rpki.rpki_engine.roa_obj Class Reference

Inherits rpki::sql::sql_persistent.

List of all members.

Public Member Functions

def ca_detail
def ee_uri
def ee_uri_tail
def generate_roa
def regenerate_roa
def roa_uri
def roa_uri_tail
def self
def sql_delete_hook
def sql_fetch_hook
def sql_insert_hook
def update_roa
def withdraw_roa

Static Public Attributes

 ca_detail_id = None
 cert = None
 roa = None
tuple sql_template


Detailed Description

Route Origin Authorization.

Definition at line 1051 of file rpki_engine.py.


Member Function Documentation

def rpki.rpki_engine.roa_obj.ca_detail (   self  ) 

Fetch all ca_detail objects that link to this roa_obj.

Definition at line 1109 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.ee_uri (   self  ) 

Return the publication URI for this roa_obj's ROA's EE
certificate.

Definition at line 1293 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.ee_uri_tail (   self  ) 

Return the tail (filename) portion of the URI for this roa_obj's
ROA's EE certificate.

Definition at line 1286 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.generate_roa (   self,
  callback,
  errback 
)

Generate a ROA.

At present this does not support ROAs with multiple signatures
(neither does the current CMS code).

At present we have no way of performing a direct lookup from a
desired set of resources to a covering certificate, so we have to
search.  This could be quite slow if we have a lot of active
ca_detail objects.  Punt on the issue for now, revisit if
profiling shows this as a hotspot.

Once we have the right covering certificate, we generate the ROA
payload, generate a new EE certificate, use the EE certificate to
sign the ROA payload, publish the result, then throw away the
private key for the EE cert, all per the ROA specification.  This
implies that generating a lot of ROAs will tend to thrash
/dev/random, but there is not much we can do about that.

Definition at line 1158 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.regenerate_roa (   self,
  callback,
  errback 
)

Reissue ROA associated with this roa_obj.

Definition at line 1264 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.roa_uri (   self,
  key = None 
)

Return the publication URI for this roa_obj's ROA.

Definition at line 1273 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.roa_uri_tail (   self,
  key = None 
)

Return the tail (filename portion) of the publication URI for this
roa_obj's ROA.

Definition at line 1279 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.self (   self  ) 

Fetch self object to which this roa_obj links.

Definition at line 1069 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.sql_delete_hook (   self  ) 

Extra SQL delete actions for roa_obj -- handle prefix lists.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 1103 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.sql_fetch_hook (   self  ) 

Extra SQL fetch actions for roa_obj -- handle prefix lists.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 1075 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.sql_insert_hook (   self  ) 

Extra SQL insert actions for roa_obj -- handle prefix lists.

Reimplemented from rpki.sql.sql_persistent.

Definition at line 1089 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.update_roa (   self,
  callback 
)

Bring this roa_obj's ROA up to date if necesssary.

Definition at line 1115 of file rpki_engine.py.

def rpki.rpki_engine.roa_obj.withdraw_roa (   self,
  callback,
  errback,
  regenerate = False 
)

Withdraw ROA associated with this roa_obj.

In order to preserve make-before-break properties without
duplicating code, this method also handles generating a
replacement ROA when requested.

Definition at line 1229 of file rpki_engine.py.


Member Data Documentation

Definition at line 1065 of file rpki_engine.py.

Definition at line 1066 of file rpki_engine.py.

Definition at line 1067 of file rpki_engine.py.

Initial value:

rpki.sql.template(
    "roa",
    "roa_id",
    "ca_detail_id",
    "self_id",
    "asn",
    ("roa", rpki.x509.ROA),
    ("cert", rpki.x509.X509))

Definition at line 1056 of file rpki_engine.py.


The documentation for this class was generated from the following file:

Generated on Tue Jul 7 16:04:42 2009 for RPKI Engine by  doxygen 1.5.9