diff options
| -rw-r--r-- | myrpki/myirbe.py | 1 | ||||
| -rw-r--r-- | myrpki/myrpki.py | 36 | ||||
| -rw-r--r-- | myrpki/myrpki.rng | 2 |
3 files changed, 23 insertions, 16 deletions
diff --git a/myrpki/myirbe.py b/myrpki/myirbe.py index 2aea4e88..921f4cb2 100644 --- a/myrpki/myirbe.py +++ b/myrpki/myirbe.py @@ -21,6 +21,7 @@ PERFORMANCE OF THIS SOFTWARE. import lxml.etree, base64, subprocess, sys, os, time, getopt, MySQLdb import rpki.https, rpki.config, rpki.resource_set, rpki.relaxng import rpki.exceptions, rpki.left_right, rpki.log, rpki.x509 +import myrpki rng = lxml.etree.RelaxNG(lxml.etree.parse("myrpki.rng")) diff --git a/myrpki/myrpki.py b/myrpki/myrpki.py index be3fbbdc..954afcf0 100644 --- a/myrpki/myrpki.py +++ b/myrpki/myrpki.py @@ -197,7 +197,9 @@ def PEMElement(e, tag, filename): e = SubElement(e, tag) e.text = "".join(p.strip() for p in open(filename).readlines()[1:-1]) -class bpki(object): +class CA(object): + + debug = False def __init__(self, cfg, dir, cer): self.cfg = cfg @@ -210,6 +212,16 @@ class bpki(object): self.serial = dir + "/serial" self.crlnum = dir + "/crl_number" + def run_ca(self, *args, **env): + cmd = ("openssl", "ca", "-notext", "-batch", "-config", self.cfg) + args + env = env.copy() + if "PATH" in os.environ: + env["PATH"] = os.environ["PATH"] + if self.debug: + print "cmd: %r" % (cmd,) + print "env: %r" % (env,) + subprocess.check_call(cmd, env = env) + def setup(self): if not os.path.exists(self.dir): @@ -239,13 +251,7 @@ class bpki(object): "-out", self.req)) if not os.path.exists(self.cer): - subprocess.check_call(("openssl", "ca", "-batch", "-notext", - #"-verbose", - "-extensions", "ca_x509_ext_ca", - "-config", self.cfg, - "-selfsign", - "-in", self.req, - "-out", self.cer)) + self.run_ca("-selfsign", "-extensions", "ca_x509_ext_ca", "-in", self.req, "-out", self.cer) if not os.path.exists(self.crl): subprocess.check_call(("openssl", "ca", "-batch", "-batch", "-notext", @@ -355,8 +361,8 @@ def main(): if r: bsc_req = base64.b64decode(r) - ca = bpki(cfg_file, bpki_dir, bpki_cacert) - ca.setup() + bpki = CA(cfg_file, bpki_dir, bpki_cacert) + bpki.setup() e = Element("myrpki", xmlns = namespace, version = "1", handle = my_handle) @@ -366,16 +372,16 @@ def main(): children_csv_file = children_csv_file, prefix_csv_file = prefix_csv_file, asn_csv_file = asn_csv_file, - xcert = ca.xcert).xml(e) + xcert = bpki.xcert).xml(e) parents.from_csv( parents_csv_file = parents_csv_file, - xcert = ca.xcert).xml(e) + xcert = bpki.xcert).xml(e) - PEMElement(e, "bpki_ca_certificate", ca.cer) - PEMElement(e, "bpki_crl", ca.crl) + PEMElement(e, "bpki_ca_certificate", bpki.cer) + PEMElement(e, "bpki_crl", bpki.crl) - ca.bsc(e, bsc_req) + bpki.bsc(e, bsc_req) ElementTree(e).write(xml_filename + ".tmp") os.rename(xml_filename + ".tmp", xml_filename) diff --git a/myrpki/myrpki.rng b/myrpki/myrpki.rng index d35db9fc..96d5d289 100644 --- a/myrpki/myrpki.rng +++ b/myrpki/myrpki.rng @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: myrpki.rnc 2546 2009-06-26 23:54:17Z sra $ + $Id: myrpki.rnc 2560 2009-07-02 05:49:19Z sra $ RelaxNG Schema for MyRPKI XML messages |