Bugzilla Bug #467155 - Change "renameTo" to "cp -p ".

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@225 c9f7a03b-bd48-0410-a16d-cbbf54688b0b

2 files changed, 45 insertions, 22 deletions

diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
index 72c441b5b..1f1daec25 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java
@@ -403,13 +403,29 @@ public abstract class CMSServlet extends HttpServlet {
         Enumeration paramNames = httpReq.getParameterNames();
         while (paramNames.hasMoreElements()) {
             String pn = (String)paramNames.nextElement();
-            // added this facility so that password can be hided,
+            // added this facility so that password can be hidden,
             // all sensitive parameters should be prefixed with 
-            // __ (double underscores)
-            if (pn.startsWith("__")) {
-              CMS.debug("CMSServlet::service() param name='" + pn + "' value='(sensitive)'" );
+            // __ (double underscores); however, in the event that
+            // a security parameter slips through, we perform multiple
+            // additional checks to insure that it is NOT displayed
+            if( pn.startsWith("__")                         ||
+                pn.endsWith("password")                     ||
+                pn.endsWith("passwd")                       ||
+                pn.endsWith("pwd")                          ||
+                pn.equalsIgnoreCase("admin_password_again") ||
+                pn.equalsIgnoreCase("bindpassword")         ||
+                pn.equalsIgnoreCase("bindpwd")              ||
+                pn.equalsIgnoreCase("passwd")               ||
+                pn.equalsIgnoreCase("password")             ||
+                pn.equalsIgnoreCase("pin")                  ||
+                pn.equalsIgnoreCase("pwd")                  ||
+                pn.equalsIgnoreCase("pwdagain")             ||
+                pn.equalsIgnoreCase("uPasswd") ) {
+              CMS.debug("CMSServlet::service() param name='" + pn +
+                        "' value='(sensitive)'" );
             } else {
-              CMS.debug("CMSServlet::service() param name='" + pn + "' value='" + httpReq.getParameter(pn) + "'" );
+              CMS.debug("CMSServlet::service() param name='" + pn +
+                        "' value='" + httpReq.getParameter(pn) + "'" );
             }
         }
     }
diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java
index efb84e3fe..d28543a9c 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java
@@ -26,6 +26,7 @@ import javax.servlet.*;
 import javax.servlet.http.*;
 import com.netscape.certsrv.apps.*;
 import com.netscape.certsrv.base.*;
+import com.netscape.cmsutil.util.Utils;
 
 
 /**
@@ -50,27 +51,33 @@ public class CMSStartServlet extends HttpServlet {
             }
             File f1 = new File(old_path);
             if (f1.exists()) {
-                boolean success = f1.renameTo(f);
-                if (!success) {
-                    String cmds[] = new String[3];
-                    if (File.separator.equals("\\")) {
-                        cmds[0] = "cmd";
-                        cmds[1] = "/c";
-                        cmds[2] = "copy "+
-                          f1.getAbsolutePath().replace('/', '\\') + " " +
-                          f.getAbsolutePath().replace('/', '\\');
+                // The following block of code moves "CMS.cfg" to "CS.cfg".
+                try {
+                    if( Utils.isNT() ) {
+                        // NT is very picky on the path
+                        Utils.exec( "copy " +
+                                    f1.getAbsolutePath().replace( '/', '\\' ) +
+                                    " " +
+                                    f.getAbsolutePath().replace( '/', '\\' ) );
                     } else {
-                        cmds[0] = "/bin/sh";
-                        cmds[1] = "-c";
-                        cmds[2] = "cp " + f1.getAbsolutePath() + " " +
-                          f.getAbsolutePath();
+                        // Create a copy of the original file which
+                        // preserves the original file permissions.
+                        Utils.exec( "cp -p " + f1.getAbsolutePath() + " " +
+                                    f.getAbsolutePath() );
                     }
 
-                    try {
-                        Process process = Runtime.getRuntime().exec(cmds);
-                        process.waitFor();
-                    } catch (Exception e) {
+                    // Remove the original file if and only if
+                    // the backup copy was successful.
+                    if( f.exists() ) {
+                        f1.delete();
+
+                        // Make certain that the new file has
+                        // the correct permissions.
+                        if( !Utils.isNT() ) {
+                            Utils.exec( "chmod 00660 " + f.getAbsolutePath() );
+                        }
                     }
+                } catch (Exception e) {
                 }
             }
         }