diff options
| author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-31 15:34:12 +0000 |
|---|---|---|
| committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-31 15:34:12 +0000 |
| commit | dc0acce379db53835a91dde4a005ccb3ffdeeec2 (patch) | |
| tree | 45eb2fcbf2b6986169221a2036cd615a2d5251b9 | |
| parent | 512f2260fecbe1bad39a9c31ed23c8f99145fa39 (diff) | |
Bugzilla Bug: 481659 - Renewal: Manual user signing and encryption certificate after renewal responds with two request ids.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@355 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
4 files changed, 41 insertions, 4 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java index 0fcd7611b..798c6a4c2 100644 --- a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java +++ b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java @@ -73,6 +73,19 @@ public interface IEnrollProfile extends IProfile { public static final String REQUEST_SEQ_NUM = "req_seq_num"; /** + * Name of the request attribute that stores the sequence number for a + * renewal request. Only one request at a time is permitted for a renewal. + * This value corresponds to the sequence number (and hence the appropriate + * certificate) of the original request + */ + public static final String CTX_RENEWAL_SEQ_NUM = "renewal_seq_num"; + + /** + * Name of request attribute to indicate if this is a renewal + */ + public static final String CTX_RENEWAL = "renewal"; + + /** * Name of request attribute that stores the End-User Supplied * Key. * <p> diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java index e889904a0..502c3f7cf 100644 --- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java +++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java @@ -87,6 +87,8 @@ public abstract class EnrollProfile extends BasicProfile // determine how many requests should be created String cert_request_type = ctx.get(CTX_CERT_REQUEST_TYPE); String cert_request = ctx.get(CTX_CERT_REQUEST); + String is_renewal = ctx.get(CTX_RENEWAL); + Integer renewal_seq_num = 0; /* cert_request_type can be null for the case of CMC */ if (cert_request_type == null) { @@ -113,12 +115,28 @@ public abstract class EnrollProfile extends BasicProfile num_requests = msgs.length; } + // only 1 request for renewal + if ((is_renewal != null) && (is_renewal.equals("true"))) { + num_requests = 1; + String renewal_seq_num_str = ctx.get(CTX_RENEWAL_SEQ_NUM); + if (renewal_seq_num_str != null) { + renewal_seq_num = Integer.parseInt(renewal_seq_num_str); + } else { + renewal_seq_num =0; + } + } + + // populate requests with appropriate content IRequest result[] = new IRequest[num_requests]; for (int i = 0; i < num_requests; i++) { result[i] = createEnrollmentRequest(); - result[i].setExtData(REQUEST_SEQ_NUM, Integer.valueOf(i)); + if ((is_renewal != null) && (is_renewal.equals("true"))) { + result[i].setExtData(REQUEST_SEQ_NUM,renewal_seq_num); + } else { + result[i].setExtData(REQUEST_SEQ_NUM, Integer.valueOf(i)); + } if (locale != null) { result[i].setExtData(REQUEST_LOCALE, locale.getLanguage()); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java index 6280ae7bc..894ecd49d 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java @@ -518,6 +518,7 @@ public class ProfileSubmitServlet extends ProfileServlet { String renewProfileId = null; IRequest origReq = null; + Integer origSeqNum = 0; // if we did not configure profileId in xml file, // then accept the user-provided one @@ -717,6 +718,8 @@ public class ProfileSubmitServlet extends ProfileServlet { outputTemplate(request, response, args); return; } + origSeqNum = origReq.getExtDataInInteger(IEnrollProfile.REQUEST_SEQ_NUM); + } else { //if origReq CMS.debug("ProfileSubmitServlet: renewal original request not found for request id "+ rid); args.set(ARG_ERROR_CODE, "1"); @@ -883,8 +886,9 @@ public class ProfileSubmitServlet extends ProfileServlet { // for renewal, input needs to be retrieved from the orig req record CMS.debug("ProfileSubmitServlet: set original Inputs into profile Context"); setInputsIntoContext(origReq, profile, ctx, locale); - ctx.set("renewal", "true"); + ctx.set(IEnrollProfile.CTX_RENEWAL, "true"); ctx.set("renewProfileId", renewProfileId); + ctx.set(IEnrollProfile.CTX_RENEWAL_SEQ_NUM, origSeqNum.toString()); } else { setInputsIntoContext(request, profile, ctx); } @@ -1023,7 +1027,7 @@ public class ProfileSubmitServlet extends ProfileServlet { for (int k = 0; k < reqs.length; k++) { boolean fromRA = false; String uid = ""; - + // adding parameters to request if (isRenewal) { setInputsIntoRequest(origReq, profile, reqs[k], locale); diff --git a/pki/dogtag/common/pki-common.spec b/pki/dogtag/common/pki-common.spec index 4595ee206..5e3caae55 100644 --- a/pki/dogtag/common/pki-common.spec +++ b/pki/dogtag/common/pki-common.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 59 +%define base_release 60 %define base_group System Environment/Base %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -285,6 +285,8 @@ chmod 00755 %{_datadir}/%{base_prefix}/setup/postinstall ############################################################################### %changelog +* Tue Mar 31 2009 Ade Lee <alee@redhat.com> 1.0.0-60 +- Bugzilla Bug: 481659 - Renewal: Manual user signing and encryption certificate after renewal responds with two request ids. * Mon Mar 30 2009 Ade Lee <alee@redhat.com> 1.0.0-59 - Bugzilla Bug: 472916 - Renewal: certs created during post-installation can not be renewed via profile framework * Mon Mar 30 2009 Ade Lee <alee@redhat.com> 1.0.0-58 |