aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-07-20use format_html() to build strings returned by custom template tags so that ↵Michael Elkins
the output is not html escaped closes #835 svn path=/branches/tk705/; revision=6451
2016-07-20need to add contenttypes and auth to INSTALLED_APPS even for gui auxillary ↵Michael Elkins
scripts see #825 svn path=/branches/tk705/; revision=6450
2016-07-19add initial migration for the routeview app.Michael Elkins
add --fake-initial option when doing the migrations so that existing installs will ignore the initial migration svn path=/branches/tk705/; revision=6449
2016-07-19Implement new recommendation for HTTPS validation: try with validationRob Austein
enabled, if that fails, whine and retry with validation disabled. svn path=/branches/tk705/; revision=6448
2016-07-19Simplistic hack for versioning with git.Rob Austein
svn path=/branches/tk705/; revision=6447
2016-07-18Remove "import url from future" from Django templates. Fixes #823.Rob Austein
svn path=/branches/tk705/; revision=6446
2016-06-26Log resynchronization details.Rob Austein
svn path=/branches/tk705/; revision=6445
2016-06-17Disable email to root when a Django exception occurs, and log it to the ↵Michael Elkins
apache log instead. Make the GUI log level configurable via rpki.conf svn path=/branches/tk705/; revision=6444
2016-06-17Remove 'load url from future' as it is no longer needed in recent Django ↵Michael Elkins
versions See #823 svn path=/branches/tk705/; revision=6443
2016-06-09Fix badly written XXX_Driver.execute() methods: calling sequence isRob Austein
specified by DB API, just use it, rather than getting clever with variable-length argument sequences. svn path=/branches/tk705/; revision=6442
2016-06-08Bugfixes from Andrew Bradford (thanks!).Rob Austein
svn path=/branches/tk705/; revision=6441
2016-05-26Remove gratuitous None values from status database -- this appears toRob Austein
have been incomplete conversion from an older internal API, back when we still had Generation objects. In any case, status="None" in rcynic.xml is wrong, and has been giving rcynic-html indigestion. svn path=/branches/tk705/; revision=6440
2016-05-25Make rpkigui-import-routes use logging settings from /etc/rpki.conf instead ↵Michael Elkins
of rpki.django_settings.gui Create new rpki.django_settings.gui_script Django settings file with a minimal subset required to use the ORM, to be used in auxillary scripts Add [rpkigui-import-routes] section to rpki.conf Change log level of warning about AS value errors in routeviews dumps to DEBUG svn path=/branches/tk705/; revision=6439
2016-05-25New script to install an RPKI root key salvaged from an old rootdRob Austein
installation on top of the active CADetail of a new-style rootd-less rpkid configuration. This has been tested, but only lightly, and only in the lab. This script is dangerous. Do not run it unless you really know what you are doing, and even then you probably do not want to run it on anything but a brand new installation with no existing RPKI data. See #816. svn path=/branches/tk705/; revision=6438
2016-05-24More http:// => https:// changes in documentation links.Rob Austein
svn path=/branches/tk705/; revision=6436
2016-05-10Debian requires explicit runtime dependency on sudo, and rpki-rp needsRob Austein
to make sure that /var/log/rpki exists. svn path=/branches/tk705/; revision=6433
2016-05-09Add `--root-handle` argument to ca-unpickle to allow manualRob Austein
specification of a handle for the new root entity instead of the default of using a randomly-generated UUID as the name. svn path=/branches/tk705/; revision=6432
2016-05-07Exclude root certificate serial number from last_serial calculation,Rob Austein
as including it ends very badly when the root certificate serial is a randomly-generated 64-bit value. See #814. svn path=/branches/tk705/; revision=6430
2016-05-07Joy. Randy's trunk/ installation is using an ancient backwardsRob Austein
compatability hack which allows irdbd's server host and port to be expressed as a URL. No big deal, except that I wonder how many other relics we're going to find in The Config File That Time Forgot. See #813. svn path=/branches/tk705/; revision=6428
2016-05-07Oops, TeX-style "--" numeric ranges in copyright comments are bad fitRob Austein
for XML. Apparently we were carefully changing just the XML files to use a single "-" to work around this. Enough already, just convert all copyright year ranges to single "-" and have done with this. svn path=/branches/tk705/; revision=6427
2016-05-07More copyright notices, what fun.Rob Austein
svn path=/branches/tk705/; revision=6426
2016-05-07Copyright notice update, first round: files that are entirely newRob Austein
since copyright holder of record changed. svn path=/branches/tk705/; revision=6425
2016-05-05OpenSSL 1.0.2h.Rob Austein
svn path=/branches/tk705/; revision=6424
2016-05-05OpenSSL 1.0.2h.Rob Austein
svn path=/trunk/; revision=6423
2016-05-05This time for sure.Rob Austein
We were building the correct management object structure in rpkidb, but not in irdb, so the irdb kept breaking things when it tried to bring them into alignment. What we get for trying to perform an upgrade which requires pushing on a rope. Anyway, result now appears to work. Committing, but letting it run for a while before handing off to the usual alpha testers. svn path=/branches/tk705/; revision=6422
2016-05-05rootd migration finally working right. I think. Could stand more testing.Rob Austein
svn path=/branches/tk705/; revision=6421
2016-05-05Sort out irdb Parent vs rpkid Parent.Rob Austein
No longer throwing nasty errors, but resources still not propegating correctly down from constructed root (yet). svn path=/branches/tk705/; revision=6420
2016-05-04Non-rootd transitions finally appear to work as expected. Too manyRob Austein
rsync URIs in too many places, we had been inconsistent about updating them to match the new environment. In theory, the URI updating code now knows to touch only URIs that refer back to this same set of servers, while leaving URIs referencing external services alone, but this has not (yet) been tested. svn path=/branches/tk705/; revision=6419
2016-05-04Follow that turtle!Rob Austein
svn path=/branches/tk705/; revision=6418
2016-05-04A Farewell To Turtles.Rob Austein
svn path=/branches/tk705/; revision=6417
2016-05-04Mostly working. Setup is still finicky, and rootd transition stuffRob Austein
isn't working quite right yet (can't extract root certificate/TAL, so not useful yet), but most of the up-down/left-right/publication protocol now looks to be working with the translated data. svn path=/branches/tk705/; revision=6416
2016-05-02Far too much fun whacking Django to whack the underlying databaseRob Austein
engine to reset SQL SEQUENCEs after we've been fiddling with primary keys directly. OK, I can understand why we ahve to do something, but why does the official API for this expect us to cut and paste (with color control escape sequences, no less)? svn path=/branches/tk705/; revision=6415
2016-05-02Checkpoint. Most of the certificate twiddling is done, but untested.Rob Austein
SIA URI twiddling still needs doing. svn path=/branches/tk705/; revision=6414
2016-04-29gracefully catch and log exception from zookeeperMichael Elkins
svn path=/branches/tk705/; revision=6413
2016-04-29lxml doesn't like None as an attribute value, so use empty string whenRob Austein
reporting AIA extension of a root certificate. See #809. svn path=/branches/tk705/; revision=6412
2016-04-29Initial stumbling towards rootd -> internal root conversion. NotRob Austein
there yet, but general approach is starting to become clear. svn path=/branches/tk705/; revision=6411
2016-04-29Cleanup.Rob Austein
svn path=/branches/tk705/; revision=6410
2016-04-29ca-unpickle now handles the full set of test pickles generated fromRob Austein
smoketest.1.yaml. Not yet tested in a live server. Rootd transition not yet written, so far just some diagnostics showing some of the data we'll need to use to move the root CA state we must keep into the new internal root object (keys, serial numbers, etc). svn path=/branches/tk705/; revision=6409
2016-04-29Reorganize to support per-database forking, add pubd support.Rob Austein
svn path=/branches/tk705/; revision=6408
2016-04-29Track changes to names of pickled fields.Rob Austein
svn path=/branches/tk705/; revision=6407
2016-04-29First cut at rpkid migration, preliminary data for rootd migration.Rob Austein
Still have irdb and pubd to do. svn path=/branches/tk705/; revision=6406
2016-04-29Throw correct exceptions in container LazyDict container methods, notRob Austein
that anybody is likely to care. svn path=/branches/tk705/; revision=6405
2016-04-29Cleaner implementation of LazyDict, albeit a bit more verbose.Rob Austein
svn path=/branches/tk705/; revision=6404
2016-04-29Snapshot of incomplete proof of concept. Will need to test finalRob Austein
results, of course, but Django behavior so far suggests that this approach will probably work. svn path=/branches/tk705/; revision=6403
2016-04-28Pull still more ca-pickle hacks from trunk/.Rob Austein
svn path=/branches/tk705/; revision=6402
2016-04-28Truncate pickle file before rewriting it, to keep Python from beingRob Austein
confused by old data if we update in place. Use shorter names in the top-level dict to remove visual clutter in unpickling code. svn path=/trunk/; revision=6401
2016-04-28Pull rootd-specific ca-pickle hacks from trunk/.Rob Austein
svn path=/branches/tk705/; revision=6400
2016-04-28And of course rootd does everything just a little differently, so weRob Austein
need a few rootd-specific hacks in the pickling script to make sure we pick up all the certificate files rootd has issued. svn path=/trunk/; revision=6399
2016-04-28Pull ca-{pickle,unpickle}.py updates from trunk/.Rob Austein
svn path=/branches/tk705/; revision=6398
2016-04-28dict() of dict()s turns out to be easier to work with than a singleRob Austein
layer dict() with a tuple key. svn path=/trunk/; revision=6397
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-10 08:24:14 +0000