From 784b20d33070a8450b23d846a0d936a356646739 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sat, 23 Apr 2016 15:03:37 +0000 Subject: Internal root sort of working, but only sort of. It's skipping the worker CA and going straight from the root to certifying children, which is wrong. However...this is far enough along that we can now remove all the rootd glorp, which is a worthwhile simplification in its own right, so checkpoint here, remove rootd glorp, then figure out what's wrong with the internal certificate hierarchy. rcynic does validate the current output, given a manually constructed TAL, even if the current output isn't quite what it should be. So we should also be able to sort out the new TAL generation code now. Yes, checking in a version that works for the wrong reasons is weird, but the current sort-of-broken state lets us confirm that the lower levels of the tree are still correct as we go, which would be much harder if the poor thing just sat there and whimpered until we had the new internal CA code completely finished. svn path=/branches/tk705/; revision=6376 --- ca/tests/smoketest.py | 6 +++--- ca/tests/yamlconf.py | 12 ++++++------ ca/tests/yamltest.py | 12 ++++++------ 3 files changed, 15 insertions(+), 15 deletions(-) (limited to 'ca') diff --git a/ca/tests/smoketest.py b/ca/tests/smoketest.py index 9d82c640..6479883e 100644 --- a/ca/tests/smoketest.py +++ b/ca/tests/smoketest.py @@ -537,9 +537,9 @@ class allocation(object): if valid_until is None and "valid_for" in yaml: valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(yaml["valid_for"]) self.base = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as(yaml.get("asn")), - v4 = rpki.resource_set.resource_set_ipv4(yaml.get("ipv4")), - v6 = rpki.resource_set.resource_set_ipv6(yaml.get("ipv6")), + asn = str(yaml.get("asn", "")), + v4 = yaml.get("ipv4"), + v6 = yaml.get("ipv6"), valid_until = valid_until) self.sia_base = yaml.get("sia_base") if "crl_interval" in yaml: diff --git a/ca/tests/yamlconf.py b/ca/tests/yamlconf.py index 52c4da26..08827acd 100644 --- a/ca/tests/yamlconf.py +++ b/ca/tests/yamlconf.py @@ -218,9 +218,9 @@ class allocation(object): if valid_until is None and "valid_for" in y: valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(y["valid_for"]) self.base = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as(y.get("asn")), - v4 = rpki.resource_set.resource_set_ipv4(y.get("ipv4")), - v6 = rpki.resource_set.resource_set_ipv6(y.get("ipv6")), + asn = str(y.get("asn", "")), + v4 = y.get("ipv4"), + v6 = y.get("ipv6"), valid_until = valid_until) if "crl_interval" in y: self.crl_interval = rpki.sundial.timedelta.parse(y["crl_interval"]).convert_to_seconds() @@ -514,9 +514,9 @@ class allocation(object): assert self.is_root and not self.is_hosted root_resources = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as("0-4294967295"), - v4 = rpki.resource_set.resource_set_ipv4("0.0.0.0/0"), - v6 = rpki.resource_set.resource_set_ipv6("::/0")) + asn = "0-4294967295", + v4 = "0.0.0.0/0", + v6 = "::/0") root_key = rpki.x509.RSA.generate(quiet = True) diff --git a/ca/tests/yamltest.py b/ca/tests/yamltest.py index 38b5bdac..d413df5c 100755 --- a/ca/tests/yamltest.py +++ b/ca/tests/yamltest.py @@ -244,9 +244,9 @@ class allocation(object): if valid_until is None and "valid_for" in yaml: valid_until = rpki.sundial.now() + rpki.sundial.timedelta.parse(yaml["valid_for"]) self.base = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as(yaml.get("asn")), - v4 = rpki.resource_set.resource_set_ipv4(yaml.get("ipv4")), - v6 = rpki.resource_set.resource_set_ipv6(yaml.get("ipv6")), + asn = str(yaml.get("asn", "")), + v4 = yaml.get("ipv4"), + v6 = yaml.get("ipv6"), valid_until = valid_until) if "crl_interval" in yaml: self.crl_interval = rpki.sundial.timedelta.parse(yaml["crl_interval"]).convert_to_seconds() @@ -788,9 +788,9 @@ def create_root_certificate(db_root): print "Creating rootd RPKI root certificate" root_resources = rpki.resource_set.resource_bag( - asn = rpki.resource_set.resource_set_as("0-4294967295"), - v4 = rpki.resource_set.resource_set_ipv4("0.0.0.0/0"), - v6 = rpki.resource_set.resource_set_ipv6("::/0")) + asn = "0-4294967295", + v4 = "0.0.0.0/0", + v6 = "::/0") root_key = rpki.x509.RSA.generate(quiet = True) -- cgit v1.2.3