summaryrefslogtreecommitdiffstats
path: root/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
diff options
context:
space:
mode:
Diffstat (limited to 'base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java')
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java47
1 files changed, 45 insertions, 2 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index c6daa7d29..aa4327fe6 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -19,9 +19,11 @@
package com.netscape.cmstools.cli;
import java.io.File;
+import java.lang.reflect.Field;
import java.net.InetAddress;
-import java.net.URISyntaxException;
import java.net.UnknownHostException;
+import java.util.Collection;
+import java.util.HashSet;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Option;
@@ -29,6 +31,7 @@ import org.apache.commons.cli.Options;
import org.apache.commons.lang.StringUtils;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.crypto.CryptoToken;
+import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
import org.mozilla.jss.util.IncorrectPasswordException;
import org.mozilla.jss.util.Password;
@@ -49,6 +52,9 @@ public class MainCLI extends CLI {
public ClientConfig config = new ClientConfig();
+ public Collection<Integer> rejectedCertStatuses;
+ public Collection<Integer> ignoredCertStatuses;
+
public PKIConnection connection;
public AccountClient accountClient;
@@ -140,12 +146,20 @@ public class MainCLI extends CLI {
option.setArgName("folder");
options.addOption(option);
+ option = new Option(null, "reject-cert-status", true, "Comma-separated list of rejected certificate validity statuses");
+ option.setArgName("list");
+ options.addOption(option);
+
+ option = new Option(null, "ignore-cert-status", true, "Comma-separated list of ignored certificate validity statuses");
+ option.setArgName("list");
+ options.addOption(option);
+
options.addOption("v", false, "Verbose");
options.addOption(null, "help", false, "Help");
options.addOption(null, "version", false, "Version");
}
- public void parseOptions(CommandLine cmd) throws URISyntaxException, UnknownHostException {
+ public void parseOptions(CommandLine cmd) throws Exception {
verbose = cmd.hasOption("v");
output = cmd.getOptionValue("output");
@@ -179,11 +193,40 @@ public class MainCLI extends CLI {
if (password != null)
config.setPassword(password);
+
+ String list = cmd.getOptionValue("reject-cert-status");
+ rejectedCertStatuses = convertCertStatusList(list);
+
+ list = cmd.getOptionValue("ignore-cert-status");
+ ignoredCertStatuses = convertCertStatusList(list);
+ }
+
+ public Collection<Integer> convertCertStatusList(String list) throws Exception {
+
+ if (list == null) return null;
+
+ Collection<Integer> statuses = new HashSet<Integer>();
+
+ Class<SSLCertificateApprovalCallback.ValidityStatus> clazz = SSLCertificateApprovalCallback.ValidityStatus.class;
+
+ for (String status : list.split(",")) {
+ try {
+ Field field = clazz.getField(status);
+ statuses.add(field.getInt(null));
+
+ } catch (NoSuchFieldException e) {
+ throw new Error("Invalid cert status \"" + status + "\".", e);
+ }
+ }
+
+ return statuses;
}
public void connect() throws Exception {
connection = new PKIConnection(config);
connection.setVerbose(verbose);
+ connection.setRejectedCertStatuses(rejectedCertStatuses);
+ connection.setIgnoredCertStatuses(ignoredCertStatuses);
if (output != null) {
File file = new File(output);
generated by cgit (git 2.34.1) at 2024-07-08 04:59:57 +0000