diff options
| author | Rob Austein <sra@hactrn.net> | 2015-11-29 23:38:36 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2015-11-29 23:38:36 +0000 |
| commit | 9bd9128b2ff3a6fe02fec0430a7f39d4bbe1d137 (patch) | |
| tree | 097e4768cf6f2f0ceaaaf2cff43d9c094d9e6476 /rp/rcynic | |
| parent | 60c104039e9b71b897b00790fee0dbe4678b37de (diff) | |
Fix confused handling of staleness flags.
svn path=/branches/tk705/; revision=6207
Diffstat (limited to 'rp/rcynic')
| -rwxr-xr-x | rp/rcynic/rcynicng | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/rp/rcynic/rcynicng b/rp/rcynic/rcynicng index b5139dec..6c0a9b46 100755 --- a/rp/rcynic/rcynicng +++ b/rp/rcynic/rcynicng @@ -392,6 +392,11 @@ class Manifest(rpki.POW.Manifest): self.notAfter = self.ee.getNotAfter() if self.thisUpdate < self.notBefore or self.nextUpdate > self.notAfter: status.add(codes.MANIFEST_INTERVAL_OVERRUNS_CERT) + now = rpki.sundial.now() + if self.thisUpdate > now: + status.add(codes.MANIFEST_NOT_YET_VALID) + if self.nextUpdate < now: + status.add(codes.STALE_CRL_OR_MANIFEST) codes.normalize(status) return not any(s.kind == "bad" for s in status) @@ -566,20 +571,10 @@ class WalkFrame(object): install_object(self.mft) Status.add(mft_uri, self.mft.generation, codes.OBJECT_ACCEPTED) - now = rpki.sundial.now() - - self.stale_crl = now > self.crl.nextUpdate - if self.stale_crl: - logger.debug("Stale CRL %s %s", self.crl.nextUpdate, self.crl.uri) - Status.add(self.crl.uri, self.crl.generation, codes.STALE_CRL_OR_MANIFEST) + self.stale_crl = Status.test(self.crl.uri, self.crl.generation, codes.STALE_CRL_OR_MANIFEST) + self.stale_mft = Status.test(self.mft.uri, self.mft.generation, codes.STALE_CRL_OR_MANIFEST) - self.stale_mft = now > self.mft.nextUpdate - if self.stale_mft: - logger.debug("Stale Manifest %s %s", self.mft.nextUpdate, self.mft.uri) - Status.add(self.mft.uri, self.mft.generation, codes.STALE_CRL_OR_MANIFEST) - - # Use an explicit iterator so we can resume it later. - # Run the loop in a separate method for the same reason. + # Use an explicit iterator so we can resume it; run loop in separate method, same reason. self.mft_iterator = iter(self.mft.getFiles()) self.state = self.loop @@ -810,6 +805,11 @@ class Fetcher(object): # process exit status directly from the operating system. In theory, the WNOHANG # isn't necessary here, we use it anyway to be safe in case theory is wrong. + # If we need to add a timeout here to guard against rsync processes taking too long + # (which has happened in the past with, eg, LACNIC), see tornado.gen.with_timeout() + # (documented in the utility functions section of the tornado.gen page), which wraps + # any future in a timeout. + t0 = time.time() rsync = tornado.process.Subprocess(cmd, stdout = tornado.process.Subprocess.STREAM, stderr = subprocess.STDOUT) logger.debug("rsync[%s] started \"%s\"", rsync.pid, " ".join(cmd)) |