diff options
| -rw-r--r-- | scripts/rpki/sql.py | 20 | ||||
| -rw-r--r-- | scripts/rpki/up_down.py | 3 |
2 files changed, 13 insertions, 10 deletions
diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py index 645766d0..f42b4b41 100644 --- a/scripts/rpki/sql.py +++ b/scripts/rpki/sql.py @@ -169,23 +169,18 @@ class ca_detail_obj(sql_persistant): """Internal CA detail object.""" sql_template = template("ca", "ca_detail_id", "private_key_id", "public_key", "latest_ca_cert", "manifest_private_key_id", - "manifest_public_key", "latest_manifest_cert", "latest_manifest", "latest_crl", "ca_id") - - def __init__(self): - self.certs = [] + "manifest_public_key", "latest_manifest_cert", "latest_manifest", "latest_crl", "status", "ca_id") def sql_decode(self, vals): sql_persistant.sql_decode(self, vals) self.private_key_id = rpki.x509.RSA_Keypair(DER = self.private_key_id) - if self.public_key is not None: - assert self.private_key_id.get_public_DER() == self.public_key + assert self.public_key is None or self.private_key_id.get_public_DER() == self.public_key self.latest_ca_cert = rpki.x509.X509(DER = self.latest_ca_cert) self.manifest_private_key_id = rpki.x509.RSA_Keypair(DER = self.manifest_private_key_id) - if self.manifest_public_key is not None: - assert self.manifest_private_key_id.get_public_DER() == self.manifest_public_key + assert self.manifest_public_key is None or self.manifest_private_key_id.get_public_DER() == self.manifest_public_key self.manifest_cert = rpki.x509.X509(DER = self.manifest_cert) @@ -199,6 +194,15 @@ class ca_detail_obj(sql_persistant): d["manifest_cert"] = self.manifest_cert.get_DER() return d + @classmethod + def sql_fetch_active(cls, db, cur, ca_id): + hits = cls.sql_fetch_where(db, cur, "ca_id = %s AND status = 'active'" % ca_id) + assert len(hits) < 2, "Found more than one 'active' ca_detail record, this should not happen!" + if hits: + return hits[0] + else: + return None + class child_cert_obj(sql_persistant): """Certificate that has been issued to a child.""" diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py index 8a05912c..a58a6e59 100644 --- a/scripts/rpki/up_down.py +++ b/scripts/rpki/up_down.py @@ -135,8 +135,7 @@ class class_elt(base_elt): return elt def cons_resource_class(gctx, now, child, ca_id, irdb_as, irdb_v4, irdb_v6): - ca_detail = rpki.sql.ca_detail_elt.sql_fetch_where(gctx.db, gctx.cur, "ca_id = %s AND status = 'active'" % ca_id) - assert len(ca_detail) < 2, "Found more than one 'active' ca_detail record, this should not happen!" + ca_detail = rpki.sql.ca_detail_elt.sql_fetch_active(gctx.db, gctx.cur, ca_id) if not ca_detail: return None rc_as, rc_v4, rc_v6 = ca_detail.latest_ca_cert.get_3779resources(irdb_as, irdb_v4, irdb_v6) |