Bug 577949 - clone from a clone requires contacting original security domain master - additional fixes

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1103 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-05-19 17:13:22 +0000
committer: alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-05-19 17:13:22 +0000
commit: ac907d7dea8a3c6e6911fa040ca6709273905187 (patch)
tree: 8a9692d2b7fe67cae246b4fa55369c22a16dcbf7 /pki/base/silent
parent: 90757db515f3df2e2418fe053318cfe5ad324604 (diff)
download: pki-ac907d7dea8a3c6e6911fa040ca6709273905187.tar.gz
pki-ac907d7dea8a3c6e6911fa040ca6709273905187.tar.xz
pki-ac907d7dea8a3c6e6911fa040ca6709273905187.zip
2 files changed, 17 insertions, 2 deletions
diff --git a/pki/base/silent/src/ca/ConfigureCA.java b/pki/base/silent/src/ca/ConfigureCA.java
index 5780310d2..aebc8e26e 100644
--- a/pki/base/silent/src/ca/ConfigureCA.java
+++ b/pki/base/silent/src/ca/ConfigureCA.java
@@ -151,6 +151,9 @@ public class ConfigureCA {
     public static String clone_p12_passwd = null;
     public static String clone_p12_file = null;
 
+    //for correct selection of CA to be cloned
+    public static String urls;
+
 
     public ConfigureCA() {// do nothing :)
     }
@@ -292,6 +295,15 @@ public class ConfigureCA {
                 "&session_id=" + subca_session_id + "&xml=true" ;
         
             hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri, query_string_2);
+            urls = hr.getHTML();
+            int indx = urls.indexOf(clone_uri);
+            if (indx < 0) {
+                throw new Exception("Invalid clone_uri");
+            }
+            urls = urls.substring(urls.lastIndexOf("<option" , indx), indx);
+            urls = urls.split("\"")[1];
+
+            System.out.println("urls =" + urls);
                                                                                                                                                                                                                  return true;
         } catch (Exception e) {
             System.out.println("Exception in SecurityDomainLoginPanel(): " + e.toString());
@@ -316,7 +328,7 @@ public class ConfigureCA {
                 query_string = "p=3" + "&op=next" + "&xml=true"
                     + "&choice=clonesubsystem" + "&subsystemName="
                     + URLEncoder.encode(subsystem_name)
-                    + "&urls=0" + "";
+                    + "&urls=" + urls + "";
             }
 
             hr = hc.sslConnect(cs_hostname, cs_port, wizard_uri, query_string);
@@ -1496,7 +1508,7 @@ public class ConfigureCA {
                 x_ext_csr_file);
 
         parser.addOption("-clone %s #Clone of another CA [true, false] (optional, default false)", x_clone);
-        parser.addOption("-clone_uri %s #URL of Master CA to clone (optional)", x_clone_uri);
+        parser.addOption("-clone_uri %s #URL of Master CA to clone. It must have the form https://<hostname>:<EE port> (optional, required if -clone=true)", x_clone_uri);
         parser.addOption("-clone_p12_file %s #File containing pk12 keys of Master CA (optional, required if -clone=true)", x_clone_p12_file);
         parser.addOption("-clone_p12_password %s #Password for pk12 file (optional, required if -clone=true)", x_clone_p12_passwd);
 
diff --git a/pki/base/silent/templates/pki_silent.template b/pki/base/silent/templates/pki_silent.template
index d42b14795..3b86a8ff4 100755
--- a/pki/base/silent/templates/pki_silent.template
+++ b/pki/base/silent/templates/pki_silent.template
@@ -403,6 +403,7 @@ ca_audit_signing_cert_subject_name="cn=CA\ Audit\ Signing\ Certificate,o=${pki_s
 ##  ca_clone=true	
 ##  ca_clone_p12_file=		
 ##  ca_clone_p12_password=
+##  clone_uri=
 ##  sd_hostname=
 ##  sd_admin_port=
 ##  sd_admin_name=
@@ -412,6 +413,7 @@ ca_audit_signing_cert_subject_name="cn=CA\ Audit\ Signing\ Certificate,o=${pki_s
 ##  1. ca_clone_p12_file must be just the filename relative to the alias directory.
 ##     So in the example above, ca_clone_p12_file="ca-master.p12"
 ##  2. sd_* refer to the CA where the security domain is hosted. 
+##  3. clone_uri has the following format: https://<hostname>:<EE port> fo the CA to be cloned
 ##
 ##  ADDITIONAL NOTES:
 ##  1. The clone CA and master CA cannot share the same database instance.  A new 
@@ -1121,6 +1123,7 @@ pkisilent ConfigureCA \
 #       -clone ${ca_clone} \
 #       -clone_p12_file ${ca_clone_p12_file} \
 #       -clone_p12_password ${ca_clone_p12_password} \
+#       -clone_uri ${clone_uri} \
 #       -sd_hostname ${sd_hostname} \
 #       -sd_admin_port ${sd_admin_port} \
 #       -sd_admin_name ${sd_admin_name} \
author	alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-05-19 17:13:22 +0000
committer	alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-05-19 17:13:22 +0000
commit	ac907d7dea8a3c6e6911fa040ca6709273905187 (patch)
tree	8a9692d2b7fe67cae246b4fa55369c22a16dcbf7 /pki/base/silent
parent	90757db515f3df2e2418fe053318cfe5ad324604 (diff)
download	pki-ac907d7dea8a3c6e6911fa040ca6709273905187.tar.gz pki-ac907d7dea8a3c6e6911fa040ca6709273905187.tar.xz pki-ac907d7dea8a3c6e6911fa040ca6709273905187.zip