summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java')
-rw-r--r--pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java350
1 files changed, 179 insertions, 171 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java
index ad30be009..6c1e1e8ad 100644
--- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java
+++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.ldap;
+
import java.math.BigInteger;
import java.security.cert.Certificate;
import java.util.Hashtable;
@@ -41,12 +42,13 @@ import com.netscape.certsrv.request.IRequestListener;
import com.netscape.certsrv.request.RequestId;
import com.netscape.cmscore.dbs.CertRecord;
+
public class LdapRequestListener implements IRequestListener {
private boolean mInited = false;
/**
- * handlers for request types (events) each handler implement
- * IRequestListener
+ * handlers for request types (events)
+ * each handler implement IRequestListener
*/
private Hashtable mRequestListeners = new Hashtable();
@@ -55,23 +57,23 @@ public class LdapRequestListener implements IRequestListener {
public LdapRequestListener() {
}
- public void set(String name, String val) {
- }
+ public void set(String name, String val)
+ {
+ }
public void init(ISubsystem sys, IConfigStore config) throws EBaseException {
- if (mInited)
- return;
+ if (mInited) return;
- mPublisherProcessor = (IPublisherProcessor) sys;
+ mPublisherProcessor = (IPublisherProcessor)sys;
mRequestListeners.put(IRequest.ENROLLMENT_REQUEST,
- new LdapEnrollmentListener(mPublisherProcessor));
+ new LdapEnrollmentListener(mPublisherProcessor));
mRequestListeners.put(IRequest.RENEWAL_REQUEST,
- new LdapRenewalListener(mPublisherProcessor));
+ new LdapRenewalListener(mPublisherProcessor));
mRequestListeners.put(IRequest.REVOCATION_REQUEST,
- new LdapRevocationListener(mPublisherProcessor));
+ new LdapRevocationListener(mPublisherProcessor));
mRequestListeners.put(IRequest.UNREVOCATION_REQUEST,
- new LdapUnrevocationListener(mPublisherProcessor));
+ new LdapUnrevocationListener(mPublisherProcessor));
mInited = true;
}
@@ -84,46 +86,45 @@ public class LdapRequestListener implements IRequestListener {
if (r.getExtDataInInteger(IRequest.RESULT) == null)
return null;
- // check if request failed.
- if ((r.getExtDataInInteger(IRequest.RESULT))
- .equals(IRequest.RES_ERROR)) {
- CMS.debug("Request errored. "
- + "Nothing to publish for enrollment request id "
- + r.getRequestId());
+ // check if request failed.
+ if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) {
+ CMS.debug("Request errored. " +
+ "Nothing to publish for enrollment request id " +
+ r.getRequestId());
return null;
}
- CMS.debug("Checking publishing for request " + r.getRequestId());
+ CMS.debug("Checking publishing for request " +
+ r.getRequestId());
// check if issued certs is set.
- X509CertImpl[] certs = r
- .getExtDataInCertArray(IRequest.ISSUED_CERTS);
+ X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
if (certs == null || certs.length == 0 || certs[0] == null) {
- CMS.debug("No certs to publish for request id "
- + r.getRequestId());
+ CMS.debug(
+ "No certs to publish for request id " +
+ r.getRequestId());
return null;
}
obj.setCerts(certs);
return obj;
} else if (type.equals(IRequest.RENEWAL_REQUEST)) {
- // Note we do not remove old certs from directory during renewal
- X509CertImpl[] certs = r
- .getExtDataInCertArray(IRequest.ISSUED_CERTS);
+ // Note we do not remove old certs from directory during renewal
+ X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
if (certs == null || certs.length == 0) {
- CMS.debug("no certs to publish for renewal " + "request "
- + r.getRequestId());
+ CMS.debug("no certs to publish for renewal " +
+ "request " + r.getRequestId());
return null;
}
obj.setCerts(certs);
return obj;
} else if (type.equals(IRequest.REVOCATION_REQUEST)) {
- X509CertImpl[] revcerts = r
- .getExtDataInCertArray(IRequest.OLD_CERTS);
+ X509CertImpl[] revcerts = r.getExtDataInCertArray(IRequest.OLD_CERTS);
if (revcerts == null || revcerts.length == 0 || revcerts[0] == null) {
// no certs in revoke.
- CMS.debug("Nothing to unpublish for revocation " + "request "
- + r.getRequestId());
+ CMS.debug(
+ "Nothing to unpublish for revocation " +
+ "request " + r.getRequestId());
return null;
}
obj.setCerts(revcerts);
@@ -133,15 +134,17 @@ public class LdapRequestListener implements IRequestListener {
if (certs == null || certs.length == 0 || certs[0] == null) {
// no certs in unrevoke.
- CMS.debug("Nothing to publish for unrevocation " + "request "
- + r.getRequestId());
+ CMS.debug(
+ "Nothing to publish for unrevocation " +
+ "request " + r.getRequestId());
return null;
}
obj.setCerts(certs);
return obj;
} else {
- CMS.debug("Request errored. "
- + "Nothing to publish for request id " + r.getRequestId());
+ CMS.debug("Request errored. " +
+ "Nothing to publish for request id " +
+ r.getRequestId());
return null;
}
@@ -150,11 +153,11 @@ public class LdapRequestListener implements IRequestListener {
public void accept(IRequest r) {
String type = r.getRequestType();
- IRequestListener handler = (IRequestListener) mRequestListeners
- .get(type);
+ IRequestListener handler = (IRequestListener) mRequestListeners.get(type);
if (handler == null) {
- CMS.debug("Nothing to publish for request type " + type);
+ CMS.debug(
+ "Nothing to publish for request type " + type);
return;
}
handler.accept(r);
@@ -162,6 +165,7 @@ public class LdapRequestListener implements IRequestListener {
}
+
class LdapEnrollmentListener implements IRequestListener {
IPublisherProcessor mProcessor = null;
@@ -172,48 +176,51 @@ class LdapEnrollmentListener implements IRequestListener {
public void init(ISubsystem sys, IConfigStore config) throws EBaseException {
}
- public void set(String name, String val) {
+ public void set(String name, String val)
+ {
}
public void accept(IRequest r) {
- CMS.debug("LdapRequestListener handling publishing for enrollment request id "
- + r.getRequestId());
+ CMS.debug(
+ "LdapRequestListener handling publishing for enrollment request id " +
+ r.getRequestId());
String profileId = r.getExtDataInString("profileId");
if (profileId == null) {
- // in case it's not meant for us
- if (r.getExtDataInInteger(IRequest.RESULT) == null)
- return;
+ // in case it's not meant for us
+ if (r.getExtDataInInteger(IRequest.RESULT) == null)
+ return;
// check if request failed.
- if ((r.getExtDataInInteger(IRequest.RESULT))
- .equals(IRequest.RES_ERROR)) {
- CMS.debug("Request errored. "
- + "Nothing to publish for enrollment request id "
- + r.getRequestId());
- return;
- }
- }
- CMS.debug("Checking publishing for request " + r.getRequestId());
+ if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) {
+ CMS.debug("Request errored. " +
+ "Nothing to publish for enrollment request id " +
+ r.getRequestId());
+ return;
+ }
+ }
+ CMS.debug("Checking publishing for request " +
+ r.getRequestId());
// check if issued certs is set.
Certificate[] certs = null;
if (profileId == null) {
- certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
- } else {
- certs = new Certificate[1];
- certs[0] = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT);
- }
+ certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
+ } else {
+ certs = new Certificate[1];
+ certs[0] = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT);
+ }
if (certs == null || certs.length == 0 || certs[0] == null) {
- CMS.debug("No certs to publish for request id " + r.getRequestId());
+ CMS.debug(
+ "No certs to publish for request id " + r.getRequestId());
return;
}
-
+
if (certs[0] instanceof X509CertImpl)
acceptX509(r, certs);
}
-
+
public void acceptX509(IRequest r, Certificate[] certs) {
Integer results[] = new Integer[certs.length];
boolean error = false;
@@ -221,56 +228,58 @@ class LdapEnrollmentListener implements IRequestListener {
for (int i = 0; i < certs.length; i++) {
X509CertImpl xcert = (X509CertImpl) certs[i];
- if (xcert == null)
+ if (xcert == null)
continue;
try {
mProcessor.publishCert(xcert, r);
-
+
results[i] = IRequest.RES_SUCCESS;
- CMS.debug("acceptX509: Published cert serial no 0x"
- + xcert.getSerialNumber().toString(16));
- // mProcessor.setPublishedFlag(xcert.getSerialNumber(), true);
+ CMS.debug(
+ "acceptX509: Published cert serial no 0x" +
+ xcert.getSerialNumber().toString(16));
+ //mProcessor.setPublishedFlag(xcert.getSerialNumber(), true);
} catch (ELdapException e) {
- mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "CMSCORE_LDAP_CERT_NOT_PUBLISH", xcert
- .getSerialNumber().toString(16), e.toString()));
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH",
+ xcert.getSerialNumber().toString(16), e.toString()));
results[i] = IRequest.RES_ERROR;
error = true;
}
}
r.setExtData("ldapPublishStatus", results);
r.setExtData("ldapPublishOverAllStatus",
- (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
+ (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
}
}
+
class LdapRenewalListener implements IRequestListener {
private IPublisherProcessor mProcessor = null;
public LdapRenewalListener(IPublisherProcessor processor) {
mProcessor = processor;
}
-
public void init(ISubsystem sys, IConfigStore config) throws EBaseException {
}
- public void set(String name, String val) {
+ public void set(String name, String val)
+ {
}
public void accept(IRequest r) {
- // Note we do not remove old certs from directory during renewal
+ // Note we do not remove old certs from directory during renewal
Certificate[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS);
if (certs == null || certs.length == 0) {
- CMS.debug("no certs to publish for renewal " + "request "
- + r.getRequestId());
+ CMS.debug("no certs to publish for renewal " +
+ "request " + r.getRequestId());
return;
}
-
+
if (certs[0] instanceof X509CertImpl)
acceptX509(r, certs);
}
-
+
public void acceptX509(IRequest r, Certificate[] certs) {
X509CertImpl cert = null;
@@ -279,57 +288,61 @@ class LdapRenewalListener implements IRequestListener {
for (int i = 0; i < certs.length; i++) {
cert = (X509CertImpl) certs[i];
- if (cert == null)
+ if (cert == null)
continue; // there was an error issuing this cert.
try {
mProcessor.publishCert(cert, r);
results[i] = IRequest.RES_SUCCESS;
- mProcessor.log(ILogger.LL_INFO, "Published cert serial no 0x"
- + cert.getSerialNumber().toString(16));
+ mProcessor.log(ILogger.LL_INFO,
+ "Published cert serial no 0x" +
+ cert.getSerialNumber().toString(16));
} catch (ELdapException e) {
error = true;
- mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "CMSCORE_LDAP_CERT_NOT_PUBLISH", cert.getSerialNumber()
- .toString(16), e.toString()));
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH",
+ cert.getSerialNumber().toString(16), e.toString()));
results[i] = IRequest.RES_ERROR;
}
}
r.setExtData("ldapPublishStatus", results);
r.setExtData("ldapPublishOverAllStatus",
- (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
+ (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
}
}
+
class LdapRevocationListener implements IRequestListener {
private IPublisherProcessor mProcessor = null;
public LdapRevocationListener(IPublisherProcessor processor) {
mProcessor = processor;
}
-
public void init(ISubsystem sys, IConfigStore config) throws EBaseException {
}
- public void set(String name, String val) {
+ public void set(String name, String val)
+ {
}
public void accept(IRequest r) {
- CMS.debug("Handle publishing for revoke request id " + r.getRequestId());
+ CMS.debug(
+ "Handle publishing for revoke request id " + r.getRequestId());
// get fields in request.
Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS);
if (certs == null || certs.length == 0 || certs[0] == null) {
// no certs in revoke.
- CMS.debug("Nothing to unpublish for revocation " + "request "
- + r.getRequestId());
+ CMS.debug(
+ "Nothing to unpublish for revocation " +
+ "request " + r.getRequestId());
return;
}
-
+
if (certs[0] instanceof X509CertImpl)
acceptX509(r, certs);
}
-
+
public void acceptX509(IRequest r, Certificate[] revcerts) {
boolean error = false;
Integer results[] = new Integer[revcerts.length];
@@ -343,107 +356,105 @@ class LdapRevocationListener implements IRequestListener {
// We need the enrollment request to sort out predicate
BigInteger serial = cert.getSerialNumber();
ICertRecord certRecord = null;
- IAuthority auth = (IAuthority) mProcessor.getAuthority();
+ IAuthority auth = (IAuthority)mProcessor.getAuthority();
- if (auth == null || !(auth instanceof ICertificateAuthority)) {
- mProcessor
- .log(ILogger.LL_WARN,
- "Trying to get a certificate from non certificate authority.");
+ if (auth == null ||
+ !(auth instanceof ICertificateAuthority)) {
+ mProcessor.log(ILogger.LL_WARN,
+ "Trying to get a certificate from non certificate authority.");
} else {
- ICertificateRepository certdb = (ICertificateRepository) ((ICertificateAuthority) auth)
- .getCertificateRepository();
+ ICertificateRepository certdb =
+ (ICertificateRepository) ((ICertificateAuthority) auth).getCertificateRepository();
if (certdb == null) {
- mProcessor.log(ILogger.LL_WARN, "Cert DB is null for "
- + auth);
+ mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth);
} else {
try {
- certRecord = (ICertRecord) certdb
- .readCertificateRecord(serial);
+ certRecord = (ICertRecord) certdb.readCertificateRecord(serial);
} catch (EBaseException e) {
- mProcessor.log(ILogger.LL_FAILURE, CMS
- .getLogMessage(
- "CMSCORE_LDAP_GET_CERT_RECORD",
- serial.toString(16), e.toString()));
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD",
+ serial.toString(16), e.toString()));
}
}
}
MetaInfo metaInfo = null;
String ridString = null;
-
+
if (certRecord != null)
- metaInfo = (MetaInfo) certRecord
- .get(ICertRecord.ATTR_META_INFO);
+ metaInfo =
+ (MetaInfo) certRecord.get(ICertRecord.ATTR_META_INFO);
if (metaInfo == null) {
- mProcessor.log(ILogger.LL_FAILURE,
- "failed getting CertRecord.ATTR_META_INFO for cert serial number 0x"
- + serial.toString(16));
+ mProcessor.log(ILogger.LL_FAILURE,
+ "failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" +
+ serial.toString(16));
} else {
- ridString = (String) metaInfo
- .get(ICertRecord.META_REQUEST_ID);
+ ridString = (String) metaInfo.get(ICertRecord.META_REQUEST_ID);
}
-
+
IRequest req = null;
if (ridString != null) {
RequestId rid = new RequestId(ridString);
-
+
req = auth.getRequestQueue().findRequest(rid);
- }
+ }
mProcessor.unpublishCert(cert, req);
results[i] = IRequest.RES_SUCCESS;
- CMS.debug("Unpublished cert serial no 0x"
- + cert.getSerialNumber().toString(16));
+ CMS.debug(
+ "Unpublished cert serial no 0x" +
+ cert.getSerialNumber().toString(16));
} catch (ELdapException e) {
error = true;
- mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "CMSCORE_LDAP_CERT_NOT_UNPUBLISH", cert
- .getSerialNumber().toString(16), e.toString()));
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH",
+ cert.getSerialNumber().toString(16), e.toString()));
} catch (EBaseException e) {
error = true;
- mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "CMSCORE_LDAP_CERT_NOT_FIND", cert.getSerialNumber()
- .toString(16), e.toString()));
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND",
+ cert.getSerialNumber().toString(16), e.toString()));
}
}
r.setExtData("ldapPublishStatus", results);
r.setExtData("ldapPublishOverAllStatus",
- (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
+ (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
}
}
+
class LdapUnrevocationListener implements IRequestListener {
private IPublisherProcessor mProcessor = null;
public LdapUnrevocationListener(IPublisherProcessor processor) {
mProcessor = processor;
}
-
public void init(ISubsystem sys, IConfigStore config) throws EBaseException {
}
-
- public void set(String name, String val) {
+ public void set(String name, String val)
+ {
}
public void accept(IRequest r) {
- CMS.debug("Handle publishing for unrevoke request id "
- + r.getRequestId());
+ CMS.debug(
+ "Handle publishing for unrevoke request id " + r.getRequestId());
// get fields in request.
Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS);
if (certs == null || certs.length == 0 || certs[0] == null) {
// no certs in unrevoke.
- CMS.debug("Nothing to publish for unrevocation " + "request "
- + r.getRequestId());
+ CMS.debug(
+ "Nothing to publish for unrevocation " +
+ "request " + r.getRequestId());
return;
}
-
+
if (certs[0] instanceof X509CertImpl)
acceptX509(r, certs);
}
-
+
public void acceptX509(IRequest r, Certificate[] certs) {
boolean error = false;
Integer results[] = new Integer[certs.length];
@@ -456,72 +467,69 @@ class LdapUnrevocationListener implements IRequestListener {
// We need the enrollment request to sort out predicate
BigInteger serial = xcert.getSerialNumber();
ICertRecord certRecord = null;
- IAuthority auth = (IAuthority) mProcessor.getAuthority();
+ IAuthority auth = (IAuthority)mProcessor.getAuthority();
- if (auth == null || !(auth instanceof ICertificateAuthority)) {
- mProcessor
- .log(ILogger.LL_WARN,
- "Trying to get a certificate from non certificate authority.");
+ if (auth == null ||
+ !(auth instanceof ICertificateAuthority)) {
+ mProcessor.log(ILogger.LL_WARN,
+ "Trying to get a certificate from non certificate authority.");
} else {
- ICertificateRepository certdb = (ICertificateRepository) ((ICertificateAuthority) auth)
- .getCertificateRepository();
+ ICertificateRepository certdb = (ICertificateRepository)
+ ((ICertificateAuthority) auth).getCertificateRepository();
if (certdb == null) {
- mProcessor.log(ILogger.LL_WARN, "Cert DB is null for "
- + auth);
+ mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth);
} else {
try {
- certRecord = (ICertRecord) certdb
- .readCertificateRecord(serial);
+ certRecord = (ICertRecord) certdb.readCertificateRecord(serial);
} catch (EBaseException e) {
- mProcessor.log(ILogger.LL_FAILURE, CMS
- .getLogMessage(
- "CMSCORE_LDAP_GET_CERT_RECORD",
- serial.toString(16), e.toString()));
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", serial.toString(16), e.toString()));
}
}
}
MetaInfo metaInfo = null;
String ridString = null;
-
+
if (certRecord != null)
- metaInfo = (MetaInfo) certRecord
- .get(CertRecord.ATTR_META_INFO);
+ metaInfo =
+ (MetaInfo) certRecord.get(CertRecord.ATTR_META_INFO);
if (metaInfo == null) {
- mProcessor.log(ILogger.LL_FAILURE,
- "Failed getting CertRecord.ATTR_META_INFO for cert serial number 0x"
- + serial.toString(16));
+ mProcessor.log(ILogger.LL_FAILURE,
+ "Failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" +
+ serial.toString(16));
} else {
- ridString = (String) metaInfo
- .get(CertRecord.META_REQUEST_ID);
+ ridString = (String) metaInfo.get(CertRecord.META_REQUEST_ID);
}
-
+
IRequest req = null;
if (ridString != null) {
RequestId rid = new RequestId(ridString);
-
+
req = auth.getRequestQueue().findRequest(rid);
- }
+ }
mProcessor.publishCert(xcert, req);
results[i] = IRequest.RES_SUCCESS;
- CMS.debug("Published cert serial no 0x"
- + xcert.getSerialNumber().toString(16));
+ CMS.debug(
+ "Published cert serial no 0x" +
+ xcert.getSerialNumber().toString(16));
} catch (ELdapException e) {
error = true;
- mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "CMSCORE_LDAP_CERT_NOT_PUBLISH", xcert
- .getSerialNumber().toString(16), e.toString()));
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH",
+ xcert.getSerialNumber().toString(16), e.toString()));
} catch (EBaseException e) {
error = true;
- mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage(
- "CMSCORE_LDAP_CERT_NOT_FIND", xcert.getSerialNumber()
- .toString(16), e.toString()));
- }
+ mProcessor.log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND",
+ xcert.getSerialNumber().toString(16), e.toString()));
+ }
}
r.setExtData("ldapPublishStatus", results);
r.setExtData("ldapPublishOverAllStatus",
- (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
+ (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS));
}
}
+
generated by cgit (git 2.34.1) at 2024-05-18 07:50:24 +0000