diff options
| author | Rob Austein <sra@hactrn.net> | 2015-07-21 14:05:44 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2015-07-21 14:05:44 +0000 |
| commit | d9bd71463fc2d47503c3300b3a207a7b8124d8b6 (patch) | |
| tree | 9031d4234c008fbc5ff51fe8f3d4ac4f3b57b623 /rpki/x509.py | |
| parent | 6730c76fbf4c698ff5cdc730df424701113ef165 (diff) | |
Start catching up on six months worth of little changes in RRDP.
svn path=/branches/tk705/; revision=6081
Diffstat (limited to 'rpki/x509.py')
| -rw-r--r-- | rpki/x509.py | 33 |
1 files changed, 23 insertions, 10 deletions
diff --git a/rpki/x509.py b/rpki/x509.py index 99e96d61..61022520 100644 --- a/rpki/x509.py +++ b/rpki/x509.py @@ -70,29 +70,41 @@ def looks_like_PEM(text): i = text.find("-----BEGIN ") return i >= 0 and text.find("\n-----END ", i) > i -def first_rsync_uri(xia): +def first_uri_matching_prefix(xia, prefix): """ - Find first rsync URI in a sequence of AIA or SIA URIs. - Returns the URI if found, otherwise None. + Find first URI in a sequence of AIA or SIA URIs which matches a + particular prefix string. Returns the URI if found, otherwise None. """ if xia is not None: for uri in xia: - if uri.startswith("rsync://"): + if uri.startswith(prefix): return uri return None +def first_rsync_uri(xia): + """ + Find first rsync URI in a sequence of AIA or SIA URIs. + Returns the URI if found, otherwise None. + """ + + return first_uri_matching_prefix(xia, "rsync://") + def first_http_uri(xia): """ Find first HTTP URI in a sequence of AIA or SIA URIs. Returns the URI if found, otherwise None. """ - if xia is not None: - for uri in xia: - if uri.startswith("http://"): - return uri - return None + return first_uri_matching_prefix(xia, "http://") + +def first_https_uri(xia): + """ + Find first HTTPS URI in a sequence of AIA or SIA URIs. + Returns the URI if found, otherwise None. + """ + + return first_uri_matching_prefix(xia, "https://") def sha1(data): """ @@ -508,11 +520,12 @@ class DER_object(object): def get_sia_rrdp_notify(self): """ Get SIA RRDP (id-ad-rpkiNotify) URI from this object. + We prefer HTTPS over HTTP if both are present. Only works for subclasses that support getSIA(). """ sia = self.get_POW().getSIA() - return None if sia is None else first_http_uri(sia[3]) + return None if sia is None else first_https_uri(sia[3]) or first_http_uri(sia[3]) def get_AIA(self): """ |