1 files changed, 25 insertions, 28 deletions

diff --git a/rpki/gui/app/check_expired.py b/rpki/gui/app/check_expired.py
index a084af79..65f4315f 100644
--- a/rpki/gui/app/check_expired.py
+++ b/rpki/gui/app/check_expired.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2012, 2013, 2014  SPARTA, Inc. a Parsons Company
+# Copyright (C) 2012, 2013, 2014, 2016  SPARTA, Inc. a Parsons Company
 #
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
@@ -21,13 +21,14 @@ from cStringIO import StringIO
 import logging
 import datetime
 
-from rpki.gui.cacheview.models import Cert
+from rpki.gui.gui_rpki_cache.models import Cert
 from rpki.gui.app.models import Conf, ResourceCert, Timestamp, Alert
 from rpki.gui.app.glue import list_received_resources
 from rpki.irdb import Zookeeper
-from rpki.left_right import report_error_elt, list_published_objects_elt
 from rpki.x509 import X509
+from rpki.left_right import version, nsmap, tag_msg, tag_list_published_objects
 
+from lxml.etree import Element, SubElement
 from django.core.mail import send_mail
 
 logger = logging.getLogger(__name__)
@@ -41,8 +42,8 @@ def check_cert(handle, p, errs):
 
     The displayed object name defaults to the class name, but can be overridden
     using the `object_name` argument.
-
     """
+
     t = p.certificate.getNotAfter()
     if t <= expire_time:
         e = 'expired' if t <= now else 'will expire'
@@ -60,8 +61,8 @@ def check_expire(conf, errs):
     # get certs for `handle'
     cert_set = ResourceCert.objects.filter(conf=conf)
     for cert in cert_set:
-        # look up cert in cacheview db
-        obj_set = Cert.objects.filter(repo__uri=cert.uri)
+        # look up cert in gui_rpki_cache db
+        obj_set = Cert.objects.filter(uri=cert.uri)
         if not obj_set:
             # since the <list_received_resources/> output is cached, this can
             # occur if the cache is out of date as well..
@@ -76,7 +77,7 @@ def check_expire(conf, errs):
                 f = '*'
             else:
                 f = ' '
-            msg.append("%s  [%d] uri=%s ski=%s name=%s expires=%s" % (f, n, c.repo.uri, c.keyid, c.name, c.not_after))
+            msg.append("%s  [%d] uri=%s expires=%s" % (f, n, c.uri, c.not_after))
 
             # find ghostbuster records attached to this cert
             for gbr in c.ghostbusters.all():
@@ -102,30 +103,26 @@ def check_expire(conf, errs):
 def check_child_certs(conf, errs):
     """Fetch the list of published objects from rpkid, and inspect the issued
     resource certs (uri ending in .cer).
-
     """
+
     z = Zookeeper(handle=conf.handle)
-    req = list_published_objects_elt.make_pdu(action="list",
-                                              tag="list_published_objects",
-                                              self_handle=conf.handle)
+    req = Element(tag_msg, nsmap=nsmap, type="query", version=version)
+    SubElement(req, tag_list_published_objects,
+               tag="list_published_objects", tenant_handle=conf.handle)
     pdus = z.call_rpkid(req)
     for pdu in pdus:
-        if isinstance(pdu, report_error_elt):
-            logger.error("rpkid reported an error: %s", pdu.error_code)
-        elif isinstance(pdu, list_published_objects_elt):
-            if pdu.uri.endswith('.cer'):
-                cert = X509()
-                cert.set(Base64=pdu.obj)
-                t = cert.getNotAfter()
-                if t <= expire_time:
-                    e = 'expired' if t <= now else 'will expire'
-                    errs.write("%(handle)s's rescert for Child %(child)s %(expire)s on %(date)s uri=%(uri)s subject=%(subject)s\n" % {
-                        'handle': conf.handle,
-                        'child': pdu.child_handle,
-                        'uri': pdu.uri,
-                        'subject': cert.getSubject(),
-                        'expire': e,
-                        'date': t})
+        if pdu.get("uri").endswith('.cer'):
+            cert = X509(Base64=pdu.text)
+            t = cert.getNotAfter()
+            if t <= expire_time:
+                e = 'expired' if t <= now else 'will expire'
+                errs.write("%(handle)s's rescert for Child %(child)s %(expire)s on %(date)s uri=%(uri)s subject=%(subject)s\n" % {
+                    'handle': conf.handle,
+                    'child': pdu.get("child_handle"),
+                    'uri': pdu.get("uri"),
+                    'subject': cert.getSubject(),
+                    'expire': e,
+                    'date': t})
 
 
 class NetworkError(Exception):
@@ -139,8 +136,8 @@ def notify_expired(expire_days=14, from_email=None):
     expire_days: the number of days ahead of today to warn
 
     from_email: set the From: address for the email
-
     """
+
     global expire_time  # so i don't have to pass it around
     global now