From 8032686109d62e4dbd8bb2955fbaa7b2bbdcebbb Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Wed, 6 Aug 2014 22:52:28 +0000 Subject: Sort out BPKI mess with rootd talking to pubd. Underlying problem is that smoketest.py uses an obsolete BPKI model which requires different configuration than modern code. Real fix is several different major refactoring jobs (merging rootd into rpkid, merging all three YAML-based test tools...). As usual, not today. svn path=/branches/tk705/; revision=5914 --- rpki/rootd.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'rpki/rootd.py') diff --git a/rpki/rootd.py b/rpki/rootd.py index bd940534..0508dc49 100644 --- a/rpki/rootd.py +++ b/rpki/rootd.py @@ -337,7 +337,7 @@ class main(object): try: logger.debug("Received response from pubd") r_cms = rpki.publication.cms_msg(DER = r_der) - r_msg = r_cms.unwrap(self.bpki_ta) + r_msg = r_cms.unwrap((self.bpki_ta, self.pubd_bpki_cert)) self.pubd_cms_timestamp = r_cms.check_replay(self.pubd_cms_timestamp, self.pubd_contact_uri) for r_pdu in r_msg: r_pdu.raise_if_error() @@ -450,7 +450,11 @@ class main(object): self.rootd_bpki_cert = rpki.x509.X509(Auto_update = self.cfg.get("rootd-bpki-cert")) self.rootd_bpki_crl = rpki.x509.CRL( Auto_update = self.cfg.get("rootd-bpki-crl")) self.child_bpki_cert = rpki.x509.X509(Auto_update = self.cfg.get("child-bpki-cert")) - self.pubd_bpki_cert = rpki.x509.X509(Auto_update = self.cfg.get("pubd-bpki-cert")) + + if self.cfg.has_option("pubd-bpki-cert"): + self.pubd_bpki_cert = rpki.x509.X509(Auto_update = self.cfg.get("pubd-bpki-cert")) + else: + self.pubd_bpki_cert = None self.http_server_host = self.cfg.get("server-host", "") self.http_server_port = self.cfg.getint("server-port") -- cgit v1.2.3