From 867bd91ba8bf05271cf5a88a297c84de32eefc51 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Thu, 24 Jan 2008 00:36:32 +0000
Subject: Reuse child SIA when reissuing

svn path=/scripts/rpki/left_right.py; revision=1498
---
 scripts/rpki/sql.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'scripts/rpki/sql.py')

diff --git a/scripts/rpki/sql.py b/scripts/rpki/sql.py
index 71f81c35..6aef177a 100644
--- a/scripts/rpki/sql.py
+++ b/scripts/rpki/sql.py
@@ -453,8 +453,7 @@ class ca_detail_obj(sql_persistant):
           child_cert.reissue(
             gctx      = gctx,
             ca_detail = self,
-            resources = child_resources.intersection(new_resources),
-            sia       = ca.sia_uri)
+            resources = child_resources.intersection(new_resources))
 
   @classmethod
   def create(cls, gctx, ca):
@@ -613,7 +612,7 @@ class child_cert_obj(sql_persistant):
       self.revoked = rpki.sundial.datetime.utcnow()
       self.sql_mark_dirty()
 
-  def reissue(self, gctx, ca_detail, resources, sia):
+  def reissue(self, gctx, ca_detail, resources, sia = None):
     """Reissue an existing cert, reusing the public key.  If the cert
     we would generate is identical to the one we already have, we just
     return the one we already have.  If we have to revoke the old
@@ -628,6 +627,9 @@ class child_cert_obj(sql_persistant):
     old_resources = self.cert.get_3779resources()
     old_sia       = self.cert.get_SIA()
 
+    if sia is None:
+      sia = old_sia
+
     assert resources.valid_until is not None and old_resources.valid_until is not None
 
     if resources == old_resources and sia == old_sia:
-- 
cgit v1.2.3