diff options
| author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:27:47 -0500 |
|---|---|---|
| committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-26 11:43:54 -0500 |
| commit | 621d9e5c413e561293d7484b93882d985b3fe15f (patch) | |
| tree | 638f3d75761c121d9a8fb50b52a12a6686c5ac5c /pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java | |
| parent | 40d3643b8d91886bf210aa27f711731c81a11e49 (diff) | |
| download | pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip | |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java')
| -rw-r--r-- | pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java | 530 |
1 files changed, 0 insertions, 530 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java deleted file mode 100644 index cbeeed2df..000000000 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java +++ /dev/null @@ -1,530 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cmscore.ldap; - -import java.math.BigInteger; -import java.security.cert.Certificate; -import java.util.Hashtable; - -import netscape.security.x509.X509CertImpl; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.authority.IAuthority; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.base.ISubsystem; -import com.netscape.certsrv.base.MetaInfo; -import com.netscape.certsrv.ca.ICertificateAuthority; -import com.netscape.certsrv.dbs.certdb.ICertRecord; -import com.netscape.certsrv.dbs.certdb.ICertificateRepository; -import com.netscape.certsrv.ldap.ELdapException; -import com.netscape.certsrv.logging.ILogger; -import com.netscape.certsrv.profile.IEnrollProfile; -import com.netscape.certsrv.publish.IPublisherProcessor; -import com.netscape.certsrv.request.IRequest; -import com.netscape.certsrv.request.IRequestListener; -import com.netscape.certsrv.request.RequestId; -import com.netscape.cmscore.dbs.CertRecord; - -public class LdapRequestListener implements IRequestListener { - private boolean mInited = false; - - /** - * handlers for request types (events) - * each handler implement IRequestListener - */ - private Hashtable<String, IRequestListener> mRequestListeners = new Hashtable<String, IRequestListener>(); - - private IPublisherProcessor mPublisherProcessor = null; - - public LdapRequestListener() { - } - - public void set(String name, String val) { - } - - public void init(ISubsystem sys, IConfigStore config) throws EBaseException { - if (mInited) - return; - - mPublisherProcessor = (IPublisherProcessor) sys; - - mRequestListeners.put(IRequest.ENROLLMENT_REQUEST, - new LdapEnrollmentListener(mPublisherProcessor)); - mRequestListeners.put(IRequest.RENEWAL_REQUEST, - new LdapRenewalListener(mPublisherProcessor)); - mRequestListeners.put(IRequest.REVOCATION_REQUEST, - new LdapRevocationListener(mPublisherProcessor)); - mRequestListeners.put(IRequest.UNREVOCATION_REQUEST, - new LdapUnrevocationListener(mPublisherProcessor)); - mInited = true; - } - - public PublishObject getPublishObject(IRequest r) { - String type = r.getRequestType(); - PublishObject obj = new PublishObject(); - - if (type.equals(IRequest.ENROLLMENT_REQUEST)) { - // in case it's not meant for us - if (r.getExtDataInInteger(IRequest.RESULT) == null) - return null; - - // check if request failed. - if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); - return null; - } - CMS.debug("Checking publishing for request " + - r.getRequestId()); - // check if issued certs is set. - X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); - - if (certs == null || certs.length == 0 || certs[0] == null) { - CMS.debug( - "No certs to publish for request id " + - r.getRequestId()); - return null; - } - obj.setCerts(certs); - return obj; - } else if (type.equals(IRequest.RENEWAL_REQUEST)) { - // Note we do not remove old certs from directory during renewal - X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); - - if (certs == null || certs.length == 0) { - CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); - return null; - } - obj.setCerts(certs); - return obj; - } else if (type.equals(IRequest.REVOCATION_REQUEST)) { - X509CertImpl[] revcerts = r.getExtDataInCertArray(IRequest.OLD_CERTS); - - if (revcerts == null || revcerts.length == 0 || revcerts[0] == null) { - // no certs in revoke. - CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); - return null; - } - obj.setCerts(revcerts); - return obj; - } else if (type.equals(IRequest.UNREVOCATION_REQUEST)) { - X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); - - if (certs == null || certs.length == 0 || certs[0] == null) { - // no certs in unrevoke. - CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); - return null; - } - obj.setCerts(certs); - return obj; - } else { - CMS.debug("Request errored. " + - "Nothing to publish for request id " + - r.getRequestId()); - return null; - } - - } - - public void accept(IRequest r) { - String type = r.getRequestType(); - - IRequestListener handler = mRequestListeners.get(type); - - if (handler == null) { - CMS.debug( - "Nothing to publish for request type " + type); - return; - } - handler.accept(r); - } - -} - -class LdapEnrollmentListener implements IRequestListener { - IPublisherProcessor mProcessor = null; - - public LdapEnrollmentListener(IPublisherProcessor processor) { - mProcessor = processor; - } - - public void init(ISubsystem sys, IConfigStore config) throws EBaseException { - } - - public void set(String name, String val) { - } - - public void accept(IRequest r) { - CMS.debug( - "LdapRequestListener handling publishing for enrollment request id " + - r.getRequestId()); - - String profileId = r.getExtDataInString("profileId"); - - if (profileId == null) { - // in case it's not meant for us - if (r.getExtDataInInteger(IRequest.RESULT) == null) - return; - - // check if request failed. - if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); - return; - } - } - CMS.debug("Checking publishing for request " + - r.getRequestId()); - // check if issued certs is set. - Certificate[] certs = null; - if (profileId == null) { - certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); - } else { - certs = new Certificate[1]; - certs[0] = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); - } - - if (certs == null || certs.length == 0 || certs[0] == null) { - CMS.debug( - "No certs to publish for request id " + r.getRequestId()); - return; - } - - if (certs[0] instanceof X509CertImpl) - acceptX509(r, certs); - } - - public void acceptX509(IRequest r, Certificate[] certs) { - Integer results[] = new Integer[certs.length]; - boolean error = false; - - for (int i = 0; i < certs.length; i++) { - X509CertImpl xcert = (X509CertImpl) certs[i]; - - if (xcert == null) - continue; - try { - mProcessor.publishCert(xcert, r); - - results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "acceptX509: Published cert serial no 0x" + - xcert.getSerialNumber().toString(16)); - //mProcessor.setPublishedFlag(xcert.getSerialNumber(), true); - } catch (ELdapException e) { - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - xcert.getSerialNumber().toString(16), e.toString())); - results[i] = IRequest.RES_ERROR; - error = true; - } - } - r.setExtData("ldapPublishStatus", results); - r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); - } -} - -class LdapRenewalListener implements IRequestListener { - private IPublisherProcessor mProcessor = null; - - public LdapRenewalListener(IPublisherProcessor processor) { - mProcessor = processor; - } - - public void init(ISubsystem sys, IConfigStore config) throws EBaseException { - } - - public void set(String name, String val) { - } - - public void accept(IRequest r) { - // Note we do not remove old certs from directory during renewal - Certificate[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); - - if (certs == null || certs.length == 0) { - CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); - return; - } - - if (certs[0] instanceof X509CertImpl) - acceptX509(r, certs); - } - - public void acceptX509(IRequest r, Certificate[] certs) { - X509CertImpl cert = null; - - Integer results[] = new Integer[certs.length]; - boolean error = false; - - for (int i = 0; i < certs.length; i++) { - cert = (X509CertImpl) certs[i]; - if (cert == null) - continue; // there was an error issuing this cert. - try { - mProcessor.publishCert(cert, r); - results[i] = IRequest.RES_SUCCESS; - mProcessor.log(ILogger.LL_INFO, - "Published cert serial no 0x" + - cert.getSerialNumber().toString(16)); - } catch (ELdapException e) { - error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - cert.getSerialNumber().toString(16), e.toString())); - results[i] = IRequest.RES_ERROR; - } - } - r.setExtData("ldapPublishStatus", results); - r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); - } -} - -class LdapRevocationListener implements IRequestListener { - private IPublisherProcessor mProcessor = null; - - public LdapRevocationListener(IPublisherProcessor processor) { - mProcessor = processor; - } - - public void init(ISubsystem sys, IConfigStore config) throws EBaseException { - } - - public void set(String name, String val) { - } - - public void accept(IRequest r) { - CMS.debug( - "Handle publishing for revoke request id " + r.getRequestId()); - - // get fields in request. - Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); - - if (certs == null || certs.length == 0 || certs[0] == null) { - // no certs in revoke. - CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); - return; - } - - if (certs[0] instanceof X509CertImpl) - acceptX509(r, certs); - } - - public void acceptX509(IRequest r, Certificate[] revcerts) { - boolean error = false; - Integer results[] = new Integer[revcerts.length]; - - error = false; - for (int i = 0; i < revcerts.length; i++) { - X509CertImpl cert = (X509CertImpl) revcerts[i]; - - results[i] = IRequest.RES_ERROR; - try { - // We need the enrollment request to sort out predicate - BigInteger serial = cert.getSerialNumber(); - ICertRecord certRecord = null; - IAuthority auth = (IAuthority) mProcessor.getAuthority(); - - if (auth == null || - !(auth instanceof ICertificateAuthority)) { - mProcessor.log(ILogger.LL_WARN, - "Trying to get a certificate from non certificate authority."); - } else { - ICertificateRepository certdb = - (ICertificateRepository) ((ICertificateAuthority) auth).getCertificateRepository(); - - if (certdb == null) { - mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth); - } else { - try { - certRecord = (ICertRecord) certdb.readCertificateRecord(serial); - } catch (EBaseException e) { - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", - serial.toString(16), e.toString())); - } - } - } - - MetaInfo metaInfo = null; - String ridString = null; - - if (certRecord != null) - metaInfo = - (MetaInfo) certRecord.get(ICertRecord.ATTR_META_INFO); - if (metaInfo == null) { - mProcessor.log(ILogger.LL_FAILURE, - "failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + - serial.toString(16)); - } else { - ridString = (String) metaInfo.get(ICertRecord.META_REQUEST_ID); - } - - IRequest req = null; - - if (ridString != null) { - RequestId rid = new RequestId(ridString); - - req = auth.getRequestQueue().findRequest(rid); - } - mProcessor.unpublishCert(cert, req); - results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "Unpublished cert serial no 0x" + - cert.getSerialNumber().toString(16)); - } catch (ELdapException e) { - error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", - cert.getSerialNumber().toString(16), e.toString())); - } catch (EBaseException e) { - error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - cert.getSerialNumber().toString(16), e.toString())); - } - } - r.setExtData("ldapPublishStatus", results); - r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); - } -} - -class LdapUnrevocationListener implements IRequestListener { - private IPublisherProcessor mProcessor = null; - - public LdapUnrevocationListener(IPublisherProcessor processor) { - mProcessor = processor; - } - - public void init(ISubsystem sys, IConfigStore config) throws EBaseException { - } - - public void set(String name, String val) { - } - - public void accept(IRequest r) { - CMS.debug( - "Handle publishing for unrevoke request id " + r.getRequestId()); - - // get fields in request. - Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); - - if (certs == null || certs.length == 0 || certs[0] == null) { - // no certs in unrevoke. - CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); - return; - } - - if (certs[0] instanceof X509CertImpl) - acceptX509(r, certs); - } - - public void acceptX509(IRequest r, Certificate[] certs) { - boolean error = false; - Integer results[] = new Integer[certs.length]; - X509CertImpl xcert = null; - - for (int i = 0; i < certs.length; i++) { - results[i] = IRequest.RES_ERROR; - xcert = (X509CertImpl) certs[i]; - try { - // We need the enrollment request to sort out predicate - BigInteger serial = xcert.getSerialNumber(); - ICertRecord certRecord = null; - IAuthority auth = (IAuthority) mProcessor.getAuthority(); - - if (auth == null || - !(auth instanceof ICertificateAuthority)) { - mProcessor.log(ILogger.LL_WARN, - "Trying to get a certificate from non certificate authority."); - } else { - ICertificateRepository certdb = (ICertificateRepository) - ((ICertificateAuthority) auth).getCertificateRepository(); - - if (certdb == null) { - mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth); - } else { - try { - certRecord = (ICertRecord) certdb.readCertificateRecord(serial); - } catch (EBaseException e) { - mProcessor - .log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", serial.toString(16), - e.toString())); - } - } - } - - MetaInfo metaInfo = null; - String ridString = null; - - if (certRecord != null) - metaInfo = - (MetaInfo) certRecord.get(CertRecord.ATTR_META_INFO); - if (metaInfo == null) { - mProcessor.log(ILogger.LL_FAILURE, - "Failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + - serial.toString(16)); - } else { - ridString = (String) metaInfo.get(CertRecord.META_REQUEST_ID); - } - - IRequest req = null; - - if (ridString != null) { - RequestId rid = new RequestId(ridString); - - req = auth.getRequestQueue().findRequest(rid); - } - mProcessor.publishCert(xcert, req); - results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "Published cert serial no 0x" + - xcert.getSerialNumber().toString(16)); - } catch (ELdapException e) { - error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - xcert.getSerialNumber().toString(16), e.toString())); - } catch (EBaseException e) { - error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - xcert.getSerialNumber().toString(16), e.toString())); - } - } - r.setExtData("ldapPublishStatus", results); - r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); - } -} |