From afb06330d3b3f6fdeb32012ee8626d88ba2ed381 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Thu, 3 Jul 2014 16:55:02 +0000 Subject: Convert to current IETF I-D version of publication protocol. See #705. svn path=/branches/tk705/; revision=5881 --- schemas/relaxng/left-right-schema.rnc | 323 -------- schemas/relaxng/left-right-schema.rng | 1089 ------------------------- schemas/relaxng/left-right.rnc | 323 ++++++++ schemas/relaxng/left-right.rng | 1089 +++++++++++++++++++++++++ schemas/relaxng/publication-control.rnc | 100 +++ schemas/relaxng/publication-control.rng | 334 ++++++++ schemas/relaxng/publication-schema.rnc | 137 ---- schemas/relaxng/publication-schema.rng | 574 ------------- schemas/relaxng/publication.rnc | 96 +++ schemas/relaxng/publication.rng | 169 ++++ schemas/relaxng/router-certificate-schema.rnc | 61 -- schemas/relaxng/router-certificate-schema.rng | 98 --- schemas/relaxng/router-certificate.rnc | 61 ++ schemas/relaxng/router-certificate.rng | 98 +++ schemas/relaxng/up-down-schema.rnc | 113 --- schemas/relaxng/up-down-schema.rng | 277 ------- schemas/relaxng/up-down.rnc | 113 +++ schemas/relaxng/up-down.rng | 277 +++++++ schemas/sql/pubd.sql | 39 +- schemas/sql/rpkid.sql | 35 +- 20 files changed, 2685 insertions(+), 2721 deletions(-) delete mode 100644 schemas/relaxng/left-right-schema.rnc delete mode 100644 schemas/relaxng/left-right-schema.rng create mode 100644 schemas/relaxng/left-right.rnc create mode 100644 schemas/relaxng/left-right.rng create mode 100644 schemas/relaxng/publication-control.rnc create mode 100644 schemas/relaxng/publication-control.rng delete mode 100644 schemas/relaxng/publication-schema.rnc delete mode 100644 schemas/relaxng/publication-schema.rng create mode 100644 schemas/relaxng/publication.rnc create mode 100644 schemas/relaxng/publication.rng delete mode 100644 schemas/relaxng/router-certificate-schema.rnc delete mode 100644 schemas/relaxng/router-certificate-schema.rng create mode 100644 schemas/relaxng/router-certificate.rnc create mode 100644 schemas/relaxng/router-certificate.rng delete mode 100644 schemas/relaxng/up-down-schema.rnc delete mode 100644 schemas/relaxng/up-down-schema.rng create mode 100644 schemas/relaxng/up-down.rnc create mode 100644 schemas/relaxng/up-down.rng (limited to 'schemas') diff --git a/schemas/relaxng/left-right-schema.rnc b/schemas/relaxng/left-right-schema.rnc deleted file mode 100644 index 81c1e1e1..00000000 --- a/schemas/relaxng/left-right-schema.rnc +++ /dev/null @@ -1,323 +0,0 @@ -# $Id$ -# -# RelaxNG schema for RPKI left-right protocol. -# -# Copyright (C) 2012--2014 Dragon Research Labs ("DRL") -# Portions copyright (C) 2009--2011 Internet Systems Consortium ("ISC") -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notices and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL -# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, -# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -default namespace = "http://www.hactrn.net/uris/rpki/left-right-spec/" - -# Top level PDU - -start = element msg { - attribute version { xsd:positiveInteger { maxInclusive="1" } }, - ( (attribute type { "query" }, query_elt*) | - (attribute type { "reply" }, reply_elt*) ) -} - -# PDUs allowed in a query -query_elt |= self_query -query_elt |= bsc_query -query_elt |= parent_query -query_elt |= child_query -query_elt |= repository_query -query_elt |= list_roa_requests_query -query_elt |= list_ghostbuster_requests_query -query_elt |= list_ee_certificate_requests_query -query_elt |= list_resources_query -query_elt |= list_published_objects_query -query_elt |= list_received_resources_query - -# PDUs allowed in a reply -reply_elt |= self_reply -reply_elt |= bsc_reply -reply_elt |= parent_reply -reply_elt |= child_reply -reply_elt |= repository_reply -reply_elt |= list_resources_reply -reply_elt |= list_roa_requests_reply -reply_elt |= list_ghostbuster_requests_reply -reply_elt |= list_ee_certificate_requests_reply -reply_elt |= list_published_objects_reply -reply_elt |= list_received_resources_reply -reply_elt |= report_error_reply - -# Tag attributes for bulk operations -tag = attribute tag { xsd:token {maxLength="1024" } }? - -# Combinations of action and type attributes used in later definitions. -# The same patterns repeat in most of the elements in this protocol. -ctl_create = attribute action { "create" }, tag -ctl_set = attribute action { "set" }, tag -ctl_get = attribute action { "get" }, tag -ctl_list = attribute action { "list" }, tag -ctl_destroy = attribute action { "destroy" }, tag - -# Base64 encoded DER stuff -base64 = xsd:base64Binary { maxLength="512000" } - -# Base definition for all fields that are really just SQL primary indices -#sql_id = xsd:nonNegativeInteger - -# ...except that fields containing SQL primary indicies don't belong -# in this protocol, so they're turninging into handles. -# Length restriction is a MySQL implementation issue. -# Handles are case-insensitive (because SQL is, among other reasons). -object_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9]+" } - -# URIs -uri = xsd:anyURI { maxLength="4096" } - -# Name fields imported from up-down protocol -up_down_name = xsd:token { maxLength="1024" } - -# Resource lists -asn_list = xsd:string { maxLength="512000" pattern="[\-,0-9]*" } -ipv4_list = xsd:string { maxLength="512000" pattern="[\-,0-9/.]*" } -ipv6_list = xsd:string { maxLength="512000" pattern="[\-,0-9/:a-fA-F]*" } - -# element - -self_bool = (attribute rekey { "yes" }?, - attribute reissue { "yes" }?, - attribute revoke { "yes" }?, - attribute run_now { "yes" }?, - attribute publish_world_now { "yes" }?, - attribute revoke_forgotten { "yes" }?, - attribute clear_replay_protection { "yes" }?) - -self_payload = (attribute use_hsm { "yes" | "no" }?, - attribute crl_interval { xsd:positiveInteger }?, - attribute regen_margin { xsd:positiveInteger }?, - element bpki_cert { base64 }?, - element bpki_glue { base64 }?) - -self_handle = attribute self_handle { object_handle } - -self_query |= element self { ctl_create, self_handle, self_bool, self_payload } -self_reply |= element self { ctl_create, self_handle } -self_query |= element self { ctl_set, self_handle, self_bool, self_payload } -self_reply |= element self { ctl_set, self_handle } -self_query |= element self { ctl_get, self_handle } -self_reply |= element self { ctl_get, self_handle, self_payload } -self_query |= element self { ctl_list } -self_reply |= element self { ctl_list, self_handle, self_payload } -self_query |= element self { ctl_destroy, self_handle } -self_reply |= element self { ctl_destroy, self_handle } - -# element. Key parameters hardwired for now. - -bsc_bool = ((attribute generate_keypair { "yes" }, - attribute key_type { "rsa" }?, - attribute hash_alg { "sha256" }?, - attribute key_length { "2048" }?)?) - -bsc_handle = attribute bsc_handle { object_handle } - -bsc_payload = (element signing_cert { base64 }?, - element signing_cert_crl { base64 }?) - -bsc_readonly = element pkcs10_request { base64 }? - -bsc_query |= element bsc { ctl_create, self_handle, bsc_handle, bsc_bool, bsc_payload } -bsc_reply |= element bsc { ctl_create, self_handle, bsc_handle, bsc_readonly } -bsc_query |= element bsc { ctl_set, self_handle, bsc_handle, bsc_bool, bsc_payload } -bsc_reply |= element bsc { ctl_set, self_handle, bsc_handle, bsc_readonly } -bsc_query |= element bsc { ctl_get, self_handle, bsc_handle } -bsc_reply |= element bsc { ctl_get, self_handle, bsc_handle, bsc_payload, bsc_readonly } -bsc_query |= element bsc { ctl_list, self_handle } -bsc_reply |= element bsc { ctl_list, self_handle, bsc_handle, bsc_payload, bsc_readonly } -bsc_query |= element bsc { ctl_destroy, self_handle, bsc_handle } -bsc_reply |= element bsc { ctl_destroy, self_handle, bsc_handle } - -# element - -parent_handle = attribute parent_handle { object_handle } - -parent_bool = (attribute rekey { "yes" }?, - attribute reissue { "yes" }?, - attribute revoke { "yes" }?, - attribute revoke_forgotten { "yes" }?, - attribute clear_replay_protection { "yes" }?) - -parent_payload = (attribute peer_contact_uri { uri }?, - attribute sia_base { uri }?, - bsc_handle?, - repository_handle?, - attribute sender_name { up_down_name }?, - attribute recipient_name { up_down_name }?, - element bpki_cms_cert { base64 }?, - element bpki_cms_glue { base64 }?) - -parent_query |= element parent { ctl_create, self_handle, parent_handle, parent_bool, parent_payload } -parent_reply |= element parent { ctl_create, self_handle, parent_handle } -parent_query |= element parent { ctl_set, self_handle, parent_handle, parent_bool, parent_payload } -parent_reply |= element parent { ctl_set, self_handle, parent_handle } -parent_query |= element parent { ctl_get, self_handle, parent_handle } -parent_reply |= element parent { ctl_get, self_handle, parent_handle, parent_payload } -parent_query |= element parent { ctl_list, self_handle } -parent_reply |= element parent { ctl_list, self_handle, parent_handle, parent_payload } -parent_query |= element parent { ctl_destroy, self_handle, parent_handle } -parent_reply |= element parent { ctl_destroy, self_handle, parent_handle } - -# element - -child_handle = attribute child_handle { object_handle } - -child_bool = (attribute reissue { "yes" }?, - attribute clear_replay_protection { "yes" }?) - -child_payload = (bsc_handle?, - element bpki_cert { base64 }?, - element bpki_glue { base64 }?) - -child_query |= element child { ctl_create, self_handle, child_handle, child_bool, child_payload } -child_reply |= element child { ctl_create, self_handle, child_handle } -child_query |= element child { ctl_set, self_handle, child_handle, child_bool, child_payload } -child_reply |= element child { ctl_set, self_handle, child_handle } -child_query |= element child { ctl_get, self_handle, child_handle } -child_reply |= element child { ctl_get, self_handle, child_handle, child_payload } -child_query |= element child { ctl_list, self_handle } -child_reply |= element child { ctl_list, self_handle, child_handle, child_payload } -child_query |= element child { ctl_destroy, self_handle, child_handle } -child_reply |= element child { ctl_destroy, self_handle, child_handle } - -# element - -repository_handle = attribute repository_handle { object_handle } - -repository_bool = attribute clear_replay_protection { "yes" }? - -repository_payload = (attribute peer_contact_uri { uri }?, - bsc_handle?, - element bpki_cert { base64 }?, - element bpki_glue { base64 }?) - -repository_query |= element repository { ctl_create, self_handle, repository_handle, repository_bool, repository_payload } -repository_reply |= element repository { ctl_create, self_handle, repository_handle } -repository_query |= element repository { ctl_set, self_handle, repository_handle, repository_bool, repository_payload } -repository_reply |= element repository { ctl_set, self_handle, repository_handle } -repository_query |= element repository { ctl_get, self_handle, repository_handle } -repository_reply |= element repository { ctl_get, self_handle, repository_handle, repository_payload } -repository_query |= element repository { ctl_list, self_handle } -repository_reply |= element repository { ctl_list, self_handle, repository_handle, repository_payload } -repository_query |= element repository { ctl_destroy, self_handle, repository_handle } -repository_reply |= element repository { ctl_destroy, self_handle, repository_handle } - -# element - -list_resources_query = element list_resources { - tag, self_handle, child_handle -} - -list_resources_reply = element list_resources { - tag, self_handle, child_handle, - attribute valid_until { xsd:dateTime { pattern=".*Z" } }, - attribute asn { asn_list }?, - attribute ipv4 { ipv4_list }?, - attribute ipv6 { ipv6_list }? -} - -# element - -list_roa_requests_query = element list_roa_requests { - tag, self_handle -} - -list_roa_requests_reply = element list_roa_requests { - tag, self_handle, - attribute asn { xsd:nonNegativeInteger }, - attribute ipv4 { ipv4_list }?, - attribute ipv6 { ipv6_list }? -} - -# element - -list_ghostbuster_requests_query = element list_ghostbuster_requests { - tag, self_handle, parent_handle -} - -list_ghostbuster_requests_reply = element list_ghostbuster_requests { - tag, self_handle, parent_handle, - xsd:string -} - -# element - -list_ee_certificate_requests_query = element list_ee_certificate_requests { - tag, self_handle -} - -list_ee_certificate_requests_reply = element list_ee_certificate_requests { - tag, self_handle, - attribute gski { xsd:token { minLength="27" maxLength="27" } }, - attribute valid_until { xsd:dateTime { pattern=".*Z" } }, - attribute asn { asn_list }?, - attribute ipv4 { ipv4_list }?, - attribute ipv6 { ipv6_list }?, - attribute cn { xsd:string { maxLength="64" pattern="[\-0-9A-Za-z_ ]+" } }?, - attribute sn { xsd:string { maxLength="64" pattern="[0-9A-Fa-f]+" } }?, - attribute eku { xsd:string { maxLength="512000" pattern="[.,0-9]+" } }?, - element pkcs10 { base64 } -} - -# element - -list_published_objects_query = element list_published_objects { - tag, self_handle -} - -list_published_objects_reply = element list_published_objects { - tag, self_handle, - attribute uri { uri }, - attribute child_handle { object_handle }?, - base64 -} - -# element - -list_received_resources_query = element list_received_resources { - tag, self_handle -} - -list_received_resources_reply = element list_received_resources { - tag, self_handle, parent_handle, - attribute notBefore { xsd:dateTime { pattern=".*Z" } }, - attribute notAfter { xsd:dateTime { pattern=".*Z" } }, - attribute uri { uri }, - attribute sia_uri { uri }, - attribute aia_uri { uri }, - attribute asn { asn_list }?, - attribute ipv4 { ipv4_list }?, - attribute ipv6 { ipv6_list }? -} - -# element - -error = xsd:token { maxLength="1024" } - -report_error_reply = element report_error { - tag, self_handle?, - attribute error_code { error }, - xsd:string { maxLength="512000" }? -} - -# Local Variables: -# indent-tabs-mode: nil -# comment-start: "# " -# comment-start-skip: "#[ \t]*" -# End: diff --git a/schemas/relaxng/left-right-schema.rng b/schemas/relaxng/left-right-schema.rng deleted file mode 100644 index 07ef52c7..00000000 --- a/schemas/relaxng/left-right-schema.rng +++ /dev/null @@ -1,1089 +0,0 @@ - - - - - - - - - 1 - - - - - - query - - - - - - - - reply - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1024 - - - - - - - - create - - - - - - set - - - - - - get - - - - - - list - - - - - - destroy - - - - - - - 512000 - - - - - - - 255 - [\-_A-Za-z0-9]+ - - - - - - 4096 - - - - - - 1024 - - - - - - 512000 - [\-,0-9]* - - - - - 512000 - [\-,0-9/.]* - - - - - 512000 - [\-,0-9/:a-fA-F]* - - - - - - - yes - - - - - yes - - - - - yes - - - - - yes - - - - - yes - - - - - yes - - - - - yes - - - - - - - - yes - no - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - yes - - - - rsa - - - - - sha256 - - - - - 2048 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - yes - - - - - yes - - - - - yes - - - - - yes - - - - - yes - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - yes - - - - - yes - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - yes - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - .*Z - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 27 - 27 - - - - - .*Z - - - - - - - - - - - - - - - - - - - - - 64 - [\-0-9A-Za-z_ ]+ - - - - - - - 64 - [0-9A-Fa-f]+ - - - - - - - 512000 - [.,0-9]+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - .*Z - - - - - .*Z - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1024 - - - - - - - - - - - - - - 512000 - - - - - - diff --git a/schemas/relaxng/left-right.rnc b/schemas/relaxng/left-right.rnc new file mode 100644 index 00000000..81c1e1e1 --- /dev/null +++ b/schemas/relaxng/left-right.rnc @@ -0,0 +1,323 @@ +# $Id$ +# +# RelaxNG schema for RPKI left-right protocol. +# +# Copyright (C) 2012--2014 Dragon Research Labs ("DRL") +# Portions copyright (C) 2009--2011 Internet Systems Consortium ("ISC") +# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notices and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL +# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, +# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, +# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION +# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +default namespace = "http://www.hactrn.net/uris/rpki/left-right-spec/" + +# Top level PDU + +start = element msg { + attribute version { xsd:positiveInteger { maxInclusive="1" } }, + ( (attribute type { "query" }, query_elt*) | + (attribute type { "reply" }, reply_elt*) ) +} + +# PDUs allowed in a query +query_elt |= self_query +query_elt |= bsc_query +query_elt |= parent_query +query_elt |= child_query +query_elt |= repository_query +query_elt |= list_roa_requests_query +query_elt |= list_ghostbuster_requests_query +query_elt |= list_ee_certificate_requests_query +query_elt |= list_resources_query +query_elt |= list_published_objects_query +query_elt |= list_received_resources_query + +# PDUs allowed in a reply +reply_elt |= self_reply +reply_elt |= bsc_reply +reply_elt |= parent_reply +reply_elt |= child_reply +reply_elt |= repository_reply +reply_elt |= list_resources_reply +reply_elt |= list_roa_requests_reply +reply_elt |= list_ghostbuster_requests_reply +reply_elt |= list_ee_certificate_requests_reply +reply_elt |= list_published_objects_reply +reply_elt |= list_received_resources_reply +reply_elt |= report_error_reply + +# Tag attributes for bulk operations +tag = attribute tag { xsd:token {maxLength="1024" } }? + +# Combinations of action and type attributes used in later definitions. +# The same patterns repeat in most of the elements in this protocol. +ctl_create = attribute action { "create" }, tag +ctl_set = attribute action { "set" }, tag +ctl_get = attribute action { "get" }, tag +ctl_list = attribute action { "list" }, tag +ctl_destroy = attribute action { "destroy" }, tag + +# Base64 encoded DER stuff +base64 = xsd:base64Binary { maxLength="512000" } + +# Base definition for all fields that are really just SQL primary indices +#sql_id = xsd:nonNegativeInteger + +# ...except that fields containing SQL primary indicies don't belong +# in this protocol, so they're turninging into handles. +# Length restriction is a MySQL implementation issue. +# Handles are case-insensitive (because SQL is, among other reasons). +object_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9]+" } + +# URIs +uri = xsd:anyURI { maxLength="4096" } + +# Name fields imported from up-down protocol +up_down_name = xsd:token { maxLength="1024" } + +# Resource lists +asn_list = xsd:string { maxLength="512000" pattern="[\-,0-9]*" } +ipv4_list = xsd:string { maxLength="512000" pattern="[\-,0-9/.]*" } +ipv6_list = xsd:string { maxLength="512000" pattern="[\-,0-9/:a-fA-F]*" } + +# element + +self_bool = (attribute rekey { "yes" }?, + attribute reissue { "yes" }?, + attribute revoke { "yes" }?, + attribute run_now { "yes" }?, + attribute publish_world_now { "yes" }?, + attribute revoke_forgotten { "yes" }?, + attribute clear_replay_protection { "yes" }?) + +self_payload = (attribute use_hsm { "yes" | "no" }?, + attribute crl_interval { xsd:positiveInteger }?, + attribute regen_margin { xsd:positiveInteger }?, + element bpki_cert { base64 }?, + element bpki_glue { base64 }?) + +self_handle = attribute self_handle { object_handle } + +self_query |= element self { ctl_create, self_handle, self_bool, self_payload } +self_reply |= element self { ctl_create, self_handle } +self_query |= element self { ctl_set, self_handle, self_bool, self_payload } +self_reply |= element self { ctl_set, self_handle } +self_query |= element self { ctl_get, self_handle } +self_reply |= element self { ctl_get, self_handle, self_payload } +self_query |= element self { ctl_list } +self_reply |= element self { ctl_list, self_handle, self_payload } +self_query |= element self { ctl_destroy, self_handle } +self_reply |= element self { ctl_destroy, self_handle } + +# element. Key parameters hardwired for now. + +bsc_bool = ((attribute generate_keypair { "yes" }, + attribute key_type { "rsa" }?, + attribute hash_alg { "sha256" }?, + attribute key_length { "2048" }?)?) + +bsc_handle = attribute bsc_handle { object_handle } + +bsc_payload = (element signing_cert { base64 }?, + element signing_cert_crl { base64 }?) + +bsc_readonly = element pkcs10_request { base64 }? + +bsc_query |= element bsc { ctl_create, self_handle, bsc_handle, bsc_bool, bsc_payload } +bsc_reply |= element bsc { ctl_create, self_handle, bsc_handle, bsc_readonly } +bsc_query |= element bsc { ctl_set, self_handle, bsc_handle, bsc_bool, bsc_payload } +bsc_reply |= element bsc { ctl_set, self_handle, bsc_handle, bsc_readonly } +bsc_query |= element bsc { ctl_get, self_handle, bsc_handle } +bsc_reply |= element bsc { ctl_get, self_handle, bsc_handle, bsc_payload, bsc_readonly } +bsc_query |= element bsc { ctl_list, self_handle } +bsc_reply |= element bsc { ctl_list, self_handle, bsc_handle, bsc_payload, bsc_readonly } +bsc_query |= element bsc { ctl_destroy, self_handle, bsc_handle } +bsc_reply |= element bsc { ctl_destroy, self_handle, bsc_handle } + +# element + +parent_handle = attribute parent_handle { object_handle } + +parent_bool = (attribute rekey { "yes" }?, + attribute reissue { "yes" }?, + attribute revoke { "yes" }?, + attribute revoke_forgotten { "yes" }?, + attribute clear_replay_protection { "yes" }?) + +parent_payload = (attribute peer_contact_uri { uri }?, + attribute sia_base { uri }?, + bsc_handle?, + repository_handle?, + attribute sender_name { up_down_name }?, + attribute recipient_name { up_down_name }?, + element bpki_cms_cert { base64 }?, + element bpki_cms_glue { base64 }?) + +parent_query |= element parent { ctl_create, self_handle, parent_handle, parent_bool, parent_payload } +parent_reply |= element parent { ctl_create, self_handle, parent_handle } +parent_query |= element parent { ctl_set, self_handle, parent_handle, parent_bool, parent_payload } +parent_reply |= element parent { ctl_set, self_handle, parent_handle } +parent_query |= element parent { ctl_get, self_handle, parent_handle } +parent_reply |= element parent { ctl_get, self_handle, parent_handle, parent_payload } +parent_query |= element parent { ctl_list, self_handle } +parent_reply |= element parent { ctl_list, self_handle, parent_handle, parent_payload } +parent_query |= element parent { ctl_destroy, self_handle, parent_handle } +parent_reply |= element parent { ctl_destroy, self_handle, parent_handle } + +# element + +child_handle = attribute child_handle { object_handle } + +child_bool = (attribute reissue { "yes" }?, + attribute clear_replay_protection { "yes" }?) + +child_payload = (bsc_handle?, + element bpki_cert { base64 }?, + element bpki_glue { base64 }?) + +child_query |= element child { ctl_create, self_handle, child_handle, child_bool, child_payload } +child_reply |= element child { ctl_create, self_handle, child_handle } +child_query |= element child { ctl_set, self_handle, child_handle, child_bool, child_payload } +child_reply |= element child { ctl_set, self_handle, child_handle } +child_query |= element child { ctl_get, self_handle, child_handle } +child_reply |= element child { ctl_get, self_handle, child_handle, child_payload } +child_query |= element child { ctl_list, self_handle } +child_reply |= element child { ctl_list, self_handle, child_handle, child_payload } +child_query |= element child { ctl_destroy, self_handle, child_handle } +child_reply |= element child { ctl_destroy, self_handle, child_handle } + +# element + +repository_handle = attribute repository_handle { object_handle } + +repository_bool = attribute clear_replay_protection { "yes" }? + +repository_payload = (attribute peer_contact_uri { uri }?, + bsc_handle?, + element bpki_cert { base64 }?, + element bpki_glue { base64 }?) + +repository_query |= element repository { ctl_create, self_handle, repository_handle, repository_bool, repository_payload } +repository_reply |= element repository { ctl_create, self_handle, repository_handle } +repository_query |= element repository { ctl_set, self_handle, repository_handle, repository_bool, repository_payload } +repository_reply |= element repository { ctl_set, self_handle, repository_handle } +repository_query |= element repository { ctl_get, self_handle, repository_handle } +repository_reply |= element repository { ctl_get, self_handle, repository_handle, repository_payload } +repository_query |= element repository { ctl_list, self_handle } +repository_reply |= element repository { ctl_list, self_handle, repository_handle, repository_payload } +repository_query |= element repository { ctl_destroy, self_handle, repository_handle } +repository_reply |= element repository { ctl_destroy, self_handle, repository_handle } + +# element + +list_resources_query = element list_resources { + tag, self_handle, child_handle +} + +list_resources_reply = element list_resources { + tag, self_handle, child_handle, + attribute valid_until { xsd:dateTime { pattern=".*Z" } }, + attribute asn { asn_list }?, + attribute ipv4 { ipv4_list }?, + attribute ipv6 { ipv6_list }? +} + +# element + +list_roa_requests_query = element list_roa_requests { + tag, self_handle +} + +list_roa_requests_reply = element list_roa_requests { + tag, self_handle, + attribute asn { xsd:nonNegativeInteger }, + attribute ipv4 { ipv4_list }?, + attribute ipv6 { ipv6_list }? +} + +# element + +list_ghostbuster_requests_query = element list_ghostbuster_requests { + tag, self_handle, parent_handle +} + +list_ghostbuster_requests_reply = element list_ghostbuster_requests { + tag, self_handle, parent_handle, + xsd:string +} + +# element + +list_ee_certificate_requests_query = element list_ee_certificate_requests { + tag, self_handle +} + +list_ee_certificate_requests_reply = element list_ee_certificate_requests { + tag, self_handle, + attribute gski { xsd:token { minLength="27" maxLength="27" } }, + attribute valid_until { xsd:dateTime { pattern=".*Z" } }, + attribute asn { asn_list }?, + attribute ipv4 { ipv4_list }?, + attribute ipv6 { ipv6_list }?, + attribute cn { xsd:string { maxLength="64" pattern="[\-0-9A-Za-z_ ]+" } }?, + attribute sn { xsd:string { maxLength="64" pattern="[0-9A-Fa-f]+" } }?, + attribute eku { xsd:string { maxLength="512000" pattern="[.,0-9]+" } }?, + element pkcs10 { base64 } +} + +# element + +list_published_objects_query = element list_published_objects { + tag, self_handle +} + +list_published_objects_reply = element list_published_objects { + tag, self_handle, + attribute uri { uri }, + attribute child_handle { object_handle }?, + base64 +} + +# element + +list_received_resources_query = element list_received_resources { + tag, self_handle +} + +list_received_resources_reply = element list_received_resources { + tag, self_handle, parent_handle, + attribute notBefore { xsd:dateTime { pattern=".*Z" } }, + attribute notAfter { xsd:dateTime { pattern=".*Z" } }, + attribute uri { uri }, + attribute sia_uri { uri }, + attribute aia_uri { uri }, + attribute asn { asn_list }?, + attribute ipv4 { ipv4_list }?, + attribute ipv6 { ipv6_list }? +} + +# element + +error = xsd:token { maxLength="1024" } + +report_error_reply = element report_error { + tag, self_handle?, + attribute error_code { error }, + xsd:string { maxLength="512000" }? +} + +# Local Variables: +# indent-tabs-mode: nil +# comment-start: "# " +# comment-start-skip: "#[ \t]*" +# End: diff --git a/schemas/relaxng/left-right.rng b/schemas/relaxng/left-right.rng new file mode 100644 index 00000000..07ef52c7 --- /dev/null +++ b/schemas/relaxng/left-right.rng @@ -0,0 +1,1089 @@ + + + + + + + + + 1 + + + + + + query + + + + + + + + reply + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1024 + + + + + + + + create + + + + + + set + + + + + + get + + + + + + list + + + + + + destroy + + + + + + + 512000 + + + + + + + 255 + [\-_A-Za-z0-9]+ + + + + + + 4096 + + + + + + 1024 + + + + + + 512000 + [\-,0-9]* + + + + + 512000 + [\-,0-9/.]* + + + + + 512000 + [\-,0-9/:a-fA-F]* + + + + + + + yes + + + + + yes + + + + + yes + + + + + yes + + + + + yes + + + + + yes + + + + + yes + + + + + + + + yes + no + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + yes + + + + rsa + + + + + sha256 + + + + + 2048 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + yes + + + + + yes + + + + + yes + + + + + yes + + + + + yes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + yes + + + + + yes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + yes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + .*Z + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 27 + 27 + + + + + .*Z + + + + + + + + + + + + + + + + + + + + + 64 + [\-0-9A-Za-z_ ]+ + + + + + + + 64 + [0-9A-Fa-f]+ + + + + + + + 512000 + [.,0-9]+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + .*Z + + + + + .*Z + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1024 + + + + + + + + + + + + + + 512000 + + + + + + diff --git a/schemas/relaxng/publication-control.rnc b/schemas/relaxng/publication-control.rnc new file mode 100644 index 00000000..520f6357 --- /dev/null +++ b/schemas/relaxng/publication-control.rnc @@ -0,0 +1,100 @@ +# $Id$ +# +# RelaxNG schema for RPKI publication protocol. +# +# Copyright (C) 2012--2014 Dragon Research Labs ("DRL") +# Portions copyright (C) 2009--2011 Internet Systems Consortium ("ISC") +# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notices and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL +# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, +# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, +# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION +# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +default namespace = "http://www.hactrn.net/uris/rpki/publication-control/" + +# Top level PDU + +start = element msg { + attribute version { xsd:positiveInteger { maxInclusive="1" } }, + ( (attribute type { "query" }, query_elt*) | + (attribute type { "reply" }, reply_elt*) ) +} + +# PDUs allowed in a query +query_elt = ( config_query | client_query ) + +# PDUs allowed in a reply +reply_elt = ( config_reply | client_reply | report_error_reply ) + +# Tag attributes for bulk operations +tag = attribute tag { xsd:token {maxLength="1024" } } + +# Base64 encoded DER stuff +#base64 = xsd:base64Binary { maxLength="512000" } +# +# Sadly, it turns out that CRLs can in fact get longer than this for an active CA. +# Remove length limit for now, think about whether to put it back later. +base64 = xsd:base64Binary + +# Publication URLs +uri_t = xsd:anyURI { maxLength="4096" } +uri = attribute uri { uri_t } + +# Handles on remote objects (replaces passing raw SQL IDs). NB: +# Unlike the up-down protocol, handles in this protocol allow "/" as a +# hierarchy delimiter. +object_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9/]+" } + +# element +# config_handle attribute, create, list, and destroy commands omitted deliberately, see code for details + +config_payload = (element bpki_crl { base64 }?) + +config_query |= element config { attribute action { "set" }, tag?, config_payload } +config_reply |= element config { attribute action { "set" }, tag? } +config_query |= element config { attribute action { "get" }, tag? } +config_reply |= element config { attribute action { "get" }, tag?, config_payload } + +# element + +client_handle = attribute client_handle { object_handle } + +client_bool = attribute clear_replay_protection { "yes" }? + +client_payload = (attribute base_uri { uri_t }?, element bpki_cert { base64 }?, element bpki_glue { base64 }?) + +client_query |= element client { attribute action { "create" }, tag?, client_handle, client_bool, client_payload } +client_reply |= element client { attribute action { "create" }, tag?, client_handle } +client_query |= element client { attribute action { "set" }, tag?, client_handle, client_bool, client_payload } +client_reply |= element client { attribute action { "set" }, tag?, client_handle } +client_query |= element client { attribute action { "get" }, tag?, client_handle } +client_reply |= element client { attribute action { "get" }, tag?, client_handle, client_payload } +client_query |= element client { attribute action { "list" }, tag? } +client_reply |= element client { attribute action { "list" }, tag?, client_handle, client_payload } +client_query |= element client { attribute action { "destroy" }, tag?, client_handle } +client_reply |= element client { attribute action { "destroy" }, tag?, client_handle } + +# element + +error = xsd:token { maxLength="1024" } + +report_error_reply = element report_error { + tag?, + attribute error_code { error }, + xsd:string { maxLength="512000" }? +} + +# Local Variables: +# indent-tabs-mode: nil +# comment-start: "# " +# comment-start-skip: "#[ \t]*" +# End: diff --git a/schemas/relaxng/publication-control.rng b/schemas/relaxng/publication-control.rng new file mode 100644 index 00000000..318f3229 --- /dev/null +++ b/schemas/relaxng/publication-control.rng @@ -0,0 +1,334 @@ + + + + + + + + + 1 + + + + + + query + + + + + + + + reply + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1024 + + + + + + + + + + + 4096 + + + + + + + + + + + 255 + [\-_A-Za-z0-9/]+ + + + + + + + + + + + + + + set + + + + + + + + + + + set + + + + + + + + + + get + + + + + + + + + + get + + + + + + + + + + + + + + + + + yes + + + + + + + + + + + + + + + + + + + + + + + + create + + + + + + + + + + + + + create + + + + + + + + + + + set + + + + + + + + + + + + + set + + + + + + + + + + + get + + + + + + + + + + + get + + + + + + + + + + + + list + + + + + + + + + + list + + + + + + + + + + + + destroy + + + + + + + + + + + destroy + + + + + + + + + + + 1024 + + + + + + + + + + + + + 512000 + + + + + + diff --git a/schemas/relaxng/publication-schema.rnc b/schemas/relaxng/publication-schema.rnc deleted file mode 100644 index 960922e0..00000000 --- a/schemas/relaxng/publication-schema.rnc +++ /dev/null @@ -1,137 +0,0 @@ -# $Id$ -# -# RelaxNG schema for RPKI publication protocol. -# -# Copyright (C) 2012--2014 Dragon Research Labs ("DRL") -# Portions copyright (C) 2009--2011 Internet Systems Consortium ("ISC") -# Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notices and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL -# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED -# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, -# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR -# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS -# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, -# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION -# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -default namespace = "http://www.hactrn.net/uris/rpki/publication-spec/" - -# Top level PDU - -start = element msg { - attribute version { xsd:positiveInteger { maxInclusive="1" } }, - ( (attribute type { "query" }, query_elt*) | - (attribute type { "reply" }, reply_elt*) ) -} - -# PDUs allowed in a query -query_elt = ( config_query | client_query | certificate_query | crl_query | - manifest_query | roa_query | ghostbuster_query ) - -# PDUs allowed in a reply -reply_elt = ( config_reply | client_reply | certificate_reply | crl_reply | - manifest_reply | roa_reply | ghostbuster_reply | report_error_reply ) - -# Tag attributes for bulk operations -tag = attribute tag { xsd:token {maxLength="1024" } } - -# Base64 encoded DER stuff -#base64 = xsd:base64Binary { maxLength="512000" } -# -# Sadly, it turns out that CRLs can in fact get longer than this for an active CA. -# Remove length limit for now, think about whether to put it back later. -base64 = xsd:base64Binary - -# Publication URLs -uri_t = xsd:anyURI { maxLength="4096" } -uri = attribute uri { uri_t } - -# Handles on remote objects (replaces passing raw SQL IDs). NB: -# Unlike the up-down protocol, handles in this protocol allow "/" as a -# hierarchy delimiter. -object_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9/]+" } - -# element (use restricted to repository operator) -# config_handle attribute, create, list, and destroy commands omitted deliberately, see code for details - -config_payload = (element bpki_crl { base64 }?) - -config_query |= element config { attribute action { "set" }, tag?, config_payload } -config_reply |= element config { attribute action { "set" }, tag? } -config_query |= element config { attribute action { "get" }, tag? } -config_reply |= element config { attribute action { "get" }, tag?, config_payload } - -# element (use restricted to repository operator) - -client_handle = attribute client_handle { object_handle } - -client_bool = attribute clear_replay_protection { "yes" }? - -client_payload = (attribute base_uri { uri_t }?, element bpki_cert { base64 }?, element bpki_glue { base64 }?) - -client_query |= element client { attribute action { "create" }, tag?, client_handle, client_bool, client_payload } -client_reply |= element client { attribute action { "create" }, tag?, client_handle } -client_query |= element client { attribute action { "set" }, tag?, client_handle, client_bool, client_payload } -client_reply |= element client { attribute action { "set" }, tag?, client_handle } -client_query |= element client { attribute action { "get" }, tag?, client_handle } -client_reply |= element client { attribute action { "get" }, tag?, client_handle, client_payload } -client_query |= element client { attribute action { "list" }, tag? } -client_reply |= element client { attribute action { "list" }, tag?, client_handle, client_payload } -client_query |= element client { attribute action { "destroy" }, tag?, client_handle } -client_reply |= element client { attribute action { "destroy" }, tag?, client_handle } - -# element - -certificate_query |= element certificate { attribute action { "publish" }, tag?, uri, base64 } -certificate_reply |= element certificate { attribute action { "publish" }, tag?, uri } -certificate_query |= element certificate { attribute action { "withdraw" }, tag?, uri } -certificate_reply |= element certificate { attribute action { "withdraw" }, tag?, uri } - -# element - -crl_query |= element crl { attribute action { "publish" }, tag?, uri, base64 } -crl_reply |= element crl { attribute action { "publish" }, tag?, uri } -crl_query |= element crl { attribute action { "withdraw" }, tag?, uri } -crl_reply |= element crl { attribute action { "withdraw" }, tag?, uri } - -# element - -manifest_query |= element manifest { attribute action { "publish" }, tag?, uri, base64 } -manifest_reply |= element manifest { attribute action { "publish" }, tag?, uri } -manifest_query |= element manifest { attribute action { "withdraw" }, tag?, uri } -manifest_reply |= element manifest { attribute action { "withdraw" }, tag?, uri } - -# element - -roa_query |= element roa { attribute action { "publish" }, tag?, uri, base64 } -roa_reply |= element roa { attribute action { "publish" }, tag?, uri } -roa_query |= element roa { attribute action { "withdraw" }, tag?, uri } -roa_reply |= element roa { attribute action { "withdraw" }, tag?, uri } - -# element - -ghostbuster_query |= element ghostbuster { attribute action { "publish" }, tag?, uri, base64 } -ghostbuster_reply |= element ghostbuster { attribute action { "publish" }, tag?, uri } -ghostbuster_query |= element ghostbuster { attribute action { "withdraw" }, tag?, uri } -ghostbuster_reply |= element ghostbuster { attribute action { "withdraw" }, tag?, uri } - -# element - -error = xsd:token { maxLength="1024" } - -report_error_reply = element report_error { - tag?, - attribute error_code { error }, - xsd:string { maxLength="512000" }? -} - -# Local Variables: -# indent-tabs-mode: nil -# comment-start: "# " -# comment-start-skip: "#[ \t]*" -# End: diff --git a/schemas/relaxng/publication-schema.rng b/schemas/relaxng/publication-schema.rng deleted file mode 100644 index aac61eae..00000000 --- a/schemas/relaxng/publication-schema.rng +++ /dev/null @@ -1,574 +0,0 @@ - - - - - - - - - 1 - - - - - - query - - - - - - - - reply - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1024 - - - - - - - - - - - 4096 - - - - - - - - - - - 255 - [\-_A-Za-z0-9/]+ - - - - - - - - - - - - - - set - - - - - - - - - - - set - - - - - - - - - - get - - - - - - - - - - get - - - - - - - - - - - - - - - - - yes - - - - - - - - - - - - - - - - - - - - - - - - create - - - - - - - - - - - - - create - - - - - - - - - - - set - - - - - - - - - - - - - set - - - - - - - - - - - get - - - - - - - - - - - get - - - - - - - - - - - - list - - - - - - - - - - list - - - - - - - - - - - - destroy - - - - - - - - - - - destroy - - - - - - - - - - - - publish - - - - - - - - - - - - publish - - - - - - - - - - - withdraw - - - - - - - - - - - withdraw - - - - - - - - - - - - publish - - - - - - - - - - - - publish - - - - - - - - - - - withdraw - - - - - - - - - - - withdraw - - - - - - - - - - - - publish - - - - - - - - - - - - publish - - - - - - - - - - - withdraw - - - - - - - - - - - withdraw - - - - - - - - - - - - publish - - - - - - - - - - - - publish - - - - - - - - - - - withdraw - - - - - - - - - - - withdraw - - - - - - - - - - - - publish - - - - - - - - - - - - publish - - - - - - - - - - - withdraw - - - - - - - - - - - withdraw - - - - - - - - - - - 1024 - - - - - - - - - - - - - 512000 - - - - - - diff --git a/schemas/relaxng/publication.rnc b/schemas/relaxng/publication.rnc new file mode 100644 index 00000000..3a519543 --- /dev/null +++ b/schemas/relaxng/publication.rnc @@ -0,0 +1,96 @@ +# $Id$ +# +# RelaxNG schema for RPKI publication protocol, from current I-D. +# +# Copyright (c) 2014 IETF Trust and the persons identified as authors +# of the code. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# * Neither the name of Internet Society, IETF or IETF Trust, nor the +# names of specific contributors, may be used to endorse or promote +# products derived from this software without specific prior written +# permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +default namespace = + "http://www.hactrn.net/uris/rpki/publication-spec/" + +# This is version 3 of the protocol. + +version = "3" + +# Top level PDU is either a query or a reply. + +start = element msg { + attribute version { version } , + ( ( attribute type { "query" }, query_elt* ) | + ( attribute type { "reply" }, reply_elt* ) ) +} + +# PDUs allowed in queries and replies. + +query_elt = publish_query | withdraw_query +reply_elt = publish_reply | withdraw_reply | report_error_reply + +# Tag attributes for bulk operations. + +tag = attribute tag { xsd:token { maxLength="1024" } } + +# Base64 encoded DER stuff. + +base64 = xsd:base64Binary + +# Publication URIs. + +uri = attribute uri { xsd:anyURI { maxLength="4096" } } + +# Error codes. + +error = xsd:token { maxLength="1024" } + +# element + +publish_query |= element publish { tag?, uri, base64 } +publish_reply |= element publish { tag?, uri } + +# element + +withdraw_query |= element withdraw { tag?, uri } +withdraw_reply |= element withdraw { tag?, uri } + +# element + +report_error_reply = element report_error { + tag?, + attribute error_code { error }, + xsd:string { maxLength="512000" }? +} + +# Local Variables: +# indent-tabs-mode: nil +# comment-start: "# " +# comment-start-skip: "#[ \t]*" +# End: diff --git a/schemas/relaxng/publication.rng b/schemas/relaxng/publication.rng new file mode 100644 index 00000000..7e2fe779 --- /dev/null +++ b/schemas/relaxng/publication.rng @@ -0,0 +1,169 @@ + + + + + + 3 + + + + + + + + + + + query + + + + + + + + reply + + + + + + + + + + + + + + + + + + + + + + + + + + + 1024 + + + + + + + + + + + + 4096 + + + + + + + 1024 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 512000 + + + + + + diff --git a/schemas/relaxng/router-certificate-schema.rnc b/schemas/relaxng/router-certificate-schema.rnc deleted file mode 100644 index 8cc325ce..00000000 --- a/schemas/relaxng/router-certificate-schema.rnc +++ /dev/null @@ -1,61 +0,0 @@ -# $Id$ -# -# RelaxNG schema for BGPSEC router certificate interchange format. -# -# At least for now, this is a trivial encapsulation of a PKCS #10 -# request, a set (usually containing exactly one member) of autonomous -# system numbers, and a router-id. Be warned that this could change -# radically by the time we have any real operational understanding of -# how these things will be used, this is just our current best guess -# to let us move forward on initial coding. -# -# Copyright (C) 2014 Dragon Research Labs ("DRL") -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -default namespace = "http://www.hactrn.net/uris/rpki/router-certificate/" - -version = "1" -base64 = xsd:base64Binary { maxLength="512000" } -router_id = xsd:unsignedInt -asn_list = xsd:string { maxLength="512000" pattern="[0-9][\-,0-9]*" } -timestamp = xsd:dateTime { pattern=".*Z" } - -# Core payload used in this schema. - -payload = ( - attribute router_id { router_id }, - attribute asn { asn_list }, - attribute valid_until { timestamp }?, - base64 -) - -# We allow two forms, one with a wrapper to allow multiple requests in -# a single file, one without for brevity; the version attribute goes -# in the outermost element in either case. - -start |= element router_certificate_request { - attribute version { version }, - payload -} - -start |= element router_certificate_requests { - attribute version { version }, - element router_certificate_request { payload }* -} - -# Local Variables: -# indent-tabs-mode: nil -# comment-start: "# " -# comment-start-skip: "#[ \t]*" -# End: diff --git a/schemas/relaxng/router-certificate-schema.rng b/schemas/relaxng/router-certificate-schema.rng deleted file mode 100644 index 7ba0dd60..00000000 --- a/schemas/relaxng/router-certificate-schema.rng +++ /dev/null @@ -1,98 +0,0 @@ - - - - - 1 - - - - 512000 - - - - - - - - 512000 - [0-9][\-,0-9]* - - - - - .*Z - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/schemas/relaxng/router-certificate.rnc b/schemas/relaxng/router-certificate.rnc new file mode 100644 index 00000000..8cc325ce --- /dev/null +++ b/schemas/relaxng/router-certificate.rnc @@ -0,0 +1,61 @@ +# $Id$ +# +# RelaxNG schema for BGPSEC router certificate interchange format. +# +# At least for now, this is a trivial encapsulation of a PKCS #10 +# request, a set (usually containing exactly one member) of autonomous +# system numbers, and a router-id. Be warned that this could change +# radically by the time we have any real operational understanding of +# how these things will be used, this is just our current best guess +# to let us move forward on initial coding. +# +# Copyright (C) 2014 Dragon Research Labs ("DRL") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +default namespace = "http://www.hactrn.net/uris/rpki/router-certificate/" + +version = "1" +base64 = xsd:base64Binary { maxLength="512000" } +router_id = xsd:unsignedInt +asn_list = xsd:string { maxLength="512000" pattern="[0-9][\-,0-9]*" } +timestamp = xsd:dateTime { pattern=".*Z" } + +# Core payload used in this schema. + +payload = ( + attribute router_id { router_id }, + attribute asn { asn_list }, + attribute valid_until { timestamp }?, + base64 +) + +# We allow two forms, one with a wrapper to allow multiple requests in +# a single file, one without for brevity; the version attribute goes +# in the outermost element in either case. + +start |= element router_certificate_request { + attribute version { version }, + payload +} + +start |= element router_certificate_requests { + attribute version { version }, + element router_certificate_request { payload }* +} + +# Local Variables: +# indent-tabs-mode: nil +# comment-start: "# " +# comment-start-skip: "#[ \t]*" +# End: diff --git a/schemas/relaxng/router-certificate.rng b/schemas/relaxng/router-certificate.rng new file mode 100644 index 00000000..7ba0dd60 --- /dev/null +++ b/schemas/relaxng/router-certificate.rng @@ -0,0 +1,98 @@ + + + + + 1 + + + + 512000 + + + + + + + + 512000 + [0-9][\-,0-9]* + + + + + .*Z + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/schemas/relaxng/up-down-schema.rnc b/schemas/relaxng/up-down-schema.rnc deleted file mode 100644 index a603b8fe..00000000 --- a/schemas/relaxng/up-down-schema.rnc +++ /dev/null @@ -1,113 +0,0 @@ -# $Id$ -# -# RelaxNG schema for the up-down protocol, extracted from RFC 6492. -# -# Copyright (c) 2012 IETF Trust and the persons identified as authors -# of the code. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in -# the documentation and/or other materials provided with the -# distribution. -# -# * Neither the name of Internet Society, IETF or IETF Trust, nor the -# names of specific contributors, may be used to endorse or promote -# products derived from this software without specific prior written -# permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN -# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. - -default namespace = "http://www.apnic.net/specs/rescerts/up-down/" - -grammar { - resource_set_as = xsd:string { maxLength="512000" pattern="[\-,0-9]*" } - resource_set_ip4 = xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } - resource_set_ip6 = xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } - - class_name = xsd:token { minLength="1" maxLength="1024" } - ski = xsd:token { minLength="27" maxLength="1024" } - label = xsd:token { minLength="1" maxLength="1024" } - cert_url = xsd:string { minLength="10" maxLength="4096" } - base64_binary = xsd:base64Binary { minLength="4" maxLength="512000" } - - start = element message { - attribute version { xsd:positiveInteger { maxInclusive="1" } }, - attribute sender { label }, - attribute recipient { label }, - payload - } - - payload |= attribute type { "list" }, list_request - payload |= attribute type { "list_response"}, list_response - payload |= attribute type { "issue" }, issue_request - payload |= attribute type { "issue_response"}, issue_response - payload |= attribute type { "revoke" }, revoke_request - payload |= attribute type { "revoke_response"}, revoke_response - payload |= attribute type { "error_response"}, error_response - - list_request = empty - list_response = class* - - class = element class { - attribute class_name { class_name }, - attribute cert_url { cert_url }, - attribute resource_set_as { resource_set_as }, - attribute resource_set_ipv4 { resource_set_ip4 }, - attribute resource_set_ipv6 { resource_set_ip6 }, - attribute resource_set_notafter { xsd:dateTime }, - attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?, - element certificate { - attribute cert_url { cert_url }, - attribute req_resource_set_as { resource_set_as }?, - attribute req_resource_set_ipv4 { resource_set_ip4 }?, - attribute req_resource_set_ipv6 { resource_set_ip6 }?, - base64_binary - }*, - element issuer { base64_binary } - } - - issue_request = element request { - attribute class_name { class_name }, - attribute req_resource_set_as { resource_set_as }?, - attribute req_resource_set_ipv4 { resource_set_ip4 }?, - attribute req_resource_set_ipv6 { resource_set_ip6 }?, - base64_binary - } - issue_response = class - - revoke_request = revocation - revoke_response = revocation - - revocation = element key { - attribute class_name { class_name }, - attribute ski { ski } - } - - error_response = - element status { xsd:positiveInteger { maxInclusive="9999" } }, - element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }* -} - -# Local Variables: -# indent-tabs-mode: nil -# comment-start: "# " -# comment-start-skip: "#[ \t]*" -# End: diff --git a/schemas/relaxng/up-down-schema.rng b/schemas/relaxng/up-down-schema.rng deleted file mode 100644 index ba1f20ca..00000000 --- a/schemas/relaxng/up-down-schema.rng +++ /dev/null @@ -1,277 +0,0 @@ - - - - - - 512000 - [\-,0-9]* - - - - - 512000 - [\-,/.0-9]* - - - - - 512000 - [\-,/:0-9a-fA-F]* - - - - - 1 - 1024 - - - - - 27 - 1024 - - - - - 1 - 1024 - - - - - 10 - 4096 - - - - - 4 - 512000 - - - - - - - 1 - - - - - - - - - - - - - - list - - - - - - list_response - - - - - - issue - - - - - - issue_response - - - - - - revoke - - - - - - revoke_response - - - - - - error_response - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1024 - rsync://.+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 9999 - - - - - - - - - 1024 - - - - - - diff --git a/schemas/relaxng/up-down.rnc b/schemas/relaxng/up-down.rnc new file mode 100644 index 00000000..a603b8fe --- /dev/null +++ b/schemas/relaxng/up-down.rnc @@ -0,0 +1,113 @@ +# $Id$ +# +# RelaxNG schema for the up-down protocol, extracted from RFC 6492. +# +# Copyright (c) 2012 IETF Trust and the persons identified as authors +# of the code. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# +# * Neither the name of Internet Society, IETF or IETF Trust, nor the +# names of specific contributors, may be used to endorse or promote +# products derived from this software without specific prior written +# permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +default namespace = "http://www.apnic.net/specs/rescerts/up-down/" + +grammar { + resource_set_as = xsd:string { maxLength="512000" pattern="[\-,0-9]*" } + resource_set_ip4 = xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } + resource_set_ip6 = xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } + + class_name = xsd:token { minLength="1" maxLength="1024" } + ski = xsd:token { minLength="27" maxLength="1024" } + label = xsd:token { minLength="1" maxLength="1024" } + cert_url = xsd:string { minLength="10" maxLength="4096" } + base64_binary = xsd:base64Binary { minLength="4" maxLength="512000" } + + start = element message { + attribute version { xsd:positiveInteger { maxInclusive="1" } }, + attribute sender { label }, + attribute recipient { label }, + payload + } + + payload |= attribute type { "list" }, list_request + payload |= attribute type { "list_response"}, list_response + payload |= attribute type { "issue" }, issue_request + payload |= attribute type { "issue_response"}, issue_response + payload |= attribute type { "revoke" }, revoke_request + payload |= attribute type { "revoke_response"}, revoke_response + payload |= attribute type { "error_response"}, error_response + + list_request = empty + list_response = class* + + class = element class { + attribute class_name { class_name }, + attribute cert_url { cert_url }, + attribute resource_set_as { resource_set_as }, + attribute resource_set_ipv4 { resource_set_ip4 }, + attribute resource_set_ipv6 { resource_set_ip6 }, + attribute resource_set_notafter { xsd:dateTime }, + attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?, + element certificate { + attribute cert_url { cert_url }, + attribute req_resource_set_as { resource_set_as }?, + attribute req_resource_set_ipv4 { resource_set_ip4 }?, + attribute req_resource_set_ipv6 { resource_set_ip6 }?, + base64_binary + }*, + element issuer { base64_binary } + } + + issue_request = element request { + attribute class_name { class_name }, + attribute req_resource_set_as { resource_set_as }?, + attribute req_resource_set_ipv4 { resource_set_ip4 }?, + attribute req_resource_set_ipv6 { resource_set_ip6 }?, + base64_binary + } + issue_response = class + + revoke_request = revocation + revoke_response = revocation + + revocation = element key { + attribute class_name { class_name }, + attribute ski { ski } + } + + error_response = + element status { xsd:positiveInteger { maxInclusive="9999" } }, + element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }* +} + +# Local Variables: +# indent-tabs-mode: nil +# comment-start: "# " +# comment-start-skip: "#[ \t]*" +# End: diff --git a/schemas/relaxng/up-down.rng b/schemas/relaxng/up-down.rng new file mode 100644 index 00000000..ba1f20ca --- /dev/null +++ b/schemas/relaxng/up-down.rng @@ -0,0 +1,277 @@ + + + + + + 512000 + [\-,0-9]* + + + + + 512000 + [\-,/.0-9]* + + + + + 512000 + [\-,/:0-9a-fA-F]* + + + + + 1 + 1024 + + + + + 27 + 1024 + + + + + 1 + 1024 + + + + + 10 + 4096 + + + + + 4 + 512000 + + + + + + + 1 + + + + + + + + + + + + + + list + + + + + + list_response + + + + + + issue + + + + + + issue_response + + + + + + revoke + + + + + + revoke_response + + + + + + error_response + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1024 + rsync://.+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 9999 + + + + + + + + + 1024 + + + + + + diff --git a/schemas/sql/pubd.sql b/schemas/sql/pubd.sql index 3a58ec00..d867706b 100644 --- a/schemas/sql/pubd.sql +++ b/schemas/sql/pubd.sql @@ -1,38 +1,25 @@ -- $Id$ --- Copyright (C) 2009--2010 Internet Systems Consortium ("ISC") +-- Copyright (C) 2012--2014 Dragon Research Labs ("DRL") +-- Portions copyright (C) 2009--2010 Internet Systems Consortium ("ISC") +-- Portions copyright (C) 2008 American Registry for Internet Numbers ("ARIN") -- -- Permission to use, copy, modify, and distribute this software for any -- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. +-- copyright notices and this permission notice appear in all copies. -- --- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. - --- Copyright (C) 2008 American Registry for Internet Numbers ("ARIN") --- --- Permission to use, copy, modify, and distribute this software for any --- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. --- --- THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. +-- THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL +-- WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +-- WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, +-- ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +-- CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +-- OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, +-- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION +-- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -- SQL objects needed by pubd.py. --- The config table is weird because we're really only using it --- to store one BPKI CRL, but putting this here lets us use a lot of --- existing machinery and the alternatives are whacky in other ways. +-- The config table is weird because it only has one row. DROP TABLE IF EXISTS client; DROP TABLE IF EXISTS config; diff --git a/schemas/sql/rpkid.sql b/schemas/sql/rpkid.sql index ad0c39b0..f3b899ee 100644 --- a/schemas/sql/rpkid.sql +++ b/schemas/sql/rpkid.sql @@ -1,32 +1,21 @@ -- $Id$ --- Copyright (C) 2009--2011 Internet Systems Consortium ("ISC") +-- Copyright (C) 2012--2014 Dragon Research Labs ("DRL") +-- Portions copyright (C) 2009--2011 Internet Systems Consortium ("ISC") +-- Portions copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") -- -- Permission to use, copy, modify, and distribute this software for any -- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. +-- copyright notices and this permission notice appear in all copies. -- --- THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. - --- Copyright (C) 2007--2008 American Registry for Internet Numbers ("ARIN") --- --- Permission to use, copy, modify, and distribute this software for any --- purpose with or without fee is hereby granted, provided that the above --- copyright notice and this permission notice appear in all copies. --- --- THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH --- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY --- AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, --- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM --- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE --- OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR --- PERFORMANCE OF THIS SOFTWARE. +-- THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL +-- WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED +-- WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL, +-- ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR +-- CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS +-- OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, +-- NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION +-- WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -- SQL objects needed by the RPKI engine (rpkid.py). -- cgit v1.2.3