RPKI Engine
1.0
|
Classes | |
class | BadCommandSyntax |
class | BadCSVSyntax |
class | BadPrefixSyntax |
class | BadXMLMessage |
class | CA |
class | CantRunRootd |
class | child |
class | children |
class | comma_set |
class | CouldntTalkToDaemon |
class | csv_reader |
class | csv_writer |
class | EntityDB |
class | IRDB |
class | main |
class | parent |
class | parents |
class | PastExpiration |
class | repositories |
class | repository |
class | roa_request |
class | roa_requests |
Functions | |
def | b64_equal |
def | etree_post_read |
def | etree_pre_write |
def | etree_read |
def | etree_validate |
def | etree_write |
def | PEMBase64 |
def | PEMElement |
Variables | |
allow_incomplete = False | |
string | namespace = "http://www.hactrn.net/uris/rpki/myrpki/" |
string | namespaceQName = "{" |
string | version = "2" |
whine = True |
This (oversized) module used to be an (oversized) program. Refactoring in progress, some doc still needs updating. This program is now the merger of three different tools: the old myrpki.py script, the old myirbe.py script, and the newer setup.py CLI tool. As such, it is still in need of some cleanup, but the need to provide a saner user interface is more urgent than internal code prettiness at the moment. In the long run, 90% of the code in this file probably ought to move to well-designed library modules. Overall goal here is to build up the configuration necessary to run rpkid and friends, by reading a config file, a collection of .CSV files, and the results of a few out-of-band XML setup messages exchanged with one's parents, children, and so forth. The config file is in an OpenSSL-compatible format, the CSV files are simple tab-delimited text. The XML files are all generated by this program, either the local instance or an instance being run by another player in the system; the mechanism used to exchange these setup messages is outside the scope of this program, feel free to use PGP-signed mail, a web interface (not provided), USB stick, carrier pigeons, whatever works. With one exception, the commands in this program avoid using any third-party Python code other than the rpki libraries themselves; with the same one exception, all OpenSSL work is done with the OpenSSL command line tool (the one built as a side effect of building rcynic will do, if your platform has no system copy or the system copy is too old). This is all done in an attempt to make the code more portable, so one can run most of the RPKI back end software on a laptop or whatever. The one exception is the configure_daemons command, which must, of necessity, use the same communication libraries as the daemons with which it is conversing. So that one command will not work if the correct Python modules are not available. $Id: myrpki.py 4015 2011-10-05 17:45:34Z sra $ Copyright (C) 2009--2011 Internet Systems Consortium ("ISC") Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
def rpki::myrpki::b64_equal | ( | thing1, | |
thing2 | |||
) |
Compare two Base64-encoded values for equality.
Definition at line 916 of file myrpki.py.
Referenced by rpki::myrpki::main::do_configure_publication_client().
def rpki::myrpki::etree_post_read | ( | e, | |
validate = True |
|||
) |
Do the namespace frobbing needed on read; broken out of etree_read() beause also needed by ElementFromString().
Definition at line 902 of file myrpki.py.
References etree_validate().
Referenced by rpki::myrpki::CA::cms_xml_verify(), and etree_read().
def rpki::myrpki::etree_pre_write | ( | e, | |
validate = True |
|||
) |
Do the namespace frobbing needed on write; broken out of etree_write() because also needed with ElementToString().
Definition at line 877 of file myrpki.py.
References etree_validate().
Referenced by rpki::myrpki::CA::cms_xml_sign(), and etree_write().
def rpki::myrpki::etree_read | ( | filename, | |
verbose = False , |
|||
validate = True |
|||
) |
Read an etree from a file, verifying then stripping XML namespace cruft.
Definition at line 892 of file myrpki.py.
References etree_post_read().
Referenced by rpki::myrpki::main::configure_resources_main(), rpki::myrpki::main::do_configure_child(), rpki::myrpki::main::do_configure_daemons(), rpki::myrpki::main::do_configure_parent(), rpki::myrpki::main::do_configure_publication_client(), rpki::myrpki::main::do_configure_repository(), rpki::myrpki::main::do_initialize(), rpki::myrpki::children::from_entitydb(), rpki::myrpki::parents::from_entitydb(), rpki::myrpki::repositories::from_entitydb(), and rpki::myrpki::main::renew_children_common().
def rpki::myrpki::etree_validate | ( | e | ) |
Definition at line 841 of file myrpki.py.
Referenced by etree_post_read(), and etree_pre_write().
def rpki::myrpki::etree_write | ( | e, | |
filename, | |||
verbose = False , |
|||
validate = True , |
|||
msg = None |
|||
) |
Write out an etree to a file, safely. I still miss SYSCAL(RENMWO).
Definition at line 858 of file myrpki.py.
References etree_pre_write().
Referenced by rpki::myrpki::main::configure_resources_main(), rpki::myrpki::main::do_configure_child(), rpki::myrpki::main::do_configure_daemons(), rpki::myrpki::main::do_configure_parent(), rpki::myrpki::main::do_configure_publication_client(), rpki::myrpki::main::do_configure_repository(), rpki::myrpki::main::do_initialize(), and rpki::myrpki::main::renew_children_common().
def rpki::myrpki::PEMBase64 | ( | filename | ) |
Extract Base64 encoded data from a PEM file.
Definition at line 581 of file myrpki.py.
Referenced by rpki::myrpki::main::do_configure_publication_client(), and PEMElement().
def rpki::myrpki::PEMElement | ( | e, | |
tag, | |||
filename, | |||
kwargs | |||
) |
Create an XML element containing Base64 encoded data taken from a PEM file.
Definition at line 594 of file myrpki.py.
References PEMBase64().
Referenced by rpki::myrpki::main::configure_resources_main(), rpki::myrpki::main::do_configure_child(), rpki::myrpki::main::do_configure_parent(), rpki::myrpki::main::do_configure_publication_client(), rpki::myrpki::main::do_initialize(), rpki::myrpki::child::xml(), rpki::myrpki::parent::xml(), and rpki::myrpki::repository::xml().
rpki::myrpki::allow_incomplete = False |
string rpki::myrpki::namespace = "http://www.hactrn.net/uris/rpki/myrpki/" |
string rpki::myrpki::namespaceQName = "{" |
string rpki::myrpki::version = "2" |
rpki::myrpki::whine = True |