Replace RRDP wired-in-URL kludge with proper support in OOB and

left-right protocol and irdb and rpkidb models. Not fully working yet, RRDP URI isn't yet showing up everywhere it should, but this is probably more an indication that the previous hack was incomplete than that the replacement broke something. svn path=/branches/tk705/; revision=6120
author: Rob Austein <sra@hactrn.net> 2015-10-16 04:56:43 +0000
committer: Rob Austein <sra@hactrn.net> 2015-10-16 04:56:43 +0000
commit: a89d88e2503368e0d662c57d7c0827d6d064b7b9 (patch)
tree: 8e5c9eff3bbe29cd2ce9c2d075ec51955d37f93d /ca
parent: aedcb72ef383dd9c2a146903f9fbdac9915e9af0 (diff)
4 files changed, 28 insertions, 8 deletions
diff --git a/ca/rpki-confgen.xml b/ca/rpki-confgen.xml
index 14f160ab..63e9d793 100644
--- a/ca/rpki-confgen.xml
+++ b/ca/rpki-confgen.xml
@@ -217,6 +217,15 @@
       </doc>
     </option>
 
+    <option name  = "publication_rrdp_notification_uri"
+	    value = "https://${myrpki::pubd_server_host}/rrdp/notify.xml">
+
+      <doc>
+	URI for RRDP notification file.  In most cases this should be
+	a HTTPS URL for the notify.xml file on the publication server.
+      </doc>
+    </option>
+
     <option name  = "start_rpkid"
             value = "${myrpki::run_rpkid}">
       <doc>
@@ -857,6 +866,13 @@
       </doc>
     </option>
 
+    <option name  = "rrdp-notification-uri"
+	    value = "${myrpki::publication_rrdp_notification_uri">
+      <doc>
+	RRDP URI for inclusion in generated objects.
+      </doc>
+    </option>
+
   </section>
 
   <section name = "web_portal">
diff --git a/ca/tests/smoketest.py b/ca/tests/smoketest.py
index fb121525..f52ce984 100644
--- a/ca/tests/smoketest.py
+++ b/ca/tests/smoketest.py
@@ -1018,7 +1018,7 @@ class allocation(object):
             bsc_handle = "b",
             repository_handle = "r",
             sia_base = s.sia_base,
-            bpki_cms_cert = rootd_cert,
+            bpki_cert = rootd_cert,
             sender_name = s.name,
             recipient_name = "rootd",
             peer_contact_uri = "http://localhost:%s/" % rootd_port))
@@ -1030,7 +1030,7 @@ class allocation(object):
           bsc_handle = "b",
           repository_handle = "r",
           sia_base = s.sia_base,
-          bpki_cms_cert = s.cross_certify(s.parent.name + "-SELF"),
+          bpki_cert = s.cross_certify(s.parent.name + "-SELF"),
           sender_name = s.name,
           recipient_name = s.parent.name,
           peer_contact_uri = "http://localhost:%s/up-down/%s/%s" % (s.parent.get_rpki_port(),
diff --git a/ca/tests/xml-parse-test.py b/ca/tests/xml-parse-test.py
index ac276eb4..90c80775 100644
--- a/ca/tests/xml-parse-test.py
+++ b/ca/tests/xml-parse-test.py
@@ -83,11 +83,11 @@ def lr_tester(elt_in, elt_out, msg):
               (obj.signing_cert_crl,  "Signing certificate CRL")))
       #       (obj.pkcs10_request,    "PKCS #10 request")
     if isinstance(obj, rpki.left_right.parent_elt):
-      pprint(((obj.bpki_cms_cert,     "CMS certificate"),
-              (obj.bpki_cms_glue,     "CMS glue")))
+      pprint(((obj.bpki_cert,         "BPKI certificate"),
+              (obj.bpki_glue,         "BPKI glue")))
     if isinstance(obj, (rpki.left_right.child_elt, rpki.left_right.repository_elt)):
-      pprint(((obj.bpki_cert,         "Certificate"),
-              (obj.bpki_glue,         "Glue")))
+      pprint(((obj.bpki_cert,         "BPKI certificate"),
+              (obj.bpki_glue,         "BPKI glue")))
 
 def pp_tester(elt_in, elt_out, msg):
   assert isinstance(msg, rpki.publication.msg)
diff --git a/ca/tests/yamltest.py b/ca/tests/yamltest.py
index 44b7b6bf..a279b530 100644
--- a/ca/tests/yamltest.py
+++ b/ca/tests/yamltest.py
@@ -208,6 +208,7 @@ class allocation(object):
   pubd_port     = -1
   rsync_port    = -1
   rootd_port    = -1
+  rrdp_port     = -1
   rpkic_counter = 0L
 
   @classmethod
@@ -274,6 +275,7 @@ class allocation(object):
     if self.runs_pubd:
       self.pubd_port  = self.allocate_port()
       self.rsync_port = self.allocate_port()
+      self.rrdp_port  = self.allocate_port()
     if self.is_root:
       self.rootd_port = self.allocate_port()
 
@@ -502,6 +504,7 @@ class allocation(object):
       pubd_server_host                  = "localhost",
       pubd_server_port                  = str(self.pubd.pubd_port),
       publication_rsync_server          = "localhost:%s" % self.pubd.rsync_port,
+      publication_rrdp_notification_uri = "http://localhost:%s/rrdp/notify.xml" % self.pubd.rrdp_port,
       bpki_servers_directory            = self.path(),
       publication_base_directory        = self.path("publication"),
       rrdp_publication_base_directory   = self.path("rrdp-publication"),
@@ -698,8 +701,9 @@ def create_root_certificate(db_root):
 
   root_uri = "rsync://localhost:%d/rpki/%s-root/root" % (db_root.pubd.rsync_port, db_root.name)
 
-  from rpki.publication import rrdp_sia_uri_kludge
-  root_sia = (root_uri + "/", root_uri + "/root.mft", None, rrdp_sia_uri_kludge)
+  rrdp_uri = "http://localhost:%s/rrdp/notify.xml" % db.root.pubd.rrdp_port
+
+  root_sia = (root_uri + "/", root_uri + "/root.mft", None, rrdp_uri)
 
   root_cert = rpki.x509.X509.self_certify(
     keypair     = root_key,
author	Rob Austein <sra@hactrn.net>	2015-10-16 04:56:43 +0000
committer	Rob Austein <sra@hactrn.net>	2015-10-16 04:56:43 +0000
commit	a89d88e2503368e0d662c57d7c0827d6d064b7b9 (patch)
tree	8e5c9eff3bbe29cd2ce9c2d075ec51955d37f93d /ca
parent	aedcb72ef383dd9c2a146903f9fbdac9915e9af0 (diff)