Add clear_signing_certs and clear_extension_preferences attributes to left-right.

svn path=/docs/left-right-xml; revision=985

6 files changed, 30 insertions, 16 deletions

diff --git a/scripts/Makefile b/scripts/Makefile
index 5aa33cba..7003b602 100644
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -22,7 +22,7 @@ test: all
 dont-run-trang:
 	touch *.rng
 
-relaxng: left-right-protocol-samples/.stamp
+relaxng: left-right-protocol-samples/.stamp left-right-schema.rng up-down-schema.rng
 	xmllint --noout --relaxng left-right-schema.rng left-right-protocol-samples/*.xml
 	xmllint --noout --relaxng    up-down-schema.rng    up-down-protocol-samples/*.xml
 
diff --git a/scripts/left-right-protocol-samples/pdu.003.xml b/scripts/left-right-protocol-samples/pdu.003.xml
index 96ae3d05..7fd4784e 100644
--- a/scripts/left-right-protocol-samples/pdu.003.xml
+++ b/scripts/left-right-protocol-samples/pdu.003.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="US-ASCII"?>
 <!--Automatically generated, do not edit.-->
 <msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
-  <self action="set" type="query" self_id="42" rekey="yes" reissue="yes" revoke="yes" run_now="yes" publish_world_now="yes">
+  <self action="set" type="query" self_id="42" rekey="yes" reissue="yes" revoke="yes" run_now="yes" publish_world_now="yes" clear_extension_preferences="yes">
     <extension_preference name="color">Blue</extension_preference>
   </self>
 </msg>
diff --git a/scripts/left-right-protocol-samples/pdu.013.xml b/scripts/left-right-protocol-samples/pdu.013.xml
index 0df2b972..3c1c5adc 100644
--- a/scripts/left-right-protocol-samples/pdu.013.xml
+++ b/scripts/left-right-protocol-samples/pdu.013.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="US-ASCII"?>
 <!--Automatically generated, do not edit.-->
 <msg xmlns="http://www.hactrn.net/uris/rpki/left-right-spec/" version="1">
-  <bsc action="set" type="query" self_id="42" bsc_id="17">
+  <bsc action="set" type="query" self_id="42" bsc_id="17" clear_signing_certs="yes">
     <signing_cert>
                 MIIDHTCCAgWgAwIBAgIJAKUUCoKn9ovVMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
                 BAMTG1Rlc3QgQ2VydGlmaWNhdGUgQWxpY2UgUm9vdDAeFw0wNzA4MDExOTUzMDda
diff --git a/scripts/left-right-schema.rnc b/scripts/left-right-schema.rnc
index afc843c0..a197230f 100644
--- a/scripts/left-right-schema.rnc
+++ b/scripts/left-right-schema.rnc
@@ -44,7 +44,8 @@ self_bool = (attribute rekey { "yes" }?,
              attribute reissue { "yes" }?,
              attribute revoke { "yes" }?,
              attribute run_now { "yes" }?,
-             attribute publish_world_now { "yes" }?)
+             attribute publish_world_now { "yes" }?,
+             attribute clear_extension_preferences { "yes" }?)
 
 self_payload = element extension_preference {
   attribute name { xsd:token { maxLength="1024" } },
@@ -66,10 +67,11 @@ self_elt |= element self { ctl_dr, self_id }
 
 # <bsc/> element
 
-bsc_bool = (attribute generate_keypair { "yes" },
-            attribute key_type { xsd:token { maxLength="1024" } }?,
-            attribute hash_alg { xsd:token { maxLength="1024" } }?,
-            attribute key_length { xsd:token { maxLength="1024" } }?)?
+bsc_bool = ((attribute generate_keypair { "yes" },
+             attribute key_type { xsd:token { maxLength="1024" } }?,
+             attribute hash_alg { xsd:token { maxLength="1024" } }?,
+             attribute key_length { xsd:token { maxLength="1024" } }?)?,
+            attribute clear_signing_certs { "yes" }?)
 
 bsc_id = attribute bsc_id { sql_id }
 
diff --git a/scripts/left-right-schema.rng b/scripts/left-right-schema.rng
index 87182778..12978650 100644
--- a/scripts/left-right-schema.rng
+++ b/scripts/left-right-schema.rng
@@ -159,6 +159,11 @@
         <value>yes</value>
       </attribute>
     </optional>
+    <optional>
+      <attribute name="clear_extension_preferences">
+        <value>yes</value>
+      </attribute>
+    </optional>
   </define>
   <define name="self_payload">
     <zeroOrMore>
@@ -271,6 +276,11 @@
         </attribute>
       </optional>
     </optional>
+    <optional>
+      <attribute name="clear_signing_certs">
+        <value>yes</value>
+      </attribute>
+    </optional>
   </define>
   <define name="bsc_id">
     <attribute name="bsc_id">
diff --git a/scripts/rpki/left_right.py b/scripts/rpki/left_right.py
index 7156dc99..9b1f0d89 100644
--- a/scripts/rpki/left_right.py
+++ b/scripts/rpki/left_right.py
@@ -157,7 +157,7 @@ class bsc_elt(data_elt):
   
   element_name = "bsc"
   attributes = ("action", "type", "self_id", "bsc_id", "key_type", "hash_alg", "key_length")
-  booleans = ("generate_keypair",)
+  booleans = ("generate_keypair", "clear_signing_certs")
 
   sql_template = rpki.sql.template("bsc", "bsc_id", "self_id", "public_key", "private_key_id")
 
@@ -181,12 +181,7 @@ class bsc_elt(data_elt):
 
   def serve_copy_hook(self, db_pdu):
     if self.signing_cert is not None:
-      #
-      # If we had a flag telling us to reset the signing_cert list, we'd
-      # check for it here.  For the moment, assume we always concatenate
-      # and never overwrite.
-      #
-      if False:
+      if self.clear_signing_certs:
         db_pdu.signing_cert = self.signing_cert
       else:
         db_pdu.signing_cert = db_pdu.signing_cert + self.signing_cert
@@ -393,7 +388,7 @@ class self_elt(data_elt):
 
   element_name = "self"
   attributes = ("action", "type", "self_id")
-  booleans = ("rekey", "reissue", "revoke", "run_now", "publish_world_now")
+  booleans = ("rekey", "reissue", "revoke", "run_now", "publish_world_now", "clear_extension_preferences")
 
   sql_template = rpki.sql.template("self", "self_id", "use_hsm")
 
@@ -419,6 +414,13 @@ class self_elt(data_elt):
   def sql_delete_hook(self, db, cur):
     cur.execute("DELETE FROM self_pref WHERE self_id = %s", self.self_id)
 
+  def serve_copy_hook(self, db_pdu):
+    if self.prefs:
+      if self.clear_extension_preferences:
+        db_pdu.prefs = self.prefs
+      else:
+        db_pdu.prefs = db_pdu.prefs + self.prefs
+
   def startElement(self, stack, name, attrs):
     """Handle <self/> element."""
     if name == "extension_preference":