diff options
author | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-15 20:22:45 +0000 |
---|---|---|
committer | vakwetu <vakwetu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-15 20:22:45 +0000 |
commit | 23e51797c4d54e60c7285fc03baceda10cf5e4fb (patch) | |
tree | 74d43130ae63b048789a73b4b7541c0d370d12d7 /pki | |
parent | bf560d2a301c3673ed7c4f221d0d60385bd14f16 (diff) | |
download | pki-23e51797c4d54e60c7285fc03baceda10cf5e4fb.tar.gz pki-23e51797c4d54e60c7285fc03baceda10cf5e4fb.tar.xz pki-23e51797c4d54e60c7285fc03baceda10cf5e4fb.zip |
Bugzilla Bug 651916 - kra and ocsp are using incorrect ports to talk to CA and complete configuration in DonePanel
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1498 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki')
23 files changed, 206 insertions, 72 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java index 814951e8e..f21a56de9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java @@ -714,7 +714,7 @@ public class DonePanel extends WizardPanelBase { int port = -1; try { host = cs.getString("preop.ca.hostname", ""); - port = cs.getInteger("preop.ca.httpsport", -1); + port = cs.getInteger("preop.ca.httpsadminport", -1); } catch (Exception e) { } @@ -738,16 +738,14 @@ public class DonePanel extends WizardPanelBase { throws IOException { IConfigStore cs = CMS.getConfigStore(); int port = -1; - URL urlx = null; String url = ""; String host = null; String transportCert = ""; try { url = cs.getString("preop.ca.url", ""); if (!url.equals("")) { - urlx = new URL(url); - host = urlx.getHost(); - port = urlx.getPort(); + host = cs.getString("preop.ca.hostname", ""); + port = cs.getInteger("preop.ca.httpsadminport", -1); transportCert = cs.getString("kra.transport.cert", ""); } } catch (Exception e) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java index 72f299278..848ffba6f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java +++ b/pki/base/common/src/com/netscape/cms/servlet/filter/AdminRequestFilter.java @@ -52,6 +52,10 @@ public class AdminRequestFilter implements Filter String request_port = null; String param_https_port = null; String msg = null; + String param_active = null; + + // CMS.debug("Entering the admin filter"); + param_active = config.getInitParameter( "active"); if( request instanceof HttpServletRequest ) { HttpServletResponse resp = ( HttpServletResponse ) response; @@ -82,14 +86,21 @@ public class AdminRequestFilter implements Filter // Compare the request and param "https" ports if( ! param_https_port.equals( request_port ) ) { + String uri = ((HttpServletRequest) request).getRequestURI(); msg = "Use HTTPS port '" + param_https_port + "' instead of '" + request_port + "' when performing " + HTTPS_ROLE + " tasks!"; CMS.debug( filterName + ": " + msg ); - resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); - return; + CMS.debug( filterName + ": uri is " + uri); + if ((param_active != null) &&(param_active.equals("false"))) { + CMS.debug("Filter is disabled .. continuing"); + } else { + resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); + return; + } } } + // CMS.debug("Exiting the admin filter"); chain.doFilter( request, response ); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java index f8385f1f9..e4d1bb3df 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java +++ b/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java @@ -53,6 +53,11 @@ public class AgentRequestFilter implements Filter String param_https_port = null; String msg = null; + String param_active = null; + + // CMS.debug("Entering the agent filter"); + param_active = config.getInitParameter( "active"); + if( request instanceof HttpServletRequest ) { HttpServletResponse resp = ( HttpServletResponse ) response; @@ -82,14 +87,21 @@ public class AgentRequestFilter implements Filter // Compare the request and param "https" ports if( ! param_https_port.equals( request_port ) ) { + String uri = ((HttpServletRequest) request).getRequestURI(); msg = "Use HTTPS port '" + param_https_port + "' instead of '" + request_port + "' when performing " + HTTPS_ROLE + " tasks!"; CMS.debug( filterName + ": " + msg ); - resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); - return; + CMS.debug( filterName + ": uri is " + uri); + if ((param_active != null) &&(param_active.equals("false"))) { + CMS.debug("Filter is disabled .. continuing"); + } else { + resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); + return; + } } } + // CMS.debug("Exiting the Agent filter"); chain.doFilter( request, response ); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/EEClientAuthRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/EEClientAuthRequestFilter.java index ef78a799a..6ed6617bc 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/EEClientAuthRequestFilter.java +++ b/pki/base/common/src/com/netscape/cms/servlet/filter/EEClientAuthRequestFilter.java @@ -52,6 +52,10 @@ public class EEClientAuthRequestFilter implements Filter String request_port = null; String param_https_port = null; String msg = null; + String param_active = null; + + // CMS.debug("Entering the EECA filter"); + param_active = config.getInitParameter( "active"); if( request instanceof HttpServletRequest ) { HttpServletResponse resp = ( HttpServletResponse ) response; @@ -82,14 +86,21 @@ public class EEClientAuthRequestFilter implements Filter // Compare the request and param "https" ports if( ! param_https_port.equals( request_port ) ) { + String uri = ((HttpServletRequest) request).getRequestURI(); msg = "Use HTTPS port '" + param_https_port + "' instead of '" + request_port + "' when performing " + HTTPS_ROLE + " tasks!"; CMS.debug( filterName + ": " + msg ); - resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); - return; + CMS.debug( filterName + ": uri is " + msg); + if ((param_active != null) &&(param_active.equals("false"))) { + CMS.debug("Filter is disabled .. continuing"); + } else { + resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); + return; + } } } + // CMS.debug("exiting the EECA filter"); chain.doFilter( request, response ); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/EERequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/EERequestFilter.java index dfaf2902d..23df05954 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/EERequestFilter.java +++ b/pki/base/common/src/com/netscape/cms/servlet/filter/EERequestFilter.java @@ -56,6 +56,10 @@ public class EERequestFilter implements Filter String param_http_port = null; String param_https_port = null; String msg = null; + String param_active = null; + + // CMS.debug("Entering the EE filter"); + param_active = config.getInitParameter( "active"); if( request instanceof HttpServletRequest ) { HttpServletResponse resp = ( HttpServletResponse ) response; @@ -102,12 +106,18 @@ public class EERequestFilter implements Filter // the request and param "https" ports if( scheme.equals( HTTP_SCHEME ) ) { if( ! param_http_port.equals( request_port ) ) { + String uri = ((HttpServletRequest) request).getRequestURI(); msg = "Use HTTP port '" + param_http_port + "' instead of '" + request_port + "' when performing " + HTTP_ROLE + " tasks!"; CMS.debug( filterName + ": " + msg ); - resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); - return; + CMS.debug( filterName + ": uri is " + uri); + if ((param_active != null) &&(param_active.equals("false"))) { + CMS.debug("Filter is disabled .. continuing"); + } else { + resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); + return; + } } } else if( scheme.equals( HTTPS_SCHEME ) ) { if( ! param_https_port.equals( request_port ) ) { @@ -115,11 +125,16 @@ public class EERequestFilter implements Filter + "' instead of '" + request_port + "' when performing " + HTTPS_ROLE + " tasks!"; CMS.debug( filterName + ": " + msg ); - resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); - return; + if ((param_active != null) &&(param_active.equals("false"))) { + CMS.debug("Filter is disabled .. continuing"); + } else { + resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); + return; + } } } } + // CMS.debug("Exiting the EE filter"); chain.doFilter( request, response ); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/PassThroughRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/PassThroughRequestFilter.java index a47888442..32a3725f1 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/PassThroughRequestFilter.java +++ b/pki/base/common/src/com/netscape/cms/servlet/filter/PassThroughRequestFilter.java @@ -59,6 +59,7 @@ public class PassThroughRequestFilter implements Filter String servlet = null; String msg = null; + // CMS.debug("Entering the Passthrough filter"); if( request instanceof HttpServletRequest ) { HttpServletRequest req = ( HttpServletRequest ) request; @@ -68,6 +69,7 @@ public class PassThroughRequestFilter implements Filter CMS.debug( filterName + ": " + msg ); } + // CMS.debug("Exiting the passthrough filter"); chain.doFilter( request, response ); } diff --git a/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml b/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml index b702281e9..7a89c93ed 100644 --- a/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml +++ b/pki/base/kra/shared/webapps/kra/WEB-INF/web.xml @@ -15,6 +15,10 @@ <param-name>https_port</param-name> <param-value>[PKI_AGENT_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <filter> @@ -24,6 +28,10 @@ <param-name>https_port</param-name> <param-value>[PKI_ADMIN_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <filter> @@ -37,6 +45,10 @@ <param-name>https_port</param-name> <param-value>[PKI_EE_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <servlet> diff --git a/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml b/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml index 893c01b4b..0d31dcebe 100644 --- a/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml +++ b/pki/base/ocsp/shared/webapps/ocsp/WEB-INF/web.xml @@ -19,6 +19,10 @@ <param-name>https_port</param-name> <param-value>[PKI_AGENT_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <filter> @@ -28,6 +32,10 @@ <param-name>https_port</param-name> <param-value>[PKI_ADMIN_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <filter> @@ -41,6 +49,10 @@ <param-name>https_port</param-name> <param-value>[PKI_EE_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <servlet> diff --git a/pki/base/ra/lib/perl/PKI/RA/AdminPanel.pm b/pki/base/ra/lib/perl/PKI/RA/AdminPanel.pm index 6cf1c69c4..ebf2a0cd9 100755 --- a/pki/base/ra/lib/perl/PKI/RA/AdminPanel.pm +++ b/pki/base/ra/lib/perl/PKI/RA/AdminPanel.pm @@ -91,7 +91,6 @@ sub update $cert_request =~ s/%0D%0A//g; # remove carraige return # submit request to CA -# my $cainfo = $::config->get("preop.cainfo.select"); # Admin Certificate should be obtained from the ca selected in the # name panel. If name panel use External CA, the admin certificate diff --git a/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm b/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm index 7e20e222d..c8f2e43fd 100755 --- a/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm +++ b/pki/base/ra/lib/perl/PKI/RA/CAInfoPanel.pm @@ -120,7 +120,7 @@ sub update &PKI::RA::Wizard::debug_log("CAInfoPanel: update - host= $host, https_ee_port= $https_ee_port"); - $::config->put("preop.cainfo.select", "https://$host:$https_ee_port"); + $::config->put("preop.cainfo.select", "https://$host:$https_admin_port"); my $serverCertNickName = $::config->get("preop.cert.sslserver.nickname"); my $subsystemCertNickName = $::config->get("preop.cert.subsystem.nickname"); diff --git a/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm b/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm index 4ab51f1b7..ea05a8ccd 100755 --- a/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm +++ b/pki/base/ra/lib/perl/PKI/RA/ImportAdminCertPanel.pm @@ -122,8 +122,7 @@ sub display my ($q) = @_; &PKI::RA::Wizard::debug_log("ImportAdminCertPanel: display"); -# my $cainfo = $::config->get("preop.cainfo.select"); - my $cainfo = "https://".$::config->get("conn.ca1.hostadminport"); + my $cainfo = $::config->get("preop.cainfo.select"); my $cainfo_url = new URI::URL($cainfo); my $serialNumber = $::config->get("preop.admincert.serialno.0"); diff --git a/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml b/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml index 094cbd44a..921eb38af 100644 --- a/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml +++ b/pki/base/tks/shared/webapps/tks/WEB-INF/web.xml @@ -19,6 +19,10 @@ <param-name>https_port</param-name> <param-value>[PKI_AGENT_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <filter> @@ -28,6 +32,10 @@ <param-name>https_port</param-name> <param-value>[PKI_ADMIN_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <filter> @@ -41,6 +49,10 @@ <param-name>https_port</param-name> <param-value>[PKI_EE_SECURE_PORT]</param-value> </init-param> + <init-param> + <param-name>active</param-name> + <param-value>true</param-value> + </init-param> </filter> <servlet> diff --git a/pki/base/tps/lib/perl/PKI/TPS/AdminPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/AdminPanel.pm index 47af31018..8f2e2ea12 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/AdminPanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/AdminPanel.pm @@ -89,7 +89,6 @@ sub update $cert_request =~ s/%0D%0A//g; # remove carraige return # submit request to CA -# my $cainfo = $::config->get("preop.cainfo.select"); # Admin Certificate should be obtained from the ca selected in the # name panel. If name panel use External CA, the admin certificate diff --git a/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm index f17bb2bce..b86cc343a 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/CAInfoPanel.pm @@ -76,11 +76,13 @@ sub update my ($q) = @_; &PKI::TPS::Wizard::debug_log("CAInfoPanel: update"); - my $count = $q->param('urls'); + my $count = $q->param('urls') || ""; + if ($count eq "") { + $::symbol{errorString} = "No CA information provided. CA, TKS and optionally DRM must be installed prior to TPS installation"; + return 0; + } &PKI::TPS::Wizard::debug_log("CAInfoPanel: update - got urls = $count"); - &PKI::TPS::Wizard::debug_log("CAInfoPanel: update - selected ca= $count"); - my $instanceID = $::config->get("service.instanceID"); my $host = ""; my $https_ee_port = ""; @@ -89,9 +91,20 @@ sub update my $domain_xml = ""; if ($count =~ /http/) { + # this is for pkisilent my $info = new URI::URL($count); - $host = $info->host; - $https_ee_port = $info->port; + $host = $info->host || ""; + if ($host eq "") { + $::symbol{errorString} = "No CA host provided."; + return 0; + } + + $https_ee_port = $info->port || ""; + if ($https_ee_port eq "") { + $::symbol{errorString} = "No CA EE port provided."; + return 0; + } + $domain_xml = get_domain_xml($host, $https_ee_port); if ($domain_xml eq "") { $::symbol{errorString} = "missing security domain. CA, TKS and optionally DRM must be installed prior to TPS installation"; @@ -102,14 +115,14 @@ sub update $https_admin_port = get_secure_admin_port_from_domain_xml($domain_xml, $host, $https_ee_port); if(($https_admin_port eq "") || ($https_agent_port eq "")) { - $::symbol{errorString} = "missing secure CA admin or agent port. CA, TKS and optionally DRM must be installed prior to TPS installation"; + $::symbol{errorString} = "secure CA admin or agent port information not provided by security domain."; return 0; } } else { - $host = $::config->get("preop.securitydomain.ca$count.host"); - $https_ee_port = $::config->get("preop.securitydomain.ca$count.secureport"); - $https_agent_port = $::config->get("preop.securitydomain.ca$count.secureagentport"); - $https_admin_port = $::config->get("preop.securitydomain.ca$count.secureadminport"); + $host = $::config->get("preop.securitydomain.ca$count.host") || ""; + $https_ee_port = $::config->get("preop.securitydomain.ca$count.secureport") || ""; + $https_agent_port = $::config->get("preop.securitydomain.ca$count.secureagentport") || ""; + $https_admin_port = $::config->get("preop.securitydomain.ca$count.secureadminport") || ""; } if (($host eq "") || ($https_ee_port eq "") || ($https_admin_port eq "") || ($https_agent_port eq "")) { @@ -119,7 +132,7 @@ sub update &PKI::TPS::Wizard::debug_log("CAInfoPanel: update - host= $host, https_ee_port= $https_ee_port"); - $::config->put("preop.cainfo.select", "https://$host:$https_ee_port"); + $::config->put("preop.cainfo.select", "https://$host:$https_admin_port"); my $serverCertNickName = $::config->get("preop.cert.sslserver.nickname"); my $subsystemCertNickName = $::config->get("preop.cert.subsystem.nickname"); @@ -184,7 +197,8 @@ sub display my $first = 1; my $list = ""; while (1) { - my $host = $::config->get("preop.securitydomain.ca$count.host"); + my $host = ""; + $host = $::config->get("preop.securitydomain.ca$count.host"); if ($host eq "") { goto DONE; } diff --git a/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm index f4eb27c23..ce8cc8778 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/DRMInfoPanel.pm @@ -77,25 +77,46 @@ sub update $::config->put("preop.krainfo.keygen", $choice); if ($choice eq "keygen") { - my $count = $q->param('urls'); + my $count = $q->param('urls') || ""; + if ($count eq "") { + $::symbol{errorString} = "no DRM information provided. CA, TKS and DRM must be installed prior to TPS installation"; + return 0; + } + &PKI::TPS::Wizard::debug_log("DRMInfoPanel: update - got urls = $count"); + my $instanceID = $::config->get("service.instanceID"); my $host = ""; my $https_agent_port = ""; + my $https_admin_port = ""; + if ($count =~ /http/) { + # this is for pkisilent my $info = new URI::URL($count); - $host = $info->host; - $https_agent_port = $info->port; + $host = $info->host || ""; + $https_agent_port = $info->port || ""; + $https_admin_port = $q->param('adminport') || ""; } else { - $host = $::config->get("preop.securitydomain.kra$count.host"); - $https_agent_port = $::config->get("preop.securitydomain.kra$count.secureagentport"); + $host = $::config->get("preop.securitydomain.kra$count.host") || ""; + $https_agent_port = $::config->get("preop.securitydomain.kra$count.secureagentport") || ""; + $https_admin_port = $::config->get("preop.securitydomain.kra$count.secureadminport") || ""; } + if (($host eq "") || ($https_agent_port eq "")) { $::symbol{errorString} = "no DRM found. CA, TKS and DRM must be installed prior to TPS installation"; return 0; } + + if ($https_admin_port eq "") { + if ($count =~ /http/) { + $::symbol{errorString} = "DRM admin port not provided by the security domain."; + } else { + $::symbol{errorString} = "DRM admin port not provided."; + } + return 0; + } - $::config->put("preop.krainfo.select", "https://$host:$https_agent_port"); my $subsystemCertNickName = $::config->get("preop.cert.subsystem.nickname"); + $::config->put("preop.krainfo.select", "https://$host:$https_admin_port"); $::config->put("conn.drm1.clientNickname", $subsystemCertNickName); $::config->put("conn.drm1.hostport", $host . ":" . $https_agent_port); $::config->put("conn.tks1.serverKeygen", "true"); @@ -131,7 +152,8 @@ sub display $::symbol{urls} = []; my $count = 0; while (1) { - my $host = $::config->get("preop.securitydomain.kra$count.host"); + my $host = ""; + $host = $::config->get("preop.securitydomain.kra$count.host"); if ($host eq "") { goto DONE; } diff --git a/pki/base/tps/lib/perl/PKI/TPS/DatabasePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/DatabasePanel.pm index 2e3a0bb47..d6aaed204 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/DatabasePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/DatabasePanel.pm @@ -195,27 +195,27 @@ sub display my $machineName = $::config->get("service.machineName"); my $instanceId = $::config->get("service.instanceID"); - my $host = $::config->get("preop.database.host"); + my $host = $::config->get("preop.database.host") || ""; $::symbol{hostname} = "localhost"; # default if ($host ne "") { $::symbol{hostname} = $host; } - my $port = $::config->get("preop.database.port"); + my $port = $::config->get("preop.database.port") || ""; $::symbol{portStr} = "389"; if ($port ne "") { $::symbol{portStr} = $port; } - my $basedn = $::config->get("preop.database.basedn"); + my $basedn = $::config->get("preop.database.basedn") || ""; $::symbol{basedn} = "dc=" . $machineName . "-" . $instanceId; if ($basedn ne "") { $::symbol{basedn} = $basedn; } - my $database = $::config->get("preop.database.database"); + my $database = $::config->get("preop.database.database") || ""; $::symbol{database} = $machineName . "-" . $instanceId; if ($database ne "") { $::symbol{database} = $database; } - my $binddn = $::config->get("preop.database.binddn"); + my $binddn = $::config->get("preop.database.binddn") || ""; $::symbol{binddn} = "cn=directory manager"; if ($binddn ne "") { $::symbol{binddn} = $binddn; diff --git a/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm index fc33a22a8..32941816d 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm @@ -166,7 +166,11 @@ sub register_tps $content =~ /(\<XMLResponse\>.*\<\/XMLResponse\>)/; $content = $1; - &PKI::TPS::Wizard::debug_log("DonePanel: result " . $content); + if (defined $content) { + &PKI::TPS::Wizard::debug_log("DonePanel: result " . $content); + } else { + &PKI::TPS::Wizard::debug_log("DonePanel: result undefined"); + } my $tmp = `rm $instDir/conf/.pwfile`; } @@ -285,7 +289,7 @@ sub display # $symbol{port} = "443"; &PKI::TPS::Wizard::debug_log("DonePanel: display"); - my $status = $::config->get("preop.done.status"); + my $status = $::config->get("preop.done.status") || ""; if ($status eq "done") { return 1; } diff --git a/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm index a33e73e75..468fbab2c 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/ImportAdminCertPanel.pm @@ -126,8 +126,7 @@ sub display my ($q) = @_; &PKI::TPS::Wizard::debug_log("ImportAdminCertPanel: display"); -# my $cainfo = $::config->get("preop.cainfo.select"); - my $cainfo = "https://".$::config->get("conn.ca1.hostadminport"); + my $cainfo = $::config->get("preop.cainfo.select"); my $cainfo_url = new URI::URL($cainfo); my $serialNumber = $::config->get("preop.admincert.serialno.0"); diff --git a/pki/base/tps/lib/perl/PKI/TPS/ModulePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/ModulePanel.pm index 6f3510fef..1ed814c82 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/ModulePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/ModulePanel.pm @@ -144,7 +144,7 @@ sub getTokens { # otherwise it is "not logged in" sub Login { my $tokenname = $_[0]; - my $pwd = $::pwdconf->get($tokenname); + my $pwd = $::pwdconf->get($tokenname) || ""; if ($pwd ne "") { &PKI::TPS::Wizard::debug_log("ModulePanel -> isLoggedIn retrieved pwd from pwdconf"); return 1; @@ -213,7 +213,7 @@ sub getModules { my $file = $module->{detail}->{"Library file"}; &PKI::TPS::Wizard::debug_log("ModulePanel -> getModules Library file = $file"); my $found = 0; - if ($file) { + if (defined $file) { $found = ($file =~ /Internal ONLY module/) || -e $file; } diff --git a/pki/base/tps/lib/perl/PKI/TPS/NamePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/NamePanel.pm index b5df967ce..c4a420877 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/NamePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/NamePanel.pm @@ -493,7 +493,7 @@ sub display my $count = 0; while (1) { - my $host = $::config->get("preop.securitydomain.ca$count.host"); + my $host = $::config->get("preop.securitydomain.ca$count.host") || ""; if ($host eq "") { goto DONE; } diff --git a/pki/base/tps/lib/perl/PKI/TPS/SizePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/SizePanel.pm index 1ffda171a..8ac49b68d 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/SizePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/SizePanel.pm @@ -75,7 +75,7 @@ sub update my $instanceDir = $::config->get("service.instanceDir"); my $done = $::config->get("preop.SizePanel.done"); - my $genKeyPair = $q->param('generateKeyPair'); + my $genKeyPair = $q->param('generateKeyPair') || ""; &PKI::TPS::Wizard::debug_log("SizePanel: update generateKeyPair value=$genKeyPair"); if ($done eq "true") { if ($genKeyPair eq "") { diff --git a/pki/base/tps/lib/perl/PKI/TPS/SubsystemTypePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/SubsystemTypePanel.pm index d0dc438c0..793849332 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/SubsystemTypePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/SubsystemTypePanel.pm @@ -118,7 +118,7 @@ sub display $::symbol{urls} = []; my $count = 0; while (1) { - my $host = $::config->get("preop.securitydomain.tps$count.host"); + my $host = $::config->get("preop.securitydomain.tps$count.host") || ""; if ($host eq "") { goto DONE; } diff --git a/pki/base/tps/lib/perl/PKI/TPS/TKSInfoPanel.pm b/pki/base/tps/lib/perl/PKI/TPS/TKSInfoPanel.pm index 62068ff2f..85c0b7d67 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/TKSInfoPanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/TKSInfoPanel.pm @@ -73,34 +73,46 @@ sub update my ($q) = @_; &PKI::TPS::Wizard::debug_log("TKSInfoPanel: update"); - my $count = $q->param('urls'); + my $count = $q->param('urls') || ""; + if ($count eq "") { + $::symbol{errorString} = "no TKS info provided. CA, TKS and optionally DRM must be installed prior to TPS installation"; + return 0; + } &PKI::TPS::Wizard::debug_log("TKSInfoPanel: update - got urls = $count"); - &PKI::TPS::Wizard::debug_log("TKSInfoPanel: update - selected ca= $count"); - my $instanceID = $::config->get("service.instanceID"); - my $host = ""; my $https_agent_port = ""; + my $https_admin_port = ""; + if ($count =~ /http/) { + # this is for pkisilent my $info = new URI::URL($count); - $host = $info->host; - $https_agent_port = $info->port; - if (($host eq "") || ($https_agent_port eq "")) { - $::symbol{errorString} = "no TKS found. CA, TKS and optionally DRM must be installed prior to TPS installation"; - return 0; - } - $::config->put("preop.tksinfo.select", $count); + $host = $info->host || ""; + $https_agent_port = $info->port || ""; + $https_admin_port = q->param('adminport') || ""; } else { - $host = $::config->get("preop.securitydomain.tks$count.host"); - $https_agent_port = $::config->get("preop.securitydomain.tks$count.secureagentport"); - if (($host eq "") || ($https_agent_port eq "")) { - $::symbol{errorString} = "no TKS found. CA, TKS and optionally DRM must be installed prior to TPS installation"; - return 0; - } - $::config->put("preop.tksinfo.select", "https://$host:$https_agent_port"); + $host = $::config->get("preop.securitydomain.tks$count.host") || ""; + $https_admin_port = $::config->get("preop.securitydomain.tks$count.secureadminport") || ""; + $https_agent_port = $::config->get("preop.securitydomain.tks$count.secureagentport") || ""; } + + if (($host eq "") || ($https_agent_port eq "")) { + $::symbol{errorString} = "no TKS found. CA, TKS and optionally DRM must be installed prior to TPS installation"; + return 0; + } + + if ($https_admin_port eq "") { + if ($count =~ /http/) { + $::symbol{errorString} = "TKS admin port must be provided"; + } else { + $::symbol{errorString} = "TKS admin port not provided by security domain."; + } + return 0; + } + my $subsystemCertNickName = $::config->get("preop.cert.subsystem.nickname"); + $::config->put("preop.tksinfo.select", "https://$host:$https_admin_port"); $::config->put("conn.tks1.clientNickname", $subsystemCertNickName); $::config->put("conn.tks1.hostport", $host . ":" . $https_agent_port); $::config->put("preop.tksinfo.done", "true"); @@ -116,7 +128,8 @@ sub display $::symbol{urls} = []; my $count = 0; while (1) { - my $host = $::config->get("preop.securitydomain.tks$count.host"); + my $host = ""; + $host = $::config->get("preop.securitydomain.tks$count.host"); if ($host eq "") { goto DONE; } |