diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-07-23 00:26:22 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-07-23 00:26:22 +0000 |
commit | 6737a416d8cf688b15ec72a5ca574b0208a4dfc8 (patch) | |
tree | 43f298417795ecfa22af989a4031e43c642ac3ba /pki/base/common/src/com | |
parent | e5f83cbfceeac25ba1cdb532bf327c2f3e389d2f (diff) | |
download | pki-6737a416d8cf688b15ec72a5ca574b0208a4dfc8.tar.gz pki-6737a416d8cf688b15ec72a5ca574b0208a4dfc8.tar.xz pki-6737a416d8cf688b15ec72a5ca574b0208a4dfc8.zip |
Bug 608086 - CC: CA, OCSP, and DRM need to add more audit calls
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1130 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com')
7 files changed, 34 insertions, 40 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java index 5c2da2d08..75dd7594a 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java @@ -104,7 +104,7 @@ public interface IKeyService { * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever * a user private key recovery request is made (this is when the DRM * receives the request) - * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_PROCESSED used whenever + * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever * a user private key recovery request is processed (this is when the DRM * processes the request) * </ul> diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java index d5e6d1299..e36f5b385 100644 --- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java +++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java @@ -1167,7 +1167,20 @@ public abstract class EnrollProfile extends BasicProfile public void populateInput(IProfileContext ctx, IRequest request) throws EProfileException { super.populateInput(ctx, request); + } + + public void populate(IRequest request) + throws EProfileException { + super.populate(request); + + } + /** + * Passes the request to the set of constraint policies + * that validate the request against the profile. + */ + public void validate(IRequest request) + throws ERejectException { String auditMessage = null; String auditSubjectID = auditSubjectID(); String auditRequesterID = auditRequesterID(request); @@ -1230,34 +1243,8 @@ public abstract class EnrollProfile extends BasicProfile audit(auditMessage); } - // } catch( EProfileException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST, - // auditSubjectID, - // ILogger.FAILURE, - // auditRequesterID, - // auditProfileID, - // auditCertificateSubjectName ); - // - // audit( auditMessage ); - // } - } - - public void populate(IRequest request) - throws EProfileException { - super.populate(request); - - } - /** - * Passes the request to the set of constraint policies - * that validate the request against the profile. - */ - public void validate(IRequest request) - throws ERejectException { super.validate(request); - X509CertInfo info = request.getExtDataInCertInfo(REQUEST_CERTINFO); Object key = null; try { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java index 63b0d6595..78c9837c2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java @@ -252,14 +252,19 @@ public class NamePanel extends WizardPanelBase { boolean done = config.getBoolean("preop.NamePanel.done"); c.setDN(dn); } catch (Exception e) { + String instanceId = config.getString("service.instanceID", ""); if (select.equals("clone") || dnUpdated) { c.setDN(dn); } else if (count != 0 && override && (cert.equals("") || certreq.equals(""))) { CMS.debug("NamePanel subsystemCount = "+count); - c.setDN(dn + " "+count+ ((o_sd)? (",O=" + domainname):"")); + c.setDN(dn + " "+count+ + ((!instanceId.equals(""))? (",OU=" + instanceId):"") + + ((o_sd)? (",O=" + domainname):"")); config.putBoolean(PCERT_PREFIX+certTag+".updatedDN", true); } else { - c.setDN(dn + ((o_sd)? (",O=" + domainname):"")); + c.setDN(dn + + ((!instanceId.equals(""))? (",OU=" + instanceId):"") + + ((o_sd)? (",O=" + domainname):"")); config.putBoolean(PCERT_PREFIX+certTag+".updatedDN", true); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java b/pki/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java index 7882b815f..499c1a80c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java +++ b/pki/base/common/src/com/netscape/cms/servlet/key/RecoverBySerial.java @@ -200,8 +200,12 @@ public class RecoverBySerial extends CMSServlet { int requiredNumber = mService.getNoOfRequiredAgents(); header.addIntegerValue("noOfRequiredAgents", requiredNumber); } else { - ctx.put(SessionContext.RECOVERY_ID, - req.getParameter("recoveryID")); + String recoveryID = req.getParameter("recoveryID"); + + if (recoveryID != null && !recoveryID.equals("")) { + ctx.put(SessionContext.RECOVERY_ID, + req.getParameter("recoveryID")); + } byte pkcs12[] = process(form, argSet, header, req.getParameter(IN_SERIALNO), req.getParameter("localAgents"), diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java index 0bce4b248..535adee2b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java @@ -50,7 +50,6 @@ public class ProfileProcessServlet extends ProfileServlet { private String mAuthorityId = null; private Nonces mNonces = null; - private final static byte EOL[] = { Character.LINE_SEPARATOR }; private final static String SIGNED_AUDIT_CERT_REQUEST_REASON = "requestNotes"; private final static String LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED = @@ -910,8 +909,8 @@ public class ProfileProcessServlet extends ProfileServlet { // extract all line separators from the "base64Data" StringBuffer sb = new StringBuffer(); for (int i = 0; i < base64Data.length(); i++) { - if (base64Data.substring(i, i).getBytes() != EOL) { - sb.append(base64Data.substring(i, i)); + if (!Character.isWhitespace(base64Data.charAt(i))) { + sb.append(base64Data.charAt(i)); } } cert = sb.toString(); diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java index 841bd84ce..6e99f0baa 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java @@ -58,7 +58,6 @@ public class ProfileSubmitCMCServlet extends ProfileServlet { private String requestBinary = null; private String requestB64 = null; - private final static byte EOL[] = { Character.LINE_SEPARATOR }; private final static String[] SIGNED_AUDIT_AUTOMATED_REJECTION_REASON = new String[] { @@ -824,8 +823,8 @@ profile, IRequest req) { // extract all line separators from the "base64Data" StringBuffer sb = new StringBuffer(); for (int i = 0; i < base64Data.length(); i++) { - if (base64Data.substring(i, i).getBytes() != EOL) { - sb.append(base64Data.substring(i, i)); + if (!Character.isWhitespace(base64Data.charAt(i))) { + sb.append(base64Data.charAt(i)); } } cert = sb.toString(); diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java index c7a99de5e..1c6097f48 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java @@ -65,7 +65,6 @@ public class ProfileSubmitServlet extends ProfileServlet { private String mReqType = null; private String mAuthorityId = null; - private final static byte EOL[] = { Character.LINE_SEPARATOR }; private final static String[] SIGNED_AUDIT_AUTOMATED_REJECTION_REASON = new String[] { @@ -1504,8 +1503,9 @@ public class ProfileSubmitServlet extends ProfileServlet { // extract all line separators from the "base64Data" StringBuffer sb = new StringBuffer(); for (int i = 0; i < base64Data.length(); i++) { - if (base64Data.substring(i, i).getBytes() != EOL) { - sb.append(base64Data.substring(i, i)); + if (!Character.isWhitespace(base64Data.charAt(i))) { + sb.append(base64Data.charAt(i)); + } } cert = sb.toString(); |