| Age | Commit message (Collapse) | Author |
|---|
|
svn path=/branches/tk705/; revision=6426
|
|
since copyright holder of record changed.
svn path=/branches/tk705/; revision=6425
|
|
svn path=/branches/tk705/; revision=6424
|
|
svn path=/trunk/; revision=6423
|
|
We were building the correct management object structure in rpkidb,
but not in irdb, so the irdb kept breaking things when it tried to
bring them into alignment. What we get for trying to perform an
upgrade which requires pushing on a rope.
Anyway, result now appears to work. Committing, but letting it run
for a while before handing off to the usual alpha testers.
svn path=/branches/tk705/; revision=6422
|
|
svn path=/branches/tk705/; revision=6421
|
|
No longer throwing nasty errors, but resources still not propegating
correctly down from constructed root (yet).
svn path=/branches/tk705/; revision=6420
|
|
rsync URIs in too many places, we had been inconsistent about updating
them to match the new environment.
In theory, the URI updating code now knows to touch only URIs that
refer back to this same set of servers, while leaving URIs referencing
external services alone, but this has not (yet) been tested.
svn path=/branches/tk705/; revision=6419
|
|
svn path=/branches/tk705/; revision=6418
|
|
svn path=/branches/tk705/; revision=6417
|
|
isn't working quite right yet (can't extract root certificate/TAL, so
not useful yet), but most of the up-down/left-right/publication
protocol now looks to be working with the translated data.
svn path=/branches/tk705/; revision=6416
|
|
engine to reset SQL SEQUENCEs after we've been fiddling with primary
keys directly. OK, I can understand why we ahve to do something, but
why does the official API for this expect us to cut and paste (with
color control escape sequences, no less)?
svn path=/branches/tk705/; revision=6415
|
|
SIA URI twiddling still needs doing.
svn path=/branches/tk705/; revision=6414
|
|
svn path=/branches/tk705/; revision=6413
|
|
reporting AIA extension of a root certificate. See #809.
svn path=/branches/tk705/; revision=6412
|
|
there yet, but general approach is starting to become clear.
svn path=/branches/tk705/; revision=6411
|
|
svn path=/branches/tk705/; revision=6410
|
|
smoketest.1.yaml. Not yet tested in a live server. Rootd transition
not yet written, so far just some diagnostics showing some of the data
we'll need to use to move the root CA state we must keep into the new
internal root object (keys, serial numbers, etc).
svn path=/branches/tk705/; revision=6409
|
|
svn path=/branches/tk705/; revision=6408
|
|
svn path=/branches/tk705/; revision=6407
|
|
Still have irdb and pubd to do.
svn path=/branches/tk705/; revision=6406
|
|
that anybody is likely to care.
svn path=/branches/tk705/; revision=6405
|
|
svn path=/branches/tk705/; revision=6404
|
|
results, of course, but Django behavior so far suggests that this
approach will probably work.
svn path=/branches/tk705/; revision=6403
|
|
svn path=/branches/tk705/; revision=6402
|
|
confused by old data if we update in place. Use shorter names in the
top-level dict to remove visual clutter in unpickling code.
svn path=/trunk/; revision=6401
|
|
svn path=/branches/tk705/; revision=6400
|
|
need a few rootd-specific hacks in the pickling script to make sure we
pick up all the certificate files rootd has issued.
svn path=/trunk/; revision=6399
|
|
svn path=/branches/tk705/; revision=6398
|
|
layer dict() with a tuple key.
svn path=/trunk/; revision=6397
|
|
svn path=/branches/tk705/; revision=6396
|
|
encapsulate all (well, we hope) relevant configuration and state from
a trunk/ CA in a form we can easily load on another machine, or on the
same machine after a software upgrade, or ....
Transfer format is an ad hoc Python dictionary, encoded in Python's
native "Pickle" format, compressed by "xz" with SHA-256 integrity
checking enabled. See #807.
svn path=/trunk/; revision=6395
|
|
rpkid.
closes #805
svn path=/branches/tk705/; revision=6394
|
|
commands. Fixes #808.
svn path=/branches/tk705/; revision=6393
|
|
svn path=/branches/tk705/; revision=6392
|
|
svn path=/branches/tk705/; revision=6391
|
|
and logging setup. Most programs now use the unified mechanism,
although there are still a few holdouts: the GUI, which is a special
case because it has no command line, and the rpki-rtr program, which,
for historical reasons has its own implementation of the logging setup
infrastructure.
svn path=/branches/tk705/; revision=6390
|
|
svn path=/trunk/; revision=6389
|
|
the default configuration to be production rather than testing.w
svn path=/branches/tk705/; revision=6388
|
|
startup error messages logged properly if at all possible. See #806.
svn path=/branches/tk705/; revision=6387
|
|
svn path=/branches/tk705/; revision=6386
|
|
to stdout or stderr instead of the logging system.
svn path=/branches/tk705/; revision=6385
|
|
svn path=/branches/tk705/; revision=6384
|
|
.up_down_query() must handle errors signaled by .up_down_query_root() correctly.
svn path=/branches/tk705/; revision=6383
|
|
svn path=/branches/tk705/; revision=6382
|
|
"Try adding .all(), idiot."
svn path=/branches/tk705/; revision=6381
|
|
new scheme. Rewrite pubd code which was whacking top-level
certificate files with names other than "root.cer".
svn path=/branches/tk705/; revision=6380
|
|
svn path=/branches/tk705/; revision=6379
|
|
svn path=/branches/tk705/; revision=6378
|
|
svn path=/branches/tk705/; revision=6377
|
