From 962c4eed93d324cd642736ee58147c071fb3700b Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Mon, 19 Apr 2010 20:05:01 +0000
Subject: Oops, tested all the myrpki/ => rpkid/ changes but didn't commit them
 all.

svn path=/README; revision=3216
---
 scripts/apnic-to-csv.py                 |  8 ++++----
 scripts/arin-to-csv.py                  |  8 ++++----
 scripts/convert-from-csv-to-entitydb.py | 36 ++++++++++++++++-----------------
 scripts/ripe-asns-to-csv.py             |  4 ++--
 scripts/setup-rootd.sh                  | 36 +++++++++++++++++++++++++++++++++
 scripts/test-myrpki-cms.py              | 10 ++++-----
 scripts/testbed-rootcert.py             |  6 +++---
 scripts/translate-handles.py            |  8 ++++----
 8 files changed, 76 insertions(+), 40 deletions(-)
 create mode 100644 scripts/setup-rootd.sh

(limited to 'scripts')

diff --git a/scripts/apnic-to-csv.py b/scripts/apnic-to-csv.py
index 54e9137c..30a3951f 100644
--- a/scripts/apnic-to-csv.py
+++ b/scripts/apnic-to-csv.py
@@ -19,12 +19,12 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 PERFORMANCE OF THIS SOFTWARE.
 """
 
-import csv, myrpki, rpki.ipaddrs
+import csv, rpki.myrpki, rpki.ipaddrs
 
-translations = dict((src, dst) for src, dst in myrpki.csv_reader("translations.csv", columns = 2))
+translations = dict((src, dst) for src, dst in rpki.myrpki.csv_reader("translations.csv", columns = 2))
 
-asns     = myrpki.csv_writer("asns.csv")
-prefixes = myrpki.csv_writer("prefixes.csv")
+asns     = rpki.myrpki.csv_writer("asns.csv")
+prefixes = rpki.myrpki.csv_writer("prefixes.csv")
 
 for line in open("delegated-apnic-extended-latest"):
 
diff --git a/scripts/arin-to-csv.py b/scripts/arin-to-csv.py
index 55e5762a..9004dbba 100644
--- a/scripts/arin-to-csv.py
+++ b/scripts/arin-to-csv.py
@@ -23,7 +23,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 PERFORMANCE OF THIS SOFTWARE.
 """
 
-import gzip, csv, myrpki
+import gzip, csv, rpki.myrpki
 
 class Handle(object):
 
@@ -95,10 +95,10 @@ class main(object):
     return tag.strip(), val.strip()
 
   def __init__(self):
-    self.asns = myrpki.csv_writer("asns.csv")
-    self.prefixes = myrpki.csv_writer("prefixes.csv")
+    self.asns = rpki.myrpki.csv_writer("asns.csv")
+    self.prefixes = rpki.myrpki.csv_writer("prefixes.csv")
     try:
-      self.translations = dict((src, dst) for src, dst in myrpki.csv_reader("translations.csv", columns = 2))
+      self.translations = dict((src, dst) for src, dst in rpki.myrpki.csv_reader("translations.csv", columns = 2))
     except IOError:
       pass
     f = gzip.open("arin_db.txt.gz")
diff --git a/scripts/convert-from-csv-to-entitydb.py b/scripts/convert-from-csv-to-entitydb.py
index 282d2e75..51cb323d 100644
--- a/scripts/convert-from-csv-to-entitydb.py
+++ b/scripts/convert-from-csv-to-entitydb.py
@@ -19,7 +19,7 @@ PERFORMANCE OF THIS SOFTWARE.
 """
 
 import subprocess, csv, re, os, getopt, sys, base64, urlparse
-import rpki.sundial, myrpki, rpki.config
+import rpki.sundial, rpki.myrpki, rpki.config
 
 from lxml.etree import Element, SubElement, ElementTree
 
@@ -165,7 +165,7 @@ for d in map(entitydb, ("children", "parents", "repositories", "pubclients")):
 one_year_from_now = str(rpki.sundial.now() + rpki.sundial.timedelta(days = 365))
 
 if os.path.exists(children_csv):
-  for child_handle, valid_until, child_resource_pemfile in myrpki.csv_reader(children_csv, columns = 3):
+  for child_handle, valid_until, child_resource_pemfile in rpki.myrpki.csv_reader(children_csv, columns = 3):
     try:
 
       e = Element("parent",
@@ -173,16 +173,16 @@ if os.path.exists(children_csv):
                   service_uri = "https://%s:%s/up-down/%s/%s" % (rpkid_server_host, rpkid_server_port, handle, child_handle),
                   child_handle = child_handle,
                   parent_handle = handle)
-      myrpki.PEMElement(e, "bpki_resource_ta", bpki_resources_pemfile)
-      myrpki.PEMElement(e, "bpki_server_ta",   bpki_servers_pemfile)
-      myrpki.PEMElement(e, "bpki_child_ta",    child_resource_pemfile)
-      myrpki.etree_write(e, entitydb("children", "%s.xml" % child_handle))
+      rpki.myrpki.PEMElement(e, "bpki_resource_ta", bpki_resources_pemfile)
+      rpki.myrpki.PEMElement(e, "bpki_server_ta",   bpki_servers_pemfile)
+      rpki.myrpki.PEMElement(e, "bpki_child_ta",    child_resource_pemfile)
+      rpki.myrpki.etree_write(e, entitydb("children", "%s.xml" % child_handle))
 
     except IOError:
       pass
 
 if os.path.exists(parents_csv):
-  for parent_handle, parent_service_uri, parent_cms_pemfile, parent_https_pemfile, parent_myhandle, parent_sia_base in myrpki.csv_reader(parents_csv, columns = 6):
+  for parent_handle, parent_service_uri, parent_cms_pemfile, parent_https_pemfile, parent_myhandle, parent_sia_base in rpki.myrpki.csv_reader(parents_csv, columns = 6):
     try:
 
       e = Element("parent",
@@ -190,10 +190,10 @@ if os.path.exists(parents_csv):
                   service_uri = parent_service_uri,
                   child_handle = parent_myhandle,
                   parent_handle = parent_handle)
-      myrpki.PEMElement(e, "bpki_resource_ta", parent_cms_pemfile)
-      myrpki.PEMElement(e, "bpki_server_ta",   parent_https_pemfile)
-      myrpki.PEMElement(e, "bpki_child_ta",    bpki_resources_pemfile)
-      myrpki.etree_write(e, entitydb("parents", "%s.xml" % parent_handle))
+      rpki.myrpki.PEMElement(e, "bpki_resource_ta", parent_cms_pemfile)
+      rpki.myrpki.PEMElement(e, "bpki_server_ta",   parent_https_pemfile)
+      rpki.myrpki.PEMElement(e, "bpki_child_ta",    bpki_resources_pemfile)
+      rpki.myrpki.etree_write(e, entitydb("parents", "%s.xml" % parent_handle))
 
       client_handle = "/".join(parent_sia_base.rstrip("/").split("/")[3:])
       assert client_handle.startswith(repository_handle)
@@ -204,16 +204,16 @@ if os.path.exists(parents_csv):
                   service_uri = "%s/client/%s" % (pubd_base.rstrip("/"), client_handle),
                   sia_base = parent_sia_base,
                   type = "confirmed")
-      myrpki.PEMElement(e, "bpki_server_ta", repository_bpki_certificate)
-      myrpki.PEMElement(e, "bpki_client_ta", bpki_resources_pemfile)
+      rpki.myrpki.PEMElement(e, "bpki_server_ta", repository_bpki_certificate)
+      rpki.myrpki.PEMElement(e, "bpki_client_ta", bpki_resources_pemfile)
       SubElement(e, "contact_info").text = "Automatically generated by convert-csv.py"
-      myrpki.etree_write(e, entitydb("repositories", "%s.xml" % parent_handle))
+      rpki.myrpki.etree_write(e, entitydb("repositories", "%s.xml" % parent_handle))
 
     except IOError:
       pass
 
 if os.path.exists(pubclients_csv):
-  for client_handle, client_resource_pemfile, client_sia_base in myrpki.csv_reader(pubclients_csv, columns = 3):
+  for client_handle, client_resource_pemfile, client_sia_base in rpki.myrpki.csv_reader(pubclients_csv, columns = 3):
     try:
 
       parent_handle = client_handle.split("/")[-2] if "/" in client_handle else handle
@@ -224,10 +224,10 @@ if os.path.exists(pubclients_csv):
                   service_uri = "https://%s:%s/client/%s" % (pubd_server_host, pubd_server_port, client_handle),
                   sia_base = client_sia_base,
                   type = "confirmed")
-      myrpki.PEMElement(e, "bpki_server_ta", bpki_servers_pemfile)
-      myrpki.PEMElement(e, "bpki_client_ta", client_resource_pemfile)
+      rpki.myrpki.PEMElement(e, "bpki_server_ta", bpki_servers_pemfile)
+      rpki.myrpki.PEMElement(e, "bpki_client_ta", client_resource_pemfile)
       SubElement(e, "contact_info").text = "Automatically generated by convert-csv.py"
-      myrpki.etree_write(e, entitydb("pubclients", "%s.xml" % client_handle.replace("/", ".")))
+      rpki.myrpki.etree_write(e, entitydb("pubclients", "%s.xml" % client_handle.replace("/", ".")))
 
     except IOError:
       pass
diff --git a/scripts/ripe-asns-to-csv.py b/scripts/ripe-asns-to-csv.py
index 04a92627..26e4651c 100644
--- a/scripts/ripe-asns-to-csv.py
+++ b/scripts/ripe-asns-to-csv.py
@@ -23,7 +23,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 PERFORMANCE OF THIS SOFTWARE.
 """
 
-import gzip, csv, myrpki
+import gzip, csv, rpki.myrpki
 
 class Handle(dict):
 
@@ -88,7 +88,7 @@ class main(object):
   filenames = ("ripe.db.aut-num.gz",)
 
   def __init__(self):
-    self.asns = myrpki.csv_writer("asns.csv")
+    self.asns = rpki.myrpki.csv_writer("asns.csv")
     for fn in self.filenames:
       f = gzip.open(fn)
       self.statement = ""
diff --git a/scripts/setup-rootd.sh b/scripts/setup-rootd.sh
new file mode 100644
index 00000000..001ed862
--- /dev/null
+++ b/scripts/setup-rootd.sh
@@ -0,0 +1,36 @@
+#!/bin/sh -
+#
+# $Id$
+#
+# Copyright (C) 2010  Internet Systems Consortium ("ISC")
+# 
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# Setting up rootd requires cross-certifying rpkid's resource-holding
+# BPKI trust anchor under the BPKI trust anchor that rootd uses.  This
+# script handles that, albiet in a very ugly way.
+#
+# Filenames are wired in, you might need to change these if you've
+# done something more complicated.
+
+export RANDFILE=.OpenSSL.whines.unless.I.set.this
+export BPKI_DIRECTORY=`pwd`/bpki/servers
+
+openssl=../openssl/openssl/apps/openssl
+
+$openssl ca -notext -batch -config myrpki.conf \
+	-ss_cert bpki/resources/ca.cer \
+	-out $BPKI_DIRECTORY/child.cer \
+	-extensions ca_x509_ext_xcert0
+
+$openssl x509 -noout -text -in $BPKI_DIRECTORY/child.cer
diff --git a/scripts/test-myrpki-cms.py b/scripts/test-myrpki-cms.py
index 29bea39c..0ea59c07 100644
--- a/scripts/test-myrpki-cms.py
+++ b/scripts/test-myrpki-cms.py
@@ -22,7 +22,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 PERFORMANCE OF THIS SOFTWARE.
 """
 
-import subprocess, os, sys, myrpki
+import subprocess, os, sys, rpki.myrpki
 
 original_xml = '''\
 <publication_referral xmlns="http://www.hactrn.net/uris/rpki/publication-spec/"
@@ -35,10 +35,10 @@ f = open("original.xml", "w")
 f.write(original_xml)
 f.close()
 
-myrpki.openssl = "/u/sra/rpki/subvert-rpki.hactrn.net/openssl/openssl/apps/openssl"
+rpki.myrpki.openssl = "/u/sra/rpki/subvert-rpki.hactrn.net/openssl/openssl/apps/openssl"
 os.putenv("OPENSSL_CONF", "/dev/null")
 
-bpki = myrpki.CA("test/Alice/myrpki.conf", "test/Alice/bpki/resources")
+bpki = rpki.myrpki.CA("test/Alice/myrpki.conf", "test/Alice/bpki/resources")
 bpki.ee("/CN=Alice Signed Referral CMS Test EE Certificate", "CMSEE")
 
 # "id-ct-xml" from rpki.oids
@@ -46,7 +46,7 @@ oid = ".".join(map(str, (1, 2, 840, 113549, 1, 9, 16, 1, 28)))
 
 format = "DER"                          # PEM or DER
 
-subprocess.check_call((myrpki.openssl, "cms", "-sign",
+subprocess.check_call((rpki.myrpki.openssl, "cms", "-sign",
                        "-binary", "-nodetach", "-nosmimecap", "-keyid", "-outform", format,
                        "-econtent_type", oid, "-md", "sha256",
                        "-inkey",  "test/Alice/bpki/resources/CMSEE.key",
@@ -61,6 +61,6 @@ if format == "DER":
 # at least we can make it the job of the code formerly known as irdbd,
 # where we have full libraries available to us.  but blunder ahead...
 
-subprocess.check_call((myrpki.openssl, "cms", "-verify", "-inform", format,
+subprocess.check_call((rpki.myrpki.openssl, "cms", "-verify", "-inform", format,
                        "-CAfile", "test/Alice/bpki/resources/ca.cer",
                        "-in",     "original.%s" % format.lower()))
diff --git a/scripts/testbed-rootcert.py b/scripts/testbed-rootcert.py
index 54d1480c..6c75da9c 100644
--- a/scripts/testbed-rootcert.py
+++ b/scripts/testbed-rootcert.py
@@ -22,7 +22,7 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 PERFORMANCE OF THIS SOFTWARE.
 """
 
-import csv, myrpki, sys
+import csv, rpki.myrpki, sys
 
 if len(sys.argv) != 2:
   raise RuntimeError, "Usage: %s [holder]" % sys.argv[0]
@@ -51,7 +51,7 @@ sbgp-ipAddrBlock                = critical,@rfc3997_addrs
 ''' % { "holder" : sys.argv[1].lower(),
         "HOLDER" : sys.argv[1].upper() }
 
-for i, asn in enumerate(asn for handle, asn in myrpki.csv_reader("asns.csv", columns = 2)):
+for i, asn in enumerate(asn for handle, asn in rpki.myrpki.csv_reader("asns.csv", columns = 2)):
   print "AS.%d = %s" % (i, asn)
 
 print '''\
@@ -60,6 +60,6 @@ print '''\
 
 '''
 
-for i, prefix in enumerate(prefix for handle, prefix in myrpki.csv_reader("prefixes.csv", columns = 2)):
+for i, prefix in enumerate(prefix for handle, prefix in rpki.myrpki.csv_reader("prefixes.csv", columns = 2)):
   v = 6 if ":" in prefix else 4
   print "IPv%d.%d = %s" % (v, i, prefix)
diff --git a/scripts/translate-handles.py b/scripts/translate-handles.py
index 308b878e..67c09b06 100644
--- a/scripts/translate-handles.py
+++ b/scripts/translate-handles.py
@@ -31,16 +31,16 @@ OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 PERFORMANCE OF THIS SOFTWARE.
 """
 
-import os, sys, myrpki
+import os, sys, rpki.myrpki
 
-translations = dict((src, dst) for src, dst in myrpki.csv_reader("translations.csv", columns = 2))
+translations = dict((src, dst) for src, dst in rpki.myrpki.csv_reader("translations.csv", columns = 2))
 
 for filename in sys.argv[1:]:
 
   tmpfile = "%s.%d" % os.getpid()
-  csvout = myrpki.csv_writer(tmpfile)
+  csvout = rpki.myrpki.csv_writer(tmpfile)
 
-  for cols in myrpki.csv_reader(filename):
+  for cols in rpki.myrpki.csv_reader(filename):
     if cols[0] in translations:
       cols[0] = translations[cols[0]]
     csvout(cols)
-- 
cgit v1.2.3