2 files changed, 81 insertions, 10 deletions

diff --git a/rpkid/rpki/irdb/zookeeper.py b/rpkid/rpki/irdb/zookeeper.py
index b9d44c57..ff05ae2d 100644
--- a/rpkid/rpki/irdb/zookeeper.py
+++ b/rpkid/rpki/irdb/zookeeper.py
@@ -269,16 +269,13 @@ class Zookeeper(object):
 
 
   @django.db.transaction.commit_on_success
-  def initialize(self):
+  def initialize_server_bpki(self):
     """
-    Initialize an RPKI installation.  Reads the configuration file,
-    creates the BPKI and EntityDB directories, generates the initial
-    BPKI certificates, and creates an XML file describing the
-    resource-holding aspect of this RPKI installation.
+    Initialize server BPKI portion of an RPKI installation.  Reads the
+    configuration file and generates the initial BPKI server
+    certificates needed to start daemons.
     """
 
-    resource_ca, created = rpki.irdb.ResourceHolderCA.objects.get_or_certify(handle = self.handle)
-
     if self.run_rpkid or self.run_pubd:
       server_ca, created = rpki.irdb.ServerCA.objects.get_or_certify()
       rpki.irdb.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "irbe")
@@ -290,9 +287,35 @@ class Zookeeper(object):
     if self.run_pubd:
       rpki.irdb.ServerEE.objects.get_or_certify(issuer = server_ca, purpose = "pubd")
 
+
+  @django.db.transaction.commit_on_success
+  def initialize_resource_bpki(self):
+    """
+    Initialize the resource-holding BPKI for an RPKI installation.
+    Returns XML describing the resource holder.
+
+    This method is present primarily for backwards compatibility with
+    the old combined initialize() method which initialized both the
+    server BPKI and the default resource-holding BPKI in a single
+    method call.  In the long run we want to replace this with
+    something that takes a handle as argument and creates the
+    resource-holding BPKI idenity if needed.
+    """
+
+    resource_ca, created = rpki.irdb.ResourceHolderCA.objects.get_or_certify(handle = self.handle)
     return self.generate_identity()
 
 
+  def initialize(self):
+    """
+    Backwards compatibility wrapper: calls initialize_server_bpki()
+    and initialize_resource_bpki(), returns latter's result.
+    """
+
+    self.initialize_server_bpki()
+    return self.initialize_resource_bpki()
+
+
   def generate_identity(self):
     """
     Generate identity XML.  Broken out of .initialize() because it's
diff --git a/rpkid/rpki/rpkic.py b/rpkid/rpki/rpkic.py
index 28d248c2..79c2e556 100644
--- a/rpkid/rpki/rpkic.py
+++ b/rpkid/rpki/rpkic.py
@@ -168,6 +168,7 @@ class main(rpki.cli.Cmd):
   def irdb_handle_complete(self, manager, text, line, begidx, endidx):
     return [obj.handle for obj in manager.all() if obj.handle and obj.handle.startswith(text)]
 
+
   def do_select_identity(self, arg):
     """
     Select an identity handle for use with later commands.
@@ -193,11 +194,13 @@ class main(rpki.cli.Cmd):
     if arg:
       raise BadCommandSyntax, "This command takes no arguments"
 
+    rootd_case = self.zoo.run_rootd and self.zoo.handle == self.zoo.cfg.get("handle")
+
     r = self.zoo.initialize()
     r.save("%s.identity.xml" % self.zoo.handle,
-           None if self.zoo.run_pubd else sys.stdout)
+           None if rootd_case else sys.stdout)
 
-    if self.zoo.run_rootd and self.zoo.handle == self.zoo.cfg.get("handle"):
+    if rootd_case:
       r = self.zoo.configure_rootd()
       if r is not None:
         r.save("%s.%s.repository-request.xml" % (self.zoo.handle, self.zoo.handle), sys.stdout)
@@ -205,6 +208,50 @@ class main(rpki.cli.Cmd):
     self.zoo.write_bpki_files()
 
 
+  # These aren't quite ready for prime time yet.  See https://trac.rpki.net/ticket/466
+
+  if False:
+
+    def do_create_identity(self, arg):
+      """
+      Create a new resource-holding entity.  Argument is the handle of
+      the entity to create.  Returns XML file describing the new
+      resource holder.
+
+      This command is idempotent: calling it for a resource holder which
+      already exists returns the existing identity.
+      """
+
+      argv = arg.split()
+      if len(argv) != 1:
+        raise BadCommandSyntax("This command expexcts one argument, not %r" % arg)
+
+      self.zoo.reset_identity(argv[0])
+
+      rootd_case = self.zoo.run_rootd and self.zoo.handle == self.zoo.cfg.get("handle")
+
+      r = self.zoo.initialize_resource_bpki()
+      r.save("%s.identity.xml" % self.zoo.handle,
+             None if rootd_case else sys.stdout)
+
+      if rootd_case:
+        r = self.zoo.configure_rootd()
+        if r is not None:
+          r.save("%s.%s.repository-request.xml" % (self.zoo.handle, self.zoo.handle), sys.stdout)
+
+    def do_initialize_server_bpki(self, arg):
+      """
+      Initialize server BPKI portion of an RPKI installation.  Reads
+      server configuration from configuration file and creates the
+      server BPKI objects needed to start daemons.
+      """
+
+      if arg:
+        raise BadCommandSyntax, "This command takes no arguments"
+      self.zoo.initialize_server_bpki()
+      self.zoo.write_bpki_files()
+
+
   def do_update_bpki(self, arg):
     """
     Update BPKI certificates.  Assumes an existing RPKI installation.
@@ -218,9 +265,10 @@ class main(rpki.cli.Cmd):
     Most likely this should be run under cron.
     """
 
+    if arg:
+      raise BadCommandSyntax, "This command takes no arguments"
     self.zoo.update_bpki()
     self.zoo.write_bpki_files()
-    self.zoo.synchronize()
 
 
   def do_configure_child(self, arg):