diff options
author | Endi S. Dewata <edewata@redhat.com> | 2015-07-02 18:33:48 -0400 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2015-07-02 19:03:41 -0400 |
commit | 433e1dba905f9d45f9eefcbf39e5b11ddfbfbc94 (patch) | |
tree | 582950a1bf665e6105ac4c19f7e82d040ac5b802 | |
parent | 067cbce6c015a50f4a1747f8894b13c9052c2ed9 (diff) | |
download | pki-433e1dba905f9d45f9eefcbf39e5b11ddfbfbc94.tar.gz pki-433e1dba905f9d45f9eefcbf39e5b11ddfbfbc94.tar.xz pki-433e1dba905f9d45f9eefcbf39e5b11ddfbfbc94.zip |
Fixed NPE in key-archive CLI.
The pki CLI has been modified such that if the security database
location (-d) is not specified, the config.certDatabase will be
initialized with the default value (i.e. ~/.dogtag/nssdb). The
config.certDatabase is needed by the CLI to prepare the client
library for key archival operations.
-rw-r--r-- | base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java | 21 | ||||
-rw-r--r-- | base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java | 10 |
2 files changed, 16 insertions, 15 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java index 77245ec53..4d63d9bc1 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java @@ -330,9 +330,14 @@ public class MainCLI extends CLI { } } - // store security database path - if (certDatabase != null) + if (certDatabase != null) { + // store user-provided security database location config.setCertDatabase(new File(certDatabase).getAbsolutePath()); + } else { + // store default security database location + config.setCertDatabase(System.getProperty("user.home") + + File.separator + ".dogtag" + File.separator + "nssdb"); + } // store token name config.setTokenName(tokenName); @@ -395,17 +400,7 @@ public class MainCLI extends CLI { list = cmd.getOptionValue("ignore-cert-status"); convertCertStatusList(list, ignoredCertStatuses); - if (config.getCertDatabase() == null) { - // Use default client security database - this.certDatabase = new File( - System.getProperty("user.home") + File.separator + - ".dogtag" + File.separator + "nssdb"); - - } else { - // Use existing client security database - this.certDatabase = new File(config.getCertDatabase()); - } - + this.certDatabase = new File(config.getCertDatabase()); if (verbose) System.out.println("Client security database: "+this.certDatabase.getAbsolutePath()); String messageFormat = cmd.getOptionValue("message-format"); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java index d83bcf2fc..f242ece14 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java @@ -81,14 +81,20 @@ public class KeyCLI extends CLI { // create new key client keyClient = new KeyClient(client, subsystem); - if (client.getConfig().getCertDatabase() != null && client.getConfig().getCertPassword() != null) { + + // if security database password is specified, + // prepare key client for archival/retrieval + if (client.getConfig().getCertPassword() != null) { + // create crypto provider for key client keyClient.setCrypto(new NSSCryptoProvider(client.getConfig())); - // Set the transport cert for crypto operations + // download transport cert systemCertClient = new SystemCertClient(client, subsystem); String transportCert = systemCertClient.getTransportCert().getEncoded(); transportCert = transportCert.substring(CertData.HEADER.length(), transportCert.indexOf(CertData.FOOTER)); + + // set transport cert for key client keyClient.setTransportCert(transportCert); } |