1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
#!/usr/bin/env python
# $Id$
# Copyright (C) 2015-2016 Parsons Government Services ("PARSONS")
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notices and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND PARSONS DISCLAIMS ALL
# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
# PARSONS BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
"""
Dump rcynicng database to old-style disk files.
This is a slow operation due to blocking operations in the underlying
filesystem, so in the long run we will almost certainly want to
rewrite the RP toolkit to use the database directly, but it's (much)
easier to compare results between the old and new validation engines
when they use the same data representation.
"""
import os
import sys
import time
import shutil
import logging
import argparse
import rpki.config
import rpki.autoconf
logger = logging.getLogger("rcynic-dump")
os.environ.update(TZ = "UTC",
DJANGO_SETTINGS_MODULE = "rpki.django_settings.rcynic")
time.tzset()
logging.basicConfig(level = logging.DEBUG, format = "%(asctime)s %(message)s", datefmt = "%Y-%m-%d %H:%M:%S")
parser = argparse.ArgumentParser(description = __doc__)
parser.add_argument("-c", "--config")
parser.add_argument("output_tree", nargs = "?", default = "rcynic-data")
args = parser.parse_args()
rpki.config.parser(set_filename = args.config, section = "rcynic")
import django
django.setup()
import rpki.rcynicdb
def uri_to_filename(obj, base):
return os.path.join(args.output_tree, base, obj.uri[obj.uri.index("://") + 3:])
def sha256_to_filename(obj):
return os.path.join(args.output_tree, "sha256", obj.sha256[:2], obj.sha256 + obj.uri[-4:])
def authenticated_to_dirname(authenticated):
return "authenticated-{}".format(authenticated.started.strftime("%Y-%m-%dT%H:%M:%SZ"))
seen = set()
def check_der(fn, der):
with open(fn, "rb") as f:
return der == f.read()
def mkdir_maybe(fn):
dn = os.path.dirname(fn)
if not os.path.exists(dn):
os.makedirs(dn)
for obj in rpki.rcynicdb.models.RPKIObject.objects.all():
hfn = sha256_to_filename(obj)
ufn = uri_to_filename(obj, "unauthenticated")
if not os.path.exists(hfn) or not check_der(hfn, obj.der):
mkdir_maybe(hfn)
with open(hfn, "wb") as f:
f.write(obj.der)
seen.add(hfn)
seen.add(ufn)
for auth in obj.authenticated.all():
afn = uri_to_filename(obj, authenticated_to_dirname(auth))
mkdir_maybe(afn)
if not os.path.exists(afn):
os.link(hfn, afn)
elif not check_der(afn, obj.der):
os.unlink(afn)
os.link(hfn, afn)
seen.add(afn)
auth = rpki.rcynicdb.models.Authenticated.objects.order_by("-started").first()
if auth is not None:
src = authenticated_to_dirname(auth)
dst = os.path.join(args.output_tree, "authenticated")
if os.path.exists(dst):
os.unlink(dst)
os.symlink(src, dst)
|
