Turns out we don't really need the whole deferred-upgrade mess after

all, at least not yet. Real problem was AIA handling, now fixed. svn path=/branches/tk671/; revision=5743
author: Rob Austein <sra@hactrn.net> 2014-04-03 03:01:15 +0000
committer: Rob Austein <sra@hactrn.net> 2014-04-03 03:01:15 +0000
commit: 40a78d8c81256921645db88bd92c4cb70a3d3297 (patch)
tree: 3e2ab5c05d114e233912d100cd8f93742310903b
parent: 9fdf7e694f5994e297080b1696b5d54952b3b20a (diff)
3 files changed, 0 insertions, 92 deletions
diff --git a/buildtools/debian-skeleton/rpki-ca.upstart b/buildtools/debian-skeleton/rpki-ca.upstart
index 71bafa7c..36a792ee 100644
--- a/buildtools/debian-skeleton/rpki-ca.upstart
+++ b/buildtools/debian-skeleton/rpki-ca.upstart
@@ -42,11 +42,6 @@ pre-start script
     fi
 end script
 
-post-start script
-    logger -is -t "$UPSTART_JOB" "Running deferred upgrades, this may take a little while"
-    /usr/sbin/rpki-sql-setup --apply-deferred-upgrades
-end script
-
 post-stop script
     for i in rpkid pubd irdbd rootd
     do
diff --git a/buildtools/freebsd-skeleton/rpki-ca/files/rpki-ca.in b/buildtools/freebsd-skeleton/rpki-ca/files/rpki-ca.in
index b10dec39..c3143835 100644
--- a/buildtools/freebsd-skeleton/rpki-ca/files/rpki-ca.in
+++ b/buildtools/freebsd-skeleton/rpki-ca/files/rpki-ca.in
@@ -33,11 +33,6 @@ rpkica_start()
 	return 0
 }
 
-rpkica_poststart()
-{
-	/usr/local/sbin/rpki-sql-setup --apply-deferred-upgrades
-}
-
 rpkica_stop()
 {
 	for i in rpkid pubd irdbd rootd
diff --git a/rpkid/upgrade-scripts/upgrade-irdbd-to-0.5678.py b/rpkid/upgrade-scripts/upgrade-irdbd-to-0.5678.py
deleted file mode 100644
index e14510c8..00000000
--- a/rpkid/upgrade-scripts/upgrade-irdbd-to-0.5678.py
+++ /dev/null
@@ -1,82 +0,0 @@
-# $Id$
-#
-# Copyright (C) 2014  Dragon Research Labs ("DRL")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS.  IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-"""
-Schedule action to force certificate reissuance as part of upgrade to
-version 0.5678 of the rpki-ca toolkit.
-
-This code is evaluated in the context of rpki-sql-setup's
-do_apply_upgrades() function and has access to its variables.
-"""
-
-# Real work here has to be a deferred upgrade because the daemons have
-# to be running for anything useful to happen.
-
-db.add_deferred_upgrade('''
-
-print """
-        Version 0.5678 included a change which changed publication
-        URIs embedded in issued certificates, which requires reissuing
-        all affected certificates before everything will really work
-        properly again.  Attempting to do this automatically...
-"""
-
-# General plan here:
-#
-# - Force reissuance of everything we've issued, to whack SIA and AIA
-#   of everything we're producing.
-#
-# - "Manually" (ie, Python code here) whack any all-numeric
-#   directories in our publication tree, as those are the ones that
-#   [5678] removed.
-#
-# - Force (re)publication of everything, just in case we accidently
-# - whacked something we still cared about.
-#
-# We include the occasional pause to let things settle between steps.
-
-import os
-import time
-import shutil
-import subprocess
-import rpki.autoconf
-
-time.sleep(10)
-
-rpkic    = os.path.join(rpki.autoconf.sbindir, "rpkic")
-irbe_cli = os.path.join(rpki.autoconf.sbindir, "irbe_cli")
-
-handles = subprocess.check_output((rpkic, "list_self_handles")).splitlines()
-
-argv = [irbe_cli]
-for handle in handles:
-  argv.extend(("self", "--self_handle", handle, "--action", "set", "--reissue"))
-# Run this twice
-subprocess.check_call(argv)
-subprocess.check_call(argv)
-
-for d in [os.path.join(top, d)
-          for top, dirs, files in os.walk(os.path.join(rpki.autoconf.datarootdir, "rpki", "publication"))
-          for d in dirs
-          if d.isdigit()]:
-  shutil.rmtree(d, ignore_errors = True)
-
-argv = [irbe_cli]
-for handle in handles:
-  argv.extend(("self", "--self_handle", handle, "--action", "set", "--publish_world_now"))
-subprocess.check_call(argv)
-
-''')
author	Rob Austein <sra@hactrn.net>	2014-04-03 03:01:15 +0000
committer	Rob Austein <sra@hactrn.net>	2014-04-03 03:01:15 +0000
commit	40a78d8c81256921645db88bd92c4cb70a3d3297 (patch)
tree	3e2ab5c05d114e233912d100cd8f93742310903b
parent	9fdf7e694f5994e297080b1696b5d54952b3b20a (diff)