diff options
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/Makefile | 2 | ||||
| -rw-r--r-- | scripts/README | 12 | ||||
| -rw-r--r-- | scripts/rpki/left_right.py | 11 | ||||
| -rw-r--r-- | scripts/rpki/up_down.py | 21 | ||||
| -rwxr-xr-x | scripts/rpkid.py | 6 |
5 files changed, 46 insertions, 6 deletions
diff --git a/scripts/Makefile b/scripts/Makefile index 11039603..fa6da636 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -17,7 +17,7 @@ up-down-schema.rng: up-down-schema.rnc trang up-down-schema.rnc up-down-schema.rng test: all - python xml-parse-test.py + time python xml-parse-test.py dont-run-trang: touch *.rng diff --git a/scripts/README b/scripts/README index cc43c207..80e9bb51 100644 --- a/scripts/README +++ b/scripts/README @@ -58,3 +58,15 @@ To do list: file, http server, static root cert and key. in theory this should just be a matter of subtyping the main up-down code while overriding the serve_pdu() methods. + + things we'd need in a config file for this: + + - the one and only issuer cert (self-signed in this special case) + - the one and only issuer private key id + - filename in which to store the one and only subject cert + - bsc info for one and only child + - https server key and cert + - validity interval to use when issuing + - publication urls for issuer cert, subject cert, crl, and manifest + - https and cms data for publication server + - resources to issue? or just copy/inherit from self-signed? diff --git a/scripts/rpki/left_right.py b/scripts/rpki/left_right.py index 820f506e..a282a7b8 100644 --- a/scripts/rpki/left_right.py +++ b/scripts/rpki/left_right.py @@ -474,7 +474,16 @@ class child_elt(data_elt): q_msg = rpki.up_down.sax_handler.saxify(q_elt) if q_msg.sender != str(self.child_id): raise rpki.exceptions.NotFound, "Unexpected XML sender %s" % q_msg.sender - r_msg = q_msg.serve_top_level(gctx, self) + try: + r_msg = q_msg.serve_top_level(gctx, self) + except Exception, data: + traceback.print_exc() + r_msg = q_msg.serve_error(data) + # + # Exceptions from this point on are problematic, as we have no + # sane way of reporting errors in the error reporting mechanism. + # May require refactoring, ignore the issue for now. + # r_elt = r_msg.toXML() rpki.relaxng.up_down.assertValid(r_elt) return rpki.cms.xml_sign(r_elt, bsc.private_key_id, bsc.signing_cert) diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py index 9eaddd20..268134ca 100644 --- a/scripts/rpki/up_down.py +++ b/scripts/rpki/up_down.py @@ -385,6 +385,17 @@ class error_response_pdu(base_elt): 1302 : "Revoke - no such key", 2001 : "Internal Server Error - Request not performed" } + exceptions = {} + + def __init__(self, exception = None): + """Initialize an error_response PDU from an exception object.""" + if exception is not None: + if exception in self.exceptions: + self.status = exceptions[exception] + else: + self.status = 2001 + self.description = str(exception) + def endElement(self, stack, name, text): """Handle "error_response" PDU.""" if name == "status": @@ -392,8 +403,6 @@ class error_response_pdu(base_elt): if code not in self.codes: raise rpki.exceptions.BadStatusCode, "%s is not a known status code" self.status = code - elif name == "last_message_processed": - self.last_message_processed = text elif name == "description": self.description = text else: @@ -457,6 +466,14 @@ class message_pdu(base_elt): self.payload.serve_pdu(gctx, self, r_msg, child) return r_msg + def serve_error(self, exception): + """Generate an error_response message PDU.""" + r_msg = message_pdu() + r_msg.sender = self.receiver + r_msg.receiver = self.sender + r_msg.payload = error_response_pdu(exception) + return r_msg + @classmethod def make_query(cls, payload, sender = "tweedledee", recipient = "tweedledum"): """Construct one message PDU.""" diff --git a/scripts/rpkid.py b/scripts/rpkid.py index 5148167a..6e2cde17 100755 --- a/scripts/rpkid.py +++ b/scripts/rpkid.py @@ -37,10 +37,12 @@ def up_down_handler(query, path): return 200, child.serve_up_down(gctx, query) except Exception, data: traceback.print_exc() - return 500, "Unhandled exception %s" % data + return 400, "Could not process PDU: %s" % data def cronjob_handler(query, path): - raise rpki.exceptions.NotImplementedYet + for s in rpki.left_right.self_elt.sql_fetch_all(gctx): + s.client_poll(gctx) + #raise rpki.exceptions.NotImplementedYet class global_context(object): """A place to stash various global parameters.""" |