diff options
| author | Rob Austein <sra@hactrn.net> | 2008-01-24 00:36:32 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2008-01-24 00:36:32 +0000 |
| commit | 867bd91ba8bf05271cf5a88a297c84de32eefc51 (patch) | |
| tree | fe527c1c8e308454eaa585f7a8c59e133208ce2a | |
| parent | 8075f9aa1e4115092e35ae4b5da65041a21f5b8a (diff) | |
Reuse child SIA when reissuing
svn path=/scripts/rpki/left_right.py; revision=1498
| -rw-r--r-- | scripts/rpki/left_right.py | 3 | ||||
| -rw-r--r-- | scripts/rpki/sql.py | 8 |
2 files changed, 6 insertions, 5 deletions
diff --git a/scripts/rpki/left_right.py b/scripts/rpki/left_right.py index b2182e70..1328dd1d 100644 --- a/scripts/rpki/left_right.py +++ b/scripts/rpki/left_right.py @@ -385,8 +385,7 @@ class self_elt(data_elt): child_cert.reissue( gctx = gctx, ca_detail = ca_detail, - resources = new_resources, - sia = ca_detail.ca(gctx).sia_uri) + resources = new_resources) elif old_resources.valid_until < now: parent = ca.parent(gctx) repository = parent.repository(gctx) diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py index 71f81c35..6aef177a 100644 --- a/scripts/rpki/sql.py +++ b/scripts/rpki/sql.py @@ -453,8 +453,7 @@ class ca_detail_obj(sql_persistant): child_cert.reissue( gctx = gctx, ca_detail = self, - resources = child_resources.intersection(new_resources), - sia = ca.sia_uri) + resources = child_resources.intersection(new_resources)) @classmethod def create(cls, gctx, ca): @@ -613,7 +612,7 @@ class child_cert_obj(sql_persistant): self.revoked = rpki.sundial.datetime.utcnow() self.sql_mark_dirty() - def reissue(self, gctx, ca_detail, resources, sia): + def reissue(self, gctx, ca_detail, resources, sia = None): """Reissue an existing cert, reusing the public key. If the cert we would generate is identical to the one we already have, we just return the one we already have. If we have to revoke the old @@ -628,6 +627,9 @@ class child_cert_obj(sql_persistant): old_resources = self.cert.get_3779resources() old_sia = self.cert.get_SIA() + if sia is None: + sia = old_sia + assert resources.valid_until is not None and old_resources.valid_until is not None if resources == old_resources and sia == old_sia: |