1 files changed, 9 insertions, 7 deletions

diff --git a/rpkid/rpki/up_down.py b/rpkid/rpki/up_down.py
index 1562e8e8..cea4e27f 100644
--- a/rpkid/rpki/up_down.py
+++ b/rpkid/rpki/up_down.py
@@ -3,7 +3,7 @@ RPKI "up-down" protocol.
 
 $Id$
 
-Copyright (C) 2009--2011  Internet Systems Consortium ("ISC")
+Copyright (C) 2009--2012  Internet Systems Consortium ("ISC")
 
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
@@ -260,7 +260,7 @@ class list_pdu(base_elt):
             if not ca_detail:
               rpki.log.debug("No active ca_detail, can't issue to %s" % child.child_handle)
               continue
-            resources = ca_detail.latest_ca_cert.get_3779resources().intersection(irdb_resources)
+            resources = ca_detail.latest_ca_cert.get_3779resources() & irdb_resources
             if resources.empty():
               rpki.log.debug("No overlap between received resources and what child %s should get ([%s], [%s])" % (child.child_handle, ca_detail.latest_ca_cert.get_3779resources(), irdb_resources))
               continue
@@ -384,7 +384,7 @@ class issue_pdu(base_elt):
       if irdb_resources.valid_until < rpki.sundial.now():
         raise rpki.exceptions.IRDBExpired, "IRDB entry for child %s expired %s" % (child.child_handle, irdb_resources.valid_until)
 
-      resources = irdb_resources.intersection(ca_detail.latest_ca_cert.get_3779resources())
+      resources = irdb_resources & ca_detail.latest_ca_cert.get_3779resources()
       req_key = self.pkcs10.getPublicKey()
       req_sia = self.pkcs10.get_SIA()
       child_cert = child.fetch_child_certs(ca_detail = ca_detail, ski = req_key.get_SKI(), unique = True)
@@ -434,11 +434,13 @@ class issue_pdu(base_elt):
     Send an "issue" request to parent associated with ca.
     """
     assert ca_detail is not None and ca_detail.state in ("pending", "active")
-    sia = ((rpki.oids.name2oid["id-ad-caRepository"], ("uri", ca.sia_uri)),
-           (rpki.oids.name2oid["id-ad-rpkiManifest"], ("uri", ca_detail.manifest_uri)))
     self = cls()
     self.class_name = ca.parent_resource_class
-    self.pkcs10 = rpki.x509.PKCS10.create_ca(ca_detail.private_key_id, sia)
+    self.pkcs10 = rpki.x509.PKCS10.create(
+      keypair = ca_detail.private_key_id,
+      is_ca = True,
+      caRepository = ca.sia_uri,
+      rpkiManifest = ca_detail.manifest_uri)
     rpki.log.info('Sending "issue" request to parent %s' % parent.parent_handle)
     parent.query_up_down(self, callback, errback)
 
@@ -630,7 +632,7 @@ class message_pdu(base_elt):
     """
     Convert a message PDU to a string.
     """
-    lxml.etree.tostring(self.toXML(), pretty_print = True, encoding = "UTF-8")
+    return lxml.etree.tostring(self.toXML(), pretty_print = True, encoding = "UTF-8")
 
   def serve_top_level(self, child, callback):
     """