From 0c09c0596e642b5bb3cc107b0933cf9ad847086c Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Wed, 14 Nov 2007 18:54:30 +0000
Subject: Fix implementation of up-down "revoke"

svn path=/docs/rpki-db-schema.sql; revision=1295
---
 scripts/rpki/up_down.py | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'scripts/rpki/up_down.py')

diff --git a/scripts/rpki/up_down.py b/scripts/rpki/up_down.py
index 82852bac..777743cf 100644
--- a/scripts/rpki/up_down.py
+++ b/scripts/rpki/up_down.py
@@ -341,14 +341,14 @@ class revoke_pdu(revoke_syntax):
     if not self.class_name.isdigit():
       raise rpki.exceptions.BadClassNameSyntax, "Bad class name %s" % self.class_name
     ca_id = long(self.class_name)
-    ca = rpki.sql.ca_obj.sql_fetch(gctx, ca_id)
-    ca_detail = rpki.sql.ca_detail_obj.sql_fetch_active(gctx, ca_id)
-    if ca is None or ca_detail is None:
-      raise rpki.exceptions.NotInDatabase
-    for c in rpki.sql.child_cert_obj.sql_fetch_where(gctx, """
-                child_id = %s AND ca_detail_id = %s AND ski = "%s"
-                """ % (child.child_id, ca_detail.ca_detail_id, self.get_SKI())):
-      c.sql_delete()
+    ski = self.get_SKI()
+    for ca_detail in rpki.sql.ca_detail_obj.sql_fetch_where(gctx, """
+                ca_id = %s AND state != 'revoked'""" % ca_id):
+      for child_cert in rpki.sql.child_cert_obj.sql_fetch_where(gctx, """
+                child_id = %s AND ca_detail_id = %s AND ski = '%s'
+                """ % (child.child_id, ca_detail.ca_detail_id, ski)):
+        child_cert.revoke()
+    rpki.sql.sql_sweep(gctx)
     r_msg.payload = revoke_response_pdu()
     r_msg.payload.class_name = self.class_name
     r_msg.payload.ski = self.ski
-- 
cgit v1.2.3