Fixed synchronization problem in CertificateRepository.

Some synchronized methods in CertificateRepository may block modifyCeritifcateRecord() too long, so they have been moved into CRLIssuingPoint and CertStatusUpdateThread. Ticket #313
author: Endi Sukma Dewata <edewata@redhat.com> 2012-09-25 21:40:04 -0500
committer: Endi Sukma Dewata <edewata@redhat.com> 2012-10-29 10:38:29 -0500
commit: 748605a324266bb515a3d1124bc55deb3be4df71 (patch)
tree: 988b4c622c6e2ca7df8c260d94a1cad088f0b390 /base/ca
parent: 5eab7fedf1c78610b5e030b9e07e93f32633e9ad (diff)
download: pki-748605a324266bb515a3d1124bc55deb3be4df71.tar.gz
pki-748605a324266bb515a3d1124bc55deb3be4df71.tar.xz
pki-748605a324266bb515a3d1124bc55deb3be4df71.zip
1 files changed, 25 insertions, 1 deletions
diff --git a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
index c29bc326d..db30d3988 100644
--- a/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
+++ b/base/ca/src/com/netscape/ca/CRLIssuingPoint.java
@@ -62,6 +62,8 @@ import com.netscape.certsrv.common.Constants;
 import com.netscape.certsrv.common.NameValuePairs;
 import com.netscape.certsrv.dbs.EDBNotAvailException;
 import com.netscape.certsrv.dbs.IElementProcessor;
+import com.netscape.certsrv.dbs.certdb.ICertRecord;
+import com.netscape.certsrv.dbs.certdb.ICertRecordList;
 import com.netscape.certsrv.dbs.certdb.ICertificateRepository;
 import com.netscape.certsrv.dbs.certdb.IRevocationInfo;
 import com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord;
@@ -1868,7 +1870,29 @@ public class CRLIssuingPoint implements ICRLIssuingPoint, Runnable {
      */
     public void processRevokedCerts(IElementProcessor p)
             throws EBaseException {
-        mCertRepository.processRevokedCerts(p, getFilter(), mPageSize);
+        CertRecProcessor cp = (CertRecProcessor) p;
+        String filter = getFilter();
+
+        // NOTE: dangerous cast.
+        // correct way would be to modify interface and add
+        // accessor but we don't want to touch the interface
+        CertificateRepository cr = (CertificateRepository) mCertRepository;
+
+        synchronized (cr.certStatusUpdateTask) {
+            CMS.debug("Starting processRevokedCerts (entered lock)");
+            ICertRecordList list = mCertRepository.findCertRecordsInList(
+                    filter,
+                    new String[] {
+                            ICertRecord.ATTR_ID, ICertRecord.ATTR_REVO_INFO, "objectclass"
+                    },
+                    "serialno",
+                    mPageSize);
+
+            int totalSize = list.getSize();
+
+            list.processCertRecords(0, totalSize - 1, cp);
+            CMS.debug("processRevokedCerts done");
+        }
     }
 
     /**
author	Endi Sukma Dewata <edewata@redhat.com>	2012-09-25 21:40:04 -0500
committer	Endi Sukma Dewata <edewata@redhat.com>	2012-10-29 10:38:29 -0500
commit	748605a324266bb515a3d1124bc55deb3be4df71 (patch)
tree	988b4c622c6e2ca7df8c260d94a1cad088f0b390 /base/ca
parent	5eab7fedf1c78610b5e030b9e07e93f32633e9ad (diff)
download	pki-748605a324266bb515a3d1124bc55deb3be4df71.tar.gz pki-748605a324266bb515a3d1124bc55deb3be4df71.tar.xz pki-748605a324266bb515a3d1124bc55deb3be4df71.zip