Consolidate URI generation

svn path=/scripts/README; revision=1302

3 files changed, 26 insertions, 6 deletions

diff --git a/scripts/README b/scripts/README
index c19ef380..b0d17fa4 100644
--- a/scripts/README
+++ b/scripts/README
@@ -116,6 +116,10 @@ Current TO DO list:
 
   - Withdrawal of any of the above
 
+  Consolidate generation of filenames and URIs into methods, duh.
+
+  (tags-search "\\.\\(publish\\|withdraw\\)(\\|\\+ \"\\.")
+
 - Logging subsystem, including syslog support.
 
 - Child batch processing loop, eg, regeneration or removal of expired
diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py
index 16d06dfd..ae4a5ced 100644
--- a/scripts/rpki/sql.py
+++ b/scripts/rpki/sql.py
@@ -350,6 +350,14 @@ class ca_detail_obj(sql_persistant):
     """Fetch the current active ca_detail_obj associated with a given ca_id."""
     return cls.sql_fetch_where1(gctx, "ca_id = %s AND state = 'active'" % ca_id)
 
+  def crl_uri(self, ca):
+    """Return publication URI for this ca_detail's CRL."""
+    return ca.sia_uri + self.public_key.gSKI() + ".crl"
+
+  def manifest_uri(self, ca):
+    """Return publication URI for this ca_detail's manifest."""
+    return ca.sia_uri + self.public_key.gSKI() + ".mnf"
+
   def update(self, gctx, parent, ca, rc, sia_uri_changed, old_resources):
     """Need to get a new certificate for this ca_detail and perhaps
     frob children of this ca_detail.
@@ -401,7 +409,7 @@ class ca_detail_obj(sql_persistant):
       serial      = ca.next_serial_number(),
       sia         = None,
       aia         = self.ca_cert_uri,
-      crldp       = ca.sia_uri + self.latest_ca_cert.gSKI() + ".crl",
+      crldp       = self.crl_uri(ca),
       resources   = resources,
       notAfter    = self.latest_ca_cert.getNotAfter(),
       is_ca       = False)
@@ -420,7 +428,7 @@ class ca_detail_obj(sql_persistant):
       subject_key = subject_key,
       serial      = ca.next_serial_number(),
       aia         = self.ca_cert_uri,
-      crldp       = ca.sia_uri + self.latest_ca_cert.gSKI() + ".crl",
+      crldp       = self.crl_uri(ca),
       sia         = sia,
       resources   = resources,
       notAfter    = resources.valid_until)
@@ -485,7 +493,7 @@ class ca_detail_obj(sql_persistant):
     m = rpki.x509.SignedManifest()
     m.build(serial = ca.next_manifest_number(),
             nextUpdate = rpki.sundial.datetime.utcnow() + rpki.sundial.timedelta(seconds = self_obj.crl_interval),
-            names_and_objs = [(c.cert.gSKI() + ".cer", c.cert) for c in certs])
+            names_and_objs = [(c.uri_tail(), c.cert) for c in certs])
     m.sign(keypair = self.manifest_private_key_id,
            certs = rpki.x509.X509_chain(self.latest_manifest_cert))
 
@@ -506,6 +514,14 @@ class child_cert_obj(sql_persistant):
     if child_id or ca_detail_id or cert:
       self.sql_mark_dirty()
 
+  def uri_tail(self):
+    """Return the tail (filename) portion of the URI for this child_cert."""
+    return self.cert.gSKI() + ".cer"
+
+  def uri(self, ca):
+    """Return the publication URI for this child_cert."""
+    return ca.sia_uri + self.uri_tail()
+
   def revoke(self):
     """Mark a child cert as revoked."""
     if self.revoked is None:
diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py
index 0804bd61..a094b308 100644
--- a/scripts/rpki/up_down.py
+++ b/scripts/rpki/up_down.py
@@ -185,7 +185,7 @@ class list_pdu(base_elt):
                   child_id = %s AND ca_detail_id = %s
                   """ % (child.child_id, ca_detail.ca_detail_id)):
           c = certificate_elt()
-          c.cert_url = multi_uri(ca.sia_uri + child_cert.cert.gSKI() + ".cer")
+          c.cert_url = multi_uri(child_cert.uri(ca))
           c.cert = child_cert.cert
           rc.certs.append(c)
         rc.issuer = ca_detail.latest_ca_cert
@@ -287,7 +287,7 @@ class issue_pdu(base_elt):
     rpki.sql.sql_sweep(gctx)
     assert child_cert and child_cert.sql_in_db
     c = certificate_elt()
-    c.cert_url = multi_uri(ca.sia_uri + child_cert.cert.gSKI() + ".cer")
+    c.cert_url = multi_uri(child_cert.uri(ca))
     c.cert = child_cert.cert
     rc = class_elt()
     rc.class_name = str(ca_id)
@@ -303,7 +303,7 @@ class issue_pdu(base_elt):
     """Send an "issue" request to parent associated with ca."""
     assert ca_detail is not None and ca_detail.state not in ("deprecated", "revoked")
     sia = ((rpki.oids.name2oid["id-ad-caRepository"], ("uri", ca.sia_uri)),
-           (rpki.oids.name2oid["id-ad-rpkiManifest"], ("uri", ca.sia_uri + ca_detail.public_key.gSKI() + ".mnf")))
+           (rpki.oids.name2oid["id-ad-rpkiManifest"], ("uri", ca_detail.manifest_uri(ca))))
     self = cls()
     self.class_name = ca.parent_resource_class
     self.pkcs10 = rpki.x509.PKCS10.create_ca(ca_detail.private_key_id, sia)