diff options
author | Andrew Wnuk <awnuk@redhat.com> | 2012-07-17 16:45:17 -0700 |
---|---|---|
committer | Andrew Wnuk <awnuk@redhat.com> | 2012-07-17 16:45:17 -0700 |
commit | eb7eedcc54f1bb3894bdb6c88fe0aa587fa0b782 (patch) | |
tree | 25635aca6f96b579026460f34403b3a0c857f3d2 | |
parent | 88322df4cb62f7b4e38213e141d969fb0093afa8 (diff) | |
download | pki-eb7eedcc54f1bb3894bdb6c88fe0aa587fa0b782.tar.gz pki-eb7eedcc54f1bb3894bdb6c88fe0aa587fa0b782.tar.xz pki-eb7eedcc54f1bb3894bdb6c88fe0aa587fa0b782.zip |
CA removal
This patch provides fix to OCSP agent inability of removing a CA from the List of Certificate Authorities in some circumstances.
Bug: 837124.
-rw-r--r-- | base/common/src/com/netscape/cms/ocsp/DefStore.java | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/base/common/src/com/netscape/cms/ocsp/DefStore.java b/base/common/src/com/netscape/cms/ocsp/DefStore.java index 7c9c2bb1f..749f23f78 100644 --- a/base/common/src/com/netscape/cms/ocsp/DefStore.java +++ b/base/common/src/com/netscape/cms/ocsp/DefStore.java @@ -212,6 +212,14 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { } public void deleteOldCRLsInCA(String caName) throws EBaseException { + deleteCRLsInCA (caName, true); + } + + public void deleteAllCRLsInCA(String caName) throws EBaseException { + deleteCRLsInCA (caName, false); + } + + public void deleteCRLsInCA(String caName, boolean oldCRLs) throws EBaseException { IDBSSession s = mDBService.createSession(); try { @@ -224,10 +232,8 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { return; // nothing to do String thisUpdate = Long.toString( cp.getThisUpdate().getTime()); - Enumeration e = searchRepository( - caName, - "(!" + IRepositoryRecord.ATTR_SERIALNO + "=" + - thisUpdate + ")"); + String filter = (oldCRLs)? "(!" + IRepositoryRecord.ATTR_SERIALNO + "=" + thisUpdate + ")": "ou=*"; + Enumeration e = searchRepository( caName, filter); while (e != null && e.hasMoreElements()) { IRepositoryRecord r = (IRepositoryRecord) @@ -629,7 +635,10 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { s = mDBService.createSession(); String name = "cn=" + transformDN(id) + "," + getBaseDN(); CMS.debug("DefStore::deleteCRLIssuingPointRecord: Attempting to delete: " + name); - if (s != null) s.delete(name); + if (s != null) { + deleteAllCRLsInCA(id); + s.delete(name); + } } finally { if (s != null) s.close(); } |