"""
Diff a series of rcynic.xml files, sort of.
$Id$
Copyright (C) 2012 Internet Systems Consortium, Inc. ("ISC")
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
import sys
try:
from lxml.etree import ElementTree
except ImportError:
from xml.etree.ElementTree import ElementTree
show_backup_generation = False
show_rsync_transfer = False
class Object(object):
def __init__(self, session, uri, generation):
self.session = session
self.uri = uri
self.generation = generation
self.labels = []
def add(self, label):
self.labels.append(label)
def __cmp__(self, other):
return cmp(self.labels, other.labels)
def show(old = None, new = None):
assert old is not None or new is not None
assert old is None or new is None or old.uri == new.uri
if old is None:
obj = new
labels = ["+" + label for label in new.labels]
elif new is None:
obj = old
labels = ["-" + label for label in old.labels]
else:
obj = new
labels = []
for label in new.session.labels:
if label in new.labels and label in old.labels:
labels.append(label)
elif label in new.labels:
labels.append("+" + label)
elif label in old.labels:
labels.append("-" + label)
labels = " ".join(labels)
if show_backup_generation:
print " ", obj.uri, obj.generation, labels
else:
print " ", obj.uri, labels
class Session(dict):
def __init__(self, name):
self.name = name
tree = ElementTree(file = name)
self.labels = [elt.tag.strip() for elt in tree.find("labels")]
for elt in tree.findall("validation_status"):
generation = elt.get("generation")
status = elt.get("status")
uri = elt.text.strip()
if not show_rsync_transfer and status.startswith("rsync_transfer_"):
continue
if show_backup_generation:
key = (uri, generation)
elif generation == "backup":
continue
else:
key = uri
if key not in self:
self[key] = Object(self, uri, generation)
self[key].add(status)
old_db = new_db = None
for arg in sys.argv[1:]:
old_db = new_db
new_db = Session(arg)
if old_db is None:
continue
only_old = set(old_db) - set(new_db)
only_new = set(new_db) - set(old_db)
changed = set(key for key in (set(old_db) & set(new_db)) if old_db[key] != new_db[key])
if only_old or changed or only_new:
print "Comparing", old_db.name, "with", new_db.name
for key in sorted(only_old):
show(old = old_db[key])
for key in sorted(changed):
show(old = old_db[key], new = new_db[key])
for key in sorted(only_new):
show(new = new_db[key])
print
n15' href='#n15'>15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
"""
Generate config for a test RPKI root certificate for resources
specified in asns.csv and prefixes.csv.
This script is separate from arin-to-csv.py so that we can convert on
the fly rather than having to pull the entire database into memory.
$Id$
Copyright (C) 2009-2012 Internet Systems Consortium ("ISC")
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
"""
import sys
from rpki.csv_utils import csv_reader
if len(sys.argv) not in (2, 4):
sys.exit("Usage: %s holder [asns.csv prefixes.csv]" % sys.argv[0])
print '''\
[req]
default_bits = 2048
default_md = sha256
distinguished_name = req_dn
prompt = no
encrypt_key = no
[req_dn]
CN = Pseudo-%(HOLDER)s testbed root RPKI certificate
[x509v3_extensions]
basicConstraints = critical,CA:true
subjectKeyIdentifier = hash
keyUsage = critical,keyCertSign,cRLSign
subjectInfoAccess = 1.3.6.1.5.5.7.48.5;URI:rsync://%(holder)s.rpki.net/rpki/%(holder)s/,1.3.6.1.5.5.7.48.10;URI:rsync://%(holder)s.rpki.net/rpki/%(holder)s/root.mft
certificatePolicies = critical,1.3.6.1.5.5.7.14.2
sbgp-autonomousSysNum = critical,@rfc3779_asns
sbgp-ipAddrBlock = critical,@rfc3997_addrs
[rfc3779_asns]
''' % { "holder" : sys.argv[1].lower(),
"HOLDER" : sys.argv[1].upper() }
for i, asn in enumerate(asn for handle, asn in csv_reader(sys.argv[2] if len(sys.argv) > 2 else "asns.csv", columns = 2)):
print "AS.%d = %s" % (i, asn)
print '''\
[rfc3997_addrs]
'''
for i, prefix in enumerate(prefix for handle, prefix in csv_reader(sys.argv[3] if len(sys.argv) > 2 else "prefixes.csv", columns = 2)):
v = 6 if ":" in prefix else 4
print "IPv%d.%d = %s" % (v, i, prefix)
|