diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-05-24 05:06:31 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-05-24 18:54:20 +0200 |
commit | 9d74c8f2f6291e9bac433c950168d68fa5fc90c8 (patch) | |
tree | 9331dbb70bc1594f169b80ccd6cc0bd18d70033f /base/server/cms | |
parent | 7d39f6ecfe4c29c14948e4b5d30fde93d7f0f8e6 (diff) | |
download | pki-9d74c8f2f6291e9bac433c950168d68fa5fc90c8.tar.gz pki-9d74c8f2f6291e9bac433c950168d68fa5fc90c8.tar.xz pki-9d74c8f2f6291e9bac433c950168d68fa5fc90c8.zip |
Updated OCSP log messages.
Some log messages in OCSP-related code have been updated for
clarity.
https://pagure.io/dogtagpki/issue/2652
Change-Id: Ie81b95906a0d9aef6126fb205a4bcec028731e39
Diffstat (limited to 'base/server/cms')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/ocsp/DefStore.java | 27 | ||||
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java | 7 |
2 files changed, 25 insertions, 9 deletions
diff --git a/base/server/cms/src/com/netscape/cms/ocsp/DefStore.java b/base/server/cms/src/com/netscape/cms/ocsp/DefStore.java index 676257bb7..ea095ba3f 100644 --- a/base/server/cms/src/com/netscape/cms/ocsp/DefStore.java +++ b/base/server/cms/src/com/netscape/cms/ocsp/DefStore.java @@ -409,8 +409,9 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { long endTime = CMS.getCurrentDate().getTime(); mOCSPAuthority.incTotalTime(endTime - startTime); return response; + } catch (Exception e) { - CMS.debug("DefStore: validation failed " + e.toString()); + CMS.debug(e); log(ILogger.LL_FAILURE, CMS.getLogMessage("OCSP_REQUEST_FAILURE", e.toString())); return null; } @@ -449,6 +450,7 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { log(ILogger.LL_FAILURE, CMS.getLogMessage("OCSP_DECODE_CERT", e.toString())); return null; } + MessageDigest md = MessageDigest.getInstance(cid.getDigestName()); X509Key key = (X509Key) cert.getPublicKey(); byte digest[] = md.digest(key.getKey()); @@ -474,6 +476,7 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { break; } } + } else { theCert = matched.getX509CertImpl(); theRec = matched.getCRLIssuingPointRecord(); @@ -490,16 +493,19 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { log(ILogger.EV_AUDIT, AuditFormat.LEVEL, "Checked Status of certificate 0x" + serialNo.toString(16)); CMS.debug("DefStore: process request 0x" + serialNo.toString(16)); - CertStatus certStatus = null; - GeneralizedTime thisUpdate = null; + + GeneralizedTime thisUpdate; if (theRec == null) { thisUpdate = new GeneralizedTime(CMS.getCurrentDate()); } else { - thisUpdate = new GeneralizedTime( - theRec.getThisUpdate()); + Date d = theRec.getThisUpdate(); + CMS.debug("DefStore: CRL record this update: " + d); + thisUpdate = new GeneralizedTime(d); } + CMS.debug("DefStore: this update: " + thisUpdate.toDate()); + // this is an optional field GeneralizedTime nextUpdate; @@ -510,9 +516,15 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { nextUpdate = new GeneralizedTime(CMS.getCurrentDate()); } else { - nextUpdate = new GeneralizedTime(theRec.getNextUpdate()); + Date d = theRec.getNextUpdate(); + CMS.debug("DefStore: CRL record next update: " + d); + nextUpdate = new GeneralizedTime(d); } + CMS.debug("DefStore: next update: " + (nextUpdate == null ? null : nextUpdate.toDate())); + + CertStatus certStatus; + if (theCRL == null) { certStatus = new UnknownInfo(); @@ -551,10 +563,10 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { } else { certStatus = new UnknownInfo(); } + } else { certStatus = new RevokedInfo(new GeneralizedTime( crlentry.getRevocationDate())); - } return new SingleResponse(cid, certStatus, thisUpdate, @@ -564,6 +576,7 @@ public class DefStore implements IDefStore, IExtendedPluginInfo { // error log CMS.debug("DefStore: failed processing request e=" + e); } + return null; } diff --git a/base/server/cms/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java b/base/server/cms/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java index 940bf657c..5fde89dfe 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/ocsp/OCSPServlet.java @@ -198,16 +198,19 @@ public class OCSPServlet extends CMSServlet { throw new Exception("OCSPServlet: OCSP request is " + "empty or malformed"); } + ocspReq = (OCSPRequest) reqTemplate.decode(is); + if ((ocspReq == null) || (ocspReq.toString().equals(""))) { throw new Exception("OCSPServlet: Decoded OCSP request " + "is empty or malformed"); } + response = ((IOCSPService) mAuthority).validate(ocspReq); + } catch (Exception e) { - ; - CMS.debug("OCSPServlet: " + e.toString()); + CMS.debug(e); } if (response != null) { |