diff options
20 files changed, 578 insertions, 162 deletions
diff --git a/pki/base/ca/shared/profiles/ca/caTempTokenDeviceKeyEnrollment.cfg b/pki/base/ca/shared/profiles/ca/caTempTokenDeviceKeyEnrollment.cfg index 6e5cb8f27..530b3395a 100644 --- a/pki/base/ca/shared/profiles/ca/caTempTokenDeviceKeyEnrollment.cfg +++ b/pki/base/ca/shared/profiles/ca/caTempTokenDeviceKeyEnrollment.cfg @@ -41,7 +41,7 @@ policyset.set1.p3.constraint.name=No Constraint policyset.set1.p3.default.class_id=crlDistributionPointsExtDefaultImpl policyset.set1.p3.default.name=crlDistributionPointsExtDefaultImpl policyset.set1.p3.default.params.crlDistPointsCritical=false -policyset.set1.p3.default.params.crlDistPointsNum=0 +policyset.set1.p3.default.params.crlDistPointsNum=1 policyset.set1.p3.default.params.crlDistPointsEnable_0=false policyset.set1.p3.default.params.crlDistPointsIssuerName_0= policyset.set1.p3.default.params.crlDistPointsIssuerType_0= @@ -141,4 +141,4 @@ policyset.set1.p6.default.params.subjAltExtType_2=RFC822Name policyset.set1.p6.default.params.subjAltExtType_3=RFC822Name policyset.set1.p6.default.params.subjAltExtType_4=RFC822Name policyset.set1.p6.default.params.subjAltNameExtCritical=false -policyset.set1.p6.default.params.subjAltNameNumGNs=0 +policyset.set1.p6.default.params.subjAltNameNumGNs=1 diff --git a/pki/base/ca/shared/profiles/ca/caTempTokenUserEncryptionKeyEnrollment.cfg b/pki/base/ca/shared/profiles/ca/caTempTokenUserEncryptionKeyEnrollment.cfg index fd590a525..5f4c85f18 100644 --- a/pki/base/ca/shared/profiles/ca/caTempTokenUserEncryptionKeyEnrollment.cfg +++ b/pki/base/ca/shared/profiles/ca/caTempTokenUserEncryptionKeyEnrollment.cfg @@ -147,7 +147,7 @@ policyset.set1.p13.constraint.name=No Constraint policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.params.crlDistPointsCritical=false -policyset.set1.p13.default.params.crlDistPointsNum=0 +policyset.set1.p13.default.params.crlDistPointsNum=1 policyset.set1.p13.default.params.crlDistPointsEnable_0=false policyset.set1.p13.default.params.crlDistPointsIssuerName_0= policyset.set1.p13.default.params.crlDistPointsIssuerType_0= @@ -163,4 +163,4 @@ policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName policyset.set1.p14.default.params.authInfoAccessADLocation_0= policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1 policyset.set1.p14.default.params.authInfoAccessCritical=false -policyset.set1.p14.default.params.authInfoAccessNumADs=0 +policyset.set1.p14.default.params.authInfoAccessNumADs=1 diff --git a/pki/base/ca/shared/profiles/ca/caTempTokenUserSigningKeyEnrollment.cfg b/pki/base/ca/shared/profiles/ca/caTempTokenUserSigningKeyEnrollment.cfg index b77bbea4e..8500b9d06 100644 --- a/pki/base/ca/shared/profiles/ca/caTempTokenUserSigningKeyEnrollment.cfg +++ b/pki/base/ca/shared/profiles/ca/caTempTokenUserSigningKeyEnrollment.cfg @@ -147,7 +147,7 @@ policyset.set1.p13.constraint.name=No Constraint policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.params.crlDistPointsCritical=false -policyset.set1.p13.default.params.crlDistPointsNum=0 +policyset.set1.p13.default.params.crlDistPointsNum=1 policyset.set1.p13.default.params.crlDistPointsEnable_0=false policyset.set1.p13.default.params.crlDistPointsIssuerName_0= policyset.set1.p13.default.params.crlDistPointsIssuerType_0= @@ -163,4 +163,4 @@ policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName policyset.set1.p14.default.params.authInfoAccessADLocation_0= policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1 policyset.set1.p14.default.params.authInfoAccessCritical=false -policyset.set1.p14.default.params.authInfoAccessNumADs=0 +policyset.set1.p14.default.params.authInfoAccessNumADs=1 diff --git a/pki/base/ca/shared/profiles/ca/caTokenDeviceKeyEnrollment.cfg b/pki/base/ca/shared/profiles/ca/caTokenDeviceKeyEnrollment.cfg index 88074530b..ba0520963 100644 --- a/pki/base/ca/shared/profiles/ca/caTokenDeviceKeyEnrollment.cfg +++ b/pki/base/ca/shared/profiles/ca/caTokenDeviceKeyEnrollment.cfg @@ -41,7 +41,7 @@ policyset.set1.p3.constraint.name=No Constraint policyset.set1.p3.default.class_id=crlDistributionPointsExtDefaultImpl policyset.set1.p3.default.name=crlDistributionPointsExtDefaultImpl policyset.set1.p3.default.params.crlDistPointsCritical=false -policyset.set1.p3.default.params.crlDistPointsNum=0 +policyset.set1.p3.default.params.crlDistPointsNum=1 policyset.set1.p3.default.params.crlDistPointsEnable_0=false policyset.set1.p3.default.params.crlDistPointsIssuerName_0= policyset.set1.p3.default.params.crlDistPointsIssuerType_0= @@ -140,4 +140,4 @@ policyset.set1.p6.default.params.subjAltExtType_2=RFC822Name policyset.set1.p6.default.params.subjAltExtType_3=RFC822Name policyset.set1.p6.default.params.subjAltExtType_4=RFC822Name policyset.set1.p6.default.params.subjAltNameExtCritical=false -policyset.set1.p6.default.params.subjAltNameNumGNs=0 +policyset.set1.p6.default.params.subjAltNameNumGNs=1 diff --git a/pki/base/ca/shared/profiles/ca/caTokenUserEncryptionKeyEnrollment.cfg b/pki/base/ca/shared/profiles/ca/caTokenUserEncryptionKeyEnrollment.cfg index e19ea05b3..5b3ecd40c 100644 --- a/pki/base/ca/shared/profiles/ca/caTokenUserEncryptionKeyEnrollment.cfg +++ b/pki/base/ca/shared/profiles/ca/caTokenUserEncryptionKeyEnrollment.cfg @@ -151,7 +151,7 @@ policyset.set1.p13.constraint.name=No Constraint policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.params.crlDistPointsCritical=false -policyset.set1.p13.default.params.crlDistPointsNum=0 +policyset.set1.p13.default.params.crlDistPointsNum=1 policyset.set1.p13.default.params.crlDistPointsEnable_0=false policyset.set1.p13.default.params.crlDistPointsIssuerName_0= policyset.set1.p13.default.params.crlDistPointsIssuerType_0= @@ -167,4 +167,4 @@ policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName policyset.set1.p14.default.params.authInfoAccessADLocation_0= policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1 policyset.set1.p14.default.params.authInfoAccessCritical=false -policyset.set1.p14.default.params.authInfoAccessNumADs=0 +policyset.set1.p14.default.params.authInfoAccessNumADs=1 diff --git a/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg b/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg index 768a2a780..ebc231808 100644 --- a/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg +++ b/pki/base/ca/shared/profiles/ca/caTokenUserSigningKeyEnrollment.cfg @@ -151,7 +151,7 @@ policyset.set1.p13.constraint.name=No Constraint policyset.set1.p13.default.class_id=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.name=crlDistributionPointsExtDefaultImpl policyset.set1.p13.default.params.crlDistPointsCritical=false -policyset.set1.p13.default.params.crlDistPointsNum=0 +policyset.set1.p13.default.params.crlDistPointsNum=1 policyset.set1.p13.default.params.crlDistPointsEnable_0=false policyset.set1.p13.default.params.crlDistPointsIssuerName_0= policyset.set1.p13.default.params.crlDistPointsIssuerType_0= @@ -167,4 +167,4 @@ policyset.set1.p14.default.params.authInfoAccessADLocationType_0=URIName policyset.set1.p14.default.params.authInfoAccessADLocation_0= policyset.set1.p14.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1 policyset.set1.p14.default.params.authInfoAccessCritical=false -policyset.set1.p14.default.params.authInfoAccessNumADs=0 +policyset.set1.p14.default.params.authInfoAccessNumADs=1 diff --git a/pki/base/common/src/UserMessages.properties b/pki/base/common/src/UserMessages.properties index dfdb8e37d..a5d32e427 100644 --- a/pki/base/common/src/UserMessages.properties +++ b/pki/base/common/src/UserMessages.properties @@ -781,6 +781,12 @@ CMS_PROFILE_EXCLUDED_SUBTREES=Excluded Subtrees CMS_PROFILE_COMMENT=Comment CMS_PROFILE_DURATION=Duration CMS_PROFILE_VERSION=Version +CMS_PROFILE_NUM_POLICIES=Number of Policies +CMS_PROFILE_NUM_DIST_POINTS=Number of CRL Distribution Points +CMS_PROFILE_NUM_EXCLUDED_SUBTREES=Number of Excluded Subtrees +CMS_PROFILE_NUM_PERMITTED_SUBTREES=Number of Permitted Subtrees +CMS_PROFILE_NUM_POLICY_MAPPINGS=Number of Policy Mappings +CMS_PROFILE_NUM_GNS=Number of Subject Alt Name entities CMS_PROFILE_PROPERTY_ERROR=Property Error - {0} CMS_PROFILE_NUM_ATTRS=Number of Attributes CMS_PROFILE_ATTR_NAME=Attribute Name diff --git a/pki/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java index aaa5a4b2d..2c42841b4 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/AuthInfoAccessExtDefault.java @@ -57,23 +57,11 @@ public class AuthInfoAccessExtDefault extends EnrollExtDefault { private static final String AD_LOCATION = "Location"; private static final String AD_ENABLE = "Enable"; - private static final int DEF_NUM_AD = 5; + private static final int DEF_NUM_AD = 1; + private static final int MAX_NUM_AD = 100; public AuthInfoAccessExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_GENERAL_NAMES); - - // register configuration names bases on num ads - addConfigName(CONFIG_CRITICAL); - int num = getNumAds(); - - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_AD_METHOD + i); - addConfigName(CONFIG_AD_LOCATIONTYPE + i); - addConfigName(CONFIG_AD_LOCATION + i); - addConfigName(CONFIG_AD_ENABLE + i); - } } protected int getNumAds() { @@ -87,13 +75,64 @@ public class AuthInfoAccessExtDefault extends EnrollExtDefault { // ignore } } + + if (num > MAX_NUM_AD) { + num = DEF_NUM_AD; + } + return num; } public void init(IProfile profile, IConfigStore config) throws EProfileException { super.init(profile, config); + refreshConfigAndValueNames(); + } + + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_NUM_ADS)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_AD || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_ADS)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_ADS)); + } + } + super.setConfig(name, value); + } + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + //refesh our config name list + + super.refreshConfigAndValueNames(); + mConfigNames.removeAllElements(); + addValueName(VAL_CRITICAL); + addValueName(VAL_GENERAL_NAMES); + // register configuration names bases on num ads + addConfigName(CONFIG_CRITICAL); + int num = getNumAds(); + + addConfigName(CONFIG_NUM_ADS); + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_AD_METHOD + i); + addConfigName(CONFIG_AD_LOCATIONTYPE + i); + addConfigName(CONFIG_AD_LOCATION + i); + addConfigName(CONFIG_AD_ENABLE + i); + } } public IDescriptor getConfigDescriptor(Locale locale, String name) { @@ -117,6 +156,10 @@ public class AuthInfoAccessExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_AD_ENABLE")); + } else if (name.startsWith(CONFIG_NUM_ADS)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_ADS")); } return null; } @@ -294,7 +337,7 @@ public class AuthInfoAccessExtDefault extends EnrollExtDefault { if (ext == null) return ""; - int num = DEF_NUM_AD; + int num = getNumAds(); CMS.debug("AuthInfoAccess num=" + num); Vector recs = new Vector(); diff --git a/pki/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java index bf17fa760..d0a42a816 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/CRLDistributionPointsExtDefault.java @@ -65,16 +65,55 @@ public class CRLDistributionPointsExtDefault extends EnrollExtDefault { private static final String RELATIVETOISSUER = "RelativeToIssuer"; - private static final int DEF_NUM_POINTS = 5; + private static final int DEF_NUM_POINTS = 1; + private static final int MAX_NUM_POINTS = 100; public CRLDistributionPointsExtDefault() { super(); + } + + public void init(IProfile profile, IConfigStore config) + throws EProfileException { + super.init(profile, config); + refreshConfigAndValueNames(); + } + + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_NUM_POINTS)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_POINTS || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_POINTS)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_POINTS)); + } + } + super.setConfig(name, value); + } + + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + super.refreshConfigAndValueNames(); + addValueName(VAL_CRITICAL); addValueName(VAL_CRL_DISTRIBUTION_POINTS); addConfigName(CONFIG_CRITICAL); int num = getNumPoints(); + addConfigName(CONFIG_NUM_POINTS); for (int i = 0; i < num; i++) { addConfigName(CONFIG_POINT_TYPE + i); addConfigName(CONFIG_POINT_NAME + i); @@ -85,12 +124,6 @@ public class CRLDistributionPointsExtDefault extends EnrollExtDefault { } } - public void init(IProfile profile, IConfigStore config) - throws EProfileException { - super.init(profile, config); - - } - protected int getNumPoints() { int num = DEF_NUM_POINTS; String val = getConfig(CONFIG_NUM_POINTS); @@ -102,6 +135,10 @@ public class CRLDistributionPointsExtDefault extends EnrollExtDefault { // ignore } } + + if (num >= MAX_NUM_POINTS) + num = DEF_NUM_POINTS; + return num; } @@ -134,6 +171,11 @@ public class CRLDistributionPointsExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); + } else if (name.startsWith(CONFIG_NUM_POINTS)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_DIST_POINTS")); + } else { return null; } @@ -590,7 +632,8 @@ public class CRLDistributionPointsExtDefault extends EnrollExtDefault { addCRLPoint(getLocale(request), cdp, pointType, pointName); if (issuerType != null) addIssuer(getLocale(request), cdp, issuerType, issuerName); - addReasons(getLocale(request), cdp, REASONS, reasons); + if (reasons != null) + addReasons(getLocale(request), cdp, REASONS, reasons); if (i == 0) { ext = new CRLDistributionPointsExtension(cdp); diff --git a/pki/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java index 0609184ea..7cb5e72b1 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/CertificatePoliciesExtDefault.java @@ -1,3 +1,4 @@ + // --- BEGIN COPYRIGHT BLOCK --- // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by @@ -62,6 +63,7 @@ public class CertificatePoliciesExtDefault extends EnrollExtDefault { private static final String SEPARATOR = "."; private static final int DEF_NUM_POLICIES = 5; private static final int DEF_NUM_QUALIFIERS = 1; + private static final int MAX_NUM_POLICIES = 20; private static final String POLICY_ID_ENABLE = "Enable"; private static final String POLICY_ID = "Policy Id"; private static final String POLICY_QUALIFIER_CPSURI_ENABLE = "CPSuri Enable"; @@ -73,25 +75,6 @@ public class CertificatePoliciesExtDefault extends EnrollExtDefault { public CertificatePoliciesExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_POLICY_QUALIFIERS); - - addConfigName(CONFIG_CRITICAL); - int num = getNumPolicies(); - int numQualifiers = getNumQualifiers(); - - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_POLICY_ID); - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_POLICY_ENABLE); - for (int j=0; j<numQualifiers; j++) { - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_CPSURI_ENABLE); - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_ENABLE); - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_CPSURI_VALUE); - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_ORG); - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_NUMBERS); - addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_TEXT); - } - } } protected int getNumPolicies() { @@ -105,6 +88,9 @@ public class CertificatePoliciesExtDefault extends EnrollExtDefault { // ignore } } + + if (num >= MAX_NUM_POLICIES) + num = DEF_NUM_POLICIES; return num; } @@ -124,6 +110,61 @@ public class CertificatePoliciesExtDefault extends EnrollExtDefault { public void init(IProfile profile, IConfigStore config) throws EProfileException { super.init(profile, config); + + refreshConfigAndValueNames(); + } + + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_POLICY_NUM)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_POLICIES || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_POLICY_NUM)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_POLICY_NUM)); + } + } + super.setConfig(name, value); + } + + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + + super.refreshConfigAndValueNames(); + + addValueName(VAL_CRITICAL); + addValueName(VAL_POLICY_QUALIFIERS); + + addConfigName(CONFIG_CRITICAL); + int num = getNumPolicies(); + int numQualifiers = getNumQualifiers(); + + addConfigName(CONFIG_POLICY_NUM); + + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_POLICY_ID); + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_POLICY_ENABLE); + for (int j=0; j<numQualifiers; j++) { + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_CPSURI_ENABLE); + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_ENABLE); + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_CPSURI_VALUE); + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_ORG); + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_NUMBERS); + addConfigName(CONFIG_PREFIX+i+SEPARATOR+CONFIG_PREFIX1+j+SEPARATOR+CONFIG_USERNOTICE_TEXT); + } + } } public IDescriptor getConfigDescriptor(Locale locale, String name) { @@ -149,8 +190,8 @@ public class CertificatePoliciesExtDefault extends EnrollExtDefault { "false", CMS.getUserMessage(locale, "CMS_PROFILE_CERTIFICATE_POLICY_ENABLE")); } else if (name.indexOf(CONFIG_POLICY_QUALIFIERS_NUM) >= 0) { - return new Descriptor(IDescriptor.STRING, null, - null, + return new Descriptor(IDescriptor.INTEGER, null, + "1", CMS.getUserMessage(locale, "CMS_PROFILE_POLICY_QUALIFIER_NUM")); } else if (name.indexOf(CONFIG_USERNOTICE_ORG) >= 0) { return new Descriptor(IDescriptor.STRING, null, @@ -168,8 +209,11 @@ public class CertificatePoliciesExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_POLICY_CPSURI")); + } else if (name.indexOf(CONFIG_POLICY_NUM) >= 0) { + return new Descriptor(IDescriptor.INTEGER, null, + "5", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_POLICIES")); } - return null; } diff --git a/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java index acc7c7574..20c124dbc 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/EnrollDefault.java @@ -253,6 +253,11 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe return buffer.toString(); } + protected void refreshConfigAndValueNames() { + mConfigNames.removeAllElements(); + mValueNames.removeAllElements(); + } + protected void deleteExtension(String name, X509CertInfo info) { CertificateExtensions exts = null; @@ -687,7 +692,7 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe else if (type == GeneralNameInterface.NAME_URI) return "URIName"; else if (type == GeneralNameInterface.NAME_IP) - return "IPAddressName"; + return "IPAddress"; else if (type == GeneralNameInterface.NAME_DIRECTORY) return "DirectoryName"; else if (type == GeneralNameInterface.NAME_EDI) diff --git a/pki/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java index bfe380a39..773182e11 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/FreshestCRLExtDefault.java @@ -61,31 +61,20 @@ public class FreshestCRLExtDefault extends EnrollExtDefault { private static final String ISSUER_NAME = "Issuer Name"; private static final String ENABLE = "Enable"; - private static final int DEF_NUM_POINTS = 5; + private static final int DEF_NUM_POINTS = 1; + private static final int MAX_NUM_POINTS = 100; public FreshestCRLExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_CRL_DISTRIBUTION_POINTS); - - addConfigName(CONFIG_CRITICAL); - int num = getNumPoints(); - - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_POINT_TYPE + i); - addConfigName(CONFIG_POINT_NAME + i); - addConfigName(CONFIG_ISSUER_TYPE + i); - addConfigName(CONFIG_ISSUER_NAME + i); - addConfigName(CONFIG_ENABLE + i); - } } public void init(IProfile profile, IConfigStore config) throws EProfileException { super.init(profile, config); - + refreshConfigAndValueNames(); } + protected int getNumPoints() { int num = DEF_NUM_POINTS; String val = getConfig(CONFIG_NUM_POINTS); @@ -97,9 +86,60 @@ public class FreshestCRLExtDefault extends EnrollExtDefault { // ignore } } + + if (num >= MAX_NUM_POINTS) + num = DEF_NUM_POINTS; + return num; } + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_NUM_POINTS)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_POINTS || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_POINTS)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_POINTS)); + } + } + super.setConfig(name, value); + } + + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + //refesh our config name list + + super.refreshConfigAndValueNames(); + addValueName(VAL_CRITICAL); + addValueName(VAL_CRL_DISTRIBUTION_POINTS); + + addConfigName(CONFIG_CRITICAL); + int num = getNumPoints(); + + addConfigName(CONFIG_NUM_POINTS); + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_POINT_TYPE + i); + addConfigName(CONFIG_POINT_NAME + i); + addConfigName(CONFIG_ISSUER_TYPE + i); + addConfigName(CONFIG_ISSUER_NAME + i); + addConfigName(CONFIG_ENABLE + i); + } + + } + public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_CRITICAL)) { return new Descriptor(IDescriptor.BOOLEAN, null, @@ -125,6 +165,10 @@ public class FreshestCRLExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); + } else if (name.startsWith(CONFIG_NUM_POINTS)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_DIST_POINTS")); } else { return null; } @@ -301,7 +345,6 @@ public class FreshestCRLExtDefault extends EnrollExtDefault { ext = (FreshestCRLExtension) getExtension(FreshestCRLExtension.OID, info); - if(ext == null) { try { @@ -339,7 +382,6 @@ public class FreshestCRLExtDefault extends EnrollExtDefault { Vector recs = new Vector(); int num = getNumPoints(); - for (int i = 0; i < num; i++) { NameValuePairs pairs = null; @@ -348,7 +390,6 @@ public class FreshestCRLExtDefault extends EnrollExtDefault { GeneralNames gns = p.getFullName(); pairs = buildGeneralNames(gns, p); - recs.addElement(pairs); } else { pairs = buildEmptyGeneralNames(); } diff --git a/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java index 36222aa9f..21208b032 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/NameConstraintsExtDefault.java @@ -69,39 +69,19 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { private static final String MAX_VALUE = "Max Value"; private static final String ENABLE = "Enable"; - protected static final int DEF_NUM_PERMITTED_SUBTREES = 5; - protected static final int DEF_NUM_EXCLUDED_SUBTREES = 5; + protected static final int DEF_NUM_PERMITTED_SUBTREES = 1; + protected static final int DEF_NUM_EXCLUDED_SUBTREES = 1; + protected static final int MAX_NUM_EXCLUDED_SUBTREES = 100; + protected static final int MAX_NUM_PERMITTED_SUBTREES = 100; public NameConstraintsExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_PERMITTED_SUBTREES); - addValueName(VAL_EXCLUDED_SUBTREES); - - addConfigName(CONFIG_CRITICAL); - int num = getNumPermitted(); - - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_PERMITTED_MIN_VAL + i); - addConfigName(CONFIG_PERMITTED_MAX_VAL + i); - addConfigName(CONFIG_PERMITTED_NAME_CHOICE + i); - addConfigName(CONFIG_PERMITTED_NAME_VAL + i); - addConfigName(CONFIG_PERMITTED_ENABLE + i); - } - - num = getNumExcluded(); - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_EXCLUDED_MIN_VAL + i); - addConfigName(CONFIG_EXCLUDED_MAX_VAL + i); - addConfigName(CONFIG_EXCLUDED_NAME_CHOICE + i); - addConfigName(CONFIG_EXCLUDED_NAME_VAL + i); - addConfigName(CONFIG_EXCLUDED_ENABLE + i); - } } public void init(IProfile profile, IConfigStore config) throws EProfileException { super.init(profile, config); + refreshConfigAndValueNames(); } @@ -116,6 +96,9 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { // ignore } } + + if (num >= MAX_NUM_PERMITTED_SUBTREES) + num = DEF_NUM_PERMITTED_SUBTREES; return num; } @@ -130,9 +113,89 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { // ignore } } + + if (num >= MAX_NUM_EXCLUDED_SUBTREES) + num = DEF_NUM_EXCLUDED_SUBTREES; + return num; } + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_NUM_PERMITTED_SUBTREES)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_PERMITTED_SUBTREES || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_PERMITTED_SUBTREES)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_PERMITTED_SUBTREES)); + } + } else if(name.equals(CONFIG_NUM_EXCLUDED_SUBTREES)) { + + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_EXCLUDED_SUBTREES || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_EXCLUDED_SUBTREES)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_EXCLUDED_SUBTREES)); + } + } + super.setConfig(name, value); + } + + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + //refesh our config name list + + super.refreshConfigAndValueNames(); + + addValueName(VAL_CRITICAL); + addValueName(VAL_PERMITTED_SUBTREES); + addValueName(VAL_EXCLUDED_SUBTREES); + + addConfigName(CONFIG_CRITICAL); + int num = getNumPermitted(); + + addConfigName(CONFIG_NUM_PERMITTED_SUBTREES); + + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_PERMITTED_MIN_VAL + i); + addConfigName(CONFIG_PERMITTED_MAX_VAL + i); + addConfigName(CONFIG_PERMITTED_NAME_CHOICE + i); + addConfigName(CONFIG_PERMITTED_NAME_VAL + i); + addConfigName(CONFIG_PERMITTED_ENABLE + i); + } + + num = getNumExcluded(); + + addConfigName(CONFIG_NUM_EXCLUDED_SUBTREES); + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_EXCLUDED_MIN_VAL + i); + addConfigName(CONFIG_EXCLUDED_MAX_VAL + i); + addConfigName(CONFIG_EXCLUDED_NAME_CHOICE + i); + addConfigName(CONFIG_EXCLUDED_NAME_VAL + i); + addConfigName(CONFIG_EXCLUDED_ENABLE + i); + } + + } + + public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_CRITICAL)) { return new Descriptor(IDescriptor.BOOLEAN, null, @@ -178,6 +241,14 @@ public class NameConstraintsExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); + } else if (name.startsWith(CONFIG_NUM_EXCLUDED_SUBTREES)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_EXCLUDED_SUBTREES")); + } else if (name.startsWith(CONFIG_NUM_PERMITTED_SUBTREES)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_PERMITTED_SUBTREES")); } return null; } diff --git a/pki/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java index a212e0082..d9ef59c11 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/PolicyMappingsExtDefault.java @@ -56,21 +56,11 @@ public class PolicyMappingsExtDefault extends EnrollExtDefault { private static final String SUBJECT_POLICY_ID = "Subject Policy Id"; private static final String POLICY_ID_ENABLE = "Enable"; - private static final int DEF_NUM_MAPPINGS = 5; + private static final int DEF_NUM_MAPPINGS = 1; + private static final int MAX_NUM_MAPPINGS = 100; public PolicyMappingsExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_DOMAINS); - - addConfigName(CONFIG_CRITICAL); - int num = getNumMappings(); - - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_ISSUER_DOMAIN_POLICY + i); - addConfigName(CONFIG_SUBJECT_DOMAIN_POLICY + i); - addConfigName(CONFIG_ENABLE + i); - } } protected int getNumMappings() { @@ -90,6 +80,49 @@ public class PolicyMappingsExtDefault extends EnrollExtDefault { public void init(IProfile profile, IConfigStore config) throws EProfileException { super.init(profile, config); + refreshConfigAndValueNames(); + } + + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_NUM_POLICY_MAPPINGS)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_MAPPINGS || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_POLICY_MAPPINGS)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_POLICY_MAPPINGS)); + } + } + super.setConfig(name, value); + } + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + super.refreshConfigAndValueNames(); + + addValueName(VAL_CRITICAL); + addValueName(VAL_DOMAINS); + + addConfigName(CONFIG_CRITICAL); + int num = getNumMappings(); + + addConfigName(CONFIG_NUM_POLICY_MAPPINGS); + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_ISSUER_DOMAIN_POLICY + i); + addConfigName(CONFIG_SUBJECT_DOMAIN_POLICY + i); + addConfigName(CONFIG_ENABLE + i); + } } public IDescriptor getConfigDescriptor(Locale locale, String name) { @@ -109,7 +142,12 @@ public class PolicyMappingsExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); + } else if (name.startsWith(CONFIG_NUM_POLICY_MAPPINGS)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_POLICY_MAPPINGS")); } + return null; } diff --git a/pki/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java index 6f9e774d8..7da63e71e 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/SubjectAltNameExtDefault.java @@ -60,20 +60,11 @@ public class SubjectAltNameExtDefault extends EnrollExtDefault { private static final String GN_TYPE = "Pattern Type"; private static final String GN_PATTERN = "Pattern"; - private static final int DEF_NUM_GN = 5; + private static final int DEF_NUM_GN = 1; + private static final int MAX_NUM_GN = 100; public SubjectAltNameExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_GENERAL_NAMES); - - addConfigName(CONFIG_CRITICAL); - int num = getNumGNs(); - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_TYPE + i); - addConfigName(CONFIG_PATTERN + i); - addConfigName(CONFIG_GN_ENABLE + i); - } } protected int getNumGNs() { @@ -87,15 +78,18 @@ public class SubjectAltNameExtDefault extends EnrollExtDefault { // ignore } } + + if (num >= MAX_NUM_GN) + num = DEF_NUM_GN; return num; } public void init(IProfile profile, IConfigStore config) throws EProfileException { - - CMS.debug("SubjectAltNameExtDefault: init"); + super.init(profile,config); + refreshConfigAndValueNames(); // migrate old parameters to new parameters String old_type = null; String old_pattern = null; @@ -132,9 +126,49 @@ public class SubjectAltNameExtDefault extends EnrollExtDefault { CMS.debug("SubjectAltNameExtDefault: Failed to upgrade " + e); } } - super.init(profile, config); } + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_NUM_GNS)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_GN || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_GNS)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_GNS)); + } + } + super.setConfig(name, value); + } + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + super.refreshConfigAndValueNames(); + + addValueName(VAL_CRITICAL); + addValueName(VAL_GENERAL_NAMES); + + addConfigName(CONFIG_CRITICAL); + int num = getNumGNs(); + addConfigName(CONFIG_NUM_GNS); + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_TYPE + i); + addConfigName(CONFIG_PATTERN + i); + addConfigName(CONFIG_GN_ENABLE + i); + } + } + public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_CRITICAL)) { return new Descriptor(IDescriptor.BOOLEAN, null, @@ -154,9 +188,13 @@ public class SubjectAltNameExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_GN_ENABLE")); - } else { - return null; + } else if (name.startsWith(CONFIG_NUM_GNS)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_GNS")); } + + return null; } public IDescriptor getValueDescriptor(Locale locale, String name) { diff --git a/pki/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java index df6789576..afd3fcd0a 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/SubjectDirAttributesExtDefault.java @@ -50,29 +50,20 @@ public class SubjectDirAttributesExtDefault extends EnrollExtDefault { public static final String VAL_CRITICAL = "subjDirAttrCritical"; public static final String VAL_ATTR = "subjDirAttrValue"; - private static final int DEF_NUM_ATTRS = 5; + private static final int DEF_NUM_ATTRS = 1; + private static final int MAX_NUM_ATTRS = 100; private static final String ENABLE = "Enable"; private static final String ATTR_NAME = "Attribute Name"; private static final String ATTR_VALUE = "Attribute Value"; public SubjectDirAttributesExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_ATTR); - - addConfigName(CONFIG_CRITICAL); - int num = getNumAttrs(); - - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_ATTR_NAME + i); - addConfigName(CONFIG_PATTERN + i); - addConfigName(CONFIG_ENABLE + i); - } } public void init(IProfile profile, IConfigStore config) throws EProfileException { super.init(profile, config); + refreshConfigAndValueNames(); } protected int getNumAttrs() { @@ -86,9 +77,55 @@ public class SubjectDirAttributesExtDefault extends EnrollExtDefault { // ignore } } + + if (num >= MAX_NUM_ATTRS) + num = DEF_NUM_ATTRS; + return num; } + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(DEF_NUM_ATTRS)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_ATTRS || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_ATTRS)); + } + + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_ATTRS)); + } + } + super.setConfig(name, value); + } + + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + super.refreshConfigAndValueNames(); + + addValueName(VAL_CRITICAL); + addValueName(VAL_ATTR); + + addConfigName(CONFIG_CRITICAL); + int num = getNumAttrs(); + addConfigName(CONFIG_NUM_ATTRS); + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_ATTR_NAME + i); + addConfigName(CONFIG_PATTERN + i); + addConfigName(CONFIG_ENABLE + i); + } + } + public IDescriptor getConfigDescriptor(Locale locale, String name) { if (name.equals(CONFIG_CRITICAL)) { return new Descriptor(IDescriptor.BOOLEAN, null, @@ -110,9 +147,13 @@ public class SubjectDirAttributesExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, null, CMS.getUserMessage(locale, "CMS_PROFILE_ENABLE")); - } else { - return null; - } + } else if (name.startsWith(CONFIG_NUM_ATTRS)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_ATTRS")); + } + + return null; } public IDescriptor getValueDescriptor(Locale locale, String name) { diff --git a/pki/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java index 2628410f2..4c20769ed 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/SubjectInfoAccessExtDefault.java @@ -57,23 +57,11 @@ public class SubjectInfoAccessExtDefault extends EnrollExtDefault { private static final String AD_LOCATION = "Location"; private static final String AD_ENABLE = "Enable"; - private static final int DEF_NUM_AD = 5; + private static final int DEF_NUM_AD = 1; + private static final int MAX_NUM_AD = 100; public SubjectInfoAccessExtDefault() { super(); - addValueName(VAL_CRITICAL); - addValueName(VAL_GENERAL_NAMES); - - // register configuration names bases on num ads - addConfigName(CONFIG_CRITICAL); - int num = getNumAds(); - - for (int i = 0; i < num; i++) { - addConfigName(CONFIG_AD_METHOD + i); - addConfigName(CONFIG_AD_LOCATIONTYPE + i); - addConfigName(CONFIG_AD_LOCATION + i); - addConfigName(CONFIG_AD_ENABLE + i); - } } protected int getNumAds() { @@ -87,13 +75,59 @@ public class SubjectInfoAccessExtDefault extends EnrollExtDefault { // ignore } } + if (num >= MAX_NUM_AD) + num = DEF_NUM_AD; + return num; } public void init(IProfile profile, IConfigStore config) throws EProfileException { super.init(profile, config); + refreshConfigAndValueNames(); + } + + public void setConfig(String name, String value) + throws EPropertyException { + int num = 0; + if (name.equals(CONFIG_NUM_ADS)) { + try { + num = Integer.parseInt(value); + + if (num >= MAX_NUM_AD || num < 0) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_ADS)); + } + } catch (Exception e) { + throw new EPropertyException(CMS.getUserMessage( + "CMS_INVALID_PROPERTY", CONFIG_NUM_ADS)); + } + } + super.setConfig(name, value); + } + + public Enumeration getConfigNames() { + refreshConfigAndValueNames(); + return super.getConfigNames(); + } + + protected void refreshConfigAndValueNames() { + super.refreshConfigAndValueNames(); + + addValueName(VAL_CRITICAL); + addValueName(VAL_GENERAL_NAMES); + + // register configuration names bases on num ads + addConfigName(CONFIG_CRITICAL); + int num = getNumAds(); + addConfigName(CONFIG_NUM_ADS); + for (int i = 0; i < num; i++) { + addConfigName(CONFIG_AD_METHOD + i); + addConfigName(CONFIG_AD_LOCATIONTYPE + i); + addConfigName(CONFIG_AD_LOCATION + i); + addConfigName(CONFIG_AD_ENABLE + i); + } } public IDescriptor getConfigDescriptor(Locale locale, String name) { @@ -117,7 +151,11 @@ public class SubjectInfoAccessExtDefault extends EnrollExtDefault { return new Descriptor(IDescriptor.BOOLEAN, null, "false", CMS.getUserMessage(locale, "CMS_PROFILE_AD_ENABLE")); - } + } else if (name.startsWith(CONFIG_NUM_ADS)) { + return new Descriptor(IDescriptor.INTEGER, null, + "1", + CMS.getUserMessage(locale, "CMS_PROFILE_NUM_ADS")); + } return null; } @@ -294,7 +332,7 @@ public class SubjectInfoAccessExtDefault extends EnrollExtDefault { if (ext == null) return ""; - int num = DEF_NUM_AD; + int num = getNumAds(); CMS.debug("SubjectInfoAccess num=" + num); Vector recs = new Vector(); diff --git a/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java b/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java index 52f6f229e..ef7fe53cf 100644 --- a/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java +++ b/pki/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java @@ -133,7 +133,7 @@ public class nsTokenUserKeySubjectNameDefault extends EnrollDefault { return new Descriptor(IDescriptor.STRING, null, null, - CMS.getUserMessage(locale,"CMS_PROFILE_TOKENKEY_SEARCH_NAME")); + CMS.getUserMessage(locale,"CMS_PROFILE_TOKENKEY_LDAP_SEARCH_NAME")); } else if (name.equals(CONFIG_LDAP_HOST)) { return new Descriptor(IDescriptor.STRING, null, diff --git a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java index f05038148..0832c3dd9 100644 --- a/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java +++ b/pki/base/util/src/netscape/security/x509/CRLDistributionPointsExtension.java @@ -74,6 +74,7 @@ public class CRLDistributionPointsExtension extends Extension //throws IOException { try { + this.extensionId = PKIXExtensions.CRLDistributionPoints_Id; this.critical = critical.booleanValue(); this.extensionValue = (byte[])((byte[])value).clone(); @@ -169,6 +170,13 @@ public class CRLDistributionPointsExtension extends Extension ///////////////////////////////////////////////////////////// public static final String NAME = "CRLDistributionPoints"; + static { + try { + OIDMap.addAttribute(CRLDistributionPointsExtension.class.getName(), + OID, NAME); + } catch (CertificateException e) {} + } + public String toString() { return NAME; } diff --git a/pki/dogtag/common/pki-common.spec b/pki/dogtag/common/pki-common.spec index 0af07f8e8..d63995920 100644 --- a/pki/dogtag/common/pki-common.spec +++ b/pki/dogtag/common/pki-common.spec @@ -16,7 +16,7 @@ BuildRequires: jpackage-utils BuildRequires: jss >= 4.2.6 BuildRequires: ldapjdk BuildRequires: osutil -BuildRequires: pki-symkey +#BuildRequires: pki-symkey BuildRequires: pki-util BuildRequires: velocity BuildRequires: xalan-j2 |