rootd with publciation protocol mostly working with modern IRDB.

svn path=/branches/tk705/; revision=5913

3 files changed, 29 insertions, 11 deletions

diff --git a/rpki/irdb/zookeeper.py b/rpki/irdb/zookeeper.py
index 0effe213..c9f7d78e 100644
--- a/rpki/irdb/zookeeper.py
+++ b/rpki/irdb/zookeeper.py
@@ -1543,6 +1543,23 @@ class Zookeeper(object):
           bpki_cert = client.certificate,
           base_uri = client.sia_base))
 
+    # rootd instances are also a weird sort of client
+
+    for rootd in rpki.irdb.Rootd.objects.all():
+
+      client_handle = rootd.issuer.handle + "-root"
+      client_pdu = client_pdus.pop(client_handle, None)
+      sia_base = "rsync://%s/%s/%s/" % (self.rsync_server, self.rsync_module, client_handle)
+
+      if (client_pdu is None or
+          client_pdu.base_uri != sia_base or
+          client_pdu.bpki_cert != rootd.issuer.certificate):
+        pubd_query.append(rpki.publication_control.client_elt.make_pdu(
+          action = "create" if client_pdu is None else "set",
+          client_handle = client_handle,
+          bpki_cert = rootd.issuer.certificate,
+          base_uri = sia_base))
+
     # Delete any unknown clients
 
     pubd_query.extend(rpki.publication_control.client_elt.make_pdu(
diff --git a/rpki/pubd.py b/rpki/pubd.py
index 22335ce8..8b58747e 100644
--- a/rpki/pubd.py
+++ b/rpki/pubd.py
@@ -181,9 +181,8 @@ class main(object):
       if not q_msg.is_query():
         raise rpki.exceptions.BadQuery("Message type is not query")
       r_msg = q_msg.__class__.reply()
-      delta = self.session.new_delta()
+      delta = None
       failed = False
-      did_something = False
       for q_pdu in q_msg:
         try:
           if isinstance(q_pdu, rpki.publication.list_elt):
@@ -194,6 +193,8 @@ class main(object):
               r_pdu.hash = obj.hash
               r_msg.append(r_pdu)
           else:
+            if delta is None and not failed:
+              delta = self.session.new_delta()
             q_pdu.gctx = self
             q_pdu.client = client
             q_pdu.client.check_allowed_uri(q_pdu.uri)
@@ -202,7 +203,6 @@ class main(object):
             r_pdu.tag = q_pdu.tag
             r_pdu.uri = q_pdu.uri
             r_msg.append(r_pdu)
-            did_something = True
         except (rpki.async.ExitNow, SystemExit):
           raise
         except Exception, e:
@@ -210,15 +210,16 @@ class main(object):
             logger.exception("Exception processing PDU %r", q_pdu)
           r_msg.append(rpki.publication.report_error_elt.from_exception(e, q_pdu.tag))
           failed = True
+          if delta is not None:
+            delta.sql_delete()
+            self.session.serial -= 1
+            self.session.sql_mark_dirty()
       #
-      # This isn't really right as long as we're using SQL autocommit
+      # This isn't really right as long as we're using SQL autocommit;
+      # there should be an SQL ROLLBACK somewhere if anything above fails.
       #
-      if failed or not did_something:
-        # This should SQL rollback
-        #
-        # Under current scheme I don't think delta is in SQL yet so this may be wrong
-        delta.sql_delete()
-      else:
+      if delta is not None:
+        assert not failed
         delta.activate()
         self.sql.sweep()
         self.session.generate_snapshot()
diff --git a/rpki/rootd.py b/rpki/rootd.py
index b1b29487..bd940534 100644
--- a/rpki/rootd.py
+++ b/rpki/rootd.py
@@ -337,7 +337,7 @@ class main(object):
         try:
           logger.debug("Received response from pubd")
           r_cms = rpki.publication.cms_msg(DER = r_der)
-          r_msg = r_cms.unwrap((self.bpki_ta, self.pubd_bpki_cert))
+          r_msg = r_cms.unwrap(self.bpki_ta)
           self.pubd_cms_timestamp = r_cms.check_replay(self.pubd_cms_timestamp, self.pubd_contact_uri)
           for r_pdu in r_msg:
             r_pdu.raise_if_error()