summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-01-29 10:49:30 +0100
committerChristian Poessinger <christian@poessinger.com>2021-02-03 20:25:43 +0000
commit3cb781fc41106d42ae911439c97d3c0d8e8090c5 (patch)
treef097880121961fb16f44a00b818e42c1ccbcb17d
parent143a8a19b7e9430b6e13239ceaf362410e1d42f6 (diff)
downloadvyatta-cfg-quagga-3cb781fc41106d42ae911439c97d3c0d8e8090c5.tar.gz
vyatta-cfg-quagga-3cb781fc41106d42ae911439c97d3c0d8e8090c5.zip
rpki: T3255: move to vyos-1x
(cherry picked from commit e87556e49d7289a316305e58d7afb070f0382021)
-rw-r--r--Makefile.am1
-rw-r--r--scripts/vyos-update-rpki-cache.py89
-rw-r--r--templates/protocols/rpki/cache/node.def3
-rw-r--r--templates/protocols/rpki/cache/node.tag/address/node.def2
-rw-r--r--templates/protocols/rpki/cache/node.tag/port/node.def3
-rw-r--r--templates/protocols/rpki/cache/node.tag/ssh/known-hosts-file/node.def5
-rw-r--r--templates/protocols/rpki/cache/node.tag/ssh/node.def1
-rw-r--r--templates/protocols/rpki/cache/node.tag/ssh/private-key-file/node.def5
-rw-r--r--templates/protocols/rpki/cache/node.tag/ssh/public-key-file/node.def4
-rw-r--r--templates/protocols/rpki/cache/node.tag/ssh/username/node.def2
-rw-r--r--templates/protocols/rpki/initial-synchronization-timeout/node.def7
-rw-r--r--templates/protocols/rpki/node.def3
-rw-r--r--templates/protocols/rpki/polling-period/node.def7
-rw-r--r--templates/protocols/rpki/preference/node.def2
-rw-r--r--templates/protocols/rpki/timeout/node.def6
15 files changed, 0 insertions, 140 deletions
diff --git a/Makefile.am b/Makefile.am
index 174349b5..1bed4416 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -13,7 +13,6 @@ sbin_SCRIPTS += scripts/vyatta-gateway-static_route-check.pl
sbin_SCRIPTS += scripts/vyatta-link-detect
sbin_SCRIPTS += scripts/vyatta-next-hop-check
sbin_SCRIPTS += scripts/vyatta-update-static-route.pl
-sbin_SCRIPTS += scripts/vyos-update-rpki-cache.py
bin_sudo_users_SCRIPTS = scripts/vyatta-static-dhcp.pl
diff --git a/scripts/vyos-update-rpki-cache.py b/scripts/vyos-update-rpki-cache.py
deleted file mode 100644
index f290d119..00000000
--- a/scripts/vyos-update-rpki-cache.py
+++ /dev/null
@@ -1,89 +0,0 @@
-#!/usr/bin/env python3
-
-import sys
-import subprocess
-
-import vyos.config
-
-
-base_path = "protocols rpki "
-
-def create_cache(c, cache):
- new_port = c.return_value(base_path + "cache {0} port".format(cache))
- new_addr = c.return_value(base_path + "cache {0} address".format(cache))
- new_pref = c.return_value(base_path + "cache {0} preference".format(cache))
-
- ssh = False
- if c.exists(base_path + "cache {0} ssh".format(cache)):
- ssh = True
- new_user = c.return_value(base_path + "cache {0} ssh username".format(cache))
- new_pubkey = c.return_value(base_path + "cache {0} ssh public-key-file".format(cache))
- new_privkey = c.return_value(base_path + "cache {0} ssh private-key-file".format(cache))
- new_known_hosts = c.return_value(base_path + "cache {0} ssh known-hosts-file".format(cache))
-
- if (not new_user) or (not new_pubkey) or (not new_privkey) or (not new_known_hosts):
- print("If SSH is used for RPKI cache, username, public/private keys, and known hosts file must be defined")
- sys.exit(1)
-
- if (not new_addr) or (not new_port):
- print("Address and port must be defined for RPKI cache servers")
- sys.exit(1)
-
- if not new_pref:
- new_pref = 1
-
- if ssh:
- subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'rpki cache {0} {1} {2} {3} {4} {5} preference {6}' """.format(new_addr, new_port, new_user, new_privkey, new_pubkey, new_known_hosts, new_pref), shell=True)
- else:
- subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'rpki cache {0} {1} preference {2}' """.format(new_addr, new_port, new_pref), shell=True)
-
-def delete_cache(c, cache):
- ssh = False
- port = c.return_effective_value(base_path + "cache {0} port".format(cache))
- addr = c.return_effective_value(base_path + "cache {0} address".format(cache))
- pref = c.return_effective_value(base_path + "cache {0} preference".format(cache))
-
- if not pref:
- pref = 1
-
- if c.exists_effective(base_path + "cache {0} ssh".format(cache)):
- ssh = True
- user = c.return_effective_value(base_path + "cache {0} ssh username".format(cache))
- pubkey = c.return_effective_value(base_path + "cache {0} ssh public-key-file".format(cache))
- privkey = c.return_effective_value(base_path + "cache {0} ssh private-key-file".format(cache))
- known_hosts = c.return_effective_value(base_path + "cache {0} ssh known-hosts-file".format(cache))
-
- if ssh:
- subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'no rpki cache {0} {1} {2} {3} {4} {5} preference {6}' """.format(addr, port, user, privkey, pubkey, known_hosts, pref), shell=True)
-
- else:
- subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'no rpki cache {0} {1} preference {2}' """.format(addr, port, pref), shell=True)
-
-
-config = vyos.config.Config()
-
-caches = config.list_nodes(base_path + "cache")
-orig_caches = config.list_effective_nodes(base_path + "cache")
-
-# RPKI caches can only be manipulated when RPKI is stopped
-print("Stopping RPKI")
-subprocess.call(""" vtysh -c 'rpki stop' """, shell=True)
-
-if not caches:
- for cache in orig_caches:
- delete_cache(config, cache)
-else:
- for cache in caches:
- if cache in orig_caches:
- delete_cache(config, cache)
- create_cache(config, cache)
-
- for cache in orig_caches:
- if not cache in caches:
- # No longer exists
- delete_cache(config, cache)
-
-if caches:
- print("Starting RPKI")
- subprocess.call(""" vtysh -c 'rpki start' """, shell=True)
-
diff --git a/templates/protocols/rpki/cache/node.def b/templates/protocols/rpki/cache/node.def
deleted file mode 100644
index f28cf2c6..00000000
--- a/templates/protocols/rpki/cache/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-tag:
-type: txt
-help: RPKI cache server instance
diff --git a/templates/protocols/rpki/cache/node.tag/address/node.def b/templates/protocols/rpki/cache/node.tag/address/node.def
deleted file mode 100644
index de110206..00000000
--- a/templates/protocols/rpki/cache/node.tag/address/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: txt
-help: RPKI cache server address
diff --git a/templates/protocols/rpki/cache/node.tag/port/node.def b/templates/protocols/rpki/cache/node.tag/port/node.def
deleted file mode 100644
index e97c2477..00000000
--- a/templates/protocols/rpki/cache/node.tag/port/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: u32
-help: TCP port number
-val_help: u32:1-65535; TCP port number
diff --git a/templates/protocols/rpki/cache/node.tag/ssh/known-hosts-file/node.def b/templates/protocols/rpki/cache/node.tag/ssh/known-hosts-file/node.def
deleted file mode 100644
index 40f2c3dc..00000000
--- a/templates/protocols/rpki/cache/node.tag/ssh/known-hosts-file/node.def
+++ /dev/null
@@ -1,5 +0,0 @@
-type: txt
-help: RPKI SSH known hosts file
-
-syntax:expression: exec "test -f $VAR(@)"; "Must be an existing file path"
-
diff --git a/templates/protocols/rpki/cache/node.tag/ssh/node.def b/templates/protocols/rpki/cache/node.tag/ssh/node.def
deleted file mode 100644
index 2fb48499..00000000
--- a/templates/protocols/rpki/cache/node.tag/ssh/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: RPKI SSH connection settings
diff --git a/templates/protocols/rpki/cache/node.tag/ssh/private-key-file/node.def b/templates/protocols/rpki/cache/node.tag/ssh/private-key-file/node.def
deleted file mode 100644
index 8cfb580f..00000000
--- a/templates/protocols/rpki/cache/node.tag/ssh/private-key-file/node.def
+++ /dev/null
@@ -1,5 +0,0 @@
-type: txt
-help: RPKI SSH private key file
-
-syntax:expression: exec "test -f $VAR(@)"; "Must be an existing file path"
-
diff --git a/templates/protocols/rpki/cache/node.tag/ssh/public-key-file/node.def b/templates/protocols/rpki/cache/node.tag/ssh/public-key-file/node.def
deleted file mode 100644
index 31de9562..00000000
--- a/templates/protocols/rpki/cache/node.tag/ssh/public-key-file/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-type: txt
-help: RPKI SSH public key file path
-
-syntax:expression: exec "test -f $VAR(@)"; "Must be an existing file path"
diff --git a/templates/protocols/rpki/cache/node.tag/ssh/username/node.def b/templates/protocols/rpki/cache/node.tag/ssh/username/node.def
deleted file mode 100644
index 4391509d..00000000
--- a/templates/protocols/rpki/cache/node.tag/ssh/username/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: txt
-help: RPKI SSH username
diff --git a/templates/protocols/rpki/initial-synchronization-timeout/node.def b/templates/protocols/rpki/initial-synchronization-timeout/node.def
deleted file mode 100644
index 43d2016f..00000000
--- a/templates/protocols/rpki/initial-synchronization-timeout/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: u32
-help: Initial RPKI cache synchronization timeout
-
-create: vtysh -c 'conf t' -c 'rpki' -c 'rpki initial-synchronisation-timeout $VAR(@)'
-update: vtysh -c 'conf t' -c 'rpki' -c 'rpki initial-synchronisation-timeout $VAR(@)'
-delete: vtysh -c 'conf t' -c 'rpki' -c 'no rpki initial-synchronisation-timeout'
-
diff --git a/templates/protocols/rpki/node.def b/templates/protocols/rpki/node.def
deleted file mode 100644
index 28d77a9e..00000000
--- a/templates/protocols/rpki/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: BGP prefix origin validation
-
-end: ${vyatta_sbindir}/vyos-update-rpki-cache.py
diff --git a/templates/protocols/rpki/polling-period/node.def b/templates/protocols/rpki/polling-period/node.def
deleted file mode 100644
index ee8d0a2d..00000000
--- a/templates/protocols/rpki/polling-period/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: u32
-help: RPKI cache polling period
-val_help: u32:1-1300; Polling period
-
-create: vtysh -c 'conf t' -c 'rpki' -c 'rpki polling_period $VAR(@)'
-update: vtysh -c 'conf t' -c 'rpki' -c 'rpki polling_period $VAR(@)'
-delete: vtysh -c 'conf t' -c 'rpki' -c 'no rpki polling_period'
diff --git a/templates/protocols/rpki/preference/node.def b/templates/protocols/rpki/preference/node.def
deleted file mode 100644
index f946fc0b..00000000
--- a/templates/protocols/rpki/preference/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: u32
-help: RPKI cache preference
diff --git a/templates/protocols/rpki/timeout/node.def b/templates/protocols/rpki/timeout/node.def
deleted file mode 100644
index 2ea31cbf..00000000
--- a/templates/protocols/rpki/timeout/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-type: u32
-help: RPKI cache reply timeout
-
-create: vtysh -c 'conf t' -c 'rpki' -c 'rpki timeout $VAR(@)'
-update: vtysh -c 'conf t' -c 'rpki' -c 'rpki timeout $VAR(@)'
-delete: vtysh -c 'conf t' -c 'rpki' -c 'no rpki timeout'