgazAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQARgwHAYJKoZI - hvcNAQkFMQ8XDTA5MDkxODIyNTkzM1owLwYJKoZIhvcNAQkEMSIEIEU7rNCYuAgPtZckEMP4 - MMUl4hMwvLJ4KWHgg1fZNkJMMA0GCSqGSIb3DQEBAQUABIIBAA6fqD9/VisrRFIqRbwFpG/B - fkmnZGPequD7JPgJR/O/7ofUe1yunPugdPoDe+bTrEaUfyj6xAcdXXwR2fKHF8HyCPMclqCB - aQNZH/nHnawrwOXem8qwnKRyn7hOXyKPxar4VIVg90JFttgaM/l9W++PV02KQS8GlFRymvpg - Eca4THQ5/VWe/3V5dAOEGFUl0/WAjYId+jYzF9oHKSeZTqWmpvDaX4Pc+xkydw18kQBsovnv - +N931gu2r5I/XB/MGgGvXNWozK7RuMn55i5hMqI2NQs+/b7/AQU0+/i3g7SlLA8iZwHq49U2 - ZXRCjLXcy0tQOWVsMnGfReN8oNDhHbc= - </list_published_objects> - <list_published_objects self_handle="42" uri="rsync://rpki.example.org/rpki/xopNGcsB_p7eafYqXatmVV8HZd0.roa"> - MIIGoQYJKoZIhvcNAQcCoIIGkjCCBo4CAQMxDTALBglghkgBZQMEAgEwMAYLKoZIhvcNAQkQ - ARigIQQfMB0CAgUAMBcwFQQCAAEwDzAFAwMAlRQwBgMEA8yYuKCCBJgwggSUMIIDfKADAgEC - AgEDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBDNDMwNEI2NUM1OUFEOTdBQ0VEMzM0 - NjZERUVEN0MxNTQ4QzgxNkQwHhcNMDkwOTE4MjI1OTU1WhcNMTAwOTEzMTEwNzA5WjAzMTEw - LwYDVQQDEyhDNjhBNEQxOUNCMDFGRTlFREU2OUY2MkE1REFCNjY1NTVGMDc2NUREMIIBIjAN - BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z9OLSVMT632SBjbKcwfnZtkIOeaFG8oRZKe - u6q7E3krOxXuK2Yxafz5d2+FJBBFHWSmtKuHpeR2rkUWOZlgIWny6u9hb7vzt2wvuEXjBI7H - Bn3sNgGOIgHyuWjUxWyy6gr1K4x437XaMUeMx7xy/82DSgqyK0298EoiPlg8wQau38WFx+FZ - cu2Bnf3prc2l3oSRKNPAE7l4P6DKnjy3VPQT6xCt5PEscVDFzkMeJXrGe48GwJzV0ZbUQHeZ - /eMAsWyZIp5K4kciU6A552ImLjim64HXaviyHiv0rHAUImBoK5AbnpH1yOZ93StqD0iFEJMF - HubclLRuJRFomX05DwIDAQABo4IBsTCCAa0wHQYDVR0OBBYEFMaKTRnLAf6e3mn2Kl2rZlVf - B2XdMB8GA1UdIwQYMBaAFAxDBLZcWa2XrO0zRm3u18FUjIFtMFoGA1UdHwRTMFEwT6BNoEuG - SXJzeW5jOi8vYXJpbi5ycGtpLm5ldC9hcmluL2lzYy9JU0MtOTQtWi8yL0RFTUV0bHhaclpl - czdUTkdiZTdYd1ZTTWdXMC5jcmwwWAYIKwYBBQUHAQEETDBKMEgGCCsGAQUFBzAChjxyc3lu - YzovL2FyaW4ucnBraS5uZXQvYXJpbi8xL0RFTUV0bHhaclplczdUTkdiZTdYd1ZTTWdXMC5j - ZXIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUH - AQsEWTBXMFUGCCsGAQUFBzALhklyc3luYzovL2FyaW4ucnBraS5uZXQvYXJpbi9pc2MvSVND - LTk0LVovMi94b3BOR2NzQl9wN2VhZllxWGF0bVZWOEhaZDAucm9hMCQGCCsGAQUFBwEHAQH/ - BBUwEzARBAIAATALAwMAlRQDBAPMmLgwDQYJKoZIhvcNAQELBQADggEBAMmzrOxl/SA7uEHR - 4D5jCMNFZaKkh9Shf2Uqg+JpD88BPVLdBDHmG7CmFSI42puZk76SIrXLjyaUv3kP4wKNXOug - c3/80bynPgT+25kTeJc5T4Th735fzJZantqfG+uBQmC2Rk5mihTAL1wweIBFBYcmjAWSmuo9 - N84XWOikQnkPLAsiX75mT1E2BZB5te6UruWHRtlMggNvE72zrZBYAhk+bCC5HdkAhwA3dah5 - SsMSOoGgniFoWlLq3COV+ga1OkJgYVRQHXGP7Fjh7YCU2yUygKaf5Yniqh1ijbjJvVz419QY - ZflO9//gP3IM5ClbnWR4RhzZFKJ4DGz+lDmHIugxggGqMIIBpgIBA4AUxopNGcsB/p7eafYq - XatmVV8HZd0wCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEYMBwG - CSqGSIb3DQEJBTEPFw0wOTA5MTgyMjU5NTVaMC8GCSqGSIb3DQEJBDEiBCC4ptBgQZ1Ktxau - h1foPe9MJiB8XZJ21ynmZ7BPTWLQVTANBgkqhkiG9w0BAQEFAASCAQBlAxAGN2Tcvi8tF5qk - ECahrFZn0qvOw9tQRKNwwC5SRUQWQcd6Pi7g0znLVS0Y5iOZB7QvHiuPXvVAR7cxwjRlEZy2 - kmERAbrq7ROweJjb9L5JsacRSWUfG7JQjdqMSGLOf3gqlidBnDrKlNIWfyGntpZZFmIGKo9X - 5U8PWrCGkb+2AZT/tpt0eMGRhdgGX0n987dEhUbU7k9dZZXA7ou/g1MSL2HHfH17mL9rQqzN - UwHopIkNlG0ljGy7xI2wjjcvUCDi0Ns/asqxlz6icHgXhrhLyZy3JlcjG7/v2dm0MdZLFg4m - FN/5lE6Ayt2VEDfVNRfMzD6ezxb8PZc2astn - </list_published_objects> - - </msg> - - <!-- === --> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <report_error self_handle="42" error_code="your_hair_is_on_fire">text string</report_error> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/"> - <report_error self_handle="42" error_code="your_hair_is_on_fire"/> - </msg> - -</completely_gratuitous_wrapper_element_to_let_me_run_this_through_xmllint> diff --git a/rpkid/tests/myrpki-xml-parse-test.py b/rpkid/tests/myrpki-xml-parse-test.py deleted file mode 100644 index 10b9cd58..00000000 --- a/rpkid/tests/myrpki-xml-parse-test.py +++ /dev/null @@ -1,101 +0,0 @@ -# $Id$ -# -# Copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -""" -Test parser and display tool for myrpki.xml files. -""" - -import lxml.etree, rpki.resource_set, base64, subprocess - -relaxng = lxml.etree.RelaxNG(file = "myrpki.rng") - -tree = lxml.etree.parse("myrpki.xml").getroot() - -if False: - print lxml.etree.tostring(tree, pretty_print = True, encoding = "us-ascii", xml_declaration = True) - -relaxng.assertValid(tree) - -def showitems(y): - if False: - for k, v in y.items(): - if v: - print " ", k, v - -def tag(t): - return "{http://www.hactrn.net/uris/rpki/myrpki/}" + t - -print "My handle:", tree.get("handle") - -print "Children:" -for x in tree.getiterator(tag("child")): - print " ", x - print " Handle:", x.get("handle") - print " ASNS: ", rpki.resource_set.resource_set_as(x.get("asns")) - print " IPv4: ", rpki.resource_set.resource_set_ipv4(x.get("v4")) - print " Valid: ", x.get("valid_until") - showitems(x) -print - -print "ROA requests:" -for x in tree.getiterator(tag("roa_request")): - print " ", x - print " ASN: ", x.get("asn") - print " IPv4:", rpki.resource_set.roa_prefix_set_ipv4(x.get("v4")) - print " IPv6:", rpki.resource_set.roa_prefix_set_ipv6(x.get("v6")) - showitems(x) -print - -def showpem(label, b64, kind): - cmd = ("openssl", kind, "-noout", "-text", "-inform", "DER") - if kind == "x509": - cmd += ("-certopt", "no_pubkey,no_sigdump") - p = subprocess.Popen(cmd, stdin = subprocess.PIPE, stdout = subprocess.PIPE) - text = p.communicate(input = base64.b64decode(b64))[0] - if p.returncode != 0: - raise subprocess.CalledProcessError(returncode = p.returncode, cmd = cmd) - print label, text - -for x in tree.getiterator(tag("child")): - cert = x.findtext(tag("bpki_certificate")) - if cert: - showpem("Child", cert, "x509") - -for x in tree.getiterator(tag("parent")): - print "Parent URI:", x.get("service_uri") - cert = x.findtext(tag("bpki_certificate")) - if cert: - showpem("Parent", cert, "x509") - -ca = tree.findtext(tag("bpki_ca_certificate")) -if ca: - showpem("CA", ca, "x509") - -bsc = tree.findtext(tag("bpki_bsc_certificate")) -if bsc: - showpem("BSC EE", bsc, "x509") - -repo = tree.findtext(tag("bpki_repository_certificate")) -if repo: - showpem("Repository", repo, "x509") - -req = tree.findtext(tag("bpki_bsc_pkcs10")) -if req: - showpem("BSC EE", req, "req") - -crl = tree.findtext(tag("bpki_crl")) -if crl: - showpem("CA", crl, "crl") diff --git a/rpkid/tests/old_irdbd.py b/rpkid/tests/old_irdbd.py deleted file mode 100644 index d258e4c0..00000000 --- a/rpkid/tests/old_irdbd.py +++ /dev/null @@ -1,19 +0,0 @@ -# $Id$ -# -# Copyright (C) 2010-2012 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -if __name__ == "__main__": - import rpki.old_irdbd - rpki.old_irdbd.main() diff --git a/rpkid/tests/old_irdbd.sql b/rpkid/tests/old_irdbd.sql deleted file mode 100644 index e773bb2e..00000000 --- a/rpkid/tests/old_irdbd.sql +++ /dev/null @@ -1,143 +0,0 @@ --- $Id$ - --- Copyright (C) 2009--2011 Internet Systems Consortium ("ISC") --- --- Permission to use, copy, modify, and distribute this software for any --- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. --- --- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. - --- Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") --- --- Permission to use, copy, modify, and distribute this software for any --- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. --- --- THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. - --- SQL objects needed by irdbd.py. You only need this if you're using --- irdbd.py as your IRDB; if you have a "real" backend you can do --- anything you like so long as you implement the relevant portion of --- the left-right protocol. - --- DROP TABLE commands must be in correct (reverse dependency) order --- to satisfy FOREIGN KEY constraints. - -DROP TABLE IF EXISTS roa_request_prefix; -DROP TABLE IF EXISTS roa_request; -DROP TABLE IF EXISTS registrant_net; -DROP TABLE IF EXISTS registrant_asn; -DROP TABLE IF EXISTS registrant; -DROP TABLE IF EXISTS ghostbuster_request; -DROP TABLE IF EXISTS ee_certificate_asn; -DROP TABLE IF EXISTS ee_certificate_net; -DROP TABLE IF EXISTS ee_certificate; - -CREATE TABLE registrant ( - registrant_id SERIAL NOT NULL, - registrant_handle VARCHAR(255) NOT NULL, - registrant_name TEXT, - registry_handle VARCHAR(255), - valid_until DATETIME NOT NULL, - PRIMARY KEY (registrant_id), - UNIQUE (registry_handle, registrant_handle) -) ENGINE=InnoDB; - -CREATE TABLE registrant_asn ( - start_as BIGINT UNSIGNED NOT NULL, - end_as BIGINT UNSIGNED NOT NULL, - registrant_id BIGINT UNSIGNED NOT NULL, - PRIMARY KEY (registrant_id, start_as, end_as), - CONSTRAINT registrant_asn_registrant_id - FOREIGN KEY (registrant_id) REFERENCES registrant (registrant_id) - ON DELETE CASCADE ON UPDATE CASCADE -) ENGINE=InnoDB; - -CREATE TABLE registrant_net ( - start_ip VARCHAR(40) NOT NULL, - end_ip VARCHAR(40) NOT NULL, - version TINYINT UNSIGNED NOT NULL, - registrant_id BIGINT UNSIGNED NOT NULL, - PRIMARY KEY (registrant_id, version, start_ip, end_ip), - CONSTRAINT registrant_net_registrant_id - FOREIGN KEY (registrant_id) REFERENCES registrant (registrant_id) - ON DELETE CASCADE ON UPDATE CASCADE -) ENGINE=InnoDB; - -CREATE TABLE roa_request ( - roa_request_id SERIAL NOT NULL, - self_handle VARCHAR(255) NOT NULL, - asn BIGINT UNSIGNED NOT NULL, - PRIMARY KEY (roa_request_id) -) ENGINE=InnoDB; - -CREATE TABLE roa_request_prefix ( - prefix VARCHAR(40) NOT NULL, - prefixlen TINYINT UNSIGNED NOT NULL, - max_prefixlen TINYINT UNSIGNED NOT NULL, - version TINYINT UNSIGNED NOT NULL, - roa_request_id BIGINT UNSIGNED NOT NULL, - PRIMARY KEY (roa_request_id, prefix, prefixlen, max_prefixlen), - CONSTRAINT roa_request_prefix_roa_request_id - FOREIGN KEY (roa_request_id) REFERENCES roa_request (roa_request_id) - ON DELETE CASCADE ON UPDATE CASCADE -) ENGINE=InnoDB; - -CREATE TABLE ghostbuster_request ( - ghostbuster_request_id SERIAL NOT NULL, - self_handle VARCHAR(255) NOT NULL, - parent_handle VARCHAR(255), - vcard LONGBLOB NOT NULL, - PRIMARY KEY (ghostbuster_request_id) -) ENGINE=InnoDB; - -CREATE TABLE ee_certificate ( - ee_certificate_id SERIAL NOT NULL, - self_handle VARCHAR(255) NOT NULL, - pkcs10 LONGBLOB NOT NULL, - gski VARCHAR(27) NOT NULL, - cn VARCHAR(64) NOT NULL, - sn VARCHAR(64), - eku TEXT NOT NULL, - valid_until DATETIME NOT NULL, - PRIMARY KEY (ee_certificate_id), - UNIQUE (self_handle, gski) -) ENGINE=InnoDB; - -CREATE TABLE ee_certificate_asn ( - start_as BIGINT UNSIGNED NOT NULL, - end_as BIGINT UNSIGNED NOT NULL, - ee_certificate_id BIGINT UNSIGNED NOT NULL, - PRIMARY KEY (ee_certificate_id, start_as, end_as), - CONSTRAINT ee_certificate_asn_ee_certificate_id - FOREIGN KEY (ee_certificate_id) REFERENCES ee_certificate (ee_certificate_id) - ON DELETE CASCADE ON UPDATE CASCADE -) ENGINE=InnoDB; - -CREATE TABLE ee_certificate_net ( - version TINYINT UNSIGNED NOT NULL, - start_ip VARCHAR(40) NOT NULL, - end_ip VARCHAR(40) NOT NULL, - ee_certificate_id BIGINT UNSIGNED NOT NULL, - PRIMARY KEY (ee_certificate_id, version, start_ip, end_ip), - CONSTRAINT ee_certificate_net_ee_certificate_id - FOREIGN KEY (ee_certificate_id) REFERENCES ee_certificate (ee_certificate_id) - ON DELETE CASCADE ON UPDATE CASCADE -) ENGINE=InnoDB; - --- Local Variables: --- indent-tabs-mode: nil --- End: diff --git a/rpkid/tests/publication-protocol-samples.xml b/rpkid/tests/publication-protocol-samples.xml deleted file mode 100644 index 96b095a7..00000000 --- a/rpkid/tests/publication-protocol-samples.xml +++ /dev/null @@ -1,370 +0,0 @@ -<!-- -*- SGML -*- - - $Id$ - - - - Copyright (C) 2008 American Registry for Internet Numbers ("ARIN") - - - - Permission to use, copy, modify, and distribute this software for any - - purpose with or without fee is hereby granted, provided that the above - - copyright notice and this permission notice appear in all copies. - - - - THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH - - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - - AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, - - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - - PERFORMANCE OF THIS SOFTWARE. - - - - - - This is a collection of sample publication protocol PDU samples - - to use as test cases for the publication protocol RelaxNG schema. - --> - -<completely_gratuitous_wrapper_element_to_let_me_run_this_through_xmllint> - - <msg xmlns="http://www.hactrn.net/uris/rpki/publication-spec/" type="query" version="1"> - <config action="set"> - <bpki_crl> - MIIBezBlAgEBMA0GCSqGSIb3DQEBCwUAMCMxITAfBgNVBAMTGFRlc3QgQ2VydGlm - aWNhdGUgcHViZCBUQRcNMDgwNjAyMjE0OTQ1WhcNMDgwNzAyMjE0OTQ1WqAOMAww - CgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADggEBAFWCWgBl4ljVqX/CHo+RpqYt - vmKMnjPVflMXUB7i28RGP4DAq4l7deDU7Q82xEJyE4TXMWDWAV6UG6uUGum0VHWO - cj9ohqyiZUGfOsKg2hbwkETm8sAENOsi1yNdyKGk6jZ16aF5fubxQqZa1pdGCSac - 1/ZYC5sLLhEz3kmz+B9z9mXFVc5TgAh4dN3Gy5ftF8zZAFpDGnS4biCnRVqhGv6R - 0Lh/5xmii+ZU6kNDhbeMsjJg+ZOmtN+wMeHSIbjiy0WuuaZ3k2xSh0C94anrHBZA - vvCRhbazjR0Ef5OMZ5lcllw3uO8IHuoisHKkehy4Y0GySdj98fV+OuiRTH9vt/M= - </bpki_crl> - </config> - </msg> - - <msg xmlns="http://www.hactrn.net/uris/rpki/publication-spec/" type="reply" version="1"> - <config action="set"/> - </msg> - - <msg xmlns="http://www.hactrn.net/uris/rpki/publication-spec/" type="query" version="1"> - <config action="get"/> - </msg> - - <msg xmlns="http://www.hactrn.net/uris/rpki/publication-spec/" type="reply" version="1"> - <config action="get"> - <bpki_crl> - MIIBezBlAgEBMA0GCSqGSIb3DQEBCwUAMCMxITAfBgNVBAMTGFRlc3QgQ2VydGlm - aWNhdGUgcHViZCBUQRcNMDgwNjAyMjE0OTQ1WhcNMDgwNzAyMjE0OTQ1WqAOMAww - CgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADggEBAFWCWgBl4ljVqX/CHo+RpqYt - vmKMnjPVflMXUB7i28RGP4DAq4l7deDU7Q82xEJyE4TXMWDWAV6UG6uUGum0VHWO - cj9ohqyiZUGfOsKg2hbwkETm8sAENOsi1yNdyKGk6jZ16aF5fubxQqZa1pdGCSac - 1/ZYC5sLLhEz3kmz+B9z9mXFVc5TgAh4dN3Gy5ftF8zZAFpDGnS4biCnRVqhGv6R - 0Lh/5xmii+ZU6kNDhbeMsjJg+ZOmtN+wMeHSIbjiy0WuuaZ3k2xSh0C94anrHBZA - vvCRhbazjR0Ef5OMZ5lcllw3uO8IHuoisHKkehy4Y0GySdj98fV+OuiRTH9vt/M= - </bpki_crl> - </config> - </msg> - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="create" client_handle="3" base_uri="rsync://wombat.invalid/"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - </client> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="create" client_handle="3"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="set" client_handle="3"> - <bpki_glue> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_glue> - </client> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="set" client_handle="3"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="get" client_handle="3"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="get" client_handle="3" base_uri="rsync://wombat.invalid/"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - </client> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="list"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="list" client_handle="3"> - <bpki_cert> - MIIDGzCCAgOgAwIBAgIJAKi+/+wUhQlxMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV - BAMTGVRlc3QgQ2VydGlmaWNhdGUgQm9iIFJvb3QwHhcNMDcwODAxMTk1MzEwWhcN - MDcwODMxMTk1MzEwWjAkMSIwIAYDVQQDExlUZXN0IENlcnRpZmljYXRlIEJvYiBS - b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKYUtJaM5PH5917S - G2ACc7iBYdQO2HYyu8Gb6i9Q2Gxc3cWEX7RTBvgOL79pWf3GIdnoupzMnoZVtY3G - Ux2G/0WkmLui2TCeDhcfXdQ4rcp8J3V/6ESj+yuEPPOG8UN17mUKKgujrch6ZvgC - DO9AyOK/uXu+ABQXTPsn2pVe2EVh3V004ShLi8GKgVdqb/rW/6GTg0Xb/zLT6WWM - uT++6sXTlztJdQYkRamJvKfQDU1naC8mAkGf79Tba0xyBGAUII0GfREY6t4/+NAP - 2Yyb3xNlBqcJoTov0JfNKHZcCZePr79j7LK/hkZxxip+Na9xDpE+oQRV+DRukCRJ - diqg+wIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTDEsXJe6pjAQD4 - ULlB7+GMDBlimTAfBgNVHSMEGDAWgBTDEsXJe6pjAQD4ULlB7+GMDBlimTANBgkq - hkiG9w0BAQUFAAOCAQEAWWkNcW6S1tKKqtzJsdfhjJiAAPQmOXJskv0ta/8f6Acg - cum1YieNdtT0n96P7CUHOWP8QBb91JzeewR7b6WJLwb1Offs3wNq3kk75pJe89r4 - XY39EZHhMW+Dv0PhIKu2CgD4LeyH1FVTQkF/QObGEmkn+s+HTsuzd1l2VLwcP1Sm - sqep6LAlFj62qqaIJzNeQ9NVkBqtkygnYlBOkaBTHfQTux3jYNpEo8JJB5e/WFdH - YyMNrG2xMOtIC7T4+IOHgT8PgrNhaeDg9ctewj0X8Qi9nI9nXeinicLX8vj6hdEq - 3ORv7RZMJNYqv1HQ3wUE2B7fCPFv7EUwzaCds1kgRQ== - </bpki_cert> - </client> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="destroy" client_handle="3"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <client action="destroy" client_handle="3"/> - </msg> - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <certificate action="publish" uri="rsync://wombat.invalid/testbed/RIR/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.cer"> - MIIE+jCCA+KgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERjRBODAxN0U2 - NkE5RTkxNzJFNDYxMkQ4Q0Y0QzgzRjIzOERFMkEzMB4XDTA4MDUyMjE4MDUxMloXDTA4MDUy - NDE3NTQ1M1owMzExMC8GA1UEAxMoOEZCODIxOEYwNkU1MEFCNzAyQTdEOTZEQzhGMENEQ0Q4 - MjhGN0YxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMeziKp0k5nP7v6SZoNs - XIMQYRgNtC6Fr/9Xm/1yQHomiPqHUk47rHhGojYiK5AhkrwoYhkH4UjJl2iwklDYczXuaBU3 - F5qrKlZ4aZnjIxdlP7+hktVpeApL6yuJTUAYeC3UIxnLDVdD6phydZ/FOQluffiNDjzteCCv - oyOUatqt8WB+oND6LToHp028g1YUYLHG6mur0dPdcHOVXLSmUDuZ1HDz1nDuYvIVKjB/MpH9 - aW9XeaQ6ZFIlZVPwuuvI2brR+ThH7Gv27GL/o8qFdC300VQfoTZ+rKPGDE8K1cI906BL4kiw - x9z0oiDcE96QCz+B0vsjc9mGaA1jgAxlXWsCAwEAAaOCAhcwggITMB0GA1UdDgQWBBSPuCGP - BuUKtwKn2W3I8M3Ngo9/FzAfBgNVHSMEGDAWgBTfSoAX5mqekXLkYS2M9Mg/I43iozBVBgNV - HR8ETjBMMEqgSKBGhkRyc3luYzovL2xvY2FsaG9zdDo0NDAwL3Rlc3RiZWQvUklSLzEvMzBx - QUYtWnFucEZ5NUdFdGpQVElQeU9ONHFNLmNybDBFBggrBgEFBQcBAQQ5MDcwNQYIKwYBBQUH - MAKGKXJzeW5jOi8vbG9jYWxob3N0OjQ0MDAvdGVzdGJlZC9XT01CQVQuY2VyMBgGA1UdIAEB - /wQOMAwwCgYIKwYBBQUHDgIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgZsG - CCsGAQUFBwELBIGOMIGLMDQGCCsGAQUFBzAFhihyc3luYzovL2xvY2FsaG9zdDo0NDAwL3Rl - c3RiZWQvUklSL1IwLzEvMFMGCCsGAQUFBzAKhkdyc3luYzovL2xvY2FsaG9zdDo0NDAwL3Rl - c3RiZWQvUklSL1IwLzEvajdnaGp3YmxDcmNDcDlsdHlQRE56WUtQZnhjLm1uZjAaBggrBgEF - BQcBCAEB/wQLMAmgBzAFAgMA/BUwPgYIKwYBBQUHAQcBAf8ELzAtMCsEAgABMCUDAwAKAzAO - AwUAwAACAQMFAcAAAiAwDgMFAsAAAiwDBQDAAAJkMA0GCSqGSIb3DQEBCwUAA4IBAQCEhuH7 - jtI2PJY6+zwv306vmCuXhtu9Lr2mmRw2ZErB8EMcb5xypMrNqMoKeu14K2x4a4RPJkK4yATh - M81FPNRsU5mM0acIRnAPtxjHvPME7PHN2w2nGLASRsZmaa+b8A7SSOxVcFURazENztppsolH - eTpm0cpLItK7mNpudUg1JGuFo94VLf1MnE2EqARG1vTsNhel/SM/UvOArCCOBvf0Gz7kSuup - DSZ7qx+LiDmtEsLdbGNQBiYPbLrDk41PHrxdx28qIj7ejZkRzNFw/3pi8/XK281h8zeHoFVu - 6ghRPy5dbOA4akX/KG6b8XIx0iwPYdLiDbdWFbtTdPcXBauY - </certificate> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <certificate action="publish" uri="rsync://wombat.invalid/testbed/RIR/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.cer"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <certificate action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.cer"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <certificate action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.cer"/> - </msg> - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <crl action="publish" uri="rsync://wombat.invalid/testbed/RIR/1/30qAF-ZqnpFy5GEtjPTIPyON4qM.crl"> - MIIBwzCBrAIBATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERjRBODAxN0U2NkE5RTkx - NzJFNDYxMkQ4Q0Y0QzgzRjIzOERFMkEzFw0wODA1MjIxODA0MTZaFw0wODA1MjIxODA1MTZa - MBQwEgIBAhcNMDgwNTIyMTc1ODQwWqAvMC0wHwYDVR0jBBgwFoAU30qAF+ZqnpFy5GEtjPTI - PyON4qMwCgYDVR0UBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKkM0Fb/pJpHVHWZyjp4wojH - W2KkvA/DFtBiz3moxocSnkDVP3QI19uVvqdC6nH3hJyFmsAMwULR0f1XU/V4j+X+FqYEl6Nv - p8zAEPIB4r8xbEFs7udRwXRAjkJmOQbv9aomF2i+d7jpTFVJxShZWOgsoGEhIy/aktKQrOIR - c4ZDrXpQwXVj2Y7+cGVfQ4gvnPOdlyLcnNovoegazATvA3EcidBNPWRg7XTCz0LVBEB7JgPd - nNyXRg35HdMEHBl7U9uUQJXP7S02oaQ1ehNDMfaJPgBBpQtAnM1lIzJfevd9+e4ywGsRpxAV - 8wxTXSPd1jwuKtS0kwrgsrQ8Ya85xUE= - </crl> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <crl action="publish" uri="rsync://wombat.invalid/testbed/RIR/1/30qAF-ZqnpFy5GEtjPTIPyON4qM.crl"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <crl action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/1/30qAF-ZqnpFy5GEtjPTIPyON4qM.crl"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <crl action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/1/30qAF-ZqnpFy5GEtjPTIPyON4qM.crl"/> - </msg> - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <manifest action="publish" uri="rsync://wombat.invalid/testbed/RIR/R0/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.mft"> - MIIHCgYJKoZIhvcNAQcCoIIG+zCCBvcCAQMxDTALBglghkgBZQMEAgEwggEeBgsqhkiG9w0B - CRABGqCCAQ0EggEJMIIBBQIBEhgPMjAwODA1MjIxODA1MTVaGA8yMDA4MDUyMjE4MDYxNVoG - CWCGSAFlAwQCATCB0jBEFh9ZbTVUTzRJYnlDb0pNZ3E2R2o4dG41Mng5U0UuY2VyAyEA4L8Z - WMyuhOx+o6kUfsRR++QjSaRaATy4UOeVtjvZVqYwRBYfWnRxbjB3NEVFbU9hclAzQmd1SUY3 - MDhhNTM4LmNlcgMhAGQI1gYJotxWmwzcmpLNFZJ656uWOjcPYANlbNz80xm8MEQWH2xxa1Vx - RHEwMDBESW9ZVjlybXdLTGdrN2F6by5jZXIDIQB7jRAEpkPvc4s4PX9vDvnTifj3BIE145FO - 1ne2kEejVqCCBBEwggQNMIIC9aADAgECAgEFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMT - KDhGQjgyMThGMDZFNTBBQjcwMkE3RDk2REM4RjBDRENEODI4RjdGMTcwHhcNMDgwNTIyMTc1 - NzQ5WhcNMDgwNTI0MTc1NDUzWjAzMTEwLwYDVQQDEyhERkRBMjMyMUJENEVCMDNFQTE1RkUy - N0NGRkRGMEFGRkU1QjBFNjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/Gk - AHW5pDqye0+TvUp7sl0rVgmTfeHpVp18ypxvuovogVJgkjEtBEikfaFU0646wYD6JM6IJFJX - lWLWd7bVmhkWViKuZL0VmT2wpUToNHCLUGUQUVVX8R7oSHFdTArv2AqH+6yt0LmczDH1y2M6 - 2Tgkz9wZ9ryyuPx3VX4PkHzUMlkGFICj1fvyXkcAu8jBaxR9UME1c413TPaMi6lMh1HUmtVN - LJMP5+/SnwEAW/Z3dPClCFIgQXK3nAKPVzAIwADEiqhK7cSchhO7ikI1CVt0XzG4n7oaILc3 - Hq/DAxyiutw5GlkUlKPri2YJzJ3+H4P+TveSa/b02fVA5csm/QIDAQABo4IBKjCCASYwHQYD - VR0OBBYEFN/aIyG9TrA+oV/ifP/fCv/lsOZoMB8GA1UdIwQYMBaAFI+4IY8G5Qq3AqfZbcjw - zc2Cj38XMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5jOi8vbG9jYWxob3N0OjQ0MDAvdGVzdGJl - ZC9SSVIvUjAvMS9qN2doandibENyY0NwOWx0eVBETnpZS1BmeGMuY3JsMGAGCCsGAQUFBwEB - BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9sb2NhbGhvc3Q6NDQwMC90ZXN0YmVkL1JJUi8x - L2o3Z2hqd2JsQ3JjQ3A5bHR5UEROellLUGZ4Yy5jZXIwGAYDVR0gAQH/BA4wDDAKBggrBgEF - BQcOAjAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBADpsE9HfgVTgmX1WeJTE - fm87CXuOoGH85RFiAngSt5kR4gYCyadklOZ7Eta+ERUZVu4tcKO6sJOTuHPfVrAvR0VpgH+j - PvXboYWSfwJdi00BC28ScrVM2zarA7B10+J6Oq8tbFlAyVBkrbuPet/axmndBtGWhrBTynGl - nc/5L371Lxy6CrOYqXO0Qx3SrOKaailAe3zTIpHQeACqnPdL00zIBw/hVy/VNaH1wy+FmhAz - TsmsQUrMyovJcu/ry5w0KHlP8BTnqfykikCWR+Lw0VQHmpJGAbtrmsOeIbfLY1zl7A81lDAl - AG/ZH1DUdDOUIXMLHWur+D2rwjp7RL16LHYxggGqMIIBpgIBA4AU39ojIb1OsD6hX+J8/98K - /+Ww5mgwCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEaMBwGCSqG - SIb3DQEJBTEPFw0wODA1MjIxODA1MTVaMC8GCSqGSIb3DQEJBDEiBCBj/GjEQw3LgKPf5DTz - 8eu1fcp6/cQjqqne6ZqFkF42azANBgkqhkiG9w0BAQEFAASCAQBOY0uHNMwy/o1nFANSgha5 - PZxt8fz+wTrbeomCb+lxqQKq1clcSiQORVGc8NmqC8sS5OR3eTw/3qnK9yPHxz2UQ4hn1pBa - +Zy5veM61qMaXCw6w98EyNcvUfA1AkezAjkabfHQDs3o4Ezh49thXXyRcBoF+O6Lmi+LZbT2 - 4jvfFbaXW9zsb6/DaoDkeHnlk+YYgfSP4wOnkK5uqxtDW8QpMPq3GGdIp0oJDkzEdj7VsWIL - 9JP2mxxL8fTPVUyAPOmURYwYDXqhke2O9eVDiCYhrEfB8/84Rint4Cj8n5aCujnAtqtwxHpD - 0NRYO/V1MjhG+ARy1vRH1Dm0r92RBam3 - </manifest> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <manifest action="publish" uri="rsync://wombat.invalid/testbed/RIR/R0/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.mft"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <manifest action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/R0/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.mft"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <manifest action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/R0/1/j7ghjwblCrcCp9ltyPDNzYKPfxc.mft"/> - </msg> - - <!-- === --> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <roa action="publish" uri="rsync://wombat.invalid/testbed/RIR/R0/1/lqkUqDq000DIoYV9rmwKLgk7azo.roa"> - MIIGmwYJKoZIhvcNAQcCoIIGjDCCBogCAQMxDTALBglghkgBZQMEAgEwKgYLKoZIhvcNAQkQ - ARigGwQZMBcCAgKaMBEwDwQCAAEwCTAHAwUACgMALKCCBJgwggSUMIIDfKADAgECAgEJMA0G - CSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhGQjgyMThGMDZFNTBBQjcwMkE3RDk2REM4RjBD - RENEODI4RjdGMTcwHhcNMDgwNTIyMTc1ODI0WhcNMDgwNTI0MTc1NDUzWjAzMTEwLwYDVQQD - Eyg5NkE5MTRBODNBQjREMzQwQzhBMTg1N0RBRTZDMEEyRTA5M0I2QjNBMIIBIjANBgkqhkiG - 9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoK50BjW5bcF4gsdaYhndtVADZvQk3RCsvuqDElF6uLi - 9BYQq/NHyDOIMyJtvCmzjdv3Y135n1sNO7YvssqHlt7dMfCQTD5ND1GpFnQLdWP7stWM5AbO - nJV6+PtDITUA/QHOli7Do0YCUgR6G+1QJsMu0DK+TRSzBJ6WP7WIYOBOOg3y/NKc1rkWhS1Q - dcQepbHgQYZHzzpjNDR6+oYVuhuUEWx1P6O4pv/p+tpE0SDua7jBjMywIYHkPQBecf2IX1RU - WNojB9dJlnRx5YUUneP2SvF2MrmdDbclgzwhf6alqD2OjiMuoBOG8yeTKcuhzCMnrFAklbst - 6x3Rnq9BswIDAQABo4IBsTCCAa0wHQYDVR0OBBYEFJapFKg6tNNAyKGFfa5sCi4JO2s6MB8G - A1UdIwQYMBaAFI+4IY8G5Qq3AqfZbcjwzc2Cj38XMFgGA1UdHwRRME8wTaBLoEmGR3JzeW5j - Oi8vbG9jYWxob3N0OjQ0MDAvdGVzdGJlZC9SSVIvUjAvMS9qN2doandibENyY0NwOWx0eVBE - TnpZS1BmeGMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9sb2Nh - bGhvc3Q6NDQwMC90ZXN0YmVkL1JJUi8xL2o3Z2hqd2JsQ3JjQ3A5bHR5UEROellLUGZ4Yy5j - ZXIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAOBgNVHQ8BAf8EBAMCB4AwYwYIKwYBBQUH - AQsEVzBVMFMGCCsGAQUFBzALhkdyc3luYzovL2xvY2FsaG9zdDo0NDAwL3Rlc3RiZWQvUklS - L1IwLzEvbHFrVXFEcTAwMERJb1lWOXJtd0tMZ2s3YXpvLnJvYTAgBggrBgEFBQcBBwEB/wQR - MA8wDQQCAAEwBwMFAAoDACwwDQYJKoZIhvcNAQELBQADggEBAL8iHwsyGOYhhIf3nVuL361y - TOJSP8SR0mtQLHULPl+GkYk+5MRNWtL8ucTXFvniYJtOCXEGGEIO9eDXvkQIXQSz/qbF9URQ - fuf38ghRza257syVhal6UHTgCFYuRIO9CUjcU1vkWUxH05BBIHlYdtlIQbAG/mRsCPCEgSmG - bbQaomGlUOqmJMlKxLLcoAtz2vDrwVotgHyfS5h2mgINFjnlLcNLTci+sfs7/aQAkDYx7K98 - se/ZlMorvGkFNhHoOTcGIrWkYsfkbTygVwWRm278PaB3o4449Kvsg/gb8BZeHXRs68cr5Mcf - jP7Q6jeypjTgDBnwb1yzoJIKWszFuSgxggGqMIIBpgIBA4AUlqkUqDq000DIoYV9rmwKLgk7 - azowCwYJYIZIAWUDBAIBoGswGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEYMBwGCSqGSIb3 - DQEJBTEPFw0wODA1MjIxNzU4MjRaMC8GCSqGSIb3DQEJBDEiBCDCyf9v9Wed515TRp2WwnyM - 1rk6dB///X+aqIym2e9jdTANBgkqhkiG9w0BAQEFAASCAQAFvzrHeRPW+wn4WSyoyBEq0zKS - Cyh5tu1qTR0NHs6Rr/p8Pk81P1HQLND/U+znJZKLWlO2niEHUXPIicPDYchbj8ApH9VxKA+1 - lCWllOzFAsYyZFr3/VNs9pVp2eT4F9eEYBrBVDSNrD72MMTlWm1T5MEXqltTJJOCKzUEX96x - 91iW6A+4erop7S8hpCnxqkTin4bFVreqYcGc4CC4bh+L9pPqJnURcEk7Qeu/WEHQBm38voB4 - S11qRZNrJMQ99oiJR7hXDIBm66HjGqoUL2gPCfpgJEVVnM9pVv2k889z4eTTck2Qj54gga2W - Xkvw4Je420aDx88s9T2+PqXcbZ4g - </roa> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <roa action="publish" uri="rsync://wombat.invalid/testbed/RIR/R0/1/lqkUqDq000DIoYV9rmwKLgk7azo.roa"/> - </msg> - - <msg version="1" type="query" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <roa action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/R0/1/lqkUqDq000DIoYV9rmwKLgk7azo.roa"/> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <roa action="withdraw" uri="rsync://wombat.invalid/testbed/RIR/R0/1/lqkUqDq000DIoYV9rmwKLgk7azo.roa"/> - </msg> - - <!-- === --> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <report_error error_code="your_hair_is_on_fire">text string</report_error> - </msg> - - <msg version="1" type="reply" xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"> - <report_error error_code="your_hair_is_on_fire"/> - </msg> - -</completely_gratuitous_wrapper_element_to_let_me_run_this_through_xmllint> diff --git a/rpkid/tests/rcynic.conf b/rpkid/tests/rcynic.conf deleted file mode 100644 index ea31fe58..00000000 --- a/rpkid/tests/rcynic.conf +++ /dev/null @@ -1,14 +0,0 @@ -# $Id$ -# -# rcynic configuration for looking at yamltest results. - -[rcynic] -xml-summary = rcynic.xml -jitter = 0 -use-links = yes -use-syslog = no -use-stderr = yes -log-level = log_debug -max-parallel-fetches = 32 - -trust-anchor-locator = yamltest.dir/root.tal diff --git a/rpkid/tests/revoke.yaml b/rpkid/tests/revoke.yaml deleted file mode 100644 index 2edb8335..00000000 --- a/rpkid/tests/revoke.yaml +++ /dev/null @@ -1,420 +0,0 @@ -# $Id: smoketest.1.yaml 3881 2011-06-17 18:32:54Z sra $ - -# Copyright (C) 2009-2012 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. -# -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -name: RIR -crl_interval: 5m -regen_margin: 2m -valid_for: 2d -kids: - - name: R0 - kids: - - name: Alice - ipv4: 192.0.2.1-192.0.2.33 - asn: 64533 - roa_request: - - asn: 42 - ipv4: 192.0.2.32/32 - - name: Bob - ipv4: 192.0.2.44-192.0.2.100 - ipv4: 10.3.0.0/16 - roa_request: - - asn: 666 - ipv4: 10.3.0.44/32 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 - -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - rekey: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- name: R0 - revoke: -- sleep 10 - ---- -- shell sleep 1; - dir=rcynic.`date +%s`.data; mkdir $dir; - cd rcynic-data; - pax -rwl . ../$dir; find . -type f -name '*.cer' | - sort | - xargs ../../../../utils/uri/uri -s - >../${dir%.data}.uris; - sleep 1 -- sleep 30 diff --git a/rpkid/tests/rootd.yaml b/rpkid/tests/rootd.yaml deleted file mode 100644 index 2ee5dcd4..00000000 --- a/rpkid/tests/rootd.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# $Id$ ---- -version: 1 -posturl: https://localhost:4401/up-down/1 -recipient-id: "rootd" -sender-id: "RIR" - -cms-cert-file: RIR-RPKI-EE.cer -cms-key-file: RIR-RPKI-EE.key -cms-ca-cert-file: rootd-TA.cer -cms-cert-chain-file: [ RIR-RPKI-CA.cer ] - -ssl-cert-file: RIR-RPKI-EE.cer -ssl-key-file: RIR-RPKI-EE.key -ssl-ca-cert-file: rootd-TA.cer - -requests: - list: - type: list - issue: - type: issue - class: 1 - sia: - - rsync://localhost:4400/testbed/RIR/ diff --git a/rpkid/tests/rpki b/rpkid/tests/rpki deleted file mode 120000 index 8d289d0b..00000000 --- a/rpkid/tests/rpki +++ /dev/null @@ -1 +0,0 @@ -../rpki
\ No newline at end of file diff --git a/rpkid/tests/smoketest.1.yaml b/rpkid/tests/smoketest.1.yaml deleted file mode 100644 index 914aaae4..00000000 --- a/rpkid/tests/smoketest.1.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# $Id$ -# -# Copyright (C) 2013--2014 Dragon Research Labs ("DRL") -# Portions copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notices and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL -# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, -# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -name: RIR -crl_interval: 5m -regen_margin: 2m -valid_for: 2d -kids: - - name: R0 - ghostbuster: | - BEGIN:VCARD - VERSION:4.0 - FN:R0 - ORG:Organizational Entity - ADR;TYPE=WORK:;;42 Twisty Passage;Deep Cavern;WA;98666;U.S.A. - TEL;TYPE=VOICE,TEXT,WORK;VALUE=uri:tel:+1-666-555-1212 - TEL;TYPE=FAX,WORK;VALUE=uri:tel:+1-666-555-1213 - EMAIL:human@example.com - END:VCARD - kids: - - name: Alice - ipv4: 192.0.2.1-192.0.2.33 - asn: 64533 - roa_request: - - asn: 42 - ipv4: 192.0.2.32/32 - router_cert: - - router_id: 666 - asn: 42 - - name: Bob - ipv4: 192.0.2.44-192.0.2.100 - ipv4: 10.3.0.0/16 - roa_request: - - asn: 666 - ipv4: 10.3.0.44/32 - ---- -- shell set -x; - rtr_origin='python ../../../rtr-origin/rtr-origin.py'; - $rtr_origin --cronjob rcynic-data/authenticated && - $rtr_origin --show ---- -- name: R0 - rekey: ---- -- name: R0 - revoke: ---- -- name: Alice - valid_add: 10 -- name: R0 - roa_request_add: - - asn: 17 - ipv4: 10.3.0.1/32, 10.0.0.44/32 ---- -- shell set -x; - rtr_origin='python ../../../rtr-origin/rtr-origin.py'; - $rtr_origin --cronjob rcynic-data/authenticated && - $rtr_origin --show ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 diff --git a/rpkid/tests/smoketest.2.yaml b/rpkid/tests/smoketest.2.yaml deleted file mode 100644 index 0cdec650..00000000 --- a/rpkid/tests/smoketest.2.yaml +++ /dev/null @@ -1,126 +0,0 @@ -# $Id$ - -# Copyright (C) 2009 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. -# -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -name: RIR -valid_for: 2d -kids: - - name: R0 - kids: - - name: Alice - hosted_by: R0 - ipv4: 192.0.2.1-192.0.2.33 - asn: 64533 - - name: Bob - hosted_by: R0 - ipv4: 192.0.2.44-192.0.2.100 - - name: R1 - kids: - - name: Carol - hosted_by: R1 - ipv6: 2001:db8::44-2001:db8::100 - - name: Dave - hosted_by: R1 - ipv6: 2001:db8::10:0:44/128 - asn: 64544 - - name: R2 - kids: - - name: Elena - hosted_by: R2 - ipv4: 10.0.0.0/24 - ipv6: 2001:db8::a00:0/120 - - name: Frank - hosted_by: R2 - ipv4: 10.3.0.0/24 - ipv6: 2001:db8::a03:0/120 - - name: R3 - kids: - - name: Ginny - hosted_by: R3 - asn: 64534-64540 - - name: Harry - hosted_by: R3 - asn: 666-677 - - name: R4 - kids: - - name: Ilse - hosted_by: R4 - ipv4: 10.3.0.0/16 - - name: Jack - hosted_by: R4 - ipv4: 10.2.0.0/16 - - name: R5 - kids: - - name: Kari - hosted_by: R5 - asn: 222-233 - - name: Leon - hosted_by: R5 - asn: 244-255 - - name: R6 - kids: - - name: Mary - hosted_by: R6 - ipv4: 10.77.0.0/16 - - name: Neal - hosted_by: R6 - ipv4: 10.66.0.0/16 - - name: R7 - kids: - - name: Olga - hosted_by: R7 - ipv4: 10.88.0.0/16 - - name: Piet - hosted_by: R7 - ipv4: 10.99.0.0/16 - - name: R8 - kids: - - name: Qi - hosted_by: R8 - asn: 111-122 - - name: Rex - hosted_by: R8 - asn: 333-344 - - name: R9 - kids: - - name: Sandra - hosted_by: R9 - asn: 555-566 - - name: Thad - hosted_by: R9 - asn: 577-588 ---- -- name: Alice - add_as: 33 ---- -- name: Alice - sub_as: 33 ---- -- name: Alice - valid_for: 365d diff --git a/rpkid/tests/smoketest.3.yaml b/rpkid/tests/smoketest.3.yaml deleted file mode 100644 index e6a10a12..00000000 --- a/rpkid/tests/smoketest.3.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# $Id$ - -# Copyright (C) 2009-2010 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. -# -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -name: RIR -crl_interval: 2d -regen_margin: 1h -valid_for: 90d -kids: - - name: R0 - kids: - - name: Alice - ipv4: 192.0.2.0-192.0.2.33 - ipv6: 2002:0a00::/32 - asn: 64533 - roa_request: - - asn: 42 - ipv4: 192.0.2.0/30-32,192.0.2.32/32 - ipv6: 2002:0a00::/32-128 - - name: Bob - ipv4: 192.0.2.44-192.0.2.100 - ipv4: 10.3.0.0/16 - roa_request: - - asn: 666 - ipv4: 10.3.0.0/23 ---- -#- shell find publication -type f -name '*.roa' -# -print -exec ../../../utils/print_roa/print_roa {} \; -#- shell find publication -type f -name '*.mft' -# -print -exec ../../../utils/print_manifest/print_manifest {} \; -#--- -#- shell find publication -type f -name '*.roa' -# -print -exec ../../../utils/print_roa/print_roa {} \; -#- shell find publication -type f -name '*.mft' -# -print -exec ../../../utils/print_manifest/print_manifest {} \; -#--- -- shell set -x; - rtr_origin=../../../rtr-origin/rtr-origin; - $rtr_origin --cronjob rcynic-data/authenticated && - $rtr_origin --show ---- -- name: Alice - roa_request_del: - - asn: 42 - ipv4: 192.0.2.0/30-32,192.0.2.32/32 - ipv6: 2002:0a00::/32-128 - roa_request_add: - - asn: 666 - ipv4: 192.0.2.0/30-32,192.0.2.32/32 - ipv6: 2002:0a00::/32-128 ---- -- shell set -x; - rtr_origin=../../../rtr-origin/rtr-origin; - $rtr_origin --cronjob rcynic-data/authenticated && - $rtr_origin --show diff --git a/rpkid/tests/smoketest.4.yaml b/rpkid/tests/smoketest.4.yaml deleted file mode 100644 index c0d446bc..00000000 --- a/rpkid/tests/smoketest.4.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# $Id$ - -# Copyright (C) 2011 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. -# -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -# This is a test of what happens when certificates go missing in -# action, IRDB data expires, etc. Expected result: -# -# - RIR, R0, and Alice get certs -# - Bob gets no cert at all -# - RO and Alice have short-lived certs, which go away -# - Test ends with only RIR having a cert -# -# If run on a very slow machine, the 60 second expiration may have -# already passed by the time everything is up and running, in which -# case nobody but RIR will ever get any certs. -# -# The extra cycles with no sleep are deliberate, at one point we had a -# cycle where parent would issue a cert that had already expired, -# which led to a tight loop of revocation and reissuance every cycle; -# we're checking to make sure that doesn't happen anymore, although -# things should never get to that point because list_response should -# discourage the child from ever asking for a cert in the first place. - -name: RIR -valid_for: 60 -kids: - - name: R0 - kids: - - name: Alice - ipv4: 192.0.2.1-192.0.2.33 - asn: 64533 - - name: Bob - ipv4: 192.0.2.34-192.0.2.65 - valid_for: -10 ---- ---- ---- ---- ---- ---- -- sleep 30 ---- -- sleep 30 ---- ---- ---- diff --git a/rpkid/tests/smoketest.5.yaml b/rpkid/tests/smoketest.5.yaml deleted file mode 100644 index c6304dfc..00000000 --- a/rpkid/tests/smoketest.5.yaml +++ /dev/null @@ -1,65 +0,0 @@ -# $Id$ - -# Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -rootd: - lifetime: 2m30s -name: RIR -crl_interval: 1m30s -regen_margin: 2m -valid_for: 1h -kids: - - name: R0 - kids: - - name: Alice - ipv4: 192.0.2.1-192.0.2.33 - asn: 64533 - roa_request: - - asn: 42 - ipv4: 192.0.2.32/32 - - name: Bob - ipv4: 192.0.2.44-192.0.2.100 - ipv4: 10.3.0.0/16 - roa_request: - - asn: 666 - ipv4: 10.3.0.44/32 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 ---- -- sleep 30 diff --git a/rpkid/tests/smoketest.6.yaml b/rpkid/tests/smoketest.6.yaml deleted file mode 100644 index e8d65433..00000000 --- a/rpkid/tests/smoketest.6.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# $Id$ - -# Copyright (C) 2009-2013 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -name: RIR -valid_for: 4w -kids: - - name: Alice - hosted_by: RIR - # - # To test immediate expiration - #valid_for: 5m - # - # To test what happens when we reach rgen_margin - #valid_for: 2w2h5m - #valid_for: 2w5m - # - kids: - - name: Betty - hosted_by: RIR - kids: - - name: Carol - hosted_by: RIR - ghostbuster: | - BEGIN:VCARD - VERSION:4.0 - FN:Carol Clever - EMAIL:carol@example.org - END:VCARD - kids: - - name: Dana - hosted_by: RIR - kids: - - name: Eve - hosted_by: RIR - kids: - - name: Fiona - hosted_by: RIR - ipv4: 192.0.2.1-192.0.2.33 - asn: 64533 - ipv6: 2001:db8::44-2001:db8::100 - roa_request: - - asn: 64533 - ipv6: 2001:db8::80/121 - ghostbusters: - - | - BEGIN:VCARD - VERSION:4.0 - FN:Fiona Fearless - EMAIL:fiona@example.org - END:VCARD - - | - BEGIN:VCARD - VERSION:4.0 - FN:Frank Fearless - EMAIL:frank@example.org - END:VCARD ---- -- name: Fiona - add_as: 33 ---- -- name: Fiona - sub_as: 33 ---- ---- ---- ---- -#- name: Fiona -# valid_for: 365d diff --git a/rpkid/tests/smoketest.7.yaml b/rpkid/tests/smoketest.7.yaml deleted file mode 100644 index fedd2fff..00000000 --- a/rpkid/tests/smoketest.7.yaml +++ /dev/null @@ -1,77 +0,0 @@ -# $Id$ - -# Copyright (C) 2009 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -# Test configuration to generate some initial ROAs for Pradosh to use -# in testing his code, until Randy has the live testbed set up. - -# Python code to remove overlaps in a set of prefixes (needed to take -# something like this peval output and feed it into smoketest.py): -# -# import rpki.resource_set -# -# r = rpki.resource_set.resource_set_ipv4() -# -# for p in prefixes: -# r = r.union(rpki.resource_set.resource_set_ipv4(p)) -# -# print r -# -# -# where "prefixes" is a sequence of prefixes in text form, eg, what -# you'd get if you applied .split(", ") to the peval output below. - - -# ran.psg.com:/usr/home/randy> peval as3130 -# ({198.180.152.0/24, 198.180.153.0/24, 198.180.152.0/25, 198.180.152.128/25, 198.180.150.0/24, 198.180.151.0/24, 198.133.206.0/24, 192.83.230.0/24, 147.28.0.0/16, 147.28.128.0/17, 147.28.128.0/18, 147.28.192.0/18, 147.28.192.0/19, 147.28.192.0/20, 147.28.192.0/21, 147.28.192.0/22, 147.28.192.0/23, 147.28.192.0/24, 147.28.192.0/25, 147.28.192.0/26, 147.28.128.0/19, 147.28.128.0/20, 147.28.128.0/21, 147.28.128.0/22, 147.28.128.0/23, 147.28.128.0/24, 147.28.128.0/25, 147.28.128.0/26}) -# -# ran.psg.com:/usr/home/randy> peval as2914 -# ({216.167.0.0/17, 216.105.240.0/24, 216.44.0.0/16, 216.42.0.0/16, 213.198.0.0/17, 213.130.32.0/19, 212.119.0.0/19, 212.105.160.0/19, 211.130.96.0/19, 211.1.32.0/19, 211.1.60.0/22, 211.1.48.0/23, 211.1.32.0/20, 210.175.160.0/19, 209.243.96.0/20, 209.243.70.0/23, 209.238.0.0/16, 209.227.0.0/17, 209.207.128.0/17, 209.189.0.0/17, 209.170.0.0/18, 209.168.0.0/17, 209.162.64.0/18, 209.157.0.0/16, 209.139.128.0/18, 209.139.0.0/17, 209.130.0.0/17, 209.124.0.0/19, 209.112.96.0/20, 209.107.64.0/19, 209.107.0.0/18, 209.75.0.0/16, 209.70.0.0/16, 209.69.0.0/16, 209.59.32.0/19, 209.57.0.0/16, 209.43.128.0/17, 209.41.0.0/18, 209.39.0.0/16, 209.24.0.0/16, 209.21.0.0/18, 208.55.0.0/16, 207.241.0.0/17, 207.207.128.0/19, 207.206.0.0/17, 207.201.128.0/18, 207.199.0.0/17, 207.198.128.0/17, 207.197.128.0/17, 207.196.0.0/17, 207.195.240.0/20, 207.159.0.0/18, 207.158.192.0/18, 207.156.128.0/17, 207.153.128.0/17, 207.152.64.0/18, 207.150.128.0/19, 207.150.0.0/17, 207.137.0.0/16, 207.126.254.0/23, 207.126.240.0/21, 207.111.64.0/18, 207.97.0.0/17, 207.91.64.0/18, 207.71.64.0/18, 207.67.128.0/17, 207.58.0.0/17, 207.56.0.0/15, 207.55.192.0/19, 207.55.128.0/18, 207.33.0.0/16, 207.32.64.0/18, 207.31.192.0/18, 207.22.64.0/18, 207.21.128.0/18, 207.21.0.0/17, 207.20.0.0/16, 206.252.0.0/19, 206.239.0.0/16, 206.222.32.0/19, 206.213.64.0/18, 206.197.192.0/24, 206.197.81.0/24, 206.184.0.0/16, 206.183.192.0/19, 206.169.194.0/24, 206.169.195.0/24, 206.169.186.0/24, 206.169.41.0/24, 206.166.128.0/18, 206.163.192.0/19, 206.163.128.0/18, 206.163.0.0/17, 206.86.0.0/16, 206.82.32.0/19, 206.80.32.0/19, 206.68.0.0/15, 206.58.0.0/16, 206.55.0.0/18, 206.54.0.0/18, 206.52.0.0/16, 206.50.0.0/16, 206.14.0.0/16, 205.238.0.0/18, 205.212.0.0/16, 205.157.128.0/20, 205.153.56.0/22, 205.149.160.0/19, 205.146.0.0/16, 204.247.0.0/16, 204.245.128.0/17, 204.233.0.0/16, 204.227.160.0/19, 204.200.0.0/14, 204.194.176.0/21, 204.170.0.0/15, 204.156.128.0/19, 204.156.0.0/19, 204.142.0.0/15, 204.141.0.0/16, 204.108.0.0/23, 204.75.146.0/24, 204.68.197.0/24, 204.62.232.0/24, 204.57.32.0/19, 204.42.0.0/16, 204.0.0.0/14, 204.0.43.0/24, 203.215.136.0/23, 203.208.120.0/21, 203.208.120.0/22, 203.208.124.0/22, 203.208.120.0/23, 203.208.122.0/23, 203.208.124.0/23, 203.208.126.0/23, 203.208.120.0/24, 203.208.121.0/24, 203.208.122.0/24, 203.208.123.0/24, 203.208.124.0/24, 203.208.125.0/24, 203.208.126.0/24, 203.208.127.0/24, 203.208.80.0/21, 203.208.80.0/22, 203.208.84.0/22, 203.208.80.0/23, 203.208.82.0/23, 203.208.84.0/23, 203.208.86.0/23, 203.208.80.0/24, 203.208.81.0/24, 203.208.82.0/24, 203.208.83.0/24, 203.208.84.0/24, 203.208.85.0/24, 203.208.86.0/24, 203.208.87.0/24, 203.205.112.0/20, 203.131.240.0/20, 203.131.248.0/21, 203.105.64.0/19, 203.105.80.0/21, 203.105.72.0/22, 203.78.192.0/20, 203.33.3.0/24, 203.32.132.0/24, 203.20.71.0/24, 203.12.225.0/24, 202.237.244.0/24, 202.163.134.0/24, 202.163.132.0/24, 202.163.128.0/22, 202.163.128.0/24, 202.163.129.0/24, 202.163.130.0/24, 202.163.131.0/24, 202.153.208.0/20, 202.69.224.0/20, 202.68.64.0/20, 202.68.64.0/21, 202.68.72.0/21, 202.68.64.0/22, 202.68.68.0/22, 202.68.72.0/22, 202.68.76.0/22, 202.68.64.0/23, 202.68.66.0/23, 202.68.68.0/23, 202.68.70.0/23, 202.68.72.0/23, 202.68.74.0/23, 202.68.76.0/23, 202.68.78.0/23, 202.68.64.0/24, 202.68.65.0/24, 202.68.66.0/24, 202.68.67.0/24, 202.68.68.0/24, 202.68.69.0/24, 202.68.70.0/24, 202.68.71.0/24, 202.68.72.0/24, 202.68.73.0/24, 202.68.74.0/24, 202.68.75.0/24, 202.68.76.0/24, 202.68.77.0/24, 202.68.78.0/24, 202.68.79.0/24, 202.47.16.0/20, 202.23.124.0/24, 200.15.0.0/16, 199.245.16.0/20, 199.240.0.0/16, 199.236.0.0/14, 199.234.0.0/16, 199.224.0.0/20, 199.217.128.0/17, 199.212.0.0/24, 199.201.197.0/24, 199.184.226.0/24, 199.184.212.0/24, 199.164.210.0/24, 199.103.128.0/17, 199.73.40.0/23, 199.73.32.0/21, 199.4.64.0/18, 198.252.194.0/23, 198.247.0.0/16, 198.232.16.0/24, 198.172.0.0/15, 198.170.0.0/15, 198.170.208.0/24, 198.138.0.0/15, 198.106.0.0/15, 198.104.0.0/16, 198.88.0.0/16, 198.87.0.0/16, 198.84.16.0/20, 198.66.0.0/16, 198.64.0.0/15, 198.63.0.0/16, 195.234.244.0/22, 192.220.0.0/16, 192.217.0.0/16, 192.204.0.0/16, 192.195.85.0/24, 192.159.82.0/24, 192.147.176.0/22, 192.147.175.0/24, 192.147.160.0/21, 192.108.74.0/23, 192.102.248.0/24, 192.80.12.0/22, 192.67.240.0/23, 192.67.236.0/22, 192.41.219.0/24, 192.41.171.0/24, 192.11.188.0/24, 170.253.0.0/16, 170.250.0.0/16, 170.249.64.0/19, 170.249.0.0/19, 168.143.0.0/16, 165.254.0.0/16, 164.162.0.0/16, 161.58.0.0/16, 159.230.128.0/20, 159.230.138.0/24, 157.238.0.0/16, 157.107.0.0/16, 154.37.0.0/16, 140.174.0.0/16, 131.103.0.0/16, 130.94.0.0/16, 130.94.60.0/24, 129.250.0.0/16, 129.192.196.0/22, 129.7.136.0/24, 128.242.0.0/16, 128.241.0.0/16, 128.241.83.0/29, 128.121.0.0/16, 125.56.144.0/21, 125.56.152.0/21, 124.40.0.0/18, 124.40.0.0/19, 124.40.32.0/19, 122.255.80.0/20, 120.29.160.0/19, 120.29.144.0/21, 119.161.104.0/21, 118.215.168.0/21, 118.215.136.0/21, 118.215.64.0/21, 118.214.208.0/21, 118.214.216.0/21, 117.104.128.0/19, 117.104.64.0/18, 117.103.176.0/20, 116.51.16.0/21, 96.17.167.0/24, 96.17.157.0/24, 96.17.155.0/24, 96.17.32.0/20, 96.16.224.0/21, 96.16.232.0/21, 96.16.240.0/21, 96.16.248.0/21, 96.6.224.0/20, 96.6.176.0/20, 96.6.144.0/20, 96.6.40.0/24, 91.186.160.0/19, 89.238.138.0/24, 83.231.128.0/17, 82.112.96.0/19, 81.93.208.0/20, 81.93.176.0/20, 81.93.189.0/24, 81.25.192.0/20, 81.20.64.0/20, 81.19.96.0/20, 80.68.16.0/21, 72.247.200.0/21, 72.247.128.0/21, 72.247.125.0/24, 72.247.56.0/22, 72.247.52.0/22, 72.246.32.0/21, 69.192.96.0/20, 69.192.32.0/20, 69.192.48.0/20, 69.55.56.0/23, 69.41.176.0/21, 69.41.168.0/21, 69.41.166.0/23, 69.41.165.0/24, 69.41.160.0/24, 66.249.144.0/24, 66.187.28.0/24, 64.7.64.0/19, 62.73.160.0/19, 61.251.96.0/20, 61.213.160.0/19, 61.213.144.0/20, 61.200.80.0/20, 61.200.80.0/21, 61.200.88.0/21, 61.120.144.0/20, 61.120.144.0/21, 61.120.152.0/21, 61.114.112.0/20, 61.114.120.0/21, 61.114.112.0/22, 61.58.32.0/20, 61.28.200.0/24, 61.28.199.0/24, 60.254.153.0/24, 60.254.132.0/22, 59.151.184.0/22}) -# -# ran.psg.com:/usr/home/randy> peval as1239 -# ({207.7.0.0/18, 204.248.180.0/25, 204.241.122.0/24, 204.217.244.0/24, 203.98.192.0/19, 193.188.96.0/23, 192.77.142.0/24, 192.31.36.0/24, 192.31.32.0/22, 192.23.224.0/21, 192.23.208.0/20, 192.23.76.0/24, 192.23.75.0/24, 163.183.0.0/16, 157.245.70.0/24, 134.32.0.0/16, 129.87.0.0/16, 85.237.96.0/19, 72.246.128.0/20, 65.168.150.0/23, 65.168.149.0/24, 63.172.252.0/22, 63.171.143.128/25, 63.169.52.128/25}) -# -# ran.psg.com:/usr/home/randy> peval as701 -# ({208.91.236.0/22, 203.33.196.0/24, 203.27.251.0/24, 198.80.148.0/24, 198.80.131.0/24, 157.130.103.144/30, 140.222.224.0/24, 65.243.171.0/24, 63.122.162.212/30, 63.116.191.0/24, 63.81.136.0/24, 17.0.0.0/8, 17.128.0.0/9}) - - -name: Alice - -valid_for: 2d - -ipv4: 17.0.0.0/8,59.151.184.0/22,60.254.132.0/22,60.254.153.0/24,61.28.199.0-61.28.200.255,61.58.32.0/20,61.114.112.0/20,61.120.144.0/20,61.200.80.0/20,61.213.144.0-61.213.191.255,61.251.96.0/20,62.73.160.0/19,63.81.136.0/24,63.116.191.0/24,63.122.162.212/30,63.169.52.128/25,63.171.143.128/25,63.172.252.0/22,64.7.64.0/19,65.168.149.0-65.168.151.255,65.243.171.0/24,66.187.28.0/24,66.249.144.0/24,69.41.160.0/24,69.41.165.0-69.41.183.255,69.55.56.0/23,69.192.32.0/19,69.192.96.0/20,72.246.32.0/21,72.246.128.0/20,72.247.52.0-72.247.59.255,72.247.125.0/24,72.247.128.0/21,72.247.200.0/21,80.68.16.0/21,81.19.96.0/20,81.20.64.0/20,81.25.192.0/20,81.93.176.0/20,81.93.208.0/20,82.112.96.0/19,83.231.128.0/17,85.237.96.0/19,89.238.138.0/24,91.186.160.0/19,96.6.40.0/24,96.6.144.0/20,96.6.176.0/20,96.6.224.0/20,96.16.224.0/19,96.17.32.0/20,96.17.155.0/24,96.17.157.0/24,96.17.167.0/24,116.51.16.0/21,117.103.176.0/20,117.104.64.0-117.104.159.255,118.214.208.0/20,118.215.64.0/21,118.215.136.0/21,118.215.168.0/21,119.161.104.0/21,120.29.144.0/21,120.29.160.0/19,122.255.80.0/20,124.40.0.0/18,125.56.144.0/20,128.121.0.0/16,128.241.0.0-128.242.255.255,129.7.136.0/24,129.87.0.0/16,129.192.196.0/22,129.250.0.0/16,130.94.0.0/16,131.103.0.0/16,134.32.0.0/16,140.174.0.0/16,140.222.224.0/24,147.28.0.0/16,154.37.0.0/16,157.107.0.0/16,157.130.103.144/30,157.238.0.0/16,157.245.70.0/24,159.230.128.0/20,161.58.0.0/16,163.183.0.0/16,164.162.0.0/16,165.254.0.0/16,168.143.0.0/16,170.249.0.0/19,170.249.64.0/19,170.250.0.0/16,170.253.0.0/16,192.11.188.0/24,192.23.75.0-192.23.76.255,192.23.208.0-192.23.231.255,192.31.32.0-192.31.36.255,192.41.171.0/24,192.41.219.0/24,192.67.236.0-192.67.241.255,192.77.142.0/24,192.80.12.0/22,192.83.230.0/24,192.102.248.0/24,192.108.74.0/23,192.147.160.0/21,192.147.175.0-192.147.179.255,192.159.82.0/24,192.195.85.0/24,192.204.0.0/16,192.217.0.0/16,192.220.0.0/16,193.188.96.0/23,195.234.244.0/22,198.63.0.0-198.66.255.255,198.80.131.0/24,198.80.148.0/24,198.84.16.0/20,198.87.0.0-198.88.255.255,198.104.0.0/16,198.106.0.0/15,198.133.206.0/24,198.138.0.0/15,198.170.0.0-198.173.255.255,198.180.150.0-198.180.153.255,198.232.16.0/24,198.247.0.0/16,198.252.194.0/23,199.4.64.0/18,199.73.32.0-199.73.41.255,199.103.128.0/17,199.164.210.0/24,199.184.212.0/24,199.184.226.0/24,199.201.197.0/24,199.212.0.0/24,199.217.128.0/17,199.224.0.0/20,199.234.0.0/16,199.236.0.0-199.240.255.255,199.245.16.0/20,200.15.0.0/16,202.23.124.0/24,202.47.16.0/20,202.68.64.0/20,202.69.224.0/20,202.153.208.0/20,202.163.128.0-202.163.132.255,202.163.134.0/24,202.237.244.0/24,203.12.225.0/24,203.20.71.0/24,203.27.251.0/24,203.32.132.0/24,203.33.3.0/24,203.33.196.0/24,203.78.192.0/20,203.98.192.0/19,203.105.64.0/19,203.131.240.0/20,203.205.112.0/20,203.208.80.0/21,203.208.120.0/21,203.215.136.0/23,204.0.0.0/14,204.42.0.0/16,204.57.32.0/19,204.62.232.0/24,204.68.197.0/24,204.75.146.0/24,204.108.0.0/23,204.141.0.0-204.143.255.255,204.156.0.0/19,204.156.128.0/19,204.170.0.0/15,204.194.176.0/21,204.200.0.0/14,204.217.244.0/24,204.227.160.0/19,204.233.0.0/16,204.241.122.0/24,204.245.128.0/17,204.247.0.0/16,204.248.180.0/25,205.146.0.0/16,205.149.160.0/19,205.153.56.0/22,205.157.128.0/20,205.212.0.0/16,205.238.0.0/18,206.14.0.0/16,206.50.0.0/16,206.52.0.0/16,206.54.0.0/18,206.55.0.0/18,206.58.0.0/16,206.68.0.0/15,206.80.32.0/19,206.82.32.0/19,206.86.0.0/16,206.163.0.0-206.163.223.255,206.166.128.0/18,206.169.41.0/24,206.169.186.0/24,206.169.194.0/23,206.183.192.0/19,206.184.0.0/16,206.197.81.0/24,206.197.192.0/24,206.213.64.0/18,206.222.32.0/19,206.239.0.0/16,206.252.0.0/19,207.7.0.0/18,207.20.0.0-207.21.191.255,207.22.64.0/18,207.31.192.0/18,207.32.64.0/18,207.33.0.0/16,207.55.128.0-207.55.223.255,207.56.0.0-207.58.127.255,207.67.128.0/17,207.71.64.0/18,207.91.64.0/18,207.97.0.0/17,207.111.64.0/18,207.126.240.0/21,207.126.254.0/23,207.137.0.0/16,207.150.0.0-207.150.159.255,207.152.64.0/18,207.153.128.0/17,207.156.128.0/17,207.158.192.0-207.159.63.255,207.195.240.0-207.196.127.255,207.197.128.0/17,207.198.128.0-207.199.127.255,207.201.128.0/18,207.206.0.0/17,207.207.128.0/19,207.241.0.0/17,208.55.0.0/16,208.91.236.0/22,209.21.0.0/18,209.24.0.0/16,209.39.0.0/16,209.41.0.0/18,209.43.128.0/17,209.57.0.0/16,209.59.32.0/19,209.69.0.0-209.70.255.255,209.75.0.0/16,209.107.0.0-209.107.95.255,209.112.96.0/20,209.124.0.0/19,209.130.0.0/17,209.139.0.0-209.139.191.255,209.157.0.0/16,209.162.64.0/18,209.168.0.0/17,209.170.0.0/18,209.189.0.0/17,209.207.128.0/17,209.227.0.0/17,209.238.0.0/16,209.243.70.0/23,209.243.96.0/20,210.175.160.0/19,211.1.32.0/19,211.130.96.0/19,212.105.160.0/19,212.119.0.0/19,213.130.32.0/19,213.198.0.0/17,216.42.0.0/16,216.44.0.0/16,216.105.240.0/24,216.167.0.0/17 - -roa_request: - - - asn: 3130 - ipv4: 198.180.152.0/24,198.180.153.0/24,198.180.152.0/25,198.180.152.128/25,198.180.150.0/24,198.180.151.0/24,198.133.206.0/24,192.83.230.0/24,147.28.0.0/16-24 - - - asn: 2914 - ipv4: 216.167.0.0/17,216.105.240.0/24,216.44.0.0/16,216.42.0.0/16,213.198.0.0/17,213.130.32.0/19,212.119.0.0/19,212.105.160.0/19,211.130.96.0/19,211.1.32.0/19,211.1.60.0/22,211.1.48.0/23,211.1.32.0/20,210.175.160.0/19,209.243.96.0/20,209.243.70.0/23,209.238.0.0/16,209.227.0.0/17,209.207.128.0/17,209.189.0.0/17,209.170.0.0/18,209.168.0.0/17,209.162.64.0/18,209.157.0.0/16,209.139.128.0/18,209.139.0.0/17,209.130.0.0/17,209.124.0.0/19,209.112.96.0/20,209.107.64.0/19,209.107.0.0/18,209.75.0.0/16,209.70.0.0/16,209.69.0.0/16,209.59.32.0/19,209.57.0.0/16,209.43.128.0/17,209.41.0.0/18,209.39.0.0/16,209.24.0.0/16,209.21.0.0/18,208.55.0.0/16,207.241.0.0/17,207.207.128.0/19,207.206.0.0/17,207.201.128.0/18,207.199.0.0/17,207.198.128.0/17,207.197.128.0/17,207.196.0.0/17,207.195.240.0/20,207.159.0.0/18,207.158.192.0/18,207.156.128.0/17,207.153.128.0/17,207.152.64.0/18,207.150.128.0/19,207.150.0.0/17,207.137.0.0/16,207.126.254.0/23,207.126.240.0/21,207.111.64.0/18,207.97.0.0/17,207.91.64.0/18,207.71.64.0/18,207.67.128.0/17,207.58.0.0/17,207.56.0.0/15,207.55.192.0/19,207.55.128.0/18,207.33.0.0/16,207.32.64.0/18,207.31.192.0/18,207.22.64.0/18,207.21.128.0/18,207.21.0.0/17,207.20.0.0/16,206.252.0.0/19,206.239.0.0/16,206.222.32.0/19,206.213.64.0/18,206.197.192.0/24,206.197.81.0/24,206.184.0.0/16,206.183.192.0/19,206.169.194.0/24,206.169.195.0/24,206.169.186.0/24,206.169.41.0/24,206.166.128.0/18,206.163.192.0/19,206.163.128.0/18,206.163.0.0/17,206.86.0.0/16,206.82.32.0/19,206.80.32.0/19,206.68.0.0/15,206.58.0.0/16,206.55.0.0/18,206.54.0.0/18,206.52.0.0/16,206.50.0.0/16,206.14.0.0/16,205.238.0.0/18,205.212.0.0/16,205.157.128.0/20,205.153.56.0/22,205.149.160.0/19,205.146.0.0/16,204.247.0.0/16,204.245.128.0/17,204.233.0.0/16,204.227.160.0/19,204.200.0.0/14,204.194.176.0/21,204.170.0.0/15,204.156.128.0/19,204.156.0.0/19,204.142.0.0/15,204.141.0.0/16,204.108.0.0/23,204.75.146.0/24,204.68.197.0/24,204.62.232.0/24,204.57.32.0/19,204.42.0.0/16,204.0.0.0/14,204.0.43.0/24,203.215.136.0/23,203.208.120.0/21,203.208.120.0/22,203.208.124.0/22,203.208.120.0/23,203.208.122.0/23,203.208.124.0/23,203.208.126.0/23,203.208.120.0/24,203.208.121.0/24,203.208.122.0/24,203.208.123.0/24,203.208.124.0/24,203.208.125.0/24,203.208.126.0/24,203.208.127.0/24,203.208.80.0/21,203.208.80.0/22,203.208.84.0/22,203.208.80.0/23,203.208.82.0/23,203.208.84.0/23,203.208.86.0/23,203.208.80.0/24,203.208.81.0/24,203.208.82.0/24,203.208.83.0/24,203.208.84.0/24,203.208.85.0/24,203.208.86.0/24,203.208.87.0/24,203.205.112.0/20,203.131.240.0/20,203.131.248.0/21,203.105.64.0/19,203.105.80.0/21,203.105.72.0/22,203.78.192.0/20,203.33.3.0/24,203.32.132.0/24,203.20.71.0/24,203.12.225.0/24,202.237.244.0/24,202.163.134.0/24,202.163.132.0/24,202.163.128.0/22,202.163.128.0/24,202.163.129.0/24,202.163.130.0/24,202.163.131.0/24,202.153.208.0/20,202.69.224.0/20,202.68.64.0/20,202.68.64.0/21,202.68.72.0/21,202.68.64.0/22,202.68.68.0/22,202.68.72.0/22,202.68.76.0/22,202.68.64.0/23,202.68.66.0/23,202.68.68.0/23,202.68.70.0/23,202.68.72.0/23,202.68.74.0/23,202.68.76.0/23,202.68.78.0/23,202.68.64.0/24,202.68.65.0/24,202.68.66.0/24,202.68.67.0/24,202.68.68.0/24,202.68.69.0/24,202.68.70.0/24,202.68.71.0/24,202.68.72.0/24,202.68.73.0/24,202.68.74.0/24,202.68.75.0/24,202.68.76.0/24,202.68.77.0/24,202.68.78.0/24,202.68.79.0/24,202.47.16.0/20,202.23.124.0/24,200.15.0.0/16,199.245.16.0/20,199.240.0.0/16,199.236.0.0/14,199.234.0.0/16,199.224.0.0/20,199.217.128.0/17,199.212.0.0/24,199.201.197.0/24,199.184.226.0/24,199.184.212.0/24,199.164.210.0/24,199.103.128.0/17,199.73.40.0/23,199.73.32.0/21,199.4.64.0/18,198.252.194.0/23,198.247.0.0/16,198.232.16.0/24,198.172.0.0/15,198.170.0.0/15,198.170.208.0/24,198.138.0.0/15,198.106.0.0/15,198.104.0.0/16,198.88.0.0/16,198.87.0.0/16,198.84.16.0/20,198.66.0.0/16,198.64.0.0/15,198.63.0.0/16,195.234.244.0/22,192.220.0.0/16,192.217.0.0/16,192.204.0.0/16,192.195.85.0/24,192.159.82.0/24,192.147.176.0/22,192.147.175.0/24,192.147.160.0/21,192.108.74.0/23,192.102.248.0/24,192.80.12.0/22,192.67.240.0/23,192.67.236.0/22,192.41.219.0/24,192.41.171.0/24,192.11.188.0/24,170.253.0.0/16,170.250.0.0/16,170.249.64.0/19,170.249.0.0/19,168.143.0.0/16,165.254.0.0/16,164.162.0.0/16,161.58.0.0/16,159.230.128.0/20,159.230.138.0/24,157.238.0.0/16,157.107.0.0/16,154.37.0.0/16,140.174.0.0/16,131.103.0.0/16,130.94.0.0/16,130.94.60.0/24,129.250.0.0/16,129.192.196.0/22,129.7.136.0/24,128.242.0.0/16,128.241.0.0/16,128.241.83.0/29,128.121.0.0/16,125.56.144.0/21,125.56.152.0/21,124.40.0.0/18,124.40.0.0/19,124.40.32.0/19,122.255.80.0/20,120.29.160.0/19,120.29.144.0/21,119.161.104.0/21,118.215.168.0/21,118.215.136.0/21,118.215.64.0/21,118.214.208.0/21,118.214.216.0/21,117.104.128.0/19,117.104.64.0/18,117.103.176.0/20,116.51.16.0/21,96.17.167.0/24,96.17.157.0/24,96.17.155.0/24,96.17.32.0/20,96.16.224.0/21,96.16.232.0/21,96.16.240.0/21,96.16.248.0/21,96.6.224.0/20,96.6.176.0/20,96.6.144.0/20,96.6.40.0/24,91.186.160.0/19,89.238.138.0/24,83.231.128.0/17,82.112.96.0/19,81.93.208.0/20,81.93.176.0/20,81.93.189.0/24,81.25.192.0/20,81.20.64.0/20,81.19.96.0/20,80.68.16.0/21,72.247.200.0/21,72.247.128.0/21,72.247.125.0/24,72.247.56.0/22,72.247.52.0/22,72.246.32.0/21,69.192.96.0/20,69.192.32.0/20,69.192.48.0/20,69.55.56.0/23,69.41.176.0/21,69.41.168.0/21,69.41.166.0/23,69.41.165.0/24,69.41.160.0/24,66.249.144.0/24,66.187.28.0/24,64.7.64.0/19,62.73.160.0/19,61.251.96.0/20,61.213.160.0/19,61.213.144.0/20,61.200.80.0/20,61.200.80.0/21,61.200.88.0/21,61.120.144.0/20,61.120.144.0/21,61.120.152.0/21,61.114.112.0/20,61.114.120.0/21,61.114.112.0/22,61.58.32.0/20,61.28.200.0/24,61.28.199.0/24,60.254.153.0/24,60.254.132.0/22,59.151.184.0/22 - - - asn: 1239 - ipv4: 207.7.0.0/18,204.248.180.0/25,204.241.122.0/24,204.217.244.0/24,203.98.192.0/19,193.188.96.0/23,192.77.142.0/24,192.31.36.0/24,192.31.32.0/22,192.23.224.0/21,192.23.208.0/20,192.23.76.0/24,192.23.75.0/24,163.183.0.0/16,157.245.70.0/24,134.32.0.0/16,129.87.0.0/16,85.237.96.0/19,72.246.128.0/20,65.168.150.0/23,65.168.149.0/24,63.172.252.0/22,63.171.143.128/25,63.169.52.128/25 - - - asn: 701 - ipv4: 208.91.236.0/22,203.33.196.0/24,203.27.251.0/24,198.80.148.0/24,198.80.131.0/24,157.130.103.144/30,140.222.224.0/24,65.243.171.0/24,63.122.162.212/30,63.116.191.0/24,63.81.136.0/24,17.0.0.0/8,17.128.0.0/9 - ---- -- shell set -x; - find publication -type f -name '*.roa' - -print -exec ../../../utils/print_roa/print_roa {} \; - ; - rtr_origin=../../../rtr-origin/rtr-origin; - $rtr_origin --cronjob rcynic-data/authenticated && - $rtr_origin --show diff --git a/rpkid/tests/smoketest.8.yaml b/rpkid/tests/smoketest.8.yaml deleted file mode 100644 index cd6d1e7a..00000000 --- a/rpkid/tests/smoketest.8.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# $Id$ - -# Copyright (C) 2009-2010 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -name: RIR -valid_for: 2d -kids: - - name: Alice - hosted_by: RIR - kids: - - name: Betty - hosted_by: RIR - kids: - - name: Carol - hosted_by: RIR - kids: - - name: Dana - hosted_by: RIR - kids: - - name: Eve - hosted_by: RIR - kids: - - name: Fiona - hosted_by: RIR - ipv4: 10.0.0.0/8 - asn: 64533 - roa_request: - - asn: 64533 - ipv4: 10.0.0.0/24 diff --git a/rpkid/tests/smoketest.9.yaml b/rpkid/tests/smoketest.9.yaml deleted file mode 100644 index 3efc4f08..00000000 --- a/rpkid/tests/smoketest.9.yaml +++ /dev/null @@ -1,849 +0,0 @@ -# $Id$ - -# Copyright (C) 2009-2010 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. -# -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -name: RIR -crl_interval: 30s -regen_margin: 30s -valid_for: 2m -kids: - - name: R0 - kids: - - name: Alice - ipv4: 192.0.2.1-192.0.2.33 - asn: 64533 - roa_request: - - asn: 42 - ipv4: 192.0.2.32/32 - - name: Bob - ipv4: 192.0.2.44-192.0.2.100 - ipv4: 10.3.0.0/16 - roa_request: - - asn: 666 - ipv4: 10.3.0.44/32 ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m ---- -- sleep 15 -- name: RIR - valid_for: 2m -- name: R0 - valid_for: 2m -- name: Alice - valid_for: 2m -- name: Bob - valid_for: 2m diff --git a/rpkid/tests/smoketest.clean.sql b/rpkid/tests/smoketest.clean.sql deleted file mode 100644 index 9f5ff9fb..00000000 --- a/rpkid/tests/smoketest.clean.sql +++ /dev/null @@ -1,54 +0,0 @@ --- $Id$ - --- Copyright (C) 2009 Internet Systems Consortium ("ISC") --- --- Permission to use, copy, modify, and distribute this software for any --- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. --- --- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. - --- Clean up databases left behind by smoketest.py et al. - -DROP DATABASE IF EXISTS irdb0; -DROP DATABASE IF EXISTS irdb1; -DROP DATABASE IF EXISTS irdb2; -DROP DATABASE IF EXISTS irdb3; -DROP DATABASE IF EXISTS irdb4; -DROP DATABASE IF EXISTS irdb5; -DROP DATABASE IF EXISTS irdb6; -DROP DATABASE IF EXISTS irdb7; -DROP DATABASE IF EXISTS irdb8; -DROP DATABASE IF EXISTS irdb9; -DROP DATABASE IF EXISTS irdb10; -DROP DATABASE IF EXISTS irdb11; -DROP DATABASE IF EXISTS rpki0; -DROP DATABASE IF EXISTS rpki1; -DROP DATABASE IF EXISTS rpki2; -DROP DATABASE IF EXISTS rpki3; -DROP DATABASE IF EXISTS rpki4; -DROP DATABASE IF EXISTS rpki5; -DROP DATABASE IF EXISTS rpki6; -DROP DATABASE IF EXISTS rpki7; -DROP DATABASE IF EXISTS rpki8; -DROP DATABASE IF EXISTS rpki9; -DROP DATABASE IF EXISTS rpki10; -DROP DATABASE IF EXISTS rpki11; -DROP DATABASE IF EXISTS pubd0; -DROP DATABASE IF EXISTS pubd1; -DROP DATABASE IF EXISTS pubd2; -DROP DATABASE IF EXISTS pubd3; -DROP DATABASE IF EXISTS pubd4; -DROP DATABASE IF EXISTS pubd5; -DROP DATABASE IF EXISTS pubd6; -DROP DATABASE IF EXISTS pubd7; -DROP DATABASE IF EXISTS pubd8; -DROP DATABASE IF EXISTS pubd9; -DROP DATABASE IF EXISTS pubd10; -DROP DATABASE IF EXISTS pubd11; diff --git a/rpkid/tests/smoketest.py b/rpkid/tests/smoketest.py deleted file mode 100644 index 28bedaa4..00000000 --- a/rpkid/tests/smoketest.py +++ /dev/null @@ -1,1630 +0,0 @@ -#!/usr/bin/env python - -""" -Test framework to configure and drive a collection of rpkid.py and -old_irdbd.py instances under control of a master script. - -yaml_file is a YAML description the tests to be run, and is intended -to be implementation-agnostic. - -CONFIG contains settings for various implementation-specific -things that don't belong in yaml_file. -""" - -# $Id$ -# -# Copyright (C) 2013--2014 Dragon Research Labs ("DRL") -# Portions copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notices and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL -# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, -# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -# pylint: disable=W0621 - -import os -import yaml -import subprocess -import signal -import time -import argparse -import sys -import errno -import rpki.resource_set -import rpki.sundial -import rpki.x509 -import rpki.http -import rpki.log -import rpki.left_right -import rpki.config -import rpki.publication -import rpki.async - -from rpki.mysql_import import MySQLdb - -os.environ["TZ"] = "UTC" -time.tzset() - -parser = argparse.ArgumentParser(description = __doc__) -parser.add_argument("-c", "--config", - help = "configuration file") -parser.add_argument("--profile", action = "store_true", - help = "enable profiling") -parser.add_argument("-y", action = "store_true", - help = "ignored, present only for backwards compatability") -parser.add_argument("yaml_file", type = argparse.FileType("r"), - help = "YAML description of test network") -args = parser.parse_args() - -cfg = rpki.config.parser(args.config, "smoketest", allow_missing = True) - -# Load the YAML script early, so we can report errors ASAP - -yaml_script = [y for y in yaml.safe_load_all(args.yaml_file)] - -# Define port allocator early, so we can use it while reading config - -def allocate_port(): - """ - Allocate a TCP port number. - """ - global base_port - p = base_port - base_port += 1 - return p - -# Most filenames in the following are relative to the working directory. - -smoketest_name = cfg.get("smoketest_name", "smoketest") -smoketest_dir = cfg.get("smoketest_dir", smoketest_name + ".dir") - -irdb_db_pass = cfg.get("irdb_db_pass", "fnord") -rpki_db_pass = cfg.get("rpki_db_pass", "fnord") -pubd_db_pass = cfg.get("pubd_db_pass", "fnord") -pubd_db_name = cfg.get("pubd_db_name", "pubd0") -pubd_db_user = cfg.get("pubd_db_user", "pubd") - -base_port = int(cfg.get("base_port", "4400")) - -rsyncd_port = allocate_port() -rootd_port = allocate_port() -pubd_port = allocate_port() - -rsyncd_module = cfg.get("rsyncd_module", smoketest_name) -rootd_sia = cfg.get("rootd_sia", "rsync://localhost:%d/%s/" % (rsyncd_port, rsyncd_module)) - -rootd_name = cfg.get("rootd_name", "rootd") -rsyncd_name = cfg.get("rsyncd_name", "rsyncd") -rcynic_name = cfg.get("rcynic_name", "rcynic") -pubd_name = cfg.get("pubd_name", "pubd") - -prog_python = cfg.get("prog_python", sys.executable) -prog_rpkid = cfg.get("prog_rpkid", "../../rpkid") -prog_irdbd = cfg.get("prog_irdbd", "../old_irdbd.py") -prog_poke = cfg.get("prog_poke", "../testpoke.py") -prog_rootd = cfg.get("prog_rootd", "../../rootd") -prog_pubd = cfg.get("prog_pubd", "../../pubd") -prog_rsyncd = cfg.get("prog_rsyncd", "rsync") -prog_rcynic = cfg.get("prog_rcynic", "../../../rcynic/rcynic") -prog_openssl = cfg.get("prog_openssl", "../../../openssl/openssl/apps/openssl") - -rcynic_stats = cfg.get("rcynic_stats", "echo ; ../../../rcynic/rcynic-text %s.xml ; echo" % rcynic_name) - -rpki_sql_file = cfg.get("rpki_sql_file", "../rpkid.sql") -irdb_sql_file = cfg.get("irdb_sql_file", "old_irdbd.sql") -pub_sql_file = cfg.get("pub_sql_file", "../pubd.sql") - -startup_delay = int(cfg.get("startup_delay", "10")) - -rsyncd_dir = None -pubd_ta = None -pubd_irbe_key = None -pubd_irbe_cert = None -pubd_pubd_cert = None - -pubd_last_cms_time = None - -ecdsa_params = None - -class CantRekeyYAMLLeaf(Exception): - """ - Can't rekey YAML leaf. - """ - -class CouldntIssueBSCEECertificate(Exception): - """ - Couldn't issue BSC EE certificate - """ - -sql_conversions = MySQLdb.converters.conversions.copy() -sql_conversions.update({ - rpki.sundial.datetime : MySQLdb.converters.DateTime2literal, - MySQLdb.converters.FIELD_TYPE.DATETIME : rpki.sundial.datetime.DateTime_or_None }) - -def main(): - """ - Main program. - """ - - rpki.log.init(smoketest_name, use_syslog = False) - rpki.log.info("Starting") - - pubd_process = None - rootd_process = None - rsyncd_process = None - - rpki_sql = mangle_sql(rpki_sql_file) - irdb_sql = mangle_sql(irdb_sql_file) - pubd_sql = mangle_sql(pub_sql_file) - - rpki.log.info("Initializing test directory") - - # Connect to test directory, creating it if necessary - try: - os.chdir(smoketest_dir) - except OSError: - os.makedirs(smoketest_dir) - os.chdir(smoketest_dir) - - # Now that we're in the right directory, we can figure out whether - # we have a private openssl executable to use - global prog_openssl - if not os.path.exists(prog_openssl): - prog_openssl = "openssl" - - # Discard everything but keys, which take a while to generate. - # Apparently os.walk() can't tell the difference between directories - # and symlinks to directories, so we have to handle both. - for root, dirs, files in os.walk(".", topdown = False): - for fn in files: - if not fn.endswith(".key"): - os.remove(os.path.join(root, fn)) - for d in dirs: - try: - os.rmdir(os.path.join(root, d)) - except OSError, e: - if e.errno == errno.ENOTDIR: - os.remove(os.path.join(root, d)) - else: - raise - - rpki.log.info("Reading master YAML configuration") - y = yaml_script.pop(0) - - rpki.log.info("Constructing internal allocation database") - db = allocation_db(y) - - rpki.log.info("Constructing BPKI keys and certs for rootd") - setup_bpki_cert_chain(rootd_name, ee = ("RPKI",)) - - rpki.log.info("Constructing BPKI keys and certs for pubd") - setup_bpki_cert_chain(pubd_name, ee = ("PUBD", "IRBE")) - - - for a in db: - a.setup_bpki_certs() - - setup_publication(pubd_sql) - setup_rootd(db.root, y.get("rootd", {})) - setup_rsyncd() - setup_rcynic() - - for a in db.engines: - a.setup_conf_file() - a.setup_sql(rpki_sql, irdb_sql) - a.sync_sql() - - try: - - rpki.log.info("Starting rootd") - rootd_process = subprocess.Popen((prog_python, prog_rootd, "-d", "-c", rootd_name + ".conf")) - - rpki.log.info("Starting pubd") - pubd_process = subprocess.Popen((prog_python, prog_pubd, "-d", "-c", pubd_name + ".conf") + - (("-p", pubd_name + ".prof") if args.profile else ())) - - rpki.log.info("Starting rsyncd") - rsyncd_process = subprocess.Popen((prog_rsyncd, "--daemon", "--no-detach", "--config", rsyncd_name + ".conf")) - - # Start rpkid and irdbd instances - for a in db.engines: - a.run_daemons() - - # From this point on we'll be running event-driven, so the rest of - # the code until final exit is all closures. - - def start(): - rpki.async.iterator(db.engines, create_rpki_objects, created_rpki_objects) - - def create_rpki_objects(iterator, a): - a.create_rpki_objects(iterator) - - def created_rpki_objects(): - - # Set pubd's BPKI CRL - set_pubd_crl(yaml_loop) - - def yaml_loop(): - - # This is probably where we should be updating expired BPKI - # objects, particular CRLs - - rpki.log.info("Running cron for all RPKI engines") - rpki.async.iterator(db.engines, run_cron, run_yaml) - - def run_cron(iterator, a): - a.run_cron(iterator) - - def run_yaml(): - - # Run rcynic to check results - run_rcynic() - - # Apply next delta if we have one; otherwise, we're done. - if yaml_script: - rpki.log.info("Applying deltas") - db.apply_delta(yaml_script.pop(0), apply_delta_done) - else: - rpki.log.info("No more deltas to apply, done") - rpki.async.exit_event_loop() - - def apply_delta_done(): - - # Resync IRDBs - for a in db.engines: - a.sync_sql() - - # Loop until we run out of control YAML - yaml_loop() - - rpki.log.info("Sleeping %d seconds while daemons start up" % startup_delay) - rpki.async.timer(start).set(rpki.sundial.timedelta(seconds = startup_delay)) - rpki.async.event_loop() - - # At this point we have gone into event-driven code. - - rpki.log.info("Event loop exited normally") - - except Exception, e: - - rpki.log.info("Event loop exited with an exception: %r" % e) - rpki.log.traceback() - - finally: - - rpki.log.info("Cleaning up") - for a in db.engines: - a.kill_daemons() - for proc, name in ((rootd_process, "rootd"), - (pubd_process, "pubd"), - (rsyncd_process, "rsyncd")): - # pylint: disable=E1103 - if proc is not None and proc.poll() is None: - rpki.log.info("Killing %s, pid %s" % (name, proc.pid)) - try: - proc.terminate() - except OSError: - pass - if proc is not None: - rpki.log.info("Daemon %s, pid %s exited with code %s" % (name, proc.pid, proc.wait())) - -def cmd_sleep(cb, interval): - """ - Set an alarm, then wait for it to go off. - """ - howlong = rpki.sundial.timedelta.parse(interval) - rpki.log.info("Sleeping %r" % howlong) - rpki.async.timer(cb).set(howlong) - -def cmd_shell(cb, *cmd): - """ - Run a shell command. - """ - cmd = " ".join(cmd) - status = subprocess.call(cmd, shell = True) - rpki.log.info("Shell command returned status %d" % status) - cb() - -def cmd_echo(cb, *words): - """ - Echo some text to the log. - """ - rpki.log.note(" ".join(words)) - cb() - -## @var cmds -# Dispatch table for commands embedded in delta sections - -cmds = { "sleep" : cmd_sleep, - "shell" : cmd_shell, - "echo" : cmd_echo } - -class roa_request(object): - """ - Representation for a roa_request object. - """ - - def __init__(self, asn, ipv4, ipv6): - self.asn = asn - self.v4 = rpki.resource_set.roa_prefix_set_ipv4("".join(ipv4.split())) if ipv4 else None - self.v6 = rpki.resource_set.roa_prefix_set_ipv6("".join(ipv6.split())) if ipv6 else None - - def __eq__(self, other): - return self.asn == other.asn and self.v4 == other.v4 and self.v6 == other.v6 - - def __hash__(self): - v4 = tuple(self.v4) if self.v4 is not None else None - v6 = tuple(self.v6) if self.v6 is not None else None - return self.asn.__hash__() + v4.__hash__() + v6.__hash__() - - def __str__(self): - if self.v4 and self.v6: s = str(self.v4) + "," + str(self.v6) - elif self.v4: s = str(self.v4) - else: s = str(self.v6) - return "%s: %s" % (self.asn, s) - - @classmethod - def parse(cls, yaml): - return cls(yaml.get("asn"), yaml.get("ipv4"), yaml.get("ipv6")) - -class router_cert(object): - """ - Representation for a router_cert object. - """ - - _ecparams = None - - @classmethod - def ecparams(cls): - if cls._ecparams is None: - cls._ecparams = rpki.x509.KeyParams.generateEC() - return cls._ecparams - - def __init__(self, asn, router_id): - self.asn = rpki.resource_set.resource_set_as("".join(str(asn).split())) - self.router_id = router_id - self.keypair = rpki.x509.ECDSA.generate(self.ecparams()) - self.pkcs10 = rpki.x509.PKCS10.create(keypair = self.keypair) - self.gski = self.pkcs10.gSKI() - self.cn = "ROUTER-%08x" % self.asn[0].min - self.sn = "%08x" % self.router_id - self.eku = rpki.oids.id_kp_bgpsec_router - - def __eq__(self, other): - return self.asn == other.asn and self.sn == other.sn and self.gski == other.gski - - def __hash__(self): - v6 = tuple(self.v6) if self.v6 is not None else None - return tuple(self.asn).__hash__() + sn.__hash__() + self.gski.__hash__() - - def __str__(self): - return "%s: %s: %s" % (self.asn, self.cn, self.sn, self.gski) - - @classmethod - def parse(cls, yaml): - return cls(yaml.get("asn"), yaml.get("router_id")) - -class allocation_db(list): - """ - Representation of all the entities and allocations in the test - system. Almost everything is generated out of this database. - """ - - def __init__(self, yaml): - """ - Initialize database from the (first) YAML document. - """ - - list.__init__(self) - self.root = allocation(yaml, self) - assert self.root.is_root - if self.root.crl_interval is None: - self.root.crl_interval = rpki.sundial.timedelta.parse(cfg.get("crl_interval", "1d")).convert_to_seconds() - if self.root.regen_margin is None: - self.root.regen_margin = rpki.sundial.timedelta.parse(cfg.get("regen_margin", "1d")).convert_to_seconds() - for a in self: - if a.sia_base is None: - a.sia_base = (rootd_sia + "root/trunk/" if a.is_root else a.parent.sia_base) + a.name + "/" - if a.base.valid_until is None: - a.base.valid_until = a.parent.base.valid_until - if a.crl_interval is None: - a.crl_interval = a.parent.crl_interval - if a.regen_margin is None: - a.regen_margin = a.parent.regen_margin - a.client_handle = "/".join(a.sia_base.split("/")[4:]).rstrip("/") - self.root.closure() - self.map = dict((a.name, a) for a in self) - self.engines = [a for a in self if a.is_engine] - for i, a in enumerate(self.engines): - a.set_engine_number(i) - for a in self: - if a.is_hosted: - a.hosted_by = self.map[a.hosted_by] - a.hosted_by.hosts.append(a) - assert a.is_twig, "%s is not twig" % a.name - assert not a.hosted_by.is_hosted, "%s is hosted by a hosted entity" % a.name - - def apply_delta(self, delta, cb): - """ - Apply a delta or run a command. - """ - - def loop(iterator, d): - if isinstance(d, str): - c = d.split() - cmds[c[0]](iterator, *c[1:]) - else: - self.map[d["name"]].apply_delta(d, iterator) - - def done(): - self.root.closure() - cb() - - if delta is None: - cb() - else: - rpki.async.iterator(delta, loop, done) - - def dump(self): - """ - Print content of the database. - """ - for a in self: - print a - -class allocation(object): - - parent = None - irdb_db_name = None - irdb_port = None - rpki_db_name = None - rpki_port = None - crl_interval = None - regen_margin = None - last_cms_time = None - rpkid_process = None - irdbd_process = None - - def __init__(self, yaml, db, parent = None): - """ - Initialize one entity and insert it into the database. - """ - db.append(self) - self.name = yaml["name"] - self.parent = parent - self.kids = [allocation(k, db, self) for k in yaml.get("kids", ())] - valid_until = None - if "valid_until" in yaml: - valid_until = rpki.sundial.datetime.from_datetime(yaml.get("valid_until")) - if valid_until is None and "valid_for" in yaml: - valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(yaml["valid_for"]) - self.base = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as(yaml.get("asn")), - v4 = rpki.resource_set.resource_set_ipv4(yaml.get("ipv4")), - v6 = rpki.resource_set.resource_set_ipv6(yaml.get("ipv6")), - valid_until = valid_until) - self.sia_base = yaml.get("sia_base") - if "crl_interval" in yaml: - self.crl_interval = rpki.sundial.timedelta.parse(yaml["crl_interval"]).convert_to_seconds() - if "regen_margin" in yaml: - self.regen_margin = rpki.sundial.timedelta.parse(yaml["regen_margin"]).convert_to_seconds() - self.roa_requests = [roa_request.parse(y) for y in yaml.get("roa_request", yaml.get("route_origin", ()))] - for r in self.roa_requests: - if r.v4: - self.base.v4 |= r.v4.to_resource_set() - if r.v6: - self.base.v6 |= r.v6.to_resource_set() - self.router_certs = [router_cert.parse(y) for y in yaml.get("router_cert", ())] - for r in self.router_certs: - self.base.asn |= r.asn - self.hosted_by = yaml.get("hosted_by") - self.extra_conf = yaml.get("extra_conf", []) - self.hosts = [] - - def closure(self): - """ - Compute the transitive resource closure. - """ - resources = self.base - for kid in self.kids: - resources |= kid.closure() - self.resources = resources - return resources - - def apply_delta(self, yaml, cb): - """ - Apply deltas to this entity. - """ - - rpki.log.info("Applying delta: %s" % yaml) - - def loop(iterator, kv): - if kv[0] == "name": - iterator() - else: - getattr(self, "apply_" + kv[0])(kv[1], iterator) - - rpki.async.iterator(yaml.items(), loop, cb) - - def apply_add_as(self, text, cb): - self.base.asn |= rpki.resource_set.resource_set_as(text) - cb() - - def apply_add_v4(self, text, cb): - self.base.v4 |= rpki.resource_set.resource_set_ipv4(text) - cb() - - def apply_add_v6(self, text, cb): - self.base.v6 |= rpki.resource_set.resource_set_ipv6(text) - cb() - - def apply_sub_as(self, text, cb): - self.base.asn |= rpki.resource_set.resource_set_as(text) - cb() - - def apply_sub_v4(self, text, cb): - self.base.v4 |= rpki.resource_set.resource_set_ipv4(text) - cb() - - def apply_sub_v6(self, text, cb): - self.base.v6 |= rpki.resource_set.resource_set_ipv6(text) - cb() - - def apply_valid_until(self, stamp, cb): - self.base.valid_until = rpki.sundial.datetime.from_datetime(stamp) - cb() - - def apply_valid_for(self, text, cb): - self.base.valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(text) - cb() - - def apply_valid_add(self, text, cb): - self.base.valid_until += rpki.sundial.timedelta.parse(text) - cb() - - def apply_valid_sub(self, text, cb): - self.base.valid_until -= rpki.sundial.timedelta.parse(text) - cb() - - def apply_roa_request_add(self, yaml, cb): - for y in yaml: - r = roa_request.parse(y) - if r not in self.roa_requests: - self.roa_requests.append(r) - cb() - - def apply_roa_request_del(self, yaml, cb): - for y in yaml: - r = roa_request.parse(y) - if r in self.roa_requests: - self.roa_requests.remove(r) - cb() - - def apply_router_cert_add(self, yaml, cb): - for y in yaml: - r = router_cert.parse(y) - if r not in self.router_certs: - self.router_certs.append(r) - cb() - - def apply_router_cert_del(self, yaml, cb): - for y in yaml: - r = router_cert.parse(y) - if r in self.router_certs: - self.router_certs.remove(r) - cb() - - def apply_rekey(self, target, cb): - - def done(e): - if isinstance(e, Exception): - rpki.log.traceback() - raise e - cb() - - if target is None: - rpki.log.info("Rekeying <self/> %s" % self.name) - self.call_rpkid([rpki.left_right.self_elt.make_pdu( - action = "set", self_handle = self.name, rekey = "yes")], cb = done) - else: - rpki.log.info("Rekeying <parent/> %s %s" % (self.name, target)) - self.call_rpkid([rpki.left_right.parent_elt.make_pdu( - action = "set", self_handle = self.name, parent_handle = target, rekey = "yes")], cb = done) - - def apply_revoke(self, target, cb): - - def done(e): - if isinstance(e, Exception): - rpki.log.traceback() - raise e - cb() - - if target is None: - rpki.log.info("Revoking <self/> %s" % self.name) - self.call_rpkid([rpki.left_right.self_elt.make_pdu( - action = "set", self_handle = self.name, revoke = "yes")], cb = done) - else: - rpki.log.info("Revoking <parent/> %s %s" % (self.name, target)) - self.call_rpkid([rpki.left_right.parent_elt.make_pdu( - action = "set", self_handle = self.name, parent_handle = target, revoke = "yes")], cb = done) - - def __str__(self): - s = self.name + "\n" - if self.resources.asn: s += " ASN: %s\n" % self.resources.asn - if self.resources.v4: s += " IPv4: %s\n" % self.resources.v4 - if self.resources.v6: s += " IPv6: %s\n" % self.resources.v6 - if self.kids: s += " Kids: %s\n" % ", ".join(k.name for k in self.kids) - if self.parent: s += " Up: %s\n" % self.parent.name - if self.sia_base: s += " SIA: %s\n" % self.sia_base - return s + "Until: %s\n" % self.resources.valid_until - - - @property - def is_root(self): - return self.parent is None - - @property - def is_twig(self): - return not self.is_root - - @property - def is_hosted(self): - return self.hosted_by is not None - - @property - def is_engine(self): - return not self.is_hosted - - def set_engine_number(self, n): - """ - Set the engine number for this entity. - """ - self.irdb_db_name = "irdb%d" % n - self.irdb_port = allocate_port() - self.rpki_db_name = "rpki%d" % n - self.rpki_port = allocate_port() - - def get_rpki_port(self): - """ - Get rpki port to use for this entity. - """ - if self.is_hosted: - assert self.hosted_by.rpki_port is not None - return self.hosted_by.rpki_port - else: - assert self.rpki_port is not None - return self.rpki_port - - def setup_bpki_certs(self): - """ - Create BPKI certificates for this entity. - """ - rpki.log.info("Constructing BPKI keys and certs for %s" % self.name) - setup_bpki_cert_chain(name = self.name, - ee = ("RPKI", "IRDB", "IRBE"), - ca = ("SELF",)) - self.rpkid_ta = rpki.x509.X509(PEM_file = self.name + "-TA.cer") - self.irbe_key = rpki.x509.RSA( PEM_file = self.name + "-IRBE.key") - self.irbe_cert = rpki.x509.X509(PEM_file = self.name + "-IRBE.cer") - self.rpkid_cert = rpki.x509.X509(PEM_file = self.name + "-RPKI.cer") - - def setup_conf_file(self): - """ - Write config files for this entity. - """ - rpki.log.info("Writing config files for %s" % self.name) - assert self.rpki_port is not None - d = { "my_name" : self.name, - "irdb_db_name" : self.irdb_db_name, - "irdb_db_pass" : irdb_db_pass, - "irdb_port" : self.irdb_port, - "rpki_db_name" : self.rpki_db_name, - "rpki_db_pass" : rpki_db_pass, - "rpki_port" : self.rpki_port } - f = open(self.name + ".conf", "w") - f.write(conf_fmt_1 % d) - for line in self.extra_conf: - f.write(line + "\n") - f.close() - - def setup_sql(self, rpki_sql, irdb_sql): - """ - Set up this entity's IRDB. - """ - rpki.log.info("Setting up MySQL for %s" % self.name) - db = MySQLdb.connect(user = "rpki", db = self.rpki_db_name, passwd = rpki_db_pass, - conv = sql_conversions) - cur = db.cursor() - db.autocommit(True) - for sql in rpki_sql: - try: - cur.execute(sql) - except Exception: - if "DROP TABLE IF EXISTS" not in sql.upper(): - raise - db.close() - db = MySQLdb.connect(user = "irdb", db = self.irdb_db_name, passwd = irdb_db_pass, - conv = sql_conversions) - cur = db.cursor() - db.autocommit(True) - for sql in irdb_sql: - try: - cur.execute(sql) - except Exception: - if "DROP TABLE IF EXISTS" not in sql.upper(): - raise - for s in [self] + self.hosts: - for kid in s.kids: - cur.execute("INSERT registrant (registrant_handle, registry_handle, valid_until) VALUES (%s, %s, %s)", - (kid.name, s.name, kid.resources.valid_until)) - db.close() - - def sync_sql(self): - """ - Whack this entity's IRDB to match our master database. We do this - once during setup, then do it again every time we apply a delta to - this entity. - """ - rpki.log.info("Updating MySQL data for IRDB %s" % self.name) - db = MySQLdb.connect(user = "irdb", db = self.irdb_db_name, passwd = irdb_db_pass, - conv = sql_conversions) - cur = db.cursor() - db.autocommit(True) - cur.execute("DELETE FROM registrant_asn") - cur.execute("DELETE FROM registrant_net") - cur.execute("DELETE FROM roa_request_prefix") - cur.execute("DELETE FROM roa_request") - cur.execute("DELETE FROM ee_certificate_asn") - cur.execute("DELETE FROM ee_certificate_net") - cur.execute("DELETE FROM ee_certificate") - - for s in [self] + self.hosts: - for kid in s.kids: - cur.execute("SELECT registrant_id FROM registrant WHERE registrant_handle = %s AND registry_handle = %s", - (kid.name, s.name)) - registrant_id = cur.fetchone()[0] - for as_range in kid.resources.asn: - cur.execute("INSERT registrant_asn (start_as, end_as, registrant_id) VALUES (%s, %s, %s)", - (as_range.min, as_range.max, registrant_id)) - for v4_range in kid.resources.v4: - cur.execute("INSERT registrant_net (start_ip, end_ip, version, registrant_id) VALUES (%s, %s, 4, %s)", - (v4_range.min, v4_range.max, registrant_id)) - for v6_range in kid.resources.v6: - cur.execute("INSERT registrant_net (start_ip, end_ip, version, registrant_id) VALUES (%s, %s, 6, %s)", - (v6_range.min, v6_range.max, registrant_id)) - cur.execute("UPDATE registrant SET valid_until = %s WHERE registrant_id = %s", - (kid.resources.valid_until, registrant_id)) - for r in s.roa_requests: - cur.execute("INSERT roa_request (self_handle, asn) VALUES (%s, %s)", - (s.name, r.asn)) - roa_request_id = cur.lastrowid - for version, prefix_set in ((4, r.v4), (6, r.v6)): - if prefix_set: - cur.executemany("INSERT roa_request_prefix " - "(roa_request_id, prefix, prefixlen, max_prefixlen, version) " - "VALUES (%s, %s, %s, %s, %s)", - ((roa_request_id, x.prefix, x.prefixlen, x.max_prefixlen, version) - for x in prefix_set)) - for r in s.router_certs: - cur.execute("INSERT ee_certificate (self_handle, pkcs10, gski, cn, sn, eku, valid_until) " - "VALUES (%s, %s, %s, %s, %s, %s, %s)", - (s.name, r.pkcs10.get_DER(), r.gski, r.cn, r.sn, r.eku, s.resources.valid_until)) - ee_certificate_id = cur.lastrowid - cur.executemany("INSERT ee_certificate_asn (ee_certificate_id, start_as, end_as) VALUES (%s, %s, %s)", - ((ee_certificate_id, a.min, a.max) for a in r.asn)) - db.close() - - def run_daemons(self): - """ - Run daemons for this entity. - """ - rpki.log.info("Running daemons for %s" % self.name) - self.rpkid_process = subprocess.Popen((prog_python, prog_rpkid, "-d", "-c", self.name + ".conf") + - (("-p", self.name + ".prof") if args.profile else ())) - self.irdbd_process = subprocess.Popen((prog_python, prog_irdbd, "-d", "-c", self.name + ".conf")) - - def kill_daemons(self): - """ - Kill daemons for this entity. - """ - # pylint: disable=E1103 - for proc, name in ((self.rpkid_process, "rpkid"), - (self.irdbd_process, "irdbd")): - if proc is not None and proc.poll() is None: - rpki.log.info("Killing daemon %s pid %s for %s" % (name, proc.pid, self.name)) - try: - proc.terminate() - except OSError: - pass - if proc is not None: - rpki.log.info("Daemon %s pid %s for %s exited with code %s" % ( - name, proc.pid, self.name, proc.wait())) - - def call_rpkid(self, pdus, cb): - """ - Send a left-right message to this entity's RPKI daemon and return - the response. - - If this entity is hosted (does not run its own RPKI daemon), all - of this happens with the hosting RPKI daemon. - """ - - rpki.log.info("Calling rpkid for %s" % self.name) - - if self.is_hosted: - rpki.log.info("rpkid %s is hosted by rpkid %s, switching" % (self.name, self.hosted_by.name)) - self = self.hosted_by - assert not self.is_hosted - - assert isinstance(pdus, (list, tuple)) - assert self.rpki_port is not None - - q_msg = rpki.left_right.msg.query(*pdus) - q_cms = rpki.left_right.cms_msg() - q_der = q_cms.wrap(q_msg, self.irbe_key, self.irbe_cert) - q_url = "http://localhost:%d/left-right" % self.rpki_port - - rpki.log.debug(q_cms.pretty_print_content()) - - def done(r_der): - rpki.log.info("Callback from rpkid %s" % self.name) - r_cms = rpki.left_right.cms_msg(DER = r_der) - r_msg = r_cms.unwrap((self.rpkid_ta, self.rpkid_cert)) - self.last_cms_time = r_cms.check_replay(self.last_cms_time, q_url) - rpki.log.debug(r_cms.pretty_print_content()) - assert r_msg.is_reply - for r_pdu in r_msg: - assert not isinstance(r_pdu, rpki.left_right.report_error_elt) - cb(r_msg) - - def lose(e): - raise - - rpki.http.client( - url = q_url, - msg = q_der, - callback = done, - errback = lose) - - def cross_certify(self, certificant, reverse = False): - """ - Cross-certify and return the resulting certificate. - """ - - if reverse: - certifier = certificant - certificant = self.name + "-SELF" - else: - certifier = self.name + "-SELF" - certfile = certifier + "-" + certificant + ".cer" - - rpki.log.info("Cross certifying %s into %s's BPKI (%s)" % (certificant, certifier, certfile)) - - child = rpki.x509.X509(Auto_file = certificant + ".cer") - parent = rpki.x509.X509(Auto_file = certifier + ".cer") - keypair = rpki.x509.RSA(Auto_file = certifier + ".key") - serial_file = certifier + ".srl" - - now = rpki.sundial.now() - notAfter = now + rpki.sundial.timedelta(days = 30) - - try: - f = open(serial_file, "r") - serial = f.read() - f.close() - serial = int(serial.splitlines()[0], 16) - except IOError: - serial = 1 - - x = parent.bpki_cross_certify( - keypair = keypair, - source_cert = child, - serial = serial, - notAfter = notAfter, - now = now) - - f = open(serial_file, "w") - f.write("%02x\n" % (serial + 1)) - f.close() - - f = open(certfile, "w") - f.write(x.get_PEM()) - f.close() - - rpki.log.debug("Cross certified %s:" % certfile) - rpki.log.debug(" Issuer %s [%s]" % (x.getIssuer(), x.hAKI())) - rpki.log.debug(" Subject %s [%s]" % (x.getSubject(), x.hSKI())) - return x - - def create_rpki_objects(self, cb): - """ - Create RPKI engine objects for this engine. - - Root node of the engine tree is special, it too has a parent but - that one is the magic self-signed micro engine. - - The rest of this is straightforward. There are a lot of objects - to create, but we can do batch them all into one honking PDU, then - issue one more PDU to set BSC EE certificates based on the PKCS - #10 requests we get back when we tell rpkid to generate BSC keys. - """ - - assert not self.is_hosted - - selves = [self] + self.hosts - - for i, s in enumerate(selves): - rpki.log.info("Creating RPKI objects for [%d] %s" % (i, s.name)) - - rpkid_pdus = [] - pubd_pdus = [] - - for s in selves: - - rpkid_pdus.append(rpki.left_right.self_elt.make_pdu( - action = "create", - self_handle = s.name, - crl_interval = s.crl_interval, - regen_margin = s.regen_margin, - bpki_cert = (s.cross_certify(s.hosted_by.name + "-TA", reverse = True) - if s.is_hosted else - rpki.x509.X509(Auto_file = s.name + "-SELF.cer")))) - - rpkid_pdus.append(rpki.left_right.bsc_elt.make_pdu( - action = "create", - self_handle = s.name, - bsc_handle = "b", - generate_keypair = True)) - - pubd_pdus.append(rpki.publication.client_elt.make_pdu( - action = "create", - client_handle = s.client_handle, - base_uri = s.sia_base, - bpki_cert = s.cross_certify(pubd_name + "-TA", reverse = True))) - - rpkid_pdus.append(rpki.left_right.repository_elt.make_pdu( - action = "create", - self_handle = s.name, - bsc_handle = "b", - repository_handle = "r", - bpki_cert = s.cross_certify(pubd_name + "-TA"), - peer_contact_uri = "http://localhost:%d/client/%s" % (pubd_port, s.client_handle))) - - for k in s.kids: - rpkid_pdus.append(rpki.left_right.child_elt.make_pdu( - action = "create", - self_handle = s.name, - child_handle = k.name, - bsc_handle = "b", - bpki_cert = s.cross_certify(k.name + "-SELF"))) - - if s.is_root: - rootd_cert = s.cross_certify(rootd_name + "-TA") - rpkid_pdus.append(rpki.left_right.parent_elt.make_pdu( - action = "create", - self_handle = s.name, - parent_handle = "rootd", - bsc_handle = "b", - repository_handle = "r", - sia_base = s.sia_base, - bpki_cms_cert = rootd_cert, - sender_name = s.name, - recipient_name = "rootd", - peer_contact_uri = "http://localhost:%s/" % rootd_port)) - else: - rpkid_pdus.append(rpki.left_right.parent_elt.make_pdu( - action = "create", - self_handle = s.name, - parent_handle = s.parent.name, - bsc_handle = "b", - repository_handle = "r", - sia_base = s.sia_base, - bpki_cms_cert = s.cross_certify(s.parent.name + "-SELF"), - sender_name = s.name, - recipient_name = s.parent.name, - peer_contact_uri = "http://localhost:%s/up-down/%s/%s" % (s.parent.get_rpki_port(), - s.parent.name, s.name))) - - def one(): - call_pubd(pubd_pdus, cb = two) - - def two(vals): - self.call_rpkid(rpkid_pdus, cb = three) - - def three(vals): - - bsc_dict = dict((b.self_handle, b) for b in vals if isinstance(b, rpki.left_right.bsc_elt)) - - bsc_pdus = [] - - for s in selves: - b = bsc_dict[s.name] - - rpki.log.info("Issuing BSC EE cert for %s" % s.name) - cmd = (prog_openssl, "x509", "-req", "-sha256", "-extfile", s.name + "-RPKI.conf", - "-extensions", "req_x509_ext", "-days", "30", - "-CA", s.name + "-SELF.cer", "-CAkey", s.name + "-SELF.key", "-CAcreateserial", "-text") - signer = subprocess.Popen(cmd, stdin = subprocess.PIPE, stdout = subprocess.PIPE, stderr = subprocess.PIPE) - signed = signer.communicate(input = b.pkcs10_request.get_PEM()) - if not signed[0]: - rpki.log.warn(signed[1]) - raise CouldntIssueBSCEECertificate, "Couldn't issue BSC EE certificate" - s.bsc_ee = rpki.x509.X509(PEM = signed[0]) - s.bsc_crl = rpki.x509.CRL(PEM_file = s.name + "-SELF.crl") - rpki.log.info("BSC EE cert for %s SKI %s" % (s.name, s.bsc_ee.hSKI())) - - bsc_pdus.append(rpki.left_right.bsc_elt.make_pdu( - action = "set", - self_handle = s.name, - bsc_handle = "b", - signing_cert = s.bsc_ee, - signing_cert_crl = s.bsc_crl)) - - self.call_rpkid(bsc_pdus, cb = four) - - def four(vals): - cb() - - one() - - def setup_yaml_leaf(self): - """ - Generate certificates and write YAML scripts for leaf nodes. - - We're cheating a bit here: properly speaking, we can't generate - issue or revoke requests without knowing the class, which is - generated on the fly, but at the moment the test case is - simplistic enough that the class will always be "1", so we just - wire in that value for now. - - Well, ok, we just broke that assumption. Now we do something even - nastier, just to eke a bit more life out of this kludge. This - really needs to be rewritten, but it may require a different tool - than testpoke. - """ - - if not os.path.exists(self.name + ".key"): - rpki.log.info("Generating RPKI key for %s" % self.name) - subprocess.check_call((prog_openssl, "genrsa", "-out", self.name + ".key", "2048" ), - stdout = subprocess.PIPE, stderr = subprocess.STDOUT) - ski = rpki.x509.RSA(PEM_file = self.name + ".key").gSKI() - - if self.parent.is_hosted: - parent_host = self.parent.hosted_by.name - else: - parent_host = self.parent.name - - self.cross_certify(self.parent.name + "-SELF") - self.cross_certify(parent_host + "-TA") - - rpki.log.info("Writing leaf YAML for %s" % self.name) - f = open(self.name + ".yaml", "w") - f.write(yaml_fmt_1 % { - "parent_name" : self.parent.name, - "parent_host" : parent_host, - "my_name" : self.name, - "http_port" : self.parent.get_rpki_port(), - "class_name" : 2 if self.parent.is_hosted else 1, - "sia" : self.sia_base, - "ski" : ski }) - f.close() - - def run_cron(self, cb): - """ - Trigger cron run for this engine. - """ - - rpki.log.info("Running cron for %s" % self.name) - - assert self.rpki_port is not None - - def done(result): - assert result == "OK", 'Expected "OK" result from cronjob, got %r' % result - cb() - - rpki.http.client( - url = "http://localhost:%d/cronjob" % self.rpki_port, - msg = "Run cron now, please", - callback = done, - errback = done) - - def run_yaml(self): - """ - Run YAML scripts for this leaf entity. Since we're not bothering - to check the class list returned by the list command, the issue - command may fail, so we treat failure of the list command as an - error, but only issue a warning when issue fails. - """ - - rpki.log.info("Running YAML for %s" % self.name) - subprocess.check_call((prog_python, prog_poke, "-y", self.name + ".yaml", "-r", "list")) - if subprocess.call((prog_python, prog_poke, "-y", self.name + ".yaml", "-r", "issue")) != 0: - rpki.log.warn("YAML issue command failed for %s, continuing" % self.name) - -def setup_bpki_cert_chain(name, ee = (), ca = ()): - """ - Build a set of BPKI certificates. - """ - s = "exec >/dev/null 2>&1\n" - #s = "set -x\n" - for kind in ("TA",) + ee + ca: - d = { "name" : name, - "kind" : kind, - "ca" : "false" if kind in ee else "true", - "openssl" : prog_openssl } - f = open("%(name)s-%(kind)s.conf" % d, "w") - f.write(bpki_cert_fmt_1 % d) - f.close() - if not os.path.exists("%(name)s-%(kind)s.key" % d): - s += bpki_cert_fmt_2 % d - s += bpki_cert_fmt_3 % d - d = { "name" : name, "openssl" : prog_openssl } - s += bpki_cert_fmt_4 % d - for kind in ee + ca: - d["kind"] = kind - s += bpki_cert_fmt_5 % d - for kind in ("TA",) + ca: - d["kind"] = kind - s += bpki_cert_fmt_6 % d - subprocess.check_call(s, shell = True) - -def setup_rootd(rpkid, rootd_yaml): - """ - Write the config files for rootd. - """ - rpkid.cross_certify(rootd_name + "-TA", reverse = True) - rpki.log.info("Writing config files for %s" % rootd_name) - d = { "rootd_name" : rootd_name, - "rootd_port" : rootd_port, - "rpkid_name" : rpkid.name, - "rootd_sia" : rootd_sia, - "rsyncd_dir" : rsyncd_dir, - "openssl" : prog_openssl, - "lifetime" : rootd_yaml.get("lifetime", "30d") } - f = open(rootd_name + ".conf", "w") - f.write(rootd_fmt_1 % d) - f.close() - s = "exec >/dev/null 2>&1\n" - #s = "set -x\n" - if not os.path.exists("root.key"): - s += rootd_fmt_2 % d - s += rootd_fmt_3 % d - subprocess.check_call(s, shell = True) - -def setup_rcynic(): - """ - Write the config file for rcynic. - """ - rpki.log.info("Config file for rcynic") - d = { "rcynic_name" : rcynic_name, - "rootd_name" : rootd_name, - "rootd_sia" : rootd_sia } - f = open(rcynic_name + ".conf", "w") - f.write(rcynic_fmt_1 % d) - f.close() - -def setup_rsyncd(): - """ - Write the config file for rsyncd. - """ - rpki.log.info("Config file for rsyncd") - d = { "rsyncd_name" : rsyncd_name, - "rsyncd_port" : rsyncd_port, - "rsyncd_module" : rsyncd_module, - "rsyncd_dir" : rsyncd_dir } - f = open(rsyncd_name + ".conf", "w") - f.write(rsyncd_fmt_1 % d) - f.close() - -def setup_publication(pubd_sql): - """ - Set up publication daemon. - """ - rpki.log.info("Configure publication daemon") - publication_dir = os.getcwd() + "/publication" - assert rootd_sia.startswith("rsync://") - global rsyncd_dir - rsyncd_dir = publication_dir + "/".join(rootd_sia.split("/")[4:]) - if not rsyncd_dir.endswith("/"): - rsyncd_dir += "/" - os.makedirs(rsyncd_dir + "root/trunk") - db = MySQLdb.connect(db = pubd_db_name, user = pubd_db_user, passwd = pubd_db_pass, - conv = sql_conversions) - cur = db.cursor() - db.autocommit(True) - for sql in pubd_sql: - try: - cur.execute(sql) - except Exception: - if "DROP TABLE IF EXISTS" not in sql.upper(): - raise - db.close() - d = { "pubd_name" : pubd_name, - "pubd_port" : pubd_port, - "pubd_db_name" : pubd_db_name, - "pubd_db_user" : pubd_db_user, - "pubd_db_pass" : pubd_db_pass, - "pubd_dir" : rsyncd_dir } - f = open(pubd_name + ".conf", "w") - f.write(pubd_fmt_1 % d) - f.close() - global pubd_ta - global pubd_irbe_key - global pubd_irbe_cert - global pubd_pubd_cert - pubd_ta = rpki.x509.X509(Auto_file = pubd_name + "-TA.cer") - pubd_irbe_key = rpki.x509.RSA( Auto_file = pubd_name + "-IRBE.key") - pubd_irbe_cert = rpki.x509.X509(Auto_file = pubd_name + "-IRBE.cer") - pubd_pubd_cert = rpki.x509.X509(Auto_file = pubd_name + "-PUBD.cer") - -def call_pubd(pdus, cb): - """ - Send a publication message to publication daemon and return the - response. - """ - rpki.log.info("Calling pubd") - q_msg = rpki.publication.msg.query(*pdus) - q_cms = rpki.publication.cms_msg() - q_der = q_cms.wrap(q_msg, pubd_irbe_key, pubd_irbe_cert) - q_url = "http://localhost:%d/control" % pubd_port - - rpki.log.debug(q_cms.pretty_print_content()) - - def call_pubd_cb(r_der): - global pubd_last_cms_time - r_cms = rpki.publication.cms_msg(DER = r_der) - r_msg = r_cms.unwrap((pubd_ta, pubd_pubd_cert)) - pubd_last_cms_time = r_cms.check_replay(pubd_last_cms_time, q_url) - rpki.log.debug(r_cms.pretty_print_content()) - assert r_msg.is_reply - for r_pdu in r_msg: - assert not isinstance(r_pdu, rpki.publication.report_error_elt) - cb(r_msg) - - def call_pubd_eb(e): - rpki.log.warn("Problem calling pubd: %s" % e) - rpki.log.traceback() - - rpki.http.client( - url = q_url, - msg = q_der, - callback = call_pubd_cb, - errback = call_pubd_eb) - -def set_pubd_crl(cb): - """ - Whack publication daemon's bpki_crl. This must be configured before - publication daemon starts talking to its clients, and must be - updated whenever we update the CRL. - """ - rpki.log.info("Setting pubd's BPKI CRL") - crl = rpki.x509.CRL(Auto_file = pubd_name + "-TA.crl") - call_pubd([rpki.publication.config_elt.make_pdu(action = "set", bpki_crl = crl)], cb = lambda ignored: cb()) - -last_rcynic_run = None - -def run_rcynic(): - """ - Run rcynic to see whether what was published makes sense. - """ - rpki.log.info("Running rcynic") - env = os.environ.copy() - env["TZ"] = "" - global last_rcynic_run - if int(time.time()) == last_rcynic_run: - time.sleep(1) - subprocess.check_call((prog_rcynic, "-c", rcynic_name + ".conf"), env = env) - subprocess.call(rcynic_stats, shell = True, env = env) - last_rcynic_run = int(time.time()) - os.link("%s.xml" % rcynic_name, "%s.%s.xml" % (rcynic_name, last_rcynic_run)) - -def mangle_sql(filename): - """ - Mangle an SQL file into a sequence of SQL statements. - """ - words = [] - f = open(filename) - for line in f: - words.extend(line.partition("--")[0].split()) - f.close() - return " ".join(words).strip(";").split(";") - -bpki_cert_fmt_1 = '''\ -[req] -distinguished_name = req_dn -x509_extensions = req_x509_ext -prompt = no -default_md = sha256 - -[req_dn] -CN = Test Certificate %(name)s %(kind)s - -[req_x509_ext] -basicConstraints = critical,CA:%(ca)s -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always - - -[ca] -default_ca = ca_default - -[ca_default] - -certificate = %(name)s-%(kind)s.cer -serial = %(name)s-%(kind)s.srl -private_key = %(name)s-%(kind)s.key -database = %(name)s-%(kind)s.idx -crlnumber = %(name)s-%(kind)s.cnm -default_crl_days = 30 -default_md = sha256 -''' - -bpki_cert_fmt_2 = '''\ -%(openssl)s genrsa -out %(name)s-%(kind)s.key 2048 && -''' - -bpki_cert_fmt_3 = '''\ -%(openssl)s req -new \ - -sha256 \ - -key %(name)s-%(kind)s.key \ - -out %(name)s-%(kind)s.req \ - -config %(name)s-%(kind)s.conf && -touch %(name)s-%(kind)s.idx && -echo >%(name)s-%(kind)s.cnm 01 && -''' - -bpki_cert_fmt_4 = '''\ -%(openssl)s x509 -req -sha256 \ - -in %(name)s-TA.req \ - -out %(name)s-TA.cer \ - -extfile %(name)s-TA.conf \ - -extensions req_x509_ext \ - -signkey %(name)s-TA.key \ - -days 60 -text \ -''' - -bpki_cert_fmt_5 = ''' && \ -%(openssl)s x509 -req \ - -sha256 \ - -in %(name)s-%(kind)s.req \ - -out %(name)s-%(kind)s.cer \ - -extfile %(name)s-%(kind)s.conf \ - -extensions req_x509_ext \ - -days 30 \ - -text \ - -CA %(name)s-TA.cer \ - -CAkey %(name)s-TA.key \ - -CAcreateserial \ -''' - -bpki_cert_fmt_6 = ''' && \ -%(openssl)s ca -batch \ - -gencrl \ - -out %(name)s-%(kind)s.crl \ - -config %(name)s-%(kind)s.conf \ -''' - -yaml_fmt_1 = '''--- -version: 1 -posturl: http://localhost:%(http_port)s/up-down/%(parent_name)s/%(my_name)s -recipient-id: "%(parent_name)s" -sender-id: "%(my_name)s" - -cms-cert-file: %(my_name)s-RPKI.cer -cms-key-file: %(my_name)s-RPKI.key -cms-ca-cert-file: %(my_name)s-TA.cer -cms-crl-file: %(my_name)s-TA.crl -cms-ca-certs-file: - - %(my_name)s-TA-%(parent_name)s-SELF.cer - -ssl-cert-file: %(my_name)s-RPKI.cer -ssl-key-file: %(my_name)s-RPKI.key -ssl-ca-cert-file: %(my_name)s-TA.cer -ssl-ca-certs-file: - - %(my_name)s-TA-%(parent_host)s-TA.cer - -# We're cheating here by hardwiring the class name - -requests: - list: - type: list - issue: - type: issue - class: %(class_name)s - sia: - - %(sia)s - cert-request-key-file: %(my_name)s.key - revoke: - type: revoke - class: %(class_name)s - ski: %(ski)s -''' - -conf_fmt_1 = '''\ - -[irdbd] - -startup-message = This is %(my_name)s irdbd - -sql-database = %(irdb_db_name)s -sql-username = irdb -sql-password = %(irdb_db_pass)s -bpki-ta = %(my_name)s-TA.cer -rpkid-cert = %(my_name)s-RPKI.cer -irdbd-cert = %(my_name)s-IRDB.cer -irdbd-key = %(my_name)s-IRDB.key -http-url = http://localhost:%(irdb_port)d/ -enable_tracebacks = yes - -[irbe_cli] - -rpkid-bpki-ta = %(my_name)s-TA.cer -rpkid-cert = %(my_name)s-RPKI.cer -rpkid-irbe-cert = %(my_name)s-IRBE.cer -rpkid-irbe-key = %(my_name)s-IRBE.key -rpkid-url = http://localhost:%(rpki_port)d/left-right -enable_tracebacks = yes - -[rpkid] - -startup-message = This is %(my_name)s rpkid - -sql-database = %(rpki_db_name)s -sql-username = rpki -sql-password = %(rpki_db_pass)s - -bpki-ta = %(my_name)s-TA.cer -rpkid-key = %(my_name)s-RPKI.key -rpkid-cert = %(my_name)s-RPKI.cer -irdb-cert = %(my_name)s-IRDB.cer -irbe-cert = %(my_name)s-IRBE.cer - -irdb-url = http://localhost:%(irdb_port)d/ - -server-host = localhost -server-port = %(rpki_port)d - -use-internal-cron = false -enable_tracebacks = yes -''' - -rootd_fmt_1 = '''\ - -[rootd] - -bpki-ta = %(rootd_name)s-TA.cer -rootd-bpki-cert = %(rootd_name)s-RPKI.cer -rootd-bpki-key = %(rootd_name)s-RPKI.key -rootd-bpki-crl = %(rootd_name)s-TA.crl -child-bpki-cert = %(rootd_name)s-TA-%(rpkid_name)s-SELF.cer - -server-port = %(rootd_port)s - -rpki-root-dir = %(rsyncd_dir)sroot -rpki-base-uri = %(rootd_sia)sroot/ -rpki-root-cert-uri = %(rootd_sia)sroot.cer - -rpki-root-key = root.key -rpki-root-cert = root.cer - -rpki-subject-pkcs10 = %(rootd_name)s.subject.pkcs10 -rpki-subject-lifetime = %(lifetime)s - -rpki-root-crl = root.crl -rpki-root-manifest = root.mft - -rpki-class-name = trunk -rpki-subject-cert = trunk.cer - -include-bpki-crl = yes -enable_tracebacks = yes - -[req] -default_bits = 2048 -encrypt_key = no -distinguished_name = req_dn -prompt = no -default_md = sha256 -default_days = 60 - -[req_dn] -CN = Completely Bogus Test Root (NOT FOR PRODUCTION USE) - -[req_x509_ext] -basicConstraints = critical,CA:true -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always - -[req_x509_rpki_ext] -basicConstraints = critical,CA:true -subjectKeyIdentifier = hash -keyUsage = critical,keyCertSign,cRLSign -subjectInfoAccess = @sia -sbgp-autonomousSysNum = critical,AS:0-4294967295 -sbgp-ipAddrBlock = critical,IPv4:0.0.0.0/0,IPv6:0::/0 -certificatePolicies = critical, @rpki_certificate_policy - -[sia] - -1.3.6.1.5.5.7.48.5;URI = %(rootd_sia)sroot/ -1.3.6.1.5.5.7.48.10;URI = %(rootd_sia)sroot/root.mft - -[rpki_certificate_policy] - -policyIdentifier = 1.3.6.1.5.5.7.14.2 -''' - -rootd_fmt_2 = '''\ -%(openssl)s genrsa -out root.key 2048 && -''' - -rootd_fmt_3 = '''\ -echo >%(rootd_name)s.tal %(rootd_sia)sroot.cer && -echo >>%(rootd_name)s.tal && -%(openssl)s rsa -pubout -in root.key | -awk '!/-----(BEGIN|END)/' >>%(rootd_name)s.tal && -%(openssl)s req -new -text -sha256 \ - -key root.key \ - -out %(rootd_name)s.req \ - -config %(rootd_name)s.conf \ - -extensions req_x509_rpki_ext && -%(openssl)s x509 -req -sha256 \ - -in %(rootd_name)s.req \ - -out root.cer \ - -outform DER \ - -extfile %(rootd_name)s.conf \ - -extensions req_x509_rpki_ext \ - -signkey root.key && -ln -f root.cer %(rsyncd_dir)s -''' - -rcynic_fmt_1 = '''\ -[rcynic] -xml-summary = %(rcynic_name)s.xml -jitter = 0 -use-links = yes -use-syslog = no -use-stderr = yes -log-level = log_debug -trust-anchor-locator = %(rootd_name)s.tal -''' - -rsyncd_fmt_1 = '''\ -port = %(rsyncd_port)d -address = localhost - -[%(rsyncd_module)s] -read only = yes -transfer logging = yes -use chroot = no -path = %(rsyncd_dir)s -comment = RPKI test -''' - -pubd_fmt_1 = '''\ -[pubd] - -sql-database = %(pubd_db_name)s -sql-username = %(pubd_db_user)s -sql-password = %(pubd_db_pass)s -bpki-ta = %(pubd_name)s-TA.cer -pubd-cert = %(pubd_name)s-PUBD.cer -pubd-key = %(pubd_name)s-PUBD.key -irbe-cert = %(pubd_name)s-IRBE.cer -server-host = localhost -server-port = %(pubd_port)d -publication-base = %(pubd_dir)s -enable_tracebacks = yes -''' - -main() diff --git a/rpkid/tests/smoketest.setup.sql b/rpkid/tests/smoketest.setup.sql deleted file mode 100644 index 326988f1..00000000 --- a/rpkid/tests/smoketest.setup.sql +++ /dev/null @@ -1,112 +0,0 @@ --- $Id$ --- --- Run this manually under the MySQL CLI to set up databases for testdb.py. --- testdb.py doesn't do this automatically because it requires privileges --- that smoketest.py doesn't (or at least shouldn't) have. - --- Copyright (C) 2009 Internet Systems Consortium ("ISC") --- --- Permission to use, copy, modify, and distribute this software for any --- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. --- --- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. --- --- Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") --- --- Permission to use, copy, modify, and distribute this software for any --- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. --- --- THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. - - -CREATE DATABASE irdb0; -CREATE DATABASE irdb1; -CREATE DATABASE irdb2; -CREATE DATABASE irdb3; -CREATE DATABASE irdb4; -CREATE DATABASE irdb5; -CREATE DATABASE irdb6; -CREATE DATABASE irdb7; -CREATE DATABASE irdb8; -CREATE DATABASE irdb9; -CREATE DATABASE irdb10; -CREATE DATABASE irdb11; - -CREATE DATABASE rpki0; -CREATE DATABASE rpki1; -CREATE DATABASE rpki2; -CREATE DATABASE rpki3; -CREATE DATABASE rpki4; -CREATE DATABASE rpki5; -CREATE DATABASE rpki6; -CREATE DATABASE rpki7; -CREATE DATABASE rpki8; -CREATE DATABASE rpki9; -CREATE DATABASE rpki10; -CREATE DATABASE rpki11; - -CREATE DATABASE pubd0; -CREATE DATABASE pubd1; -CREATE DATABASE pubd2; -CREATE DATABASE pubd3; -CREATE DATABASE pubd4; -CREATE DATABASE pubd5; -CREATE DATABASE pubd6; -CREATE DATABASE pubd7; -CREATE DATABASE pubd8; -CREATE DATABASE pubd9; -CREATE DATABASE pubd10; -CREATE DATABASE pubd11; - -GRANT ALL ON irdb0.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb1.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb2.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb3.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb4.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb5.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb6.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb7.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb8.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb9.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb10.* TO irdb@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON irdb11.* TO irdb@localhost IDENTIFIED BY 'fnord'; - -GRANT ALL ON rpki0.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki1.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki2.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki3.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki4.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki5.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki6.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki7.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki8.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki9.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki10.* TO rpki@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON rpki11.* TO rpki@localhost IDENTIFIED BY 'fnord'; - -GRANT ALL ON pubd0.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd1.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd2.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd3.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd4.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd5.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd6.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd7.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd8.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd9.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd10.* TO pubd@localhost IDENTIFIED BY 'fnord'; -GRANT ALL ON pubd11.* TO pubd@localhost IDENTIFIED BY 'fnord'; diff --git a/rpkid/tests/split-protocol-samples.xsl b/rpkid/tests/split-protocol-samples.xsl deleted file mode 100644 index 8800b6da..00000000 --- a/rpkid/tests/split-protocol-samples.xsl +++ /dev/null @@ -1,40 +0,0 @@ -<!-- -*- SGML -*- - - $Id$ - - - - Copyright (C) 2007-2008 American Registry for Internet Numbers ("ARIN") - - - - Permission to use, copy, modify, and distribute this software for any - - purpose with or without fee is hereby granted, provided that the above - - copyright notice and this permission notice appear in all copies. - - - - THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH - - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - - AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, - - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - - PERFORMANCE OF THIS SOFTWARE. - --> - -<xsl:transform xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0" - xmlns:exsl="http://exslt.org/common" - extension-element-prefixes="exsl"> - - <xsl:param name="dir">.</xsl:param> - <xsl:param name="verbose" select="1"/> - - <xsl:strip-space elements="*"/> - - <xsl:template match="/completely_gratuitous_wrapper_element_to_let_me_run_this_through_xmllint"> - <xsl:for-each select="*"> - <xsl:variable name="filename" select="concat($dir, '/pdu.', format-number(position(), '000'), '.xml')"/> - <xsl:if test="$verbose"> - <xsl:message><xsl:text>Writing </xsl:text><xsl:value-of select="$filename"/></xsl:message> - </xsl:if> - <exsl:document href="{$filename}" indent="yes" encoding="US-ASCII"> - <xsl:comment>Automatically generated, do not edit.</xsl:comment> - <xsl:copy-of select="." /> - </exsl:document> - </xsl:for-each> - </xsl:template> -</xsl:transform> diff --git a/rpkid/tests/sql-cleaner.py b/rpkid/tests/sql-cleaner.py deleted file mode 100644 index c5b25ac2..00000000 --- a/rpkid/tests/sql-cleaner.py +++ /dev/null @@ -1,61 +0,0 @@ -# $Id$ -# -# Copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -""" -(Re)Initialize SQL tables used by these programs. -""" - -import rpki.config -import rpki.sql_schemas -from rpki.mysql_import import MySQLdb - -cfg = rpki.config.parser(None, "yamltest", allow_missing = True) - -for name in ("rpkid", "irdbd", "pubd"): - - username = cfg.get("%s_sql_username" % name, name[:4]) - password = cfg.get("%s_sql_password" % name, "fnord") - - schema = [] - for line in getattr(rpki.sql_schemas, name, "").splitlines(): - schema.extend(line.partition("--")[0].split()) - schema = " ".join(schema).strip(";").split(";") - schema = [statement.strip() for statement in schema if statement and "DROP TABLE" not in statement] - - db = MySQLdb.connect(user = username, passwd = password) - cur = db.cursor() - - cur.execute("SHOW DATABASES") - - databases = [r[0] for r in cur.fetchall() if r[0][:4] == name[:4] and r[0][4:].isdigit()] - - for database in databases: - - cur.execute("USE " + database) - - cur.execute("SHOW TABLES") - tables = [r[0] for r in cur.fetchall()] - - cur.execute("SET foreign_key_checks = 0") - for table in tables: - cur.execute("DROP TABLE %s" % table) - cur.execute("SET foreign_key_checks = 1") - - for statement in schema: - cur.execute(statement) - - cur.close() - db.close() diff --git a/rpkid/tests/sql-dumper.py b/rpkid/tests/sql-dumper.py deleted file mode 100644 index f4a7681d..00000000 --- a/rpkid/tests/sql-dumper.py +++ /dev/null @@ -1,43 +0,0 @@ -# $Id$ -# -# Copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -""" -Dump backup copies of SQL tables used by these programs. -""" - -import subprocess -import rpki.config -from rpki.mysql_import import MySQLdb - -cfg = rpki.config.parser(None, "yamltest", allow_missing = True) - -for name in ("rpkid", "irdbd", "pubd"): - - username = cfg.get("%s_sql_username" % name, name[:4]) - password = cfg.get("%s_sql_password" % name, "fnord") - - cmd = ["mysqldump", "-u", username, "-p" + password, "--databases"] - - db = MySQLdb.connect(user = username, passwd = password) - cur = db.cursor() - - cur.execute("SHOW DATABASES") - cmd.extend(r[0] for r in cur.fetchall() if r[0][:4] == name[:4] and r[0][4:].isdigit()) - - cur.close() - db.close() - - subprocess.check_call(cmd, stdout = open("backup.%s.sql" % name, "w")) diff --git a/rpkid/tests/testpoke.py b/rpkid/tests/testpoke.py deleted file mode 100644 index fd5ab206..00000000 --- a/rpkid/tests/testpoke.py +++ /dev/null @@ -1,152 +0,0 @@ -# $Id$ -# -# Copyright (C) 2014 Dragon Research Labs ("DRL") -# Portions copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notices and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL -# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, -# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -""" -Trivial RPKI up-down protocol client, for testing. - -Configuration file is YAML to be compatable with APNIC rpki_poke.pl tool. -""" - -import os -import time -import argparse -import sys -import yaml -import rpki.resource_set -import rpki.up_down -import rpki.left_right -import rpki.x509 -import rpki.http -import rpki.config -import rpki.exceptions -import rpki.relaxng -import rpki.log -import rpki.async - -os.environ["TZ"] = "UTC" -time.tzset() - -parser = argparse.ArgumentParser(description = __doc__) -parser.add_argument("-y", "--yaml", required = True, type = argparse.FileType("r"), - help = "configuration file") -parser.add_argument("-r", "--request", - help = "request name") -parser.add_argument("-d", "--debug", - help = "enable debugging") -args = parser.parse_args() - -rpki.log.init("testpoke") - -if args.debug: - rpki.log.set_trace(True) - -yaml_data = yaml.load(args.yaml) - -yaml_cmd = args.request - -if yaml_cmd is None and len(yaml_data["requests"]) == 1: - yaml_cmd = yaml_data["requests"].keys()[0] - -yaml_req = yaml_data["requests"][yaml_cmd] - -def get_PEM(name, cls, y = yaml_data): - if name in y: - return cls(PEM = y[name]) - if name + "-file" in y: - return cls(PEM_file = y[name + "-file"]) - return None - -def get_PEM_chain(name, cert = None): - chain = [] - if cert is not None: - chain.append(cert) - if name in yaml_data: - chain.extend([rpki.x509.X509(PEM = x) for x in yaml_data[name]]) - elif name + "-file" in yaml_data: - chain.extend([rpki.x509.X509(PEM_file = x) for x in yaml_data[name + "-file"]]) - return chain - -def query_up_down(q_pdu): - q_msg = rpki.up_down.message_pdu.make_query( - payload = q_pdu, - sender = yaml_data["sender-id"], - recipient = yaml_data["recipient-id"]) - q_der = rpki.up_down.cms_msg().wrap(q_msg, cms_key, cms_certs, cms_crl) - - def done(r_der): - global last_cms_timestamp - r_cms = rpki.up_down.cms_msg(DER = r_der) - r_msg = r_cms.unwrap([cms_ta] + cms_ca_certs) - last_cms_timestamp = r_cms.check_replay(last_cms_timestamp) - print r_cms.pretty_print_content() - try: - r_msg.payload.check_response() - except (rpki.async.ExitNow, SystemExit): - raise - except Exception, e: - fail(e) - - rpki.http.want_persistent_client = False - - rpki.http.client( - msg = q_der, - url = yaml_data["posturl"], - callback = done, - errback = fail) - -def do_list(): - query_up_down(rpki.up_down.list_pdu()) - -def do_issue(): - q_pdu = rpki.up_down.issue_pdu() - req_key = get_PEM("cert-request-key", rpki.x509.RSA, yaml_req) or cms_key - q_pdu.class_name = yaml_req["class"] - q_pdu.pkcs10 = rpki.x509.PKCS10.create( - keypair = req_key, - is_ca = True, - caRepository = yaml_req["sia"][0], - rpkiManifest = yaml_req["sia"][0] + req_key.gSKI() + ".mft") - query_up_down(q_pdu) - -def do_revoke(): - q_pdu = rpki.up_down.revoke_pdu() - q_pdu.class_name = yaml_req["class"] - q_pdu.ski = yaml_req["ski"] - query_up_down(q_pdu) - -dispatch = { "list" : do_list, "issue" : do_issue, "revoke" : do_revoke } - -def fail(e): # pylint: disable=W0621 - rpki.log.traceback(args.debug) - sys.exit("Testpoke failed: %s" % e) - -cms_ta = get_PEM("cms-ca-cert", rpki.x509.X509) -cms_cert = get_PEM("cms-cert", rpki.x509.X509) -cms_key = get_PEM("cms-key", rpki.x509.RSA) -cms_crl = get_PEM("cms-crl", rpki.x509.CRL) -cms_certs = get_PEM_chain("cms-cert-chain", cms_cert) -cms_ca_certs = get_PEM_chain("cms-ca-certs") - -last_cms_timestamp = None - -try: - dispatch[yaml_req["type"]]() - rpki.async.event_loop() -except Exception, e: - fail(e) diff --git a/rpkid/tests/testpoke.xsl b/rpkid/tests/testpoke.xsl deleted file mode 100644 index 91658b0b..00000000 --- a/rpkid/tests/testpoke.xsl +++ /dev/null @@ -1,78 +0,0 @@ -<!-- -*- SGML -*- - - $Id$ - - - - Copyright (C) 2008 American Registry for Internet Numbers ("ARIN") - - - - Permission to use, copy, modify, and distribute this software for any - - purpose with or without fee is hereby granted, provided that the above - - copyright notice and this permission notice appear in all copies. - - - - THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH - - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY - - AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, - - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM - - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE - - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - - PERFORMANCE OF THIS SOFTWARE. - --> - -<!-- - - Decoder ring for testpoke.py XML output. Use this to get a - - (somewhat) human-readable listing and to put OpenSSL-style - - delimiters onto the certificates so that "openssl x509" can read - - the result. With a tad more work, we could select just one out of - - the set of multiple certificates, or output YAML. For the moment, - - I'll settle for being readable by human beings and OpenSSL. - --> - -<xsl:transform xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0" - xmlns:rpkiud="http://www.apnic.net/specs/rescerts/up-down/"> - - <xsl:output method="text"/> - - <xsl:param name="show-issuer" select="0"/> - - <xsl:template match="/rpkiud:message[@type = 'list_response']"> - <xsl:value-of select="concat('[Message]', ' ', - 'Version: ', @version, ' ', - 'Sender: ', @sender, ' ', - 'Recipient: ', @recipient, ' ')"/> - <xsl:apply-templates select="rpkiud:class"/> - </xsl:template> - - <xsl:template match="rpkiud:class"> - <xsl:value-of select="concat(' ', - '[Class]', ' ', - 'Name: ', @class_name, ' ', - 'Issuer URL: ', @cert_url, ' ', - 'ASNs: ', @resource_set_as, ' ', - 'IPv4: ', @resource_set_ipv4, ' ', - 'IPv6: ', @resource_set_ipv6, ' ', - 'NotAfter: ', @resource_set_notafter, ' ', - 'SIA head: ', @suggested_sia_head, ' ')"/> - <xsl:if test="$show-issuer"> - <xsl:apply-templates select="rpkiud:issuer"/> - </xsl:if> - <xsl:apply-templates select="rpkiud:certificate"/> - </xsl:template> - - <xsl:template match="rpkiud:certificate"> - <xsl:value-of select="concat(' ', - '[Certificate]', ' ', - 'Subject URL: ', @cert_url, ' ', - 'Req ASNs: ', @resource_set_as, ' ', - 'Req IPv4: ', @resource_set_ipv4, ' ', - 'Req IPv6: ', @resource_set_ipv6, ' ')"/> - <xsl:call-template name="show-pem"/> - </xsl:template> - - <xsl:template match="rpkiud:issuer" name="show-pem"> - <xsl:text> </xsl:text> - <xsl:text>-----BEGIN CERTIFICATE-----</xsl:text> - <xsl:text> </xsl:text> - <xsl:value-of select="text()"/> - <xsl:text>-----END CERTIFICATE-----</xsl:text> - <xsl:text> </xsl:text> - </xsl:template> - -</xsl:transform> diff --git a/rpkid/tests/testpoke.yaml b/rpkid/tests/testpoke.yaml deleted file mode 100644 index f2b2c618..00000000 --- a/rpkid/tests/testpoke.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# $Id$ - -version: 1 -posturl: http://localhost:4433/up-down/1 -recipient-id: wombat -sender-id: "1" - -cms-cert-file: biz-certs/Frank-EE.cer -cms-key-file: biz-certs/Frank-EE.key -cms-ca-cert-file: biz-certs/Bob-Root.cer -cms-cert-chain-file: [ biz-certs/Frank-CA.cer ] - -requests: - list: - type: list - issue: - type: issue - class: 1 - sia: [ "rsync://bandicoot.invalid/some/where/" ] - revoke: - type: revoke - class: 1 - ski: "CB5K6APY-4KcGAW9jaK_cVPXKX0" diff --git a/rpkid/tests/up-down-protocol-samples/Makefile b/rpkid/tests/up-down-protocol-samples/Makefile deleted file mode 100644 index 10ee791a..00000000 --- a/rpkid/tests/up-down-protocol-samples/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -XMLLINT = xmllint --noout --relaxng -JING = java -jar /usr/local/share/java/classes/jing.jar -SCHEMA = ../up-down-medium-schema.rng - -all: jing xmllint - -jing: - ${JING} ${SCHEMA} *.xml - -xmllint: - ${XMLLINT} ${SCHEMA} *.xml diff --git a/rpkid/tests/up-down-protocol-samples/error_response.xml b/rpkid/tests/up-down-protocol-samples/error_response.xml deleted file mode 100644 index 83af6649..00000000 --- a/rpkid/tests/up-down-protocol-samples/error_response.xml +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="error_response"> - <status>2001</status> - <description xml:lang="en-US">[Readable text]</description> -</message> diff --git a/rpkid/tests/up-down-protocol-samples/issue1.xml b/rpkid/tests/up-down-protocol-samples/issue1.xml deleted file mode 100644 index 4b8366f9..00000000 --- a/rpkid/tests/up-down-protocol-samples/issue1.xml +++ /dev/null @@ -1,25 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="issue"> - <request class_name="class name" - req_resource_set_as="64534-64540" - req_resource_set_ipv4="" - req_resource_set_ipv6=""> - MIICYTCCAUkCAQAwHDEaMBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0G - CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOng - KdOJIOlRSWcsQ9qgLNREs5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zq - m1yYeks+xOJZQtMZyg9YDrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2Q - QQ8POyrADNl7fehQE/YJc4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4A - AbsFXi4Dmq2VO8rCxodkdDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8N - UBM90T6Mvdx0qTOoVh0xeHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGg - ADANBgkqhkiG9w0BAQUFAAOCAQEAj9bYIVfREySBzUhQSlbNi9kfdXgivC/4A7pn - b4sMm081S05u0QLhyh1XNF/L3/U5yVElVHE8xobM/CuAkXpy7N5GSYj2T28Fmn77 - 1y/xdGg6Jp26OkbrqY3gjQAaMigYg9/6tPAc9fgLiQAJLUUYb2hRqaqu4Ze8RrxU - RsnVpAHWYDFWJhNqEp8eErzAVLqxpmoYJKgmpK6TKyYKuf8+xf3Rlkb4+iu2FotR - DQrmcd6jmMjp9xLejDEuoPgcfpVP2CB1jUCAIW7yE7+a7vj9Mop1gs61zP8y/p2V - rVnXgEy93WZLjQt1D29oKhlcFGtCG4nqIBCDAWVuz/LGACB85w== - </request> -</message> diff --git a/rpkid/tests/up-down-protocol-samples/issue2.xml b/rpkid/tests/up-down-protocol-samples/issue2.xml deleted file mode 100644 index a991cbcd..00000000 --- a/rpkid/tests/up-down-protocol-samples/issue2.xml +++ /dev/null @@ -1,24 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="issue"> - <request class_name="class name" - req_resource_set_ipv4="" - req_resource_set_ipv6=""> - MIICYTCCAUkCAQAwHDEaMBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0G - CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOng - KdOJIOlRSWcsQ9qgLNREs5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zq - m1yYeks+xOJZQtMZyg9YDrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2Q - QQ8POyrADNl7fehQE/YJc4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4A - AbsFXi4Dmq2VO8rCxodkdDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8N - UBM90T6Mvdx0qTOoVh0xeHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGg - ADANBgkqhkiG9w0BAQUFAAOCAQEAj9bYIVfREySBzUhQSlbNi9kfdXgivC/4A7pn - b4sMm081S05u0QLhyh1XNF/L3/U5yVElVHE8xobM/CuAkXpy7N5GSYj2T28Fmn77 - 1y/xdGg6Jp26OkbrqY3gjQAaMigYg9/6tPAc9fgLiQAJLUUYb2hRqaqu4Ze8RrxU - RsnVpAHWYDFWJhNqEp8eErzAVLqxpmoYJKgmpK6TKyYKuf8+xf3Rlkb4+iu2FotR - DQrmcd6jmMjp9xLejDEuoPgcfpVP2CB1jUCAIW7yE7+a7vj9Mop1gs61zP8y/p2V - rVnXgEy93WZLjQt1D29oKhlcFGtCG4nqIBCDAWVuz/LGACB85w== - </request> -</message> diff --git a/rpkid/tests/up-down-protocol-samples/issue_response.xml b/rpkid/tests/up-down-protocol-samples/issue_response.xml deleted file mode 100644 index 1ee34f62..00000000 --- a/rpkid/tests/up-down-protocol-samples/issue_response.xml +++ /dev/null @@ -1,117 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="issue_response"> - <class class_name="ISP5" - cert_url="rsync://wombat.example/ISP5" - resource_set_as="64534-64540" - resource_set_ipv4="10.0.0.0/24,10.3.0.0/24" - resource_set_ipv6="2001:db8:0:0:0:0:a00::/120,2001:db8:0:0:0:0:a03::/120" - resource_set_notafter="2011-04-01T12:34:56Z" - suggested_sia_head="rsync://wombat.example/fnord/"> - <certificate cert_url="rsync://wombat.example/ISP5a" - req_resource_set_as="" - req_resource_set_ipv4="10.0.0.0/24" - req_resource_set_ipv6="2001:db8:0:0:0:0:a00::/120"> - MIID3jCCAsagAwIBAgIBAzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU - IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowHDEa - MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox - 0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J - YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg - nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl - akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy - PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEqMIIBJjAPBgNVHRMB - Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAfBgNVHSME - GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB - BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0 - cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j - Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB - Af8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoAADAN - BgkqhkiG9w0BAQUFAAOCAQEAkzKZYt3F6vAfWFAQN9M5N9n2klEmL9b9b4K4Vmv9 - DPNCBFbtZytCAphWB/FILS60MrvXHCcUoOmtOx3+Cw5D3yKX8Y9z2HbWmw2/7iDo - dxejgwGzI0OFa79vzC5pRwVz9CFFlMiuIShBFpHuSElmWmcxcQTJSXGU1fSGXHvG - Pv6RHSGzFJhUrW5RKOmoIrqk0JyM49R8IRAM+aMA+MOfALRTNAavW0pDlcuy+4wY - AIYRKF4k4ZDYZ9gA/LYnH56xvpEXwRE1bpxgUC5n8wQrdIn5/pJz3R5EgWe4CGOo - n/SMvEfe8d+LEc0C7LmtCwYoDOKENoOF809GVkbV9fjL8w== - </certificate> - <certificate cert_url="rsync://wombat.example/ISP5b" - req_resource_set_as="" - req_resource_set_ipv4="10.3.0.0/24" - req_resource_set_ipv6="2001:db8:0:0:0:0:a03::/120"> - MIID3jCCAsagAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU - IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMFoXDTA4MDczMTE0NDgyMFowHDEa - MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON - m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT - D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t - tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp - OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe - RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEqMIIBJjAPBgNVHRMB - Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAfBgNVHSME - GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB - BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0 - cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j - Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB - Af8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoDADAN - BgkqhkiG9w0BAQUFAAOCAQEARNgVrXF+6W7sMytC7YyKSt+CpJGZV7AvzKNZKv8k - xazhefrXkrpyK0caz4BtCHbptZFgNR/dDOC9M3wn0PcRTh9ISgW8beNfut16uj1F - fZdylJvNMXa4lt/wfRbzKqPicusCH0nutkRIW2mZuLuAO8v1vKr4umgZU+z/rXWu - glEA7OeBwmvPoqKixbgER5GtnTNySKIVVa1DUo/2CaPT/YjT48P0zXHoy6rnNgcn - 2emkoegzzS2cN+5I5I+O8IRnZInqmiPgEgElgEFw+rg6xw23yax5Nyqx12J56tt0 - tPWGhrYe1dCwKZajWKn3P9+NMcGQ0d8bw/QU+B3RyVeVfw== - </certificate> - <certificate cert_url="rsync://wombat.example/ISP5c" - req_resource_set_as="64534-64540" - req_resource_set_ipv4="" - req_resource_set_ipv6=""> - MIIDxjCCAq6gAwIBAgIBATANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU - IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgxOFoXDTA4MDczMTE0NDgxOFowHDEa - MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE - s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y - DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ - c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk - dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x - eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjggESMIIBDjAPBgNVHRMB - Af8EBTADAQH/MB0GA1UdDgQWBBQth8Ga+FgrvcL4fjBHs6mIN8nrRjAfBgNVHSME - GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB - BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0 - cm4ubmV0L0lTUDVjLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j - Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwIQYIKwYBBQUHAQgB - Af8EEjAQoA4wDDAKAgMA/BYCAwD8HDANBgkqhkiG9w0BAQUFAAOCAQEAUGsbhHfl - kwhe3EIkhnARJPgRkWgPCJtJ9konhROT7VlJ0Pim0kSrJWlBWUCLeKvSjQmowP4g - SddHxN4ZoXnSjb0pCDeomrZeViVQ2hxH6L/tHkl5SIEHl9MvFOe8junvgpq9GGAI - CFcibkW7Gp9p4A+GQkns0l9v+wGwuVZmqmJk4YBo7hHZRbg6/IFL1MD3HKeXmn33 - lCwFhjUuDIMXRbY/1k5fui13QUolN7mLSk60NvXJ94Tga68c1eCIpapvhxAYw69G - 7mOX42aYu1FnidZNj7Lt9jOuW0REHlavrG17HxP5loTuCNtLH1ZIrJcO7rUz9C0D - YqMybYWFUqZHyg== - </certificate> - <issuer> - MIIEFTCCAv2gAwIBAgIBDjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU - IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw - FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A - MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9 - g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM - N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+ - tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls - zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs - hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBYzCCAV8wDwYDVR0TAQH/ - BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwHwYDVR0jBBgw - FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF - BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu - Lm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v - d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAhBggrBgEFBQcBCAEB/wQS - MBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQA - CgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAA - AAAKAwAwDQYJKoZIhvcNAQEFBQADggEBAEhmCa7kUuozB6aST0Gd2XStJBcR1oWI - 8mZS5WEOjnjbVvuryDEb0fLs3x2HgCHZgZ7IAOg31cNxJpc1Ff6ZYEG+m3LpkcG/ - yOMllfOVK8RQSY+nKuya2fm2J3dCOKogEjBW20HwxNd1WgFLrDaOTR9V+iROBPKs - 3ppMPp6ksPqEqDU/3N3bLHROIISlFwWHilXuTK5ZAnzncDIQnm+zUuxI/0d3v6Fp - 8VxVlNBHqzo0VpakZOkxwqo01qJRsoxVaIxeetGNQ4noPhtj6bEM4Y8xDS9f3R7o - eEHUSTnKonMemm/AB3KZnjwL7rkL2FI1ThmDRO3Z3lprbThjThJF8EU= - </issuer> - </class> -</message> diff --git a/rpkid/tests/up-down-protocol-samples/list.xml b/rpkid/tests/up-down-protocol-samples/list.xml deleted file mode 100644 index 01a803f3..00000000 --- a/rpkid/tests/up-down-protocol-samples/list.xml +++ /dev/null @@ -1,6 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="list" /> diff --git a/rpkid/tests/up-down-protocol-samples/list_response.xml b/rpkid/tests/up-down-protocol-samples/list_response.xml deleted file mode 100644 index 09634955..00000000 --- a/rpkid/tests/up-down-protocol-samples/list_response.xml +++ /dev/null @@ -1,171 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="list_response"> - <class class_name="ISP5" - cert_url="rsync://wombat.example/ISP5" - resource_set_as="64534-64540" - resource_set_ipv4="10.0.0.0/24,10.3.0.0/24" - resource_set_ipv6="2001:db8:0:0:0:0:a00::/120,2001:db8:0:0:0:0:a03::/120" - resource_set_notafter="2011-04-01T12:34:56Z" - suggested_sia_head="rsync://wombat.example/fnord/"> - <certificate cert_url="rsync://wombat.example/ISP5a" - req_resource_set_as="" - req_resource_set_ipv4="10.0.0.0/24" - req_resource_set_ipv6="2001:db8:0:0:0:0:a00::/120"> - MIID3jCCAsagAwIBAgIBAzANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU - IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowHDEa - MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQDmS614KGvmUBtlgdWNK1Z3zbvJR6CqMrAsrB/x5JArwjNv51Ox - 0B2rBSedt6HuqE/IWzYj4xLkUVknzf16qtxWBaFzq3ndPIKyj6757MA2OOYCqv2J - YCFSW7YzgHXlf/2sbuzUmiYvfihFFilHffOKctXkZfr0VG+uSDNiwTLxK4MzNmNg - nrzH55ldUdrNL4+DRyCe6cyjcsByvUktxFLqb9pCRnGQx69/n8fdC5aWPEWfwOpl - akPj85LV4XPAbiD1F+XRWNohs+kMTfDovXy374HJ9XDPqCB94mr5G2apyHHWMvhy - PYOZGQ0Ma+n4ks0zF4ZqPa8NBZSrHNQspEXLAgMBAAGjggEqMIIBJjAPBgNVHRMB - Af8EBTADAQH/MB0GA1UdDgQWBBQJ8BQLefsL/6jvVLnsPrmL0Muc7DAfBgNVHSME - GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB - BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0 - cm4ubmV0L0lTUDVhLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j - Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB - Af8EKjAoMAwEAgABMAYDBAAKAAAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoAADAN - BgkqhkiG9w0BAQUFAAOCAQEAkzKZYt3F6vAfWFAQN9M5N9n2klEmL9b9b4K4Vmv9 - DPNCBFbtZytCAphWB/FILS60MrvXHCcUoOmtOx3+Cw5D3yKX8Y9z2HbWmw2/7iDo - dxejgwGzI0OFa79vzC5pRwVz9CFFlMiuIShBFpHuSElmWmcxcQTJSXGU1fSGXHvG - Pv6RHSGzFJhUrW5RKOmoIrqk0JyM49R8IRAM+aMA+MOfALRTNAavW0pDlcuy+4wY - AIYRKF4k4ZDYZ9gA/LYnH56xvpEXwRE1bpxgUC5n8wQrdIn5/pJz3R5EgWe4CGOo - n/SMvEfe8d+LEc0C7LmtCwYoDOKENoOF809GVkbV9fjL8w== - </certificate> - <certificate cert_url="rsync://wombat.example/ISP5b" - req_resource_set_as="" - req_resource_set_ipv4="10.3.0.0/24" - req_resource_set_ipv6="2001:db8:0:0:0:0:a03::/120"> - MIID3jCCAsagAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU - IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgyMFoXDTA4MDczMTE0NDgyMFowHDEa - MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQC/j1nY/PodBHApznsBZCFA3FxD/kyviMhim76cco+KpTSKOyON - m4pPv2asaHGc/WhZ9b+fTS611uP6vfNgU1y3EayVC8CHzZmelFeN7AW436r8jjjT - D2VtCWDy4ZiBcthRPkGRsxCV9fXQ+eVcoYX6cSaF49FMAn8U4h5KipZontYWpe+t - tYNizSN0fIJWtNE0U1qKemGfrlRb7/lW3odrQpK8SfS1wzUHShhH0pLGHBZ0dLHp - OTxTEgWd69ycciuXTSchd5Z9TM55DPunuJlrZiAuVpxEtONegMR9eKG0BfcgfSYe - RL9daRU8eiRnvbm1CA8zTa87Lee5qx0r1vtzAgMBAAGjggEqMIIBJjAPBgNVHRMB - Af8EBTADAQH/MB0GA1UdDgQWBBRss2WU/safSlCdTYtAGqH9lxeXkjAfBgNVHSME - GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB - BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0 - cm4ubmV0L0lTUDViLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j - Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwOQYIKwYBBQUHAQcB - Af8EKjAoMAwEAgABMAYDBAAKAwAwGAQCAAIwEgMQACABDbgAAAAAAAAAAAoDADAN - BgkqhkiG9w0BAQUFAAOCAQEARNgVrXF+6W7sMytC7YyKSt+CpJGZV7AvzKNZKv8k - xazhefrXkrpyK0caz4BtCHbptZFgNR/dDOC9M3wn0PcRTh9ISgW8beNfut16uj1F - fZdylJvNMXa4lt/wfRbzKqPicusCH0nutkRIW2mZuLuAO8v1vKr4umgZU+z/rXWu - glEA7OeBwmvPoqKixbgER5GtnTNySKIVVa1DUo/2CaPT/YjT48P0zXHoy6rnNgcn - 2emkoegzzS2cN+5I5I+O8IRnZInqmiPgEgElgEFw+rg6xw23yax5Nyqx12J56tt0 - tPWGhrYe1dCwKZajWKn3P9+NMcGQ0d8bw/QU+B3RyVeVfw== - </certificate> - <certificate cert_url="rsync://wombat.example/ISP5c" - req_resource_set_as="64534-64540" - req_resource_set_ipv4="" - req_resource_set_ipv6=""> - MIIDxjCCAq6gAwIBAgIBATANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU - IEVOVElUWSBMSVIzMB4XDTA3MDgwMTE0NDgxOFoXDTA4MDczMTE0NDgxOFowHDEa - MBgGA1UEAxMRVEVTVCBFTlRJVFkgSVNQNWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB - DwAwggEKAoIBAQDIi6ElZd/uon9Ur1IKGhr6DXWzPOngKdOJIOlRSWcsQ9qgLNRE - s5YUqQd3YLlvAe+OVKV0rFpn+DBNEPmsn7h1YQv253zqm1yYeks+xOJZQtMZyg9Y - DrfIgk7lu6z9kuWIsvxkz244OxiD/OemrvuQNtDhyk2QQQ8POyrADNl7fehQE/YJ - c4Kj0uO7ggiHf9K7Dg56KLYlArXZUfwzMkdH/89/vO4AAbsFXi4Dmq2VO8rCxodk - dDmqWWuu4KdRGgfyjkyOZS/f8pm64LaKT8AgcnmYAI8NUBM90T6Mvdx0qTOoVh0x - eHznAp6NChQSbdM3x3rwhBD+/k0olyZuCIWhAgMBAAGjggESMIIBDjAPBgNVHRMB - Af8EBTADAQH/MB0GA1UdDgQWBBQth8Ga+FgrvcL4fjBHs6mIN8nrRjAfBgNVHSME - GDAWgBSYvgT/gNGrlTmqPfIOZ30AraP9xTAOBgNVHQ8BAf8EBAMCAQYwQgYIKwYB - BQUHAQsENjA0MDIGCCsGAQUFBzAFhiZyc3luYzovL3dvbWJhdHMtci11cy5oYWN0 - cm4ubmV0L0lTUDVjLzBEBggrBgEFBQcBAQQ4MDYwNAYIKwYBBQUHMAKGKHJzeW5j - Oi8vd29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvTElSMy5jZXIwIQYIKwYBBQUHAQgB - Af8EEjAQoA4wDDAKAgMA/BYCAwD8HDANBgkqhkiG9w0BAQUFAAOCAQEAUGsbhHfl - kwhe3EIkhnARJPgRkWgPCJtJ9konhROT7VlJ0Pim0kSrJWlBWUCLeKvSjQmowP4g - SddHxN4ZoXnSjb0pCDeomrZeViVQ2hxH6L/tHkl5SIEHl9MvFOe8junvgpq9GGAI - CFcibkW7Gp9p4A+GQkns0l9v+wGwuVZmqmJk4YBo7hHZRbg6/IFL1MD3HKeXmn33 - lCwFhjUuDIMXRbY/1k5fui13QUolN7mLSk60NvXJ94Tga68c1eCIpapvhxAYw69G - 7mOX42aYu1FnidZNj7Lt9jOuW0REHlavrG17HxP5loTuCNtLH1ZIrJcO7rUz9C0D - YqMybYWFUqZHyg== - </certificate> - <issuer> - MIIEFTCCAv2gAwIBAgIBDjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU - IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw - FwYDVQQDExBURVNUIEVOVElUWSBMSVIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A - MIIBCgKCAQEAoyFXYWSvERjUy96m3K3ZLA8PWJ9+yIVVESZMfPBraBqeagyP5tw9 - g1gqzHesGXNvWvNuJKzNGtwdC0xE9W2LChc9hvno/uZg5Z9AauWU6JpWFxccq8GM - N0ArVb8sXtyNyiV/il/u+xaG6+AI0ybl43DFDGv7G49rXPbiSlilNQHqBRs+zoS+ - tT9tGBZLaOV5TIh9tqVlozrCMtytj4oF7vbpeoDaEqkPWrXS0zGsPtMZJS0o3nls - zv13ZtXjL6nL+YWMILuihiPwk5UgBHjHxwem/vD0RbvPeCvdzpwIpUZoEEzXBWJs - hlotfwY4wk27RIcAQ3nSj/NrsvRcHLloAQIDAQABo4IBYzCCAV8wDwYDVR0TAQH/ - BAUwAwEB/zAdBgNVHQ4EFgQUmL4E/4DRq5U5qj3yDmd9AK2j/cUwHwYDVR0jBBgw - FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF - BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu - Lm5ldC9MSVIzLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v - d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAhBggrBgEFBQcBCAEB/wQS - MBCgDjAMMAoCAwD8FgIDAPwcMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQA - CgAAAwQACgMAMCoEAgACMCQDEAAgAQ24AAAAAAAAAAAKAAADEAAgAQ24AAAAAAAA - AAAKAwAwDQYJKoZIhvcNAQEFBQADggEBAEhmCa7kUuozB6aST0Gd2XStJBcR1oWI - 8mZS5WEOjnjbVvuryDEb0fLs3x2HgCHZgZ7IAOg31cNxJpc1Ff6ZYEG+m3LpkcG/ - yOMllfOVK8RQSY+nKuya2fm2J3dCOKogEjBW20HwxNd1WgFLrDaOTR9V+iROBPKs - 3ppMPp6ksPqEqDU/3N3bLHROIISlFwWHilXuTK5ZAnzncDIQnm+zUuxI/0d3v6Fp - 8VxVlNBHqzo0VpakZOkxwqo01qJRsoxVaIxeetGNQ4noPhtj6bEM4Y8xDS9f3R7o - eEHUSTnKonMemm/AB3KZnjwL7rkL2FI1ThmDRO3Z3lprbThjThJF8EU= - </issuer> - </class> - <class class_name="ISP2" - cert_url="rsync://wombat.example/ISP2" - resource_set_as="" - resource_set_ipv4="192.0.2.44-192.0.2.100" - resource_set_ipv6="" - resource_set_notafter="2011-04-01T12:34:56Z"> - <certificate cert_url="http://wombat.example/ISP2a,rsync://wombat.example/ISP2a,ftp://wombat.example/ISP2a"> - MIIDzDCCArSgAwIBAgIBCTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU - IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowGzEZ - MBcGA1UEAxMQVEVTVCBFTlRJVFkgSVNQMjCCASIwDQYJKoZIhvcNAQEBBQADggEP - ADCCAQoCggEBANB338Qhrxtaa6inKNdDyJttJdiNf5Er45X9kmCsFBLXI2iFSw7b - K+Y44EjbGDePQMCQWA4/CWdfjj8EdQZgkkLz5EUENZVd6SJCLPZcpn15jOEIGXw1 - nTr95/+bKbXuiUfMDYOg4XOvHwmEqAuDzHmIv3wdc9arQhtkmlwZgyud5a1MWAV2 - lXAj7qXAMcqip8gdHvLJ8j04gsJT5VSG8nyxc+Hc6YZzCKxZO74vWMFCxYAYjDoK - KjL2/ijQKFKDxjBpUZBZGZvT1MLgUmrBTlmaGOR4Llf5fytddijJycV+5UOhm2jS - Bhy+P2n5wvqeT2jPY2/bbfxnNcCxbgo37DMCAwEAAaOCARkwggEVMA8GA1UdEwEB - /wQFMAMBAf8wHQYDVR0OBBYEFHOyFhrN3NcwYA/6gZX4ovVOlfOtMB8GA1UdIwQY - MBaAFIqUF/lT8luUVFbfdlETKfZxGaizMA4GA1UdDwEB/wQEAwIBBjBBBggrBgEF - BQcBCwQ1MDMwMQYIKwYBBQUHMAWGJXJzeW5jOi8vd29tYmF0cy1yLXVzLmhhY3Ry - bi5uZXQvSVNQMi8wRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAChihyc3luYzov - L3dvbWJhdHMtci11cy5oYWN0cm4ubmV0L0xJUjEuY2VyMCkGCCsGAQUFBwEHAQH/ - BBowGDAWBAIAATAQMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEA - CvG1rzj5fZOV1Oq/SO+NYzxOHIA9egYgQg4NUpmqSz6v17RhR0+3tPfMmzxepTs8 - ut23KieOG7RcPGvR2f/CEvedgrrPdTS81wu01qhPWJNqriN6N+Mu8XCK3fUO+t+w - PxLUWqwzrRUcpdy+CMOOGg81Eg7e77iAeJCp648AChUdBRI6HTfp9PlKd25pJ7fj - f654MpKGbTkWXllPkxC1sL4cJUcq4o+Sn1zAKkjXUwAUjp6G6s+mIWZQiZU5Pv8n - lYXvPciYf83+wTBllLGtSFyut8hk6WmiB8rC1/5jS96pJaGRSxejqd0r99GlPre+ - QgMe2TRfFuM1esod7j1M1Q== - </certificate> - <issuer> - MIID9jCCAt6gAwIBAgIBEDANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9URVNU - IEVOVElUWSBSSVIwHhcNMDcwODAxMTQ0ODE4WhcNMDgwNzMxMTQ0ODE4WjAbMRkw - FwYDVQQDExBURVNUIEVOVElUWSBMSVIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A - MIIBCgKCAQEAr10c+dm71QHhWzbMUfb9hldgqp7H7E4Fr/tRXHrCWMSoV64UYum8 - tnJ9z0nISkCCSvQ+MLWUJZ5seIFXQ9aFAo3RnLXXNC/iqX0YJ7VHmkIWyJB/lizd - uJgXH3diSggALeBzDDk3ug+nWVlMfM3iXNeYNhBsiD5FmaaIL/Z/MUm6QisTecKy - 8QnZrTekQbZtRqEYBaBTB47gmLLR/Wdod2TV8/4dIjaeJloaqhiUwyx+mq++LJ1e - dSxJ1jcrBh/MY5d+7ixfZ69NYj56HwzhHgLy0gZ1rj8RvI4PE2Q4FDYdXQLsr2XV - uWj0ImYr70dbrTvyr7ZxDJRWinwBNvA6PwIDAQABo4IBRDCCAUAwDwYDVR0TAQH/ - BAUwAwEB/zAdBgNVHQ4EFgQUipQX+VPyW5RUVt92URMp9nEZqLMwHwYDVR0jBBgw - FoAU+7inozZICqCf8C7ci2i8s1xFJdcwDgYDVR0PAQH/BAQDAgEGMEEGCCsGAQUF - BwELBDUwMzAxBggrBgEFBQcwBYYlcnN5bmM6Ly93b21iYXRzLXItdXMuaGFjdHJu - Lm5ldC9MSVIxLzBDBggrBgEFBQcBAQQ3MDUwMwYIKwYBBQUHMAKGJ3JzeW5jOi8v - d29tYmF0cy1yLXVzLmhhY3Rybi5uZXQvUklSLmNlcjAaBggrBgEFBQcBCAEB/wQL - MAmgBzAFAgMA/BUwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCAwDgMFAMAAAgED - BQHAAAIgMA4DBQLAAAIsAwUAwAACZDANBgkqhkiG9w0BAQUFAAOCAQEAcn3dpGAj - ceSZKAuaulzTl0ty64mBPBGFjCXtebJQpeiuDjd0+SyhvpaDNUANNvkyFnQlnPcP - zUZHjrnNrAx+06yEXvYx9KnyBc2C1+DXOySbxxXR253CHZL3Gam4oWcK+z0jOgWD - KQVQ4wAnqYD+u1HxPjsMmK7x7tETckZkj0syTs9kzxqlsTSm8F8Y+ES7E+qNXyR9 - OxVgjr70vdgEp9AQftMQZ781SclWz7eLe5sXC1TuIct1sD6NssHGfCaxfFipSjEk - zeU/pZodfREUQSrlVbbb9HU0N59eHfGGKvZ0vojhuWPOrVzpPJGKTI20aQPn+VJ5 - KH3Nf1ICSa7Vxw== - </issuer> - </class> -</message> diff --git a/rpkid/tests/up-down-protocol-samples/revoke.xml b/rpkid/tests/up-down-protocol-samples/revoke.xml deleted file mode 100644 index eb4b3efb..00000000 --- a/rpkid/tests/up-down-protocol-samples/revoke.xml +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="revoke"> - <key class_name="ISP5" - ski="CfAUC3n7C_-o71S57D65i9DLnOw"/> -</message> diff --git a/rpkid/tests/up-down-protocol-samples/revoke_response.xml b/rpkid/tests/up-down-protocol-samples/revoke_response.xml deleted file mode 100644 index 9f4ebacc..00000000 --- a/rpkid/tests/up-down-protocol-samples/revoke_response.xml +++ /dev/null @@ -1,9 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<message xmlns="http://www.apnic.net/specs/rescerts/up-down/" - version="1" - sender="sender name" - recipient="recipient name" - type="revoke_response"> - <key class_name="ISP5" - ski="CfAUC3n7C_-o71S57D65i9DLnOw"/> -</message> diff --git a/rpkid/tests/xml-parse-test.py b/rpkid/tests/xml-parse-test.py deleted file mode 100644 index 42b54695..00000000 --- a/rpkid/tests/xml-parse-test.py +++ /dev/null @@ -1,119 +0,0 @@ -# $Id$ -# -# Copyright (C) 2010 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. -# -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -import glob, lxml.etree, lxml.sax -import rpki.up_down, rpki.left_right, rpki.publication, rpki.relaxng - -verbose = False - -def test(fileglob, rng, sax_handler, encoding, tester = None): - files = glob.glob(fileglob) - files.sort() - for f in files: - print "<!--", f, "-->" - handler = sax_handler() - elt_in = lxml.etree.parse(f).getroot() - if verbose: - print "<!-- Input -->" - print lxml.etree.tostring(elt_in, pretty_print = True, encoding = encoding, xml_declaration = True) - rng.assertValid(elt_in) - lxml.sax.saxify(elt_in, handler) - elt_out = handler.result.toXML() - if verbose: - print "<!-- Output -->" - print lxml.etree.tostring(elt_out, pretty_print = True, encoding = encoding, xml_declaration = True) - rng.assertValid(elt_out) - if (tester): - tester(elt_in, elt_out, handler.result) - if verbose: - print - -def pprint(pairs): - if verbose: - for thing, name in pairs: - if thing is not None: - print "[%s]" % name - print thing.get_POW().pprint() - -def ud_tester(elt_in, elt_out, msg): - assert isinstance(msg, rpki.up_down.message_pdu) - if isinstance(msg.payload, rpki.up_down.list_response_pdu): - for c in msg.payload.classes: - pprint([(c.certs[i].cert, ("%s certificate #%d" % (c.class_name, i))) for i in xrange(len(c.certs))] + [(c.issuer, ("%s issuer" % c.class_name))]) - -def lr_tester(elt_in, elt_out, msg): - assert isinstance(msg, rpki.left_right.msg) - for obj in msg: - if isinstance(obj, rpki.left_right.self_elt): - pprint(((obj.bpki_cert, "BPKI cert"), - (obj.bpki_glue, "BPKI glue"))) - if isinstance(obj, rpki.left_right.bsc_elt): - pprint(((obj.signing_cert, "Signing certificate"), - (obj.signing_cert_crl, "Signing certificate CRL"))) - # (obj.pkcs10_request, "PKCS #10 request") - if isinstance(obj, rpki.left_right.parent_elt): - pprint(((obj.bpki_cms_cert, "CMS certificate"), - (obj.bpki_cms_glue, "CMS glue"))) - if isinstance(obj, (rpki.left_right.child_elt, rpki.left_right.repository_elt)): - pprint(((obj.bpki_cert, "Certificate"), - (obj.bpki_glue, "Glue"))) - -def pp_tester(elt_in, elt_out, msg): - assert isinstance(msg, rpki.publication.msg) - for obj in msg: - if isinstance(obj, rpki.publication.client_elt): - pprint(((obj.bpki_cert, "BPKI cert"), - (obj.bpki_glue, "BPKI glue"))) - if isinstance(obj, rpki.publication.certificate_elt): - pprint(((obj.payload, "RPKI cert"),)) - if isinstance(obj, rpki.publication.crl_elt): - pprint(((obj.payload, "RPKI CRL"),)) - if isinstance(obj, rpki.publication.manifest_elt): - pprint(((obj.payload, "RPKI manifest"),)) - if isinstance(obj, rpki.publication.roa_elt): - pprint(((obj.payload, "ROA"),)) - -test(fileglob = "up-down-protocol-samples/*.xml", - rng = rpki.relaxng.up_down, - sax_handler = rpki.up_down.sax_handler, - encoding = "utf-8", - tester = ud_tester) - -test(fileglob = "left-right-protocol-samples/*.xml", - rng = rpki.relaxng.left_right, - sax_handler = rpki.left_right.sax_handler, - encoding = "us-ascii", - tester = lr_tester) - -test(fileglob = "publication-protocol-samples/*.xml", - rng = rpki.relaxng.publication, - sax_handler = rpki.publication.sax_handler, - encoding = "us-ascii", - tester = pp_tester) diff --git a/rpkid/tests/yamlconf.py b/rpkid/tests/yamlconf.py deleted file mode 100644 index 3c71d3cd..00000000 --- a/rpkid/tests/yamlconf.py +++ /dev/null @@ -1,794 +0,0 @@ -# $Id$ -# -# Copyright (C) 2013--2014 Dragon Research Labs ("DRL") -# Portions copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notices and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL -# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, -# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -""" -Test configuration tool, using the same YAML test description format -as smoketest.py and yamltest.py, but doing just the IRDB configuration -for a massive testbed, via direct use of the rpki.irdb library code. - -For most purposes, you don't want this, but when building a -configuration for tens or hundreds of thousands of elements, being -able to do the initial configuration stage quickly can help a lot. -""" - -# pylint: disable=W0702,W0621,W0602 - -import subprocess -import re -import os -import sys -import yaml -import time -import argparse -import rpki.resource_set -import rpki.sundial -import rpki.config -import rpki.log -import rpki.csv_utils -import rpki.x509 -import rpki.sql_schemas - -from rpki.mysql_import import MySQLdb - -section_regexp = re.compile(r"\s*\[\s*(.+?)\s*\]\s*$") -variable_regexp = re.compile(r"\s*([-a-zA-Z0-9_]+)\s*=\s*(.+?)\s*$") - -flat_publication = False -only_one_pubd = True -yaml_file = None -loopback = False -quiet = False -dns_suffix = None -mysql_rootuser = None -mysql_rootpass = None -publication_base = None -publication_root = None - -# The SQL username mismatch between rpkid/examples/rpki.conf and -# rpkid/tests/smoketest.setup.sql is completely stupid and really -# should be cleaned up at some point...but not today, at least not as -# part of writing this program. These default values are wired into -# yamltest to match smoketest.setup.sql, so wire them in here too but -# in a more obvious way. - -config_overrides = { - "irdbd_sql_username" : "irdb", "irdbd_sql_password" : "fnord", - "rpkid_sql_username" : "rpki", "rpkid_sql_password" : "fnord", - "pubd_sql_username" : "pubd", "pubd_sql_password" : "fnord" } - -def cleanpath(*names): - return os.path.normpath(os.path.join(*names)) - -this_dir = os.getcwd() -test_dir = None -rpki_conf = None - -class roa_request(object): - """ - Representation of a ROA request. - """ - - def __init__(self, asn, ipv4, ipv6): - self.asn = asn - self.v4 = rpki.resource_set.roa_prefix_set_ipv4("".join(ipv4.split())) if ipv4 else None - self.v6 = rpki.resource_set.roa_prefix_set_ipv6("".join(ipv6.split())) if ipv6 else None - - def __eq__(self, other): - return self.asn == other.asn and self.v4 == other.v4 and self.v6 == other.v6 - - def __hash__(self): - v4 = tuple(self.v4) if self.v4 is not None else None - v6 = tuple(self.v6) if self.v6 is not None else None - return self.asn.__hash__() + v4.__hash__() + v6.__hash__() - - def __str__(self): - if self.v4 and self.v6: - return "%s: %s,%s" % (self.asn, self.v4, self.v6) - else: - return "%s: %s" % (self.asn, self.v4 or self.v6) - - @classmethod - def parse(cls, y): - return cls(y.get("asn"), y.get("ipv4"), y.get("ipv6")) - -class allocation_db(list): - """ - Allocation database. - """ - - def __init__(self, y): - list.__init__(self) - self.root = allocation(y, self) - assert self.root.is_root - if self.root.crl_interval is None: - self.root.crl_interval = 60 * 60 - if self.root.regen_margin is None: - self.root.regen_margin = 24 * 60 * 60 - if self.root.base.valid_until is None: - self.root.base.valid_until = rpki.sundial.now() + rpki.sundial.timedelta(days = 2) - for a in self: - if a.base.valid_until is None: - a.base.valid_until = a.parent.base.valid_until - if a.crl_interval is None: - a.crl_interval = a.parent.crl_interval - if a.regen_margin is None: - a.regen_margin = a.parent.regen_margin - self.root.closure() - self.map = dict((a.name, a) for a in self) - for a in self: - if a.is_hosted: - a.hosted_by = self.map[a.hosted_by] - a.hosted_by.hosts.append(a) - assert not a.is_root and not a.hosted_by.is_hosted - - def dump(self): - for a in self: - a.dump() - - -class allocation(object): - """ - One entity in our allocation database. Every entity in the database - is assumed to hold resources. Entities that don't have the - hosted_by property run their own copies of rpkid, irdbd, and pubd. - """ - - base_port = 4400 - base_engine = -1 - parent = None - crl_interval = None - regen_margin = None - engine = -1 - rpkid_port = 4404 - irdbd_port = 4403 - pubd_port = 4402 - rootd_port = 4401 - rsync_port = 873 - - @classmethod - def allocate_port(cls): - cls.base_port += 1 - return cls.base_port - - @classmethod - def allocate_engine(cls): - cls.base_engine += 1 - return cls.base_engine - - def __init__(self, y, db, parent = None): - db.append(self) - self.name = y["name"] - self.parent = parent - self.kids = [allocation(k, db, self) for k in y.get("kids", ())] - valid_until = None - if "valid_until" in y: - valid_until = rpki.sundial.datetime.from_datetime(y.get("valid_until")) - if valid_until is None and "valid_for" in y: - valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(y["valid_for"]) - self.base = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as(y.get("asn")), - v4 = rpki.resource_set.resource_set_ipv4(y.get("ipv4")), - v6 = rpki.resource_set.resource_set_ipv6(y.get("ipv6")), - valid_until = valid_until) - if "crl_interval" in y: - self.crl_interval = rpki.sundial.timedelta.parse(y["crl_interval"]).convert_to_seconds() - if "regen_margin" in y: - self.regen_margin = rpki.sundial.timedelta.parse(y["regen_margin"]).convert_to_seconds() - if "ghostbusters" in y: - self.ghostbusters = y.get("ghostbusters") - elif "ghostbuster" in y: - self.ghostbusters = [y.get("ghostbuster")] - else: - self.ghostbusters = [] - self.roa_requests = [roa_request.parse(r) for r in y.get("roa_request", ())] - for r in self.roa_requests: - if r.v4: - self.base.v4 |= r.v4.to_resource_set() - if r.v6: - self.base.v6 |= r.v6.to_resource_set() - self.hosted_by = y.get("hosted_by") - self.hosts = [] - if not self.is_hosted: - self.engine = self.allocate_engine() - if loopback and not self.is_hosted: - self.rpkid_port = self.allocate_port() - self.irdbd_port = self.allocate_port() - if loopback and self.runs_pubd: - self.pubd_port = self.allocate_port() - self.rsync_port = self.allocate_port() - if loopback and self.is_root: - self.rootd_port = self.allocate_port() - - def closure(self): - resources = self.base - for kid in self.kids: - resources |= kid.closure() - self.resources = resources - return resources - - @property - def hostname(self): - if loopback: - return "localhost" - elif dns_suffix: - return self.name + "." + dns_suffix.lstrip(".") - else: - return self.name - - @property - def rsync_server(self): - if loopback: - return "%s:%s" % (self.pubd.hostname, self.pubd.rsync_port) - else: - return self.pubd.hostname - - def dump(self): - if not quiet: - print str(self) - - def __str__(self): - s = self.name + ":\n" - if self.resources.asn: s += " ASNs: %s\n" % self.resources.asn - if self.resources.v4: s += " IPv4: %s\n" % self.resources.v4 - if self.resources.v6: s += " IPv6: %s\n" % self.resources.v6 - if self.kids: s += " Kids: %s\n" % ", ".join(k.name for k in self.kids) - if self.parent: s += " Up: %s\n" % self.parent.name - if self.is_hosted: s += " Host: %s\n" % self.hosted_by.name - if self.hosts: s += " Hosts: %s\n" % ", ".join(h.name for h in self.hosts) - for r in self.roa_requests: s += " ROA: %s\n" % r - if not self.is_hosted: s += " IPort: %s\n" % self.irdbd_port - if self.runs_pubd: s += " PPort: %s\n" % self.pubd_port - if not self.is_hosted: s += " RPort: %s\n" % self.rpkid_port - if self.runs_pubd: s += " SPort: %s\n" % self.rsync_port - if self.is_root: s += " TPort: %s\n" % self.rootd_port - return s + " Until: %s\n" % self.resources.valid_until - - @property - def is_root(self): - return self.parent is None - - @property - def is_hosted(self): - return self.hosted_by is not None - - @property - def runs_pubd(self): - return self.is_root or not (self.is_hosted or only_one_pubd) - - def path(self, *names): - return cleanpath(test_dir, self.host.name, *names) - - def csvout(self, fn): - path = self.path(fn) - if not quiet: - print "Writing", path - return rpki.csv_utils.csv_writer(path) - - def up_down_url(self): - return "http://%s:%d/up-down/%s/%s" % (self.parent.host.hostname, - self.parent.host.rpkid_port, - self.parent.name, - self.name) - - def dump_asns(self, fn): - with self.csvout(fn) as f: - for k in self.kids: - f.writerows((k.name, a) for a in k.resources.asn) - - def dump_prefixes(self, fn): - with self.csvout(fn) as f: - for k in self.kids: - f.writerows((k.name, p) for p in (k.resources.v4 + k.resources.v6)) - - def dump_roas(self, fn): - with self.csvout(fn) as f: - for g1, r in enumerate(self.roa_requests): - f.writerows((p, r.asn, "G%08d%08d" % (g1, g2)) - for g2, p in enumerate((r.v4 + r.v6 if r.v4 and r.v6 else r.v4 or r.v6 or ()))) - - def dump_ghostbusters(self, fn): - if self.ghostbusters: - path = self.path(fn) - if not quiet: - print "Writing", path - with open(path, "w") as f: - for i, g in enumerate(self.ghostbusters): - if i > 0: - f.write("\n") - f.write(g) - - @property - def pubd(self): - s = self - while not s.runs_pubd: - s = s.parent - return s - - @property - def client_handle(self): - path = [] - s = self - if not flat_publication: - while not s.runs_pubd: - path.append(s) - s = s.parent - path.append(s) - return ".".join(i.name for i in reversed(path)) - - @property - def host(self): - return self.hosted_by or self - - @property - def publication_base_directory(self): - if not loopback and publication_base is not None: - return publication_base - else: - return self.path("publication") - - @property - def publication_root_directory(self): - if not loopback and publication_root is not None: - return publication_root - else: - return self.path("publication.root") - - def dump_conf(self): - - r = dict( - handle = self.name, - run_rpkid = str(not self.is_hosted), - run_pubd = str(self.runs_pubd), - run_rootd = str(self.is_root), - irdbd_sql_username = "irdb", - rpkid_sql_username = "rpki", - rpkid_server_host = self.hostname, - rpkid_server_port = str(self.rpkid_port), - irdbd_server_host = "localhost", - irdbd_server_port = str(self.irdbd_port), - rootd_server_port = str(self.rootd_port), - pubd_sql_username = "pubd", - pubd_server_host = self.pubd.hostname, - pubd_server_port = str(self.pubd.pubd_port), - publication_rsync_server = self.rsync_server) - - if loopback: - r.update( - irdbd_sql_database = self.irdb_name, - rpkid_sql_database = "rpki%d" % self.engine, - pubd_sql_database = "pubd%d" % self.engine, - bpki_servers_directory = self.path(), - publication_base_directory = self.publication_base_directory) - - r.update(config_overrides) - - with open(self.path("rpki.conf"), "w") as f: - f.write("# Automatically generated, do not edit\n") - if not quiet: - print "Writing", f.name - - section = None - for line in open(rpki_conf): - m = section_regexp.match(line) - if m: - section = m.group(1) - m = variable_regexp.match(line) - option = m.group(1) if m and section == "myrpki" else None - if option and option in r: - line = "%s = %s\n" % (option, r[option]) - f.write(line) - - def dump_rsyncd(self): - lines = [] - if self.runs_pubd: - lines.extend(( - "# Automatically generated, do not edit", - "port = %d" % self.rsync_port, - "address = %s" % self.hostname, - "log file = rsyncd.log", - "read only = yes", - "use chroot = no", - "[rpki]", - "path = %s" % self.publication_base_directory, - "comment = RPKI test")) - if self.is_root: - assert self.runs_pubd - lines.extend(( - "[root]", - "path = %s" % self.publication_root_directory, - "comment = RPKI test root")) - if lines: - with open(self.path("rsyncd.conf"), "w") as f: - if not quiet: - print "Writing", f.name - f.writelines(line + "\n" for line in lines) - - @property - def irdb_name(self): - return "irdb%d" % self.host.engine - - @property - def irdb(self): - prior_name = self.zoo.handle - return rpki.irdb.database( - self.irdb_name, - on_entry = lambda: self.zoo.reset_identity(self.name), - on_exit = lambda: self.zoo.reset_identity(prior_name)) - - def syncdb(self): - import django.core.management - assert not self.is_hosted - django.core.management.call_command("syncdb", - database = self.irdb_name, - load_initial_data = False, - interactive = False, - verbosity = 0) - - def hire_zookeeper(self): - assert not self.is_hosted - self._zoo = rpki.irdb.Zookeeper( - cfg = rpki.config.parser(self.path("rpki.conf")), - logstream = None if quiet else sys.stdout) - - @property - def zoo(self): - return self.host._zoo - - def dump_root(self): - - assert self.is_root and not self.is_hosted - - root_resources = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as("0-4294967295"), - v4 = rpki.resource_set.resource_set_ipv4("0.0.0.0/0"), - v6 = rpki.resource_set.resource_set_ipv6("::/0")) - - root_key = rpki.x509.RSA.generate(quiet = True) - - root_uri = "rsync://%s/rpki/" % self.rsync_server - - root_sia = (root_uri, root_uri + "root.mft", None) - - root_cert = rpki.x509.X509.self_certify( - keypair = root_key, - subject_key = root_key.get_public(), - serial = 1, - sia = root_sia, - notAfter = rpki.sundial.now() + rpki.sundial.timedelta(days = 365), - resources = root_resources) - - with open(self.path("publication.root", "root.cer"), "wb") as f: - f.write(root_cert.get_DER()) - - with open(self.path("root.key"), "wb") as f: - f.write(root_key.get_DER()) - - with open(cleanpath(test_dir, "root.tal"), "w") as f: - f.write("rsync://%s/root/root.cer\n\n%s" % ( - self.rsync_server, root_key.get_public().get_Base64())) - - def mkdir(self, *path): - path = self.path(*path) - if not quiet: - print "Creating directory", path - os.makedirs(path) - - def dump_sql(self): - if not self.is_hosted: - with open(self.path("rpkid.sql"), "w") as f: - if not quiet: - print "Writing", f.name - f.write(rpki.sql_schemas.rpkid) - if self.runs_pubd: - with open(self.path("pubd.sql"), "w") as f: - if not quiet: - print "Writing", f.name - f.write(rpki.sql_schemas.pubd) - if not self.is_hosted: - username = config_overrides["irdbd_sql_username"] - password = config_overrides["irdbd_sql_password"] - cmd = ("mysqldump", "-u", username, "-p" + password, self.irdb_name) - with open(self.path("irdbd.sql"), "w") as f: - if not quiet: - print "Writing", f.name - subprocess.check_call(cmd, stdout = f) - - -def pre_django_sql_setup(needed): - - username = config_overrides["irdbd_sql_username"] - password = config_overrides["irdbd_sql_password"] - - # If we have the MySQL root password, just blow away and recreate - # the required databases. Otherwise, check for missing databases, - # then blow away all tables in the required databases. In either - # case, we assume that the Django syncdb code will populate - # databases as necessary, all we need to do here is provide empty - # databases for the Django code to fill in. - - if mysql_rootpass is not None: - if mysql_rootpass: - db = MySQLdb.connect(user = mysql_rootuser, passwd = mysql_rootpass) - else: - db = MySQLdb.connect(user = mysql_rootuser) - cur = db.cursor() - for database in needed: - try: - cur.execute("DROP DATABASE IF EXISTS %s" % database) - except: - pass - cur.execute("CREATE DATABASE %s" % database) - cur.execute("GRANT ALL ON %s.* TO %s@localhost IDENTIFIED BY %%s" % ( - database, username), (password,)) - - else: - db = MySQLdb.connect(user = username, passwd = password) - cur = db.cursor() - cur.execute("SHOW DATABASES") - existing = set(r[0] for r in cur.fetchall()) - if needed - existing: - sys.stderr.write("The following databases are missing:\n") - for database in sorted(needed - existing): - sys.stderr.write(" %s\n" % database) - sys.stderr.write("Please create them manually or put MySQL root password in my config file\n") - sys.exit("Missing databases and MySQL root password not known, can't continue") - for database in needed: - db.select_db(database) - cur.execute("SHOW TABLES") - tables = [r[0] for r in cur.fetchall()] - cur.execute("SET foreign_key_checks = 0") - for table in tables: - cur.execute("DROP TABLE %s" % table) - cur.execute("SET foreign_key_checks = 1") - - cur.close() - db.commit() - db.close() - -class timestamp(object): - - def __init__(self, *args): - self.count = 0 - self.start = self.tick = rpki.sundial.now() - - def __call__(self, *args): - now = rpki.sundial.now() - if not quiet: - print "[Count %s last %s total %s now %s]" % ( - self.count, now - self.tick, now - self.start, now) - self.tick = now - self.count += 1 - - -def main(): - - global flat_publication - global config_overrides - global only_one_pubd - global loopback - global dns_suffix - global mysql_rootuser - global mysql_rootpass - global yaml_file - global test_dir - global rpki_conf - global publication_base - global publication_root - global quiet - - os.environ["TZ"] = "UTC" - time.tzset() - - parser = argparse.ArgumentParser(description = "yamlconf") - parser.add_argument("-c", "--config", help = "configuration file") - parser.add_argument("--dns_suffix", - help = "DNS suffix to add to hostnames") - parser.add_argument("-l", "--loopback", action = "store_true", - help = "Configure for use with yamltest on localhost") - parser.add_argument("-f", "--flat_publication", action = "store_true", - help = "Use flat publication model") - parser.add_argument("-q", "--quiet", action = "store_true", - help = "Work more quietly") - parser.add_argument("--profile", - help = "Filename for profile output") - parser.add_argument("yaml_file", type = argparse.FileType("r"), - help = "YAML file describing network to build") - args = parser.parse_args() - - dns_suffix = args.dns_suffix - loopback = args.loopback - flat_publication = args.flat_publication - quiet = args.quiet - yaml_file = args.yaml_file - - rpki.log.init("yamlconf", use_syslog = False) - - # Allow optional config file for this tool to override default - # passwords: this is mostly so that I can show a complete working - # example without publishing my own server's passwords. - - cfg = rpki.config.parser(args.config, "yamlconf", allow_missing = True) - try: - cfg.set_global_flags() - except: - pass - - # Use of "yamltest.dir" is deliberate: intent is for what we write to - # be usable with "yamltest --skip_config". - - only_one_pubd = cfg.getboolean("only_one_pubd", True) - test_dir = cfg.get("test_directory", cleanpath(this_dir, "yamltest.dir")) - rpki_conf = cfg.get("rpki_conf", cleanpath(this_dir, "..", "examples/rpki.conf")) - mysql_rootuser = cfg.get("mysql_rootuser", "root") - - try: - mysql_rootpass = cfg.get("mysql_rootpass") - except: - pass - - try: - publication_base = cfg.get("publication_base") - except: - pass - - try: - publication_root = cfg.get("publication_root") - except: - pass - - for k in ("rpkid_sql_password", "irdbd_sql_password", "pubd_sql_password", - "rpkid_sql_username", "irdbd_sql_username", "pubd_sql_username"): - if cfg.has_option(k): - config_overrides[k] = cfg.get(k) - - if args.profile: - import cProfile - prof = cProfile.Profile() - try: - prof.runcall(body) - finally: - prof.dump_stats(args.profile) - if not quiet: - print - print "Dumped profile data to %s" % args.profile - else: - body() - -def body(): - - global rpki - - ts = timestamp() - - for root, dirs, files in os.walk(test_dir, topdown = False): - for fn in files: - os.unlink(os.path.join(root, fn)) - for d in dirs: - os.rmdir(os.path.join(root, d)) - - if not quiet: - print - print "Reading YAML", yaml_file.name - - db = allocation_db(yaml.safe_load_all(yaml_file).next()) - - # Show what we loaded - - #db.dump() - - # Do pre-Django SQL setup - - pre_django_sql_setup(set(d.irdb_name for d in db if not d.is_hosted)) - - # Now ready for fun with multiple databases in Django! - - # https://docs.djangoproject.com/en/1.4/topics/db/multi-db/ - # https://docs.djangoproject.com/en/1.4/topics/db/sql/ - - database_template = { - "ENGINE" : "django.db.backends.mysql", - "USER" : config_overrides["irdbd_sql_username"], - "PASSWORD" : config_overrides["irdbd_sql_password"], - "HOST" : "", - "PORT" : "", - "OPTIONS" : { "init_command": "SET storage_engine=INNODB" }} - - databases = dict((d.irdb_name, - dict(database_template, NAME = d.irdb_name)) - for d in db if not d.is_hosted) - - databases["default"] = databases[db.root.irdb_name] - - from django.conf import settings - - settings.configure( - DATABASES = databases, - DATABASE_ROUTERS = ["rpki.irdb.router.DBContextRouter"], - INSTALLED_APPS = ("rpki.irdb",)) - - import rpki.irdb - - rpki.irdb.models.ca_certificate_lifetime = rpki.sundial.timedelta(days = 3652 * 2) - rpki.irdb.models.ee_certificate_lifetime = rpki.sundial.timedelta(days = 3652) - - ts() - - for d in db: - if not quiet: - print - print "Configuring", d.name - - if not d.is_hosted: - d.mkdir() - if d.runs_pubd: - d.mkdir("publication") - if d.is_root: - d.mkdir("publication.root") - - if not d.is_hosted: - d.dump_conf() - d.dump_rsyncd() - - d.dump_asns("%s.asns.csv" % d.name) - d.dump_prefixes("%s.prefixes.csv" % d.name) - d.dump_roas("%s.roas.csv" % d.name) - d.dump_ghostbusters("%s.ghostbusters.vcard" % d.name) - - if not d.is_hosted: - if not quiet: - print "Initializing SQL" - d.syncdb() - if not quiet: - print "Hiring zookeeper" - d.hire_zookeeper() - - with d.irdb: - if not quiet: - print "Creating identity" - x = d.zoo.initialize() - - if d.is_root: - if not quiet: - print "Creating RPKI root certificate and TAL" - d.dump_root() - x = d.zoo.configure_rootd() - - else: - with d.parent.irdb: - x = d.parent.zoo.configure_child(x.file)[0] - x = d.zoo.configure_parent(x.file)[0] - - with d.pubd.irdb: - x = d.pubd.zoo.configure_publication_client(x.file, flat = flat_publication)[0] - d.zoo.configure_repository(x.file) - - if loopback and not d.is_hosted: - with d.irdb: - d.zoo.write_bpki_files() - - ts() - - if not loopback: - if not quiet: - print - for d in db: - d.dump_sql() - -if __name__ == "__main__": - main() diff --git a/rpkid/tests/yamltest-test-all.sh b/rpkid/tests/yamltest-test-all.sh deleted file mode 100644 index 8daea04e..00000000 --- a/rpkid/tests/yamltest-test-all.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/sh - -# $Id$ - -# Copyright (C) 2009-2013 Internet Systems Consortium ("ISC") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -set -x - -export TZ=UTC - -test -z "$STY" && exec screen -L sh $0 - -screen -X split -screen -X focus - -: ${runtime=900} - -for yaml in smoketest.*.yaml -do - settitle "$yaml: Starting" - rm -rf test rcynic-data - python sql-cleaner.py - now=$(date +%s) - finish=$(($now + $runtime)) - title="$yaml: will finish at $(date -r $finish)" - settitle "$title" - screen sh -c "settitle '$title'; exec python yamltest.py -p yamltest.pid $yaml" - date - sleep 180 - date - while test $(date +%s) -lt $finish - do - sleep 30 - date - ../../rcynic/rcynic - ../../rcynic/rcynic-text rcynic.xml - ../../utils/scan_roas/scan_roas rcynic-data/authenticated - date - echo "$title" - done - if test -r yamltest.pid - then - kill -INT $(cat yamltest.pid) - sleep 30 - fi - make backup -done diff --git a/rpkid/tests/yamltest.py b/rpkid/tests/yamltest.py deleted file mode 100644 index 5eb3bd2f..00000000 --- a/rpkid/tests/yamltest.py +++ /dev/null @@ -1,875 +0,0 @@ -#!/usr/bin/env python - -""" -Test framework, using the same YAML test description format as -smoketest.py, but using the rpkic.py tool to do all the back-end -work. Reads YAML file, generates .csv and .conf files, runs daemons -and waits for one of them to exit. -""" - -# $Id$ -# -# Copyright (C) 2013--2014 Dragon Research Labs ("DRL") -# Portions copyright (C) 2009--2012 Internet Systems Consortium ("ISC") -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notices and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL -# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, -# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -# Much of the YAML handling code lifted from smoketest.py. -# -# Still to do: -# -# - Implement smoketest.py-style delta actions, that is, modify the -# allocation database under control of the YAML file, dump out new -# .csv files, and run rpkic.py again to feed resulting changes into -# running daemons. -# - -# pylint: disable=W0702,W0621 - -import subprocess -import re -import os -import argparse -import sys -import yaml -import signal -import time -import lxml.etree -import rpki.resource_set -import rpki.sundial -import rpki.config -import rpki.log -import rpki.csv_utils -import rpki.x509 -import rpki.relaxng - -# Nasty regular expressions for parsing config files. Sadly, while -# the Python ConfigParser supports writing config files, it does so in -# such a limited way that it's easier just to hack this ourselves. - -section_regexp = re.compile(r"\s*\[\s*(.+?)\s*\]\s*$") -variable_regexp = re.compile(r"\s*([-a-zA-Z0-9_]+)\s*=\s*(.+?)\s*$") - -def cleanpath(*names): - """ - Construct normalized pathnames. - """ - return os.path.normpath(os.path.join(*names)) - -# Pathnames for various things we need - -this_dir = os.getcwd() -test_dir = cleanpath(this_dir, "yamltest.dir") -rpkid_dir = cleanpath(this_dir, "..") - -prog_rpkic = cleanpath(rpkid_dir, "rpkic") -prog_rpkid = cleanpath(rpkid_dir, "rpkid") -prog_irdbd = cleanpath(rpkid_dir, "irdbd") -prog_pubd = cleanpath(rpkid_dir, "pubd") -prog_rootd = cleanpath(rpkid_dir, "rootd") - -class roa_request(object): - """ - Representation of a ROA request. - """ - - def __init__(self, asn, ipv4, ipv6): - self.asn = asn - self.v4 = rpki.resource_set.roa_prefix_set_ipv4("".join(ipv4.split())) if ipv4 else None - self.v6 = rpki.resource_set.roa_prefix_set_ipv6("".join(ipv6.split())) if ipv6 else None - - def __eq__(self, other): - return self.asn == other.asn and self.v4 == other.v4 and self.v6 == other.v6 - - def __hash__(self): - v4 = tuple(self.v4) if self.v4 is not None else None - v6 = tuple(self.v6) if self.v6 is not None else None - return self.asn.__hash__() + v4.__hash__() + v6.__hash__() - - def __str__(self): - if self.v4 and self.v6: - return "%s: %s,%s" % (self.asn, self.v4, self.v6) - else: - return "%s: %s" % (self.asn, self.v4 or self.v6) - - @classmethod - def parse(cls, y): - """ - Parse a ROA request from YAML format. - """ - return cls(y.get("asn"), y.get("ipv4"), y.get("ipv6")) - - -class router_cert(object): - """ - Representation for a router_cert object. - """ - - _ecparams = None - - @classmethod - def ecparams(cls): - if cls._ecparams is None: - cls._ecparams = rpki.x509.KeyParams.generateEC() - return cls._ecparams - - def __init__(self, asn, router_id): - self.asn = rpki.resource_set.resource_set_as("".join(str(asn).split())) - self.router_id = router_id - self.keypair = rpki.x509.ECDSA.generate(self.ecparams()) - self.pkcs10 = rpki.x509.PKCS10.create(keypair = self.keypair) - self.gski = self.pkcs10.gSKI() - - def __eq__(self, other): - return self.asn == other.asn and self.router_id == other.router_id and self.gski == other.gski - - def __hash__(self): - v6 = tuple(self.v6) if self.v6 is not None else None - return tuple(self.asn).__hash__() + self.router_id.__hash__() + self.gski.__hash__() - - def __str__(self): - return "%s: %s: %s" % (self.asn, self.router_id, self.gski) - - @classmethod - def parse(cls, yaml): - return cls(yaml.get("asn"), yaml.get("router_id")) - -class allocation_db(list): - """ - Our allocation database. - """ - - def __init__(self, yaml): - list.__init__(self) - self.root = allocation(yaml, self) - assert self.root.is_root - if self.root.crl_interval is None: - self.root.crl_interval = 60 * 60 - if self.root.regen_margin is None: - self.root.regen_margin = 24 * 60 * 60 - if self.root.base.valid_until is None: - self.root.base.valid_until = rpki.sundial.now() + rpki.sundial.timedelta(days = 2) - for a in self: - if a.base.valid_until is None: - a.base.valid_until = a.parent.base.valid_until - if a.crl_interval is None: - a.crl_interval = a.parent.crl_interval - if a.regen_margin is None: - a.regen_margin = a.parent.regen_margin - self.root.closure() - self.map = dict((a.name, a) for a in self) - for a in self: - if a.is_hosted: - a.hosted_by = self.map[a.hosted_by] - a.hosted_by.hosts.append(a) - assert not a.is_root and not a.hosted_by.is_hosted - - def dump(self): - """ - Show contents of allocation database. - """ - for a in self: - a.dump() - - -class allocation(object): - """ - One entity in our allocation database. Every entity in the database - is assumed to hold resources, so needs at least rpkic services. - Entities that don't have the hosted_by property run their own copies - of rpkid, irdbd, and pubd, so they also need myirbe services. - """ - - base_port = None - parent = None - crl_interval = None - regen_margin = None - rootd_port = None - engine = -1 - rpkid_port = -1 - irdbd_port = -1 - pubd_port = -1 - rsync_port = -1 - rootd_port = -1 - rpkic_counter = 0L - - @classmethod - def allocate_port(cls): - """ - Allocate a TCP port. - """ - cls.base_port += 1 - return cls.base_port - - base_engine = -1 - - @classmethod - def allocate_engine(cls): - """ - Allocate an engine number, mostly used to construct MySQL database - names. - """ - cls.base_engine += 1 - return cls.base_engine - - def __init__(self, yaml, db, parent = None): - db.append(self) - self.name = yaml["name"] - self.parent = parent - self.kids = [allocation(k, db, self) for k in yaml.get("kids", ())] - valid_until = None - if "valid_until" in yaml: - valid_until = rpki.sundial.datetime.from_datetime(yaml.get("valid_until")) - if valid_until is None and "valid_for" in yaml: - valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(yaml["valid_for"]) - self.base = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as(yaml.get("asn")), - v4 = rpki.resource_set.resource_set_ipv4(yaml.get("ipv4")), - v6 = rpki.resource_set.resource_set_ipv6(yaml.get("ipv6")), - valid_until = valid_until) - if "crl_interval" in yaml: - self.crl_interval = rpki.sundial.timedelta.parse(yaml["crl_interval"]).convert_to_seconds() - if "regen_margin" in yaml: - self.regen_margin = rpki.sundial.timedelta.parse(yaml["regen_margin"]).convert_to_seconds() - self.roa_requests = [roa_request.parse(y) for y in yaml.get("roa_request", yaml.get("route_origin", ()))] - self.router_certs = [router_cert.parse(y) for y in yaml.get("router_cert", ())] - if "ghostbusters" in yaml: - self.ghostbusters = yaml.get("ghostbusters") - elif "ghostbuster" in yaml: - self.ghostbusters = [yaml.get("ghostbuster")] - else: - self.ghostbusters = [] - for r in self.roa_requests: - if r.v4: - self.base.v4 |= r.v4.to_resource_set() - if r.v6: - self.base.v6 |= r.v6.to_resource_set() - for r in self.router_certs: - self.base.asn |= r.asn - self.hosted_by = yaml.get("hosted_by") - self.hosts = [] - if not self.is_hosted: - self.engine = self.allocate_engine() - self.rpkid_port = self.allocate_port() - self.irdbd_port = self.allocate_port() - if self.runs_pubd: - self.pubd_port = self.allocate_port() - self.rsync_port = self.allocate_port() - if self.is_root: - self.rootd_port = self.allocate_port() - - def closure(self): - """ - Compute resource closure of this node and its children, to avoid a - lot of tedious (and error-prone) duplication in the YAML file. - """ - resources = self.base - for kid in self.kids: - resources |= kid.closure() - self.resources = resources - return resources - - def dump(self): - """ - Show content of this allocation node. - """ - print str(self) - - def __str__(self): - s = self.name + ":\n" - if self.resources.asn: s += " ASNs: %s\n" % self.resources.asn - if self.resources.v4: s += " IPv4: %s\n" % self.resources.v4 - if self.resources.v6: s += " IPv6: %s\n" % self.resources.v6 - if self.kids: s += " Kids: %s\n" % ", ".join(k.name for k in self.kids) - if self.parent: s += " Up: %s\n" % self.parent.name - if self.is_hosted: s += " Host: %s\n" % self.hosted_by.name - if self.hosts: s += " Hosts: %s\n" % ", ".join(h.name for h in self.hosts) - for r in self.roa_requests: s += " ROA: %s\n" % r - if not self.is_hosted: s += " IPort: %s\n" % self.irdbd_port - if self.runs_pubd: s += " PPort: %s\n" % self.pubd_port - if not self.is_hosted: s += " RPort: %s\n" % self.rpkid_port - if self.runs_pubd: s += " SPort: %s\n" % self.rsync_port - if self.is_root: s += " TPort: %s\n" % self.rootd_port - return s + " Until: %s\n" % self.resources.valid_until - - @property - def is_root(self): - """ - Is this the root node? - """ - return self.parent is None - - @property - def is_hosted(self): - """ - Is this entity hosted? - """ - return self.hosted_by is not None - - @property - def runs_pubd(self): - """ - Does this entity run a pubd? - """ - return self.is_root or not (self.is_hosted or only_one_pubd) - - def path(self, *names): - """ - Construct pathnames in this entity's test directory. - """ - return cleanpath(test_dir, self.host.name, *names) - - def csvout(self, fn): - """ - Open and log a CSV output file. - """ - path = self.path(fn) - print "Writing", path - return rpki.csv_utils.csv_writer(path) - - def up_down_url(self): - """ - Construct service URL for this node's parent. - """ - return "http://localhost:%d/up-down/%s/%s" % (self.parent.host.rpkid_port, - self.parent.name, - self.name) - - def dump_asns(self): - """ - Write Autonomous System Numbers CSV file. - """ - fn = "%s.asns.csv" % d.name - if not args.skip_config: - f = self.csvout(fn) - for k in self.kids: - f.writerows((k.name, a) for a in k.resources.asn) - f.close() - if not args.stop_after_config: - self.run_rpkic("load_asns", fn) - - def dump_prefixes(self): - """ - Write prefixes CSV file. - """ - fn = "%s.prefixes.csv" % d.name - if not args.skip_config: - f = self.csvout(fn) - for k in self.kids: - f.writerows((k.name, p) for p in (k.resources.v4 + k.resources.v6)) - f.close() - if not args.stop_after_config: - self.run_rpkic("load_prefixes", fn) - - def dump_roas(self): - """ - Write ROA CSV file. - """ - fn = "%s.roas.csv" % d.name - if not args.skip_config: - f = self.csvout(fn) - for g1, r in enumerate(self.roa_requests): - f.writerows((p, r.asn, "G%08d%08d" % (g1, g2)) - for g2, p in enumerate((r.v4 + r.v6 if r.v4 and r.v6 else r.v4 or r.v6 or ()))) - f.close() - if not args.stop_after_config: - self.run_rpkic("load_roa_requests", fn) - - def dump_ghostbusters(self): - """ - Write Ghostbusters vCard file. - """ - if self.ghostbusters: - fn = "%s.ghostbusters.vcard" % d.name - if not args.skip_config: - path = self.path(fn) - print "Writing", path - f = open(path, "w") - for i, g in enumerate(self.ghostbusters): - if i: - f.write("\n") - f.write(g) - f.close() - if not args.stop_after_config: - self.run_rpkic("load_ghostbuster_requests", fn) - - def dump_router_certificates(self): - """ - Write EE certificates (router certificates, etc). - """ - if self.router_certs: - fn = "%s.routercerts.xml" % d.name - if not args.skip_config: - path = self.path(fn) - print "Writing", path - xmlns = "{http://www.hactrn.net/uris/rpki/router-certificate/}" - xml = lxml.etree.Element(xmlns + "router_certificate_requests", version = "1") - for r in self.router_certs: - x = lxml.etree.SubElement(xml, xmlns + "router_certificate_request", - router_id = str(r.router_id), - asn = str(r.asn), - valid_until = str(self.resources.valid_until)) - x.text = r.pkcs10.get_Base64() - rpki.relaxng.router_certificate.assertValid(xml) - lxml.etree.ElementTree(xml).write(path, pretty_print = True) - if not args.stop_after_config: - self.run_rpkic("add_router_certificate_request", fn) - - @property - def pubd(self): - """ - Walk up tree until we find somebody who runs pubd. - """ - s = self - while not s.runs_pubd: - s = s.parent - return s - - @property - def client_handle(self): - """ - Work out what pubd configure_publication_client will call us. - """ - path = [] - s = self - if not args.flat_publication: - while not s.runs_pubd: - path.append(s) - s = s.parent - path.append(s) - return ".".join(i.name for i in reversed(path)) - - @property - def host(self): - return self.hosted_by or self - - def dump_conf(self): - """ - Write configuration file for OpenSSL and RPKI tools. - """ - - r = dict( - handle = self.name, - run_rpkid = str(not self.is_hosted), - run_pubd = str(self.runs_pubd), - run_rootd = str(self.is_root), - irdbd_sql_database = "irdb%d" % self.engine, - irdbd_sql_username = "irdb", - rpkid_sql_database = "rpki%d" % self.engine, - rpkid_sql_username = "rpki", - rpkid_server_host = "localhost", - rpkid_server_port = str(self.rpkid_port), - irdbd_server_host = "localhost", - irdbd_server_port = str(self.irdbd_port), - rootd_server_port = str(self.rootd_port), - pubd_sql_database = "pubd%d" % self.engine, - pubd_sql_username = "pubd", - pubd_server_host = "localhost", - pubd_server_port = str(self.pubd.pubd_port), - publication_rsync_server = "localhost:%s" % self.pubd.rsync_port, - bpki_servers_directory = self.path(), - publication_base_directory = self.path("publication"), - shared_sql_password = "fnord") - - r.update(config_overrides) - - f = open(self.path("rpki.conf"), "w") - f.write("# Automatically generated, do not edit\n") - print "Writing", f.name - - section = None - for line in open(cleanpath(rpkid_dir, "examples/rpki.conf")): - m = section_regexp.match(line) - if m: - section = m.group(1) - m = variable_regexp.match(line) - option = m.group(1) if m and section == "myrpki" else None - if option and option in r: - line = "%s = %s\n" % (option, r[option]) - f.write(line) - - f.close() - - def dump_rsyncd(self): - """ - Write rsyncd configuration file. - """ - - if self.runs_pubd: - f = open(self.path("rsyncd.conf"), "w") - print "Writing", f.name - f.writelines(s + "\n" for s in - ("# Automatically generated, do not edit", - "port = %d" % self.rsync_port, - "address = localhost", - "[rpki]", - "log file = rsyncd.log", - "read only = yes", - "use chroot = no", - "path = %s" % self.path("publication"), - "comment = RPKI test", - "[root]", - "log file = rsyncd_root.log", - "read only = yes", - "use chroot = no", - "path = %s" % self.path("publication.root"), - "comment = RPKI test root")) - f.close() - - @classmethod - def next_rpkic_counter(cls): - cls.rpkic_counter += 10000 - return str(cls.rpkic_counter) - - def run_rpkic(self, *argv): - """ - Run rpkic for this entity. - """ - cmd = [prog_rpkic, "-i", self.name, "-c", self.path("rpki.conf")] - if args.profile: - cmd.append("--profile") - cmd.append(self.path("rpkic.%s.prof" % rpki.sundial.now())) - cmd.extend(str(a) for a in argv if a is not None) - print 'Running "%s"' % " ".join(cmd) - env = os.environ.copy() - env["YAMLTEST_RPKIC_COUNTER"] = self.next_rpkic_counter() - subprocess.check_call(cmd, cwd = self.host.path(), env = env) - - def run_python_daemon(self, prog): - """ - Start a Python daemon and return a subprocess.Popen object - representing the running daemon. - """ - basename = os.path.splitext(os.path.basename(prog))[0] - cmd = [prog, "-d", "-c", self.path("rpki.conf")] - if args.profile and basename != "rootd": - cmd.append("--profile") - cmd.append(self.path(basename + ".prof")) - log = basename + ".log" - p = subprocess.Popen(cmd, - cwd = self.path(), - stdout = open(self.path(log), "w"), - stderr = subprocess.STDOUT) - print 'Running %s for %s: pid %d process %r' % (" ".join(cmd), self.name, p.pid, p) - return p - - def run_rpkid(self): - """ - Run rpkid. - """ - return self.run_python_daemon(prog_rpkid) - - def run_irdbd(self): - """ - Run irdbd. - """ - return self.run_python_daemon(prog_irdbd) - - def run_pubd(self): - """ - Run pubd. - """ - return self.run_python_daemon(prog_pubd) - - def run_rootd(self): - """ - Run rootd. - """ - return self.run_python_daemon(prog_rootd) - - def run_rsyncd(self): - """ - Run rsyncd. - """ - p = subprocess.Popen(("rsync", "--daemon", "--no-detach", "--config", "rsyncd.conf"), - cwd = self.path()) - print "Running rsyncd for %s: pid %d process %r" % (self.name, p.pid, p) - return p - -def create_root_certificate(db_root): - - print "Creating rootd RPKI root certificate" - - root_resources = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as("0-4294967295"), - v4 = rpki.resource_set.resource_set_ipv4("0.0.0.0/0"), - v6 = rpki.resource_set.resource_set_ipv6("::/0")) - - root_key = rpki.x509.RSA.generate(quiet = True) - - root_uri = "rsync://localhost:%d/rpki/" % db_root.pubd.rsync_port - - root_sia = (root_uri, root_uri + "root.mft", None) - - root_cert = rpki.x509.X509.self_certify( - keypair = root_key, - subject_key = root_key.get_public(), - serial = 1, - sia = root_sia, - notAfter = rpki.sundial.now() + rpki.sundial.timedelta(days = 365), - resources = root_resources) - - f = open(db_root.path("publication.root/root.cer"), "wb") - f.write(root_cert.get_DER()) - f.close() - - f = open(db_root.path("root.key"), "wb") - f.write(root_key.get_DER()) - f.close() - - f = open(os.path.join(test_dir, "root.tal"), "w") - f.write("rsync://localhost:%d/root/root.cer\n\n" % db_root.pubd.rsync_port) - f.write(root_key.get_public().get_Base64()) - f.close() - - - -os.environ["TZ"] = "UTC" -time.tzset() - -parser = argparse.ArgumentParser(description = __doc__) -parser.add_argument("-c", "--config", - help = "configuration file") -parser.add_argument("-f", "--flat_publication", action = "store_true", - help = "disable hierarchical publication") -parser.add_argument("-k", "--keep_going", action = "store_true", - help = "keep going until all subprocesses exit") -parser.add_argument("-p", "--pidfile", - help = "save pid to this file") -parser.add_argument("--skip_config", action = "store_true", - help = "skip over configuration phase") -parser.add_argument("--stop_after_config", action = "store_true", - help = "stop after configuration phase") -parser.add_argument("--synchronize", action = "store_true", - help = "synchronize IRDB with daemons") -parser.add_argument("--profile", action = "store_true", - help = "enable profiling") -parser.add_argument("yaml_file", type = argparse.FileType("r"), - help = "YAML description of test network") -args = parser.parse_args() - -try: - - if args.pidfile is not None: - open(args.pidfile, "w").write("%s\n" % os.getpid()) - - rpki.log.init("yamltest", use_syslog = False) - - # Allow optional config file for this tool to override default - # passwords: this is mostly so that I can show a complete working - # example without publishing my own server's passwords. - - cfg = rpki.config.parser(args.config, "yamltest", allow_missing = True) - - only_one_pubd = cfg.getboolean("only_one_pubd", True) - allocation.base_port = cfg.getint("base_port", 4400) - - config_overrides = dict( - (k, cfg.get(k)) - for k in ("rpkid_sql_password", "irdbd_sql_password", "pubd_sql_password", - "rpkid_sql_username", "irdbd_sql_username", "pubd_sql_username") - if cfg.has_option(k)) - - # Start clean, maybe - - if not args.skip_config: - for root, dirs, files in os.walk(test_dir, topdown = False): - for fn in files: - os.unlink(os.path.join(root, fn)) - for d in dirs: - os.rmdir(os.path.join(root, d)) - - # Read first YAML doc in file and process as compact description of - # test layout and resource allocations. Ignore subsequent YAML docs, - # they're for smoketest.py, not this script. - - db = allocation_db(yaml.safe_load_all(args.yaml_file).next()) - - # Show what we loaded - - #db.dump() - - if args.skip_config: - - print "Skipping pre-daemon configuration, assuming you already did that" - - else: - - # Set up each entity in our test, create publication directories, - # and initialize server BPKI. - - for d in db: - if not d.is_hosted: - os.makedirs(d.path()) - d.dump_conf() - if d.runs_pubd: - os.makedirs(d.path("publication")) - d.dump_rsyncd() - if d.is_root: - os.makedirs(d.path("publication.root")) - d.run_rpkic("initialize_server_bpki") - - # Initialize resource holding BPKI and generate self-descriptor - # for each entity. - - for d in db: - d.run_rpkic("create_identity", d.name) - - # Create RPKI root certificate. - - create_root_certificate(db.root) - - # Set up rootd. - - db.root.run_rpkic("configure_root") - - # From here on we need to pay attention to initialization order. We - # used to do all the pre-configure_daemons stuff before running any - # of the daemons, but that doesn't work right in hosted cases, so we - # have to interleave configuration with starting daemons, just as - # one would in the real world for this sort of thing. - - progs = [] - - try: - - for d in db: - - if not d.is_hosted: - print - print "Running daemons for", d.name - if d.is_root: - progs.append(d.run_rootd()) - progs.append(d.run_irdbd()) - progs.append(d.run_rpkid()) - if d.runs_pubd: - progs.append(d.run_pubd()) - progs.append(d.run_rsyncd()) - - if args.synchronize or not args.skip_config: - - print - print "Giving daemons time to start up" - time.sleep(20) - assert all(p.poll() is None for p in progs) - - if args.skip_config: - - print - print "Skipping configure_*, you'll have to do that yourself if needed" - - else: - - for d in db: - - print - print "Configuring", d.name - print - if d.is_root: - assert not d.is_hosted - d.run_rpkic("configure_publication_client", - "--flat" if args.flat_publication else None, - d.path("%s.%s.repository-request.xml" % (d.name, d.name))) - print - d.run_rpkic("configure_repository", - d.path("%s.repository-response.xml" % d.client_handle)) - print - else: - d.parent.run_rpkic("configure_child", - "--valid_until", d.resources.valid_until, - d.path("%s.identity.xml" % d.name)) - print - d.run_rpkic("configure_parent", - d.parent.path("%s.%s.parent-response.xml" % (d.parent.name, d.name))) - print - d.pubd.run_rpkic("configure_publication_client", - "--flat" if args.flat_publication else None, - d.path("%s.%s.repository-request.xml" % (d.name, d.parent.name))) - print - d.run_rpkic("configure_repository", - d.pubd.path("%s.repository-response.xml" % d.client_handle)) - print - - print - print "Done with initial configuration" - print - - if args.synchronize: - print - print "Synchronizing" - print - for d in db: - if not d.is_hosted: - d.run_rpkic("synchronize") - - if args.synchronize or not args.skip_config: - print - print "Loading CSV files" - print - for d in db: - d.dump_asns() - d.dump_prefixes() - d.dump_roas() - d.dump_ghostbusters() - d.dump_router_certificates() - - # Wait until something terminates. - - if not args.stop_after_config or args.keep_going: - print - print "Waiting for daemons to exit" - signal.signal(signal.SIGCHLD, lambda *dont_care: None) - while (any(p.poll() is None for p in progs) - if args.keep_going else - all(p.poll() is None for p in progs)): - signal.pause() - - finally: - - print - print "Shutting down" - print - - signal.signal(signal.SIGCHLD, signal.SIG_DFL) - - if args.profile: - how_long = 300 - else: - how_long = 30 - - how_often = how_long / 2 - - for i in xrange(how_long): - if i % how_often == 0: - for p in progs: - if p.poll() is None: - print "Politely nudging pid %d" % p.pid - p.terminate() - print - if all(p.poll() is not None for p in progs): - break - time.sleep(1) - - for p in progs: - if p.poll() is None: - print "Pulling the plug on pid %d" % p.pid - p.kill() - - for p in progs: - print "Program pid %d %r returned %d" % (p.pid, p, p.wait()) - -finally: - if args.pidfile is not None: - os.unlink(args.pidfile) |