aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-04-09Rewrite some of the rule blocks for clarity.Rob Austein
svn path=/branches/tk685/; revision=5770
2014-04-08First cut at revised top-level rules and macros. Tediously verbose atRob Austein
the moment, clean that up later, but seems to work as intended. svn path=/branches/tk685/; revision=5769
2014-04-08Pull from trunk.Rob Austein
svn path=/branches/tk685/; revision=5768
2014-04-08CVE-2014-0160. Not strictly relevant as we don't use TLS, but it'sRob Austein
easier to upgrade than to answer that question even once. svn path=/trunk/; revision=5767
2014-04-07Pull tk674 changes from trunk. Required manual conflict resolutionRob Austein
because of tree changes in this (tk685) branch; with luck the subversion mergeinfo will record what happened as I intended, but if something horrible happens when this is merged back to trunk, you'll know why. Manual diff of affected files against trunk looks good. svn path=/branches/tk685/; revision=5766
2014-04-07Whack test code to work with new tree, fix relaxng.py.Rob Austein
svn path=/branches/tk685/; revision=5765
2014-04-07Add .get{Subject,Issuer}Hash() methods.Rob Austein
svn path=/branches/tk685/; revision=5764
2014-04-07merge support for GUI password resets. closes #674Michael Elkins
svn path=/trunk/; revision=5762
2014-04-07merge with ^/trunkMichael Elkins
svn path=/branches/tk674/; revision=5761
2014-04-07Fix schema generation.Rob Austein
svn path=/branches/tk685/; revision=5760
2014-04-07RP cleanup and test rules.Rob Austein
svn path=/branches/tk685/; revision=5759
2014-04-06Start whacking MakefilesRob Austein
svn path=/branches/tk685/; revision=5758
2014-04-05Source tree reorg, phase 1. Almost everything moved, no file contents changed.Rob Austein
svn path=/branches/tk685/; revision=5757
2014-04-05RegenRob Austein
svn path=/trunk/; revision=5754
2014-04-05Merge tk671 (router certificate support) back to trunk. See #671.Rob Austein
svn path=/trunk/; revision=5753
2014-04-05Add delete_certificate_request and show_certificate_requests to rpkic.Rob Austein
svn path=/branches/tk671/; revision=5751
2014-04-04Initial rpki-rtr support for router certificates. Runs, but not yetRob Austein
tested beyond `smoketest.1.yaml` and `--client loopback`. svn path=/branches/tk671/; revision=5750
2014-04-04RegenRob Austein
svn path=/branches/tk671/; revision=5749
2014-04-04Sigh, cut-and-paste of missing copyright-and-license notice from IETFRob Austein
web site picked up non-ASCII punctuation characters which eventually caused Python to choke due to lack of encoding declaration. Substituting boring ASCII equivalents for whizzy punctuation. svn path=/branches/tk671/; revision=5748
2014-04-04RegenRob Austein
svn path=/branches/tk671/; revision=5747
2014-04-04Update copyrights.Rob Austein
svn path=/branches/tk671/; revision=5746
2014-04-03If we're going to remove the poststart function we'd better not try to call it.Rob Austein
svn path=/branches/tk671/; revision=5745
2014-04-03Remove deferred-upgrade stuff, we don't need it at the moment, it'sRob Austein
fragile, and this may not really be the right approach anyway. svn path=/branches/tk671/; revision=5744
2014-04-03Turns out we don't really need the whole deferred-upgrade mess afterRob Austein
all, at least not yet. Real problem was AIA handling, now fixed. svn path=/branches/tk671/; revision=5743
2014-04-03Helps to fix the code as well as the comments.Rob Austein
svn path=/branches/tk671/; revision=5742
2014-04-02Need AIA check for signed object certificates too.Rob Austein
svn path=/branches/tk671/; revision=5741
2014-04-02Get AIA comparison right.Rob Austein
svn path=/branches/tk671/; revision=5740
2014-04-02Track changes in URI at which parent publishes our CA certificate, andRob Austein
propegate those changes to certs we issue. svn path=/branches/tk671/; revision=5739
2014-04-02Log something before running deferred upgrades.Rob Austein
svn path=/branches/tk671/; revision=5738
2014-04-02Don't try to batch revocations.Rob Austein
svn path=/branches/tk671/; revision=5737
2014-04-02Hmm, Python "exec" is a bit fragile, may need to do something aboutRob Austein
constructing script-specific symbol table. svn path=/branches/tk671/; revision=5736
2014-04-02Directory cleanup working as expected, but AIA cleanup still flakey.Rob Austein
svn path=/branches/tk671/; revision=5735
2014-04-02Better version of cleanup script, although we might be able to doRob Austein
better if there turns out to be a sane way for rpkid to notice that it wants a different SIA value than previously and therefore request the new certificate automatically. svn path=/branches/tk671/; revision=5734
2014-04-02Pull from trunk.Rob Austein
svn path=/branches/tk671/; revision=5733
2014-04-02Don't throw exception from child_cert_obj.__repr__() when ca_detail isn't set.Rob Austein
svn path=/trunk/; revision=5732
2014-04-02Hmm, fun failures withdrawing nonexistent objects. Try postponingRob Austein
revokcation until after we've done everything else. svn path=/branches/tk671/; revision=5731
2014-04-02Sigh, s/--self_id/--self_handle/.Rob Austein
svn path=/branches/tk671/; revision=5730
2014-04-02Different approach to forced-reissue script, using irbe_cli batching.Rob Austein
svn path=/branches/tk671/; revision=5729
2014-04-02And this time it ran perfectly on the first pass. Yep, some kind of timing ↵Rob Austein
thing. svn path=/branches/tk671/; revision=5728
2014-04-02Try doing the entire rekey/reissue thing twice, since that seems toRob Austein
work when doing it manually. This may be a timing issue. svn path=/branches/tk671/; revision=5727
2014-04-01Something seriously weird going on with scoping rules, rewrite yet again.Rob Austein
svn path=/branches/tk671/; revision=5726
2014-04-01Scoping problem in exec-from-sql kludge, sigh.Rob Austein
svn path=/branches/tk671/; revision=5725
2014-04-01Running deferred SQL upgrades from rpki-start-servers doesn't work,Rob Austein
dunno why, but putting it there was always a kludge. Try moving it to an explicit post-start action in platform-specific startup scripts. Rewrite deferred upgrade script for [5678] to do up-down rekey and revoke as well, since that seemed to work better in initial testing. svn path=/branches/tk671/; revision=5724
2014-03-31Debug deferred_upgrade code.Rob Austein
svn path=/branches/tk671/; revision=5723
2014-03-31Pull from trunk.Rob Austein
svn path=/branches/tk671/; revision=5722
2014-03-31Remove ancient restriction that rootd operator's handle must match theRob Austein
handle field in rpki.conf. svn path=/trunk/; revision=5721
2014-03-31Debug apply-scripts database passing.Rob Austein
svn path=/branches/tk671/; revision=5720
2014-03-30First cut at upgrade script for change [5678]. Needs testing.Rob Austein
svn path=/branches/tk671/; revision=5719
2014-03-30Add rpki-sql-setup --apply-deferred-updates to support migrationsRob Austein
which can't be executed until the daemons are up. See #671. svn path=/branches/tk671/; revision=5718
2014-03-30Debug merge of rpki-sql-update into rpki-sql-setup.Rob Austein
svn path=/branches/tk671/; revision=5717
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-12 01:38:09 +0000