Manifest EE certificates were not including the SIA signedObject URI,

as required by the current manifest specification. svn path=/trunk/; revision=4266
author: Rob Austein <sra@hactrn.net> 2012-01-26 03:52:42 +0000
committer: Rob Austein <sra@hactrn.net> 2012-01-26 03:52:42 +0000
commit: 2f32854eee46befb280dd3e2b47e3c7d8c803e4f (patch)
tree: 48a6c1273c3aa3b3b78b0b24c49c5c3e4d669da4 /rpkid/rpki/rootd.py
parent: 5bf7d2750c906084fe2b61132f7f4325d101eb9c (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/rpkid/rpki/rootd.py b/rpkid/rpki/rootd.py
index b289c3e8..1fccc4c3 100644
--- a/rpkid/rpki/rootd.py
+++ b/rpkid/rpki/rootd.py
@@ -39,7 +39,7 @@ PERFORMANCE OF THIS SOFTWARE.
 import os, time, getopt, sys
 import rpki.resource_set, rpki.up_down, rpki.left_right, rpki.x509
 import rpki.http, rpki.config, rpki.exceptions, rpki.relaxng
-import rpki.sundial, rpki.log
+import rpki.sundial, rpki.log, rpki.oids
 
 rootd = None
 
@@ -200,7 +200,8 @@ class main(object):
       keypair     = self.rpki_root_key,
       subject_key = manifest_keypair.get_RSApublic(),
       serial      = serial + 1,
-      sia         = None,
+      sia         = ((rpki.oids.name2oid["id-ad-signedObject"],
+                      ("uri", self.rpki_base_uri + self.rpki_root_manifest)),),
       aia         = self.rpki_root_cert_uri,
       crldp       = crldp,
       resources   = manifest_resources,
author	Rob Austein <sra@hactrn.net>	2012-01-26 03:52:42 +0000
committer	Rob Austein <sra@hactrn.net>	2012-01-26 03:52:42 +0000
commit	2f32854eee46befb280dd3e2b47e3c7d8c803e4f (patch)
tree	48a6c1273c3aa3b3b78b0b24c49c5c3e4d669da4 /rpkid/rpki/rootd.py
parent	5bf7d2750c906084fe2b61132f7f4325d101eb9c (diff)