re6st-cn 1.07 KB
Newer Older
1
#!/usr/bin/python2
2
import sqlite3, sys
3 4
if 're6st' not in sys.modules:
    import os; sys.path[0] = os.path.dirname(sys.path[0])
5
from re6st import utils, x509
6 7 8 9
from OpenSSL import crypto

with open("/etc/re6stnet/ca.crt") as f:
    ca = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
10
network = x509.networkFromCa(ca)
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34

db = sqlite3.connect("/var/lib/re6stnet/registry.db")
for x in sys.argv[1:]:
    try:
        a, b = x.split('/')
    except ValueError:
        prefix = x
    else:
        b = int(b)
        try:
            prefix = bin(int(a))[2:].zfill(b)
        except ValueError:
            a = utils.binFromIp(a)
            assert a.startswith(network)
            prefix = a[len(network):b]
    a = db.execute("select * from cert where prefix=?", (prefix,)).fetchone()
    b = network + prefix
    b = '%s/%s' % (utils.ipFromBin(b), len(b))
    if a:
        subject = crypto.load_certificate(crypto.FILETYPE_PEM, a[2]).get_subject()
        print "%s\t%s\t%s" % (b, a[1], ''.join('/%s=%s' % x for x in subject.get_components()))
    else:
        print "%s\t-" % b
db.close()