Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rpki.gui.cacheview.util:caught exception while processing rcynic_object #784

Closed
sraustein opened this issue Nov 3, 2015 · 7 comments
Closed

rpki.gui.cacheview.util:caught exception while processing rcynic_object #784

sraustein opened this issue Nov 3, 2015 · 7 comments
Labels
bug

Comments

@sraustein
Copy link
Contributor

every hour or so

{{{
ERROR:rpki.gui.cacheview.util:caught exception while processing rcynic_object:
vs=<validation_status_element id=34569595920 status=object_accepted file_class=<class 'rpki.rcynic.rcynic_certificate'> generation=current timestamp=2015-11-03T05:08:57Z uri=rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/eaYORdLzbCkmahJ8FGl3ku8UAnM.cer filename=/var/rcynic/data/authenticated/rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/eaYORdLzbCkmahJ8FGl3ku8UAnM.cer>
obj=<rcynic_certificate rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/eaYORdLzbCkmahJ8FGl3ku8UAnM.cer V4: 103.109.120.0/24 at 0x80c814450>
Filename: /var/rcynic/data/authenticated/rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/eaYORdLzbCkmahJ8FGl3ku8UAnM.cer
Uri: rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/eaYORdLzbCkmahJ8FGl3ku8UAnM.cer
Notbefore: 2015-11-02T22:05:24Z
Notafter: 2030-01-01T00:00:00Z
Aia_uri: rsync://rpki-testbed.apnic.net/repository/333B6962A8E311E28B99CBD893E9F209/aQoXJB2bnmAcZXI68xsp0MEW_bM.cer
Sia_directory_uri: None
Resources: V4: 103.109.120.0/24
Traceback (most recent call last):
File "/usr/local/libexec/rpkigui-rcynic", line 52, in
import_rcynic_xml(options.root, options.logfile)
File "/usr/local/lib/python2.7/site-packages/rpki/gui/cacheview/util.py", line 424, in import_rcynic_xml
process_cache(root, logfile)
File "/usr/local/lib/python2.7/site-packages/django/db/transaction.py", line 224, in inner
return func(_args, *_kwargs)
File "/usr/local/lib/python2.7/site-packages/rpki/gui/cacheview/util.py", line 263, in process_cache
save_status(repo, vs)
File "/usr/local/lib/python2.7/site-packages/rpki/gui/cacheview/util.py", line 236, in save_status
dispatch[vs.file_class.name](obj, inst)
File "/usr/local/lib/python2.7/site-packages/rpki/gui/cacheview/util.py", line 49, in rcynic_cert
obj.save()
File "/usr/local/lib/python2.7/site-packages/django/db/models/base.py", line 463, in save
self.save_base(using=using, force_insert=force_insert, force_update=force_update)
File "/usr/local/lib/python2.7/site-packages/django/db/models/base.py", line 551, in save_base
result = manager._insert([self], fields=fields, return_id=update_pk, using=using, raw=raw)
File "/usr/local/lib/python2.7/site-packages/django/db/models/manager.py", line 203, in _insert
return insert_query(self.model, objs, fields, **kwargs)
File "/usr/local/lib/python2.7/site-packages/django/db/models/query.py", line 1593, in insert_query
return query.get_compiler(using=using).execute_sql(return_id)
File "/usr/local/lib/python2.7/site-packages/django/db/models/sql/compiler.py", line 912, in execute_sql
cursor.execute(sql, params)
File "/usr/local/lib/python2.7/site-packages/django/db/backends/mysql/base.py", line 114, in execute
return self.cursor.execute(query, args)
File "/usr/local/lib/python2.7/site-packages/MySQLdb/cursors.py", line 205, in execute
self.errorhandler(self, exc, value)
File "/usr/local/lib/python2.7/site-packages/MySQLdb/connections.py", line 36, in defaulterrorhandler
raise errorclass, errorvalue
django.db.utils.IntegrityError: (1048, "Column 'sia' cannot be null")
Program /usr/local/libexec/rpkigui-rcynic exited with status 1
}}}

Trac ticket #778 component gui priority major, owner None, created by randy on 2015-11-03T05:56:53Z, last modified 2016-04-22T16:02:11Z
@sraustein
Copy link
Contributor Author

It's an EE certificate, so it has no SIA caRepository URI.

Trac comment by sra on 2015-11-03T06:01:14Z

@sraustein
Copy link
Contributor Author

sra sez {{{It's an EE certificate, so it has no SIA caDirectory.}}}

Trac comment by randy on 2015-11-03T06:01:41Z

@sraustein
Copy link
Contributor Author

There are a few of those (URIs below), APNIC testbed specials. I no
longer recall why EE certificates with no SIA extension at all are
whine-and-permit rather than reject, probably allowing something
stupid somebody was doing years ago. We might want to reject them.

But router certificates won't have SIA caRepository either, so code
has to cope with that.

{{{
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/9N3KGvrzgk2bbnTso--n9nypjWk.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/kqYAhV1eAYgl-dBU_OYoeX-5LVA.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/rgxbeeiDGsrp6adxDmH5NTb5jI0.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/HdjmgYONJ-X7HmvTL6BISEB6hgU.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/7Pj3yBKbZrvhgsKvQ5U2eDSmAA8.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/kdlXwPfGIYZgVNUel9OZnsGNH0g.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/_uli2R1gc_ZyyU4SRRNID_r9-IU.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/2UBh1-XAvR-TRdxVvavTJt51-RA.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/yFyfoajrQom1Ut2VlI2ASTL7Qb0.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/F1mHhl42MFEhXJoY1yUtHwcp17Q.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/Mo5xeGmcWGO6w0WpCDKo8jGY1ow.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/VKejzbUVeBjTCfBJw4iuSKbuw7c.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/GDBtrds-xjFAltGawkhBMeSA7nw.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/Dwy5OwqfW0iINFIetXXwxCEajUg.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/oGRld_h3Mgd-tRvuRb1tglu5vpo.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/cxKlz6cAPZbcQ95BdqzM_vx4Bbw.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/jQWKwwQYNOqZc63T0FO2OkvYgSs.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/0IQCfN1Du7dqzF9fh5e7tAiTKq8.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/TH_QE3FEZO5pU8xSQWb_qykBsWs.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/ZCGzqp0QgrnJbg9N-8GzPOn7fcc.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/XqJeThfdatEtYBhvwbjqoNLuvYU.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/PDatNpjrP2fsfofiC7I9BekLYd8.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/eisl9hUUrjqxVxmdqZL8C0FUnXY.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/eaYORdLzbCkmahJ8FGl3ku8UAnM.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/pkb1ifkTHMfUXg19KoWU6eWQPHY.cer
rsync://rpki-testbed.apnic.net/repository/A30015AEABE011E290E79B6AA8B6C50A/Rjy-IYEhFYCPJEkZzjBW16Q_TJY.cer
}}}

Trac comment by sra on 2015-11-03T06:33:56Z

@sraustein
Copy link
Contributor Author

< paranoid tought >

this would be an amusing time for geof to do creative things. i know he
plans to TA 0/0. but he could do other things.

Trac comment by randy on 2015-11-03T06:36:49Z

@sraustein
Copy link
Contributor Author

< paranoid tought >

this would be an amusing time for geof to do creative things. i know he
plans to TA 0/0. but he could do other things.

All of these were issued 2 November and don't expire until 2030.

But this is the APNIC testbed, so, whatever.

Trac comment by sra on 2015-11-03T06:56:03Z

@sraustein
Copy link
Contributor Author

rpkigui-rcynic was fixed in [6365] to ignore non-CA certificates in the repository, so this no long happens.

Trac comment by melkins on 2016-04-22T16:02:11Z

@sraustein
Copy link
Contributor Author

Closed with resolution fixed

@sraustein sraustein added the bug label Aug 8, 2016
@sraustein sraustein mentioned this issue Aug 8, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sraustein