diff options
author | Endi S. Dewata <edewata@redhat.com> | 2014-12-02 17:25:55 -0500 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2014-12-15 11:57:07 -0500 |
commit | 5d82ad42001875e28a48ba374d4a467c9ec91f5c (patch) | |
tree | 2c32fd69b42077d8fa424ffa8194f4bcddc3f6d6 /base/server/cmscore/src | |
parent | aab703ab457ff02d8623933a15574a556dae5e99 (diff) | |
download | pki-5d82ad42001875e28a48ba374d4a467c9ec91f5c.tar.gz pki-5d82ad42001875e28a48ba374d4a467c9ec91f5c.tar.xz pki-5d82ad42001875e28a48ba374d4a467c9ec91f5c.zip |
Added rangeUnit property to certificate profiles.
A new optional property has been added to certificate profiles to
specify the range unit. The default range unit is 'day'. The code
has been modified to use the Calendar API to calculate the end of
validity range based on the range unit.
https://fedorahosted.org/pki/ticket/1226
Diffstat (limited to 'base/server/cmscore/src')
6 files changed, 28 insertions, 13 deletions
diff --git a/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java b/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java index 68c64824e..04ff5ec46 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java +++ b/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java @@ -1420,6 +1420,7 @@ public class CMSEngine implements ICMSEngine { } public boolean verifySystemCertByNickname(String nickname, String certificateUsage) { + CMS.debug("CMSEngine: verifySystemCertByNickname(" + nickname + ", " + certificateUsage + ")"); return CertUtils.verifySystemCertByNickname(nickname, certificateUsage); } diff --git a/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java b/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java index 9dc33e541..244c36dc7 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java +++ b/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java @@ -831,6 +831,7 @@ public class CertUtils { * returns true if it verifies; false if any not */ public static boolean verifySystemCertByNickname(String nickname, String certusage) { + CMS.debug("CertUtils: verifySystemCertByNickname(" + nickname + "," + certusage + ")"); boolean r = true; CertificateUsage cu = null; cu = getCertificateUsage(certusage); @@ -850,9 +851,9 @@ public class CertUtils { if (cu.getUsage() != CryptoManager.CertificateUsage.CheckAllUsages.getUsage()) { if (cm.isCertValid(nickname, true, cu)) { r = true; - CMS.debug("CertUtils: verifySystemCertByNickname() passed:" + nickname); + CMS.debug("CertUtils: verifySystemCertByNickname() passed: " + nickname); } else { - CMS.debug("CertUtils: verifySystemCertByNickname() failed:" + nickname); + CMS.debug("CertUtils: verifySystemCertByNickname() failed: " + nickname); r = false; } } else { @@ -864,7 +865,7 @@ public class CertUtils { CMS.debug("CertUtils: verifySystemCertByNickname() failed: cert is good for nothing:" + nickname); } else { r = true; - CMS.debug("CertUtils: verifySystemCertByNickname() passed:" + nickname); + CMS.debug("CertUtils: verifySystemCertByNickname() passed: " + nickname); if ((ccu & CryptoManager.CertificateUsage.SSLServer.getUsage()) != 0) CMS.debug("CertUtils: verifySystemCertByNickname(): cert is SSLServer"); @@ -905,6 +906,9 @@ public class CertUtils { * returns true if it verifies; false if any not */ public static boolean verifySystemCertByTag(String tag) { + + CMS.debug("CertUtils: verifySystemCertByTag(" + tag + ")"); + String auditMessage = null; IConfigStore config = CMS.getConfigStore(); boolean r = true; diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java index 653850e02..cd475cd56 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java @@ -460,7 +460,7 @@ public class DBRegistry implements IDBRegistry, ISubsystem { throw new EDBException(CMS.getLogMessage("CMS_DBS_MISSING_OBJECT_CLASS")); } - //CMS.debug("createObject: attrs " + attrs.toString()); + CMS.debug("createObject: attrs " + attrs); attrs.remove("objectclass"); diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java index be674bfd5..46b835472 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java @@ -640,6 +640,7 @@ public class DBSubsystem implements IDBSubsystem { tmpConfig.putString(PROP_BASEDN, mBaseDN); } catch (EBaseException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw e; @@ -648,15 +649,18 @@ public class DBSubsystem implements IDBSubsystem { try { mLdapConnFactory.init(tmpConfig); } catch (ELdapServerDownException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - } catch (ELdapException ex) { + } catch (ELdapException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; - throw new EDBException(CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_ERROR", ex.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_ERROR", e.toString())); } catch (EBaseException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw e; @@ -767,8 +771,9 @@ public class DBSubsystem implements IDBSubsystem { reg.registerAttribute(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, new ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_EXPIRED_CERTS)); - if (!reg.isObjectClassRegistered( - RepositoryRecord.class.getName())) { + boolean registered = reg.isObjectClassRegistered(RepositoryRecord.class.getName()); + CMS.debug("registered: " + registered); + if (!registered) { String repRecordOC[] = new String[2]; repRecordOC[0] = RepositorySchema.LDAP_OC_TOP; @@ -776,6 +781,7 @@ public class DBSubsystem implements IDBSubsystem { reg.registerObjectClass( RepositoryRecord.class.getName(), repRecordOC); } + if (!reg.isAttributeRegistered(IRepositoryRecord.ATTR_SERIALNO)) { reg.registerAttribute(IRepositoryRecord.ATTR_SERIALNO, new BigIntegerMapper(RepositorySchema.LDAP_ATTR_SERIALNO)); @@ -790,6 +796,7 @@ public class DBSubsystem implements IDBSubsystem { } } catch (EBaseException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw e; diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java index cfe958807..0e3ffc13b 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java @@ -55,6 +55,9 @@ public abstract class LDAPDatabase<E extends IDBObj> extends Database<E> { } public void register(Class<E> recordType) throws EBaseException { + + CMS.debug("registering " + recordType.getName()); + IDBRegistry dbRegistry = dbSubsystem.getRegistry(); // register object classes diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java index e6b6e831e..0d789cc64 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java @@ -132,7 +132,7 @@ public abstract class Repository implements IRepository { protected BigInteger getSerialNumber() throws EBaseException { IDBSSession s = mDB.createSession(); - CMS.debug("Repository: getSerialNumber."); + CMS.debug("Repository: getSerialNumber()"); RepositoryRecord rec = null; try { @@ -327,7 +327,7 @@ public abstract class Repository implements IRepository { } protected void initCacheIfNeeded() throws EBaseException { - if (mLastSerialNo == null) + if (mLastSerialNo == null) initCache(); } @@ -401,15 +401,15 @@ public abstract class Repository implements IRepository { BigInteger retSerial = new BigInteger(mLastSerialNo.toString()); CMS.debug("Repository: getNextSerialNumber: returning retSerial " + retSerial); - return retSerial; + return retSerial; } /** * Checks to see if range needs to be switched. - * + * * @exception EBaseException thrown when next range is not allocated */ - protected void checkRange() throws EBaseException + protected void checkRange() throws EBaseException { // check if we have reached the end of the range // if so, move to next range |