Sort out BPKI mess with rootd talking to pubd. Underlying problem is

that smoketest.py uses an obsolete BPKI model which requires different configuration than modern code. Real fix is several different major refactoring jobs (merging rootd into rpkid, merging all three YAML-based test tools...). As usual, not today. svn path=/branches/tk705/; revision=5914
author: Rob Austein <sra@hactrn.net> 2014-08-06 22:52:28 +0000
committer: Rob Austein <sra@hactrn.net> 2014-08-06 22:52:28 +0000
commit: 8032686109d62e4dbd8bb2955fbaa7b2bbdcebbb (patch)
tree: 7e2dfe60edb159d887bfdbde62ff52ca2bdd1394 /rpki/rootd.py
parent: cd8becc8460679775f3e7a5ef61046a17bcab3f2 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/rpki/rootd.py b/rpki/rootd.py
index bd940534..0508dc49 100644
--- a/rpki/rootd.py
+++ b/rpki/rootd.py
@@ -337,7 +337,7 @@ class main(object):
         try:
           logger.debug("Received response from pubd")
           r_cms = rpki.publication.cms_msg(DER = r_der)
-          r_msg = r_cms.unwrap(self.bpki_ta)
+          r_msg = r_cms.unwrap((self.bpki_ta, self.pubd_bpki_cert))
           self.pubd_cms_timestamp = r_cms.check_replay(self.pubd_cms_timestamp, self.pubd_contact_uri)
           for r_pdu in r_msg:
             r_pdu.raise_if_error()
@@ -450,7 +450,11 @@ class main(object):
     self.rootd_bpki_cert         = rpki.x509.X509(Auto_update = self.cfg.get("rootd-bpki-cert"))
     self.rootd_bpki_crl          = rpki.x509.CRL( Auto_update = self.cfg.get("rootd-bpki-crl"))
     self.child_bpki_cert         = rpki.x509.X509(Auto_update = self.cfg.get("child-bpki-cert"))
-    self.pubd_bpki_cert          = rpki.x509.X509(Auto_update = self.cfg.get("pubd-bpki-cert"))
+
+    if self.cfg.has_option("pubd-bpki-cert"):
+      self.pubd_bpki_cert        = rpki.x509.X509(Auto_update = self.cfg.get("pubd-bpki-cert"))
+    else:
+      self.pubd_bpki_cert        = None
 
     self.http_server_host        = self.cfg.get("server-host", "")
     self.http_server_port        = self.cfg.getint("server-port")
author	Rob Austein <sra@hactrn.net>	2014-08-06 22:52:28 +0000
committer	Rob Austein <sra@hactrn.net>	2014-08-06 22:52:28 +0000
commit	8032686109d62e4dbd8bb2955fbaa7b2bbdcebbb (patch)
tree	7e2dfe60edb159d887bfdbde62ff52ca2bdd1394 /rpki/rootd.py
parent	cd8becc8460679775f3e7a5ef61046a17bcab3f2 (diff)