Fall back to HTTP if we can't find an HTTPS URI for rpkiNotify; the

latest specification says HTTPS, but enough of the existing code has not yet caught up that it's useful to see the HTTP URIs when the HTTPS ones are missing. svn path=/branches/tk705/; revision=6215
author: Rob Austein <sra@hactrn.net> 2015-12-08 02:23:45 +0000
committer: Rob Austein <sra@hactrn.net> 2015-12-08 02:23:45 +0000
commit: 9f5ebc2dc159a95f134956203cbca33e436c0da3 (patch)
tree: 155797742ff163f7b87aa4d623ebe1ee1b000c2e /rp/utils/uri
parent: 674e3ad441bbb1e1bebeccc15f31b4776e66103e (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/rp/utils/uri b/rp/utils/uri
index 9c26d9aa..cff3419a 100755
--- a/rp/utils/uri
+++ b/rp/utils/uri
@@ -43,6 +43,9 @@ class Certificate(object):
     def first_https(self, uris):
         return self.first_whatever(uris, "https://")
 
+    def first_http(self, uris):
+        return self.first_whatever(uris, "http://")
+
     def __init__(self, fn):
         try:
             x = rpki.POW.X509.derReadFile(fn)
@@ -60,7 +63,7 @@ class Certificate(object):
             ("SIA:caRepository", self.first_rsync(sia[0])),
             ("SIA:rpkiManifest", self.first_rsync(sia[1])),
             ("SIA:signedObject", self.first_rsync(sia[2])),
-            ("SIA:rpkiNotify",   self.first_https(sia[3])),
+            ("SIA:rpkiNotify",   self.first_https(sia[3]) or self.first_http(sia[3])),
             ("CRLDP",            self.first_rsync(x.getCRLDP())))
 
     def __str__(self):
author	Rob Austein <sra@hactrn.net>	2015-12-08 02:23:45 +0000
committer	Rob Austein <sra@hactrn.net>	2015-12-08 02:23:45 +0000
commit	9f5ebc2dc159a95f134956203cbca33e436c0da3 (patch)
tree	155797742ff163f7b87aa4d623ebe1ee1b000c2e /rp/utils/uri
parent	674e3ad441bbb1e1bebeccc15f31b4776e66103e (diff)