aboutsummaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'scripts')
-rw-r--r--scripts/apnic-to-csv.py8
-rw-r--r--scripts/arin-to-csv.py8
-rw-r--r--scripts/convert-from-csv-to-entitydb.py36
-rw-r--r--scripts/ripe-asns-to-csv.py4
-rw-r--r--scripts/setup-rootd.sh36
-rw-r--r--scripts/test-myrpki-cms.py10
-rw-r--r--scripts/testbed-rootcert.py6
-rw-r--r--scripts/translate-handles.py8
8 files changed, 76 insertions, 40 deletions
diff --git a/scripts/apnic-to-csv.py b/scripts/apnic-to-csv.py
index 54e9137c..30a3951f 100644
--- a/scripts/apnic-to-csv.py
+++ b/scripts/apnic-to-csv.py
@@ -19,12 +19,12 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
-import csv, myrpki, rpki.ipaddrs
+import csv, rpki.myrpki, rpki.ipaddrs
-translations = dict((src, dst) for src, dst in myrpki.csv_reader("translations.csv", columns = 2))
+translations = dict((src, dst) for src, dst in rpki.myrpki.csv_reader("translations.csv", columns = 2))
-asns = myrpki.csv_writer("asns.csv")
-prefixes = myrpki.csv_writer("prefixes.csv")
+asns = rpki.myrpki.csv_writer("asns.csv")
+prefixes = rpki.myrpki.csv_writer("prefixes.csv")
for line in open("delegated-apnic-extended-latest"):
diff --git a/scripts/arin-to-csv.py b/scripts/arin-to-csv.py
index 55e5762a..9004dbba 100644
--- a/scripts/arin-to-csv.py
+++ b/scripts/arin-to-csv.py
@@ -23,7 +23,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
-import gzip, csv, myrpki
+import gzip, csv, rpki.myrpki
class Handle(object):
@@ -95,10 +95,10 @@ class main(object):
return tag.strip(), val.strip()
def __init__(self):
- self.asns = myrpki.csv_writer("asns.csv")
- self.prefixes = myrpki.csv_writer("prefixes.csv")
+ self.asns = rpki.myrpki.csv_writer("asns.csv")
+ self.prefixes = rpki.myrpki.csv_writer("prefixes.csv")
try:
- self.translations = dict((src, dst) for src, dst in myrpki.csv_reader("translations.csv", columns = 2))
+ self.translations = dict((src, dst) for src, dst in rpki.myrpki.csv_reader("translations.csv", columns = 2))
except IOError:
pass
f = gzip.open("arin_db.txt.gz")
diff --git a/scripts/convert-from-csv-to-entitydb.py b/scripts/convert-from-csv-to-entitydb.py
index 282d2e75..51cb323d 100644
--- a/scripts/convert-from-csv-to-entitydb.py
+++ b/scripts/convert-from-csv-to-entitydb.py
@@ -19,7 +19,7 @@ PERFORMANCE OF THIS SOFTWARE.
"""
import subprocess, csv, re, os, getopt, sys, base64, urlparse
-import rpki.sundial, myrpki, rpki.config
+import rpki.sundial, rpki.myrpki, rpki.config
from lxml.etree import Element, SubElement, ElementTree
@@ -165,7 +165,7 @@ for d in map(entitydb, ("children", "parents", "repositories", "pubclients")):
one_year_from_now = str(rpki.sundial.now() + rpki.sundial.timedelta(days = 365))
if os.path.exists(children_csv):
- for child_handle, valid_until, child_resource_pemfile in myrpki.csv_reader(children_csv, columns = 3):
+ for child_handle, valid_until, child_resource_pemfile in rpki.myrpki.csv_reader(children_csv, columns = 3):
try:
e = Element("parent",
@@ -173,16 +173,16 @@ if os.path.exists(children_csv):
service_uri = "https://%s:%s/up-down/%s/%s" % (rpkid_server_host, rpkid_server_port, handle, child_handle),
child_handle = child_handle,
parent_handle = handle)
- myrpki.PEMElement(e, "bpki_resource_ta", bpki_resources_pemfile)
- myrpki.PEMElement(e, "bpki_server_ta", bpki_servers_pemfile)
- myrpki.PEMElement(e, "bpki_child_ta", child_resource_pemfile)
- myrpki.etree_write(e, entitydb("children", "%s.xml" % child_handle))
+ rpki.myrpki.PEMElement(e, "bpki_resource_ta", bpki_resources_pemfile)
+ rpki.myrpki.PEMElement(e, "bpki_server_ta", bpki_servers_pemfile)
+ rpki.myrpki.PEMElement(e, "bpki_child_ta", child_resource_pemfile)
+ rpki.myrpki.etree_write(e, entitydb("children", "%s.xml" % child_handle))
except IOError:
pass
if os.path.exists(parents_csv):
- for parent_handle, parent_service_uri, parent_cms_pemfile, parent_https_pemfile, parent_myhandle, parent_sia_base in myrpki.csv_reader(parents_csv, columns = 6):
+ for parent_handle, parent_service_uri, parent_cms_pemfile, parent_https_pemfile, parent_myhandle, parent_sia_base in rpki.myrpki.csv_reader(parents_csv, columns = 6):
try:
e = Element("parent",
@@ -190,10 +190,10 @@ if os.path.exists(parents_csv):
service_uri = parent_service_uri,
child_handle = parent_myhandle,
parent_handle = parent_handle)
- myrpki.PEMElement(e, "bpki_resource_ta", parent_cms_pemfile)
- myrpki.PEMElement(e, "bpki_server_ta", parent_https_pemfile)
- myrpki.PEMElement(e, "bpki_child_ta", bpki_resources_pemfile)
- myrpki.etree_write(e, entitydb("parents", "%s.xml" % parent_handle))
+ rpki.myrpki.PEMElement(e, "bpki_resource_ta", parent_cms_pemfile)
+ rpki.myrpki.PEMElement(e, "bpki_server_ta", parent_https_pemfile)
+ rpki.myrpki.PEMElement(e, "bpki_child_ta", bpki_resources_pemfile)
+ rpki.myrpki.etree_write(e, entitydb("parents", "%s.xml" % parent_handle))
client_handle = "/".join(parent_sia_base.rstrip("/").split("/")[3:])
assert client_handle.startswith(repository_handle)
@@ -204,16 +204,16 @@ if os.path.exists(parents_csv):
service_uri = "%s/client/%s" % (pubd_base.rstrip("/"), client_handle),
sia_base = parent_sia_base,
type = "confirmed")
- myrpki.PEMElement(e, "bpki_server_ta", repository_bpki_certificate)
- myrpki.PEMElement(e, "bpki_client_ta", bpki_resources_pemfile)
+ rpki.myrpki.PEMElement(e, "bpki_server_ta", repository_bpki_certificate)
+ rpki.myrpki.PEMElement(e, "bpki_client_ta", bpki_resources_pemfile)
SubElement(e, "contact_info").text = "Automatically generated by convert-csv.py"
- myrpki.etree_write(e, entitydb("repositories", "%s.xml" % parent_handle))
+ rpki.myrpki.etree_write(e, entitydb("repositories", "%s.xml" % parent_handle))
except IOError:
pass
if os.path.exists(pubclients_csv):
- for client_handle, client_resource_pemfile, client_sia_base in myrpki.csv_reader(pubclients_csv, columns = 3):
+ for client_handle, client_resource_pemfile, client_sia_base in rpki.myrpki.csv_reader(pubclients_csv, columns = 3):
try:
parent_handle = client_handle.split("/")[-2] if "/" in client_handle else handle
@@ -224,10 +224,10 @@ if os.path.exists(pubclients_csv):
service_uri = "https://%s:%s/client/%s" % (pubd_server_host, pubd_server_port, client_handle),
sia_base = client_sia_base,
type = "confirmed")
- myrpki.PEMElement(e, "bpki_server_ta", bpki_servers_pemfile)
- myrpki.PEMElement(e, "bpki_client_ta", client_resource_pemfile)
+ rpki.myrpki.PEMElement(e, "bpki_server_ta", bpki_servers_pemfile)
+ rpki.myrpki.PEMElement(e, "bpki_client_ta", client_resource_pemfile)
SubElement(e, "contact_info").text = "Automatically generated by convert-csv.py"
- myrpki.etree_write(e, entitydb("pubclients", "%s.xml" % client_handle.replace("/", ".")))
+ rpki.myrpki.etree_write(e, entitydb("pubclients", "%s.xml" % client_handle.replace("/", ".")))
except IOError:
pass
diff --git a/scripts/ripe-asns-to-csv.py b/scripts/ripe-asns-to-csv.py
index 04a92627..26e4651c 100644
--- a/scripts/ripe-asns-to-csv.py
+++ b/scripts/ripe-asns-to-csv.py
@@ -23,7 +23,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
-import gzip, csv, myrpki
+import gzip, csv, rpki.myrpki
class Handle(dict):
@@ -88,7 +88,7 @@ class main(object):
filenames = ("ripe.db.aut-num.gz",)
def __init__(self):
- self.asns = myrpki.csv_writer("asns.csv")
+ self.asns = rpki.myrpki.csv_writer("asns.csv")
for fn in self.filenames:
f = gzip.open(fn)
self.statement = ""
diff --git a/scripts/setup-rootd.sh b/scripts/setup-rootd.sh
new file mode 100644
index 00000000..001ed862
--- /dev/null
+++ b/scripts/setup-rootd.sh
@@ -0,0 +1,36 @@
+#!/bin/sh -
+#
+# $Id$
+#
+# Copyright (C) 2010 Internet Systems Consortium ("ISC")
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# Setting up rootd requires cross-certifying rpkid's resource-holding
+# BPKI trust anchor under the BPKI trust anchor that rootd uses. This
+# script handles that, albiet in a very ugly way.
+#
+# Filenames are wired in, you might need to change these if you've
+# done something more complicated.
+
+export RANDFILE=.OpenSSL.whines.unless.I.set.this
+export BPKI_DIRECTORY=`pwd`/bpki/servers
+
+openssl=../openssl/openssl/apps/openssl
+
+$openssl ca -notext -batch -config myrpki.conf \
+ -ss_cert bpki/resources/ca.cer \
+ -out $BPKI_DIRECTORY/child.cer \
+ -extensions ca_x509_ext_xcert0
+
+$openssl x509 -noout -text -in $BPKI_DIRECTORY/child.cer
diff --git a/scripts/test-myrpki-cms.py b/scripts/test-myrpki-cms.py
index 29bea39c..0ea59c07 100644
--- a/scripts/test-myrpki-cms.py
+++ b/scripts/test-myrpki-cms.py
@@ -22,7 +22,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
-import subprocess, os, sys, myrpki
+import subprocess, os, sys, rpki.myrpki
original_xml = '''\
<publication_referral xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"
@@ -35,10 +35,10 @@ f = open("original.xml", "w")
f.write(original_xml)
f.close()
-myrpki.openssl = "/u/sra/rpki/subvert-rpki.hactrn.net/openssl/openssl/apps/openssl"
+rpki.myrpki.openssl = "/u/sra/rpki/subvert-rpki.hactrn.net/openssl/openssl/apps/openssl"
os.putenv("OPENSSL_CONF", "/dev/null")
-bpki = myrpki.CA("test/Alice/myrpki.conf", "test/Alice/bpki/resources")
+bpki = rpki.myrpki.CA("test/Alice/myrpki.conf", "test/Alice/bpki/resources")
bpki.ee("/CN=Alice Signed Referral CMS Test EE Certificate", "CMSEE")
# "id-ct-xml" from rpki.oids
@@ -46,7 +46,7 @@ oid = ".".join(map(str, (1, 2, 840, 113549, 1, 9, 16, 1, 28)))
format = "DER" # PEM or DER
-subprocess.check_call((myrpki.openssl, "cms", "-sign",
+subprocess.check_call((rpki.myrpki.openssl, "cms", "-sign",
"-binary", "-nodetach", "-nosmimecap", "-keyid", "-outform", format,
"-econtent_type", oid, "-md", "sha256",
"-inkey", "test/Alice/bpki/resources/CMSEE.key",
@@ -61,6 +61,6 @@ if format == "DER":
# at least we can make it the job of the code formerly known as irdbd,
# where we have full libraries available to us. but blunder ahead...
-subprocess.check_call((myrpki.openssl, "cms", "-verify", "-inform", format,
+subprocess.check_call((rpki.myrpki.openssl, "cms", "-verify", "-inform", format,
"-CAfile", "test/Alice/bpki/resources/ca.cer",
"-in", "original.%s" % format.lower()))
diff --git a/scripts/testbed-rootcert.py b/scripts/testbed-rootcert.py
index 54d1480c..6c75da9c 100644
--- a/scripts/testbed-rootcert.py
+++ b/scripts/testbed-rootcert.py
@@ -22,7 +22,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
-import csv, myrpki, sys
+import csv, rpki.myrpki, sys
if len(sys.argv) != 2:
raise RuntimeError, "Usage: %s [holder]" % sys.argv[0]
@@ -51,7 +51,7 @@ sbgp-ipAddrBlock = critical,@rfc3997_addrs
''' % { "holder" : sys.argv[1].lower(),
"HOLDER" : sys.argv[1].upper() }
-for i, asn in enumerate(asn for handle, asn in myrpki.csv_reader("asns.csv", columns = 2)):
+for i, asn in enumerate(asn for handle, asn in rpki.myrpki.csv_reader("asns.csv", columns = 2)):
print "AS.%d = %s" % (i, asn)
print '''\
@@ -60,6 +60,6 @@ print '''\
'''
-for i, prefix in enumerate(prefix for handle, prefix in myrpki.csv_reader("prefixes.csv", columns = 2)):
+for i, prefix in enumerate(prefix for handle, prefix in rpki.myrpki.csv_reader("prefixes.csv", columns = 2)):
v = 6 if ":" in prefix else 4
print "IPv%d.%d = %s" % (v, i, prefix)
diff --git a/scripts/translate-handles.py b/scripts/translate-handles.py
index 308b878e..67c09b06 100644
--- a/scripts/translate-handles.py
+++ b/scripts/translate-handles.py
@@ -31,16 +31,16 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
-import os, sys, myrpki
+import os, sys, rpki.myrpki
-translations = dict((src, dst) for src, dst in myrpki.csv_reader("translations.csv", columns = 2))
+translations = dict((src, dst) for src, dst in rpki.myrpki.csv_reader("translations.csv", columns = 2))
for filename in sys.argv[1:]:
tmpfile = "%s.%d" % os.getpid()
- csvout = myrpki.csv_writer(tmpfile)
+ csvout = rpki.myrpki.csv_writer(tmpfile)
- for cols in myrpki.csv_reader(filename):
+ for cols in rpki.myrpki.csv_reader(filename):
if cols[0] in translations:
cols[0] = translations[cols[0]]
csvout(cols)
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 20:43:44 +0000