diff options
| author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:27:47 -0500 |
|---|---|---|
| committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-26 11:43:54 -0500 |
| commit | 621d9e5c413e561293d7484b93882d985b3fe15f (patch) | |
| tree | 638f3d75761c121d9a8fb50b52a12a6686c5ac5c /base/migrate | |
| parent | 40d3643b8d91886bf210aa27f711731c81a11e49 (diff) | |
| download | pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip | |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'base/migrate')
169 files changed, 27591 insertions, 0 deletions
diff --git a/base/migrate/41ToTxt/classes/CMS41LdifParser.class b/base/migrate/41ToTxt/classes/CMS41LdifParser.class Binary files differnew file mode 100644 index 000000000..b787984a2 --- /dev/null +++ b/base/migrate/41ToTxt/classes/CMS41LdifParser.class diff --git a/base/migrate/41ToTxt/classes/Main.class b/base/migrate/41ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..87854eb4d --- /dev/null +++ b/base/migrate/41ToTxt/classes/Main.class diff --git a/base/migrate/41ToTxt/run.bat b/base/migrate/41ToTxt/run.bat new file mode 100755 index 000000000..35a5fda9f --- /dev/null +++ b/base/migrate/41ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 4.1 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 4.1 ldif text file. +REM +REM This subsequent normalized CMS 4.1 ldif text file +REM can be migrated into CMS 6.0 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 4.1 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms41 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\base\jre\bin;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\bin\jssjava.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss.jar;%SERVER_ROOT%\bin\cert\jars\jssjdk12.jar;%SERVER_ROOT%\bin\base\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/41ToTxt/run.sh b/base/migrate/41ToTxt/run.sh new file mode 100755 index 000000000..390195ea1 --- /dev/null +++ b/base/migrate/41ToTxt/run.sh @@ -0,0 +1,191 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 4.1 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 4.1 ldif text file. ### +### ### +### This subsequent normalized CMS 4.1 ldif text file ### +### can be migrated into CMS 6.0 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 4.1 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms41 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.1" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform (SunOS) +### + +LD_LIBRARY_PATH=${SERVER_ROOT}/bin/base/jre/lib:${SERVER_ROOT}/bin/base/jre/lib/sparc/native_threads +export LD_LIBRARY_PATH + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### + +${SERVER_ROOT}/bin/cert/bin/jssjava -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss.jar:${SERVER_ROOT}/bin/cert/jars/jssjdk12.jar:${SERVER_ROOT}/bin/base/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jre/lib/i18n.jar Main $1 $2 + diff --git a/base/migrate/41ToTxt/src/Main.java b/base/migrate/41ToTxt/src/Main.java new file mode 100644 index 000000000..758d725a9 --- /dev/null +++ b/base/migrate/41ToTxt/src/Main.java @@ -0,0 +1,464 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +// +// "41ToTxt/src/Main.java" represents the initial CMS "ToTxt" migration file. +// +// Always comment any new code sections with a "CMS 4.1" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import com.netscape.jss.*; // CMS 4.1/4.2/4.2 (SP 2) +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.1/4.2/4.2 (SP 2) + CryptoManager.initialize("./secmod.db", "./key3.db", "./cert7.db"); + // load JSS provider in CMS 4.1/4.2/4.2 (SP 2) + java.security.Security.removeProvider("Netscape version 1.4"); + java.security.Security.removeProvider("SunRsaSign version 1.0"); +// java.security.Security.insertProviderAt( +// new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS41LdifParser parser = null; + if (args.length == 1) { + parser = new CMS41LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS41LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS41LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.1/4.2/4.2 (SP 2)/4.5 use "requestattributes" + private static final String REQUEST_ATTRIBUTES = + "requestattributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS41LdifParser(String filename) + { + mFilename = filename; + } + + public CMS41LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.certsrv.base.ArgBlock) { + com.netscape.certsrv.base.ArgBlock o = + (com.netscape.certsrv.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.certsrv.dbs.keydb.KeyRecord) { + com.netscape.certsrv.dbs.keydb.KeyRecord o = + (com.netscape.certsrv.dbs.keydb.KeyRecord)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.certsrv.kra.ProofOfArchival) { + com.netscape.certsrv.kra.ProofOfArchival o = + (com.netscape.certsrv.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/41ToTxt/src/compile.bat b/base/migrate/41ToTxt/src/compile.bat new file mode 100755 index 000000000..fd92f3fb7 --- /dev/null +++ b/base/migrate/41ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "41ToTxt/classes/Main.class" and +REM "41ToTxt/classes/CMS41LdifParser.class" which are +REM used to create a normalized CMS 4.1 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 41ToTxt +REM + +REM SET SERVER_ROOT=C:\cms41 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 4.1 NOTE: "WINNT" - 1.1.6 +REM + +REM SET JDK_VERSION=CMS_4.1 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 41ToTxt - create "CMS41LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\lib\classes.zip;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss.jar;%SERVER_ROOT%\bin\cert\jars\jssjdk12.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/41ToTxt/src/compile.sh b/base/migrate/41ToTxt/src/compile.sh new file mode 100755 index 000000000..968190ff2 --- /dev/null +++ b/base/migrate/41ToTxt/src/compile.sh @@ -0,0 +1,150 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "41ToTxt/classes/Main.class" and ### +### "41ToTxt/classes/CMS41LdifParser.class" which are ### +### used to create a normalized CMS 4.1 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 41ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms41 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 4.1 NOTE: "SunOS" - 1.1.6 +### + +#JDK_VERSION=CMS_4.1 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.1" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform (SunOS) +### + +LD_LIBRARY_PATH=${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads +export LD_LIBRARY_PATH + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 41ToTxt - create "CMS41LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/lib/classes.zip:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss.jar:${SERVER_ROOT}/bin/cert/jars/jssjdk12.jar Main.java + diff --git a/base/migrate/42SP2ToTxt/classes/CMS42SP2LdifParser.class b/base/migrate/42SP2ToTxt/classes/CMS42SP2LdifParser.class Binary files differnew file mode 100644 index 000000000..dbf8a1170 --- /dev/null +++ b/base/migrate/42SP2ToTxt/classes/CMS42SP2LdifParser.class diff --git a/base/migrate/42SP2ToTxt/classes/Main.class b/base/migrate/42SP2ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..d881f3560 --- /dev/null +++ b/base/migrate/42SP2ToTxt/classes/Main.class diff --git a/base/migrate/42SP2ToTxt/run.bat b/base/migrate/42SP2ToTxt/run.bat new file mode 100755 index 000000000..ec2a5d6ff --- /dev/null +++ b/base/migrate/42SP2ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 4.2 (SP 2) ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 4.2 (SP 2) ldif text file. +REM +REM This subsequent normalized CMS 4.2 (SP 2) ldif text file +REM can be migrated into CMS 6.0 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 4.2 (SP 2) ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms43 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.2 (SP 2)" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\hotspot;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss21.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/42SP2ToTxt/run.sh b/base/migrate/42SP2ToTxt/run.sh new file mode 100755 index 000000000..79a203700 --- /dev/null +++ b/base/migrate/42SP2ToTxt/run.sh @@ -0,0 +1,205 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 4.2 (SP 2) ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 4.2 (SP 2) ldif text file. ### +### ### +### This subsequent normalized CMS 4.2 (SP 2) ldif text file ### +### can be migrated into CMS 6.0 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 4.2 (SP 2) ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms43 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.2 (SP 2)" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "AIX" ] ; then + LIBPATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/aix/native_threads + export LIBPATH +elif [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +elif [ ${OS_NAME} = "OSF1" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/alpha/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss21.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jre/lib/i18n.jar Main $1 $2 + diff --git a/base/migrate/42SP2ToTxt/src/Main.java b/base/migrate/42SP2ToTxt/src/Main.java new file mode 100644 index 000000000..1a324d8ee --- /dev/null +++ b/base/migrate/42SP2ToTxt/src/Main.java @@ -0,0 +1,467 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "42SP2ToTxt/src/Main.java" is based upon a copy "42ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 4.2 (SP 2)" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 42ToTxt/src/Main.java 42SP2ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import com.netscape.jss.*; // CMS 4.1/4.2/4.2 (SP 2) +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.1/4.2/4.2 (SP 2) + CryptoManager.initialize("./secmod.db", "./key3.db", "./cert7.db"); + // load JSS provider in CMS 4.1/4.2/4.2 (SP 2) + java.security.Security.removeProvider("Netscape version 1.4"); + java.security.Security.removeProvider("SunRsaSign version 1.0"); +// java.security.Security.insertProviderAt( +// new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS42SP2LdifParser parser = null; + if (args.length == 1) { + parser = new CMS42SP2LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS42SP2LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS42SP2LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.1/4.2/4.2 (SP 2)/4.5 use "requestattributes" + private static final String REQUEST_ATTRIBUTES = + "requestattributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS42SP2LdifParser(String filename) + { + mFilename = filename; + } + + public CMS42SP2LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.certsrv.base.ArgBlock) { + com.netscape.certsrv.base.ArgBlock o = + (com.netscape.certsrv.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.certsrv.dbs.keydb.KeyRecord) { + com.netscape.certsrv.dbs.keydb.KeyRecord o = + (com.netscape.certsrv.dbs.keydb.KeyRecord)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.certsrv.kra.ProofOfArchival) { + com.netscape.certsrv.kra.ProofOfArchival o = + (com.netscape.certsrv.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/42SP2ToTxt/src/compile.bat b/base/migrate/42SP2ToTxt/src/compile.bat new file mode 100755 index 000000000..5b6c11566 --- /dev/null +++ b/base/migrate/42SP2ToTxt/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "42SP2ToTxt/classes/Main.class" and +REM "42SP2ToTxt/classes/CMS42SP2LdifParser.class" which are +REM used to create a normalized CMS 4.2 (SP 2) ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 42SP2ToTxt +REM + +REM SET SERVER_ROOT=C:\cms43 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 4.2 (SP 2) NOTE: "WINNT" - 1.3.0 +REM +REM CMS 4.2 (SP 2) CONSOLE NOTE: "WINNT" - 1.1.7A +REM + +REM SET JDK_VERSION=CMS_4.3 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.2 (SP 2)" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 42SP2ToTxt - create "CMS42SP2LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss21.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/42SP2ToTxt/src/compile.sh b/base/migrate/42SP2ToTxt/src/compile.sh new file mode 100755 index 000000000..26aa6140b --- /dev/null +++ b/base/migrate/42SP2ToTxt/src/compile.sh @@ -0,0 +1,174 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "42SP2ToTxt/classes/Main.class" and ### +### "42SP2ToTxt/classes/CMS42SP2LdifParser.class" which are ### +### used to create a normalized CMS 4.2 (SP 2) ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 42SP2ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms42sp2 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "AIX", "HP-UX", "Linux", "OSF1", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 4.2 (SP 2) NOTE: "AIX" - 1.3.0 +### "HP-UX" - 1.3.0.00 +### "Linux" - 1.3.0 +### "OSF1" - 1.3.0-1 +### "SunOS" - 1.3.0 +### +### CMS 4.2 (SP 2) CONSOLE NOTE: "AIX" - 1.1.6_10 +### "HP-UX" - 1.1.6 +### "Linux" - 1.1.7 +### "OSF1" - 1.1.6 +### "SunOS" - 1.1.6 +### + +#JDK_VERSION=CMS_4.3 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.2 (SP 2)" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "AIX" ] ; then + LIBPATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/aix/native_threads + export LIBPATH +elif [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +elif [ ${OS_NAME} = "OSF1" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/alpha/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 42SP2ToTxt - create "CMS42SP2LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss21.jar Main.java + diff --git a/base/migrate/42ToTxt/classes/CMS42LdifParser.class b/base/migrate/42ToTxt/classes/CMS42LdifParser.class Binary files differnew file mode 100644 index 000000000..81c20523c --- /dev/null +++ b/base/migrate/42ToTxt/classes/CMS42LdifParser.class diff --git a/base/migrate/42ToTxt/classes/Main.class b/base/migrate/42ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..7a75e96c0 --- /dev/null +++ b/base/migrate/42ToTxt/classes/Main.class diff --git a/base/migrate/42ToTxt/run.bat b/base/migrate/42ToTxt/run.bat new file mode 100755 index 000000000..43300869c --- /dev/null +++ b/base/migrate/42ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 4.2 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 4.2 ldif text file. +REM +REM This subsequent normalized CMS 4.2 ldif text file +REM can be migrated into CMS 6.0 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 4.2 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms42 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\jre.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss.jar;%SERVER_ROOT%\bin\cert\jars\jssjdk12.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/42ToTxt/run.sh b/base/migrate/42ToTxt/run.sh new file mode 100755 index 000000000..3172159f1 --- /dev/null +++ b/base/migrate/42ToTxt/run.sh @@ -0,0 +1,205 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 4.2 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 4.2 ldif text file. ### +### ### +### This subsequent normalized CMS 4.2 ldif text file ### +### can be migrated into CMS 6.0 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 4.2 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms42 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.2" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "AIX" ] ; then + LIBPATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/aix/native_threads + export LIBPATH +elif [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +elif [ ${OS_NAME} = "OSF1" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/alpha/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### + +${SERVER_ROOT}/bin/cert/jre/bin/jre -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss.jar:${SERVER_ROOT}/bin/cert/jars/jssjdk12.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jre/lib/i18n.jar Main $1 $2 + diff --git a/base/migrate/42ToTxt/src/Main.java b/base/migrate/42ToTxt/src/Main.java new file mode 100644 index 000000000..55e64df08 --- /dev/null +++ b/base/migrate/42ToTxt/src/Main.java @@ -0,0 +1,467 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "42ToTxt/src/Main.java" is based upon a copy "41ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 4.2" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 41ToTxt/src/Main.java 42ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import com.netscape.jss.*; // CMS 4.1/4.2/4.2 (SP 2) +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.1/4.2/4.2 (SP 2) + CryptoManager.initialize("./secmod.db", "./key3.db", "./cert7.db"); + // load JSS provider in CMS 4.1/4.2/4.2 (SP 2) + java.security.Security.removeProvider("Netscape version 1.4"); + java.security.Security.removeProvider("SunRsaSign version 1.0"); +// java.security.Security.insertProviderAt( +// new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS42LdifParser parser = null; + if (args.length == 1) { + parser = new CMS42LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS42LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS42LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.1/4.2/4.2 (SP 2)/4.5 use "requestattributes" + private static final String REQUEST_ATTRIBUTES = + "requestattributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS42LdifParser(String filename) + { + mFilename = filename; + } + + public CMS42LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.certsrv.base.ArgBlock) { + com.netscape.certsrv.base.ArgBlock o = + (com.netscape.certsrv.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.certsrv.dbs.keydb.KeyRecord) { + com.netscape.certsrv.dbs.keydb.KeyRecord o = + (com.netscape.certsrv.dbs.keydb.KeyRecord)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.certsrv.kra.ProofOfArchival) { + com.netscape.certsrv.kra.ProofOfArchival o = + (com.netscape.certsrv.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/42ToTxt/src/compile.bat b/base/migrate/42ToTxt/src/compile.bat new file mode 100755 index 000000000..20ca0ebb5 --- /dev/null +++ b/base/migrate/42ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "42ToTxt/classes/Main.class" and +REM "42ToTxt/classes/CMS42LdifParser.class" which are +REM used to create a normalized CMS 4.2 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 42ToTxt +REM + +REM SET SERVER_ROOT=C:\cms42 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 4.2 NOTE: "WINNT" - 1.1.7A +REM + +REM SET JDK_VERSION=CMS_4.2 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 42ToTxt - create "CMS42LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\lib\classes.zip;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss.jar;%SERVER_ROOT%\bin\cert\jars\jssjdk12.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/42ToTxt/src/compile.sh b/base/migrate/42ToTxt/src/compile.sh new file mode 100755 index 000000000..e8acf71bf --- /dev/null +++ b/base/migrate/42ToTxt/src/compile.sh @@ -0,0 +1,168 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "42ToTxt/classes/Main.class" and ### +### "42ToTxt/classes/CMS42LdifParser.class" which are ### +### used to create a normalized CMS 4.2 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 42ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms42 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "AIX", "HP-UX", "Linux", "OSF1", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 4.2 NOTE: "AIX" - 1.1.6_10 +### "HP-UX" - 1.1.6 +### "Linux" - 1.1.7 +### "OSF1" - 1.1.6 +### "SunOS" - 1.1.6 +### + +#JDK_VERSION=CMS_4.2 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.2" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "AIX" ] ; then + LIBPATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/aix/native_threads + export LIBPATH +elif [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +elif [ ${OS_NAME} = "OSF1" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/alpha/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 42ToTxt - create "CMS42LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/lib/classes.zip:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss.jar:${SERVER_ROOT}/bin/cert/jars/jssjdk12.jar Main.java + diff --git a/base/migrate/45ToTxt/classes/CMS45LdifParser.class b/base/migrate/45ToTxt/classes/CMS45LdifParser.class Binary files differnew file mode 100644 index 000000000..75d4ab47c --- /dev/null +++ b/base/migrate/45ToTxt/classes/CMS45LdifParser.class diff --git a/base/migrate/45ToTxt/classes/Main.class b/base/migrate/45ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..a1f3e91c2 --- /dev/null +++ b/base/migrate/45ToTxt/classes/Main.class diff --git a/base/migrate/45ToTxt/run.bat b/base/migrate/45ToTxt/run.bat new file mode 100755 index 000000000..8dfb4e77c --- /dev/null +++ b/base/migrate/45ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 4.5 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 4.5 ldif text file. +REM +REM This subsequent normalized CMS 4.5 ldif text file +REM can be migrated into CMS 6.0 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 4.5 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms45 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.5" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\hotspot;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/45ToTxt/run.sh b/base/migrate/45ToTxt/run.sh new file mode 100755 index 000000000..f19a550d5 --- /dev/null +++ b/base/migrate/45ToTxt/run.sh @@ -0,0 +1,196 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 4.5 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 4.5 ldif text file. ### +### ### +### This subsequent normalized CMS 4.5 ldif text file ### +### can be migrated into CMS 6.0 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 4.5 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms45 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.5" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jre/lib/i18n.jar Main $1 $2 + diff --git a/base/migrate/45ToTxt/src/Main.java b/base/migrate/45ToTxt/src/Main.java new file mode 100644 index 000000000..916ca9cd1 --- /dev/null +++ b/base/migrate/45ToTxt/src/Main.java @@ -0,0 +1,469 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "45ToTxt/src/Main.java" is based upon a copy "42SP2ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 4.5" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 42SP2ToTxt/src/Main.java 45ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS45LdifParser parser = null; + if (args.length == 1) { + parser = new CMS45LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS45LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS45LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.1/4.2/4.2 (SP 2)/4.5 use "requestattributes" + private static final String REQUEST_ATTRIBUTES = + "requestattributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS45LdifParser(String filename) + { + mFilename = filename; + } + + public CMS45LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.certsrv.base.ArgBlock) { + com.netscape.certsrv.base.ArgBlock o = + (com.netscape.certsrv.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.certsrv.dbs.keydb.KeyRecord) { + com.netscape.certsrv.dbs.keydb.KeyRecord o = + (com.netscape.certsrv.dbs.keydb.KeyRecord)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.certsrv.kra.ProofOfArchival) { + com.netscape.certsrv.kra.ProofOfArchival o = + (com.netscape.certsrv.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/45ToTxt/src/compile.bat b/base/migrate/45ToTxt/src/compile.bat new file mode 100755 index 000000000..11abbf103 --- /dev/null +++ b/base/migrate/45ToTxt/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "45ToTxt/classes/Main.class" and +REM "45ToTxt/classes/CMS45LdifParser.class" which are +REM used to create a normalized CMS 4.5 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 45ToTxt +REM + +REM SET SERVER_ROOT=C:\cms45 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 4.5 NOTE: "WINNT" - 1.3.0 +REM +REM CMS 4.5 CONSOLE NOTE: "WINNT" - 1.1.7A +REM + +REM SET JDK_VERSION=CMS_4.5 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.5" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 45ToTxt - create "CMS45LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/45ToTxt/src/compile.sh b/base/migrate/45ToTxt/src/compile.sh new file mode 100755 index 000000000..a08eea1b7 --- /dev/null +++ b/base/migrate/45ToTxt/src/compile.sh @@ -0,0 +1,159 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "45ToTxt/classes/Main.class" and ### +### "45ToTxt/classes/CMS45LdifParser.class" which are ### +### used to create a normalized CMS 4.5 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 45ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms45 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "Linux" or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 4.5 NOTE: "Linux" - 1.3.0 +### "SunOS" - 1.3.0 +### +### CMS 4.5 CONSOLE NOTE: "Linux" - 1.1.7 +### "SunOS" - 1.1.6 +### + +#JDK_VERSION=CMS_4.5 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.5" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 45ToTxt - create "CMS45LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/47ToTxt/classes/CMS47LdifParser.class b/base/migrate/47ToTxt/classes/CMS47LdifParser.class Binary files differnew file mode 100644 index 000000000..79d1bc12d --- /dev/null +++ b/base/migrate/47ToTxt/classes/CMS47LdifParser.class diff --git a/base/migrate/47ToTxt/classes/Main.class b/base/migrate/47ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..7ee99ee96 --- /dev/null +++ b/base/migrate/47ToTxt/classes/Main.class diff --git a/base/migrate/47ToTxt/run.bat b/base/migrate/47ToTxt/run.bat new file mode 100755 index 000000000..e658ab410 --- /dev/null +++ b/base/migrate/47ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 4.7 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 4.7 ldif text file. +REM +REM This subsequent normalized CMS 4.7 ldif text file +REM can be migrated into CMS 6.0 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 4.7 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms47 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.7" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\hotspot;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/47ToTxt/run.sh b/base/migrate/47ToTxt/run.sh new file mode 100755 index 000000000..35a41bc90 --- /dev/null +++ b/base/migrate/47ToTxt/run.sh @@ -0,0 +1,205 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 4.7 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 4.7 ldif text file. ### +### ### +### This subsequent normalized CMS 4.7 ldif text file ### +### can be migrated into CMS 6.0 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 4.7 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms47 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.7" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "AIX" ] ; then + LIBPATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/aix/native_threads + export LIBPATH +elif [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +elif [ ${OS_NAME} = "OSF1" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/alpha/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jre/lib/i18n.jar Main $1 $2 + diff --git a/base/migrate/47ToTxt/src/Main.java b/base/migrate/47ToTxt/src/Main.java new file mode 100644 index 000000000..194c277f1 --- /dev/null +++ b/base/migrate/47ToTxt/src/Main.java @@ -0,0 +1,578 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "47ToTxt/src/Main.java" is based upon a copy "42SP2ToTxt/src/Main.java" +// with additional material provided from "45ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 4.7" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following commands: +// +// diff 42SP2ToTxt/src/Main.java 47ToTxt/src/Main.java +// diff 45ToTxt/src/Main.java 47ToTxt/src/Main.java +// +// NOTE: The "47ToTxt/src/Main.java" file will differ substantially +// from the "42SP2ToTxt/src/Main.java" and "45ToTxt/src/Main.java" +// files upon which it was based due to the changes that were +// necessary to change "iplanet" to "netscape". +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import iplanet.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new iplanet.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS47LdifParser parser = null; + if (args.length == 1) { + parser = new CMS47LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS47LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS47LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS47LdifParser(String filename) + { + mFilename = filename; + } + + public CMS47LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + String data_type = null; + String translation = null; + if (obj instanceof String) { + data_type = obj.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + System.out.println(" " + + key + ":" + translation + "=" + + obj); + } else if (obj instanceof iplanet.security.x509.CertificateX509Key) { + iplanet.security.x509.CertificateX509Key o = + (iplanet.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.CertificateX509Key" + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof iplanet.security.x509.CertificateSubjectName) { + iplanet.security.x509.CertificateSubjectName o = + (iplanet.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.CertificateSubjectName" + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof iplanet.security.x509.CertificateExtensions) { + iplanet.security.x509.CertificateExtensions o = + (iplanet.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.CertificateExtensions" + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof iplanet.security.x509.X509CertInfo) { + iplanet.security.x509.X509CertInfo o = + (iplanet.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.X509CertInfo" + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof iplanet.security.x509.X509CertImpl) { + iplanet.security.x509.X509CertImpl o = + (iplanet.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.X509CertImpl" + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof iplanet.security.x509.CertificateChain) { + iplanet.security.x509.CertificateChain o = + (iplanet.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.CertificateChain" + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof iplanet.security.x509.X509CertImpl[]) { + iplanet.security.x509.X509CertImpl o[] = + (iplanet.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.X509CertImpl" +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof iplanet.security.x509.X509CertInfo[]) { + iplanet.security.x509.X509CertInfo o[] = + (iplanet.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.X509CertInfo" + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof iplanet.security.x509.RevokedCertImpl[]) { + iplanet.security.x509.RevokedCertImpl o[] = + (iplanet.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "netscape.security.x509.RevokedCertImpl" +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + data_type = o[i].getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + translation +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.iplanet.certsrv.base.ArgBlock) { + com.iplanet.certsrv.base.ArgBlock o = + (com.iplanet.certsrv.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + "com.netscape.certsrv.base.ArgBlock" + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.iplanet.certsrv.dbs.keydb.KeyRecord) { + com.iplanet.certsrv.dbs.keydb.KeyRecord o = + (com.iplanet.certsrv.dbs.keydb.KeyRecord)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + data_type = ob.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.dbs.keydb.KeyRecord" + "=" + + k + ":" + translation + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + data_type = ob.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "com.netscape.certsrv.dbs.keydb.KeyRecord" + "=" + + k + ":" + translation + "=" + encoder.encode((byte[])ob)); + + } else { + data_type = ob.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.dbs.keydb.KeyRecord" + "=" + + k + ":" + translation + "=" + ob); + } + } + } + } else if (obj instanceof com.iplanet.certsrv.kra.ProofOfArchival) { + com.iplanet.certsrv.kra.ProofOfArchival o = + (com.iplanet.certsrv.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + "com.netscape.certsrv.kra.ProofOfArchival" + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.iplanet.certsrv.request.AgentApprovals) { + com.iplanet.certsrv.request.AgentApprovals o = + (com.iplanet.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.iplanet.certsrv.request.AgentApproval approval = (com.iplanet.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + "com.netscape.certsrv.request.AgentApprovals" + ":" + "com.netscape.certsrv.request.AgentApprovals" + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.iplanet.certsrv.authentication.AuthToken) { + com.iplanet.certsrv.authentication.AuthToken o = + (com.iplanet.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + data_type = ob.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":" + translation + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + data_type = o.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + translation + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + data_type = ob.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":" + translation + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof iplanet.security.x509.CertificateAlgorithmId) { + iplanet.security.x509.CertificateAlgorithmId o = + (iplanet.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof iplanet.security.x509.CertificateValidity) { + iplanet.security.x509.CertificateValidity o = + (iplanet.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + data_type = o.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + translation + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + data_type = obj.getClass().getName(); + if( data_type.startsWith( "iplanet" ) ) { + translation = "netscape" + + data_type.substring( 7 ); + } else if( data_type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + data_type.substring( 11 ); + } else { + translation = data_type; + } + System.out.println(" " + + key + ":" + translation + "=" + + obj); + } + } +} + diff --git a/base/migrate/47ToTxt/src/compile.bat b/base/migrate/47ToTxt/src/compile.bat new file mode 100755 index 000000000..553beca5c --- /dev/null +++ b/base/migrate/47ToTxt/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "47ToTxt/classes/Main.class" and +REM "47ToTxt/classes/CMS47LdifParser.class" which are +REM used to create a normalized CMS 4.7 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 47ToTxt +REM + +REM SET SERVER_ROOT=C:\cms47 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 4.7 NOTE: "WINNT" - 1.3.0 +REM +REM CMS 4.7 CONSOLE NOTE: "WINNT" - 1.1.7A +REM + +REM SET JDK_VERSION=CMS_4.7 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 4.7" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 47ToTxt - create "CMS47LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/47ToTxt/src/compile.sh b/base/migrate/47ToTxt/src/compile.sh new file mode 100755 index 000000000..8d91b4491 --- /dev/null +++ b/base/migrate/47ToTxt/src/compile.sh @@ -0,0 +1,174 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "47ToTxt/classes/Main.class" and ### +### "47ToTxt/classes/CMS47LdifParser.class" which are ### +### used to create a normalized CMS 4.7 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 47ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms47 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "AIX", "HP-UX", "Linux", "OSF1", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 4.7 NOTE: "AIX" - 1.3.0 +### "HP-UX" - 1.3.0.00 +### "Linux" - 1.3.0 +### "OSF1" - 1.3.0-1 +### "SunOS" - 1.3.0 +### +### CMS 4.7 CONSOLE NOTE: "AIX" - 1.1.6_10 +### "HP-UX" - 1.1.6 +### "Linux" - 1.1.7 +### "OSF1" - 1.1.6 +### "SunOS" - 1.1.6 +### + +#JDK_VERSION=CMS_4.7 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 4.7" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "AIX" ] ; then + LIBPATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/aix/native_threads + export LIBPATH +elif [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +elif [ ${OS_NAME} = "OSF1" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/alpha/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 47ToTxt - create "CMS47LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/60ToTxt/classes/CMS60LdifParser.class b/base/migrate/60ToTxt/classes/CMS60LdifParser.class Binary files differnew file mode 100644 index 000000000..f3ff43045 --- /dev/null +++ b/base/migrate/60ToTxt/classes/CMS60LdifParser.class diff --git a/base/migrate/60ToTxt/classes/Main.class b/base/migrate/60ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..6d0d3dcd3 --- /dev/null +++ b/base/migrate/60ToTxt/classes/Main.class diff --git a/base/migrate/60ToTxt/run.bat b/base/migrate/60ToTxt/run.bat new file mode 100755 index 000000000..cc24fd214 --- /dev/null +++ b/base/migrate/60ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 6.0/6.01 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 6.0/6.01 ldif text file. +REM +REM This subsequent normalized CMS 6.0/6.01 ldif text file +REM can be migrated into CMS 6.0/6.01 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 6.0/6.01 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms601 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\hotspot;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/60ToTxt/run.sh b/base/migrate/60ToTxt/run.sh new file mode 100755 index 000000000..d41d65294 --- /dev/null +++ b/base/migrate/60ToTxt/run.sh @@ -0,0 +1,199 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 6.0/6.01 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 6.0/6.01 ldif text file. ### +### ### +### This subsequent normalized CMS 6.0/6.01 ldif text file ### +### can be migrated into CMS 6.0/6.01 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 6.0/6.01 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms601 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jre/lib/i18n.jar Main $1 $2 + diff --git a/base/migrate/60ToTxt/src/Main.java b/base/migrate/60ToTxt/src/Main.java new file mode 100644 index 000000000..72de924c4 --- /dev/null +++ b/base/migrate/60ToTxt/src/Main.java @@ -0,0 +1,475 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "60ToTxt/src/Main.java" is based upon a copy "45ToTxt/src/Main.java" +// with additional material provided from "47ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 6.0" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following commands: +// +// diff 45ToTxt/src/Main.java 60ToTxt/src/Main.java +// diff 47ToTxt/src/Main.java 60ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS60LdifParser parser = null; + if (args.length == 1) { + parser = new CMS60LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS60LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS60LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS60LdifParser(String filename) + { + mFilename = filename; + } + + public CMS60LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.certsrv.base.ArgBlock) { + com.netscape.certsrv.base.ArgBlock o = + (com.netscape.certsrv.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.cmscore.kra.ProofOfArchival) { + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.cmscore.kra.ProofOfArchival o = + (com.netscape.cmscore.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/60ToTxt/src/compile.bat b/base/migrate/60ToTxt/src/compile.bat new file mode 100755 index 000000000..8c8b122c0 --- /dev/null +++ b/base/migrate/60ToTxt/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "60ToTxt/classes/Main.class" and +REM "60ToTxt/classes/CMS60LdifParser.class" which are +REM used to create a normalized CMS 6.0/6.01 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 60ToTxt +REM + +REM SET SERVER_ROOT=C:\cms601 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 6.0 NOTE: "WINNT" - 1.3.1_02 +REM +REM CMS 6.01 NOTE: "WINNT" - 1.3.1_02 +REM + +REM SET JDK_VERSION=CMS_6.01 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 60ToTxt - create "CMS60LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/60ToTxt/src/compile.sh b/base/migrate/60ToTxt/src/compile.sh new file mode 100755 index 000000000..5641688bb --- /dev/null +++ b/base/migrate/60ToTxt/src/compile.sh @@ -0,0 +1,164 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "60ToTxt/classes/Main.class" and ### +### "60ToTxt/classes/CMS60LdifParser.class" which are ### +### used to create a normalized CMS 6.0/6.01 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 60ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms601 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 6.0 NOTE: "HP-UX" - 1.3.1.02 +### "Linux" - 1.3.1_02 +### "SunOS" - 1.3.1_02 +### +### CMS 6.01 NOTE: "HP-UX" - 1.3.1.02 +### "Linux" - 1.4.0 +### "SunOS" - 1.3.1_02 +### + +#JDK_VERSION=CMS_6.01 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 60ToTxt - create "CMS60LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/61ToTxt/classes/CMS61LdifParser.class b/base/migrate/61ToTxt/classes/CMS61LdifParser.class Binary files differnew file mode 100644 index 000000000..4c08a38aa --- /dev/null +++ b/base/migrate/61ToTxt/classes/CMS61LdifParser.class diff --git a/base/migrate/61ToTxt/classes/Main.class b/base/migrate/61ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..8f141215d --- /dev/null +++ b/base/migrate/61ToTxt/classes/Main.class diff --git a/base/migrate/61ToTxt/run.bat b/base/migrate/61ToTxt/run.bat new file mode 100755 index 000000000..2386ab20b --- /dev/null +++ b/base/migrate/61ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 6.1 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 6.1 ldif text file. +REM +REM This subsequent normalized CMS 6.1 ldif text file +REM can be migrated into CMS 6.1 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 6.1 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms61 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/61ToTxt/run.sh b/base/migrate/61ToTxt/run.sh new file mode 100755 index 000000000..9fa8ffe12 --- /dev/null +++ b/base/migrate/61ToTxt/run.sh @@ -0,0 +1,202 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 6.1 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 6.1 ldif text file. ### +### ### +### This subsequent normalized CMS 6.1 ldif text file ### +### can be migrated into CMS 6.1 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 6.1 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms61 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.1" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/61ToTxt/src/Main.java b/base/migrate/61ToTxt/src/Main.java new file mode 100644 index 000000000..cd235f73f --- /dev/null +++ b/base/migrate/61ToTxt/src/Main.java @@ -0,0 +1,483 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "61ToTxt/src/Main.java" is based upon a copy "60ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 6.1" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 60ToTxt/src/Main.java 61ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS61LdifParser parser = null; + if (args.length == 1) { + parser = new CMS61LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS61LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS61LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS61LdifParser(String filename) + { + mFilename = filename; + } + + public CMS61LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.cmscore.base.ArgBlock) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock o = + (com.netscape.cmscore.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.cmscore.kra.ProofOfArchival) { + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.cmscore.kra.ProofOfArchival o = + (com.netscape.cmscore.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof byte[]) { + // Since 6.1's profile framework, + // req_archive_options is a byte array + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/61ToTxt/src/compile.bat b/base/migrate/61ToTxt/src/compile.bat new file mode 100755 index 000000000..48bb90018 --- /dev/null +++ b/base/migrate/61ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "61ToTxt/classes/Main.class" and +REM "61ToTxt/classes/CMS61LdifParser.class" which are +REM used to create a normalized CMS 6.1 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 61ToTxt +REM + +REM SET SERVER_ROOT=C:\cms61 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 6.1 NOTE: "WINNT" - 1.4.0 +REM + +REM SET JDK_VERSION=CMS_6.1 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 61ToTxt - create "CMS61LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/61ToTxt/src/compile.sh b/base/migrate/61ToTxt/src/compile.sh new file mode 100755 index 000000000..b1f8c8505 --- /dev/null +++ b/base/migrate/61ToTxt/src/compile.sh @@ -0,0 +1,160 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "61ToTxt/classes/Main.class" and ### +### "61ToTxt/classes/CMS61LdifParser.class" which are ### +### used to create a normalized CMS 6.1 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 61ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms61 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 6.1 NOTE: "HP-UX" - 1.3.1.02 +### "Linux" - 1.3.1_02 +### "SunOS" - 1.3.1_02 +### + +#JDK_VERSION=CMS_6.1 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.1" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 61ToTxt - create "CMS61LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/62ToTxt/classes/CMS62LdifParser.class b/base/migrate/62ToTxt/classes/CMS62LdifParser.class Binary files differnew file mode 100644 index 000000000..8c413efe2 --- /dev/null +++ b/base/migrate/62ToTxt/classes/CMS62LdifParser.class diff --git a/base/migrate/62ToTxt/classes/Main.class b/base/migrate/62ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..a3b28db52 --- /dev/null +++ b/base/migrate/62ToTxt/classes/Main.class diff --git a/base/migrate/62ToTxt/run.bat b/base/migrate/62ToTxt/run.bat new file mode 100755 index 000000000..f182fd715 --- /dev/null +++ b/base/migrate/62ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 6.2 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 6.2 ldif text file. +REM +REM This subsequent normalized CMS 6.2 ldif text file +REM can be migrated into CMS 6.2 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 6.2 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms62 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/62ToTxt/run.sh b/base/migrate/62ToTxt/run.sh new file mode 100755 index 000000000..a192df1ce --- /dev/null +++ b/base/migrate/62ToTxt/run.sh @@ -0,0 +1,202 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 6.2 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 6.2 ldif text file. ### +### ### +### This subsequent normalized CMS 6.2 ldif text file ### +### can be migrated into CMS 6.2 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 6.2 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms62 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.2" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/62ToTxt/src/Main.java b/base/migrate/62ToTxt/src/Main.java new file mode 100644 index 000000000..109162475 --- /dev/null +++ b/base/migrate/62ToTxt/src/Main.java @@ -0,0 +1,483 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "62ToTxt/src/Main.java" is based upon a copy "61ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 6.2" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 61ToTxt/src/Main.java 62ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS62LdifParser parser = null; + if (args.length == 1) { + parser = new CMS62LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS62LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS62LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS62LdifParser(String filename) + { + mFilename = filename; + } + + public CMS62LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.cmscore.base.ArgBlock) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock o = + (com.netscape.cmscore.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.cmscore.kra.ProofOfArchival) { + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.cmscore.kra.ProofOfArchival o = + (com.netscape.cmscore.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof byte[]) { + // Since 6.1's profile framework, + // req_archive_options is a byte array + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/62ToTxt/src/compile.bat b/base/migrate/62ToTxt/src/compile.bat new file mode 100755 index 000000000..c6bfff97e --- /dev/null +++ b/base/migrate/62ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "62ToTxt/classes/Main.class" and +REM "62ToTxt/classes/CMS62LdifParser.class" which are +REM used to create a normalized CMS 6.2 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 62ToTxt +REM + +REM SET SERVER_ROOT=C:\cms62 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 6.2 NOTE: "WINNT" - 1.4.0 +REM + +REM SET JDK_VERSION=CMS_6.2 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 62ToTxt - create "CMS62LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/62ToTxt/src/compile.sh b/base/migrate/62ToTxt/src/compile.sh new file mode 100755 index 000000000..163d5e440 --- /dev/null +++ b/base/migrate/62ToTxt/src/compile.sh @@ -0,0 +1,160 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "62ToTxt/classes/Main.class" and ### +### "62ToTxt/classes/CMS62LdifParser.class" which are ### +### used to create a normalized CMS 6.2 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 62ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms62 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 6.2 NOTE: "HP-UX" - 1.4.0.00 +### "Linux" - 1.4.0 +### "SunOS" - 1.4.0 +### + +#JDK_VERSION=CMS_6.2 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.2" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 62ToTxt - create "CMS62LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/63ToTxt/classes/CMS63LdifParser.class b/base/migrate/63ToTxt/classes/CMS63LdifParser.class Binary files differnew file mode 100644 index 000000000..39dde5f50 --- /dev/null +++ b/base/migrate/63ToTxt/classes/CMS63LdifParser.class diff --git a/base/migrate/63ToTxt/classes/Main.class b/base/migrate/63ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..d8885bc11 --- /dev/null +++ b/base/migrate/63ToTxt/classes/Main.class diff --git a/base/migrate/63ToTxt/run.bat b/base/migrate/63ToTxt/run.bat new file mode 100755 index 000000000..34c9422c8 --- /dev/null +++ b/base/migrate/63ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 6.3 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 6.3 ldif text file. +REM +REM This subsequent normalized CMS 6.3 ldif text file +REM can be migrated into CMS 6.3 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 6.3 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms63 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/63ToTxt/run.sh b/base/migrate/63ToTxt/run.sh new file mode 100755 index 000000000..d4aa5d5a2 --- /dev/null +++ b/base/migrate/63ToTxt/run.sh @@ -0,0 +1,202 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 6.3 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 6.3 ldif text file. ### +### ### +### This subsequent normalized CMS 6.3 ldif text file ### +### can be migrated into CMS 6.3 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 6.3 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms63 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.3" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/63ToTxt/src/Main.java b/base/migrate/63ToTxt/src/Main.java new file mode 100644 index 000000000..6066801e2 --- /dev/null +++ b/base/migrate/63ToTxt/src/Main.java @@ -0,0 +1,483 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "63ToTxt/src/Main.java" is based upon a copy "62ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 6.3" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 62ToTxt/src/Main.java 63ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS63LdifParser parser = null; + if (args.length == 1) { + parser = new CMS63LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS63LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS63LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS63LdifParser(String filename) + { + mFilename = filename; + } + + public CMS63LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.cmscore.base.ArgBlock) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock o = + (com.netscape.cmscore.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.cmscore.kra.ProofOfArchival) { + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.cmscore.kra.ProofOfArchival o = + (com.netscape.cmscore.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof byte[]) { + // Since 6.1's profile framework, + // req_archive_options is a byte array + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/63ToTxt/src/compile.bat b/base/migrate/63ToTxt/src/compile.bat new file mode 100755 index 000000000..f587dd7e8 --- /dev/null +++ b/base/migrate/63ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "63ToTxt/classes/Main.class" and +REM "63ToTxt/classes/CMS63LdifParser.class" which are +REM used to create a normalized CMS 6.3 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 63ToTxt +REM + +REM SET SERVER_ROOT=C:\cms63 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 6.3 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CMS_6.3 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 63ToTxt - create "CMS63LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/63ToTxt/src/compile.sh b/base/migrate/63ToTxt/src/compile.sh new file mode 100755 index 000000000..57b9c7718 --- /dev/null +++ b/base/migrate/63ToTxt/src/compile.sh @@ -0,0 +1,160 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "63ToTxt/classes/Main.class" and ### +### "63ToTxt/classes/CMS63LdifParser.class" which are ### +### used to create a normalized CMS 6.3 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 63ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms63 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 6.3 NOTE: "HP-UX" - 1.4.0.00 +### "Linux" - 1.4.2 +### "SunOS" - 1.4.2 +### + +#JDK_VERSION=CMS_6.3 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.3" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 63ToTxt - create "CMS63LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/70ToTxt/classes/CMS70LdifParser.class b/base/migrate/70ToTxt/classes/CMS70LdifParser.class Binary files differnew file mode 100644 index 000000000..e6900f5aa --- /dev/null +++ b/base/migrate/70ToTxt/classes/CMS70LdifParser.class diff --git a/base/migrate/70ToTxt/classes/Main.class b/base/migrate/70ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..0743af44a --- /dev/null +++ b/base/migrate/70ToTxt/classes/Main.class diff --git a/base/migrate/70ToTxt/run.bat b/base/migrate/70ToTxt/run.bat new file mode 100755 index 000000000..3adeee6f9 --- /dev/null +++ b/base/migrate/70ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CMS 7.0 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CMS 7.0 ldif text file. +REM +REM This subsequent normalized CMS 7.0 ldif text file +REM can be migrated into CMS 7.0 or later utilizing +REM the corresponding TxtTo<Target CMS Version> script which +REM converts this normalized CMS 7.0 ldif text file into +REM a <Target CMS Version> ldif data file. +REM +REM This <Target CMS Version> ldif data file can then be +REM imported into the internal database of the desired CMS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms70 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 7.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/70ToTxt/run.sh b/base/migrate/70ToTxt/run.sh new file mode 100755 index 000000000..294bb63c7 --- /dev/null +++ b/base/migrate/70ToTxt/run.sh @@ -0,0 +1,202 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CMS 7.0/7.01 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CMS 7.0/7.01 ldif text file. ### +### ### +### This subsequent normalized CMS 7.0/7.01 ldif text file ### +### can be migrated into CMS 7.0/7.01 or later utilizing ### +### the corresponding TxtTo<Target CMS Version> script which ### +### converts this normalized CMS 7.0/7.01 ldif text file into ### +### a <Target CMS Version> ldif data file. ### +### ### +### This <Target CMS Version> ldif data file can then be ### +### imported into the internal database of the desired CMS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms701 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 7.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/70ToTxt/src/Main.java b/base/migrate/70ToTxt/src/Main.java new file mode 100644 index 000000000..133671267 --- /dev/null +++ b/base/migrate/70ToTxt/src/Main.java @@ -0,0 +1,483 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "70ToTxt/src/Main.java" is based upon a copy "62ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.0" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 62ToTxt/src/Main.java 70ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS70LdifParser parser = null; + if (args.length == 1) { + parser = new CMS70LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS70LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS70LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS70LdifParser(String filename) + { + mFilename = filename; + } + + public CMS70LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.cmscore.base.ArgBlock) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock o = + (com.netscape.cmscore.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.cmscore.kra.ProofOfArchival) { + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.cmscore.kra.ProofOfArchival o = + (com.netscape.cmscore.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof byte[]) { + // Since 6.1's profile framework, + // req_archive_options is a byte array + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/70ToTxt/src/compile.bat b/base/migrate/70ToTxt/src/compile.bat new file mode 100755 index 000000000..164cdc321 --- /dev/null +++ b/base/migrate/70ToTxt/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "70ToTxt/classes/Main.class" and +REM "70ToTxt/classes/CMS70LdifParser.class" which are +REM used to create a normalized CMS 7.0 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile 70ToTxt +REM + +REM SET SERVER_ROOT=C:\cms701 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 7.0 NOTE: "WINNT" - 1.4.2 +REM +REM CMS 7.01 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CMS_7.01 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 7.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CMS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 70ToTxt - create "CMS70LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/70ToTxt/src/compile.sh b/base/migrate/70ToTxt/src/compile.sh new file mode 100755 index 000000000..7c9de9b89 --- /dev/null +++ b/base/migrate/70ToTxt/src/compile.sh @@ -0,0 +1,160 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "70ToTxt/classes/Main.class" and ### +### "70ToTxt/classes/CMS70LdifParser.class" which are ### +### used to create a normalized CMS 7.0 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile 70ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cms70 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 7.0 NOTE: "HP-UX" - 1.4.0.00 +### "Linux" - 1.4.2 +### "SunOS" - 1.4.2 +### + +#JDK_VERSION=CMS_7.0 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 7.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CMS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 70ToTxt - create "CMS70LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/71ToTxt/classes/CMS71LdifParser.class b/base/migrate/71ToTxt/classes/CMS71LdifParser.class Binary files differnew file mode 100644 index 000000000..b78e44623 --- /dev/null +++ b/base/migrate/71ToTxt/classes/CMS71LdifParser.class diff --git a/base/migrate/71ToTxt/classes/Main.class b/base/migrate/71ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..e37d5400a --- /dev/null +++ b/base/migrate/71ToTxt/classes/Main.class diff --git a/base/migrate/71ToTxt/run.bat b/base/migrate/71ToTxt/run.bat new file mode 100755 index 000000000..4dbe2f5cd --- /dev/null +++ b/base/migrate/71ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CS 7.1 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CS 7.1 ldif text file. +REM +REM This subsequent normalized CS 7.1 ldif text file +REM can be migrated into CS 7.1 or later utilizing +REM the corresponding TxtTo<Target CS Version> script which +REM converts this normalized CS 7.1 ldif text file into +REM a <Target CS Version> ldif data file. +REM +REM This <Target CS Version> ldif data file can then be +REM imported into the internal database of the desired CS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cs71 + + +REM +REM INSTANCE - if the CS instance directory is called 'cert-ca', +REM set the CS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CS% ldif data file +REM into a normalized %CS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/71ToTxt/run.sh b/base/migrate/71ToTxt/run.sh new file mode 100755 index 000000000..e1a33a541 --- /dev/null +++ b/base/migrate/71ToTxt/run.sh @@ -0,0 +1,202 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CS 7.1 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CS 7.1 ldif text file. ### +### ### +### This subsequent normalized CS 7.1 ldif text file ### +### can be migrated into CS 7.1 or later utilizing ### +### the corresponding TxtTo<Target CS Version> script which ### +### converts this normalized CS 7.1 ldif text file into ### +### a <Target CS Version> ldif data file. ### +### ### +### This <Target CS Version> ldif data file can then be ### +### imported into the internal database of the desired CS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cs71 +#export SERVER_ROOT + + +### +### INSTANCE - if the CS instance directory is called 'cert-ca', +### set the CS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.1" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CS} ldif data file +### into a normalized ${CS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/71ToTxt/src/Main.java b/base/migrate/71ToTxt/src/Main.java new file mode 100644 index 000000000..f7f3a5b95 --- /dev/null +++ b/base/migrate/71ToTxt/src/Main.java @@ -0,0 +1,483 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "71ToTxt/src/Main.java" is based upon a copy "70ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.1" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 70ToTxt/src/Main.java 71ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS71LdifParser parser = null; + if (args.length == 1) { + parser = new CMS71LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS71LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS71LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS71LdifParser(String filename) + { + mFilename = filename; + } + + public CMS71LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.cmscore.base.ArgBlock) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock o = + (com.netscape.cmscore.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.cmscore.kra.ProofOfArchival) { + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.cmscore.kra.ProofOfArchival o = + (com.netscape.cmscore.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof byte[]) { + // Since 6.1's profile framework, + // req_archive_options is a byte array + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/71ToTxt/src/compile.bat b/base/migrate/71ToTxt/src/compile.bat new file mode 100755 index 000000000..49ba89621 --- /dev/null +++ b/base/migrate/71ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "71ToTxt/classes/Main.class" and +REM "71ToTxt/classes/CMS71LdifParser.class" which are +REM used to create a normalized CS 7.1 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CS <server_root> used to compile 71ToTxt +REM + +REM SET SERVER_ROOT=C:\cs71 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CS +REM +REM CS 7.1 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CS_7.1 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 71ToTxt - create "CMS71LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/71ToTxt/src/compile.sh b/base/migrate/71ToTxt/src/compile.sh new file mode 100755 index 000000000..23464bcb3 --- /dev/null +++ b/base/migrate/71ToTxt/src/compile.sh @@ -0,0 +1,160 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "71ToTxt/classes/Main.class" and ### +### "71ToTxt/classes/CMS71LdifParser.class" which are ### +### used to create a normalized CS 7.1 ldif text file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CS <server_root> used to compile 71ToTxt +### + +#SERVER_ROOT=/export/home/migrate/cs71 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CS +### +### CS 7.1 NOTE: "HP-UX" - 1.4.0.00 +### "Linux" - 1.4.2 +### "SunOS" - 1.4.2 +### + +#JDK_VERSION=CS_7.1 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.1" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 71ToTxt - create "CMS71LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/72ToTxt/classes/CMS72LdifParser.class b/base/migrate/72ToTxt/classes/CMS72LdifParser.class Binary files differnew file mode 100644 index 000000000..707657160 --- /dev/null +++ b/base/migrate/72ToTxt/classes/CMS72LdifParser.class diff --git a/base/migrate/72ToTxt/classes/Main.class b/base/migrate/72ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..470df979a --- /dev/null +++ b/base/migrate/72ToTxt/classes/Main.class diff --git a/base/migrate/72ToTxt/run.bat b/base/migrate/72ToTxt/run.bat new file mode 100755 index 000000000..9613fe5d5 --- /dev/null +++ b/base/migrate/72ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CS 7.2 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CS 7.2 ldif text file. +REM +REM This subsequent normalized CS 7.2 ldif text file +REM can be migrated into CS 7.2 or later utilizing +REM the corresponding TxtTo<Target CS Version> script which +REM converts this normalized CS 7.2 ldif text file into +REM a <Target CS Version> ldif data file. +REM +REM This <Target CS Version> ldif data file can then be +REM imported into the internal database of the desired CS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cs72 + + +REM +REM INSTANCE - if the CS instance directory is called 'cert-ca', +REM set the CS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CS% ldif data file +REM into a normalized %CS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/72ToTxt/run.sh b/base/migrate/72ToTxt/run.sh new file mode 100755 index 000000000..ccdd00630 --- /dev/null +++ b/base/migrate/72ToTxt/run.sh @@ -0,0 +1,158 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CS 7.2 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CS 7.2 ldif text file. ### +### ### +### This subsequent normalized CS 7.2 ldif text file ### +### can be migrated into CS 7.2 or later utilizing ### +### the corresponding TxtTo<Target CS Version> script which ### +### converts this normalized CS 7.2 ldif text file into ### +### a <Target CS Version> ldif data file. ### +### ### +### This <Target CS Version> ldif data file can then be ### +### imported into the internal database of the desired CS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + +### +### Java Runtime Environment +### +JRE_ROOT=/usr/lib/jvm/jre-1.5.0 +export JRE_ROOT + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + +### +### Script-defined constants +### + +CS="CS 7.2" +export CS + +OS_NAME=`uname` +export OS_NAME + +ARCH=`uname -i` +export ARCH + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### +CLASSPATH=/usr/share/rhpki/migrate/72ToTxt/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar +export CLASSPATH + +if [ ${OS_NAME} = "Linux" ] ; then + if [ ${ARCH} = "i386" ] ; then + LD_LIBRARY_PATH=/usr/lib/dirsec:/usr/lib:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + else # x86_64 + LD_LIBRARY_PATH=/usr/lib64/dirsec:/usr/lib64:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/72ToTxt/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib64/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH + fi +else # SunOS 64-bits + LD_LIBRARY_PATH=/usr/lib/sparcv9/dirsec:/usr/lib/sparcv9:${JRE_ROOT}/lib:${JRE_ROOT}/lib/sparc/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/72ToTxt/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/sparcv9/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH +fi + + +### +### Convert the specified ${CS} ldif data file +### into a normalized ${CS} ldif text file. +### + +${JRE_ROOT}/bin/java -classpath ${CLASSPATH} Main $1 $2 diff --git a/base/migrate/72ToTxt/src/Main.java b/base/migrate/72ToTxt/src/Main.java new file mode 100644 index 000000000..0a0dc812e --- /dev/null +++ b/base/migrate/72ToTxt/src/Main.java @@ -0,0 +1,485 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "71ToTxt/src/Main.java" is based upon a copy "70ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.1" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 70ToTxt/src/Main.java 71ToTxt/src/Main.java +// + +import java.io.*; +import java.math.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS72LdifParser parser = null; + if (args.length == 1) { + parser = new CMS72LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS72LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS72LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS72LdifParser(String filename) + { + mFilename = filename; + } + + public CMS72LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.cmscore.base.ArgBlock) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock o = + (com.netscape.cmscore.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.certsrv.kra.ProofOfArchival) { + // CS 7.2: moved com.netscape.cmscore.kra.ProofOfArchival + // to com.netscape.certsrv.kra.ProofOfArchival + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.certsrv.kra.ProofOfArchival o = + (com.netscape.certsrv.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof byte[]) { + // Since 6.1's profile framework, + // req_archive_options is a byte array + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/72ToTxt/src/compile.bat b/base/migrate/72ToTxt/src/compile.bat new file mode 100755 index 000000000..c0377e5e5 --- /dev/null +++ b/base/migrate/72ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "72ToTxt/classes/Main.class" and +REM "72ToTxt/classes/CMS72LdifParser.class" which are +REM used to create a normalized CS 7.2 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CS <server_root> used to compile 72ToTxt +REM + +REM SET SERVER_ROOT=C:\cs72 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CS +REM +REM CS 7.2 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CS_7.2 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 72ToTxt - create "CMS72LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/72ToTxt/src/compile.sh b/base/migrate/72ToTxt/src/compile.sh new file mode 100755 index 000000000..6c616cd40 --- /dev/null +++ b/base/migrate/72ToTxt/src/compile.sh @@ -0,0 +1,139 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "72ToTxt/classes/Main.class" and ### +### "72ToTxt/classes/CMS72LdifParser.class" which are ### +### used to create a normalized CS 7.2 ldif text file. ### +### ### +##################################################################### + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=Linux +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CS +### +### CS 7.2 NOTE: "Linux" - 1.5.0 (IBM) +### "SunOS" - 1.5.0 +### + +#JDK_VERSION=CS_7.2.0 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.2" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 72ToTxt - create "CMS72LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:/usr/share/java/rhpki/nsutil.jar:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/lib/java/rhpki/ca/ca.jar:/usr/lib/java/rhpki/tks/tks.jar:/usr/lib/java/rhpki/ocsp/ocsp.jar:/usr/lib/java/rhpki/kra/kra.jar:/usr/lib/java/dirsec/jss4.jar Main.java + diff --git a/base/migrate/73ToTxt/classes/CMS73LdifParser.class b/base/migrate/73ToTxt/classes/CMS73LdifParser.class Binary files differnew file mode 100644 index 000000000..9ca1fdfd5 --- /dev/null +++ b/base/migrate/73ToTxt/classes/CMS73LdifParser.class diff --git a/base/migrate/73ToTxt/classes/Main.class b/base/migrate/73ToTxt/classes/Main.class Binary files differnew file mode 100644 index 000000000..30a21375d --- /dev/null +++ b/base/migrate/73ToTxt/classes/Main.class diff --git a/base/migrate/73ToTxt/run.bat b/base/migrate/73ToTxt/run.bat new file mode 100755 index 000000000..f360f44d0 --- /dev/null +++ b/base/migrate/73ToTxt/run.bat @@ -0,0 +1,192 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a pre-existing CS 7.3 ldif data +REM file (e. g. - created via a utility such as db2ldif) +REM into a normalized CS 7.3 ldif text file. +REM +REM This subsequent normalized CS 7.3 ldif text file +REM can be migrated into CS 7.3 or later utilizing +REM the corresponding TxtTo<Target CS Version> script which +REM converts this normalized CS 7.3 ldif text file into +REM a <Target CS Version> ldif data file. +REM +REM This <Target CS Version> ldif data file can then be +REM imported into the internal database of the desired CS +REM server using a utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cs73 + + +REM +REM INSTANCE - if the CS instance directory is called 'cert-ca', +REM set the CS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CS% ldif data file +REM into a normalized %CS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/73ToTxt/run.sh b/base/migrate/73ToTxt/run.sh new file mode 100755 index 000000000..a35994fb0 --- /dev/null +++ b/base/migrate/73ToTxt/run.sh @@ -0,0 +1,157 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a pre-existing CS 7.3 ldif data ### +### file (e. g. - created via a utility such as db2ldif) ### +### into a normalized CS 7.3 ldif text file. ### +### ### +### This subsequent normalized CS 7.3 ldif text file ### +### can be migrated into CS 7.3 or later utilizing ### +### the corresponding TxtTo<Target CS Version> script which ### +### converts this normalized CS 7.3 ldif text file into ### +### a <Target CS Version> ldif data file. ### +### ### +### This <Target CS Version> ldif data file can then be ### +### imported into the internal database of the desired CS ### +### server using a utility such as ldif2db. ### +### ### +##################################################################### + +### +### Java Runtime Environment +### +JRE_ROOT=/usr/lib/jvm/jre-1.5.0 +export JRE_ROOT + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + +### +### Script-defined constants +### + +CS="CS 7.3" +export CS + +OS_NAME=`uname` +export OS_NAME + +ARCH=`uname -i` +export ARCH + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### +CLASSPATH=/usr/share/rhpki/migrate/73ToTxt/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar +export CLASSPATH + +if [ ${OS_NAME} = "Linux" ] ; then + if [ ${ARCH} = "i386" ] ; then + LD_LIBRARY_PATH=/usr/lib/dirsec:/usr/lib:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + else # x86_64 + LD_LIBRARY_PATH=/usr/lib64/dirsec:/usr/lib64:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/73ToTxt/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib64/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH + fi +else # SunOS 64-bits + LD_LIBRARY_PATH=/usr/lib/sparcv9/dirsec:/usr/lib/sparcv9:${JRE_ROOT}/lib:${JRE_ROOT}/lib/sparc/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/73ToTxt/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/sparcv9/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH +fi + + +### +### Convert the specified ${CS} ldif data file +### into a normalized ${CS} ldif text file. +### + +${JRE_ROOT}/bin/java -classpath ${CLASSPATH} Main $1 $2 diff --git a/base/migrate/73ToTxt/src/Main.java b/base/migrate/73ToTxt/src/Main.java new file mode 100644 index 000000000..be26e9858 --- /dev/null +++ b/base/migrate/73ToTxt/src/Main.java @@ -0,0 +1,485 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "71ToTxt/src/Main.java" is based upon a copy "70ToTxt/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.1" header, and +// apply these changes forward to all other "*ToTxt/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "*ToTxt" version. +// +// This file should always be maintained by executing the following command: +// +// diff 70ToTxt/src/Main.java 71ToTxt/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import netscape.security.util.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS73LdifParser parser = null; + if (args.length == 1) { + parser = new CMS73LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS73LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS73LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS73LdifParser(String filename) + { + mFilename = filename; + } + + public CMS73LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + StringBuffer requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.startsWith(REQUEST_ATTRIBUTES)) { + requestAttributes = new StringBuffer(); + // System.out.println(line); + requestAttributes.append( + line.substring(REQUEST_ATTRIBUTES.length(), + line.length()).trim()); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.startsWith(" ")) { + // System.out.println(line); + requestAttributes.append(line.trim()); + } else { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + System.out.println(line); + } + } + } + + public void parseAttributes(String dn, StringBuffer attrs) throws Exception + { + BASE64Decoder decoder = new BASE64Decoder(); + decodeHashtable(dn, decoder.decodeBuffer(attrs.toString())); + +// System.out.println(attrs); + } + + public Object decode(byte[] data) throws + ObjectStreamException, + IOException, + ClassNotFoundException + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + return is.readObject(); + } + + public void decodeHashtable(String dn, byte[] data) throws Exception + { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + ObjectInputStream is = new ObjectInputStream(bis); + + System.out.println(BEGIN); + String key = null; + while (true) + { + key = (String)is.readObject(); + // end of table is marked with null + if (key == null) break; + try { + byte[] bytes = (byte[])is.readObject(); + Object obj = decode(bytes); + output(key, obj); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } + System.out.println(END); + } + + public void output(String key, Object obj) throws Exception + { + if (obj instanceof String) { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } else if (obj instanceof netscape.security.x509.CertificateX509Key) { + netscape.security.x509.CertificateX509Key o = + (netscape.security.x509.CertificateX509Key)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateSubjectName) { + netscape.security.x509.CertificateSubjectName o = + (netscape.security.x509.CertificateSubjectName)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateExtensions) { + netscape.security.x509.CertificateExtensions o = + (netscape.security.x509.CertificateExtensions)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertInfo) { + netscape.security.x509.X509CertInfo o = + (netscape.security.x509.X509CertInfo)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl) { + netscape.security.x509.X509CertImpl o = + (netscape.security.x509.X509CertImpl)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateChain) { + netscape.security.x509.CertificateChain o = + (netscape.security.x509.CertificateChain)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.X509CertImpl[]) { + netscape.security.x509.X509CertImpl o[] = + (netscape.security.x509.X509CertImpl[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.X509CertInfo[]) { + netscape.security.x509.X509CertInfo o[] = + (netscape.security.x509.X509CertInfo[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() + "["+o.length + "," + i+"]"+"=" + + encoder.encodeBuffer(bos.toByteArray())); + } + } else if (obj instanceof netscape.security.x509.RevokedCertImpl[]) { + netscape.security.x509.RevokedCertImpl o[] = + (netscape.security.x509.RevokedCertImpl[])obj; + for (int i = 0; i < o.length; i++) { + DerOutputStream bos = + new DerOutputStream(); + o[i].encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(bos.toByteArray())); + } + } else if (obj instanceof java.security.cert.Certificate[]) { + java.security.cert.Certificate o[] = + (java.security.cert.Certificate[])obj; + for (int i = 0; i < o.length; i++) { + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o[i].getClass().getName() +"["+o.length+","+i+"]" + "=" + + encoder.encode(o[i].getEncoded())); + } + } else if (obj instanceof com.netscape.cmscore.base.ArgBlock) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock o = + (com.netscape.cmscore.base.ArgBlock)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" +(String)o.get(k)); + } + } else if (obj instanceof com.netscape.cmscore.dbs.KeyRecord) { + // CMS 6.0: moved "com.netscape.certsrv.dbs.keydb.KeyRecord" + // to "com.netscape.cmscore.dbs.KeyRecord" + com.netscape.cmscore.dbs.KeyRecord o = + (com.netscape.cmscore.dbs.KeyRecord)obj; + Enumeration<String> e = o.getElements(); + while (e.hasMoreElements()) { + String k = e.nextElement(); + Object ob = o.get(k); + if (ob != null) { + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + encoder.encode((byte[])ob)); + + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } + } else if (obj instanceof com.netscape.certsrv.kra.ProofOfArchival) { + // CS 7.2: moved com.netscape.cmscore.kra.ProofOfArchival + // to com.netscape.certsrv.kra.ProofOfArchival + // CMS 6.0: moved "com.netscape.certsrv.kra.ProofOfArchival" + // to "com.netscape.cmscore.kra.ProofOfArchival" + com.netscape.certsrv.kra.ProofOfArchival o = + (com.netscape.certsrv.kra.ProofOfArchival)obj; + DerOutputStream bos = + new DerOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + encoder.encode(bos.toByteArray())); + } else if (obj instanceof com.netscape.certsrv.request.AgentApprovals) { + com.netscape.certsrv.request.AgentApprovals o = + (com.netscape.certsrv.request.AgentApprovals)obj; + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + com.netscape.certsrv.request.AgentApproval approval = (com.netscape.certsrv.request.AgentApproval)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + approval.getUserName() + ";" + approval.getDate().getTime()); + } + } else if (obj instanceof com.netscape.certsrv.authentication.AuthToken) { + com.netscape.certsrv.authentication.AuthToken o = + (com.netscape.certsrv.authentication.AuthToken)obj; + Enumeration e = o.getElements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + Object ob = o.get(k); + if (ob instanceof java.util.Date) { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ((java.util.Date)ob).getTime()); + } else if (ob instanceof java.math.BigInteger[]) { + // Bugzilla Bug #225031 (a.k.a. - Raidzilla Bug #58356) + java.math.BigInteger in[] = (java.math.BigInteger[])ob; + String numbers = ""; + for (int i = 0; i < in.length; i++) { + if (numbers.equals("")) { + numbers = in[i].toString(); + } else { + numbers = numbers + "," + in[i].toString(); + } + } + System.out.println(" " + + key + ":" + "com.netscape.certsrv.authentication.AuthToken" + "=" + + k + ":java.lang.String=" + numbers); + } else if (ob instanceof String[]) { + // Bugzilla Bug #224763 (a.k.a. - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + String str[] = (String[])ob; + String v = ""; + if (str != null) { + for (int i = 0; i < str.length; i++) { + if (i != 0) { + v += ","; + } + v += str[i]; + } + } + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + "java.lang.String" + "=" + v); + } else { + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + ":" + ob.getClass().getName() + "=" + ob); + } + } + } else if (obj instanceof byte[]) { + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof Integer[]) { + Integer in[] = (Integer[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":Integer[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof BigInteger[]) { + // Bugzilla Bug #238779 + BigInteger in[] = (BigInteger[])obj; + for (int i = 0; i < in.length; i++) { + System.out.println(" " + key + ":java.math.BigInteger[" + in.length + "," + i + "]="+ in[i]); + } + } else if (obj instanceof String[]) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + String str[] = (String[])obj; + for (int i = 0; i < str.length; i++) { + System.out.println(" " + key + ":java.lang.String[" + str.length + "," + i + "]="+ str[i]); + } + } else if (obj instanceof netscape.security.x509.CertificateAlgorithmId) { + netscape.security.x509.CertificateAlgorithmId o = + (netscape.security.x509.CertificateAlgorithmId)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateAlgorithmId="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof netscape.security.x509.CertificateValidity) { + netscape.security.x509.CertificateValidity o = + (netscape.security.x509.CertificateValidity)obj; + ByteArrayOutputStream bos = + new ByteArrayOutputStream(); + o.encode(bos); + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":netscape.security.x509.CertificateValidity="+ + encoder.encode(bos.toByteArray())); + } else if (obj instanceof byte[]) { + // Since 6.1's profile framework, + // req_archive_options is a byte array + BASE64Encoder encoder = new BASE64Encoder(); + System.out.println(" " + key + + ":byte[]="+ + encoder.encode((byte[])obj)); + } else if (obj instanceof java.util.Hashtable) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + // + // Example: fingerprints:java.util.Hashtable= + // {SHA1=[B@52513a, MD5=[B@52c4d9, MD2=[B@799ff5} + // + java.util.Hashtable o = (java.util.Hashtable)obj; + BASE64Encoder encoder = new BASE64Encoder(); + Enumeration e = o.elements(); + while (e.hasMoreElements()) { + String k = (String)e.nextElement(); + System.out.println(" " + + key + ":" + o.getClass().getName() + "=" + + k + "=" + encoder.encode((byte[])o.get(k))); + } + } else { + System.out.println(" " + + key + ":" + obj.getClass().getName() + "=" + + obj); + } + } +} + diff --git a/base/migrate/73ToTxt/src/compile.bat b/base/migrate/73ToTxt/src/compile.bat new file mode 100755 index 000000000..f5b720e54 --- /dev/null +++ b/base/migrate/73ToTxt/src/compile.bat @@ -0,0 +1,150 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "73ToTxt/classes/Main.class" and +REM "73ToTxt/classes/CMS73LdifParser.class" which are +REM used to create a normalized CS 7.3 ldif text file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CS <server_root> used to compile 73ToTxt +REM + +REM SET SERVER_ROOT=C:\cs73 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CS +REM +REM CS 7.3 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CS_7.3 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO normalized %CS% ldif text classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile 73ToTxt - create "CMS73LdifParser.class" and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/73ToTxt/src/compile.sh b/base/migrate/73ToTxt/src/compile.sh new file mode 100755 index 000000000..0c8975c4a --- /dev/null +++ b/base/migrate/73ToTxt/src/compile.sh @@ -0,0 +1,138 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "73ToTxt/classes/Main.class" and ### +### "73ToTxt/classes/CMS73LdifParser.class" which are ### +### used to create a normalized CS 7.3 ldif text file. ### +### ### +##################################################################### + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +JDK_PLATFORM=Linux +export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CS +### +### CS 7.3 NOTE: "Linux" - 1.5.0 (IBM) +### "SunOS" - 1.5.0 +### + +JDK_VERSION=PKI_7.3.0 +export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +export JAVA_HOME + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.3" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " normalized ${CS} ldif text classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile 73ToTxt - create "CMS73LdifParser.class" and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:/usr/share/java/rhpki/nsutil.jar:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/lib/java/rhpki/ca/ca.jar:/usr/lib/java/rhpki/tks/tks.jar:/usr/lib/java/rhpki/ocsp/ocsp.jar:/usr/lib/java/rhpki/kra/kra.jar:/usr/lib/java/dirsec/jss4.jar Main.java + diff --git a/base/migrate/80/MigrateSecurityDomain.class b/base/migrate/80/MigrateSecurityDomain.class Binary files differnew file mode 100644 index 000000000..f2a174dab --- /dev/null +++ b/base/migrate/80/MigrateSecurityDomain.class diff --git a/base/migrate/80/MigrateSecurityDomain.java b/base/migrate/80/MigrateSecurityDomain.java new file mode 100644 index 000000000..4624f1259 --- /dev/null +++ b/base/migrate/80/MigrateSecurityDomain.java @@ -0,0 +1,235 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2008 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +import java.io.FileInputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Vector; + +import netscape.ldap.LDAPAttribute; +import netscape.ldap.LDAPAttributeSet; +import netscape.ldap.LDAPConnection; +import netscape.ldap.LDAPEntry; +import netscape.ldap.LDAPException; + +import org.w3c.dom.Document; +import org.w3c.dom.NodeList; + +import com.netscape.cmscore.base.FileConfigStore; +import com.netscape.cmscore.ldapconn.LdapJssSSLSocketFactory; +import com.netscape.cmsutil.ldap.LDAPUtil; +import com.netscape.cmsutil.xml.XMLObject; + +public class MigrateSecurityDomain { + + private static LDAPConnection getLDAPConn(FileConfigStore cs, String passwd) + throws IOException { + + String host = ""; + String port = ""; + String binddn = ""; + String security = ""; + + try { + host = cs.getString("internaldb.ldapconn.host"); + port = cs.getString("internaldb.ldapconn.port"); + binddn = cs.getString("internaldb.ldapauth.bindDN"); + security = cs.getString("internaldb.ldapconn.secureConn"); + } catch (Exception e) { + System.out.println("MigrateSecurityDomain: getLDAPConnection" + e.toString()); + throw new IOException( + "Failed to retrieve LDAP information from CS.cfg."); + } + + int p = -1; + + try { + p = Integer.parseInt(port); + } catch (Exception e) { + System.out.println("MigrateSecurityDomain getLDAPConn: " + e.toString()); + throw new IOException("Port is not valid"); + } + + LDAPConnection conn = null; + if (security.equals("true")) { + System.out.println("MigrateSecurityDomain getLDAPConn: creating secure (SSL) connection for internal ldap"); + conn = new LDAPConnection(new LdapJssSSLSocketFactory()); + } else { + System.out.println( + "MigrateSecurityDomain getLDAPConn: creating non-secure (non-SSL) connection for internal ldap"); + conn = new LDAPConnection(); + } + + System.out.println("MigrateSecurityDomain connecting to " + host + ":" + p); + try { + conn.connect(host, p, binddn, passwd); + } catch (LDAPException e) { + System.out.println("MigrateSecurityDomain getLDAPConn: " + e.toString()); + throw new IOException("Failed to connect to the internal database."); + } + + return conn; + } + + public static void main(String args[]) throws Exception { + if (args.length != 2) { + System.out.println("Usage: MigrateSecurityDomain <instance root path> <directory manager password>"); + System.exit(0); + } + + String instRoot = args[0]; + String dmPass = args[1]; + + XMLObject parser = null; + // get the security domain data from the domain.xml file + try { + String path = instRoot + "/conf/domain.xml"; + System.out.println("MigrateSecurityDomain: Reading domain.xml from file ..."); + parser = new XMLObject(new FileInputStream(path)); + + } catch (Exception e) { + System.out.println("MigrateSecurityDomain: Unable to get domain info from domain.xml file"); + System.out.println(e.toString()); + System.exit(1); + } + + try { + String configFile = instRoot + "/conf/CS.cfg"; + FileConfigStore cs = new FileConfigStore(configFile); + + LDAPConnection conn = null; + conn = MigrateSecurityDomain.getLDAPConn(cs, dmPass); + if (conn == null) { + System.out.println("MigrateSecurityDomain: Failed to connect to internal database"); + System.exit(1); + } + + // add new schema elements + String importFile = "./schema-add.ldif"; + ArrayList<String> errors = new ArrayList<String>(); + try { + LDAPUtil.importLDIF(conn, importFile, errors); + if (! errors.isEmpty()) { + System.out.println("MigrateSecurityDomain: Errors in adding new schema elements:"); + for (String error: errors) { + System.out.println(error); + } + } + } catch (Exception e) { + System.out.println("MigrateSecurityDomain: Error in adding new schema elements"); + System.exit(1); + } + // create the containers + String basedn = cs.getString("internaldb.basedn"); + String secdomain = parser.getValue("Name"); + + try { + String dn = "ou=Security Domain," + basedn; + System.out.println("MigrateSecurityDomain: creating ldap entry : " + dn); + + LDAPEntry entry = null; + LDAPAttributeSet attrs = null; + attrs = new LDAPAttributeSet(); + attrs.add(new LDAPAttribute("objectclass", "top")); + attrs.add(new LDAPAttribute("objectclass", "organizationalUnit")); + attrs.add(new LDAPAttribute("name", secdomain)); + attrs.add(new LDAPAttribute("ou", "Security Domain")); + entry = new LDAPEntry(dn, attrs); + conn.add(entry); + } catch (LDAPException e) { + if (e.getLDAPResultCode() != 68) { + System.out.println("Unable to create security domain" + e.toString()); + System.exit(1); + } + } + + // create list containers + String clist[] = { "CAList", "OCSPList", "KRAList", "RAList", "TKSList", "TPSList" }; + for (int i = 0; i < 6; i++) { + LDAPEntry entry = null; + LDAPAttributeSet attrs = null; + String dn = "cn=" + clist[i] + ",ou=Security Domain," + basedn; + attrs = new LDAPAttributeSet(); + attrs.add(new LDAPAttribute("objectclass", "top")); + attrs.add(new LDAPAttribute("objectclass", "pkiSecurityGroup")); + attrs.add(new LDAPAttribute("cn", clist[i])); + entry = new LDAPEntry(dn, attrs); + try { + conn.add(entry); + } catch (LDAPException e) { + if (e.getLDAPResultCode() != 68) { + System.out.println("Unable to create security domain list entry " + dn + ": " + e.toString()); + System.exit(1); + } + } + } + + // create system entries + String tlist[] = { "CA", "OCSP", "KRA", "RA", "TKS", "TPS" }; + Document doc = parser.getDocument(); + for (int j = 0; j < 6; j++) { + String type = tlist[j]; + NodeList nodeList = doc.getElementsByTagName(type); + int len = nodeList.getLength(); + for (int i = 0; i < len; i++) { + Vector<String> v_clone = parser.getValuesFromContainer(nodeList.item(i), "Clone"); + Vector<String> v_name = parser.getValuesFromContainer(nodeList.item(i), "SubsystemName"); + Vector<String> v_host = parser.getValuesFromContainer(nodeList.item(i), "Host"); + Vector<String> v_port = parser.getValuesFromContainer(nodeList.item(i), "SecurePort"); + + String cn = (String) v_host.elementAt(0) + ":" + (String) v_port.elementAt(0); + String dn = "cn=" + cn + ",cn=" + type + "List,ou=Security Domain," + basedn; + LDAPEntry entry = null; + LDAPAttributeSet attrs = null; + attrs = new LDAPAttributeSet(); + attrs.add(new LDAPAttribute("objectclass", "top")); + attrs.add(new LDAPAttribute("objectclass", "pkiSubsystem")); + attrs.add(new LDAPAttribute("Host", (String) v_host.elementAt(0))); + attrs.add(new LDAPAttribute("SecurePort", (String) v_port.elementAt(0))); + attrs.add(new LDAPAttribute("Clone", (String) v_clone.elementAt(0))); + attrs.add(new LDAPAttribute("SubsystemName", (String) v_name.elementAt(0))); + attrs.add(new LDAPAttribute("cn", cn)); + attrs.add(new LDAPAttribute("DomainManager", "true")); + // Since the initial port separation feature didn't occur + // until an RHCS 7.3 errata, simply store the "SecurePort" + // value for BOTH the "SecureAgentPort" and the + // "SecureAdminPort", and DON'T store any values for the + // "UnSecurePort" + attrs.add(new LDAPAttribute("SecureAgentPort", (String) v_port.elementAt(0))); + attrs.add(new LDAPAttribute("SecureAdminPort", (String) v_port.elementAt(0))); + entry = new LDAPEntry(dn, attrs); + + try { + conn.add(entry); + } catch (LDAPException e) { + if (e.getLDAPResultCode() != 68) { + System.out.println("Unable to create entry " + dn + ": " + e.toString()); + } + } + } + } + cs.putString("securitydomain.store", "ldap"); + cs.commit(false); + System.out.println("MigrateSecurityDomain: Domain successfully migrated."); + } catch (Exception e) { + System.out.println("MigrateSecurityDomain: Migration failed. " + e.toString()); + } + System.exit(0); + } + +} diff --git a/base/migrate/80/readme b/base/migrate/80/readme new file mode 100644 index 000000000..50365c985 --- /dev/null +++ b/base/migrate/80/readme @@ -0,0 +1,29 @@ +Date + + Fri Oct 3 00:37:14 EDT 2008 + +Version + + CMS 8.0 + +Overview + + In CMS8.0, the security domain data has been migrated into the + internal LDAP database to allow easier replication of this data + when cloning. Prior to this release, this information was stored + in the domain.xml configuration file on the CA serving as the Domain + Master. + +Program + + MigrateSecurityDomain - This command will add the relevant schema and migrate + security domain data that resides in domain.xml into the internal database. + The program needs only two arguments - the location of the instance root directory + (like /var/lib/pki-ca) and the directory user's password. + +Example + + Here is an example of MigrateSecurityDomain usage +java -cp /usr/share/java/ldapjdk.jar:/usr/share/java/pki/cmscore.jar:/usr/share/java/pki/cmsutil.jar:/usr/share/java/pki/certsrv.jar:. MigrateSecurityDomain /var/lib/pki-ca mypassword + + diff --git a/base/migrate/80/schema-add.ldif b/base/migrate/80/schema-add.ldif new file mode 100644 index 000000000..fe6577e51 --- /dev/null +++ b/base/migrate/80/schema-add.ldif @@ -0,0 +1,50 @@ +dn: cn=schema +changetype: modify +add: attributeTypes +attributeTypes: ( Clone-oid NAME 'Clone' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: attributeTypes +attributeTypes: ( DomainManager-oid NAME 'DomainManager' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: attributeTypes +attributeTypes: ( SecurePort-oid NAME 'SecurePort' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: attributeTypes +attributeTypes: ( SecureAgentPort-oid NAME 'SecureAgentPort' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: attributeTypes +attributeTypes: ( SecureAdminPort-oid NAME 'SecureAdminPort' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: attributeTypes +attributeTypes: ( UnSecurePort-oid NAME 'UnSecurePort' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: attributeTypes +attributeTypes: ( SubsystemName-oid NAME 'SubsystemName' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: objectClasses +objectClasses: ( pkiSecurityDomain-oid NAME 'pkiSecurityDomain' DESC 'CMS defined class' SUP top STRUCTURAL MUST ( cn $ name ) X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: objectClasses +objectClasses: ( pkiSecurityGroup-oid NAME 'pkiSecurityGroup' DESC 'CMS defined class' SUP top STRUCTURAL MUST cn X-ORIGIN 'user defined' ) + +dn: cn=schema +changetype: modify +add: objectClasses +objectClasses: ( pkiSubsystem-oid NAME 'pkiSubsystem' DESC 'CMS defined class' SUP top STRUCTURAL MUST ( cn $ Host $ SecurePort $ SubsystemName $ Clone ) MAY ( DomainManager $ SecureAgentPort $ SecureAdminPort $ UnSecurePort ) X-ORIGIN 'user defined' ) + diff --git a/base/migrate/CMakeLists.txt b/base/migrate/CMakeLists.txt new file mode 100644 index 000000000..94cc990f6 --- /dev/null +++ b/base/migrate/CMakeLists.txt @@ -0,0 +1,36 @@ +project(migrate) + +set(INSTALL_DIRS + 41ToTxt + 42SP2ToTxt + 42ToTxt + 45ToTxt + 47ToTxt + 60ToTxt + 61ToTxt + 62ToTxt + 63ToTxt + 70ToTxt + 71ToTxt + 72ToTxt + 73ToTxt + 80 + TpsTo80 + TxtTo60 + TxtTo61 + TxtTo62 + TxtTo70 + TxtTo71 + TxtTo72 + TxtTo73 + TxtTo80 +) + +foreach(INSTALL_DIR ${INSTALL_DIRS}) + install( + DIRECTORY + ${INSTALL_DIR} + DESTINATION + ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/${INSTALL_DIR} + ) +endforeach(INSTALL_DIR ${INSTALL_DIRS}) diff --git a/base/migrate/LICENSE b/base/migrate/LICENSE new file mode 100644 index 000000000..e281f4362 --- /dev/null +++ b/base/migrate/LICENSE @@ -0,0 +1,291 @@ +This Program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published +by the Free Software Foundation; version 2 of the License. + +This Program is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +for more details. + +You should have received a copy of the GNU General Public License +along with this Program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. + + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. diff --git a/base/migrate/TpsTo80/Makefile b/base/migrate/TpsTo80/Makefile new file mode 100644 index 000000000..99c0d275c --- /dev/null +++ b/base/migrate/TpsTo80/Makefile @@ -0,0 +1,36 @@ +OS_ARCH := $(subst /,_,$(shell uname -s)) + +ifeq ($(OS_ARCH), Linux) + CC = gcc + CFLAGS = -g + LDFLAGS = -s -lldif60 -lplc4 -lplds4 -lnspr4 +else +ifeq ($(OS_ARCH), SunOS) + CC = cc + LINTFLAGS = -c + CFLAGS = -dalign -xO2 -xarch=v9 -DSOLARIS + INCLUDE_PATH = -I/usr/include/dirsec + LDFLAGS = -s -L/usr/lib/64 -lldif60 -L/usr/lib/64/dirsec -R/usr/lib/64/dirsec -lplc4 -lplds4 -lnspr4 +endif # SunOS +endif # Linux + +OBJS = migrateTPSData.o + +SRCS = migrateTPSData.c + +all: migrateTPSData + +$(OBJS): $(SRCS) + $(CC) $(CFLAGS) $(INCLUDE_PATH) -c $< \ + -o $*.o + +migrateTPSData: $(OBJS) + $(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS) + +lint: $(SRCS) + lint $(LINTFLAGS) $(CFLAGS) $(INCLUDE_PATH) $(SRCS) + +clean: + -rm migrateTPSData.ln + -rm migrateTPSData.o + -rm migrateTPSData diff --git a/base/migrate/TpsTo80/linux/migrateTPSData.i386 b/base/migrate/TpsTo80/linux/migrateTPSData.i386 Binary files differnew file mode 100755 index 000000000..9fd4b3906 --- /dev/null +++ b/base/migrate/TpsTo80/linux/migrateTPSData.i386 diff --git a/base/migrate/TpsTo80/linux/migrateTPSData.x86_64 b/base/migrate/TpsTo80/linux/migrateTPSData.x86_64 Binary files differnew file mode 100755 index 000000000..d89125c7e --- /dev/null +++ b/base/migrate/TpsTo80/linux/migrateTPSData.x86_64 diff --git a/base/migrate/TpsTo80/migrateTPSData.c b/base/migrate/TpsTo80/migrateTPSData.c new file mode 100644 index 000000000..a4cf340ab --- /dev/null +++ b/base/migrate/TpsTo80/migrateTPSData.c @@ -0,0 +1,501 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This library is free software; you can redistribute it and/or +// modify it under the terms of the GNU Lesser General Public +// License as published by the Free Software Foundation; +// version 2.1 of the License. +// +// This library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +// Lesser General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public +// License along with this library; if not, write to the Free Software +// Foundation, Inc., 51 Franklin Street, Fifth Floor, +// Boston, MA 02110-1301 USA +// +// Copyright (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +#include <sys/types.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#ifdef SOLARIS +#include <mozldap6/ldif.h> +#else +#include <mozldap/ldif.h> +#endif +#include <ctype.h> +#include <nspr4/nspr.h> +#include <nspr4/plstr.h> +#include <nspr4/plhash.h> +#include <nspr4/prmem.h> +#include <nspr4/prprf.h> +#include <nspr4/prsystem.h> +#include <errno.h> +#include <string.h> + +#define SHORT_LEN 512 +#define NO_TOKEN_TYPE "no_token_type" + +static PLHashTable *token_set; +static FILE *infile; +static FILE *outfile; + +/* hash functions */ +static PR_CALLBACK void* +_AllocTable(void* pool, PRSize size) +{ + return PR_MALLOC(size); +} + +static PR_CALLBACK void +_FreeTable(void* pool, void* item) +{ + PR_DELETE(item); +} + +static PR_CALLBACK PLHashEntry* +_AllocEntry(void* pool, const void* key) +{ + return PR_NEW(PLHashEntry); +} + +static PR_CALLBACK void +_FreeEntry(void* pool, PLHashEntry* he, PRUintn flag) +{ + if( he == NULL ) { + return; + } + + if (flag == HT_FREE_VALUE) { + if( he->value != NULL ) { + PL_strfree( ( char* ) he->value ); + he->value = NULL; + } + } else if (flag == HT_FREE_ENTRY) { + if( he->key != NULL ) { + PL_strfree( ( char* ) he->key ); + he->key = NULL; + } + if( he->value != NULL ) { + PL_strfree( ( char* ) he->value ); + he->value = NULL; + } + PR_DELETE(he); + } +} + +static PLHashAllocOps _AllocOps = { + _AllocTable, + _FreeTable, + _AllocEntry, + _FreeEntry +}; + +/* utility functions */ +#ifdef SOLARIS +void do_free(char * buf) +{ + if (buf != NULL) { + PR_Free(buf); + buf = NULL; + } +} +#else +inline void do_free(char * buf) +{ + if (buf != NULL) { + PR_Free(buf); + buf = NULL; + } +} +#endif + + + +char *get_field( char *s, char* fname, int len) +{ + char *end = NULL; + int n; + + if( ( s = PL_strstr( s, fname ) ) == NULL ) { + return NULL; + } + + s += strlen(fname); + end = PL_strchr( s, ' ' ); + + if( end != NULL ) { + n = end - s; + } else { + n = PL_strlen( s ); + } + + if (n == 0) { + return NULL; + } else if (n > len) { + /* string too long */ + return NULL; + } else { + return PL_strndup( s, n ); + } +} + +/* + * Read the ldif, munge the entry and write to output. + */ +int read_and_modify_ldif() { + // user changes + static char agent_entry[] = "dn: cn=TUS Agents,ou=Groups"; + static int agent_ent_len = sizeof(agent_entry)-1; + static char admin_entry[] = "dn: cn=TUS Adminstrators,ou=Groups"; + static int admin_ent_len = sizeof(admin_entry)-1; + static char operator_entry[] = "dn: cn=TUS Officers,ou=Groups"; + static int operator_ent_len = sizeof(operator_entry)-1; + static char user_entry[] = "ou=People"; + + // token changes + static char token_entry[] = "ou=Tokens"; + + // activity changes + static char activity_entry[] = "ou=Activities"; + + char *entry = 0; + int lineno = 0; + + while ((entry = ldif_get_entry(infile, &lineno))) { + char *begin = entry; + + if (!PL_strncasecmp(entry, agent_entry, agent_ent_len)) { + process_agent_entry(entry); + } else if (!PL_strncasecmp(entry, admin_entry, admin_ent_len)) { + process_admin_entry(entry); + } else if (!PL_strncasecmp(entry, operator_entry, operator_ent_len)) { + process_operator_entry(entry); + } else if (PL_strstr(entry, token_entry) != NULL) { + process_token_entry(entry); + } else if (PL_strstr(entry, activity_entry) != NULL) { + process_activity_entry(entry); + } else if ((PL_strstr(entry, user_entry) != NULL) && + (PL_strstr(entry, "objectClass: organizationalunit") == NULL)) { + process_user_entry(entry); + } else { + process_unchanged_entry(entry); + fprintf(outfile, "\n"); + } + free(begin); + } + return 0; +} + +/** + * read the file, parse the activity records + * record the tokenTypes found for later use + */ +int parse_ldif_activities() { + // activity changes + static char activity_entry[] = "ou=Activities"; + + char *entry = 0; + int lineno = 0; + + while ((entry = ldif_get_entry(infile, &lineno))) { + char *begin = entry; + if (PL_strstr(entry, activity_entry) != NULL) { + parse_activity_entry(entry); + } + free(begin); + } + return 0; +} + +int parse_activity_entry(char* entry) { + static char tokenMsg_attr[] = "tokenMsg"; + static char tokenid_attr[] = "tokenID"; + char *line = entry; + char *tokenType = NULL; + char *cuid = NULL; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + if (!PL_strncasecmp(type, tokenMsg_attr, SHORT_LEN)) { + tokenType = get_field(value, "tokenType=",SHORT_LEN); + } else if (!PL_strncasecmp(type, tokenid_attr, SHORT_LEN)) { + cuid = PL_strdup(value); + } + } + } + + if ((tokenType != NULL) && (cuid != NULL)) { + if ((char *) PL_HashTableLookupConst(token_set, cuid) == NULL) { + PL_HashTableAdd(token_set, PL_strdup(cuid), PL_strdup(tokenType)); + //printf("Adding entry: %s %s to hash\n", cuid, tokenType); + } + } + do_free(cuid); + do_free(tokenType); + return 0; +} + + + +/* change uniqueMember -> member */ +int process_agent_entry(char* entry) { + static char member_attr[] = "uniqueMember"; + + char *line = entry; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + if (!PL_strncasecmp(type, member_attr, SHORT_LEN)) { + fprintf(outfile, "member: %s\n", value); + } else if ((!PL_strncasecmp(type, "objectClass", SHORT_LEN)) && (!PL_strncasecmp(value, "groupOfUniqueNames", SHORT_LEN))) { + fprintf(outfile, "objectClass: groupOfNames\n"); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + } + } + } + fprintf(outfile, "\n"); + return 0; +} + +/* same as agent */ +int process_operator_entry(char* entry) { + return process_agent_entry(entry); +} + +/* change uniqueMember -> member + * change typo in dn + */ +int process_admin_entry(char* entry) { + static char member_attr[] = "uniqueMember"; + static char dn_attr[] = "dn"; + + char *line = entry; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s", entry); + } else { + if (!PL_strncasecmp(type, member_attr, SHORT_LEN)) { + fprintf(outfile, "member: %s\n", value); + } else if (!PL_strncasecmp(type, dn_attr, SHORT_LEN)) { + int rep_size = PL_strlen("cn=TUS Adminstrators,ou=Groups,"); + fprintf(outfile, "dn: cn=TUS Administrators,ou=Groups,%s\n", value + rep_size); + } else if ((!PL_strncasecmp(type, "objectClass", SHORT_LEN)) && (!PL_strncasecmp(value, "groupOfUniqueNames", SHORT_LEN))) { + fprintf(outfile, "objectClass: groupOfNames\n"); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + } + } + } + fprintf(outfile, "\n"); + return 0; +} + +int process_user_entry(char *entry) { + process_unchanged_entry(entry); + fprintf(outfile, "objectClass: tpsProfileId\n"); + fprintf(outfile, "profileID: All Profiles\n"); + fprintf(outfile, "\n"); + return 0; +} + +int process_unchanged_entry(char *entry) { + char *line = entry; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + } + } + return 0; +} + +int process_activity_entry(char *entry) { + static char tokenmsg_attr[] = "tokenMsg"; + static char tokenid_attr[] = "tokenID"; + char *line = entry; + char *tokenType = NULL; + char *cuid = NULL; + char *dn = NULL; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + + if (!PL_strncasecmp(type, tokenmsg_attr, SHORT_LEN)) { + tokenType = get_field(value, "tokenType=",SHORT_LEN); + if (tokenType != NULL) { + fprintf(outfile, "tokenType: %s\n", tokenType); + } + } else if (!PL_strncasecmp(type, tokenid_attr, SHORT_LEN)) { + cuid = PL_strdup(value); + } else if (!PL_strncasecmp(type, tokenid_attr, SHORT_LEN)) { + dn = PL_strdup(value); + } + } + } + + if ((tokenType == NULL) && (cuid!= NULL)) { + // check hash for a value + if (PL_HashTableLookupConst(token_set, cuid) != NULL) { + fprintf(outfile, "tokenType: %s\n", (char *) PL_HashTableLookupConst(token_set, cuid)); + } else { + fprintf(outfile, "tokenType: %s\n", NO_TOKEN_TYPE); + // log error here - unable to set token type using dn + } + } + fprintf(outfile, "\n"); + do_free(cuid); + do_free(dn); + do_free(tokenType); + + return 0; +} + +int process_token_entry(char* entry) { + static char cn_attr[] = "cn"; + static char dn_attr[] = "dn"; + char *line = entry; + char *tokenType = NULL; + char *dn = NULL; + while ((line = ldif_getline(&entry))) { + char *type, *value; + int vlen = 0; + int rc; + + if ( *line == '\n' || *line == '\0' ) { + break; + } + + /* this call modifies line */ + rc = ldif_parse_line(line, &type, &value, &vlen); + if (rc != 0) { + printf("Unknown error processing ldif entry: %s\n", entry); + } else { + fprintf(outfile, "%s", ldif_type_and_value(type, value, vlen)); + + if (!PL_strncasecmp(type, cn_attr, SHORT_LEN)) { + if (value != NULL) { + tokenType = (char *) PL_HashTableLookupConst(token_set, value); + } + if (tokenType != NULL) { + fprintf(outfile, "tokenType: %s\n", tokenType); + } else { + fprintf(outfile, "tokenType: %s\n", NO_TOKEN_TYPE); + } + } else if (!PL_strncasecmp(type, dn_attr, SHORT_LEN)) { + dn = PL_strdup(value); + } + } + } + if ((tokenType == NULL) && (dn != NULL)) { + //log the error + } + fprintf(outfile, "\n"); + do_free(dn); + return 0; +} + + +int main (int argc, char *argv[]) { + char *in_fname = NULL; + char *out_fname = NULL; + + if (argc < 3) { + printf ("Usage:\n %s infile outfile\n", argv[0]); + return 1; + } + + in_fname = argv[1]; + infile = fopen(in_fname, "r"); + if (infile == NULL) { + perror("Error opening input file"); + return 1; + } + + out_fname = argv[2]; + outfile = fopen(out_fname, "w"); + if (outfile == NULL) { + perror("Error opening output file"); + return 1; + } + + //declare hash + token_set = PL_NewHashTable(3, PL_HashString, + PL_CompareStrings, PL_CompareValues, + &_AllocOps, NULL); + + printf("Parsing LDIF file for Token Activities\n"); + parse_ldif_activities(); + rewind(infile); + + printf("Parsing old LDIF file, and creating new LDIF file\n\n"); + read_and_modify_ldif(); + + printf("Operation is complete.\nA new LDIF file has been written at %s, \n", out_fname); + printf("to be imported into the database of your new TPS. \nPlease attend to any errors reported.\n\n"); + + fclose(infile); + fclose(outfile); + return 0; +} + diff --git a/base/migrate/TpsTo80/readme b/base/migrate/TpsTo80/readme new file mode 100644 index 000000000..aa98de930 --- /dev/null +++ b/base/migrate/TpsTo80/readme @@ -0,0 +1,44 @@ +Date + + Tue May 12 14:37:14 EDT 2009 + +Version + + CMS 8.0 + +Overview + + In CMS8.0, the database schema for the TPS has changed. The following + changes were made: + 1. The objectclass of the LDAP groups TUS Administrators, TUS Agents and TUS Officers has been + changed from groupOfUniqueNames to groupOfNames. This also means that the attribute "uniqueMember" + must change to "member". + 2. The dn of the TUS Administrators group was originally misspelled. This has been fixed. + 3. A tokenType field has been added to the tokenRecord and tokenActivity tables. + 4. Users that have administrator, admin or officer access to the TUS are stored under ou=People, $basedn. + These users now require an auxilliary class tpsProfileId to be added, with the attribute profileID. + This multi-valued attribute profileID contains profiles for which this user has access in the TPS UI + pages. See the admin guide for more details. Because the previous versions of the TPS allowed + access to all profiles, a value for "All Profiles" will be added for all users by the migrateTpsData + program. If this is not desired, change the access of specific users using the UI. + +Program + + migrateTpsData(.x86_64 or .i386) will perform the above operations on an LDIF file and create a new + output LDIF file with the appropriate data to be imported into the new TPS instance. The input LDIF + file can be generated by running db2ldif on the old database for suffix containing the TPS data. + + The program requires two arguments - the location of the LDIF file containing a dump of the old data, + and the location of the output file. + + Any errors reported by the program should be investigated and fixed in the output LDIF file. Once + this file is corrected, it can be imported into the new TPS database. + + Note: This program should be run to migrate data into a configured TPS system. + +Example + + Here is an example of migrateTpsData usage + (for x86_64) + migrateTpsData.x86_64 old.ldif new.ldif + diff --git a/base/migrate/TpsTo80/solaris/migrateTPSData.sol9sparc b/base/migrate/TpsTo80/solaris/migrateTPSData.sol9sparc Binary files differnew file mode 100755 index 000000000..082201859 --- /dev/null +++ b/base/migrate/TpsTo80/solaris/migrateTPSData.sol9sparc diff --git a/base/migrate/TxtTo60/classes/CMS60LdifParser.class b/base/migrate/TxtTo60/classes/CMS60LdifParser.class Binary files differnew file mode 100644 index 000000000..e65aea96f --- /dev/null +++ b/base/migrate/TxtTo60/classes/CMS60LdifParser.class diff --git a/base/migrate/TxtTo60/classes/DummyAuthManager.class b/base/migrate/TxtTo60/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 000000000..c713d8604 --- /dev/null +++ b/base/migrate/TxtTo60/classes/DummyAuthManager.class diff --git a/base/migrate/TxtTo60/classes/Main.class b/base/migrate/TxtTo60/classes/Main.class Binary files differnew file mode 100644 index 000000000..5fa0c203e --- /dev/null +++ b/base/migrate/TxtTo60/classes/Main.class diff --git a/base/migrate/TxtTo60/run.bat b/base/migrate/TxtTo60/run.bat new file mode 100755 index 000000000..bd7d582ed --- /dev/null +++ b/base/migrate/TxtTo60/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CMS Version> ldif +REM text file (e. g. - created via a <Source CMS Version>ToTxt +REM script) into a CMS 6.0/6.01 ldif data file. +REM +REM This CMS 6.0/6.01 ldif data file can then be imported into the +REM internal database of the desired CMS 6.0/6.01 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms601 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\hotspot;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo60/run.sh b/base/migrate/TxtTo60/run.sh new file mode 100755 index 000000000..80856e207 --- /dev/null +++ b/base/migrate/TxtTo60/run.sh @@ -0,0 +1,193 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CMS Version> ldif ### +### text file (e. g. - created via a <Source CMS Version>ToTxt ### +### script) into a CMS 6.0/6.01 ldif data file. ### +### ### +### This CMS 6.0/6.01 ldif data file can then be imported into ### +### the internal database of the desired CMS 6.0/6.01 server ### +### using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms601 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jre/lib/i18n.jar Main $1 $2 + diff --git a/base/migrate/TxtTo60/src/Main.java b/base/migrate/TxtTo60/src/Main.java new file mode 100644 index 000000000..3c47d8ad7 --- /dev/null +++ b/base/migrate/TxtTo60/src/Main.java @@ -0,0 +1,630 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo60/src/Main.java" represents the initial CMS "TxtTo" migration file. +// +// Always comment any new code sections with a "CMS 6.0" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS60LdifParser parser = null; + if (args.length == 1) { + parser = new CMS60LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS60LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS60LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS60LdifParser(String filename) + { + mFilename = filename; + } + + public CMS60LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = null; + String type = null; + String value = null; + try { + name = attr.substring(0, colon); + type = attr.substring(colon+1, equal); + value = attr.substring(equal+1); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock")) { + com.netscape.certsrv.base.ArgBlock obj = + (com.netscape.certsrv.base.ArgBlock)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.math.BigInteger[")) { + // Bugzilla Bug #238779 + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions( + new DerInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + java.util.Hashtable obj = (java.util.Hashtable)table.get(name); + if (obj == null) { + obj = new java.util.Hashtable(); + table.put(name, obj); + } + BASE64Decoder decoder = new BASE64Decoder(); + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.put(valuekey, decoder.decodeBuffer(valuevalue)); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") + || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR KeyRecord type - " + attr); + System.exit(0); + } + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") + || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.cmscore.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.String[")) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.lang.String objs[] = (java.lang.String[])table.get(name); + if (objs == null) { + objs = new java.lang.String[size]; + table.put(name, objs); + } + objs[index] = new java.lang.String(value); + } else if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.cmscore.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.cmscore.kra.ProofOfArchival obj = + new com.netscape.cmscore.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/base/migrate/TxtTo60/src/compile.bat b/base/migrate/TxtTo60/src/compile.bat new file mode 100755 index 000000000..bc21bb20e --- /dev/null +++ b/base/migrate/TxtTo60/src/compile.bat @@ -0,0 +1,154 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo60/classes/Main.class", +REM "TxtTo60/classes/CMS60LdifParser.class", and +REM "TxtTo60/classes/DummyAuthManager.class" which are +REM used to create a CMS 6.0/6.01 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo60 +REM + +REM SET SERVER_ROOT=C:\cms601 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 6.0 NOTE: "WINNT" - 1.3.1_02 +REM +REM CMS 6.01 NOTE: "WINNT" - 1.3.1_02 +REM + +REM SET JDK_VERSION=CMS_6.01 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CMS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo60 - create "CMS60LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo60/src/compile.sh b/base/migrate/TxtTo60/src/compile.sh new file mode 100755 index 000000000..a15b6a670 --- /dev/null +++ b/base/migrate/TxtTo60/src/compile.sh @@ -0,0 +1,166 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo60/classes/Main.class", ### +### "TxtTo60/classes/CMS60LdifParser.class", and ### +### "TxtTo60/classes/DummyAuthManager.class" which are ### +### used to create a CMS 6.0/6.01 ldif data file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo60 +### + +#SERVER_ROOT=/export/home/migrate/cms601 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 6.0 NOTE: "HP-UX" - 1.3.1.02 +### "Linux" - 1.3.1_02 +### "SunOS" - 1.3.1_02 +### +### CMS 6.01 NOTE: "HP-UX" - 1.3.1.02 +### "Linux" - 1.4.0 +### "SunOS" - 1.3.1_02 +### + +#JDK_VERSION=CMS_6.01 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CMS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo60 - create "CMS60LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/TxtTo61/classes/CMS61LdifParser.class b/base/migrate/TxtTo61/classes/CMS61LdifParser.class Binary files differnew file mode 100644 index 000000000..03f2d90af --- /dev/null +++ b/base/migrate/TxtTo61/classes/CMS61LdifParser.class diff --git a/base/migrate/TxtTo61/classes/DummyAuthManager.class b/base/migrate/TxtTo61/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 000000000..8b2039e74 --- /dev/null +++ b/base/migrate/TxtTo61/classes/DummyAuthManager.class diff --git a/base/migrate/TxtTo61/classes/Main.class b/base/migrate/TxtTo61/classes/Main.class Binary files differnew file mode 100644 index 000000000..2f0c1663e --- /dev/null +++ b/base/migrate/TxtTo61/classes/Main.class diff --git a/base/migrate/TxtTo61/run.bat b/base/migrate/TxtTo61/run.bat new file mode 100755 index 000000000..a63296608 --- /dev/null +++ b/base/migrate/TxtTo61/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CMS Version> ldif +REM text file (e. g. - created via a <Source CMS Version>ToTxt +REM script) into a CMS 6.1 ldif data file. +REM +REM This CMS 6.1 ldif data file can then be imported into the +REM internal database of the desired CMS 6.1 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms61 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo61/run.sh b/base/migrate/TxtTo61/run.sh new file mode 100755 index 000000000..6ef1cae42 --- /dev/null +++ b/base/migrate/TxtTo61/run.sh @@ -0,0 +1,196 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CMS Version> ldif ### +### text file (e. g. - created via a <Source CMS Version>ToTxt ### +### script) into a CMS 6.1 ldif data file. ### +### ### +### This CMS 6.1 ldif data file can then be imported into the ### +### internal database of the desired CMS 6.1 server using a ### +### utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms61 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.1" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/TxtTo61/src/Main.java b/base/migrate/TxtTo61/src/Main.java new file mode 100644 index 000000000..8b95ccc97 --- /dev/null +++ b/base/migrate/TxtTo61/src/Main.java @@ -0,0 +1,644 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo61/src/Main.java" is based upon a copy "TxtTo60/src/Main.java". +// +// Always comment any new code sections with a "CMS 6.1" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo60/src/Main.java TxtTo61/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS61LdifParser parser = null; + if (args.length == 1) { + parser = new CMS61LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS61LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS61LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS61LdifParser(String filename) + { + mFilename = filename; + } + + public CMS61LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = null; + String type = null; + String value = null; + try { + name = attr.substring(0, colon); + type = attr.substring(colon+1, equal); + value = attr.substring(equal+1); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock") + || type.startsWith("com.netscape.cmscore.base.ArgBlock")) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock obj = + (com.netscape.cmscore.base.ArgBlock)table.get(name); + if (obj == null) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + obj = new com.netscape.cmscore.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.math.BigInteger[")) { + // Bugzilla Bug #238779 + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions( + new DerInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + java.util.Hashtable obj = (java.util.Hashtable)table.get(name); + if (obj == null) { + obj = new java.util.Hashtable(); + table.put(name, obj); + } + BASE64Decoder decoder = new BASE64Decoder(); + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.put(valuekey, decoder.decodeBuffer(valuevalue)); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") + || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR KeyRecord type - " + attr); + System.exit(0); + } + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") + || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.cmscore.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.String[")) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.lang.String objs[] = (java.lang.String[])table.get(name); + if (objs == null) { + objs = new java.lang.String[size]; + table.put(name, objs); + } + objs[index] = new java.lang.String(value); + } else if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertInfo[")) { + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.cmscore.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.cmscore.kra.ProofOfArchival obj = + new com.netscape.cmscore.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/base/migrate/TxtTo61/src/compile.bat b/base/migrate/TxtTo61/src/compile.bat new file mode 100755 index 000000000..8b2a3bff9 --- /dev/null +++ b/base/migrate/TxtTo61/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo61/classes/Main.class", +REM "TxtTo61/classes/CMS61LdifParser.class", and +REM "TxtTo61/classes/DummyAuthManager.class" which are +REM used to create a CMS 6.1 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo61 +REM + +REM SET SERVER_ROOT=C:\cms61 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 6.1 NOTE: "WINNT" - 1.4.0 +REM + +REM SET JDK_VERSION=CMS_6.1 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CMS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo61 - create "CMS61LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo61/src/compile.sh b/base/migrate/TxtTo61/src/compile.sh new file mode 100755 index 000000000..3ec4885c9 --- /dev/null +++ b/base/migrate/TxtTo61/src/compile.sh @@ -0,0 +1,162 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo61/classes/Main.class", ### +### "TxtTo61/classes/CMS61LdifParser.class", and ### +### "TxtTo61/classes/DummyAuthManager.class" which are ### +### used to create a CMS 6.1 ldif data file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo61 +### + +#SERVER_ROOT=/export/home/migrate/cms61 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 6.1 NOTE: "HP-UX" - 1.3.1.02 +### "Linux" - 1.3.1_02 +### "SunOS" - 1.3.1_02 +### + +#JDK_VERSION=CMS_6.1 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.1" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CMS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo61 - create "CMS61LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/TxtTo62/classes/CMS62LdifParser.class b/base/migrate/TxtTo62/classes/CMS62LdifParser.class Binary files differnew file mode 100644 index 000000000..ca25274a8 --- /dev/null +++ b/base/migrate/TxtTo62/classes/CMS62LdifParser.class diff --git a/base/migrate/TxtTo62/classes/DummyAuthManager.class b/base/migrate/TxtTo62/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 000000000..387cde908 --- /dev/null +++ b/base/migrate/TxtTo62/classes/DummyAuthManager.class diff --git a/base/migrate/TxtTo62/classes/Main.class b/base/migrate/TxtTo62/classes/Main.class Binary files differnew file mode 100644 index 000000000..e2e92309e --- /dev/null +++ b/base/migrate/TxtTo62/classes/Main.class diff --git a/base/migrate/TxtTo62/run.bat b/base/migrate/TxtTo62/run.bat new file mode 100755 index 000000000..1e342ed24 --- /dev/null +++ b/base/migrate/TxtTo62/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CMS Version> ldif +REM text file (e. g. - created via a <Source CMS Version>ToTxt +REM script) into a CMS 6.2 ldif data file. +REM +REM This CMS 6.2 ldif data file can then be imported into the +REM internal database of the desired CMS 6.2 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms62 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo62/run.sh b/base/migrate/TxtTo62/run.sh new file mode 100755 index 000000000..fdd6b2ee9 --- /dev/null +++ b/base/migrate/TxtTo62/run.sh @@ -0,0 +1,196 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CMS Version> ldif ### +### text file (e. g. - created via a <Source CMS Version>ToTxt ### +### script) into a CMS 6.2 ldif data file. ### +### ### +### This CMS 6.2 ldif data file can then be imported into the ### +### internal database of the desired CMS 6.2 server using a ### +### utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms62 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.2" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/TxtTo62/src/Main.java b/base/migrate/TxtTo62/src/Main.java new file mode 100644 index 000000000..da48981b7 --- /dev/null +++ b/base/migrate/TxtTo62/src/Main.java @@ -0,0 +1,655 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo62/src/Main.java" is based upon a copy "TxtTo61/src/Main.java". +// +// Always comment any new code sections with a "CMS 6.2" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo61/src/Main.java TxtTo62/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS62LdifParser parser = null; + if (args.length == 1) { + parser = new CMS62LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS62LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS62LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS62LdifParser(String filename) + { + mFilename = filename; + } + + public CMS62LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = null; + String type = null; + String value = null; + try { + name = attr.substring(0, colon); + type = attr.substring(colon+1, equal); + value = attr.substring(equal+1); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock") + || type.startsWith("com.netscape.cmscore.base.ArgBlock")) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock obj = + (com.netscape.cmscore.base.ArgBlock)table.get(name); + if (obj == null) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + obj = new com.netscape.cmscore.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.math.BigInteger[")) { + // Bugzilla Bug #238779 + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions(); + obj.decodeEx(new ByteArrayInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateExtensions" + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName(new DerInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateSubjectName" + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + java.util.Hashtable obj = (java.util.Hashtable)table.get(name); + if (obj == null) { + obj = new java.util.Hashtable(); + table.put(name, obj); + } + BASE64Decoder decoder = new BASE64Decoder(); + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.put(valuekey, decoder.decodeBuffer(valuevalue)); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") + || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR KeyRecord type - " + attr); + System.exit(0); + } + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") + || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.cmscore.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.String[")) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.lang.String objs[] = (java.lang.String[])table.get(name); + if (objs == null) { + objs = new java.lang.String[size]; + table.put(name, objs); + } + objs[index] = new java.lang.String(value); + } else if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("java.util.Locale")) { + // CMS 6.2: begin checking for new type + // "java.util.Locale" + table.put(name, Locale.getDefault()); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertInfo[") + || type.startsWith("netscape.security.extensions.CertInfo[")) { + // CMS 6.2: begin checking for additional new type + // "netscape.security.extensions.CertInfo[" + // + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.cmscore.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.cmscore.kra.ProofOfArchival obj = + new com.netscape.cmscore.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/base/migrate/TxtTo62/src/compile.bat b/base/migrate/TxtTo62/src/compile.bat new file mode 100755 index 000000000..063b8969f --- /dev/null +++ b/base/migrate/TxtTo62/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo62/classes/Main.class", +REM "TxtTo62/classes/CMS62LdifParser.class", and +REM "TxtTo62/classes/DummyAuthManager.class" which are +REM used to create a CMS 6.2 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo62 +REM + +REM SET SERVER_ROOT=C:\cms62 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 6.2 NOTE: "WINNT" - 1.4.0 +REM + +REM SET JDK_VERSION=CMS_6.2 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 6.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CMS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo62 - create "CMS62LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo62/src/compile.sh b/base/migrate/TxtTo62/src/compile.sh new file mode 100755 index 000000000..4ab44f966 --- /dev/null +++ b/base/migrate/TxtTo62/src/compile.sh @@ -0,0 +1,162 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo62/classes/Main.class", ### +### "TxtTo62/classes/CMS62LdifParser.class", and ### +### "TxtTo62/classes/DummyAuthManager.class" which are ### +### used to create a CMS 6.2 ldif data file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo62 +### + +#SERVER_ROOT=/export/home/migrate/cms62 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 6.2 NOTE: "HP-UX" - 1.4.0.00 +### "Linux" - 1.4.0 +### "SunOS" - 1.4.0 +### + +#JDK_VERSION=CMS_6.2 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 6.2" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CMS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo62 - create "CMS62LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/TxtTo70/classes/CMS70LdifParser.class b/base/migrate/TxtTo70/classes/CMS70LdifParser.class Binary files differnew file mode 100644 index 000000000..3f4ed9b52 --- /dev/null +++ b/base/migrate/TxtTo70/classes/CMS70LdifParser.class diff --git a/base/migrate/TxtTo70/classes/DummyAuthManager.class b/base/migrate/TxtTo70/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 000000000..387cde908 --- /dev/null +++ b/base/migrate/TxtTo70/classes/DummyAuthManager.class diff --git a/base/migrate/TxtTo70/classes/Main.class b/base/migrate/TxtTo70/classes/Main.class Binary files differnew file mode 100644 index 000000000..09498213f --- /dev/null +++ b/base/migrate/TxtTo70/classes/Main.class diff --git a/base/migrate/TxtTo70/run.bat b/base/migrate/TxtTo70/run.bat new file mode 100755 index 000000000..3e70ee8cd --- /dev/null +++ b/base/migrate/TxtTo70/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CMS Version> ldif +REM text file (e. g. - created via a <Source CMS Version>ToTxt +REM script) into a CMS 7.0 ldif data file. +REM +REM This CMS 7.0 ldif data file can then be imported into the +REM internal database of the desired CMS 7.0 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cms70 + + +REM +REM INSTANCE - if the CMS instance directory is called 'cert-ca', +REM set the CMS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CMS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 7.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CMS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CMS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CMS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CMS% ldif data file +REM into a normalized %CMS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo70/run.sh b/base/migrate/TxtTo70/run.sh new file mode 100755 index 000000000..c7e0a3140 --- /dev/null +++ b/base/migrate/TxtTo70/run.sh @@ -0,0 +1,196 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CMS Version> ldif ### +### text file (e. g. - created via a <Source CMS Version>ToTxt ### +### script) into a CMS 7.0 ldif data file. ### +### ### +### This CMS 7.0 ldif data file can then be imported into ### +### the internal database of the desired CMS 7.0 server ### +### using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cms70 +#export SERVER_ROOT + + +### +### INSTANCE - if the CMS instance directory is called 'cert-ca', +### set the CMS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CMS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 7.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CMS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CMS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CMS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CMS} ldif data file +### into a normalized ${CMS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/TxtTo70/src/Main.java b/base/migrate/TxtTo70/src/Main.java new file mode 100644 index 000000000..bcb1b5a15 --- /dev/null +++ b/base/migrate/TxtTo70/src/Main.java @@ -0,0 +1,655 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo70/src/Main.java" is based upon a copy "TxtTo62/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.0" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo62/src/Main.java TxtTo70/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS70LdifParser parser = null; + if (args.length == 1) { + parser = new CMS70LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS70LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS70LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS70LdifParser(String filename) + { + mFilename = filename; + } + + public CMS70LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = null; + String type = null; + String value = null; + try { + name = attr.substring(0, colon); + type = attr.substring(colon+1, equal); + value = attr.substring(equal+1); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock") + || type.startsWith("com.netscape.cmscore.base.ArgBlock")) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock obj = + (com.netscape.cmscore.base.ArgBlock)table.get(name); + if (obj == null) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + obj = new com.netscape.cmscore.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.math.BigInteger[")) { + // Bugzilla Bug #238779 + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions(); + obj.decodeEx(new ByteArrayInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateExtensions" + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName(new DerInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateSubjectName" + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + java.util.Hashtable obj = (java.util.Hashtable)table.get(name); + if (obj == null) { + obj = new java.util.Hashtable(); + table.put(name, obj); + } + BASE64Decoder decoder = new BASE64Decoder(); + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.put(valuekey, decoder.decodeBuffer(valuevalue)); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") + || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR KeyRecord type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.util.Locale")) { + // CMS 6.2: begin checking for new type + // "java.util.Locale" + table.put(name, Locale.getDefault()); + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") + || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.cmscore.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.String[")) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.lang.String objs[] = (java.lang.String[])table.get(name); + if (objs == null) { + objs = new java.lang.String[size]; + table.put(name, objs); + } + objs[index] = new java.lang.String(value); + } else if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertInfo[") + || type.startsWith("netscape.security.extensions.CertInfo[")) { + // CMS 6.2: begin checking for additional new type + // "netscape.security.extensions.CertInfo[" + // + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.cmscore.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.cmscore.kra.ProofOfArchival obj = + new com.netscape.cmscore.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/base/migrate/TxtTo70/src/compile.bat b/base/migrate/TxtTo70/src/compile.bat new file mode 100755 index 000000000..f4d496a42 --- /dev/null +++ b/base/migrate/TxtTo70/src/compile.bat @@ -0,0 +1,154 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo70/classes/Main.class", +REM "TxtTo70/classes/CMS70LdifParser.class", and +REM "TxtTo70/classes/DummyAuthManager.class" which are +REM used to create a CMS 7.0/7.01 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo70 +REM + +REM SET SERVER_ROOT=C:\cms701 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CMS +REM +REM CMS 7.0 NOTE: "WINNT" - 1.4.2 +REM +REM CMS 7.01 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CMS_7.01 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CMS="CMS 7.0" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CMS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo70 - create "CMS70LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo70/src/compile.sh b/base/migrate/TxtTo70/src/compile.sh new file mode 100755 index 000000000..11b1b6df8 --- /dev/null +++ b/base/migrate/TxtTo70/src/compile.sh @@ -0,0 +1,162 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo70/classes/Main.class", ### +### "TxtTo70/classes/CMS70LdifParser.class", and ### +### "TxtTo70/classes/DummyAuthManager.class" which are ### +### used to create a CMS 7.0 ldif data file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CMS <server_root> used to compile TxtTo70 +### + +#SERVER_ROOT=/export/home/migrate/cms70 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CMS +### +### CMS 7.0 NOTE: "HP-UX" - 1.4.0.00 +### "Linux" - 1.4.2 +### "SunOS" - 1.4.2 +### + +#JDK_VERSION=CMS_7.0 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CMS="CMS 7.0" +export CMS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CMS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo70 - create "CMS70LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/TxtTo71/classes/CMS71LdifParser.class b/base/migrate/TxtTo71/classes/CMS71LdifParser.class Binary files differnew file mode 100644 index 000000000..fb449c41f --- /dev/null +++ b/base/migrate/TxtTo71/classes/CMS71LdifParser.class diff --git a/base/migrate/TxtTo71/classes/DummyAuthManager.class b/base/migrate/TxtTo71/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 000000000..387cde908 --- /dev/null +++ b/base/migrate/TxtTo71/classes/DummyAuthManager.class diff --git a/base/migrate/TxtTo71/classes/Main.class b/base/migrate/TxtTo71/classes/Main.class Binary files differnew file mode 100644 index 000000000..8f02b13db --- /dev/null +++ b/base/migrate/TxtTo71/classes/Main.class diff --git a/base/migrate/TxtTo71/run.bat b/base/migrate/TxtTo71/run.bat new file mode 100755 index 000000000..1682bacbc --- /dev/null +++ b/base/migrate/TxtTo71/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CS Version> ldif +REM text file (e. g. - created via a <Source CS Version>ToTxt +REM script) into a CS 7.1 ldif data file. +REM +REM This CS 7.1 ldif data file can then be imported into the +REM internal database of the desired CS 7.1 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cs71 + + +REM +REM INSTANCE - if the CS instance directory is called 'cert-ca', +REM set the CS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CS% ldif data file +REM into a normalized %CS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo71/run.sh b/base/migrate/TxtTo71/run.sh new file mode 100755 index 000000000..04e8d4587 --- /dev/null +++ b/base/migrate/TxtTo71/run.sh @@ -0,0 +1,196 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CS Version> ldif ### +### text file (e. g. - created via a <Source CS Version>ToTxt ### +### script) into a CS 7.1 ldif data file. ### +### ### +### This CS 7.1 ldif data file can then be imported into ### +### the internal database of the desired CS 7.1 server ### +### using a utility such as ldif2db. ### +### ### +##################################################################### + + +### +### SERVER_ROOT - fully qualified path of the location of the server +### + +#SERVER_ROOT=/export/home/migrate/cs71 +#export SERVER_ROOT + + +### +### INSTANCE - if the CS instance directory is called 'cert-ca', +### set the CS instance to 'ca' +### +### NOTE: When a single SERVER_ROOT contains more than +### one CS instance, this script must be run multiple +### times. To do this, there is only a need to change +### the INSTANCE parameter. +### + +#INSTANCE=ca +#export INSTANCE + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.1" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${INSTANCE}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and INSTANCE " + echo " environment variables for this script!" + echo + exit 5 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 6 +fi + + +### +### Check that the specified INSTANCE exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}/cert-${INSTANCE}" ] ; then + echo "ERROR: Either the specified INSTANCE does not exist, " + echo " or it is not a directory!" + echo + exit 7 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${SERVER_ROOT}/bin/cert/jre/lib:${SERVER_ROOT}/bin/cert/jre/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Convert the specified ${CS} ldif data file +### into a normalized ${CS} ldif text file. +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +${SERVER_ROOT}/bin/cert/jre/bin/java -classpath ./classes:${SERVER_ROOT}/cert-${INSTANCE}/classes:${SERVER_ROOT}/bin/cert/classes:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar:${SERVER_ROOT}/bin/cert/jre/lib/rt.jar Main $1 $2 + diff --git a/base/migrate/TxtTo71/src/Main.java b/base/migrate/TxtTo71/src/Main.java new file mode 100644 index 000000000..7dcb13943 --- /dev/null +++ b/base/migrate/TxtTo71/src/Main.java @@ -0,0 +1,655 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo71/src/Main.java" is based upon a copy "TxtTo70/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.1" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo70/src/Main.java TxtTo71/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS71LdifParser parser = null; + if (args.length == 1) { + parser = new CMS71LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS71LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS71LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS71LdifParser(String filename) + { + mFilename = filename; + } + + public CMS71LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = null; + String type = null; + String value = null; + try { + name = attr.substring(0, colon); + type = attr.substring(colon+1, equal); + value = attr.substring(equal+1); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock") + || type.startsWith("com.netscape.cmscore.base.ArgBlock")) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock obj = + (com.netscape.cmscore.base.ArgBlock)table.get(name); + if (obj == null) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + obj = new com.netscape.cmscore.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.math.BigInteger[")) { + // Bugzilla Bug #238779 + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions(); + obj.decodeEx(new ByteArrayInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateExtensions" + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName(new DerInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateSubjectName" + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + java.util.Hashtable obj = (java.util.Hashtable)table.get(name); + if (obj == null) { + obj = new java.util.Hashtable(); + table.put(name, obj); + } + BASE64Decoder decoder = new BASE64Decoder(); + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.put(valuekey, decoder.decodeBuffer(valuevalue)); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") + || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR KeyRecord type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.util.Locale")) { + // CMS 6.2: begin checking for new type + // "java.util.Locale" + table.put(name, Locale.getDefault()); + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") + || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.cmscore.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.String[")) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.lang.String objs[] = (java.lang.String[])table.get(name); + if (objs == null) { + objs = new java.lang.String[size]; + table.put(name, objs); + } + objs[index] = new java.lang.String(value); + } else if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertInfo[") + || type.startsWith("netscape.security.extensions.CertInfo[")) { + // CMS 6.2: begin checking for additional new type + // "netscape.security.extensions.CertInfo[" + // + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.cmscore.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.cmscore.kra.ProofOfArchival obj = + new com.netscape.cmscore.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/base/migrate/TxtTo71/src/compile.bat b/base/migrate/TxtTo71/src/compile.bat new file mode 100755 index 000000000..d0a1be0b2 --- /dev/null +++ b/base/migrate/TxtTo71/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo71/classes/Main.class", +REM "TxtTo71/classes/CMS71LdifParser.class", and +REM "TxtTo71/classes/DummyAuthManager.class" which are +REM used to create a CS 7.1 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CS <server_root> used to compile TxtTo71 +REM + +REM SET SERVER_ROOT=C:\cs71 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CS +REM +REM CS 7.1 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CS_7.1 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.1" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo71 - create "CMS71LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo71/src/compile.sh b/base/migrate/TxtTo71/src/compile.sh new file mode 100755 index 000000000..397912a3f --- /dev/null +++ b/base/migrate/TxtTo71/src/compile.sh @@ -0,0 +1,162 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo71/classes/Main.class", ### +### "TxtTo71/classes/CMS71LdifParser.class", and ### +### "TxtTo71/classes/DummyAuthManager.class" which are ### +### used to create a CS 7.1 ldif data file. ### +### ### +##################################################################### + + +### +### Set SERVER_ROOT - identify the CS <server_root> used to compile TxtTo71 +### + +#SERVER_ROOT=/export/home/migrate/cs71 +#export SERVER_ROOT + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=SunOS +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CS +### +### CS 7.1 NOTE: "HP-UX" - 1.4.0.00 +### "Linux" - 1.4.2 +### "SunOS" - 1.4.2 +### + +#JDK_VERSION=CS_7.1 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.1" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${SERVER_ROOT}" -o -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified SERVER_ROOT exists and is a directory +### + +if [ ! -d "${SERVER_ROOT}" ] ; then + echo "ERROR: Either the specified SERVER_ROOT does not exist, " + echo " or it is not a directory!" + echo + exit 3 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=${SERVER_ROOT}/bin/cert/lib:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo71 - create "CMS71LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:${SERVER_ROOT}/bin/cert/jars/nsutil.jar:${SERVER_ROOT}/bin/cert/jars/certsrv.jar:${SERVER_ROOT}/bin/cert/jars/cmscore.jar:${SERVER_ROOT}/bin/cert/jars/jss3.jar Main.java + diff --git a/base/migrate/TxtTo72/classes/CMS72LdifParser.class b/base/migrate/TxtTo72/classes/CMS72LdifParser.class Binary files differnew file mode 100644 index 000000000..c3b8d5643 --- /dev/null +++ b/base/migrate/TxtTo72/classes/CMS72LdifParser.class diff --git a/base/migrate/TxtTo72/classes/DummyAuthManager.class b/base/migrate/TxtTo72/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 000000000..323081a39 --- /dev/null +++ b/base/migrate/TxtTo72/classes/DummyAuthManager.class diff --git a/base/migrate/TxtTo72/classes/Main.class b/base/migrate/TxtTo72/classes/Main.class Binary files differnew file mode 100644 index 000000000..2512afa7d --- /dev/null +++ b/base/migrate/TxtTo72/classes/Main.class diff --git a/base/migrate/TxtTo72/run.bat b/base/migrate/TxtTo72/run.bat new file mode 100755 index 000000000..852158747 --- /dev/null +++ b/base/migrate/TxtTo72/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CS Version> ldif +REM text file (e. g. - created via a <Source CS Version>ToTxt +REM script) into a CS 7.2 ldif data file. +REM +REM This CS 7.2 ldif data file can then be imported into the +REM internal database of the desired CS 7.2 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cs72 + + +REM +REM INSTANCE - if the CS instance directory is called 'cert-ca', +REM set the CS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CS% ldif data file +REM into a normalized %CS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo72/run.sh b/base/migrate/TxtTo72/run.sh new file mode 100755 index 000000000..972686e3b --- /dev/null +++ b/base/migrate/TxtTo72/run.sh @@ -0,0 +1,152 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CS Version> ldif ### +### text file (e. g. - created via a <Source CS Version>ToTxt ### +### script) into a CS 7.2 ldif data file. ### +### ### +### This CS 7.2 ldif data file can then be imported into ### +### the internal database of the desired CS 7.2 server ### +### using a utility such as ldif2db. ### +### ### +##################################################################### + +### +### Java Runtime Environment +### +JRE_ROOT=/usr/lib/jvm/jre-1.5.0 +export JRE_ROOT + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.2" +export CS + +OS_NAME=`uname` +export OS_NAME + +ARCH=`uname -i` +export ARCH + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + +### +### Setup the appropriate library path environment variable +### based upon the platform +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +CLASSPATH=/usr/share/rhpki/migrate/TxtTo72/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar +export CLASSPATH + +if [ ${OS_NAME} = "Linux" ] ; then + if [ ${ARCH} = "i386" ] ; then + LD_LIBRARY_PATH=/usr/lib/dirsec:/usr/lib:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + else # x86_64 + LD_LIBRARY_PATH=/usr/lib64/dirsec:/usr/lib64:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/TxtTo72/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib64/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH + fi +else # SunOS 64-bits + LD_LIBRARY_PATH=/usr/lib/sparcv9/dirsec:/usr/lib/sparcv9:${JRE_ROOT}/lib:${JRE_ROOT}/lib/sparc/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/TxtTo72/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/sparcv9/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH +fi + + +### +### Convert the specified ${CS} ldif data file +### into a normalized ${CS} ldif text file. +### + +${JRE_ROOT}/bin/java -classpath ${CLASSPATH} Main $1 $2 diff --git a/base/migrate/TxtTo72/src/Main.java b/base/migrate/TxtTo72/src/Main.java new file mode 100644 index 000000000..9b22cd84d --- /dev/null +++ b/base/migrate/TxtTo72/src/Main.java @@ -0,0 +1,659 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo71/src/Main.java" is based upon a copy "TxtTo70/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.1" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo70/src/Main.java TxtTo71/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS72LdifParser parser = null; + if (args.length == 1) { + parser = new CMS72LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS72LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS72LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS72LdifParser(String filename) + { + mFilename = filename; + } + + public CMS72LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = null; + String type = null; + String value = null; + try { + name = attr.substring(0, colon); + type = attr.substring(colon+1, equal); + value = attr.substring(equal+1); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock") + || type.startsWith("com.netscape.cmscore.base.ArgBlock")) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock obj = + (com.netscape.cmscore.base.ArgBlock)table.get(name); + if (obj == null) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + obj = new com.netscape.cmscore.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.math.BigInteger[")) { + // Bugzilla Bug #238779 + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions(); + obj.decodeEx(new ByteArrayInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateExtensions" + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName(new DerInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateSubjectName" + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + java.util.Hashtable obj = (java.util.Hashtable)table.get(name); + if (obj == null) { + obj = new java.util.Hashtable(); + table.put(name, obj); + } + BASE64Decoder decoder = new BASE64Decoder(); + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.put(valuekey, decoder.decodeBuffer(valuevalue)); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("org.mozilla.jss.asn1.INTEGER")) { + // CMS 7.1 stores bodyPartId as INTEGER + // CS 72. fixed the problem by storing it as String + table.put(name, value); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") + || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR KeyRecord type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.util.Locale")) { + // CMS 6.2: begin checking for new type + // "java.util.Locale" + table.put(name, Locale.getDefault()); + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") + || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.certsrv.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.String[")) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.lang.String objs[] = (java.lang.String[])table.get(name); + if (objs == null) { + objs = new java.lang.String[size]; + table.put(name, objs); + } + objs[index] = new java.lang.String(value); + } else if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertInfo[") + || type.startsWith("netscape.security.extensions.CertInfo[")) { + // CMS 6.2: begin checking for additional new type + // "netscape.security.extensions.CertInfo[" + // + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.certsrv.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.certsrv.kra.ProofOfArchival obj = + new com.netscape.certsrv.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/base/migrate/TxtTo72/src/compile.bat b/base/migrate/TxtTo72/src/compile.bat new file mode 100755 index 000000000..2c50e988e --- /dev/null +++ b/base/migrate/TxtTo72/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo72/classes/Main.class", +REM "TxtTo72/classes/CMS72LdifParser.class", and +REM "TxtTo72/classes/DummyAuthManager.class" which are +REM used to create a CS 7.2 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CS <server_root> used to compile TxtTo72 +REM + +REM SET SERVER_ROOT=C:\cs72 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CS +REM +REM CS 7.2 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CS_7.2 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.2" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo72 - create "CMS72LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo72/src/compile.sh b/base/migrate/TxtTo72/src/compile.sh new file mode 100755 index 000000000..ec0b466ba --- /dev/null +++ b/base/migrate/TxtTo72/src/compile.sh @@ -0,0 +1,141 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo72/classes/Main.class", ### +### "TxtTo72/classes/CMS72LdifParser.class", and ### +### "TxtTo72/classes/DummyAuthManager.class" which are ### +### used to create a CS 7.2 ldif data file. ### +### ### +##################################################################### + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +#JDK_PLATFORM=Linux +#export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CS +### +### CS 7.2 NOTE: "Linux" - 1.5.0 (IBM) +### "SunOS" - 1.5.0 +### + +#JDK_VERSION=CS_7.2.0 +#export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +#JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +#export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.2" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo72 - create "CMS72LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:/usr/share/java/rhpki/nsutil.jar:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/lib/java/rhpki/ca/ca.jar:/usr/lib/java/rhpki/tks/tks.jar:/usr/lib/java/rhpki/ocsp/ocsp.jar:/usr/lib/java/rhpki/kra/kra.jar:/usr/lib/java/dirsec/jss4.jar Main.java + diff --git a/base/migrate/TxtTo73/classes/CMS73LdifParser.class b/base/migrate/TxtTo73/classes/CMS73LdifParser.class Binary files differnew file mode 100644 index 000000000..03a09612d --- /dev/null +++ b/base/migrate/TxtTo73/classes/CMS73LdifParser.class diff --git a/base/migrate/TxtTo73/classes/DummyAuthManager.class b/base/migrate/TxtTo73/classes/DummyAuthManager.class Binary files differnew file mode 100644 index 000000000..323081a39 --- /dev/null +++ b/base/migrate/TxtTo73/classes/DummyAuthManager.class diff --git a/base/migrate/TxtTo73/classes/Main.class b/base/migrate/TxtTo73/classes/Main.class Binary files differnew file mode 100644 index 000000000..6609674ae --- /dev/null +++ b/base/migrate/TxtTo73/classes/Main.class diff --git a/base/migrate/TxtTo73/run.bat b/base/migrate/TxtTo73/run.bat new file mode 100755 index 000000000..9e3898a47 --- /dev/null +++ b/base/migrate/TxtTo73/run.bat @@ -0,0 +1,186 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM This program is free software; you can redistribute it and/or modify +REM it under the terms of the GNU General Public License as published by +REM the Free Software Foundation; version 2 of the License. +REM +REM This program is distributed in the hope that it will be useful, +REM but WITHOUT ANY WARRANTY; without even the implied warranty of +REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +REM GNU General Public License for more details. +REM +REM You should have received a copy of the GNU General Public License along +REM with this program; if not, write to the Free Software Foundation, Inc., +REM 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +REM +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script converts a normalized <Source CS Version> ldif +REM text file (e. g. - created via a <Source CS Version>ToTxt +REM script) into a CS 7.3 ldif data file. +REM +REM This CS 7.3 ldif data file can then be imported into the +REM internal database of the desired CS 7.3 server using a +REM utility such as ldif2db. +REM + + +SETLOCAL + + +REM +REM SERVER_ROOT - fully qualified path of the location of the server +REM + +REM SET SERVER_ROOT=C:\cs73 + + +REM +REM INSTANCE - if the CS instance directory is called 'cert-ca', +REM set the CS instance to 'ca' +REM +REM NOTE: When a single SERVER_ROOT contains more than +REM one CS instance, this script must be run multiple +REM times. To do this, there is only a need to change +REM the INSTANCE parameter. +REM + +REM SET INSTANCE=ca + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO USAGE +IF "%3" == "" GOTO CHECK_INPUT_FILE + + +:USAGE +ECHO. +ECHO Usage: "%0 input [errors] > output" +ECHO. +ECHO where: input - the specified %CS% ldif data file, +ECHO errors - an optional errors file containing +ECHO skipped attributes, and +ECHO output - the normalized %CS% ldif text file. +ECHO. +ECHO NOTE: If no redirection is provided to +ECHO 'output', then the normalized +ECHO %CS% ldif text will merely +ECHO be echoed to stdout. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified "input" file exists +REM + +:CHECK_INPUT_FILE +IF EXIST %1 GOTO CHECK_ERRORS_FILE + + +ECHO ERROR: The specified input file, %1, does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM If an "errors" file is specified, then check that it does not already +REM exist. +REM + +:CHECK_ERRORS_FILE +IF "%2" == "" GOTO CHECK_ENVIRONMENT_VARIABLES +IF EXIST %2 GOTO ERRORS_FILE_ERROR +GOTO CHECK_ENVIRONMENT_VARIABLES + + +:ERRORS_FILE_ERROR +ECHO ERROR: The specified errors file, %2, already exists! +ECHO Please specify a different file! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%INSTANCE%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and INSTANCE +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_INSTANCE + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified INSTANCE exists +REM + +:CHECK_INSTANCE +IF EXIST %SERVER_ROOT%\cert-%INSTANCE% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified INSTANCE does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%SERVER_ROOT%\bin\cert\jre\bin;%SERVER_ROOT\bin\cert\jre\bin\server;%PATH% + + +REM +REM Convert the specified %CS% ldif data file +REM into a normalized %CS% ldif text file. +REM + +%SERVER_ROOT%\bin\cert\jre\bin\java.exe -classpath .\classes;%SERVER_ROOT%\cert-%INSTANCE%\classes;%SERVER_ROOT%\bin\cert\classes;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar;%SERVER_ROOT%\bin\cert\jre\lib\rt.jar Main %1 %2 + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo73/run.sh b/base/migrate/TxtTo73/run.sh new file mode 100755 index 000000000..52469acca --- /dev/null +++ b/base/migrate/TxtTo73/run.sh @@ -0,0 +1,152 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CS Version> ldif ### +### text file (e. g. - created via a <Source CS Version>ToTxt ### +### script) into a CS 7.3 ldif data file. ### +### ### +### This CS 7.3 ldif data file can then be imported into ### +### the internal database of the desired CS 7.3 server ### +### using a utility such as ldif2db. ### +### ### +##################################################################### + +### +### Java Runtime Environment +### +JRE_ROOT=/usr/lib/jvm/jre-1.5.0 +export JRE_ROOT + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.3" +export CS + +OS_NAME=`uname` +export OS_NAME + +ARCH=`uname -i` +export ARCH + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - the specified ${CS} ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the normalized ${CS} ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the normalized" + echo " ${CS} ldif text will merely" + echo " be echoed to stdout." + echo + exit 1 +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + exit 2 +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + exit 3 +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + exit 4 + fi +fi + +### +### Setup the appropriate library path environment variable +### based upon the platform +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +CLASSPATH=/usr/share/rhpki/migrate/TxtTo73/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar +export CLASSPATH + +if [ ${OS_NAME} = "Linux" ] ; then + if [ ${ARCH} = "i386" ] ; then + LD_LIBRARY_PATH=/usr/lib/dirsec:/usr/lib:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + else # x86_64 + LD_LIBRARY_PATH=/usr/lib64/dirsec:/usr/lib64:${JRE_ROOT}/lib:${JRE_ROOT}/lib/i386/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/TxtTo73/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib64/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH + fi +else # SunOS 64-bits + LD_LIBRARY_PATH=/usr/lib/sparcv9/dirsec:/usr/lib/sparcv9:${JRE_ROOT}/lib:${JRE_ROOT}/lib/sparc/native_threads + export LD_LIBRARY_PATH + CLASSPATH=/usr/share/rhpki/migrate/TxtTo73/classes:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/share/java/rhpki/nsutil.jar:/usr/lib/sparcv9/java/dirsec/jss4.jar:${JRE_ROOT}/lib/rt.jar + export CLASSPATH +fi + + +### +### Convert the specified ${CS} ldif data file +### into a normalized ${CS} ldif text file. +### + +${JRE_ROOT}/bin/java -classpath ${CLASSPATH} Main $1 $2 diff --git a/base/migrate/TxtTo73/src/Main.java b/base/migrate/TxtTo73/src/Main.java new file mode 100644 index 000000000..4ffe0c120 --- /dev/null +++ b/base/migrate/TxtTo73/src/Main.java @@ -0,0 +1,659 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo71/src/Main.java" is based upon a copy "TxtTo70/src/Main.java". +// +// Always comment any new code sections with a "CMS 7.1" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo70/src/Main.java TxtTo71/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import sun.misc.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CMS73LdifParser parser = null; + if (args.length == 1) { + parser = new CMS73LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CMS73LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CMS73LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CMS 4.7 and later use "requestAttributes" + private static final String REQUEST_ATTRIBUTES = + "requestAttributes::"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CMS73LdifParser(String filename) + { + mFilename = filename; + } + + public CMS73LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + System.out.println(line); + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // begining of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + private byte[] encode(Object value) throws Exception + { + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + + os.writeObject(value); + os.close(); + return bos.toByteArray(); + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + Hashtable hashtable = new Hashtable(); + for (int i = 0; i < attrs.size(); i++) { + String attr = (String)attrs.elementAt(i); + buildHashtable(dn, hashtable, attr); + } + + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream os = new ObjectOutputStream(bos); + Enumeration e = hashtable.keys(); + while (e.hasMoreElements()) { + String key = (String)e.nextElement(); + Object value = hashtable.get(key); + + try { + byte data[] = null; + data = encode(value); + os.writeObject(key); + os.writeObject(data); + } catch (Exception ex) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + key); + } + } + } // while + os.writeObject(null); + os.close(); + + // print the BASE64 encoding of the Hashtable + BASE64Encoder encoder = new BASE64Encoder(); + String attrsStr = encoder.encodeBuffer(bos.toByteArray()); + // trim the last "\n" + StringBuffer buffer = null; + attrsStr = attrsStr.trim(); + StringTokenizer st = new StringTokenizer(attrsStr, "\r\n"); + while (st.hasMoreTokens()) { + if (buffer == null) { + buffer = new StringBuffer(); + buffer.append(st.nextToken()); + } else { + buffer.append("\r\n " + st.nextToken()); + } + } + + System.out.println(REQUEST_ATTRIBUTES + " " + buffer); + } + + public void buildHashtable(String dn, Hashtable table, String attr) + throws Exception + { + // attribute format [name]:[type]=[value] + + int colon = attr.indexOf(':'); + if (colon == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + int equal = attr.indexOf('='); + if (equal == -1) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + String name = null; + String type = null; + String value = null; + try { + name = attr.substring(0, colon); + type = attr.substring(colon+1, equal); + value = attr.substring(equal+1); + } catch (Exception e) { + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + if (name.startsWith("serviceErrors")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + if (name.startsWith("Error")) { + // #56953 - skip serviceErrors + if (mErrorPrintWriter != null) { + if (dn != null) { + mErrorPrintWriter.println(dn); + } + mErrorPrintWriter.println("Skipped " + attr); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if (type.startsWith("com.netscape.certsrv.request.AgentApprovals")) { + com.netscape.certsrv.request.AgentApprovals obj = + (com.netscape.certsrv.request.AgentApprovals)table.get(name); + if (obj == null) { + obj = new com.netscape.certsrv.request.AgentApprovals(); + table.put(name, obj); + } + obj.addApproval(value.substring(0,value.indexOf(';'))); + } else if (type.startsWith("com.netscape.certsrv.base.ArgBlock") + || type.startsWith("com.netscape.cmscore.base.ArgBlock")) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + com.netscape.cmscore.base.ArgBlock obj = + (com.netscape.cmscore.base.ArgBlock)table.get(name); + if (obj == null) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + obj = new com.netscape.cmscore.base.ArgBlock(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.set(valuekey, valuevalue); + } else if (type.startsWith("com.netscape.certsrv.authentication.AuthToken")) { + com.netscape.certsrv.authentication.AuthToken obj = + (com.netscape.certsrv.authentication.AuthToken)table.get(name); + if (obj == null) { + com.netscape.certsrv.authentication.IAuthManager mgr = + new DummyAuthManager(); + obj = new com.netscape.certsrv.authentication.AuthToken(mgr); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else { + System.err.println("ERROR AuthToken type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.math.BigInteger[")) { + // Bugzilla Bug #238779 + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.math.BigInteger objs[] = (java.math.BigInteger[])table.get(name); + if (objs == null) { + objs = new java.math.BigInteger[size]; + table.put(name, objs); + } + objs[index] = new java.math.BigInteger(value); + } else if (type.startsWith("java.math.BigInteger")) { + table.put(name, new java.math.BigInteger(value)); + } else if (type.startsWith("byte[]")) { + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("byte[")) { + // byte array + BASE64Decoder decoder = new BASE64Decoder(); + table.put(name, decoder.decodeBuffer(value)); + } else if (type.startsWith("netscape.security.x509.CertificateAlgorithmId")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateAlgorithmId obj = + new netscape.security.x509.CertificateAlgorithmId(new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateChain")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateChain obj = + new netscape.security.x509.CertificateChain(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateExtensions")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateExtensions obj = + new netscape.security.x509.CertificateExtensions(); + obj.decodeEx(new ByteArrayInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateExtensions" + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateSubjectName")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateSubjectName obj = + new netscape.security.x509.CertificateSubjectName(new DerInputStream(decoder.decodeBuffer(value))); + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateSubjectName" + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.CertificateValidity")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateValidity obj = + new netscape.security.x509.CertificateValidity(); + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + obj.decode(bis); + table.put(name, obj); + } else if (type.equals("netscape.security.x509.CertificateX509Key")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.CertificateX509Key obj = + new netscape.security.x509.CertificateX509Key( + new ByteArrayInputStream(decoder.decodeBuffer(value))); + table.put(name, obj); + } else if (type.startsWith("com.netscape.certsrv.cert.CertInfo")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.extensions.CertInfo objs[] = (netscape.security.extensions.CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.extensions.CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.extensions.CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + java.util.Hashtable obj = (java.util.Hashtable)table.get(name); + if (obj == null) { + obj = new java.util.Hashtable(); + table.put(name, obj); + } + BASE64Decoder decoder = new BASE64Decoder(); + String valuekey = value.substring(0, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + obj.put(valuekey, decoder.decodeBuffer(valuevalue)); + } else if (type.startsWith("Integer[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + Integer objs[] = (Integer[])table.get(name); + if (objs == null) { + objs = new Integer[size]; + table.put(name, objs); + } + objs[index] = new Integer(value); + } else if (type.startsWith("java.lang.Integer")) { + table.put(name, new Integer(value)); + } else if (type.startsWith("org.mozilla.jss.asn1.INTEGER")) { + // CMS 7.1 stores bodyPartId as INTEGER + // CS 72. fixed the problem by storing it as String + table.put(name, value); + } else if (type.startsWith("com.netscape.certsrv.dbs.keydb.KeyRecord") + || type.startsWith("com.netscape.cmscore.dbs.KeyRecord")) { + com.netscape.cmscore.dbs.KeyRecord obj = + (com.netscape.cmscore.dbs.KeyRecord)table.get(name); + if (obj == null) { + obj = new com.netscape.cmscore.dbs.KeyRecord(); + table.put(name, obj); + } + String valuekey = value.substring(0, value.indexOf(':')); + String valuetype = value.substring(value.indexOf(':')+1, value.indexOf('=')); + String valuevalue = value.substring(value.indexOf('=')+1); + if (valuetype.equals("java.lang.String")) { + obj.set(valuekey, valuevalue); + } else if (valuetype.equals("java.util.Date")) { + obj.set(valuekey, new Date(Long.parseLong(valuevalue))); + } else if (valuetype.equals("java.math.BigInteger")) { + obj.set(valuekey, new java.math.BigInteger(valuevalue)); + } else if (valuetype.equals("java.lang.Integer")) { + obj.set(valuekey, new Integer(valuevalue)); + } else if (valuetype.equals("com.netscape.certsrv.dbs.keydb.KeyState")) { + obj.set(valuekey, com.netscape.certsrv.dbs.keydb.KeyState.toKeyState(valuevalue)); + } else if (valuetype.equals("[B")) { + // byte array + + BASE64Decoder decoder = new BASE64Decoder(); + obj.set(valuekey, decoder.decodeBuffer(valuevalue)); + } else { + System.err.println("ERROR KeyRecord type - " + attr); + System.exit(0); + } + } else if (type.startsWith("java.util.Locale")) { + // CMS 6.2: begin checking for new type + // "java.util.Locale" + table.put(name, Locale.getDefault()); + } else if (type.startsWith("com.netscape.certsrv.kra.ProofOfArchival") + || type.startsWith("com.netscape.cmscore.kra.ProofOfArchival")) { + BASE64Decoder decoder = new BASE64Decoder(); + + ByteArrayInputStream bis = new ByteArrayInputStream(decoder.decodeBuffer(value)); + com.netscape.certsrv.kra.ProofOfArchival obj = + buildPOA(decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.RevokedCertImpl")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.RevokedCertImpl objs[] = (netscape.security.x509.RevokedCertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.RevokedCertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.RevokedCertImpl(decoder.decodeBuffer(value)); + } else if (type.startsWith("java.lang.String[")) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + java.lang.String objs[] = (java.lang.String[])table.get(name); + if (objs == null) { + objs = new java.lang.String[size]; + table.put(name, objs); + } + objs[index] = new java.lang.String(value); + } else if (type.startsWith("java.lang.String")) { + table.put(name, value); + } else if (type.startsWith("java.util.Vector")) { + Vector obj = + (Vector)table.get(name); + if (obj == null) { + obj = new Vector(); + table.put(name, obj); + } + obj.addElement(value); + } else if (type.startsWith("netscape.security.x509.X509CertImpl[")) { + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertImpl objs[] = (netscape.security.x509.X509CertImpl[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertImpl[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertImpl(decoder.decodeBuffer(value)); + } else if (type.equals("netscape.security.x509.X509CertImpl")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertImpl obj = + new netscape.security.x509.X509CertImpl( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if (type.startsWith("netscape.security.x509.X509CertInfo[") + || type.startsWith("netscape.security.extensions.CertInfo[")) { + // CMS 6.2: begin checking for additional new type + // "netscape.security.extensions.CertInfo[" + // + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + int size = Integer.parseInt(type.substring(type.indexOf('[')+ 1, type.indexOf(','))); + int index = Integer.parseInt(type.substring(type.indexOf(',')+1, type.indexOf(']'))); + netscape.security.x509.X509CertInfo objs[] = (netscape.security.x509.X509CertInfo[])table.get(name); + BASE64Decoder decoder = new BASE64Decoder(); + if (objs == null) { + objs = new netscape.security.x509.X509CertInfo[size]; + table.put(name, objs); + } + objs[index] = new netscape.security.x509.X509CertInfo(); + objs[index].decode(new ByteArrayInputStream(decoder.decodeBuffer(value))); + } else if (type.equals("netscape.security.x509.X509CertInfo")) { + BASE64Decoder decoder = new BASE64Decoder(); + netscape.security.x509.X509CertInfo obj = + new netscape.security.x509.X509CertInfo( + decoder.decodeBuffer(value)); + table.put(name, obj); + } else if( type.endsWith( "Exception" ) ) { + Class[] argClass = { String.class }; // the argument's class + Object[] argValue = { value }; // the argument's value + + Class x = Class.forName( type ); + Constructor ctr = x.getConstructor( argClass ); + Exception e = ( Exception ) ctr.newInstance( argValue ); + } else { + System.err.println("ERROR type - " + type + " - "+ attr); + System.exit(0); + } + } + + public com.netscape.certsrv.kra.ProofOfArchival buildPOA(byte data[]) + throws Exception + { + DerInputStream dis = new DerInputStream(data); + DerValue seq[] = dis.getSequence(0); + + BigInteger mSerialNo = seq[0].getInteger().toBigInteger(); + + // subject + DerValue subject = seq[1]; + netscape.security.x509.X500Name mSubject = + new netscape.security.x509.X500Name(subject.toByteArray()); + + // issuer + DerValue issuer = seq[2]; + netscape.security.x509.X500Name mIssuer = + new netscape.security.x509.X500Name(issuer.toByteArray()); + + // date of archival + DerInputStream dateOfArchival = new DerInputStream(seq[3].toByteArray()); + Date mDateOfArchival = dateOfArchival.getUTCTime(); + com.netscape.certsrv.kra.ProofOfArchival obj = + new com.netscape.certsrv.kra.ProofOfArchival(mSerialNo, + mSubject.toString(), mIssuer.toString(), mDateOfArchival); + return obj; + } +} + +class DummyAuthManager implements com.netscape.certsrv.authentication.IAuthManager +{ + public String getName() + { + return "dummy"; + } + + public String getImplName() + { + return "dummy"; + } + + public IAuthToken authenticate(IAuthCredentials authCred) + throws EMissingCredential, EInvalidCredentials, EBaseException + { + return null; + } + + /** + * Initialize this authentication manager. + * @param name The name of this authentication manager instance. + * @param implName The name of the authentication manager plugin. + * @param config The configuration store for this authentication manager. + * @exception EBaseException If an initialization error occurred. + */ + public void init(String name, String implName, IConfigStore config) + throws EBaseException + { + } + + public void shutdown() + { + } + + public String[] getRequiredCreds() + { + return null; + } + + /** + * Get configuration parameters for this implementation. + * The configuration parameters returned is passed to the + * configuration console so configuration for instances of this + * implementation can be made through the console. + * + * @param implName The authentication manager plugin name. + * @exception EBaseException If an internal error occurred + */ + public String[] getConfigParams() + throws EBaseException + { + return null; + } + + /** + * Get the configuration store for this authentication manager. + * @return The configuration store of this authentication manager. + */ + public IConfigStore getConfigStore() + { + return null; + } +} + diff --git a/base/migrate/TxtTo73/src/compile.bat b/base/migrate/TxtTo73/src/compile.bat new file mode 100755 index 000000000..db46fa019 --- /dev/null +++ b/base/migrate/TxtTo73/src/compile.bat @@ -0,0 +1,152 @@ +@ECHO OFF +REM --- BEGIN COPYRIGHT BLOCK --- +REM Copyright (C) 2007 Red Hat, Inc. +REM All rights reserved. +REM --- END COPYRIGHT BLOCK --- + +REM +REM This script creates the "TxtTo73/classes/Main.class", +REM "TxtTo73/classes/CMS73LdifParser.class", and +REM "TxtTo73/classes/DummyAuthManager.class" which are +REM used to create a CS 7.3 ldif data file. +REM + + +SETLOCAL + + +REM +REM Set SERVER_ROOT - identify the CS <server_root> used to compile TxtTo73 +REM + +REM SET SERVER_ROOT=C:\cs73 + + +REM +REM Set JDK_VERSION - specify the JDK version used by this version of CS +REM +REM CS 7.3 NOTE: "WINNT" - 1.4.2 +REM + +REM SET JDK_VERSION=CS_7.3 + + +REM +REM Set JAVA_HOME - specify the complete path to the JDK +REM +REM example: \\bermuda.redhat.com\sbc mounted as Y: +REM + +REM SET JAVA_HOME=Y:\cms_jdk\WINNT\%JDK_VERSION% + + +REM +REM *** DON'T CHANGE ANYTHING BELOW THIS LINE *** +REM + + +REM +REM Script-defined constants +REM + +SET CS="CS 7.3" + + +REM +REM Perform a usage check for the appropriate number of arguments: +REM + +IF "%1" == "" GOTO CHECK_ENVIRONMENT_VARIABLES + + +:USAGE +ECHO. +ECHO Usage: "%0" +ECHO. +ECHO NOTE: No arguments are required to build the +ECHO %CS% ldif data classes. +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check presence of user-defined variables +REM + +:CHECK_ENVIRONMENT_VARIABLES +IF !%SERVER_ROOT%==! GOTO ENVIRONMENT_VARIABLES_ERROR +IF !%JAVA_HOME%==! GOTO ENVIRONMENT_VARIABLES_ERROR +GOTO CHECK_SERVER_ROOT + + +:ENVIRONMENT_VARIABLES_ERROR +ECHO ERROR: Please specify the SERVER_ROOT and JAVA_HOME +ECHO environment variables for this script! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified SERVER_ROOT exists +REM + +:CHECK_SERVER_ROOT +IF EXIST %SERVER_ROOT% GOTO CHECK_JAVA_HOME + + +ECHO ERROR: The specified SERVER_ROOT does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Check that the specified JAVA_HOME exists +REM + +:CHECK_JAVA_HOME +IF EXIST %JAVA_HOME% GOTO SET_LIBRARY_PATH + + +ECHO ERROR: The specified JAVA_HOME does not exist! +ECHO. +GOTO EXIT_PROCESS + + +REM +REM Setup the appropriate library path environment variable +REM based upon the platform (WINNT) +REM + +:SET_LIBRARY_PATH +SET PATH=%SERVER_ROOT%\bin\cert\lib;%JAVA_HOME%\bin;%JAVA_HOME%\lib;%PATH% + + +REM +REM Set TARGET - identify the complete path to the new classes target directory +REM + +SET TARGET=..\classes + + +REM +REM Create the new classes target directory (if it does not already exist) +REM + +IF EXIST %TARGET% goto COMPILE_CLASSES +MKDIR %TARGET% + + +REM +REM Compile TxtTo73 - create "CMS73LdifParser.class", "DummyAuthManager.class", +REM and "Main.class" +REM + +:COMPILE_CLASSES +%JAVA_HOME%\bin\javac.exe -d %TARGET% -classpath %JAVA_HOME%\jre\lib\rt.jar;%SERVER_ROOT%\bin\cert\jars\nsutil.jar;%SERVER_ROOT%\bin\cert\jars\certsrv.jar;%SERVER_ROOT%\bin\cert\jars\cmscore.jar;%SERVER_ROOT%\bin\cert\jars\jss3.jar Main.java + + +:EXIT_PROCESS + + +ENDLOCAL + diff --git a/base/migrate/TxtTo73/src/compile.sh b/base/migrate/TxtTo73/src/compile.sh new file mode 100755 index 000000000..a8230e673 --- /dev/null +++ b/base/migrate/TxtTo73/src/compile.sh @@ -0,0 +1,141 @@ +#!/bin/sh +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +##################################################################### +### ### +### This script creates the "TxtTo73/classes/Main.class", ### +### "TxtTo73/classes/CMS73LdifParser.class", and ### +### "TxtTo73/classes/DummyAuthManager.class" which are ### +### used to create a CS 7.3 ldif data file. ### +### ### +##################################################################### + + +### +### Set JDK_PLATFORM - must be "HP-UX", "Linux", or "SunOS" +### + +JDK_PLATFORM=Linux +export JDK_PLATFORM + + +### +### Set JDK_VERSION - specify the JDK version used by this version of CS +### +### CS 7.3 NOTE: "Linux" - 1.5.0 (IBM) +### "SunOS" - 1.5.0 +### + +JDK_VERSION=PKI_7.3.0 +export JDK_VERSION + + +### +### Set JAVA_HOME - specify the complete path to the JDK +### + +JAVA_HOME=/share/builds/components/cms_jdk/${JDK_PLATFORM}/${JDK_VERSION} +export JAVA_HOME + + +############################################################################ +### ### +### *** DON'T CHANGE ANYTHING BELOW THIS LINE *** ### +### ### +############################################################################ + + +### +### Script-defined constants +### + +CS="CS 7.3" +export CS + + +OS_NAME=`uname` +export OS_NAME + + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " ${CS} ldif data classes." + echo + exit 1 +fi + + +### +### Check presence of user-defined variables +### + +if [ -z "${JAVA_HOME}" ] ; then + echo "ERROR: Please specify the SERVER_ROOT and JAVA_HOME " + echo " environment variables for this script!" + echo + exit 2 +fi + + +### +### Check that the specified JAVA_HOME exists and is a directory +### + +if [ ! -d "${JAVA_HOME}" ] ; then + echo "ERROR: Either the specified JAVA_HOME does not exist, " + echo " or it is not a directory!" + echo + exit 4 +fi + + +### +### Setup the appropriate library path environment variable +### based upon the platform +### + +if [ ${OS_NAME} = "HP-UX" ] ; then + SHLIB_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/PA_RISC/native_threads + export SHLIB_PATH +elif [ ${OS_NAME} = "Linux" ] ; then + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/i386/native_threads + export LD_LIBRARY_PATH +else # SunOS + LD_LIBRARY_PATH=/usr/lib:/usr/lib/dirsec:${JAVA_HOME}/lib:${JAVA_HOME}/lib/sparc/native_threads + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo73 - create "CMS73LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +${JAVA_HOME}/bin/javac -d ${TARGET} -classpath ${JAVA_HOME}/jre/lib/rt.jar:/usr/share/java/rhpki/nsutil.jar:/usr/share/java/rhpki/certsrv.jar:/usr/share/java/rhpki/cmscore.jar:/usr/lib/java/rhpki/ca/ca.jar:/usr/lib/java/rhpki/tks/tks.jar:/usr/lib/java/rhpki/ocsp/ocsp.jar:/usr/lib/java/rhpki/kra/kra.jar:/usr/lib/java/dirsec/jss4.jar Main.java + diff --git a/base/migrate/TxtTo80/classes/CS80LdifParser.class b/base/migrate/TxtTo80/classes/CS80LdifParser.class Binary files differnew file mode 100644 index 000000000..1265fd153 --- /dev/null +++ b/base/migrate/TxtTo80/classes/CS80LdifParser.class diff --git a/base/migrate/TxtTo80/classes/Main.class b/base/migrate/TxtTo80/classes/Main.class Binary files differnew file mode 100644 index 000000000..0f162327d --- /dev/null +++ b/base/migrate/TxtTo80/classes/Main.class diff --git a/base/migrate/TxtTo80/run.sh b/base/migrate/TxtTo80/run.sh new file mode 100755 index 000000000..6dde55758 --- /dev/null +++ b/base/migrate/TxtTo80/run.sh @@ -0,0 +1,394 @@ +#!/bin/sh + +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2009 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script converts a normalized <Source CS Version> ldif ### +### text file (e. g. - created via a <Source CS Version>ToTxt ### +### script) into a CS 8.0 ldif data file. ### +### ### +### This CS 8.0 ldif data file can then be imported into ### +### the internal database of the desired CS 8.0 server ### +### using a utility such as ldif2db. ### +### ### +##################################################################### + +### +### Provide a usage function +### + +usage() { + echo + echo "Usage: $0 input [errors] > output" + echo + echo " where: input - a "normalized" CS ldif data file," + echo " errors - an optional errors file containing" + echo " skipped attributes, and" + echo " output - the CS 8.0 ldif text file." + echo + echo " NOTE: If no redirection is provided to" + echo " 'output', then the CS 8.0 ldif text" + echo " file will merely be echoed to stdout." + echo + exit 255 +} + + +## +## Perform a usage check for the appropriate number of arguments: +## + +if [ $# -lt 1 -o $# -gt 2 ] ; then + usage +fi + + +### +### Check that the specified "input" file exists and is a regular file. +### + +if [ ! -f $1 ] ; then + echo "ERROR: Either the specified 'input' file, '$1', does not exist, " + echo " or it is not a regular file!" + echo + usage +fi + + +### +### Check that the specified "input" file exists and is not empty. +### + +if [ ! -s $1 ] ; then + echo "ERROR: The specified 'input' file, '$1', is empty!" + echo + usage +fi + + +### +### If an "errors" file is specified, then check that it does not already +### exist. +### + +if [ $# -eq 2 ] ; then + if [ -f $2 ] ; then + echo "ERROR: The specified 'errors' file, '$2', already exists!" + echo " Please specify a different file!" + echo + usage + fi +fi + + +### +### Set PKI_OS +### +### CS 8.0 NOTE: "Linux" +### "SunOS" +### + +PKI_OS=`uname` +export PKI_OS + +if [ "${PKI_OS}" != "Linux" ] && + [ "${PKI_OS}" != "SunOS" ]; then + printf "This '$0' script is ONLY executable\n" + printf "on either a 'Linux' or 'Solaris' machine!\n" + exit 255 +fi + + +### +### Set PKI_ARCHITECTURE +### +### CS 8.0 NOTE: "Linux i386" - 32-bit ("i386") +### "Linux x86_64" - 64-bit ("x86_64") +### "SunOS sparc" - 64-bit ("sparcv9") +### + +if [ "${PKI_OS}" == "Linux" ]; then + PKI_PLATFORM=`uname -i` + export PKI_PLATFORM + if [ "${PKI_PLATFORM}" == "i386" ] || + [ "${PKI_PLATFORM}" == "x86_64" ]; then + PKI_ARCHITECTURE="${PKI_PLATFORM}" + export PKI_ARCHITECTURE + else + printf "On 'Linux', this '$0' script is ONLY executable\n" + printf "on either an 'i386' or 'x86_64' architecture!\n" + exit 255 + fi +elif [ "${PKI_OS}" == "SunOS" ]; then + PKI_PLATFORM=`uname -p` + export PKI_PLATFORM + if [ "${PKI_PLATFORM}" == "sparc" ]; then + PKI_ARCHITECTURE="sparcv9" + export PKI_ARCHITECTURE + else + printf "On 'Solaris', this '$0' script is ONLY executable\n" + printf "on a 'sparcv9' architecture!\n" + exit 255 + fi +fi + + +### +### Set PKI_OS_DISTRIBUTION +### +### CS 8.0 NOTE: "Linux Fedora 8" - "Fedora" +### "Linux Fedora 9" - "Fedora" +### "Linux Fedora 10" - "Fedora" +### "Linux RHEL 5" - "Red Hat" +### "SunOS 5.9" - "Solaris" +### + +if [ "${PKI_OS}" == "Linux" ]; then + IS_FEDORA=`test -e /etc/fedora-release && echo 1 || echo 0` + if [ "${IS_FEDORA}" -eq 1 ]; then + PKI_DISTRIBUTION="Fedora" + export PKI_DISTRIBUTION + PKI_OS_RPM_VERSION=`rpm -qf --qf='%{VERSION}' /etc/fedora-release` + export PKI_OS_RPM_VERSION + PKI_OS_VERSION=`echo "${PKI_OS_RPM_VERSION}" | tr -d [A-Za-z]` + export PKI_OS_VERSION + else + IS_REDHAT=`test -e /etc/redhat-release && echo 1 || echo 0` + if [ "${IS_REDHAT}" -eq 1 ]; then + PKI_DISTRIBUTION="Red Hat" + export PKI_DISTRIBUTION + PKI_OS_RPM_VERSION=`rpm -qf --qf='%{VERSION}' /etc/redhat-release` + export PKI_OS_RPM_VERSION + PKI_OS_VERSION=`echo "${PKI_OS_RPM_VERSION}" | tr -d [A-Za-z]` + export PKI_OS_VERSION + else + printf "On 'Linux',this '$0' script is ONLY executable\n" + printf "on either a 'Fedora' or 'Red Hat' machine!\n" + exit 255 + fi + fi +elif [ "${PKI_OS}" == "SunOS" ]; then + PKI_DISTRIBUTION="Solaris" + export PKI_DISTRIBUTION + PKI_OS_VERSION=`uname -r | awk -F. '{print $2}'` + export PKI_OS_VERSION +fi + + +### +### Set JAVA_HOME +### +### CS 8.0 NOTE: "Linux Fedora 8" - JRE 1.7.0 (IcedTea) +### "Linux Fedora 9" - JRE 1.6.0 (OpenJDK) +### "Linux Fedora 10" - JRE 1.6.0 (OpenJDK) +### "Linux RHEL 5" - JRE 1.6.0 (OpenJDK) +### "SunOS 5.9" - JRE 1.6.0 (Sun JDK) +### +### "Linux" - ALWAYS set specific JAVA_HOME +### "SunOS" - ALLOW JAVA_HOME to be pre-defined +### + +if [ "${PKI_OS}" == "Linux" ]; then + if [ "${PKI_DISTRIBUTION}" == "Fedora" ]; then + if [ ${PKI_OS_VERSION} -eq 8 ]; then + if [ "${PKI_ARCHITECTURE}" == "i386" ]; then + JAVA_HOME="/usr/lib/jvm/jre-1.7.0-icedtea" + JAVA_ARCHITECTURE="i386" + else # "x86_64" + JAVA_HOME="/usr/lib/jvm/jre-1.7.0-icedtea.${PKI_ARCHITECTURE}" + JAVA_ARCHITECTURE="amd64" + fi + if [ ! -x "${JAVA_HOME}/bin/java" ] && + [ ! -f "${JAVA_HOME}/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}/native_threads" ]; then + printf "On 'Fedora 8', this '$0' script is ONLY executable\n" + printf "by 'JRE 1.7.0 (IcedTea)'!\n" + exit 255 + fi + elif [ ${PKI_OS_VERSION} -gt 8 ]; then + if [ "${PKI_ARCHITECTURE}" == "i386" ]; then + JAVA_HOME="/usr/lib/jvm/jre-1.6.0-openjdk" + JAVA_ARCHITECTURE="i386" + else # "x86_64" + JAVA_HOME="/usr/lib/jvm/jre-1.6.0-openjdk.${PKI_ARCHITECTURE}" + JAVA_ARCHITECTURE="amd64" + fi + if [ ! -x "${JAVA_HOME}/bin/java" ] && + [ ! -f "${JAVA_HOME}/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}/native_threads" ]; then + printf "On 'Fedora ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JRE 1.6.0 (OpenJDK)'!\n" + exit 255 + fi + else + printf "On 'Fedora', this '$0' script is ONLY executable\n" + printf "on 'Fedora 8' or later!\n" + exit 255 + fi + elif [ "${PKI_DISTRIBUTION}" == "Red Hat" ]; then + if [ ${PKI_OS_VERSION} -ge 5 ]; then + if [ "${PKI_ARCHITECTURE}" == "i386" ]; then + JAVA_HOME="/usr/lib/jvm/jre-1.6.0-openjdk" + JAVA_ARCHITECTURE="i386" + else # "x86_64" + JAVA_HOME="/usr/lib/jvm/jre-1.6.0-openjdk.${PKI_ARCHITECTURE}" + JAVA_ARCHITECTURE="amd64" + fi + if [ ! -x "${JAVA_HOME}/bin/java" ] && + [ ! -f "${JAVA_HOME}/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}/native_threads" ]; then + printf "On 'RHEL ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JRE 1.6.0 (OpenJDK)'!\n" + exit 255 + fi + else + printf "On 'Red Hat', this '$0' script is ONLY executable\n" + printf "on 'RHEL 5' or later!\n" + exit 255 + fi + fi + JRE_EXE="${JAVA_HOME}/bin/java" + export JRE_EXE + JRE_VERSION=`${JAVA_HOME}/bin/java -version 2>&1 | cut -b15-19 | sed -n '/[0-9]\.[0-9]\.[0-9]/p'` + export JRE_VERSION +elif [ "${PKI_OS}" == "SunOS" ]; then + if [ "${JAVA_HOME}" == "" ]; then + JAVA_HOME="/usr/java" + fi + JRE_EXE="${JAVA_HOME}/bin/${PKI_ARCHITECTURE}/java" + export JRE_EXE + JRE_VERSION=`${JAVA_HOME}/bin/${PKI_ARCHITECTURE}/java -version 2>&1 | cut -b15-19 | sed -n '/[0-9]\.[0-9]\.[0-9]/p'` + export JRE_VERSION + if [ ${PKI_OS_VERSION} -eq 9 ]; then + if [ "${JRE_VERSION}" != "1.6.0" ]; then + printf "On 'Solaris ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JRE 1.6.0'!\n" + exit 255 + fi + if [ ! -x "${JAVA_HOME}/bin/${PKI_ARCHITECTURE}/java" ] && + [ ! -f "${JAVA_HOME}/jre/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}/native_threads" ]; then + printf "On 'Solaris ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JRE 1.6.0 (Sun JDK)'!\n" + exit 255 + fi + else + printf "On 'Solaris', this '$0' script is ONLY executable\n" + printf "on 'Solaris 9'!\n" + exit 255 + fi +fi + + +### +### Setup the appropriate CLASSPATH and LD_LIBRARY_PATH +### environment variables based upon the platform +### +### NOTE: As of SunOS JDK 1.4.0, the required "Unicode" classes +### have been moved from "i18n.jar" to "rt.jar". +### + +if [ ! -f "/usr/share/java/pki/cmscore.jar" ] && + [ ! -f "/usr/share/java/pki/certsrv.jar" ]; then + printf "This '$0' script must be EXECUTED against\n" + printf "the 'pki-common' package!\n" + exit 255 +fi +if [ ! -f "/usr/share/java/pki/nsutil.jar" ]; then + printf "This '$0' script must be EXECUTED against\n" + printf "the 'pki-util' package!\n" + exit 255 +fi +if [ ! -d "/usr/share/pki/migrate/TxtTo80/classes" ]; then + printf "This '$0' script must be EXECUTED against\n" + printf "the 'pki-migrate' package!\n" + exit 255 +fi + +if [ ${PKI_OS} = "Linux" ] ; then + if [ ! -f "/usr/lib/java/jss4.jar" ]; then + printf "This '$0' script must be EXECUTED against\n" + printf "the 'jss' package!\n" + exit 255 + fi + CLASSPATH=${JAVA_HOME}/lib/rt.jar + CLASSPATH=/usr/lib/java/jss4.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/nsutil.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/cmscore.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/certsrv.jar:${CLASSPATH} + CLASSPATH=/usr/share/pki/migrate/TxtTo80/classes:${CLASSPATH} + export CLASSPATH + if [ ${PKI_ARCHITECTURE} = "i386" ] ; then + LD_LIBRARY_PATH=${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}/native_threads + LD_LIBRARY_PATH=${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib:${LD_LIBRARY_PATH} + export LD_LIBRARY_PATH + else # "x86_64" + LD_LIBRARY_PATH=${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}/native_threads + LD_LIBRARY_PATH=${JAVA_HOME}/lib/${JAVA_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib64:${LD_LIBRARY_PATH} + export LD_LIBRARY_PATH + fi +else # "SunOS" + if [ ! -f "/usr/lib/java/dirsec/jss4.jar" ]; then + printf "This '$0' script must be EXECUTED against\n" + printf "the 'dirsec-jss' package!\n" + exit 255 + fi + CLASSPATH=${JAVA_HOME}/jre/lib/rt.jar + CLASSPATH=/usr/lib/java/dirsec/jss4.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/nsutil.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/cmscore.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/certsrv.jar:${CLASSPATH} + CLASSPATH=/usr/share/pki/migrate/TxtTo80/classes:${CLASSPATH} + export CLASSPATH + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}/native_threads + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib/${PKI_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib/${PKI_ARCHITECTURE}/dirsec:${LD_LIBRARY_PATH} + export LD_LIBRARY_PATH +fi + + +### +### Execute TxtTo80 to convert the "normalized" CS ldif data file in to +### a CS 8.0 ldif text file suitable for import in to a CS 8.0 LDAP DB. +### + +# printf "================================================================\n" +# printf "PKI_OS='${PKI_OS}'\n" +# printf "PKI_DISTRIBUTION='${PKI_DISTRIBUTION}'\n" +# printf "PKI_OS_VERSION='${PKI_OS_VERSION}'\n" +# printf "PKI_ARCHITECTURE='${PKI_ARCHITECTURE}'\n" +# printf "JAVA_HOME='${JAVA_HOME}'\n" +# printf "JRE_EXE='${JRE_EXE}'\n" +# printf "JRE_VERSION='${JRE_VERSION}'\n" +# printf "================================================================\n\n" + +${JRE_EXE} -classpath ${CLASSPATH} Main $1 $2 + diff --git a/base/migrate/TxtTo80/src/Main.java b/base/migrate/TxtTo80/src/Main.java new file mode 100644 index 000000000..ad9eb6b18 --- /dev/null +++ b/base/migrate/TxtTo80/src/Main.java @@ -0,0 +1,593 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2009 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +// +// "TxtTo80/src/Main.java" is based upon a copy "TxtTo80/src/Main.java". +// +// Always comment any new code sections with a "CS 8.0" header, and +// apply these changes forward to all other "TxtTo*/src/Main.java" files +// (including this comment header) so that these differences will only +// appear when this file is diffed against an earlier "TxtTo*" version. +// +// This file should always be maintained by executing the following command: +// +// diff TxtTo73/src/Main.java TxtTo80/src/Main.java +// + +import java.math.*; +import java.io.*; +import java.util.*; +import org.mozilla.jss.*; // CMS 4.5 and later +import org.mozilla.jss.crypto.*; // CMS 4.5 and later +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.authentication.*; +import netscape.security.util.*; +import java.lang.reflect.*; + +public class Main +{ + public static void main(String args[]) + { + try { + // initialize CryptoManager in CMS 4.5 and later + CryptoManager.initialize("."); + // load JSS provider in CMS 4.5 and later + java.security.Security.removeProvider("SUN version 1.2"); + // The following call to "java.security.Security.insertProviderAt()" + // is no longer commented out in CMS 4.5 and later + java.security.Security.insertProviderAt( + new netscape.security.provider.CMS(), 0); + java.security.Provider ps[] = + java.security.Security.getProviders(); + if (ps == null || ps.length <= 0) { + System.err.println("Java Security Provider NONE"); + } else { + for (int x = 0; x < ps.length; x++) { + System.err.println("Java Security Provider " + x + " class=" + ps[x]); + } + } + + // Parse the File + CS80LdifParser parser = null; + if (args.length == 1) { + parser = new CS80LdifParser(args[0]); + } else if (args.length == 2) { + parser = new CS80LdifParser(args[0], args[1]); + } else { + throw new IOException("Invalid Parameters"); + } + parser.parse(); + } catch (Exception e) { + System.err.println("ERROR: " + e.toString()); + e.printStackTrace(); + } + } +} + +class CS80LdifParser +{ + // constants + private static final String DN = + "dn:"; + // Directory Servers in CS 8.0 and later use "extdata-" + private static final String extAttrPrefix = + "extdata-"; + private static final String BEGIN = + "--- BEGIN ATTRIBUTES ---"; + private static final String END = + "--- END ATTRIBUTES ---"; + + // variables + private String mFilename = null; + private String mErrorFilename = null; + private PrintWriter mErrorPrintWriter = null; + + public CS80LdifParser(String filename) + { + mFilename = filename; + } + + public CS80LdifParser(String filename, String errorFilename) + { + mFilename = filename; + mErrorFilename = errorFilename; + } + + public void parse() throws Exception + { + if (mErrorFilename != null) { + mErrorPrintWriter = new PrintWriter(new FileOutputStream(mErrorFilename)); + } + BufferedReader reader = new BufferedReader( + new FileReader(mFilename)); + String line = null; + String dn = null; + Vector requestAttributes = null; + while ((line = reader.readLine()) != null) { + if (line.startsWith(DN)) { + dn = line; + } + if (line.equals(BEGIN)) { + requestAttributes = new Vector(); + continue; + } + if (requestAttributes == null) { + // Since we are not in the midst of a Request Attribute, + // simply print out the line. + System.out.println(line); + + // New in CS 8.0: + if( line.equals( "objectClass: request" ) ) { + // Since Request Objects now contain individual undefined + // schema attributes (rather than a single serialized blob), + // we disable schema checking to allow them to be stored as + // Multi-Value strings by adding an "extensibleObject" + // objectclass to each Request Object entry. + System.out.println( "objectClass: extensibleObject" ); + } + continue; + } + if (line.equals(END)) { + parseAttributes(dn, requestAttributes); + requestAttributes = null; + continue; + } + if (line.startsWith(" ")) { // beginning of attr + requestAttributes.addElement( + line.substring(1, line.length())); + } else { + // #737216 - skip unnecessary empty lines in attributes + if (line.trim().length() == 0) continue; + requestAttributes.setElementAt( + (String) + requestAttributes.lastElement() + + "\n" + + line, + requestAttributes.size() - 1); + } + } + } + + public String getKey( String dn, String attr ) + { + String key = null; + + int colon = attr.indexOf( ':' ); + if (colon == -1) { + return key; + } + + int equal = attr.indexOf( '=' ); + if( equal == -1 ) { + return key; + } + + key = attr.substring( 0, colon ); + if( key.startsWith( "serviceErrors" ) ) { + // #56953 - skip serviceErrors + return key; + } + + if( key.startsWith( "Error" ) ) { + // #56953 - skip Error + return key; + } + + return key; + } + + public void parseAttributes(String dn, Vector attrs) throws Exception + { + for( int i = 0; i < attrs.size(); i++ ) { + String attr = ( String ) attrs.elementAt( i ); + try { + translateAttributes( dn, attr ); + } catch( Exception e ) { + if( mErrorPrintWriter != null ) { + mErrorPrintWriter.println( dn ); + } + String key = getKey( dn, attr ); + if( key != null ) { + mErrorPrintWriter.println( "Skipped " + key ); + } + } + } + } + + /*************************************************************************/ + /* The following two functions: */ + /* */ + /* protected boolean isAlphaNum(char in) {} */ + /* */ + /* public String encodeKey(String key) {} */ + /* */ + /* were copied from the private class called: */ + /* */ + /* class ExtAttrDynMapper implements IDBDynAttrMapper {} */ + /* */ + /* in the file called: */ + /* */ + /* pki/base/common/src/com/netscape/cmscore/request/RequestRecord.java */ + /* */ + /*************************************************************************/ + + protected boolean isAlphaNum(char in) { + if ((in >= 'a') && (in <= 'z')) { + return true; + } + if ((in >= 'A') && (in <= 'Z')) { + return true; + } + if ((in >= '0') && (in <= '9')) { + return true; + } + return false; + } + + /** + * Encoded extdata keys for storage in LDAP. + * + * The rules for encoding are trickier than decoding. We want to allow + * '-' by itself to be stored in the database (for the common case of keys + * like 'Foo-Bar'. Therefore we are using '--' as the encoding character. + * The rules are: + * 1) All characters [^-a-zA-Z0-9] are encoded as --XXXX where XXXX is the + * hex representation of the digit. + * 2) [a-zA-Z0-9] are always passed through unencoded + * 3) [-] is passed through as long as it is preceded and followed + * by [a-zA-Z0-9] (or if it's at the beginning/end of the string) + * 4) If [-] is preceded or followed by [^a-zA-Z0-9] then + * the - as well as all following [^a-zA-Z0-9] characters are encoded + * as --XXXX. + * + * This routine tries to be as efficient as possible with StringBuffer and + * large copies. However, the encoding unfortunately requires several + * objects to be allocated. + * + * @param key The key to encode + * @return The encoded key + */ + public String encodeKey(String key) { + StringBuffer output = null; + char[] input = key.toCharArray(); + int startCopyIndex = 0; + + int index = 0; + while (index < input.length) { + if (! isAlphaNum(input[index])) { + if ((input[index] == '-') && + ((index + 1) < input.length) && + (isAlphaNum(input[index + 1]))) { + index += 2; + } else if ((input[index] == '-') && + ((index + 1) == input.length)) { + index += 1; + } else { + if (output == null) { + output = new StringBuffer(input.length + 5); + } + output.append(input, startCopyIndex, index - startCopyIndex); + while ( (index < input.length) && + (! isAlphaNum(input[index])) ) { + output.append("--"); + String hexString = Integer.toHexString(input[index]); + int padding = 4 - hexString.length(); + while (padding > 0) { + output.append('0'); + padding--; + } + output.append(hexString); + index++; + } + startCopyIndex = index; + } + } else { + index++; + } + } + + if (output == null) { + return key; + } else { + output.append(input, startCopyIndex, index - startCopyIndex); + return output.toString(); + } + } + + public String formatData( String data ) { + StringBuffer output = null; + char[] input = data.toCharArray(); + int startCopyIndex = 0; + + // Every string buffer has a capacity. As long as the length of the + // character sequence contained in the string buffer does not exceed + // the capacity, it is not necessary to allocate a new internal buffer + // array. If the internal buffer overflows, it is automatically made + // larger. + // + // Start out with an output buffer at least as big as the input buffer. + output = new StringBuffer( input.length ); + + int index = 0; + while( index < input.length ) { + if( input[index] != '\n' ) { + output.append( input[index] ); + } else { + output.append( input[index] ); + if( index != ( input.length - 1 ) ) { + // Place an initial space after each carriage return + // with the exception of the last one + output.append( ' ' ); + } + } + + index++; + } + + return( output.toString() ); + } + + public void translateAttributes( String dn, String attr ) + throws Exception + { + // attribute format [key]:[type]=[data] + + int colon = attr.indexOf( ':' ); + if( colon == -1 ) { + if( mErrorPrintWriter != null ) { + if( dn != null ) { + mErrorPrintWriter.println( dn ); + } + mErrorPrintWriter.println( "Skipped " + attr ); + } + return; + } + int equal = attr.indexOf( '=' ); + if( equal == -1 ) { + if( mErrorPrintWriter != null ) { + if( dn != null ) { + mErrorPrintWriter.println( dn ); + } + mErrorPrintWriter.println( "Skipped " + attr ); + } + return; + } + + String key = attr.substring( 0, colon ); + String type = attr.substring( colon + 1, equal ); + String data = attr.substring( equal + 1 ); + + if( key.startsWith( "serviceErrors" ) ) { + // #56953 - skip serviceErrors + if( mErrorPrintWriter != null ) { + if( dn != null ) { + mErrorPrintWriter.println( dn ); + } + mErrorPrintWriter.println( "Skipped " + attr ); + } + return; + } + + if( key.startsWith( "Error" ) ) { + // #56953 - skip serviceErrors + if( mErrorPrintWriter != null ) { + if( dn != null ) { + mErrorPrintWriter.println( dn ); + } + mErrorPrintWriter.println( "Skipped " + attr ); + } + return; + } + + // To account for '47ToTxt' data files that have previously + // been generated, ALWAYS convert 'iplanet' to 'netscape'. + // + // Bugzilla Bug #224801 (a.k.a - Raidzilla Bug #56981) + // Bugzilla Bug #483519 + // + String translation = null; + if( type.startsWith( "iplanet" ) ) { + translation = "netscape" + + type.substring( 7 ); + type = translation; + } else if( type.startsWith( "com.iplanet" ) ) { + translation = "com.netscape" + + type.substring( 11 ); + type = translation; + } + + if( type.startsWith( "com.netscape.certsrv.request.AgentApprovals" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "com.netscape.certsrv.base.ArgBlock" ) + || type.startsWith( "com.netscape.cmscore.base.ArgBlock" ) ) { + // CMS 6.1: created new "com.netscape.certsrv.base.IArgBlock" and + // moved old "com.netscape.certsrv.base.ArgBlock" + // to "com.netscape.cmscore.base.ArgBlock" + + // Bugzilla Bug #737217 - adding proper "ext-data" array format + int secondEqual = data.indexOf('='); + if (secondEqual == -1) { + if( mErrorPrintWriter != null ) { + if( dn != null ) { + mErrorPrintWriter.println( dn ); + } + mErrorPrintWriter.println( "Skipped " + attr ); + } + return; + } + String subKey = data.substring( 0, secondEqual ); + String subKeyData = data.substring( secondEqual + 1 ); + System.out.println( extAttrPrefix + encodeKey( key ) + ";" + + subKey + ": " + formatData( subKeyData ) ); + } else if( type.startsWith( "com.netscape.certsrv.authentication.AuthToken" ) ) { + // Processes 'java.math.BigInteger[]': + // + // Bugzilla Bug #225031 (a.k.a - Raidzilla Bug #58356) + // + // Processes 'java.lang.String[]': + // + // Bugzilla Bug #224763 (a.k.a - Raidzilla Bug #57949) + // Bugzilla Bug #252240 + // + + // Bugzilla Bug #737217 - adding proper "ext-data" array format + int secondColon = data.indexOf(':'); + int secondEqual = data.indexOf('='); + if (secondEqual == -1 || secondColon >= secondEqual) { + if( mErrorPrintWriter != null ) { + if( dn != null ) { + mErrorPrintWriter.println( dn ); + } + mErrorPrintWriter.println( "Skipped " + attr ); + } + return; + } + if (secondColon == -1) { + secondColon = secondEqual; + } + String subKey = data.substring( 0, secondColon ); + String subKeyData = data.substring( secondEqual + 1 ); + System.out.println( extAttrPrefix + encodeKey( key ) + ";" + + subKey + ": " + formatData( subKeyData ) ); + } else if( type.startsWith( "java.math.BigInteger[" ) ) { + // Bugzilla Bug #238779 + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "java.math.BigInteger" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "byte[]" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "byte[" ) ) { + // byte array + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "netscape.security.x509.CertificateAlgorithmId" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.equals( "netscape.security.x509.CertificateChain" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.equals( "netscape.security.x509.CertificateExtensions" ) ) { + // XXX - "db2ldif" appears dumps these as ":" values, but they + // always appear as "::" base-64 encoded values? + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateExtensions" + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.equals( "netscape.security.x509.CertificateSubjectName" ) ) { + // CMS 6.2: revised method of decoding objects of type + // "netscape.security.x509.CertificateSubjectName" + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "netscape.security.x509.CertificateValidity" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.equals( "netscape.security.x509.CertificateX509Key" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "com.netscape.certsrv.cert.CertInfo" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if (type.startsWith("java.util.Hashtable")) { + // Bugzilla Bug #224800 (a.k.a - Raidzilla Bug #56953) + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "Integer[" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "java.lang.Integer" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "org.mozilla.jss.asn1.INTEGER" ) ) { + // CS 7.1 stores bodyPartId as INTEGER + // CS 7.2 fixed the problem by storing it as String + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "com.netscape.certsrv.dbs.keydb.KeyRecord" ) + || type.startsWith( "com.netscape.cmscore.dbs.KeyRecord" ) ) { + // Bugzilla Bug #508191 - These only apply to KRA; and in CS 8.0, + // since KRA requests only need to refer + // to the actual "keyRecord" referenced + // by the "keySerialNumber" data, + // all other "KeyRecord" request data is + // ignored, since it is already stored + // in the actual "keyRecord". + if( data.startsWith( "keySerialNumber" ) ) { + String keySerialNumber = data.substring( data.indexOf( "=" ) + 1 ); + System.out.println( extAttrPrefix + + encodeKey( key.toLowerCase() ) + ": " + + formatData( keySerialNumber ) ); + } + } else if( type.startsWith( "java.util.Locale" ) ) { + // CMS 6.2: begin checking for new type + // "java.util.Locale" + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "com.netscape.certsrv.kra.ProofOfArchival" ) + || type.startsWith( "com.netscape.cmscore.kra.ProofOfArchival" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "netscape.security.x509.RevokedCertImpl" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "java.lang.String[" ) ) { + // Bugzilla Bug #223360 (a.k.a - Raidzilla Bug #58086) + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if (type.startsWith("java.lang.String")) { + // Examples: + // + // key.equals( "publickey" ) + // key.equals( "cert_request" ) + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "java.util.Vector" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "netscape.security.x509.X509CertImpl[" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.equals( "netscape.security.x509.X509CertImpl" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.startsWith( "netscape.security.x509.X509CertInfo[" ) + || type.startsWith( "netscape.security.extensions.CertInfo[" ) ) + { + // CMS 6.2: begin checking for additional new type + // "netscape.security.extensions.CertInfo[" + // + // CMS 6.1: "netscape.security.x509.X509CertInfo" + // now always utilizes arrays such as + // "netscape.security.x509.X509CertInfo[" + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.equals( "netscape.security.x509.X509CertInfo" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else if( type.endsWith( "Exception" ) ) { + System.out.println( extAttrPrefix + encodeKey( key ) + ": " + + formatData( data ) ); + } else { + System.err.println( "ERROR type - " + type + " - "+ attr ); + System.exit( 0 ); + } + } +} + diff --git a/base/migrate/TxtTo80/src/compile.sh b/base/migrate/TxtTo80/src/compile.sh new file mode 100755 index 000000000..c8dd848e0 --- /dev/null +++ b/base/migrate/TxtTo80/src/compile.sh @@ -0,0 +1,345 @@ +#!/bin/bash + +# --- BEGIN COPYRIGHT BLOCK --- +# Copyright (C) 2009 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- + +##################################################################### +### ### +### This script creates: ### +### ### +### "TxtTo80/classes/CS80LdifParser.class", ### +### "TxtTo80/classes/DummyAuthManager.class", and ### +### "TxtTo80/classes/Main.class", ### +### ### +### which may be used to convert a "normalized" ldif data file ### +### exported from a version of CS prior to 8.0 into a CS 8.0 ### +### ldif data file suitable for import into a CS 8.0 LDAP DB. ### +### ### +##################################################################### + +### +### Provide a usage function +### + +usage() { + echo + echo "Usage: $0" + echo + echo " NOTE: No arguments are required to build the" + echo " CS 8.0 ldif data classes." + echo + exit 255 +} + +### +### Perform a usage check for the appropriate number of arguments: +### + +if [ $# -gt 0 ] ; then + usage +fi + + +### +### Set PKI_OS +### +### CS 8.0 NOTE: "Linux" +### "SunOS" +### + +PKI_OS=`uname` +export PKI_OS + +if [ "${PKI_OS}" != "Linux" ] && + [ "${PKI_OS}" != "SunOS" ]; then + printf "This '$0' script is ONLY executable\n" + printf "on either a 'Linux' or 'Solaris' machine!\n" + exit 255 +fi + + +### +### Set PKI_ARCHITECTURE +### +### CS 8.0 NOTE: "Linux i386" - 32-bit ("i386") +### "Linux x86_64" - 64-bit ("x86_64") +### "SunOS sparc" - 64-bit ("sparcv9") +### + +if [ "${PKI_OS}" == "Linux" ]; then + PKI_PLATFORM=`uname -i` + export PKI_PLATFORM + if [ "${PKI_PLATFORM}" == "i386" ] || + [ "${PKI_PLATFORM}" == "x86_64" ]; then + PKI_ARCHITECTURE="${PKI_PLATFORM}" + export PKI_ARCHITECTURE + else + printf "On 'Linux', this '$0' script is ONLY executable\n" + printf "on either an 'i386' or 'x86_64' architecture!\n" + exit 255 + fi +elif [ "${PKI_OS}" == "SunOS" ]; then + PKI_PLATFORM=`uname -p` + export PKI_PLATFORM + if [ "${PKI_PLATFORM}" == "sparc" ]; then + PKI_ARCHITECTURE="sparcv9" + export PKI_ARCHITECTURE + else + printf "On 'Solaris', this '$0' script is ONLY executable\n" + printf "on a 'sparcv9' architecture!\n" + exit 255 + fi +fi + + +### +### Set PKI_OS_DISTRIBUTION +### +### CS 8.0 NOTE: "Linux Fedora 8" - "Fedora" +### "Linux Fedora 9" - "Fedora" +### "Linux Fedora 10" - "Fedora" +### "Linux RHEL 5" - "Red Hat" +### "SunOS 5.9" - "Solaris" +### + +if [ "${PKI_OS}" == "Linux" ]; then + IS_FEDORA=`test -e /etc/fedora-release && echo 1 || echo 0` + if [ "${IS_FEDORA}" -eq 1 ]; then + PKI_DISTRIBUTION="Fedora" + export PKI_DISTRIBUTION + PKI_OS_RPM_VERSION=`rpm -qf --qf='%{VERSION}' /etc/fedora-release` + export PKI_OS_RPM_VERSION + PKI_OS_VERSION=`echo "${PKI_OS_RPM_VERSION}" | tr -d [A-Za-z]` + export PKI_OS_VERSION + else + IS_REDHAT=`test -e /etc/redhat-release && echo 1 || echo 0` + if [ "${IS_REDHAT}" -eq 1 ]; then + PKI_DISTRIBUTION="Red Hat" + export PKI_DISTRIBUTION + PKI_OS_RPM_VERSION=`rpm -qf --qf='%{VERSION}' /etc/redhat-release` + export PKI_OS_RPM_VERSION + PKI_OS_VERSION=`echo "${PKI_OS_RPM_VERSION}" | tr -d [A-Za-z]` + export PKI_OS_VERSION + else + printf "On 'Linux',this '$0' script is ONLY executable\n" + printf "on either a 'Fedora' or 'Red Hat' machine!\n" + exit 255 + fi + fi +elif [ "${PKI_OS}" == "SunOS" ]; then + PKI_DISTRIBUTION="Solaris" + export PKI_DISTRIBUTION + PKI_OS_VERSION=`uname -r | awk -F. '{print $2}'` + export PKI_OS_VERSION +fi + + +### +### Set JAVA_HOME +### +### CS 8.0 NOTE: "Linux Fedora 8" - JDK 1.7.0 (IcedTea) +### "Linux Fedora 9" - JDK 1.6.0 (OpenJDK) +### "Linux Fedora 10" - JDK 1.6.0 (OpenJDK) +### "Linux RHEL 5" - JDK 1.6.0 (OpenJDK) +### "SunOS 5.9" - JDK 1.6.0 (Sun JDK) +### +### "Linux" - ALWAYS set specific JAVA_HOME +### "SunOS" - ALLOW JAVA_HOME to be pre-defined +### + +if [ "${PKI_OS}" == "Linux" ]; then + if [ "${PKI_DISTRIBUTION}" == "Fedora" ]; then + if [ ${PKI_OS_VERSION} -eq 8 ]; then + if [ "${PKI_ARCHITECTURE}" == "i386" ]; then + JAVA_HOME="/usr/lib/jvm/java-1.7.0-icedtea" + JAVA_ARCHITECTURE="i386" + else # "x86_64" + JAVA_HOME="/usr/lib/jvm/java-1.7.0-icedtea.${PKI_ARCHITECTURE}" + JAVA_ARCHITECTURE="amd64" + fi + if [ ! -x "${JAVA_HOME}/bin/javac" ] && + [ ! -f "${JAVA_HOME}/jre/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}/native_threads" ]; then + printf "On 'Fedora 8', this '$0' script is ONLY executable\n" + printf "by 'JDK 1.7.0 (IcedTea)'!\n" + exit 255 + fi + elif [ ${PKI_OS_VERSION} -gt 8 ]; then + if [ "${PKI_ARCHITECTURE}" == "i386" ]; then + JAVA_HOME="/usr/lib/jvm/java-1.6.0-openjdk" + JAVA_ARCHITECTURE="i386" + else # "x86_64" + JAVA_HOME="/usr/lib/jvm/java-1.6.0-openjdk.${PKI_ARCHITECTURE}" + JAVA_ARCHITECTURE="amd64" + fi + if [ ! -x "${JAVA_HOME}/bin/javac" ] && + [ ! -f "${JAVA_HOME}/jre/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}/native_threads" ]; then + printf "On 'Fedora ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JDK 1.6.0 (OpenJDK)'!\n" + exit 255 + fi + else + printf "On 'Fedora', this '$0' script is ONLY executable\n" + printf "on 'Fedora 8' or later!\n" + exit 255 + fi + elif [ "${PKI_DISTRIBUTION}" == "Red Hat" ]; then + if [ ${PKI_OS_VERSION} -ge 5 ]; then + if [ "${PKI_ARCHITECTURE}" == "i386" ]; then + JAVA_HOME="/usr/lib/jvm/java-1.6.0-openjdk" + JAVA_ARCHITECTURE="i386" + else # "x86_64" + JAVA_HOME="/usr/lib/jvm/java-1.6.0-openjdk.${PKI_ARCHITECTURE}" + JAVA_ARCHITECTURE="amd64" + fi + if [ ! -x "${JAVA_HOME}/bin/javac" ] && + [ ! -f "${JAVA_HOME}/jre/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}/native_threads" ]; then + printf "On 'RHEL ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JDK 1.6.0 (OpenJDK)'!\n" + exit 255 + fi + else + printf "On 'Red Hat', this '$0' script is ONLY executable\n" + printf "on 'RHEL 5' or later!\n" + exit 255 + fi + fi + JDK_EXE="${JAVA_HOME}/bin/javac" + export JDK_EXE + JDK_VERSION=`${JAVA_HOME}/bin/javac -version 2>&1 | cut -b7-11` + export JDK_VERSION +elif [ "${PKI_OS}" == "SunOS" ]; then + if [ "${JAVA_HOME}" == "" ]; then + JAVA_HOME="/usr/java" + fi + JDK_EXE="${JAVA_HOME}/bin/${PKI_ARCHITECTURE}/javac" + export JDK_EXE + JDK_VERSION=`${JAVA_HOME}/bin/${PKI_ARCHITECTURE}/javac -version 2>&1 | cut -b7-11` + export JDK_VERSION + if [ ${PKI_OS_VERSION} -eq 9 ]; then + if [ "${JDK_VERSION}" != "1.6.0" ]; then + printf "On 'Solaris ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JDK 1.6.0'!\n" + exit 255 + fi + if [ ! -x "${JAVA_HOME}/bin/${PKI_ARCHITECTURE}/javac" ] && + [ ! -f "${JAVA_HOME}/jre/lib/rt.jar" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}" ] && + [ ! -d "${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}/native_threads" ]; then + printf "On 'Solaris ${PKI_OS_VERSION}', " + printf "this '$0' script is ONLY executable\n" + printf "by 'JDK 1.6.0 (Sun JDK)'!\n" + exit 255 + fi + else + printf "On 'Solaris', this '$0' script is ONLY executable\n" + printf "on 'Solaris 9'!\n" + exit 255 + fi +fi + + +### +### Setup the appropriate CLASSPATH and LD_LIBRARY_PATH +### environment variables based upon the platform +### + +if [ ! -f "/usr/share/java/pki/cmscore.jar" ] && + [ ! -f "/usr/share/java/pki/certsrv.jar" ]; then + printf "This '$0' script must be COMPILED against\n" + printf "the 'pki-common' package!\n" + exit 255 +fi +if [ ! -f "/usr/share/java/pki/nsutil.jar" ]; then + printf "This '$0' script must be COMPILED against\n" + printf "the 'pki-util' package!\n" + exit 255 +fi + +if [ ${PKI_OS} = "Linux" ] ; then + if [ ! -f "/usr/lib/java/jss4.jar" ]; then + printf "This '$0' script must be COMPILED against\n" + printf "the 'jss' package!\n" + exit 255 + fi + CLASSPATH=${JAVA_HOME}/jre/lib/rt.jar + CLASSPATH=/usr/lib/java/jss4.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/nsutil.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/cmscore.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/certsrv.jar:${CLASSPATH} + export CLASSPATH + if [ ${PKI_ARCHITECTURE} = "i386" ] ; then + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}/native_threads + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib:${LD_LIBRARY_PATH} + export LD_LIBRARY_PATH + else # "x86_64" + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}/native_threads + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${JAVA_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib64:${LD_LIBRARY_PATH} + export LD_LIBRARY_PATH + fi +else # "SunOS" + if [ ! -f "/usr/lib/java/dirsec/jss4.jar" ]; then + printf "This '$0' script must be COMPILED against\n" + printf "the 'dirsec-jss' package!\n" + exit 255 + fi + CLASSPATH=${JAVA_HOME}/jre/lib/rt.jar + CLASSPATH=/usr/lib/java/dirsec/jss4.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/nsutil.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/cmscore.jar:${CLASSPATH} + CLASSPATH=/usr/share/java/pki/certsrv.jar:${CLASSPATH} + export CLASSPATH + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}/native_threads + LD_LIBRARY_PATH=${JAVA_HOME}/jre/lib/${PKI_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib/${PKI_ARCHITECTURE}:${LD_LIBRARY_PATH} + LD_LIBRARY_PATH=/usr/lib/${PKI_ARCHITECTURE}/dirsec:${LD_LIBRARY_PATH} + export LD_LIBRARY_PATH +fi + + +### +### Set TARGET - identify the complete path to the new classes target directory +### + +TARGET=../classes +export TARGET + + +### +### Create the new classes target directory (if it does not already exist) +### + +if [ ! -d ${TARGET} ]; then + mkdir -p ${TARGET} +fi + + +### +### Compile TxtTo80 - create "CS80LdifParser.class", "DummyAuthManager.class", +### and "Main.class" +### + +printf "================================================================\n" +printf "PKI_OS='${PKI_OS}'\n" +printf "PKI_DISTRIBUTION='${PKI_DISTRIBUTION}'\n" +printf "PKI_OS_VERSION='${PKI_OS_VERSION}'\n" +printf "PKI_ARCHITECTURE='${PKI_ARCHITECTURE}'\n" +printf "JAVA_HOME='${JAVA_HOME}'\n" +printf "JDK_EXE='${JDK_EXE}'\n" +printf "JDK_VERSION='${JDK_VERSION}'\n" +printf "================================================================\n\n" + +${JDK_EXE} -d ${TARGET} -classpath ${CLASSPATH} Main.java + diff --git a/base/migrate/kra/RecoverKey.class b/base/migrate/kra/RecoverKey.class Binary files differnew file mode 100755 index 000000000..756380e8d --- /dev/null +++ b/base/migrate/kra/RecoverKey.class diff --git a/base/migrate/kra/RecoverKey.java b/base/migrate/kra/RecoverKey.java new file mode 100755 index 000000000..06e5fc55f --- /dev/null +++ b/base/migrate/kra/RecoverKey.java @@ -0,0 +1,101 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + + +// package com.netscape.cmstools; + +import org.mozilla.jss.pkix.cmc.*; +import org.mozilla.jss.pkix.cms.*; +import org.mozilla.jss.pkix.cert.*; +import org.mozilla.jss.pkix.primitive.*; +import org.mozilla.jss.asn1.*; +import org.mozilla.jss.pkcs10.*; +import org.mozilla.jss.crypto.*; +import org.mozilla.jss.CryptoManager; +import org.mozilla.jss.crypto.CryptoToken; +import org.mozilla.jss.crypto.SignatureAlgorithm; +import org.mozilla.jss.crypto.DigestAlgorithm; +import org.mozilla.jss.crypto.X509Certificate; +import org.mozilla.jss.util.*; +import org.mozilla.jss.*; + +import sun.misc.BASE64Encoder; +import sun.misc.*; + +import java.io.*; +import java.util.*; + +import com.netscape.cmscore.shares.*; + +public class RecoverKey { + + public static void main(String args[]) throws Exception + { + if (args.length != 6) { + System.out.println("Usage: RecoverKey <alias directory> <prefix> <password> <pin> <nickname> <kra-key.db path>"); + System.exit(0); + } + + String alias = args[0]; + String prefix = args[1]; + String password = args[2]; + String pin = args[3]; + String nickname = args[4]; + String db_path = args[5]; + + CryptoManager.InitializationValues vals = + new CryptoManager.InitializationValues(alias, + prefix, prefix, "secmod.db"); + + CryptoManager.initialize(vals); + CryptoManager cm = CryptoManager.getInstance(); + + CryptoToken token = cm.getInternalKeyStorageToken(); + token.login(new Password(password.toCharArray())); + + // retrieve public key + X509Certificate cert = cm.findCertByNickname(nickname); + + // retrieve encrypted private key material + File priFile = new File(db_path); + byte priData[] = new byte[(new Long(priFile.length())).intValue()]; + FileInputStream fi = new FileInputStream(priFile); + fi.read(priData); + fi.close(); + + // recover private key + Password pass = new Password(pin.toCharArray()); + KeyGenerator kg = token.getKeyGenerator( + PBEAlgorithm.PBE_SHA1_DES3_CBC); + byte iv[] = {0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01}; + PBEKeyGenParams kgp = new PBEKeyGenParams(pass, + iv, 5); + + pass.clear(); + kg.initialize(kgp); + SymmetricKey sk = kg.generate(); + + KeyWrapper wrapper = token.getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD); + wrapper.initUnwrap(sk, new IVParameterSpec(iv)); + PrivateKey pk = wrapper.unwrapPrivate(priData, + PrivateKey.RSA, cert.getPublicKey()); + + System.out.println("=> Private is '" + pk + "'"); + } +} diff --git a/base/migrate/kra/RecoverPin.class b/base/migrate/kra/RecoverPin.class Binary files differnew file mode 100755 index 000000000..75db9d5f9 --- /dev/null +++ b/base/migrate/kra/RecoverPin.class diff --git a/base/migrate/kra/RecoverPin.java b/base/migrate/kra/RecoverPin.java new file mode 100755 index 000000000..2ad268c37 --- /dev/null +++ b/base/migrate/kra/RecoverPin.java @@ -0,0 +1,149 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + + +// package com.netscape.cmstools; + +import org.mozilla.jss.pkix.cmc.*; +import org.mozilla.jss.pkix.cms.*; +import org.mozilla.jss.pkix.cert.*; +import org.mozilla.jss.pkix.primitive.*; +import org.mozilla.jss.asn1.*; +import org.mozilla.jss.pkcs10.*; +import org.mozilla.jss.crypto.*; +import org.mozilla.jss.CryptoManager; +import org.mozilla.jss.crypto.CryptoToken; +import org.mozilla.jss.crypto.SignatureAlgorithm; +import org.mozilla.jss.crypto.DigestAlgorithm; +import org.mozilla.jss.crypto.X509Certificate; +import org.mozilla.jss.util.*; +import org.mozilla.jss.*; + +import sun.misc.BASE64Encoder; +import sun.misc.*; + +import java.io.*; +import java.util.*; + +import com.netscape.cmscore.shares.*; + +public class RecoverPin { + + public static String getPassword(Hashtable shares) throws Exception + { + System.out.println("Share size '" + shares.size() + "'"); + JoinShares j = new JoinShares(shares.size()); + + Enumeration e = shares.keys(); + while (e.hasMoreElements()) { + String next = (String) e.nextElement(); +System.out.println("Add share " + (int)(Integer.parseInt(next) + 1)); + j.addShare(Integer.parseInt(next) + 1, + (byte[]) shares.get(next)); + } + byte secret[] = j.recoverSecret(); + String pwd = new String(secret); + return pwd; + } + + public static byte[] resizeShare(byte share[]) { + byte data[] = new byte[share.length - 2]; + + for (int i = 2; i < share.length; i++) { + data[i - 2] = share[i]; + } + return data; + } + + public static Hashtable getShares(CryptoToken token, + Properties kra_mn_p) throws Exception + { + BufferedReader br = new BufferedReader( new InputStreamReader(System.in)); + Hashtable v = new Hashtable(); + Enumeration e = kra_mn_p.keys(); + int n = Integer.parseInt((String)kra_mn_p.get("n")); + for (int i = 0; i < n; i++) { + String uid = (String)kra_mn_p.get("uid"+i); + System.out.println("Got uid '" + uid + "'"); + + String encrypted = (String)kra_mn_p.get("share"+i); + System.out.println("Got share '" + encrypted + "'"); + + BASE64Decoder decoder = new BASE64Decoder(); + byte share[] = decoder.decodeBuffer(encrypted); + System.out.println("Got encrypted share length '" + + share.length + "'"); + + System.out.println("Please input password for " + uid + ":"); + String pwd = br.readLine(); + System.out.println("Got password '" + pwd + "'"); + + Cipher cipher = token.getCipherContext( + EncryptionAlgorithm.DES3_CBC_PAD); + byte iv[] = {0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01}; + Password pass = new Password(pwd.toCharArray()); + KeyGenerator kg = token.getKeyGenerator( + PBEAlgorithm.PBE_SHA1_DES3_CBC); + PBEKeyGenParams kgp = new PBEKeyGenParams(pass, + iv, 5); + kg.initialize(kgp); + SymmetricKey sk = kg.generate(); + cipher.initDecrypt(sk, new IVParameterSpec(iv)); + byte dec[] = cipher.doFinal(share); + System.out.println("Got decrypted share length '" + dec.length + "'"); + System.out.println("Got share[0] '" + dec[0] + "'"); + System.out.println("Got share[1] '" + dec[1] + "'"); + byte res[] = resizeShare(dec); + v.put(Integer.toString(i), res); + } + return v; + } + + public static void main(String args[]) throws Exception + { + if (args.length != 4) { + System.out.println("Usage: RecoverPin <alias directory> <prefix> <password> <kra-mn.conf path>"); + System.exit(0); + } + + String alias = args[0]; + String prefix = args[1]; + String password = args[2]; + String path_kra_mn = args[3]; + + CryptoManager.InitializationValues vals = + new CryptoManager.InitializationValues(alias, + prefix, prefix, "secmod.db"); + + CryptoManager.initialize(vals); + CryptoManager cm = CryptoManager.getInstance(); + + // load files into properties + Properties kra_mn_p = new Properties(); + kra_mn_p.load(new FileInputStream(path_kra_mn)); + + CryptoToken token = cm.getInternalKeyStorageToken(); + token.login(new Password(password.toCharArray())); + + Hashtable shares = getShares(token, kra_mn_p); + + String pwd = getPassword(shares); + System.out.println("=> Pin is '" + pwd + "'"); + } +} diff --git a/base/migrate/kra/readme.txt b/base/migrate/kra/readme.txt new file mode 100755 index 000000000..8b7b69b49 --- /dev/null +++ b/base/migrate/kra/readme.txt @@ -0,0 +1,130 @@ +Date + + Tue Oct 17 16:11:07 PDT 2006 + +Version + + CMS 6.1 + +Overview + + In CMS6.1 Data Recovery Manager (DRM), it has deployed a + complicated key splitting scheme where software token and + hardware token are treated differently. + + Both software and hardware token requires a group of N recovery agents + to be present during the configuration. A Pin is randomly generated + and splitted into N pieces called shares. Each share is encrypted with + a password provided by the individual recovery agent. This is to + ensure no single recovery agent to access the pin. + + For software token, during configuration, a storage key pair is + generated, and the private key portion is then encrypted by the + Pin mentioned above. The encrypted key is stored in a file called + kra-key.db in the conf directory. The configuration deletes + the private key from the software token. For each recovery + operation, the private key is then reconstructed and imported + into the software token. + + For hardware token, during configuration, a storage key pair is + generated on the selected token, then the configuration changes the + hardware token's pin to the randomly generated pin mentioned above. + For each recovery operation, the token's pin is reconstructed and + private key is accessed. + + To provide migration on the user keys that were encrypted with the + storage keys of CS6.1, we need to be able to migrate the public and + private keys to the new system. To access the private key, we need + to have a way to reconstruct the pin. + + This support package provides 2 utilities that can assist the + migration. + +Programs + + RecoverPin - This command is to reconstruct the pin. It reads + the shares from conf/kra-mn.conf, and prompts for + agent passwords. It then reconstructs and prints the + pin to the screen. + + RecoverKey - For software token deployment, the encrypted private + key is stored in the file conf/kra-key.db. To recover + the private key, the user needs to use the pin obtained + from RecoverPin. Once the private key is recovered into + the security database. The user can use pk12util to + migrate key to the new installation. For hardware token + deployment, this command is not necessary. + +Examples + + Here is an example of RecoverPin usage + + java -classpath <server-root>/bin/cert/jars/cmscore.jar:<server-root>/bin/cert/jars/nsutil.jar:<server-root>/bin/cert/jars/jss3.jar:. RecoverPin <path to alias directory> <prefix> <password> <key splitting scheme file> + + For example, + + java -classpath /home/user/cs61/servers/bin/cert/jars/cmscore.jar:/export/home/user/cs61/servers/bin/cert/jars/nsutil.jar:/export/home/user/cs61/servers/bin/cert/jars/jss3.jar:. RecoverPin /export/home/user/cs61/servers/alias "cert-drm-sunburst-" netscape /export/home/user/cs61/servers/cert-drm/config/kra-mn.conf + + The output is: + + Got uid 'agent1' + Got share 'A23UO/q9f40=' + Got encrypted share length '8' + Please input password for agent1: + netscape1 + Got password 'netscape1' + Got decrypted share length '2' + Got share[0] '0' + Got share[1] '0' + Got uid 'agent2' + Got share 'R+zGVd5zczI=' + Got encrypted share length '8' + Please input password for agent2: + netscape2 + Got password 'netscape2' + Got decrypted share length '2' + Got share[0] '0' + Got share[1] '0' + Got uid 'agent3' + Got share 'lsipE7cM8jg=' + Got encrypted share length '8' + Please input password for agent3: + netscape3 + Got password 'netscape3' + Got decrypted share length '2' + Got share[0] '0' + Got share[1] '0' + Share size '3' + Add share 3 + Add share 2 + Add share 1 + => Pin is '' + + Here is an example of RecoverKey usage + + java -classpath <server-root>/bin/cert/jars/cmscore.jar:<server-root>/bin/cert/jars/nsutil.jar:<server-root>/bin/cert/jars/jss3.jar:. RecoverKey <alias path> <prefix> <db password> <pin from RecoverPin> <nickname> <key db path> + + For example, + + java -classpath /export/home/user/cs61/servers/bin/cert/jars/cmscore.jar:/export/home/user/cs61/servers/bin/cert/jars/nsutil.jar:/export/home/user/cs61/servers/bin/cert/jars/jss3.jar:. RecoverKey /export/home/user/cs61/servers/alias cert-drm-sunburst- "netscape" "" "kraStorageCert 1161121005622" /export/home/user/cs61/servers/cert-drm/config/kra-key.db + + The output is: + + => Private is 'org.mozilla.jss.pkcs11.PK11RSAPrivateKey@1ab8f9e' + +To make the private and public key exportable via pk12util. You need to first +backup the storage certificate, delete it, and then import it +again. For example, + + certutil -d . -P cert-drm-sunburst- \ + -n "kraStorageCert 1161121005622" -a > storageCert.txt + + certutil -d . -P cert-drm-sunburst- -D -n "kraStorageCert 1161121005622" + + certutil -d . -P cert-drm-sunburst- -A -t "u,u,u" \ + -n "kraStorageCert 1161121005622" -i storageCert.txt + +Finally, you can export the private and public key using pk12util + + pk12util -o storage.p12 -d . -P cert-drm-sunburst- \ + -n "kraStorageCert 1161121005622" |