TracNav(doc/RPKI/TOC) PageOutline
At present, the entire RPKI tools collection is a single source tree with a shared autoconf configuration. This may change in the future, but for now, this means that the build process is essentially the same regardless of which tools one wants to use. Some of the tools have dependencies on external packages, although we've tried to keep this to a minimum.
Most of the tools require an RFC-3779-aware version of the OpenSSL libraries. If necessary, the build process will generate its own private copy of the OpenSSL libraries for this purpose.
Other than OpenSSL, most of the relying party tools are fairly self-contained. The CA tools have a few additional dependencies, described below.
Note that initial development of this code has been on FreeBSD, so installation will probably be easiest on FreeBSD. We do, however, test on other platforms, such as Fedora, Ubuntu, Debian, and MacOSX.
The recommended way to obtain the source code is via subversion. To download, do:
Code snapshots are also available from https://download.rpki.net/ as xz-compressed tarballs.
Before attempting to build the tools from source, you will need to install any missing prerequisites.
Some of the relying party tools and most of the CA tools are written in Python. Note that the Python code requires Python version 2.6 or 2.7.
On some platforms (particularly MacOSX) the simplest way to install some of the Python packages may be the "easy_install" or "pip" tools that comes with Python.
Packages you will need:
- You will need a C compiler. gcc is fine, others such as Clang
should also work.
- http://www.python.org/, the Python interpreter, libraries, and
- http://codespeak.net/lxml/, a Pythonic interface to the Gnome
LibXML2 libraries. lxml in turn requires the LibXML2 C libraries;
on some platforms, some of the LibXML2 utilities are packaged
separately and may not be pulled in as dependencies.
* FreeBSD: /usr/ports/devel/py-lxml (py27-lxml)
* Fedora: python-lxml.i386
* Debian & Ubuntu:
* python-lxml
* libxml2-utils
- http://www.mysql.com/, MySQL client and server. How these are
packaged varies by platform, on some platforms the client and server
are separate packages, on others they might be a single monolithic
package, or installing the server might automatically install the
client as a dependency. On MacOSX you might be best off installing
a binary package for MySQL. The RPKI CA tools have been tested with
MySQL 5.0, 5.1, and 5.5; they will probably work with any other
reasonably recent version.
* FreeBSD:
* /usr/ports/databases/mysql55-server (mysql55-server)
* /usr/ports/databases/mysql55-client (mysql55-client)
* Debian & Ubuntu:
* mysql-client
* mysql-server
- http://sourceforge.net/projects/mysql-python/, the Python "db"
interface to MySQL. * FreeBSD: /usr/ports/databases/py-MySQLdb (py27-MySQLdb) * Fedora: MySQL-python.i386 * Debian & Ubuntu: python-mysqldb
- http://www.djangoproject.com/, the Django web user interface
toolkit. The GUI interface to the CA tools requires this. Django 1.4 is required.
* FreeBSD: /usr/ports/www/py-django (py27-django)
* Debian: python-django
* Ubuntu: **Do not use the python-django package (Django 1.3.1) in 12.04 LTS, as it is known not to work.** \\
Instead, install a recent version using easy_install or pip:
{{{
#!sh
$ sudo pip install django==1.4.5
}}}
- http://vobject.skyhouseconsulting.com/, a Python library for parsing
VCards. The GUI uses this to parse the payload of RPKI Ghostbuster objects. * FreeBSD: /usr/ports/deskutils/py-vobject (py27-vobject) * Debian & Ubuntu: python-vobject
- Several programs (more as time goes on) use the Python argparse
module. This module is part of the Python standard library as of
Python 2.7, but you may need to install it separately if you're
stuck with Python 2.6. Don't do this unless you must. In cases
where this is necessary, you'll probably need to use pip:
{{{
#!sh
$ python -c 'import argparse' 2>/dev/null || sudo pip install argparse
}}}
- http://pyyaml.org/. Several of the test programs use PyYAML to
parse a YAML description of a simulated allocation hierarchy to test. * FreeBSD: /usr/ports/devel/py-yaml (py27-yaml) * Debian & Ubuntu: python-yaml
- http://xmlsoft.org/XSLT/. Some of the test code uses xsltproc, from
the Gnome LibXSLT package. * FreeBSD: /usr/ports/textproc/libxslt (libxslt) * Debian & Ubuntu: xsltproc
- http://www.rrdtool.org/. The relying party tools use this to
generate graphics which you may find useful in monitoring the behavior of your validator. The rest of the software will work fine without rrdtool, you just won't be able to generate those graphics. * FreeBSD: /usr/ports/databases/rrdtool (rrdtool) * Debian & Ubuntu: rrdtool
- http://www.freshports.org/www/mod_wsgi3/ If you intend to run the GUI
with wsgi, its default configuration, you will need to install mod_wsgi v3 * FreeBSD: /usr/ports/www/mod_wsgi3 (app22-mod_wsgi) * Debian & Ubuntu: libapache2-mod-wsgi
- http://south.aeracode.org/ Django South 0.7.6 or later.
This tool is used to ease the pain of changes to the web portal database schema.
* FreeBSD: /usr/ports/databases/py-south (py27-south)
* Debian: python-django-south
* Ubuntu: **Do not use the python-django-south 0.7.3 package in 12.04 LTS, as it is known not to work.** \\
Instead, install a recent version using easy_install or pip:
{{{
#!sh
pip install South>=0.7.6
}}}
Once you have the prerequesite packages installed, you should be able to build the toolkit. cd to the top-level directory in the distribution, run the configure script, then run "make":
This should automatically build everything, in the right order, including building a private copy of the OpenSSL libraries with the right options if necessary and linking the POW module against either the system OpenSSL libraries or the private OpenSSL libraries, as appopriate.
In theory, `./configure` will complain about any required packages which might be missing.
If you don't intend to run any of the CA tools, you can simplify the build and installation process by telling `./configure` that you only want to build the relying party tools:
Assuming the build stage completed without obvious errors, the next step is to run some basic regression tests.
Some of the tests for the CA tools require MySQL databases to store their data. To set up all the databases that the tests will need, run the SQL commands in `ca/tests/smoketest.setup.sql`. The MySQL command line client is usually the easiest way to do this, eg:
- !sh
to problem.
="" =" Theres a last set of tools that only developers should need, as theyre" make install:
=""></tests/smoketest.setup.sql }}}
to>youre planning to use them.