diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2016-03-31 13:08:48 +1100 |
---|---|---|
committer | Fraser Tweedale <ftweedal@redhat.com> | 2016-04-14 16:07:16 +1000 |
commit | 536312af6798ca688556f559f8bdc76e2ba53e4d (patch) | |
tree | d4242b623213e1e76f78d19d5e5718a34198ef68 /base/ca/src | |
parent | 908c75dcefcb5030b2e3328835c506bf4c53704f (diff) | |
download | pki-536312af6798ca688556f559f8bdc76e2ba53e4d.tar.gz pki-536312af6798ca688556f559f8bdc76e2ba53e4d.tar.xz pki-536312af6798ca688556f559f8bdc76e2ba53e4d.zip |
Lightweight CAs: avoid repeat definition of authorities DN
Part of: https://fedorahosted.org/pki/ticket/1625
Diffstat (limited to 'base/ca/src')
-rw-r--r-- | base/ca/src/com/netscape/ca/CertificateAuthority.java | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/base/ca/src/com/netscape/ca/CertificateAuthority.java b/base/ca/src/com/netscape/ca/CertificateAuthority.java index a44482a77..951521d04 100644 --- a/base/ca/src/com/netscape/ca/CertificateAuthority.java +++ b/base/ca/src/com/netscape/ca/CertificateAuthority.java @@ -525,6 +525,11 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori } } + private String authorityBaseDN() { + return "ou=authorities,ou=" + getId() + + "," + getDBSubsystem().getBaseDN(); + } + private void initCRLPublisher() throws EBaseException { // instantiate CRL publisher if (!isHostAuthority()) { @@ -1984,14 +1989,12 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori private void loadLightweightCAs() throws EBaseException { LDAPConnection conn = dbFactory.getConn(); - String searchDN = "ou=authorities,ou=" + getId() - + "," + getDBSubsystem().getBaseDN(); LDAPSearchResults results = null; boolean foundHostAuthority = false; boolean haveLightweightCAsContainer = true; try { results = conn.search( - searchDN, LDAPConnection.SCOPE_ONE, + authorityBaseDN(), LDAPConnection.SCOPE_ONE, "(objectclass=authority)", null, false); while (results.hasMoreElements()) { @@ -2059,7 +2062,7 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori } catch (LDAPException e) { if (e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT) { CMS.debug( - "Missing lightweight CAs container '" + searchDN + "Missing lightweight CAs container '" + authorityBaseDN() + "'. Disabling lightweight CAs."); haveLightweightCAsContainer = false; } else { @@ -2522,8 +2525,7 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori String nickname = hostCA.getNickname() + " " + aidString; // build database entry - String dn = "cn=" + aidString + ",ou=authorities,ou=" - + getId() + "," + getDBSubsystem().getBaseDN(); + String dn = "cn=" + aidString + "," + authorityBaseDN(); CMS.debug("createSubCA: DN = " + dn); String parentDNString = null; try { @@ -2641,8 +2643,7 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori String aidString = aid.toString(); // build database entry - String dn = "cn=" + aidString + ",ou=authorities,ou=" - + getId() + "," + getDBSubsystem().getBaseDN(); + String dn = "cn=" + aidString + "," + authorityBaseDN(); String dnString = null; try { dnString = mName.toLdapDNString(); @@ -2726,8 +2727,7 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori } if (mods.size() > 0) { - String dn = "cn=" + authorityID.toString() + ",ou=authorities,ou=" - + getId() + "," + getDBSubsystem().getBaseDN(); + String dn = "cn=" + authorityID.toString() + "," + authorityBaseDN(); // connect to database LDAPConnection conn = dbFactory.getConn(); @@ -2768,8 +2768,7 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori // delete ldap entry LDAPConnection conn = dbFactory.getConn(); - String dn = "cn=" + authorityID.toString() + ",ou=authorities,ou=" - + getId() + "," + getDBSubsystem().getBaseDN(); + String dn = "cn=" + authorityID.toString() + "," + authorityBaseDN(); try { conn.delete(dn); } catch (LDAPException e) { |