aboutsummaryrefslogtreecommitdiff
path: root/rpkid
AgeCommit message (Collapse)Author
2010-10-04Hack rpki.myrpki.csv_writer to write to a temporary filename, thenRob Austein
rename to the real filename on close. svn path=/rpkid.without_tls/rpki/myrpki.py; revision=3457
2010-10-01update_bpki now takes arguments like configure_daemons, so it can doRob Austein
the whole job. svn path=/rpkid/rpki/myrpki.py; revision=3452
2010-10-01Debug update_bpkiRob Austein
svn path=/rpkid/rpki/myrpki.py; revision=3451
2010-10-01First cut at automatic BPKI regenerationRob Austein
svn path=/rpkid/rpki/myrpki.py; revision=3450
2010-09-16Preliminary version of rpkid et al with all the TLS code ripped out.Rob Austein
Not quite ready for cutover yet, may need some conversion tools and instructions, but checking this into a branch (well, sort of) so that others can look at the code changes involved, try it out themselves, etc. At some point this will merge back into rpkid/ directory and there will be only one, without TLS, but converting the testbed is going to require a flag day, so need to keep the TLS version around until then. svn path=/rpkid.without_tls; revision=3449
2010-09-15Convert interface between Python and OpenSSL to use GeneralizedTimeRob Austein
syntax for both GeneralizedTime and UTCTime: bad enough that the ASN.1 code has to know about Y2050 madness, there's no sane reason why application code should need to know. svn path=/pow/POW-0.7/POW.c; revision=3448
2010-09-15Make it easier to run yamltest with other configsRob Austein
svn path=/rpkid/tests/Makefile; revision=3447
2010-09-14Don't explode when cleaning up attributes that never existedRob Austein
svn path=/rpkid/rpki/rpki_engine.py; revision=3446
2010-09-10Refactor .wrap()/.unwrap() code prior to adding CMS timestamp checks.Rob Austein
svn path=/rpkid/irdbd.py; revision=3445
2010-09-09Downgrade syslog priority of a few messagesRob Austein
svn path=/rpkid/rpki/https.py; revision=3444
2010-09-08Clean up unnecessarily opaque test condition.Rob Austein
svn path=/rpkid/rpki/rpki_engine.py; revision=3443
2010-09-08Partial (incomplete, written in a hospital waiting room) BPKI revocationn ↵Rob Austein
support. svn path=/rpkid/rpki/myrpki.py; revision=3442
2010-09-07Add support for extracting signingTime from CMS messages.Rob Austein
svn path=/pow/POW-0.7/POW.c; revision=3440
2010-09-03Add new "Auto_update" flavor of DER objects: this is like Auto_file,Rob Austein
but saves the filename from which it was loaded, and attempts to reload itself automatically if the file's st_mtime changes. svn path=/rpkid/irdbd.py; revision=3439
2010-09-03Restrict extra identity checks for trusted BPKI EE certificates toRob Austein
subject name and public key, so that things won't come to a grinding halt if BPKI certificates are updated while daemons are running. svn path=/rpkid/rpki/x509.py; revision=3438
2010-09-03We don't really need the *.cacert.cer files.Rob Austein
svn path=/rpkid/rpki/myrpki.py; revision=3437
2010-08-31regenRob Austein
svn path=/rpkid/publication-schema.rng; revision=3435
2010-08-31Sadly, it turns out that CRLs really can grow large enough to hit theRob Austein
length limits previously set in this schema as a precaution. Remove length limit and cross fingers, at least for now. svn path=/rpkid/publication-schema.rnc; revision=3434
2010-08-30Use correct exception handler in call_pubd()Rob Austein
svn path=/rpkid/rpki/left_right.py; revision=3433
2010-08-30Another dropped exception event, sigh.Rob Austein
svn path=/rpkid/rpki/https.py; revision=3432
2010-08-29Break XML packet dumps into multiple lines when logging schemaRob Austein
validation errors. svn path=/rpkid/rpki/publication.py; revision=3431
2010-08-28Add test for withdrawing ROARob Austein
svn path=/rpkid/tests/smoketest.3.yaml; revision=3429
2010-08-28Clean up publication_queue wrapper methodsRob Austein
svn path=/rpkid/rpki/rpki_engine.py; revision=3428
2010-08-28Suppress duplicate roa_requestsRob Austein
svn path=/rpkid/rpki/left_right.py; revision=3427
2010-08-24Schema changes a while backRob Austein
svn path=/rpkid/doc/rpkid.dot; revision=3425
2010-08-13Error in assertion messageRob Austein
svn path=/rpkid/rpki/resource_set.py; revision=3423
2010-07-30Doc nitRob Austein
svn path=/rpkid/rpki/__doc__.py.in; revision=3420
2010-07-22Doh. Thanks, Michael.Rob Austein
svn path=/rpkid/tests/smoketest.py; revision=3417
2010-07-16irdbd uses MySQLdb directly, so has to db.ping(reconnect) on its ownRob Austein
to keep SQL connection open. Feh. svn path=/rpkid/irdbd.py; revision=3414
2010-07-16Only regenerate manifest and CRL once for batch ROA updates.Rob Austein
svn path=/rpkid/rpki/left_right.py; revision=3413
2010-07-16Doh, .sql_mark_deleted() works better if it also marks record dirty.Rob Austein
svn path=/rpkid/rpki/sql.py; revision=3412
2010-07-16Duct tape and bailing wire fix for .update_roas(). This isn't rightRob Austein
yet, arguably the underlying design is wrong here, but at least in theory this code should now clean up after itself. svn path=/rpkid/rpki/left_right.py; revision=3411
2010-07-15ParanoiaRob Austein
svn path=/rpkid/rpki/left_right.py; revision=3407
2010-07-15More ROA loggingRob Austein
svn path=/rpkid/rpki/left_right.py; revision=3406
2010-07-15Can't see any reason why roa.asn should ever be NULL either.Rob Austein
svn path=/rpkid/rpkid.sql; revision=3405
2010-07-15I can think of no sane reason to allow roa.roa or roa.cert to be NULL.Rob Austein
svn path=/rpkid/rpkid.sql; revision=3404
2010-07-15Clean up unit testRob Austein
svn path=/rpkid/rpki/adns.py; revision=3403
2010-07-15Rolling expirations testRob Austein
svn path=/rpkid/tests/smoketest.9.yaml; revision=3402
2010-07-15Log reason for deciding to generate a ROA.Rob Austein
svn path=/rpkid/rpki/rpki_engine.py; revision=3401
2010-07-14Use setsockopt() to force normal (ie, BSD-like) IPv6 socket behaviorRob Austein
even on Linux. svn path=/rpkid/rpki/https.py; revision=3400
2010-07-14Fix several Linux-related problems found during last workshop:Rob Austein
1) rpki.https.http_listener() didn't handle .bind() failure properly, which left asyncore in a weird state. 2) On Linux, sockaddr.getaddr() can return duplicate records. This is insane, but the maintainers appear to consider this a feature, so we have to suppress it. 3) Linux's support for IPv4 mapped addresses in IPv6 is so whacked that it's impossible to tell whether a socket.bind() failure is real or an artifact of Linux's whacked API without checking the value of a magic sysctl. This is just too much fun for words, so IPv6 listeners are now disabled by default on Linux; feel free to turn them on yourself, but don't blame me if they bite you. svn path=/rpkid/rpki/https.py; revision=3399
2010-07-11regenRob Austein
svn path=/rpkid/doc/Installation; revision=3390
2010-07-11Stale filenameRob Austein
svn path=/rpkid/rpki/__doc__.py.in; revision=3388
2010-07-11Sanitized config for early portal GUI debugRob Austein
svn path=/rpkid/tests/smoketest.8.yaml; revision=3386
2010-07-11RegenRob Austein
svn path=/rpkid/doc/manual.pdf; revision=3384
2010-07-11Fix linksRob Austein
svn path=/rpkid/rpki/__doc__.py.in; revision=3383
2010-07-11Ok, redirection takes a few seconds...Rob Austein
svn path=/rpkid/doc/manual.html; revision=3382
2010-07-11Try adding pointer to autogenerated HTMLRob Austein
svn path=/rpkid/doc/manual.html; revision=3381
2010-07-11regenRob Austein
svn path=/rpkid/doc/Installation; revision=3379
2010-07-11Clean up uses of RuntimeError exceptionRob Austein
svn path=/rpkid/irdbd.py; revision=3378
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-05 10:48:52 +0000