8 files changed, 447 insertions, 0 deletions

diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IConnector.java b/pki/base/common/src/com/netscape/certsrv/connector/IConnector.java
new file mode 100644
index 000000000..e89c14f57
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IConnector.java
@@ -0,0 +1,62 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import com.netscape.certsrv.request.*;
+import com.netscape.certsrv.base.*;
+
+
+/**
+ * This interface represents a connector that forwards
+ * CMS requests to a remote authority.
+ *
+ * To register a connector, one can add the following
+ * to the CMS.cfg:
+ *
+ * <pre>
+ *
+ *  Example for KRA type connector.
+ * ca.connector.KRA.enable=true
+ * ca.connector.KRA.host=thehost.netscape.com        #Remote host.
+ * ca.connector.KRA.port=1974                        #Remote host port.
+ * ca.connector.KRA.nickName="cert-kra"              #Nickname of connector for identity purposes.
+ * ca.connector.KRA.uri="/kra/connector"             #Uri of the KRA server.
+ * ca.connector.KRA.id="kra"
+ * ca.connector.KRA.minHttpConns=1                   #Min connection pool connections. 
+ * ca.connector.KRA.maxHttpConns=10                  #Max connection pool connections. 
+ * </pre>
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IConnector {
+
+    /**
+     * Sends the request to a remote authority.
+     * @param req Request to be forwarded to remote authority.
+     * @return true for success, otherwise false.
+     * @exception EBaseException Failure to send request to remote authority. 
+     */
+    public boolean send(IRequest req)
+        throws EBaseException;
+
+    /**
+     * Starts this connector.
+     */
+    public void start();
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
new file mode 100644
index 000000000..a52d90e94
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnFactory.java
@@ -0,0 +1,53 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import netscape.ldap.*;
+import com.netscape.certsrv.base.*;
+import com.netscape.certsrv.connector.*;
+
+/**
+ * Maintains a pool of connections to to a Remote Authority.
+ * Utilized by the IHttpConnector interface.
+ * Multiple threads use this interface to utilize and release
+ * the Ldap connection resources. This factory will maintain a
+ * list of Http type connections to the remote host.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IHttpConnFactory {
+
+
+    /**
+     * Request access to a Ldap connection from the pool.
+     * @exception EBaseException if any error occurs, such as a
+     * @return Ldap connection object.
+     * connection is not available
+     */
+    public IHttpConnection getConn()
+        throws EBaseException;
+
+    /**
+     * Return connection to the factory. mandatory after a getConn().
+     * @param conn Ldap connection object to be returned to the free list of the pool.
+     * @exception EBaseException On any failure to return the connection.
+     */
+    public void returnConn(IHttpConnection conn)
+        throws EBaseException;
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
new file mode 100644
index 000000000..610ab30ed
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IHttpConnection.java
@@ -0,0 +1,48 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import com.netscape.cmsutil.http.*;
+import com.netscape.cmsutil.net.*;
+import com.netscape.certsrv.request.IRequest;
+import com.netscape.certsrv.connector.*;
+import com.netscape.certsrv.authority.*;
+import com.netscape.certsrv.base.*;
+import java.io.*;
+
+
+/**
+ * This represents a HTTP connection to a remote authority.
+ * Http connection is used by the connector to send
+ * PKI messages to a remote authority. The remote authority
+ * will reply with a PKI message as well. An example would
+ * be the communication between a CA and a KRA.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IHttpConnection {
+
+    /**
+     * Sends the PKI message to the remote authority.
+     * @param tomsg Message to forward to authority.
+     * @exception EBaseException Failed to send message.
+     */
+    public IPKIMessage send(IPKIMessage tomsg) 
+        throws EBaseException;
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java b/pki/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
new file mode 100644
index 000000000..83241170a
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IHttpPKIMessage.java
@@ -0,0 +1,59 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import com.netscape.certsrv.request.IRequest;
+import com.netscape.certsrv.connector.*;
+import java.util.*;
+import java.io.*;
+
+
+/**
+ * This represents a  Http PKI message. It contains 
+ * simple name/value pair values.  Also maintains information
+ * about the status and type of the message.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IHttpPKIMessage extends IPKIMessage {
+
+    /**
+     * Retrieves the request type.
+     * @return String with the type of request.
+     */
+    public String getReqType();
+
+    /**
+     * Retrieves the request identifier.
+     * @return String of name of request.
+     */
+    public String getReqId();
+
+    /**
+     * Copies contents of request to make a simple name/value message.
+     * @param r Instance of IRequest to be copied from.
+     */
+    public void fromRequest(IRequest r);
+
+    /**
+     * Copies contents to request.
+     * @param r Instance of IRequest to be copied to.
+     */
+    public void toRequest(IRequest r);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java b/pki/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
new file mode 100644
index 000000000..593261d9e
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IPKIMessage.java
@@ -0,0 +1,68 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import com.netscape.certsrv.request.IRequest;
+import java.io.Serializable;
+
+
+/**
+ * Messages that are serialized and go over the wire.
+ * It must be serializable, and
+ * later will be inherited by CRMF message. 
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IPKIMessage extends Serializable {
+
+    /**
+    *
+    * Returns status of request.
+    * @return String of request status.
+    */
+    public String getReqStatus();
+
+    /**
+     * Retrieves the request type.
+     * @return String of type of request.
+     */
+    public String getReqType();
+
+   
+    /**
+     * Retrieves the request identifer.
+     * @return String of name of request.
+     */
+    public String getReqId();
+
+    /**
+     * Makes a PKIMessage from a request
+     * PKIMessage will be sent to wire.
+     * @param r Request to copy from.
+     */
+    public void fromRequest(IRequest r);
+
+    /**
+     * Copies contents of PKIMessage to the request
+     * PKIMessage is from the wire.
+     * @param r Request to copy to.
+     */
+    public void toRequest(IRequest r);
+	
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java b/pki/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
new file mode 100644
index 000000000..90dcbaa26
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IRemoteAuthority.java
@@ -0,0 +1,56 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import com.netscape.certsrv.base.*;
+
+
+/**
+ * This represents a remote authority that can be
+ * a certificate manager, or key recovery manager or
+ * some other manager.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IRemoteAuthority {
+
+    /**
+     * Retrieves the host name of the remote Authority.
+     * @return String with the name of host of remote Authority.
+     */
+    public String getHost();
+
+    /**
+     * Retrieves the port number of the remote Authority.
+     * @return Int with port number of remote Authority.
+     */
+    public int getPort();
+
+    /**
+     * Retrieves the URI of the remote Authority.
+     * @return String with URI of remote Authority.
+     */
+    public String getURI();
+
+    /**
+     * Retrieves the timeout value for the connection to the remote Authority.
+     * @return In with remote Authority timeout value.
+     */
+    public int getTimeout();
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java b/pki/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
new file mode 100644
index 000000000..7838aa5eb
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IRequestEncoder.java
@@ -0,0 +1,50 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import java.io.IOException;
+
+
+/**
+ * This represents a rquest encoder that serializes and
+ * deserializes a request to a Remote Authority so that it can be sent through
+ * the connector.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IRequestEncoder {
+
+    /**
+     * Encodes a request object.
+     * @param r Object to serve as the source of the message.
+     * @return String containing encoded message.
+     * @exception IOException Failure of the encoding operation due to IO error.
+     */
+    String encode(Object r)
+        throws IOException;
+
+    /**
+     * Dncodes a String into an  object.
+     * @return Object which is the result of the decoded message.
+     * @exception IOException Failure of the decoding operation due to IO error.
+     */
+    Object decode(String s)
+        throws IOException;
+}
+
diff --git a/pki/base/common/src/com/netscape/certsrv/connector/IResender.java b/pki/base/common/src/com/netscape/certsrv/connector/IResender.java
new file mode 100644
index 000000000..b9305816e
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/connector/IResender.java
@@ -0,0 +1,51 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.connector;
+
+
+import com.netscape.certsrv.base.*;
+import com.netscape.certsrv.connector.*;
+import com.netscape.certsrv.authority.*;
+import com.netscape.certsrv.request.*;
+import com.netscape.certsrv.authentication.*;
+import com.netscape.certsrv.logging.*;
+import com.netscape.cmsutil.http.*;
+
+import java.util.Vector;
+import java.util.Enumeration;
+import java.io.*;
+
+
+/**
+ * Resend requests at intervals to the server to ensure completion of requests. 
+ * Default interval is 5 minutes.  The need to resend a message could arise
+ * due to an error or the fact that the message could not be serviced
+ * immediately.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IResender extends Runnable {
+
+    /**
+     * Adds the request to the resend queue.
+     * @param r Request to be placed on the resend queue.
+     */
+    public void addRequest(IRequest r);
+	
+}
+