diff options
| author | Ade Lee <alee@redhat.com> | 2016-04-15 14:36:00 -0400 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2016-04-15 15:06:13 -0400 |
| commit | 0c5fb1e398510391187054a465c6460042bfc0b2 (patch) | |
| tree | 4bd9e90039b0732d3f25f2760b59a7047a89baf9 /base/ca/src/com/netscape/ca/CertificateAuthority.java | |
| parent | 88e963d55bdf4cb9799ef665a72f8855fc00c4da (diff) | |
| download | pki-0c5fb1e398510391187054a465c6460042bfc0b2.tar.gz pki-0c5fb1e398510391187054a465c6460042bfc0b2.tar.xz pki-0c5fb1e398510391187054a465c6460042bfc0b2.zip | |
Add script to enable USN plugin
New authority monitor code requires the USN plugin to be
enabled in the database to ensure that the entryUSN attribute
is added to authority entries.
In the case where this plugin was disabled, accessing this
attribute resulted in a null pointer exception whch prevented server
startup.
The code has been changed so as not to throw a null pointer exception
on startup if the entryusn is not present, and also to call an LDIF
to enable the plugin when a subsystem is configured through pkispawn.
Diffstat (limited to 'base/ca/src/com/netscape/ca/CertificateAuthority.java')
| -rw-r--r-- | base/ca/src/com/netscape/ca/CertificateAuthority.java | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/base/ca/src/com/netscape/ca/CertificateAuthority.java b/base/ca/src/com/netscape/ca/CertificateAuthority.java index d96b88414..37f1e95fc 100644 --- a/base/ca/src/com/netscape/ca/CertificateAuthority.java +++ b/base/ca/src/com/netscape/ca/CertificateAuthority.java @@ -163,7 +163,6 @@ import netscape.ldap.LDAPSearchResults; import netscape.ldap.controls.LDAPEntryChangeControl; import netscape.ldap.controls.LDAPPersistSearchControl; import netscape.ldap.util.DN; - import netscape.security.pkcs.PKCS10; import netscape.security.util.DerOutputStream; import netscape.security.util.DerValue; @@ -3003,8 +3002,14 @@ public class CertificateAuthority AuthorityID aid = new AuthorityID((String) aidAttr.getStringValues().nextElement()); - Integer newEntryUSN = new Integer( - entry.getAttribute("entryUSN").getStringValueArray()[0]); + LDAPAttribute entryUSN = entry.getAttribute("entryUSN"); + if (entryUSN == null) { + log(ILogger.LL_FAILURE, "Authority entry has no entryUSN. " + + "This is likely because the USN plugin is not enabled in the database"); + return; + } + + Integer newEntryUSN = new Integer(entryUSN.getStringValueArray()[0]); CMS.debug("readAuthority: new entryUSN = " + newEntryUSN); Integer knownEntryUSN = entryUSNs.get(aid); if (knownEntryUSN != null) { @@ -3085,7 +3090,7 @@ public class CertificateAuthority AuthorityID aid = null; attr = entry.getAttribute("authorityID"); if (attr != null) { - aid = new AuthorityID((String) attr.getStringValueArray()[0]); + aid = new AuthorityID(attr.getStringValueArray()[0]); forgetAuthority(aid); } } |