2 files changed, 33 insertions, 22 deletions

diff --git a/rpkid/rpki/publication.py b/rpkid/rpki/publication.py
index 69622938..ac1a8619 100644
--- a/rpkid/rpki/publication.py
+++ b/rpkid/rpki/publication.py
@@ -197,20 +197,26 @@ class publication_object_elt(rpki.xml_utils.base_elt, publication_namespace):
     """
     Action dispatch handler.
     """
-    if self.client is None:
-      raise rpki.exceptions.BadQuery, "Client query received on control channel"
-    dispatch = { "publish"  : self.serve_publish,
-                 "withdraw" : self.serve_withdraw }
-    if self.action not in dispatch:
-      raise rpki.exceptions.BadQuery, "Unexpected query: action %s" % self.action
-    self.client.check_allowed_uri(self.uri)
-    dispatch[self.action]()
-    r_pdu = self.__class__()
-    r_pdu.action = self.action
-    r_pdu.tag = self.tag
-    r_pdu.uri = self.uri
-    r_msg.append(r_pdu)
-    cb()
+    try:
+      if self.client is None:
+        raise rpki.exceptions.BadQuery, "Client query received on control channel"
+      dispatch = { "publish"  : self.serve_publish,
+                   "withdraw" : self.serve_withdraw }
+      if self.action not in dispatch:
+        raise rpki.exceptions.BadQuery, "Unexpected query: action %s" % self.action
+      self.client.check_allowed_uri(self.uri)
+      dispatch[self.action]()
+      r_pdu = self.__class__()
+      r_pdu.action = self.action
+      r_pdu.tag = self.tag
+      r_pdu.uri = self.uri
+      r_msg.append(r_pdu)
+      cb()
+    except rpki.exceptions.NoObjectAtURI, e:
+      # This can happen when we're cleaning up from a prior mess, so
+      # we generate a <report_error/> PDU then carry on.
+      r_msg.append(report_error.from_exception(e, self.tag))
+      cb()
 
   def serve_publish(self):
     """
diff --git a/rpkid/rpki/x509.py b/rpkid/rpki/x509.py
index ea05c6ef..0b447a4c 100644
--- a/rpkid/rpki/x509.py
+++ b/rpkid/rpki/x509.py
@@ -983,14 +983,19 @@ class ROA(DER_CMS_object):
     """
     Build a ROA.
     """
-    self = cls()
-    r = rpki.roa.RouteOriginAttestation()
-    r.version.set(version)
-    r.asID.set(asn)
-    r.ipAddrBlocks.set((a.to_roa_tuple() for a in (ipv4, ipv6) if a))
-    self.set_content(r)
-    self.sign(keypair, certs)
-    return self
+    try:
+      self = cls()
+      r = rpki.roa.RouteOriginAttestation()
+      r.version.set(version)
+      r.asID.set(asn)
+      r.ipAddrBlocks.set((a.to_roa_tuple() for a in (ipv4, ipv6) if a))
+      self.set_content(r)
+      self.sign(keypair, certs)
+      return self
+    except POW.pkix.DerError, e:
+      rpki.log.debug("Encoding error while generating ROA %r: %s" % (self, e))
+      rpki.log.debug("ROA inner content: %r" % (r,))
+      raise
 
 class XML_CMS_object(CMS_object):
   """