RPKI Engine 1.0
Public Member Functions | Public Attributes | Static Public Attributes

rpki.rpkid.roa_obj Class Reference

Inheritance diagram for rpki.rpkid.roa_obj:
Inheritance graph
Collaboration diagram for rpki.rpkid.roa_obj:
Collaboration graph

List of all members.

Public Member Functions

def __init__
def __repr__
def ca_detail
def generate
def published_callback
def regenerate
def revoke
def self
def sql_delete_hook
def sql_fetch_hook
def sql_insert_hook
def update
def uri
def uri_from_key
def uri_tail

Public Attributes

 asn
 gctx
 ipv4
 ipv6
 self_id

Static Public Attributes

 ca_detail_id = None
 cert = None
 published = None
 roa = None
tuple sql_template

Detailed Description

Route Origin Authorization.

Definition at line 1339 of file rpki/rpkid.py.


Constructor & Destructor Documentation

def rpki.rpkid.roa_obj.__init__ (   self,
  gctx = None,
  self_id = None,
  asn = None,
  ipv4 = None,
  ipv6 = None 
)

Definition at line 1412 of file rpki/rpkid.py.


Member Function Documentation

def rpki.rpkid.roa_obj.__repr__ (   self)

Definition at line 1407 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.ca_detail (   self)
Fetch ca_detail object to which this roa_obj links.

Definition at line 1367 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.generate (   self,
  publisher,
  fast = False 
)
Generate a ROA.

At present we have no way of performing a direct lookup from a
desired set of resources to a covering certificate, so we have to
search.  This could be quite slow if we have a lot of active
ca_detail objects.  Punt on the issue for now, revisit if
profiling shows this as a hotspot.

Once we have the right covering certificate, we generate the ROA
payload, generate a new EE certificate, use the EE certificate to
sign the ROA payload, publish the result, then throw away the
private key for the EE cert, all per the ROA specification.  This
implies that generating a lot of ROAs will tend to thrash
/dev/random, but there is not much we can do about that.

If fast is set, we leave generating the new manifest for our
caller to handle, presumably at the end of a bulk operation.

Definition at line 1464 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.published_callback (   self,
  pdu 
)
Check publication result.

Definition at line 1531 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.regenerate (   self,
  publisher,
  fast = False 
)
Reissue ROA associated with this roa_obj.

Definition at line 1576 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.revoke (   self,
  publisher,
  regenerate = False,
  allow_failure = False,
  fast = False 
)
Withdraw ROA associated with this roa_obj.

In order to preserve make-before-break properties without
duplicating code, this method also handles generating a
replacement ROA when requested.

If allow_failure is set, failing to withdraw the ROA will not be
considered an error.

If fast is set, SQL actions will be deferred, on the assumption
that our caller will handle regenerating CRL and manifest and
flushing the SQL cache.

Definition at line 1539 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.self (   self)
Fetch self object to which this roa_obj links.

Definition at line 1360 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.sql_delete_hook (   self)
Extra SQL delete actions for roa_obj -- handle prefix lists.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 1401 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.sql_fetch_hook (   self)
Extra SQL fetch actions for roa_obj -- handle prefix lists.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 1373 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.sql_insert_hook (   self)
Extra SQL insert actions for roa_obj -- handle prefix lists.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 1387 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.update (   self,
  publisher,
  fast = False 
)
Bring this roa_obj's ROA up to date if necesssary.

Definition at line 1425 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.uri (   self)
Return the publication URI for this roa_obj's ROA.

Definition at line 1592 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.uri_from_key (   self,
  key 
)
Return publication URI for a public key.

Definition at line 1585 of file rpki/rpkid.py.

def rpki.rpkid.roa_obj.uri_tail (   self)
Return the tail (filename portion) of the publication URI for this
roa_obj's ROA.

Definition at line 1599 of file rpki/rpkid.py.


Member Data Documentation

Definition at line 1412 of file rpki/rpkid.py.

Definition at line 1354 of file rpki/rpkid.py.

rpki.rpkid.roa_obj.cert = None [static]

Definition at line 1355 of file rpki/rpkid.py.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 1412 of file rpki/rpkid.py.

Definition at line 1412 of file rpki/rpkid.py.

Definition at line 1412 of file rpki/rpkid.py.

Definition at line 1357 of file rpki/rpkid.py.

rpki.rpkid.roa_obj.roa = None [static]

Definition at line 1356 of file rpki/rpkid.py.

Definition at line 1412 of file rpki/rpkid.py.

Initial value:
rpki.sql.template(
    "roa",
    "roa_id",
    "ca_detail_id",
    "self_id",
    "asn",
    ("roa", rpki.x509.ROA),
    ("cert", rpki.x509.X509),
    ("published", rpki.sundial.datetime))

Definition at line 1344 of file rpki/rpkid.py.


The documentation for this class was generated from the following file:
 All Classes Namespaces Files Functions Variables