diff options
| author | Rob Austein <sra@hactrn.net> | 2014-03-30 23:25:31 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2014-03-30 23:25:31 +0000 |
| commit | e17652a55408d56c5cfca884b0e488c8fd67fb60 (patch) | |
| tree | 68d135702bb242b453778a73be7d28806ba8c946 | |
| parent | 9e54978512a9a6903aa9ad3508dda17e61cef66a (diff) | |
First cut at upgrade script for change [5678]. Needs testing.
svn path=/branches/tk671/; revision=5719
| -rw-r--r-- | rpkid/rpki/rpkic.py | 11 | ||||
| -rw-r--r-- | rpkid/upgrade-scripts/upgrade-irdbd-to-0.5678.py | 49 |
2 files changed, 60 insertions, 0 deletions
diff --git a/rpkid/rpki/rpkic.py b/rpkid/rpki/rpkic.py index 37154315..10a04987 100644 --- a/rpkid/rpki/rpkic.py +++ b/rpkid/rpki/rpkic.py @@ -839,3 +839,14 @@ class main(Cmd): """ print rpki.version.VERSION + + + @parsecmd(argsubparsers) + def do_list_self_handles(self, args): + """ + List all <self/> handles in this rpkid instance. + """ + + for ca in rpki.irdb.ResourceHolderCA.objects.all(): + print ca.handle + diff --git a/rpkid/upgrade-scripts/upgrade-irdbd-to-0.5678.py b/rpkid/upgrade-scripts/upgrade-irdbd-to-0.5678.py new file mode 100644 index 00000000..b46ce5d7 --- /dev/null +++ b/rpkid/upgrade-scripts/upgrade-irdbd-to-0.5678.py @@ -0,0 +1,49 @@ +# $Id$ +# +# Copyright (C) 2014 Dragon Research Labs ("DRL") +# +# Permission to use, copy, modify, and distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND DRL DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL DRL BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +""" +Schedule action to force certificate reissuance as part of upgrade to +version 0.5678 of the rpki-ca toolkit. + +This code is evaluated in the context of rpki-sql-setup's +do_apply_upgrades() function and has access to its variables. +""" + +# Real work here has to be a deferred upgrade because the daemons have +# to be running for anything useful to happen. + +db.add_deferred_upgrade(''' + +print """ + Version 0.5678 included a change which changed publication + URIs embedded in issued certificates, which requires reissuing + all affected certificates before everything will really work + properly again. Attempting to do this automatically... +""" + +import subprocess, time + +handles = subprocess.check_output(("rpkic", "list_self_handles")).splitlines() + +for handle in handles: + + print "Forcing reissuance for", handle + subprocess.check_call(("rpkic", "-i", handle, "force_reissue")) + + print "Forcing publication for", handle + subprocess.check_call(("rpkic", "-i", handle, "force_publication")) + +''') |