From 883112a925885a7dcfcbdaaa4d748e16140f8389 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Tue, 26 Apr 2016 22:58:04 +0000
Subject: Handle non-existant root certificate correctly in rpkic
 extract_root_* commands.  Fixes #808.

svn path=/branches/tk705/; revision=6393
---
 rpki/irdb/zookeeper.py |  6 +++++-
 rpki/rpkic.py          | 28 +++++++++++++++++-----------
 2 files changed, 22 insertions(+), 12 deletions(-)

(limited to 'rpki')

diff --git a/rpki/irdb/zookeeper.py b/rpki/irdb/zookeeper.py
index f0fda08a..72daa952 100644
--- a/rpki/irdb/zookeeper.py
+++ b/rpki/irdb/zookeeper.py
@@ -392,7 +392,11 @@ class Zookeeper(object):
         r_msg = self.call_rpkid(q_msg)
         assert len(r_msg) == 1 and r_msg[0].tag == rpki.left_right.tag_parent
 
-        cert = rpki.x509.X509(Base64 = r_msg[0].findtext(rpki.left_right.tag_rpki_root_cert))
+        b64 = r_msg[0].findtext(rpki.left_right.tag_rpki_root_cert)
+        if not b64:
+            return None, ()
+
+        cert = rpki.x509.X509(Base64 = b64)
         caDirectory, rpkiManifest, signedObjectRepository, rpkiNotify = cert.get_SIA()
         sia_base = r_msg[0].get("sia_base")
         fn = cert.gSKI() + ".cer"
diff --git a/rpki/rpkic.py b/rpki/rpkic.py
index e297c4d8..d90ad690 100644
--- a/rpki/rpkic.py
+++ b/rpki/rpkic.py
@@ -450,10 +450,13 @@ class main(Cmd):
         """
 
         cert, uris = self.zoo.extract_root_certificate_and_uris(args.root_handle)
-        fn = args.output_file or (cert.gSKI() + ".cer")
-        with open_swapped_uids(fn, "wb") as f:
-            print "Writing", f.name
-            f.write(cert.get_DER())
+        if cert is None:
+            print "No certificate currently available"
+        else:
+            fn = args.output_file or (cert.gSKI() + ".cer")
+            with open_swapped_uids(fn, "wb") as f:
+                print "Writing", f.name
+                f.write(cert.get_DER())
 
 
     @parsecmd(argsubparsers,
@@ -465,13 +468,16 @@ class main(Cmd):
         """
 
         cert, uris = self.zoo.extract_root_certificate_and_uris(args.root_handle)
-        fn = args.output_file or (cert.gSKI() + ".tal")
-        with open_swapped_uids(fn, "w") as f:
-            print "Writing", f.name
-            for uri in uris:
-                f.write(uri + "\n")
-            f.write("\n")
-            f.write(cert.getPublicKey().get_Base64())
+        if cert is None:
+            print "No certificate currently available"
+        else:
+            fn = args.output_file or (cert.gSKI() + ".tal")
+            with open_swapped_uids(fn, "w") as f:
+                print "Writing", f.name
+                for uri in uris:
+                    f.write(uri + "\n")
+                f.write("\n")
+                f.write(cert.getPublicKey().get_Base64())
 
 
     @parsecmd(argsubparsers,
-- 
cgit v1.2.3