rootd migration finally working right. I think. Could stand more testing.

svn path=/branches/tk705/; revision=6421
author: Rob Austein <sra@hactrn.net> 2016-05-05 06:23:24 +0000
committer: Rob Austein <sra@hactrn.net> 2016-05-05 06:23:24 +0000
commit: 628fac246498569c4ceed6a2d4a033d9254befb0 (patch)
tree: e02601efadb22aff1ac1a66e50c7dae5df08e3b6 /rpki
parent: 74609ee8900501784f7f1a3f568a42503e3a1f86 (diff)
3 files changed, 27 insertions, 5 deletions
diff --git a/rpki/irdbd.py b/rpki/irdbd.py
index 7a2c4606..98fe83ea 100644
--- a/rpki/irdbd.py
+++ b/rpki/irdbd.py
@@ -35,12 +35,16 @@ import rpki.log
 import rpki.x509
 import rpki.daemonize
 
-from lxml.etree import Element, SubElement
+from lxml.etree import Element, SubElement, tostring as ElementToString
 
 logger = logging.getLogger(__name__)
 
 class main(object):
 
+    # Whether to drop XMl into the log
+
+    debug = False
+
     def handle_list_resources(self, q_pdu, r_msg):
         tenant_handle = q_pdu.get("tenant_handle")
         child_handle  = q_pdu.get("child_handle")
@@ -117,6 +121,8 @@ class main(object):
             q_cms = rpki.left_right.cms_msg(DER = q_der)
             q_msg = q_cms.unwrap((serverCA.certificate, rpkid.certificate))
             self.cms_timestamp = q_cms.check_replay(self.cms_timestamp, request.path)
+            if self.debug:
+                logger.debug("Received: %s", ElementToString(q_msg))
             if q_msg.get("type") != "query":
                 raise rpki.exceptions.BadQuery("Message type is {}, expected query".format(
                     q_msg.get("type")))
@@ -134,6 +140,8 @@ class main(object):
                 if q_pdu.get("tag") is not None:
                     r_pdu.set("tag", q_pdu.get("tag"))
 
+            if self.debug:
+                logger.debug("Sending: %s", ElementToString(r_msg))
             request.send_cms_response(rpki.left_right.cms_msg().wrap(
                 r_msg, irdbd.private_key, irdbd.certificate))
 
diff --git a/rpki/rpkic.py b/rpki/rpkic.py
index d90ad690..5e0efe0f 100644
--- a/rpki/rpkic.py
+++ b/rpki/rpkic.py
@@ -868,6 +868,20 @@ class main(Cmd):
 
 
     @parsecmd(argsubparsers)
+    def do_force_run_now(self, args):
+        """
+        Force rpkid to run periodic tasks for this Tenant immediately.
+
+        This is not usually necessary, as rpkid runs all of these
+        tasks on a regular schedule, but this command can be useful
+        occasionally when configuration change is taking a long time
+        to percolate through a series of parent/child exchanges.
+        """
+
+        self.zoo.run_rpkid_now()
+
+
+    @parsecmd(argsubparsers)
     def do_up_down_rekey(self, args):
         """
         Initiate a "rekey" operation.
diff --git a/rpki/rpkidb/models.py b/rpki/rpkidb/models.py
index 31c367ba..3021a0d4 100644
--- a/rpki/rpkidb/models.py
+++ b/rpki/rpkidb/models.py
@@ -748,6 +748,7 @@ class Parent(models.Model):
     @tornado.gen.coroutine
     def query_up_down(self, rpkid, q_msg):
         trace_call_chain()
+        #logger.debug("%r query_up_down(): %s", self, ElementToString(q_msg))
         if self.root_asn_resources or self.root_ipv4_resources or self.root_ipv6_resources:
             r_msg = yield self.query_up_down_root(rpkid, q_msg)
         elif self.bsc is None:
@@ -773,6 +774,7 @@ class Parent(models.Model):
                                   self.tenant.bpki_cert, self.tenant.bpki_glue,
                                   self.bpki_cert, self.bpki_glue))
             r_cms.check_replay_sql(self, self.peer_contact_uri)
+        #logger.debug("%r query_up_down(): %s", self, ElementToString(r_msg))
         rpki.up_down.check_response(r_msg, q_msg.get("type"))
         raise tornado.gen.Return(r_msg)
 
@@ -798,8 +800,6 @@ class Parent(models.Model):
         trace_call_chain()
         publisher = rpki.rpkid.publication_queue(rpkid = rpkid)
 
-        #logger.debug("%r query_up_down_root(): %s", self, ElementToString(q_msg))
-
         r_msg = Element(rpki.up_down.tag_message,
                         nsmap     = rpki.up_down.nsmap,
                         version   = rpki.up_down.version,
@@ -915,8 +915,6 @@ class Parent(models.Model):
             r_msg.set("type", "error_response")
             SubElement(r_msg, rpki.up_down.tag_status).text = "2001"
 
-        #logger.debug("%r query_up_down_root(): %s", self, ElementToString(r_msg))
-
         raise tornado.gen.Return(r_msg)
 
 
@@ -1875,6 +1873,8 @@ class ChildCert(models.Model):
             resources = old_resources
         if sia is None:
             sia = old_sia
+        if len(sia) < 4 or not sia[3]:
+            sia = (sia[0], sia[1], sia[2], ca_detail.ca.parent.repository.rrdp_notification_uri)
         assert resources.valid_until is not None and old_resources.valid_until is not None
         if resources.asn != old_resources.asn or resources.v4 != old_resources.v4 or resources.v6 != old_resources.v6:
             logger.debug("Resources changed for %r: old %s new %s", self, old_resources, resources)
author	Rob Austein <sra@hactrn.net>	2016-05-05 06:23:24 +0000
committer	Rob Austein <sra@hactrn.net>	2016-05-05 06:23:24 +0000
commit	628fac246498569c4ceed6a2d4a033d9254befb0 (patch)
tree	e02601efadb22aff1ac1a66e50c7dae5df08e3b6 /rpki
parent	74609ee8900501784f7f1a3f568a42503e3a1f86 (diff)