summaryrefslogtreecommitdiffstats
path: root/base/common/src
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-09-18 10:37:06 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-09-19 12:17:48 -0500
commit947ab8aa80c430bdec9ecfced19074c3bbd661c2 (patch)
tree714f711aa093f114a14df58bdc4b78169b9f0b6c /base/common/src
parent715d89dee392b9005ac493d8f354b0d8f96652bd (diff)
Removed duplicate DN escaping methods.
The duplicate methods to escape DN value have been removed. The codes that used the duplicate methods have been modified to use LDAPUtil.escapeDN(). Ticket #193
Diffstat (limited to 'base/common/src')
-rw-r--r--base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java6
-rw-r--r--base/common/src/com/netscape/cms/profile/def/EnrollDefault.java40
-rw-r--r--base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java5
-rw-r--r--base/common/src/com/netscape/cms/servlet/base/CMSServlet.java40
-rw-r--r--base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java4
-rw-r--r--base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java3
-rw-r--r--base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java7
-rw-r--r--base/common/src/com/netscape/cms/servlet/processors/Processor.java39
8 files changed, 14 insertions, 130 deletions
diff --git a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
index 5ae8596ba..832a1c5f4 100644
--- a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
+++ b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
@@ -824,12 +824,12 @@ public class CertSearchRequest {
lf.append("(x509cert.subject=*");
lf.append(avaName);
lf.append("=");
- lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param, false)));
+ lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param)));
lf.append(",*)");
lf.append("(x509cert.subject=*");
lf.append(avaName);
lf.append("=");
- lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param, false)));
+ lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param)));
lf.append(")");
lf.append(")");
} else {
@@ -837,7 +837,7 @@ public class CertSearchRequest {
lf.append(avaName);
lf.append("=");
lf.append("*");
- lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param, false)));
+ lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param)));
lf.append("*)");
}
}
diff --git a/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java b/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java
index 162d1647c..53ec23b40 100644
--- a/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java
@@ -772,44 +772,4 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe
}
return p.substitute2("request", attrSet);
}
-
- protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) {
- StringBuffer result = new StringBuffer();
-
- // Do we need to escape any characters
- for (int i = 0; i < v.length(); i++) {
- int c = v.charAt(i);
- if (c == ',' || c == '=' || c == '+' || c == '<' ||
- c == '>' || c == '#' || c == ';' || c == '\r' ||
- c == '\n' || c == '\\' || c == '"') {
- if ((c == 0x5c) && ((i + 1) < v.length())) {
- int nextC = v.charAt(i + 1);
- if ((c == 0x5c) && (nextC == ',' || nextC == '=' || nextC == '+' ||
- nextC == '<' || nextC == '>' || nextC == '#' ||
- nextC == ';' || nextC == '\r' || nextC == '\n' ||
- nextC == '\\' || nextC == '"')) {
- if (doubleEscape)
- result.append('\\');
- } else {
- result.append('\\');
- if (doubleEscape)
- result.append('\\');
- }
- } else {
- result.append('\\');
- if (doubleEscape)
- result.append('\\');
- }
- }
- if (c == '\r') {
- result.append("0D");
- } else if (c == '\n') {
- result.append("0A");
- } else {
- result.append((char) c);
- }
- }
- return result;
- }
-
}
diff --git a/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
index dff36748c..01cc73aba 100644
--- a/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
@@ -40,6 +40,7 @@ import com.netscape.certsrv.property.Descriptor;
import com.netscape.certsrv.property.EPropertyException;
import com.netscape.certsrv.property.IDescriptor;
import com.netscape.certsrv.request.IRequest;
+import com.netscape.cmsutil.ldap.LDAPUtil;
/**
* This class implements an enrollment default policy
@@ -429,8 +430,8 @@ public class nsTokenUserKeySubjectNameDefault extends EnrollDefault {
String[] sla = la.getStringValueArray();
CMS.debug("nsTokenUserKeySubjectNameDefault: getSubjectName(): got attribute: "
+ mLdapStringAttrs[i] +
- "=" + escapeValueRfc1779(sla[0], false).toString());
- request.setExtData(mLdapStringAttrs[i], escapeValueRfc1779(sla[0], false).toString());
+ "=" + LDAPUtil.escapeDN(sla[0]));
+ request.setExtData(mLdapStringAttrs[i], LDAPUtil.escapeDN(sla[0]));
}
}
CMS.debug("pattern = " + pattern);
diff --git a/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
index a4922ab25..72ced2c53 100644
--- a/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
+++ b/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
@@ -2257,44 +2257,4 @@ public abstract class CMSServlet extends HttpServlet {
CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", ee.toString()));
}
}
-
- protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) {
- StringBuffer result = new StringBuffer();
-
- // Do we need to escape any characters
- for (int i = 0; i < v.length(); i++) {
- int c = v.charAt(i);
- if (c == ',' || c == '=' || c == '+' || c == '<' ||
- c == '>' || c == '#' || c == ';' || c == '\r' ||
- c == '\n' || c == '\\' || c == '"') {
- if ((c == 0x5c) && ((i + 1) < v.length())) {
- int nextC = v.charAt(i + 1);
- if ((c == 0x5c) && (nextC == ',' || nextC == '=' || nextC == '+' ||
- nextC == '<' || nextC == '>' || nextC == '#' ||
- nextC == ';' || nextC == '\r' || nextC == '\n' ||
- nextC == '\\' || nextC == '"')) {
- if (doubleEscape)
- result.append('\\');
- } else {
- result.append('\\');
- if (doubleEscape)
- result.append('\\');
- }
- } else {
- result.append('\\');
- if (doubleEscape)
- result.append('\\');
- }
- }
- if (c == '\r') {
- result.append("0D");
- } else if (c == '\n') {
- result.append("0A");
- } else {
- result.append((char) c);
- }
- }
- return result;
- }
-
}
diff --git a/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java b/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java
index 4acc94d07..4e24b5862 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java
@@ -43,6 +43,7 @@ import com.netscape.certsrv.request.INotify;
import com.netscape.certsrv.request.IRequest;
import com.netscape.certsrv.request.RequestStatus;
import com.netscape.cms.servlet.processors.Processor;
+import com.netscape.cmsutil.ldap.LDAPUtil;
public class CertProcessor extends Processor {
@@ -98,8 +99,7 @@ public class CertProcessor extends Processor {
// special characters in subject names parameters must be escaped
if (inputName.matches("^sn_.*")) {
req.setExtData(inputName,
- escapeValueRfc1779(dataInputs.get(inputName), false)
- .toString());
+ LDAPUtil.escapeDN(dataInputs.get(inputName)));
} else {
req.setExtData(inputName, dataInputs.get(inputName));
}
diff --git a/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java b/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
index 911b30fa3..03d0bb20c 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
@@ -39,6 +39,7 @@ import com.netscape.certsrv.profile.ProfileInput;
import com.netscape.certsrv.request.IRequest;
import com.netscape.cms.servlet.common.CMSRequest;
import com.netscape.cms.servlet.profile.SSLClientCertProvider;
+import com.netscape.cmsutil.ldap.LDAPUtil;
public class EnrollmentProcessor extends CertProcessor {
@@ -69,7 +70,7 @@ public class EnrollmentProcessor extends CertProcessor {
if (dataInputs.containsKey(inputName)) {
// all subject name parameters start with sn_, no other input parameters do
if (inputName.matches("^sn_.*")) {
- ctx.set(inputName, escapeValueRfc1779(dataInputs.get(inputName), false).toString());
+ ctx.set(inputName, LDAPUtil.escapeDN(dataInputs.get(inputName)));
} else {
ctx.set(inputName, dataInputs.get(inputName));
}
diff --git a/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java b/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
index d538ce675..b35ca054c 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
@@ -58,6 +58,7 @@ import com.netscape.cms.servlet.common.CMSRequest;
import com.netscape.cms.servlet.common.CMSTemplate;
import com.netscape.cms.servlet.common.CMSTemplateParams;
import com.netscape.cms.servlet.common.ECMSGWException;
+import com.netscape.cmsutil.ldap.LDAPUtil;
/**
* Search for certificates matching complex query filter
@@ -224,12 +225,12 @@ public class SrchCerts extends CMSServlet {
lf.append("(x509cert.subject=*");
lf.append(avaName);
lf.append("=");
- lf.append(escapeValueRfc1779(val, true));
+ lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(val)));
lf.append(",*)");
lf.append("(x509cert.subject=*");
lf.append(avaName);
lf.append("=");
- lf.append(escapeValueRfc1779(val, true));
+ lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(val)));
lf.append(")");
lf.append(")");
} else {
@@ -237,7 +238,7 @@ public class SrchCerts extends CMSServlet {
lf.append(avaName);
lf.append("=");
lf.append("*");
- lf.append(escapeValueRfc1779(val, true));
+ lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(val)));
lf.append("*)");
}
}
diff --git a/base/common/src/com/netscape/cms/servlet/processors/Processor.java b/base/common/src/com/netscape/cms/servlet/processors/Processor.java
index a39ba715b..fdbc85dd5 100644
--- a/base/common/src/com/netscape/cms/servlet/processors/Processor.java
+++ b/base/common/src/com/netscape/cms/servlet/processors/Processor.java
@@ -294,45 +294,6 @@ public class Processor {
CMS.debug("End of CertProcessor Input Parameters");
}
- protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) {
- StringBuffer result = new StringBuffer();
-
- // Do we need to escape any characters
- for (int i = 0; i < v.length(); i++) {
- int c = v.charAt(i);
- if (c == ',' || c == '=' || c == '+' || c == '<' ||
- c == '>' || c == '#' || c == ';' || c == '\r' ||
- c == '\n' || c == '\\' || c == '"') {
- if ((c == 0x5c) && ((i + 1) < v.length())) {
- int nextC = v.charAt(i + 1);
- if ((c == 0x5c) && (nextC == ',' || nextC == '=' || nextC == '+' ||
- nextC == '<' || nextC == '>' || nextC == '#' ||
- nextC == ';' || nextC == '\r' || nextC == '\n' ||
- nextC == '\\' || nextC == '"')) {
- if (doubleEscape)
- result.append('\\');
- } else {
- result.append('\\');
- if (doubleEscape)
- result.append('\\');
- }
- } else {
- result.append('\\');
- if (doubleEscape)
- result.append('\\');
- }
- }
- if (c == '\r') {
- result.append("0D");
- } else if (c == '\n') {
- result.append("0A");
- } else {
- result.append((char) c);
- }
- }
- return result;
- }
-
/**
* get ssl client authenticated certificate
*/
generated by cgit (git 2.34.1) at 2026-03-20 22:38:13 +0000