diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-05-25 19:35:36 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-05-25 23:09:56 +0200 |
| commit | 5ce1212159f8055ab7534887542e1d8cb41eb15d (patch) | |
| tree | 8277ba25230bcc9356c7fcc72202f8b65c8552c5 /base/ca/src | |
| parent | 8aa94e1ca017e54454f6f6f6ebb4ee254062e822 (diff) | |
| download | pki-5ce1212159f8055ab7534887542e1d8cb41eb15d.tar.gz pki-5ce1212159f8055ab7534887542e1d8cb41eb15d.tar.xz pki-5ce1212159f8055ab7534887542e1d8cb41eb15d.zip | |
Refactored CRLIssuingPoint.generateDeltaCRL().
The code related to delta CRL generation has been moved into
generateDeltaCRL().
https://pagure.io/dogtagpki/issue/2651
Change-Id: Ic38c654cea03fe8748bd9663b5414fbe8e762f26
Diffstat (limited to 'base/ca/src')
| -rw-r--r-- | base/ca/src/com/netscape/ca/CRLIssuingPoint.java | 102 |
1 files changed, 54 insertions, 48 deletions
diff --git a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java index 3764adf1b..feca02a69 100644 --- a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java +++ b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java @@ -2607,51 +2607,15 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { mSplits[5] += System.currentTimeMillis(); } else { if (isDeltaCRLEnabled()) { - mSplits[1] -= System.currentTimeMillis(); - @SuppressWarnings("unchecked") - Hashtable<BigInteger, RevokedCertificate> deltaCRLCerts = - (Hashtable<BigInteger, RevokedCertificate>) clonedRevokedCerts.clone(); - deltaCRLCerts.putAll(clonedUnrevokedCerts); - if (mIncludeExpiredCertsOneExtraTime) { - if (!clonedExpiredCerts.isEmpty()) { - for (Enumeration<BigInteger> e = clonedExpiredCerts.keys(); e.hasMoreElements();) { - BigInteger serialNumber = e.nextElement(); - if ((mLastFullUpdate != null && - mLastFullUpdate.after((mExpiredCerts.get(serialNumber)).getRevocationDate())) || - mLastFullUpdate == null) { - deltaCRLCerts.put(serialNumber, clonedExpiredCerts.get(serialNumber)); - } - } - } - } else { - deltaCRLCerts.putAll(clonedExpiredCerts); - } - - mLastCRLNumber = mCRLNumber; - - CRLExtensions ext = generateCRLExtensions(FreshestCRLExtension.NAME); - - mSplits[1] += System.currentTimeMillis(); + generateDeltaCRL( + clonedRevokedCerts, + clonedUnrevokedCerts, + clonedExpiredCerts, + signingAlgorithm, + thisUpdate, + nextDeltaUpdate); - X509CRLImpl newX509DeltaCRL = generateDeltaCRL( - deltaCRLCerts, signingAlgorithm, thisUpdate, nextDeltaUpdate, ext); - - try { - mSplits[4] -= System.currentTimeMillis(); - publishCRL(newX509DeltaCRL, true); - mSplits[4] += System.currentTimeMillis(); - } catch (EBaseException e) { - newX509DeltaCRL = null; - if (Debug.on()) - Debug.printStackTrace(e); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); - } catch (OutOfMemoryError e) { - newX509DeltaCRL = null; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); - } } else { mDeltaCRLSize = -1; } @@ -2780,12 +2744,41 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { return ext; } - X509CRLImpl generateDeltaCRL( - Hashtable<BigInteger, RevokedCertificate> deltaCRLCerts, + void generateDeltaCRL( + Hashtable<BigInteger, RevokedCertificate> clonedRevokedCerts, + Hashtable<BigInteger, RevokedCertificate> clonedUnrevokedCerts, + Hashtable<BigInteger, RevokedCertificate> clonedExpiredCerts, String signingAlgorithm, Date thisUpdate, - Date nextDeltaUpdate, - CRLExtensions ext) { + Date nextDeltaUpdate) { + + mSplits[1] -= System.currentTimeMillis(); + + @SuppressWarnings("unchecked") + Hashtable<BigInteger, RevokedCertificate> deltaCRLCerts = + (Hashtable<BigInteger, RevokedCertificate>) clonedRevokedCerts.clone(); + + deltaCRLCerts.putAll(clonedUnrevokedCerts); + + if (mIncludeExpiredCertsOneExtraTime) { + + for (Enumeration<BigInteger> e = clonedExpiredCerts.keys(); e.hasMoreElements();) { + BigInteger serialNumber = e.nextElement(); + if (mLastFullUpdate == null || + mLastFullUpdate.after(mExpiredCerts.get(serialNumber).getRevocationDate())) { + deltaCRLCerts.put(serialNumber, clonedExpiredCerts.get(serialNumber)); + } + } + + } else { + deltaCRLCerts.putAll(clonedExpiredCerts); + } + + mLastCRLNumber = mCRLNumber; + + CRLExtensions ext = generateCRLExtensions(FreshestCRLExtension.NAME); + + mSplits[1] += System.currentTimeMillis(); X509CRLImpl newX509DeltaCRL = null; @@ -2868,7 +2861,20 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable { mDeltaCRLSize = -1; } - return newX509DeltaCRL; + try { + mSplits[4] -= System.currentTimeMillis(); + publishCRL(newX509DeltaCRL, true); + mSplits[4] += System.currentTimeMillis(); + + } catch (EBaseException e) { + CMS.debug(e); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); + } catch (OutOfMemoryError e) { + CMS.debug(e); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_CA_ISSUING_PUBLISH_DELTA", mCRLNumber.toString(), e.toString())); + } } X509CRLImpl generateFullCRL( |