Bug 577949 - clone from a clone requires contacting original security domain master

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1080 c9f7a03b-bd48-0410-a16d-cbbf54688b0b

3 files changed, 73 insertions, 4 deletions

diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java
index 7c9895e05..da9c6ddc9 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java
@@ -147,8 +147,8 @@ public class CreateSubsystemPanel extends WizardPanelBase {
         } catch (EBaseException e) {
         }
 
-        Vector v = getMasterUrlListFromSecurityDomain( config, cstype,
-                                                       "SecurePort" );
+        Vector v = getUrlListFromSecurityDomain(config, cstype, "SecurePort" );
+
         StringBuffer list = new StringBuffer();
         int size = v.size();
         for (int i = 0; i < size; i++) {
@@ -245,6 +245,7 @@ public class CreateSubsystemPanel extends WizardPanelBase {
                     if (counter == x) {
                         break;
                     }
+                    counter++;
                 }
             } catch (Exception e) {
             }
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
index 5b358005c..1509d5b74 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
@@ -252,6 +252,13 @@ public class DonePanel extends WizardPanelBase {
         } catch (Exception e) {
         }
 
+        boolean cloneMaster = false;
+
+        if (select.equals("clone") && type.equalsIgnoreCase("CA") && isSDHostDomainMaster(cs)) {
+            cloneMaster = true;
+            CMS.debug("Cloning a domain master");
+        }
+
         String s = getSubsystemNodeName(type);
         if (sdtype.equals("new")) {
             try {
@@ -334,7 +341,6 @@ public class DonePanel extends WizardPanelBase {
                     CMS.debug("Unable to create host entry in security domain");
                     throw e;
                 }
-                cs.putString("securitydomain.store", "ldap");
                 CMS.debug("DonePanel display: finish updating domain info");
                 conn.disconnect();
             } catch (Exception e) {
@@ -378,6 +384,11 @@ public class DonePanel extends WizardPanelBase {
                 else
                     cloneStr = "&clone=false";
 
+                String domainMasterStr = "";
+                if (cloneMaster) 
+                    domainMasterStr = "&dm=true";
+                else 
+                    domainMasterStr = "&dm=false"; 
                 String eecaStr = "";
                 if (owneeclientauthsport != null) 
                     eecaStr="&eeclientauthsport=" + owneeclientauthsport;
@@ -389,7 +400,8 @@ public class DonePanel extends WizardPanelBase {
                                + "&host=" + ownhost
                                + "&name=" + subsystemName
                                + "&sport=" + ownsport
-                               + "&dm=false" + cloneStr
+                               + domainMasterStr 
+                               + cloneStr
                                + "&agentsport=" + ownagentsport
                                + "&adminsport=" + ownadminsport
                                + eecaStr 
@@ -408,6 +420,7 @@ public class DonePanel extends WizardPanelBase {
         // needs to remove system reference from the security domain
         try {
             cs.putString("service.securityDomainPort", ownagentsport);
+            cs.putString("securitydomain.store", "ldap");
             cs.commit(false);
         } catch (Exception e) {
             CMS.debug("DonePanel: exception in adding service.securityDomainPort to CS.cfg" + e);
@@ -523,6 +536,19 @@ public class DonePanel extends WizardPanelBase {
                     CMS.debug("Unable to update global next range numbers: " + e);
                 } 
             }
+        } 
+
+        if (cloneMaster) {
+            // cloning a domain master CA, the clone is also master of its domain
+            try {
+                cs.putString("securitydomain.host", ownhost);
+                cs.putString("securitydomain.httpport", ownport);
+                cs.putString("securitydomain.httpsadminport", ownadminsport);
+                cs.putString("securitydomain.httpsagentport", ownagentsport);
+                cs.putString("securitydomain.httpseeport", ownsport);
+            } catch (Exception e) {
+                CMS.debug("Caught exception trying to save security domain parameters for clone of a domain master");
+            }
         }
 
         cs.putInteger("cs.state", 1);
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java
index d8bfc04b1..5f3105403 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java
@@ -922,6 +922,48 @@ public class WizardPanelBase implements IWizardPanel {
         return c;
     }
 
+    public boolean isSDHostDomainMaster (IConfigStore config) {
+        String dm="false";
+        try {
+            String hostname = config.getString("securitydomain.host");
+            int httpsadminport = config.getInteger("securitydomain.httpsadminport");
+
+            CMS.debug("Getting domain.xml from CA...");
+            String c = getDomainXML(hostname, httpsadminport, true);
+
+            CMS.debug("Getting DomainMaster from security domain");
+
+            ByteArrayInputStream bis = new ByteArrayInputStream( c.getBytes() );
+            XMLObject parser = new XMLObject( bis );
+            Document doc = parser.getDocument();
+            NodeList nodeList = doc.getElementsByTagName( "CA" );
+
+            int len = nodeList.getLength();
+            for( int i = 0; i < len; i++ ) {
+                Vector v_hostname =
+                       parser.getValuesFromContainer( nodeList.item(i),
+                                                      "Host" );
+
+                Vector v_https_admin_port =
+                       parser.getValuesFromContainer( nodeList.item(i),
+                                                      "SecureAdminPort" );
+
+                Vector v_domain_mgr =
+                       parser.getValuesFromContainer( nodeList.item(i),
+                                                      "DomainManager" );
+
+                if( v_hostname.elementAt( 0 ).equals( hostname ) &&
+                    v_https_admin_port.elementAt( 0 ).equals( Integer.toString(httpsadminport) ) ) {
+                    dm = v_domain_mgr.elementAt( 0 ).toString();
+                    break;
+                }
+            }
+        } catch (Exception e) {
+            CMS.debug( e.toString() );
+        }
+        return dm.equals("true");
+    }
+ 
     public Vector getMasterUrlListFromSecurityDomain( IConfigStore config,
                                                       String type,
                                                       String portType ) {