diff options
3 files changed, 66 insertions, 33 deletions
diff --git a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java index 21ceaeee0..7939a02b4 100644 --- a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java +++ b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java @@ -134,10 +134,10 @@ public class CertSearchRequest { protected String validityOperation; @XmlElement - protected String validityCount; + protected Integer validityCount; @XmlElement - protected String validityUnit; + protected Long validityUnit; // Cert Type @@ -478,19 +478,19 @@ public class CertSearchRequest { this.validityOperation = validityOperation; } - public String getValidityUnit() { + public Long getValidityUnit() { return validityUnit; } - public void setValidityUnit(String validityUnit) { + public void setValidityUnit(Long validityUnit) { this.validityUnit = validityUnit; } - public String getValidityCount() { + public Integer getValidityCount() { return validityCount; } - public void setValidityCount(String validityCount) { + public void setValidityCount(Integer validityCount) { this.validityCount = validityCount; } diff --git a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java index 86459a750..b8e32295a 100644 --- a/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java +++ b/base/common/src/com/netscape/cms/servlet/cert/FilterBuilder.java @@ -22,6 +22,7 @@ import java.util.Calendar; import java.util.StringTokenizer; import com.netscape.certsrv.cert.CertSearchRequest; +import com.netscape.certsrv.dbs.certdb.ICertRecord; import com.netscape.cmsutil.ldap.LDAPUtil; /** @@ -105,7 +106,7 @@ public class FilterBuilder { buildAVAFilter(request.getCountry(), "C", lf, matchStr); if (lf.length() == 0) { - filter.append("(x509cert.subject=*)"); + filter.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*)"); return; } if (matchStr != null && matchStr.equals(MATCH_EXACTLY)) { @@ -206,8 +207,8 @@ public class FilterBuilder { if (!request.getValidNotBeforeInUse()) { return; } - buildDateFilter(request.getValidNotBeforeFrom(), "x509cert.notBefore>=", 0, filter); - buildDateFilter(request.getValidNotBeforeTo(), "x509cert.notBefore<=", 86399999, filter); + buildDateFilter(request.getValidNotBeforeFrom(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+">=", 0, filter); + buildDateFilter(request.getValidNotBeforeTo(), ICertRecord.ATTR_X509CERT_NOT_BEFORE+"<=", 86399999, filter); } @@ -215,8 +216,8 @@ public class FilterBuilder { if (!request.getValidNotAfterInUse()) { return; } - buildDateFilter(request.getValidNotAfterFrom(), "x509cert.notAfter>=", 0, filter); - buildDateFilter(request.getValidNotAfterTo(), "x509cert.notAfter<=", 86399999, filter); + buildDateFilter(request.getValidNotAfterFrom(), ICertRecord.ATTR_X509CERT_NOT_AFTER+">=", 0, filter); + buildDateFilter(request.getValidNotAfterTo(), ICertRecord.ATTR_X509CERT_NOT_AFTER+"<=", 86399999, filter); } @@ -224,21 +225,13 @@ public class FilterBuilder { if (!request.getValidityLengthInUse()) { return; } + String op = request.getValidityOperation(); - long count = 0; - try { - count = Long.parseLong(request.getValidityCount()); - } catch (NumberFormatException e) { - // safely ignore - } - long unit = 0; - try { - unit = Long.parseLong(request.getValidityUnit()); - } catch (NumberFormatException e) { - // safely ignore - } + Integer count = request.getValidityCount(); + Long unit = request.getValidityUnit(); + filter.append("("); - filter.append("x509cert.duration"); + filter.append(ICertRecord.ATTR_X509CERT_DURATION); filter.append(LDAPUtil.escapeFilter(op)); filter.append(count * unit); filter.append(")"); @@ -302,19 +295,19 @@ public class FilterBuilder { if (param != null && !param.equals("")) { if (match != null && match.equals(MATCH_EXACTLY)) { lf.append("(|"); - lf.append("(x509cert.subject=*"); + lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*"); lf.append(avaName); lf.append("="); lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param))); lf.append(",*)"); - lf.append("(x509cert.subject=*"); + lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*"); lf.append(avaName); lf.append("="); lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param))); lf.append(")"); lf.append(")"); } else { - lf.append("(x509cert.subject=*"); + lf.append("("+ICertRecord.ATTR_X509CERT_SUBJECT+"=*"); lf.append(avaName); lf.append("="); lf.append("*"); diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java index 0b8d298ff..466a8412a 100644 --- a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java @@ -265,17 +265,36 @@ public class CertFindCLI extends CLI { options.addOption(option); //validityLengthinUse - option = new Option(null, "validityOperation", true, "Validity operation: \"<=\" or \">=\""); + option = new Option(null, "validityOperation", true, "Validity duration operation: \"<=\" or \">=\""); option.setArgName("operation"); options.addOption(option); - option = new Option(null, "validityCount", true, "Validity count"); + option = new Option(null, "validityCount", true, "Validity duration count"); option.setArgName("count"); options.addOption(option); - option = new Option(null, "validityUnit", true, "Validity unit"); - option.setArgName("milliseconds"); + option = new Option(null, "validityUnit", true, "Validity duration unit: day, week, month (default), year"); + option.setArgName("day|week|month|year"); options.addOption(option); } + public Long convertValidityDurationUnit(String unit) { + + if (unit.equalsIgnoreCase("day")) { + return 86400000l; + + } else if (unit.equalsIgnoreCase("week")) { + return 604800000l; + + } else if (unit.equalsIgnoreCase("month")) { + return 2592000000l; + + } else if (unit.equalsIgnoreCase("year")) { + return 31536000000l; + + } else { + throw new Error("Invalid validity duration unit: "+unit); + } + } + public void addSearchAttribute(CommandLine cmd, CertSearchRequest csd) throws java.text.ParseException { @@ -394,18 +413,39 @@ public class CertFindCLI extends CLI { Date date = dateFormat.parse(cmd.getOptionValue("validNotAfterTo")); csd.setValidNotAfterTo(""+date.getTime()); } + if (cmd.hasOption("validityOperation")) { csd.setValidityLengthInUse(true); csd.setValidityOperation(cmd.getOptionValue("validityOperation")); } + if (cmd.hasOption("validityCount")) { csd.setValidityLengthInUse(true); - csd.setValidityCount(cmd.getOptionValue("validityCount")); + String count = cmd.getOptionValue("validityCount"); + csd.setValidityCount(Integer.parseInt(count)); } + if (cmd.hasOption("validityUnit")) { csd.setValidityLengthInUse(true); - csd.setValidityUnit(cmd.getOptionValue("validityUnit")); + String unit = cmd.getOptionValue("validityUnit"); + Long value = convertValidityDurationUnit(unit); + csd.setValidityUnit(value); } + if (csd.getValidityLengthInUse()) { + + if (csd.getValidityOperation() == null) { + throw new Error("Mising validity duration operation"); + } + + if (csd.getValidityCount() == null) { + throw new Error("Mising validity duration count"); + } + + if (csd.getValidityUnit() == null) { + Long value = convertValidityDurationUnit("month"); + csd.setValidityUnit(value); + } + } } } |