diff options
Diffstat (limited to 'myrpki')
| -rw-r--r-- | myrpki/myirbe.py | 4 | ||||
| -rw-r--r-- | myrpki/myrpki.py | 6 | ||||
| -rw-r--r-- | myrpki/yamltest.py | 20 |
3 files changed, 20 insertions, 10 deletions
diff --git a/myrpki/myirbe.py b/myrpki/myirbe.py index af70755a..6a7bc2d8 100644 --- a/myrpki/myirbe.py +++ b/myrpki/myirbe.py @@ -348,12 +348,12 @@ for xmlfile in xmlfiles: # entity; in all other cases, we use a separate subtree. This is # suboptimal in the long run. - parents = tree.getiterator(tag("parent")) + parents = [p for p in tree.getiterator(tag("parent"))] if parents: need_own_pub_point = True - if handle != my_handle and len(parents) == 1 and parents[0].get("service_uri").startwith(rpkid_base): + if handle != my_handle and len(parents) == 1 and parents[0].get("service_uri").startswith(rpkid_base): m = updown_regexp.match(parents[0].get("service_uri")) if m: self_part, child_part = m.groups() diff --git a/myrpki/myrpki.py b/myrpki/myrpki.py index 5bdcfadb..8435257d 100644 --- a/myrpki/myrpki.py +++ b/myrpki/myrpki.py @@ -342,12 +342,12 @@ class CA(object): def extract_resources(): pass -def main(): +def main(argv = ()): cfg_file = "myrpki.conf" myrpki_section = "myrpki" - opts, argv = getopt.getopt(sys.argv[1:], "c:h:?", ["config=", "help"]) + opts, argv = getopt.getopt(argv, "c:h:?", ["config=", "help"]) for o, a in opts: if o in ("-h", "--help", "-?"): print __doc__ @@ -409,4 +409,4 @@ def main(): os.rename(xml_filename + ".tmp", xml_filename) if __name__ == "__main__": - main() + main(sys.argv[1:]) diff --git a/myrpki/yamltest.py b/myrpki/yamltest.py index a4a0eaf1..de7ecc0b 100644 --- a/myrpki/yamltest.py +++ b/myrpki/yamltest.py @@ -240,7 +240,8 @@ class allocation(object): if self.is_root(): f.write("%s\t%s\t%s\t%s\n" % ("rootd", "https://localhost:%d/" % self.rootd_port, self.path("bpki.rootd/ca.cer"), self.path("bpki.rootd/ca.cer"))) else: - f.write("%s\t%s\t%s\t%s\n" % (self.parent.name, self.up_down_url(), self.parent.path("bpki.myrpki/ca.cer"), self.parent.path("bpki.rpkid/ca.cer"))) + parent_host = self.parent.hosted_by if self.parent.is_hosted() else self.parent + f.write("%s\t%s\t%s\t%s\n" % (self.parent.name, self.up_down_url(), self.parent.path("bpki.myrpki/ca.cer"), parent_host.path("bpki.rpkid/ca.cer"))) f.close() def dump_prefixes(self, fn): @@ -259,7 +260,10 @@ class allocation(object): def dump_conf(self, fn): - r = { ("myrpki", "handle") : self.name } + host = self.hosted_by if self.is_hosted() else self + + r = { ("myrpki", "handle"): self.name, + ("myrpki", "repository_bpki_certificate"): host.path("bpki.pubd/ca.cer") } if not self.is_hosted(): r["irdbd", "https-url"] = "https://localhost:%d/" % self.irdbd_port @@ -313,7 +317,9 @@ class allocation(object): def run_myirbe(self): if not self.is_hosted(): print "Running myirbe.py for", self.name - subprocess.check_call(("python", prog_myirbe), cwd = self.path()) + cmd = ["python", prog_myirbe] + cmd.extend(h.path("myrpki.xml") for h in self.hosts) + subprocess.check_call(cmd, cwd = self.path()) def run_myrpki(self): print "Running myrpki.py for", self.name @@ -447,11 +453,15 @@ try: time.sleep(20) # Run myirbe again for each host, to set up IRDB and RPKI objects. - # Need to run a second time to push BSC certs out to rpkid. - # Nothing should happen on the third pass. + # Need to run a second time to push BSC certs out to rpkid. Nothing + # should happen on the third pass. Oops, when hosting we need to + # run myrpki between myirbe passes, since only the hosted entity can + # issue the BSC, etc. for i in xrange(3): for d in db: + d.run_myrpki() + for d in db: d.run_myirbe() print "Done initializing daemons" |