diff options
Diffstat (limited to 'rpkid')
| -rwxr-xr-x | rpkid/irdbd.py | 2 | ||||
| -rw-r--r-- | rpkid/left-right-protocol-samples.xml | 2 | ||||
| -rw-r--r-- | rpkid/left-right-protocol-samples/pdu.062.xml | 2 | ||||
| -rw-r--r-- | rpkid/left-right-schema.rnc | 6 | ||||
| -rw-r--r-- | rpkid/left-right-schema.rng | 7 | ||||
| -rw-r--r-- | rpkid/resource-cert-samples.py | 22 | ||||
| -rw-r--r-- | rpkid/rpki/gctx.py | 2 | ||||
| -rw-r--r-- | rpkid/rpki/left_right.py | 6 | ||||
| -rw-r--r-- | rpkid/rpki/relaxng.py | 12 | ||||
| -rw-r--r-- | rpkid/rpki/resource_set.py | 38 | ||||
| -rw-r--r-- | rpkid/rpki/sql.py | 17 | ||||
| -rw-r--r-- | rpkid/rpki/up_down.py | 2 | ||||
| -rw-r--r-- | rpkid/rpki/x509.py | 7 | ||||
| -rw-r--r-- | rpkid/testbed.py | 10 | ||||
| -rw-r--r-- | rpkid/up-down-schema.rnc | 108 | ||||
| -rw-r--r-- | rpkid/up-down-schema.rng | 5 |
16 files changed, 134 insertions, 114 deletions
diff --git a/rpkid/irdbd.py b/rpkid/irdbd.py index cc4eca05..0ee44472 100755 --- a/rpkid/irdbd.py +++ b/rpkid/irdbd.py @@ -60,7 +60,7 @@ def handler(query, path): registrant_id, subject_name, valid_until = cur.fetchone() r_pdu.subject_name = subject_name r_pdu.valid_until = valid_until.strftime("%Y-%m-%dT%H:%M:%SZ") - r_pdu.as = rpki.resource_set.resource_set_as.from_sql(cur, "SELECT start_as, end_as FROM asn WHERE registrant_id = %s", (registrant_id,)) + r_pdu.asn = rpki.resource_set.resource_set_as.from_sql(cur, "SELECT start_as, end_as FROM asn WHERE registrant_id = %s", (registrant_id,)) r_pdu.ipv4 = rpki.resource_set.resource_set_ipv4.from_sql(cur, "SELECT start_ip, end_ip FROM net WHERE registrant_id = %s AND version = 4", (registrant_id,)) r_pdu.ipv6 = rpki.resource_set.resource_set_ipv6.from_sql(cur, "SELECT start_ip, end_ip FROM net WHERE registrant_id = %s AND version = 6", (registrant_id,)) diff --git a/rpkid/left-right-protocol-samples.xml b/rpkid/left-right-protocol-samples.xml index 414a7ca5..dcd4b241 100644 --- a/rpkid/left-right-protocol-samples.xml +++ b/rpkid/left-right-protocol-samples.xml @@ -1256,7 +1256,7 @@ subject_name="Wombats are us" ipv4="10.0.0.44/32,10.3.0.44/32" ipv6="fe80:deed:f00d::/48,fe80:dead:beef:2::-fe80:dead:beef:2::49" - as="666"/> + asn="666"/> </msg> <!-- === --> diff --git a/rpkid/left-right-protocol-samples/pdu.062.xml b/rpkid/left-right-protocol-samples/pdu.062.xml index 5d218eb1..fa792aa0 100644 --- a/rpkid/left-right-protocol-samples/pdu.062.xml +++ b/rpkid/left-right-protocol-samples/pdu.062.xml @@ -1,5 +1,5 @@ <?xml version="1.0" encoding="US-ASCII"?> <!--Automatically generated, do not edit.--> <msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1"> - <list_resources type="reply" self_id="42" child_id="289" valid_until="2008-04-01T00:00:00Z" subject_name="Wombats are us" ipv4="10.0.0.44/32,10.3.0.44/32" ipv6="fe80:deed:f00d::/48,fe80:dead:beef:2::-fe80:dead:beef:2::49" as="666"/> + <list_resources type="reply" self_id="42" child_id="289" valid_until="2008-04-01T00:00:00Z" subject_name="Wombats are us" ipv4="10.0.0.44/32,10.3.0.44/32" ipv6="fe80:deed:f00d::/48,fe80:dead:beef:2::-fe80:dead:beef:2::49" asn="666"/> </msg> diff --git a/rpkid/left-right-schema.rnc b/rpkid/left-right-schema.rnc index 9584081b..3f4e6e96 100644 --- a/rpkid/left-right-schema.rnc +++ b/rpkid/left-right-schema.rnc @@ -212,7 +212,7 @@ list_resources_elt = element list_resources { ( attribute type { "reply" }, tag, self_id, child_id, attribute valid_until { xsd:dateTime { pattern=".*Z" } }, attribute subject_name { xsd:token { maxLength="1024" } }?, - attribute as { asn_list }?, + attribute asn { asn_list }?, attribute ipv4 { ipv4_address_list }?, attribute ipv6 { ipv6_address_list }? ) @@ -225,3 +225,7 @@ report_error_elt = element report_error { attribute error_code { xsd:token { maxLength="1024" } }, xsd:string { maxLength="512000" }? } + +# Local Variables: +# indent-tabs-mode: nil +# End: diff --git a/rpkid/left-right-schema.rng b/rpkid/left-right-schema.rng index b440ef99..c4b7f523 100644 --- a/rpkid/left-right-schema.rng +++ b/rpkid/left-right-schema.rng @@ -953,7 +953,7 @@ </attribute> </optional> <optional> - <attribute name="as"> + <attribute name="asn"> <ref name="asn_list"/> </attribute> </optional> @@ -989,3 +989,8 @@ </element> </define> </grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + End: +--> diff --git a/rpkid/resource-cert-samples.py b/rpkid/resource-cert-samples.py index 987734cc..08fe5929 100644 --- a/rpkid/resource-cert-samples.py +++ b/rpkid/resource-cert-samples.py @@ -35,17 +35,17 @@ def main(): """Main program, including the toy database itself.""" db = allocation_db() - db.add("ISP1", ipv4="192.0.2.1-192.0.2.33", asn="64533") - db.add("ISP2", ipv4="192.0.2.44-192.0.2.100") - db.add("ISP3", ipv6="2001:db8::44-2001:db8::100") - db.add("ISP4", ipv6="2001:db8::10:0:44/128", asn="64544") - db.add("ISP5a", ipv4="10.0.0.0/24", ipv6="2001:db8::a00:0/120") - db.add("ISP5b", ipv4="10.3.0.0/24", ipv6="2001:db8::a03:0/120") - db.add("ISP5c", asn="64534-64540") - db.add("LIR1", children=["ISP1", "ISP2"]) - db.add("LIR2", children=["ISP3", "ISP4"]) - db.add("LIR3", children=["ISP5a", "ISP5b", "ISP5c"]) - db.add("RIR", children=["LIR1", "LIR2", "LIR3"]) + db.add("ISP1", ipv4 = "192.0.2.1-192.0.2.33", asn = "64533") + db.add("ISP2", ipv4 = "192.0.2.44-192.0.2.100") + db.add("ISP3", ipv6 = "2001:db8::44-2001:db8::100") + db.add("ISP4", ipv6 = "2001:db8::10:0:44/128", asn = "64544") + db.add("ISP5a", ipv4 = "10.0.0.0/24", ipv6 = "2001:db8::a00:0/120") + db.add("ISP5b", ipv4 = "10.3.0.0/24", ipv6 = "2001:db8::a03:0/120") + db.add("ISP5c", asn = "64534-64540") + db.add("LIR1", children = ["ISP1", "ISP2"]) + db.add("LIR2", children = ["ISP3", "ISP4"]) + db.add("LIR3", children = ["ISP5a", "ISP5b", "ISP5c"]) + db.add("RIR", children = ["LIR1", "LIR2", "LIR3"]) if not os.path.isdir(subdir): os.mkdir(subdir) diff --git a/rpkid/rpki/gctx.py b/rpkid/rpki/gctx.py index 64aecd87..4a1282bb 100644 --- a/rpkid/rpki/gctx.py +++ b/rpkid/rpki/gctx.py @@ -79,7 +79,7 @@ class global_context(object): if len(r_msg) == 0 or not isinstance(r_msg[0], rpki.left_right.list_resources_elt) or r_msg[0].type != "reply": raise rpki.exceptions.BadIRDBReply, "Unexpected response to IRDB query: %s" % lxml.etree.tostring(r_msg.toXML(), pretty_print = True, encoding = "us-ascii") return rpki.resource_set.resource_bag( - as = r_msg[0].as, + asn = r_msg[0].asn, v4 = r_msg[0].ipv4, v6 = r_msg[0].ipv6, valid_until = r_msg[0].valid_until) diff --git a/rpkid/rpki/left_right.py b/rpkid/rpki/left_right.py index 7e7a7745..e9bb7a92 100644 --- a/rpkid/rpki/left_right.py +++ b/rpkid/rpki/left_right.py @@ -1038,7 +1038,7 @@ class list_resources_elt(base_elt): """<list_resources/> element.""" element_name = "list_resources" - attributes = ("type", "self_id", "tag", "child_id", "valid_until", "as", "ipv4", "ipv6", "subject_name") + attributes = ("type", "self_id", "tag", "child_id", "valid_until", "asn", "ipv4", "ipv6", "subject_name") valid_until = None def startElement(self, stack, name, attrs): @@ -1047,8 +1047,8 @@ class list_resources_elt(base_elt): self.read_attrs(attrs) if isinstance(self.valid_until, str): self.valid_until = rpki.sundial.datetime.fromXMLtime(self.valid_until) - if self.as is not None: - self.as = rpki.resource_set.resource_set_as(self.as) + if self.asn is not None: + self.asn = rpki.resource_set.resource_set_as(self.asn) if self.ipv4 is not None: self.ipv4 = rpki.resource_set.resource_set_ipv4(self.ipv4) if self.ipv6 is not None: diff --git a/rpkid/rpki/relaxng.py b/rpkid/rpki/relaxng.py index e953b3d9..de1bbb36 100644 --- a/rpkid/rpki/relaxng.py +++ b/rpkid/rpki/relaxng.py @@ -959,7 +959,7 @@ left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" enc </attribute> </optional> <optional> - <attribute name="as"> + <attribute name="asn"> <ref name="asn_list"/> </attribute> </optional> @@ -995,6 +995,11 @@ left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" enc </element> </define> </grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + End: +--> ''')) ## @var up_down @@ -1244,4 +1249,9 @@ up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodi </optional> </define> </grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + End: +--> ''')) diff --git a/rpkid/rpki/resource_set.py b/rpkid/rpki/resource_set.py index 2b050ad3..cd8a68d6 100644 --- a/rpkid/rpki/resource_set.py +++ b/rpkid/rpki/resource_set.py @@ -323,7 +323,7 @@ class resource_set_as(resource_set): range_type = resource_range_as def parse_str(self, x): - """Parse AS resource sets from text (eg, XML attributes).""" + """Parse ASN resource sets from text (eg, XML attributes).""" r = re.match("^([0-9]+)-([0-9]+)$", x) if r: return resource_range_as(long(r.group(1)), long(r.group(2))) @@ -331,7 +331,7 @@ class resource_set_as(resource_set): return resource_range_as(long(x), long(x)) def parse_rfc3779_tuple(self, x): - """Parse AS resource from tuple format generated by RFC 3779 ASN.1 decoder.""" + """Parse ASN resource from tuple format generated by RFC 3779 ASN.1 decoder.""" if x[0] == "asIdsOrRanges": for aor in x[1]: if aor[0] == "range": @@ -346,7 +346,7 @@ class resource_set_as(resource_set): self.inherit = True def to_rfc3779_tuple(self): - """Convert AS resource set into tuple format used for RFC 3779 ASN.1 encoding.""" + """Convert ASN resource set into tuple format used for RFC 3779 ASN.1 encoding.""" if self: return ("asIdsOrRanges", tuple(a.to_rfc3779_tuple() for a in self)) elif self.inherit: @@ -448,11 +448,11 @@ def _long2bs(number, addrlen, prefixlen = None, strip = None): return tuple(bs) class resource_bag(object): - """Container to simplify passing around the usual triple of AS, + """Container to simplify passing around the usual triple of ASN, IPv4, and IPv6 resource sets. """ - ## @var as + ## @var asn # Set of Autonomous System Number resources. ## @var v4 @@ -464,35 +464,35 @@ class resource_bag(object): ## @var valid_until # Expiration date of resources, for setting certificate notAfter field. - def __init__(self, as = None, v4 = None, v6 = None, valid_until = None): - self.as = as or resource_set_as() + def __init__(self, asn = None, v4 = None, v6 = None, valid_until = None): + self.asn = asn or resource_set_as() self.v4 = v4 or resource_set_ipv4() self.v6 = v6 or resource_set_ipv6() self.valid_until = valid_until def oversized(self, other): """True iff self is oversized with respect to other.""" - return not self.as.issubset(other.as) or \ + return not self.asn.issubset(other.asn) or \ not self.v4.issubset(other.v4) or \ not self.v6.issubset(other.v6) def undersized(self, other): """True iff self is undersized with respect to other.""" - return not other.as.issubset(self.as) or \ + return not other.asn.issubset(self.asn) or \ not other.v4.issubset(self.v4) or \ not other.v6.issubset(self.v6) @classmethod def from_rfc3779_tuples(cls, exts): """Build a resource_bag from intermediate form generated by RFC 3779 ASN.1 decoder.""" - as = None + asn = None v4 = None v6 = None for x in exts: if x[0] == rpki.oids.name2oid["sbgp-autonomousSysNum"]: # assert len(x[2]) == 1 or x[2][1] is None, "RDI not implemented: %s" % (str(x)) - assert as is None - as = resource_set_as(x[2][0]) + assert asn is None + asn = resource_set_as(x[2][0]) if x[0] == rpki.oids.name2oid["sbgp-ipAddrBlock"]: for fam in x[2]: if fam[0] == resource_set_ipv4.afi: @@ -501,14 +501,14 @@ class resource_bag(object): if fam[0] == resource_set_ipv6.afi: assert v6 is None v6 = resource_set_ipv6(fam[1]) - return cls(as, v4, v6) + return cls(asn, v4, v6) def empty(self): """Return True iff all resource sets in this bag are empty.""" - return not self.as and not self.v4 and not self.v6 + return not self.asn and not self.v4 and not self.v6 def __eq__(self, other): - return self.as == other.as and \ + return self.asn == other.asn and \ self.v4 == other.v4 and \ self.v6 == other.v6 and \ self.valid_until == other.valid_until @@ -520,7 +520,7 @@ class resource_bag(object): """Compute intersection with another resource_bag. valid_until attribute (if any) inherits from self. """ - return self.__class__(self.as.intersection(other.as), + return self.__class__(self.asn.intersection(other.asn), self.v4.intersection(other.v4), self.v6.intersection(other.v6), self.valid_until) @@ -529,15 +529,15 @@ class resource_bag(object): """Compute union with another resource_bag. valid_until attribute (if any) inherits from self. """ - return self.__class__(self.as.union(other.as), + return self.__class__(self.asn.union(other.asn), self.v4.union(other.v4), self.v6.union(other.v6), self.valid_until) def __str__(self): s = "" - if self.as: - s += "AS: %s" % self.as + if self.asn: + s += "ASN: %s" % self.asn if self.v4: if s: s += ", " diff --git a/rpkid/rpki/sql.py b/rpkid/rpki/sql.py index 791bc7d8..35cdeb05 100644 --- a/rpkid/rpki/sql.py +++ b/rpkid/rpki/sql.py @@ -368,17 +368,10 @@ class ca_obj(sql_persistant): return self.last_crl_sn def rekey(self): - """Initiate a rekey operation for this ca. - - Tasks: - - - Generate a new keypair. - - - Request cert from parent using new keypair. - - - Mark result as our active ca_detail. - - - Reissue all child certs issued by this ca using the new ca_detail. + """Initiate a rekey operation for this ca. Generate a new + keypair. Request cert from parent using new keypair. Mark result + as our active ca_detail. Reissue all child certs issued by this + ca using the new ca_detail. """ rpki.log.trace() @@ -596,7 +589,7 @@ class ca_detail_obj(sql_persistant): """Generate a new manifest certificate for this ca_detail.""" resources = rpki.resource_set.resource_bag( - as = rpki.resource_set.resource_set_as("<inherit>"), + asn = rpki.resource_set.resource_set_as("<inherit>"), v4 = rpki.resource_set.resource_set_ipv4("<inherit>"), v6 = rpki.resource_set.resource_set_ipv6("<inherit>")) diff --git a/rpkid/rpki/up_down.py b/rpkid/rpki/up_down.py index 2de62a56..fb7def4d 100644 --- a/rpkid/rpki/up_down.py +++ b/rpkid/rpki/up_down.py @@ -172,7 +172,7 @@ class class_elt(base_elt): def from_resource_bag(self, bag): """Set resources of this class element from a resource_bag.""" - self.resource_set_as = bag.as + self.resource_set_as = bag.asn self.resource_set_ipv4 = bag.v4 self.resource_set_ipv6 = bag.v6 self.resource_set_notafter = bag.valid_until diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py index 22b57c4d..09238370 100644 --- a/rpkid/rpki/x509.py +++ b/rpkid/rpki/x509.py @@ -372,8 +372,8 @@ class X509(DER_object): else: assert not is_ca - if resources is not None and resources.as: - exts.append(["sbgp-autonomousSysNum", True, (resources.as.to_rfc3779_tuple(), None)]) + if resources is not None and resources.asn: + exts.append(["sbgp-autonomousSysNum", True, (resources.asn.to_rfc3779_tuple(), None)]) if resources is not None and (resources.v4 or resources.v6): exts.append(["sbgp-ipAddrBlock", True, [x for x in (resources.v4.to_rfc3779_tuple(), resources.v6.to_rfc3779_tuple()) if x is not None]]) @@ -709,8 +709,7 @@ class CMS_object(DER_object): dbg = self.dumpasn1() else: dbg = cms.pprint() - print "CMS verification failed, dumping ASN.1 (%d octets):\n%s" \ - % (len(self.get_DER()), dbg) + print "CMS verification failed, dumping ASN.1 (%d octets):\n%s" % (len(self.get_DER()), dbg) raise rpki.exceptions.CMSVerificationFailed, "CMS verification failed" self.decode(content) diff --git a/rpkid/testbed.py b/rpkid/testbed.py index 7c8e34f9..3d01c7d1 100644 --- a/rpkid/testbed.py +++ b/rpkid/testbed.py @@ -343,7 +343,7 @@ class allocation(object): if valid_until is None and "valid_for" in yaml: valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(yaml["valid_for"]) self.base = rpki.resource_set.resource_bag( - as = rpki.resource_set.resource_set_as(yaml.get("asn")), + asn = rpki.resource_set.resource_set_as(yaml.get("asn")), v4 = rpki.resource_set.resource_set_ipv4(yaml.get("ipv4")), v6 = rpki.resource_set.resource_set_ipv6(yaml.get("ipv6")), valid_until = valid_until) @@ -373,10 +373,10 @@ class allocation(object): if k != "name": getattr(self, "apply_" + k)(v) - def apply_add_as(self, text): self.base.as = self.base.as.union(rpki.resource_set.resource_set_as(text)) + def apply_add_as(self, text): self.base.asn = self.base.asn.union(rpki.resource_set.resource_set_as(text)) def apply_add_v4(self, text): self.base.v4 = self.base.v4.union(rpki.resource_set.resource_set_ipv4(text)) def apply_add_v6(self, text): self.base.v6 = self.base.v6.union(rpki.resource_set.resource_set_ipv6(text)) - def apply_sub_as(self, text): self.base.as = self.base.as.difference(rpki.resource_set.resource_set_as(text)) + def apply_sub_as(self, text): self.base.asn = self.base.asn.difference(rpki.resource_set.resource_set_as(text)) def apply_sub_v4(self, text): self.base.v4 = self.base.v4.difference(rpki.resource_set.resource_set_ipv4(text)) def apply_sub_v6(self, text): self.base.v6 = self.base.v6.difference(rpki.resource_set.resource_set_ipv6(text)) @@ -416,7 +416,7 @@ class allocation(object): def __str__(self): s = self.name + "\n" - if self.resources.as: s += " ASN: %s\n" % self.resources.as + if self.resources.asn: s += " ASN: %s\n" % self.resources.asn if self.resources.v4: s += " IPv4: %s\n" % self.resources.v4 if self.resources.v6: s += " IPv6: %s\n" % self.resources.v6 if self.kids: s += " Kids: %s\n" % ", ".join(k.name for k in self.kids) @@ -493,7 +493,7 @@ class allocation(object): for kid in self.kids: cur.execute("SELECT registrant_id FROM registrant WHERE IRBE_mapped_id = %s", (kid.name,)) registrant_id = cur.fetchone()[0] - for as_range in kid.resources.as: + for as_range in kid.resources.asn: cur.execute("INSERT asn (start_as, end_as, registrant_id) VALUES (%s, %s, %s)", (as_range.min, as_range.max, registrant_id)) for v4_range in kid.resources.v4: cur.execute("INSERT net (start_ip, end_ip, version, registrant_id) VALUES (%s, %s, 4, %s)", (v4_range.min, v4_range.max, registrant_id)) diff --git a/rpkid/up-down-schema.rnc b/rpkid/up-down-schema.rnc index e5042418..ad3c9a82 100644 --- a/rpkid/up-down-schema.rnc +++ b/rpkid/up-down-schema.rnc @@ -5,63 +5,67 @@ # libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so # run the compact syntax through trang to get XML syntax. - default namespace = "http://www.apnic.net/specs/rescerts/up-down/" +default namespace = "http://www.apnic.net/specs/rescerts/up-down/" - grammar { - start = element message { - attribute version { xsd:positiveInteger { maxInclusive="1" } }, - attribute sender { xsd:token { maxLength="1024" } }, - attribute recipient { xsd:token { maxLength="1024" } }, - payload - } +grammar { + start = element message { + attribute version { xsd:positiveInteger { maxInclusive="1" } }, + attribute sender { xsd:token { maxLength="1024" } }, + attribute recipient { xsd:token { maxLength="1024" } }, + payload + } - payload |= attribute type { "list" }, list_request - payload |= attribute type { "list_response"}, list_response - payload |= attribute type { "issue" }, issue_request - payload |= attribute type { "issue_response"}, issue_response - payload |= attribute type { "revoke" }, revoke_request - payload |= attribute type { "revoke_response"}, revoke_response - payload |= attribute type { "error_response"}, error_response + payload |= attribute type { "list" }, list_request + payload |= attribute type { "list_response"}, list_response + payload |= attribute type { "issue" }, issue_request + payload |= attribute type { "issue_response"}, issue_response + payload |= attribute type { "revoke" }, revoke_request + payload |= attribute type { "revoke_response"}, revoke_response + payload |= attribute type { "error_response"}, error_response - list_request = empty - list_response = class* + list_request = empty + list_response = class* - class = element class { - attribute class_name { xsd:token { maxLength="1024" } }, - attribute cert_url { xsd:string { maxLength="4096" } }, - attribute resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }, - attribute resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }, - attribute resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }, - attribute resource_set_notafter { xsd:dateTime { pattern=".*Z" } }?, - attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?, - element certificate { - attribute cert_url { xsd:string { maxLength="4096" } }, - attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?, - attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?, - attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?, - xsd:base64Binary { maxLength="512000" } - }*, - element issuer { xsd:base64Binary { maxLength="512000" } } - } + class = element class { + attribute class_name { xsd:token { maxLength="1024" } }, + attribute cert_url { xsd:string { maxLength="4096" } }, + attribute resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }, + attribute resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }, + attribute resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }, + attribute resource_set_notafter { xsd:dateTime { pattern=".*Z" } }?, + attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?, + element certificate { + attribute cert_url { xsd:string { maxLength="4096" } }, + attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?, + attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?, + attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?, + xsd:base64Binary { maxLength="512000" } + }*, + element issuer { xsd:base64Binary { maxLength="512000" } } + } - issue_request = element request { - attribute class_name { xsd:token { maxLength="1024" } }, - attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?, - attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?, - attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?, - xsd:base64Binary { maxLength="512000" } - } - issue_response = class + issue_request = element request { + attribute class_name { xsd:token { maxLength="1024" } }, + attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?, + attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?, + attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?, + xsd:base64Binary { maxLength="512000" } + } + issue_response = class - revoke_request = revocation - revoke_response = revocation + revoke_request = revocation + revoke_response = revocation - revocation = element key { - attribute class_name { xsd:token { maxLength="1024" } }, - attribute ski { xsd:token { maxLength="1024" } } - } + revocation = element key { + attribute class_name { xsd:token { maxLength="1024" } }, + attribute ski { xsd:token { maxLength="1024" } } + } - error_response = - element status { xsd:positiveInteger { maxInclusive="999999999999999" } }, - element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }? - } + error_response = + element status { xsd:positiveInteger { maxInclusive="999999999999999" } }, + element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }? +} + +# Local Variables: +# indent-tabs-mode: nil +# End: diff --git a/rpkid/up-down-schema.rng b/rpkid/up-down-schema.rng index 6b155903..6d029259 100644 --- a/rpkid/up-down-schema.rng +++ b/rpkid/up-down-schema.rng @@ -243,3 +243,8 @@ </optional> </define> </grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + End: +--> |