Exemplo n.º 1
0
def list_received_resources(log, conf):
    """
    Query rpkid for this resource handle's received resources.

    The semantics are to clear the entire table and populate with the list of
    certs received.  Other models should not reference the table directly with
    foreign keys.
    """

    z = Zookeeper(handle=conf.handle, disable_signal_handlers=True)
    req = Element(tag_msg, nsmap=nsmap, type="query", version=version)
    SubElement(req,
               tag_list_received_resources,
               tenant_handle=conf.handle,
               tag=conf.handle)
    try:
        pdus = z.call_rpkid(req)
    except Exception as err:
        logger.error('caught exception while attempting to query rpkid')
        logger.exception(err)
        return

    # pdus is sometimes None (see https://trac.rpki.net/ticket/681)
    if pdus is None:
        print >> log, 'error: call_rpkid() returned None for handle %s when fetching received resources' % conf.handle
        return

    models.ResourceCert.objects.filter(conf=conf).delete()

    for pdu in pdus:
        if pdu.get("parent_handle") != conf.handle:
            parent = models.Parent.objects.get(issuer=conf,
                                               handle=pdu.get("parent_handle"))
        else:
            # root cert, self-signed
            parent = None

        not_before = datetime.strptime(pdu.get("notBefore"),
                                       "%Y-%m-%dT%H:%M:%SZ")
        not_after = datetime.strptime(pdu.get("notAfter"),
                                      "%Y-%m-%dT%H:%M:%SZ")

        cert = models.ResourceCert.objects.create(conf=conf,
                                                  parent=parent,
                                                  not_before=not_before,
                                                  not_after=not_after,
                                                  uri=pdu.get("uri"))

        for asn in resource_set_as(pdu.get("asn")):
            cert.asn_ranges.create(min=asn.min, max=asn.max)

        for rng in resource_set_ipv4(pdu.get("ipv4")):
            cert.address_ranges.create(prefix_min=rng.min, prefix_max=rng.max)

        for rng in resource_set_ipv6(pdu.get("ipv6")):
            cert.address_ranges_v6.create(prefix_min=rng.min,
                                          prefix_max=rng.max)
Exemplo n.º 2
0
def list_received_resources(log, conf):
    """
    Query rpkid for this resource handle's received resources.

    The semantics are to clear the entire table and populate with the list of
    certs received.  Other models should not reference the table directly with
    foreign keys.
    """

    z = Zookeeper(handle=conf.handle, disable_signal_handlers=True)
    req = Element(tag_msg, nsmap=nsmap, type="query", version=version)
    SubElement(req, tag_list_received_resources, tenant_handle=conf.handle, tag=conf.handle)
    try:
	pdus = z.call_rpkid(req)
    except Exception as err:
	logger.error('caught exception while attempting to query rpkid')
	logger.exception(err)
	return

    # pdus is sometimes None (see https://trac.rpki.net/ticket/681)
    if pdus is None:
        print >>log, 'error: call_rpkid() returned None for handle %s when fetching received resources' % conf.handle
        return

    models.ResourceCert.objects.filter(conf=conf).delete()

    for pdu in pdus:
        if pdu.get("parent_handle") != conf.handle:
            parent = models.Parent.objects.get(issuer=conf,
                                               handle=pdu.get("parent_handle"))
        else:
            # root cert, self-signed
            parent = None

        not_before = datetime.strptime(pdu.get("notBefore"), "%Y-%m-%dT%H:%M:%SZ")
        not_after = datetime.strptime(pdu.get("notAfter"), "%Y-%m-%dT%H:%M:%SZ")

        cert = models.ResourceCert.objects.create(
            conf=conf, parent=parent, not_before=not_before,
            not_after=not_after, uri=pdu.get("uri"))

        for asn in resource_set_as(pdu.get("asn")):
            cert.asn_ranges.create(min=asn.min, max=asn.max)

        for rng in resource_set_ipv4(pdu.get("ipv4")):
            cert.address_ranges.create(prefix_min=rng.min,
                                       prefix_max=rng.max)

        for rng in resource_set_ipv6(pdu.get("ipv6")):
            cert.address_ranges_v6.create(prefix_min=rng.min,
                                          prefix_max=rng.max)
Exemplo n.º 3
0
def list_received_resources(log, conf):
    """
    Query rpkid for this resource handle's received resources.

    The semantics are to clear the entire table and populate with the list of
    certs received.  Other models should not reference the table directly with
    foreign keys.

    """

    z = Zookeeper(handle=conf.handle, disable_signal_handlers=True)
    pdus = z.call_rpkid(list_received_resources_elt.make_pdu(self_handle=conf.handle))
    # pdus is sometimes None (see https://trac.rpki.net/ticket/681)
    if pdus is None:
        print >>log, 'error: call_rpkid() returned None for handle %s when fetching received resources' % conf.handle
        return

    models.ResourceCert.objects.filter(conf=conf).delete()

    for pdu in pdus:
        if isinstance(pdu, report_error_elt):
            # this will cause the db to be rolled back so the above delete()
            # won't clobber existing resources
            raise LeftRightError(pdu)
        elif isinstance(pdu, list_received_resources_elt):
            if pdu.parent_handle != conf.handle:
                parent = models.Parent.objects.get(issuer=conf,
                                                   handle=pdu.parent_handle)
            else:
                # root cert, self-signed
                parent = None

            not_before = datetime.strptime(pdu.notBefore, "%Y-%m-%dT%H:%M:%SZ")
            not_after = datetime.strptime(pdu.notAfter, "%Y-%m-%dT%H:%M:%SZ")

            cert = models.ResourceCert.objects.create(
                conf=conf, parent=parent, not_before=not_before,
                not_after=not_after, uri=pdu.uri)

            for asn in resource_set_as(pdu.asn):
                cert.asn_ranges.create(min=asn.min, max=asn.max)

            for rng in resource_set_ipv4(pdu.ipv4):
                cert.address_ranges.create(prefix_min=rng.min,
                                           prefix_max=rng.max)

            for rng in resource_set_ipv6(pdu.ipv6):
                cert.address_ranges_v6.create(prefix_min=rng.min,
                                              prefix_max=rng.max)
        else:
            print >>log, "error: unexpected pdu from rpkid type=%s" % type(pdu)
Exemplo n.º 4
0
Usage: python csvgrep.py datum [datum ...]

where each datum is an ASN, IP address, or IP prefix.

ASNs are recognized by being pure integers; IP addreses are recognized
by having dots (IPv4) or colons (IPv6).

After eating all of the command line arguments, we search asns.csv for
any ASNs given, and prefixes.csv for any prefixes given.
"""

import sys
from rpki.resource_set import resource_set_as, resource_set_ipv4, resource_set_ipv6
from rpki.csv_utils import csv_reader

asn = resource_set_as()
ipv4 = resource_set_ipv4()
ipv6 = resource_set_ipv6()

for datum in sys.argv[1:]:
    if datum.replace("-", "").isdigit():
        t = asn
    else:
        t = ipv6 if ":" in datum else ipv4
        if "-" not in datum and "/" not in datum:
            datum = datum + "-" + datum
    try:
        t.append(t.parse_str(datum))
    except:
        print "Error attempting to parse", datum
        raise
Exemplo n.º 5
0
Usage: python csvgrep.py datum [datum ...]

where each datum is an ASN, IP address, or IP prefix.

ASNs are recognized by being pure integers; IP addreses are recognized
by having dots (IPv4) or colons (IPv6).

After eating all of the command line arguments, we search asns.csv for
any ASNs given, and prefixes.csv for any prefixes given.
"""

import sys
from rpki.resource_set import resource_set_as, resource_set_ipv4, resource_set_ipv6
from rpki.csv_utils import csv_reader

asn  = resource_set_as()
ipv4 = resource_set_ipv4()
ipv6 = resource_set_ipv6()

for datum in sys.argv[1:]:
    if datum.replace("-", "").isdigit():
        t = asn
    else:
        t = ipv6 if ":" in datum else ipv4
        if "-" not in datum and "/" not in datum:
            datum = datum + "-" + datum
    try:
        t.append(t.parse_str(datum))
    except:
        print "Error attempting to parse", datum
        raise