Include CRLs in manifests

svn path=/rpkid/rpki/rpki_engine.py; revision=1931
author: Rob Austein <sra@hactrn.net> 2008-06-23 05:56:46 +0000
committer: Rob Austein <sra@hactrn.net> 2008-06-23 05:56:46 +0000
commit: 35f133e605a4f447937dc4acb13310e593275dd7 (patch)
tree: 8e97ab20012008a44892c9ca1bc3e1fc41c1a70e
parent: 5a2cf6be6e8029b5684303c1ded26a19d7cf03e9 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/rpkid/rpki/rpki_engine.py b/rpkid/rpki/rpki_engine.py
index df6f421b..d6eef6e3 100644
--- a/rpkid/rpki/rpki_engine.py
+++ b/rpkid/rpki/rpki_engine.py
@@ -381,7 +381,11 @@ class ca_detail_obj(rpki.sql.sql_persistant):
 
   def crl_uri(self, ca):
     """Return publication URI for this ca_detail's CRL."""
-    return ca.sia_uri + self.public_key.gSKI() + ".crl"
+    return ca.sia_uri + self.crl_uri_tail()
+
+  def crl_uri_tail(self):
+    """Return tail (filename portion) of publication URI for this ca_detail's CRL."""
+    return self.public_key.gSKI() + ".crl"
 
   def manifest_uri(self, ca):
     """Return publication URI for this ca_detail's manifest."""
@@ -622,8 +626,9 @@ class ca_detail_obj(rpki.sql.sql_persistant):
     route_origins = [r for r in self.route_origins() if r.cert is not None and r.roa is not None]
 
     certs = [(c.uri_tail(), c.cert) for c in self.child_certs()] + \
+            [(r.roa_uri_tail(), r.cert) for r in route_origins] + \
             [(r.ee_uri_tail(), r.cert) for r in route_origins] + \
-            [(r.roa_uri_tail(), r.cert) for r in route_origins]
+            [(self.crl_uri_tail(), self.latest_crl)]
 
     self.latest_manifest = rpki.x509.SignedManifest.build(
       serial         = ca.next_manifest_number(),
author	Rob Austein <sra@hactrn.net>	2008-06-23 05:56:46 +0000
committer	Rob Austein <sra@hactrn.net>	2008-06-23 05:56:46 +0000
commit	35f133e605a4f447937dc4acb13310e593275dd7 (patch)
tree	8e97ab20012008a44892c9ca1bc3e1fc41c1a70e
parent	5a2cf6be6e8029b5684303c1ded26a19d7cf03e9 (diff)