diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-07-07 19:36:56 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-07-08 04:52:44 +0200 |
commit | 2dc3c84777dcd8fe20611511ed5fc422c8b05541 (patch) | |
tree | 9ea2ab1b14f752b7df665b2b83a6f469431edbcb /base/server/cms | |
parent | eb08fba8a15e044802e9fa32ba0d4ed6c8eb31bc (diff) | |
download | pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.tar.gz pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.tar.xz pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.zip |
Refactored ConfigurationUtils.updateCloneConfig().
The ConfigurationUtils.updateCloneConfig() invocation has been
modified such that it will only be executed once.
https://pagure.io/dogtagpki/issue/2280
Change-Id: I1d42acb8cf7c7ffedcd109fcd5252a03fb9622e7
Diffstat (limited to 'base/server/cms')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | 26 | ||||
-rw-r--r-- | base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java | 8 |
2 files changed, 20 insertions, 14 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index b8f771238..cca753404 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -2946,15 +2946,20 @@ public class ConfigurationUtils { return 0; } - public static void updateCloneConfig() - throws EBaseException, IOException { + public static void updateCloneConfig() throws EBaseException, IOException { + IConfigStore config = CMS.getConfigStore(); String cstype = config.getString("cs.type", null); cstype = cstype.toLowerCase(); + if (cstype.equals("kra")) { + String token = config.getString("preop.module.token"); + if (!CryptoUtil.isInternalToken(token)) { + CMS.debug("ConfigurationUtils: updating configuration for KRA clone with hardware token"); + String subsystem = config.getString(PCERT_PREFIX + "storage.subsystem"); String storageNickname = getNickname(config, "storage"); String transportNickname = getNickname(config, "transport"); @@ -2962,22 +2967,23 @@ public class ConfigurationUtils { config.putString(subsystem + ".storageUnit.hardware", token); config.putString(subsystem + ".storageUnit.nickName", token + ":" + storageNickname); config.putString(subsystem + ".transportUnit.nickName", token + ":" + transportNickname); + config.commit(false); + } else { // software token // parameters already set } } // audit signing cert - String audit_nn = config.getString(cstype + ".audit_signing" + ".nickname", ""); - String audit_tk = config.getString(cstype + ".audit_signing" + ".tokenname", ""); - if (!CryptoUtil.isInternalToken(audit_tk)) { - config.putString("log.instance.SignedAudit.signedAuditCertNickname", - audit_tk + ":" + audit_nn); - } else { - config.putString("log.instance.SignedAudit.signedAuditCertNickname", - audit_nn); + String nickname = config.getString(cstype + ".audit_signing.nickname", ""); + String token = config.getString(cstype + ".audit_signing.tokenname", ""); + + if (!CryptoUtil.isInternalToken(token)) { + nickname = token + ":" + nickname; } + + config.putString("log.instance.SignedAudit.signedAuditCertNickname", nickname); } public static void loadCertRequest(IConfigStore config, String tag, Cert cert) throws Exception { diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index 87cf963d9..a92d04ae9 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -399,6 +399,10 @@ public class SystemConfigService extends PKIService implements SystemConfigResou } ConfigurationUtils.updateServerCertNickConf(); + + if (request.isClone()) { + ConfigurationUtils.updateCloneConfig(); + } } public void processCert( @@ -524,10 +528,6 @@ public class SystemConfigService extends PKIService implements SystemConfigResou ConfigurationUtils.generateCertRequest(cs, tag, cert); } - if (request.isClone()) { - ConfigurationUtils.updateCloneConfig(); - } - if (request.isExternal() && tag.equals("signing")) { // external/existing CA CMS.debug("SystemConfigService: External CA has signing cert"); hasSigningCert.setValue(true); |