diff options
Diffstat (limited to 'rpki')
| -rw-r--r-- | rpki/async.py | 67 | ||||
| -rw-r--r-- | rpki/http.py | 49 | ||||
| -rw-r--r-- | rpki/irdb/zookeeper.py | 4 | ||||
| -rw-r--r-- | rpki/irdbd.py | 4 | ||||
| -rw-r--r-- | rpki/left_right.py | 31 | ||||
| -rw-r--r-- | rpki/old_irdbd.py | 4 | ||||
| -rw-r--r-- | rpki/pubd.py | 8 | ||||
| -rw-r--r-- | rpki/publication.py | 6 | ||||
| -rw-r--r-- | rpki/publication_control.py | 6 | ||||
| -rw-r--r-- | rpki/rootd.py | 8 | ||||
| -rw-r--r-- | rpki/rpkid.py | 48 | ||||
| -rw-r--r-- | rpki/rpkidb/models.py | 36 | ||||
| -rw-r--r-- | rpki/up_down.py | 6 | ||||
| -rw-r--r-- | rpki/x509.py | 18 |
14 files changed, 113 insertions, 182 deletions
diff --git a/rpki/async.py b/rpki/async.py index 5b3d35b1..74143bd1 100644 --- a/rpki/async.py +++ b/rpki/async.py @@ -336,73 +336,6 @@ def event_loop(catch_signals = (signal.SIGINT, signal.SIGTERM)): for sig in old_signal_handlers: signal.signal(sig, old_signal_handlers[sig]) -class sync_wrapper(object): - """ - Synchronous wrapper around asynchronous functions. Running in - asynchronous mode at all times makes sense for event-driven daemons, - but is kind of tedious for simple scripts, hence this wrapper. - - The wrapped function should take at least two arguments: a callback - function and an errback function. If any arguments are passed to - the wrapper, they will be passed as additional arguments to the - wrapped function. - """ - - res = None - err = None - fin = False - - def __init__(self, func, disable_signal_handlers = False): - self.func = func - self.disable_signal_handlers = disable_signal_handlers - - def cb(self, res = None): - """ - Wrapped code has requested normal termination. Store result, and - exit the event loop. - """ - - self.res = res - self.fin = True - logger.debug("%r callback with result %r", self, self.res) - raise ExitNow - - def eb(self, err): - """ - Wrapped code raised an exception. Store exception data, then exit - the event loop. - """ - - exc_info = sys.exc_info() - self.err = exc_info if exc_info[1] is err else err - self.fin = True - logger.debug("%r errback with exception %r", self, self.err) - raise ExitNow - - def __call__(self, *args, **kwargs): - - def thunk(): - try: - self.func(self.cb, self.eb, *args, **kwargs) - except ExitNow: - raise - except Exception, e: - self.eb(e) - - event_defer(thunk) - if self.disable_signal_handlers: - event_loop(catch_signals = ()) - else: - event_loop() - if not self.fin: - logger.warning("%r event_loop terminated without callback or errback", self) - if self.err is None: - return self.res - elif isinstance(self.err, tuple): - raise self.err[0], self.err[1], self.err[2] - else: - raise self.err - class gc_summary(object): """ Periodic summary of GC state, for tracking down memory bloat. diff --git a/rpki/http.py b/rpki/http.py index 3cebec81..16ed0453 100644 --- a/rpki/http.py +++ b/rpki/http.py @@ -1054,52 +1054,3 @@ def server(handlers, port, host = ""): http_listener(addrinfo = a, handlers = handlers) rpki.async.event_loop() - -class caller(object): - """ - Handle client-side mechanics for protocols based on HTTP, CMS, and - rpki.xml_utils. Calling sequence is intended to nest within - rpki.async.sync_wrapper. - """ - - debug = False - - def __init__(self, proto, client_key, client_cert, server_ta, server_cert, url, debug = None): - self.proto = proto - self.client_key = client_key - self.client_cert = client_cert - self.server_ta = server_ta - self.server_cert = server_cert - self.url = url - self.cms_timestamp = None - if debug is not None: - self.debug = debug - - def __call__(self, cb, eb, *pdus): - - def done(r_der): - """ - Handle CMS-wrapped XML response message. - """ - - try: - r_cms = self.proto.cms_msg(DER = r_der) - r_msg = r_cms.unwrap((self.server_ta, self.server_cert)) - self.cms_timestamp = r_cms.check_replay(self.cms_timestamp, self.url) - if self.debug: - print "<!-- Reply -->" - print r_cms.pretty_print_content() - cb(r_msg) - except (rpki.async.ExitNow, SystemExit): - raise - except Exception, e: - eb(e) - - q_msg = self.proto.msg.query(*pdus) - q_cms = self.proto.cms_msg() - q_der = q_cms.wrap(q_msg, self.client_key, self.client_cert) - if self.debug: - print "<!-- Query -->" - print q_cms.pretty_print_content() - - client(url = self.url, msg = q_der, callback = done, errback = eb) diff --git a/rpki/irdb/zookeeper.py b/rpki/irdb/zookeeper.py index c1e67474..e23d5483 100644 --- a/rpki/irdb/zookeeper.py +++ b/rpki/irdb/zookeeper.py @@ -1056,7 +1056,7 @@ class Zookeeper(object): irbe = self.server_ca.ee_certificates.get(purpose = "irbe") r_msg = rpki.http_simple.client( - proto_cms_msg = rpki.left_right.cms_msg_no_sax, + proto_cms_msg = rpki.left_right.cms_msg, client_key = irbe.private_key, client_cert = irbe.certificate, server_ta = self.server_ca.certificate, @@ -1168,7 +1168,7 @@ class Zookeeper(object): irbe = self.server_ca.ee_certificates.get(purpose = "irbe") r_msg = rpki.http_simple.client( - proto_cms_msg = rpki.publication_control.cms_msg_no_sax, + proto_cms_msg = rpki.publication_control.cms_msg, client_key = irbe.private_key, client_cert = irbe.certificate, server_ta = self.server_ca.certificate, diff --git a/rpki/irdbd.py b/rpki/irdbd.py index 703e551c..d2c7bd4e 100644 --- a/rpki/irdbd.py +++ b/rpki/irdbd.py @@ -114,7 +114,7 @@ class main(object): serverCA = rpki.irdb.models.ServerCA.objects.get() rpkid = serverCA.ee_certificates.get(purpose = "rpkid") irdbd = serverCA.ee_certificates.get(purpose = "irdbd") - q_cms = rpki.left_right.cms_msg_no_sax(DER = q_der) + q_cms = rpki.left_right.cms_msg(DER = q_der) q_msg = q_cms.unwrap((serverCA.certificate, rpkid.certificate)) self.cms_timestamp = q_cms.check_replay(self.cms_timestamp, request.path) if q_msg.get("type") != "query": @@ -132,7 +132,7 @@ class main(object): if q_pdu.get("tag") is not None: r_pdu.set("tag", q_pdu.get("tag")) - request.send_cms_response(rpki.left_right.cms_msg_no_sax().wrap(r_msg, irdbd.private_key, irdbd.certificate)) + request.send_cms_response(rpki.left_right.cms_msg().wrap(r_msg, irdbd.private_key, irdbd.certificate)) except Exception, e: logger.exception("Unhandled exception while processing HTTP request") diff --git a/rpki/left_right.py b/rpki/left_right.py index b102187a..09d8a5ca 100644 --- a/rpki/left_right.py +++ b/rpki/left_right.py @@ -646,13 +646,13 @@ class repository_elt(data_elt): logger.info("Sending %r to pubd", q_pdu) bsc = self.bsc - q_der = rpki.publication.cms_msg_no_sax().wrap(q_msg, bsc.private_key_id, bsc.signing_cert, bsc.signing_cert_crl) + q_der = rpki.publication.cms_msg().wrap(q_msg, bsc.private_key_id, bsc.signing_cert, bsc.signing_cert_crl) bpki_ta_path = (self.gctx.bpki_ta, self.self.bpki_cert, self.self.bpki_glue, self.bpki_cert, self.bpki_glue) def done(r_der): try: logger.debug("Received response from pubd") - r_cms = rpki.publication.cms_msg_no_sax(DER = r_der) + r_cms = rpki.publication.cms_msg(DER = r_der) r_msg = r_cms.unwrap(bpki_ta_path) r_cms.check_replay_sql(self, self.peer_contact_uri) for r_pdu in r_msg: @@ -947,13 +947,13 @@ class parent_elt(data_elt): if bsc.signing_cert is None: raise rpki.exceptions.BSCNotReady("BSC %r[%s] is not yet usable" % (bsc.bsc_handle, bsc.bsc_id)) - q_der = rpki.up_down.cms_msg_no_sax().wrap(q_msg, bsc.private_key_id, - bsc.signing_cert, - bsc.signing_cert_crl) + q_der = rpki.up_down.cms_msg().wrap(q_msg, bsc.private_key_id, + bsc.signing_cert, + bsc.signing_cert_crl) def unwrap(r_der): try: - r_cms = rpki.up_down.cms_msg_no_sax(DER = r_der) + r_cms = rpki.up_down.cms_msg(DER = r_der) r_msg = r_cms.unwrap((self.gctx.bpki_ta, self.self.bpki_cert, self.self.bpki_glue, @@ -1235,8 +1235,8 @@ class child_elt(data_elt): """ def done(): - callback(rpki.up_down.cms_msg_no_sax().wrap(r_msg, bsc.private_key_id, - bsc.signing_cert, bsc.signing_cert_crl)) + callback(rpki.up_down.cms_msg().wrap(r_msg, bsc.private_key_id, + bsc.signing_cert, bsc.signing_cert_crl)) def lose(e, quiet = False): logger.exception("Unhandled exception serving child %r", self) @@ -1246,7 +1246,7 @@ class child_elt(data_elt): bsc = self.bsc if bsc is None: raise rpki.exceptions.BSCNotFound("Could not find BSC %s" % self.bsc_id) - q_cms = rpki.up_down.cms_msg_no_sax(DER = q_der) + q_cms = rpki.up_down.cms_msg(DER = q_der) q_msg = q_cms.unwrap((self.gctx.bpki_ta, self.self.bpki_cert, self.self.bpki_glue, @@ -1545,19 +1545,8 @@ class msg(rpki.xml_utils.msg, left_right_namespace): class cms_msg(rpki.x509.XML_CMS_object): """ - Class to hold a CMS-signed left-right PDU. + CMS-signed left-right PDU. """ encoding = "us-ascii" schema = rpki.relaxng.left_right - saxify = msg.fromXML - - -class cms_msg_no_sax(cms_msg): - """ - Class to hold a CMS-signed left-right PDU. - - Name is a transition kludge: once we ditch SAX, this will become cms_msg. - """ - - saxify = None diff --git a/rpki/old_irdbd.py b/rpki/old_irdbd.py index 10024290..9294ee84 100644 --- a/rpki/old_irdbd.py +++ b/rpki/old_irdbd.py @@ -235,7 +235,7 @@ class main(object): try: - q_msg = rpki.left_right.cms_msg(DER = q_der).unwrap((self.bpki_ta, self.rpkid_cert)) + q_msg = rpki.left_right.cms_msg_saxify(DER = q_der).unwrap((self.bpki_ta, self.rpkid_cert)) if not isinstance(q_msg, rpki.left_right.msg) or not q_msg.is_query(): raise rpki.exceptions.BadQuery("Unexpected %r PDU" % q_msg) @@ -259,7 +259,7 @@ class main(object): logger.exception("Exception decoding query") r_msg.append(rpki.left_right.report_error_elt.from_exception(e)) - request.send_cms_response(rpki.left_right.cms_msg().wrap(r_msg, self.irdbd_key, self.irdbd_cert)) + request.send_cms_response(rpki.left_right.cms_msg_saxify().wrap(r_msg, self.irdbd_key, self.irdbd_cert)) except Exception, e: logger.exception("Unhandled exception, returning HTTP failure") diff --git a/rpki/pubd.py b/rpki/pubd.py index 21f36be4..64b432dd 100644 --- a/rpki/pubd.py +++ b/rpki/pubd.py @@ -139,7 +139,7 @@ class main(object): try: connection.cursor() # Reconnect to mysqld if necessary - q_cms = rpki.publication_control.cms_msg_no_sax(DER = q_der) + q_cms = rpki.publication_control.cms_msg(DER = q_der) q_msg = q_cms.unwrap((self.bpki_ta, self.irbe_cert)) self.irbe_cms_timestamp = q_cms.check_replay(self.irbe_cms_timestamp, "control") if q_msg.get("type") != "query": @@ -211,7 +211,7 @@ class main(object): if q_pdu.get("tag") is not None: r_pdu.set("tag", q_pdu.get("tag")) - request.send_cms_response(rpki.publication_control.cms_msg_no_sax().wrap(r_msg, self.pubd_key, self.pubd_cert)) + request.send_cms_response(rpki.publication_control.cms_msg().wrap(r_msg, self.pubd_key, self.pubd_cert)) except Exception, e: logger.exception("Unhandled exception processing control query, path %r", request.path) @@ -233,7 +233,7 @@ class main(object): if match is None: raise rpki.exceptions.BadContactURL("Bad path: %s" % request.path) client = rpki.pubdb.models.Client.objects.get(client_handle = match.group(1)) - q_cms = rpki.publication.cms_msg_no_sax(DER = q_der) + q_cms = rpki.publication.cms_msg(DER = q_der) q_msg = q_cms.unwrap((self.bpki_ta, client.bpki_cert, client.bpki_glue)) client.last_cms_timestamp = q_cms.check_replay(client.last_cms_timestamp, client.client_handle) client.save() @@ -289,7 +289,7 @@ class main(object): self.session.synchronize_rrdp_files(self.rrdp_publication_base, self.rrdp_uri_base) delta.update_rsync_files(self.publication_base) - request.send_cms_response(rpki.publication.cms_msg_no_sax().wrap(r_msg, self.pubd_key, self.pubd_cert, self.pubd_crl)) + request.send_cms_response(rpki.publication.cms_msg().wrap(r_msg, self.pubd_key, self.pubd_cert, self.pubd_crl)) except Exception, e: logger.exception("Unhandled exception processing client query, path %r", request.path) diff --git a/rpki/publication.py b/rpki/publication.py index 53b1e890..e64b729c 100644 --- a/rpki/publication.py +++ b/rpki/publication.py @@ -79,11 +79,9 @@ def raise_if_error(pdu): raise_if_error(p) -class cms_msg_no_sax(rpki.x509.XML_CMS_object): +class cms_msg(rpki.x509.XML_CMS_object): """ - Class to hold a CMS-signed publication PDU. - - Name is a transition kludge: once we ditch SAX, this will become cms_msg. + CMS-signed publication PDU. """ encoding = "us-ascii" diff --git a/rpki/publication_control.py b/rpki/publication_control.py index bdaa9e28..a863dc34 100644 --- a/rpki/publication_control.py +++ b/rpki/publication_control.py @@ -72,11 +72,9 @@ def raise_if_error(pdu): raise_if_error(p) -class cms_msg_no_sax(rpki.x509.XML_CMS_object): +class cms_msg(rpki.x509.XML_CMS_object): """ - Class to hold a CMS-signed publication control PDU without legacy - SAX transcoding. The name is a transition kludge, this class will - be renamed cms_msg once the SAX code goes away. + CMS-signed publication control PDU. """ encoding = "us-ascii" diff --git a/rpki/rootd.py b/rpki/rootd.py index 622343a6..32b6038b 100644 --- a/rpki/rootd.py +++ b/rpki/rootd.py @@ -259,7 +259,7 @@ class main(object): for q_pdu in q_msg: logger.info("Sending %s to pubd", q_pdu.get("uri")) r_msg = rpki.http_simple.client( - proto_cms_msg = rpki.publication.cms_msg_no_sax, + proto_cms_msg = rpki.publication.cms_msg, client_key = self.rootd_bpki_key, client_cert = self.rootd_bpki_cert, client_crl = self.rootd_bpki_crl, @@ -345,7 +345,7 @@ class main(object): def handler(self, request, q_der): try: - q_cms = rpki.up_down.cms_msg_no_sax(DER = q_der) + q_cms = rpki.up_down.cms_msg(DER = q_der) q_msg = q_cms.unwrap((self.bpki_ta, self.child_bpki_cert)) q_type = q_msg.get("type") logger.info("Serving %s query", q_type) @@ -357,8 +357,8 @@ class main(object): except Exception, e: logger.exception("Exception processing up-down %s message", q_type) rpki.up_down.generate_error_response_from_exception(r_msg, e, q_type) - request.send_cms_response(rpki.up_down.cms_msg_no_sax().wrap(r_msg, self.rootd_bpki_key, self.rootd_bpki_cert, - self.rootd_bpki_crl if self.include_bpki_crl else None)) + request.send_cms_response(rpki.up_down.cms_msg().wrap(r_msg, self.rootd_bpki_key, self.rootd_bpki_cert, + self.rootd_bpki_crl if self.include_bpki_crl else None)) except Exception, e: logger.exception("Unhandled exception processing up-down message") request.send_error(500, "Unhandled exception %s: %s" % (e.__class__.__name__, e)) diff --git a/rpki/rpkid.py b/rpki/rpkid.py index 4e376a68..f6f8b98f 100644 --- a/rpki/rpkid.py +++ b/rpki/rpkid.py @@ -170,11 +170,11 @@ class main(object): try: q_tags = set(q_pdu.tag for q_pdu in q_msg) - q_der = rpki.left_right.cms_msg_no_sax().wrap(q_msg, self.rpkid_key, self.rpkid_cert) + q_der = rpki.left_right.cms_msg().wrap(q_msg, self.rpkid_key, self.rpkid_cert) def unwrap(r_der): try: - r_cms = rpki.left_right.cms_msg_no_sax(DER = r_der) + r_cms = rpki.left_right.cms_msg(DER = r_der) r_msg = r_cms.unwrap((self.bpki_ta, self.irdb_cert)) self.irdbd_cms_timestamp = r_cms.check_replay(self.irdbd_cms_timestamp, self.irdb_url) #rpki.left_right.check_response(r_msg) @@ -245,12 +245,55 @@ class main(object): SubElement(q_msg, rpki.left_right.tag_list_ee_certificate_requests, self_handle = self_handle) self.irdb_query(q_msg, callback, errback) + @property + def left_right_models(self): + """ + Map element tag to rpkidb model. + """ + + try: + return self._left_right_models + except AttributeError: + import rpki.rpkidb.models + self._left_right_models = { + rpki.left_right.tag_self : rpki.rpkidb.models.Self, + rpki.left_right.tag_bsc : rpki.rpkidb.models.BSC, + rpki.left_right.tag_parent : rpki.rpkidb.models.Parent, + rpki.left_right.tag_child : rpki.rpkidb.models.Child, + rpki.left_right.tag_repository : rpki.rpkidb.models.Repository } + return self._left_right_models + + @property + def left_right_trivial_handlers(self): + """ + Map element tag to bound handler methods for trivial PDU types. + """ + + try: + return self._left_right_trivial_handlers + except AttributeError: + self._left_right_trivial_handlers = { + tag_list_published_objects : self.handle_list_published_objects, + tag_list_received_resources : self.handle_list_received_resources } + return self._left_right_trivial_handlers + def left_right_handler(self, query, path, cb): """ Process one left-right PDU. """ + # This handles five persistent classes (self, bsc, parent, child, + # repository) and two simple queries (list_published_objects and + # list_received_resources). The former probably need to dispatch + # via methods to the corresponding model classes; the latter + # probably just become calls to ordinary methods of this + # (rpki.rpkid.main) class. + # + # Merge rpki.left_right.msg.serve_top_level() into this method, + # along with a generalization of rpki.pubd.main.control_handler(). + def done(r_msg): + r_msg = r_msg.toXML() reply = rpki.left_right.cms_msg().wrap(r_msg, self.rpkid_key, self.rpkid_cert) self.sql.sweep() cb(200, body = reply) @@ -258,6 +301,7 @@ class main(object): try: q_cms = rpki.left_right.cms_msg(DER = query) q_msg = q_cms.unwrap((self.bpki_ta, self.irbe_cert)) + q_msg = rpki.left_right.msg.fromXML(q_msg) self.irbe_cms_timestamp = q_cms.check_replay(self.irbe_cms_timestamp, path) if not q_msg.is_query(): raise rpki.exceptions.BadQuery("Message type is not query") diff --git a/rpki/rpkidb/models.py b/rpki/rpkidb/models.py index a289b7ee..f62783ee 100644 --- a/rpki/rpkidb/models.py +++ b/rpki/rpkidb/models.py @@ -4,6 +4,7 @@ Django ORM models for rpkid. from __future__ import unicode_literals from django.db import models +import rpki.left_right from rpki.fields import (EnumField, SundialField, BlobField, CertificateField, KeyField, CRLField, PKCS10Field, @@ -16,13 +17,21 @@ from rpki.fields import (EnumField, SundialField, BlobField, # gradually. We may want to rethink this eventually, but that yak can # wait for its shave, particularly since disallowing null should be a # very simple change given migrations. - +# +# At least for the moment, we use trivial custom managers on these +# classes to provide a simple way of looking up objects from lxml +# objects. Rethink this later if it proves tedious. # "self" was a really bad name for this, but we weren't using Python # when we named it. Perhaps "Tenant" would be a better name? Even # means sort of the right thing, well, in French anyway. # Eventually rename in left-right too, I guess. +class SelfManager(models.Manager): + def find_from_xml(self, elt): + assert elt.tag == rpki.left_right.tag_self + return self.get(self_handle = elt.get("self_handle")) + class Self(models.Model): self_handle = models.SlugField(max_length = 255) use_hsm = models.BooleanField(default = False) @@ -30,6 +39,12 @@ class Self(models.Model): regen_margin = models.BigIntegerField(null = True) bpki_cert = CertificateField(null = True) bpki_glue = CertificateField(null = True) + objects = SelfManager() + +class BSCManager(models.Manager): + def find_from_xml(self, elt): + assert elt.tag == rpki.left_right.tag_bsc + return self.get(self__self_handle = elt.get("self_handle"), bsc_handle = elt.get("bsc_handle")) class BSC(models.Model): bsc_handle = models.SlugField(max_length = 255) @@ -39,9 +54,15 @@ class BSC(models.Model): signing_cert = CertificateField(null = True) signing_cert_crl = CRLField(null = True) self = models.ForeignKey(Self) + objects = BSCManager() class Meta: unique_together = ("self", "bsc_handle") +class RepositoryManager(models.Manager): + def find_from_xml(self, elt): + assert elt.tag == rpki.left_right.tag_repository + return self.get(self__self_handle = elt.get("self_handle"), repository_handle = elt.get("repository_handle")) + class Repository(models.Model): repository_handle = models.SlugField(max_length = 255) peer_contact_uri = models.TextField(null = True) @@ -50,9 +71,15 @@ class Repository(models.Model): last_cms_timestamp = SundialField(null = True) bsc = models.ForeignKey(BSC) self = models.ForeignKey(Self) + objects = RepositoryManager() class Meta: unique_together = ("self", "repository_handle") +class ParentManager(models.Manager): + def find_from_xml(self, elt): + assert elt.tag == rpki.left_right.tag_parent + return self.get(self__self_handle = elt.get("self_handle"), parent_handle = elt.get("parent_handle")) + class Parent(models.Model): parent_handle = models.SlugField(max_length = 255) bpki_cms_cert = CertificateField(null = True) @@ -65,6 +92,7 @@ class Parent(models.Model): self = models.ForeignKey(Self) bsc = models.ForeignKey(BSC) repository = models.ForeignKey(Repository) + objects = ParentManager() class Meta: unique_together = ("self", "parent_handle") @@ -93,6 +121,11 @@ class CADetail(models.Model): ca_cert_uri = models.TextField(null = True) ca = models.ForeignKey(CA) +class ChildManager(models.Manager): + def find_from_xml(self, elt): + assert elt.tag == rpki.left_right.tag_child + return self.get(self__self_handle = elt.get("self_handle"), child_handle = elt.get("child_handle")) + class Child(models.Model): child_handle = models.SlugField(max_length = 255) bpki_cert = CertificateField(null = True) @@ -100,6 +133,7 @@ class Child(models.Model): last_cms_timestamp = SundialField(null = True) self = models.ForeignKey(Self) bsc = models.ForeignKey(BSC) + objects = ChildManager() class Meta: unique_together = ("self", "child_handle") diff --git a/rpki/up_down.py b/rpki/up_down.py index 21048116..fbd7b97f 100644 --- a/rpki/up_down.py +++ b/rpki/up_down.py @@ -158,11 +158,9 @@ def generate_error_response_from_exception(r_msg, e, q_type): generate_error_response(r_msg, code, e) -class cms_msg_no_sax(rpki.x509.XML_CMS_object): +class cms_msg(rpki.x509.XML_CMS_object): """ - Class to hold a CMS-signed up-down PDU. - - Name is a transition kludge: once we ditch SAX, this will become cms_msg. + CMS-signed up-down PDU. """ encoding = "UTF-8" diff --git a/rpki/x509.py b/rpki/x509.py index 34cf6726..40244e4d 100644 --- a/rpki/x509.py +++ b/rpki/x509.py @@ -1986,10 +1986,7 @@ class XML_CMS_object(Wrapped_CMS_object): Wrap an XML PDU in CMS and return its DER encoding. """ - if self.saxify is None: - self.set_content(msg) - else: - self.set_content(msg.toXML()) + self.set_content(msg) if self.check_outbound_schema: self.schema_check() self.sign(keypair, certs, crls) @@ -2007,10 +2004,7 @@ class XML_CMS_object(Wrapped_CMS_object): self.verify(ta) if self.check_inbound_schema: self.schema_check() - if self.saxify is None: - return self.get_content() - else: - return self.saxify(self.get_content()) # pylint: disable=E1102 + return self.get_content() def check_replay(self, timestamp, *context): """ @@ -2038,17 +2032,9 @@ class XML_CMS_object(Wrapped_CMS_object): obj.last_cms_timestamp = self.check_replay(obj.last_cms_timestamp, *context) obj.sql_mark_dirty() - ## @var saxify - # SAX handler hook. Subclasses can set this to a SAX handler, in - # which case .unwrap() will call it and return the result. - # Otherwise, .unwrap() just returns a verified element tree. - - saxify = None - class SignedReferral(XML_CMS_object): encoding = "us-ascii" schema = rpki.relaxng.myrpki - saxify = None class Ghostbuster(Wrapped_CMS_object): """ |