diff options
| author | Michael Elkins <melkins@tislabs.com> | 2012-11-16 18:38:29 +0000 |
|---|---|---|
| committer | Michael Elkins <melkins@tislabs.com> | 2012-11-16 18:38:29 +0000 |
| commit | 9ddc7d1847f4b3a726ef984653776e0aacb3a5a6 (patch) | |
| tree | 998b126cb156d39f5dddd717bfe397d9a775ec98 | |
| parent | c691c4151fe28044637851655379bb852f95b15d (diff) | |
fixes to handle the case where the gui is managing the root
svn path=/trunk/; revision=4884
| -rw-r--r-- | rpkid/portal-gui/scripts/rpkigui-check-expired.py | 15 | ||||
| -rw-r--r-- | rpkid/portal-gui/scripts/rpkigui-rcynic.py | 11 |
2 files changed, 18 insertions, 8 deletions
diff --git a/rpkid/portal-gui/scripts/rpkigui-check-expired.py b/rpkid/portal-gui/scripts/rpkigui-check-expired.py index c996b181..131b3d69 100644 --- a/rpkid/portal-gui/scripts/rpkigui-check-expired.py +++ b/rpkid/portal-gui/scripts/rpkigui-check-expired.py @@ -16,9 +16,8 @@ __version__ = '$Id$' from rpki.gui.cacheview.models import Cert from rpki.gui.cacheview.views import cert_chain -from rpki.gui.app.models import ResourceCert +from rpki.gui.app.models import Conf, ResourceCert from rpki.gui.app.glue import list_received_resources, get_email_list -from rpki.irdb.models import ResourceHolderCA from rpki.irdb import Zookeeper from rpki.left_right import report_error_elt, list_published_objects_elt from rpki.x509 import X509 @@ -55,7 +54,7 @@ def check_cert_list(handle, x, errs): def check_expire(conf, errs): # get certs for `handle' - cert_set = ResourceCert.objects.filter(parent__issuer=conf) + cert_set = ResourceCert.objects.filter(conf=conf) for cert in cert_set: # look up cert in cacheview db obj_set = Cert.objects.filter(repo__uri=cert.uri) @@ -87,7 +86,11 @@ def check_expire(conf, errs): msg.append(" Contact: " + ", ".join(info)) if expired: - errs.write("%s's rescert from parent %s will expire soon:\n" % (conf.handle, cert.parent.handle)) + errs.write("%s's rescert from parent %s will expire soon:\n" % ( + conf.handle, + # parent is None for the root cert + cert.parent.handle if cert.parent else 'self' + )) errs.write("Certificate chain:\n") errs.write("\n".join(msg)) errs.write("\n") @@ -126,7 +129,7 @@ def check_child_certs(conf, errs): # vhost for the web portal running on this machine is host = socket.getfqdn() -usage = '%prog [ -vV ] [ handle1 handle2... ]' +usage = '%prog [ -nV ] [ handle1 handle2... ]' description = """Generate a report detailing all RPKI/BPKI certificates which are due for impending expiration. If no resource handles are specified, a @@ -155,7 +158,7 @@ expire_time = now + datetime.timedelta(int(options.expire_days)) from_email = options.from_email # if not arguments are given, query all resource holders -qs = ResourceHolderCA.objects.all() if not args else ResourceHolderCA.objects.filter(handle__in=args) +qs = Conf.objects.all() if not args else Conf.objects.filter(handle__in=args) # check expiration of certs for all handles managed by the web portal for h in qs: diff --git a/rpkid/portal-gui/scripts/rpkigui-rcynic.py b/rpkid/portal-gui/scripts/rpkigui-rcynic.py index b7f6c661..20973a0e 100644 --- a/rpkid/portal-gui/scripts/rpkigui-rcynic.py +++ b/rpkid/portal-gui/scripts/rpkigui-rcynic.py @@ -1,4 +1,5 @@ -# Copyright (C) 2011 SPARTA, Inc. dba Cobham Analytic Solutions +# Copyright (C) 2011 SPARTA, Inc. dba Cobham +# Anaportal-gui/scripts/rpkigui-rcynic.py # Copyright (C) 2012 SPARTA, Inc. a Parsons Company # # Permission to use, copy, modify, and distribute this software for any @@ -188,7 +189,7 @@ def process_cache(root, xml_file): if obj.issuer == obj.subject: # self-signed cert (TA) assert(isinstance(inst, models.Cert)) - inst.issuer = inst + inst.issuer = None else: # if an object has moved in the repository, the entry for # the old location will still be in the database, but @@ -216,6 +217,12 @@ def process_cache(root, xml_file): dispatch[vs.file_class.__name__](obj, inst) inst.save() # don't require a save in the dispatch methods + + # for the root cert, we can't set inst.issuer = inst until + # after inst.save() has been called. + if inst.issuer is None: + inst.issuer = inst + inst.save() except: logger.error('caught exception while processing rcynic_object:\n' 'vs=' + repr(vs) + '\nobj=' + repr(obj)) |