From 621d9e5c413e561293d7484b93882d985b3fe15f Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Sat, 24 Mar 2012 02:27:47 -0500 Subject: Removed unnecessary pki folder. Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131 --- .../src/com/netscape/ca/CRLWithExpiredCerts.java | 68 ++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 base/ca/src/com/netscape/ca/CRLWithExpiredCerts.java (limited to 'base/ca/src/com/netscape/ca/CRLWithExpiredCerts.java') diff --git a/base/ca/src/com/netscape/ca/CRLWithExpiredCerts.java b/base/ca/src/com/netscape/ca/CRLWithExpiredCerts.java new file mode 100644 index 000000000..9ad619ff8 --- /dev/null +++ b/base/ca/src/com/netscape/ca/CRLWithExpiredCerts.java @@ -0,0 +1,68 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.ca; + +import java.math.BigInteger; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.cmscore.dbs.CertRecord; + +/** + * A CRL Issuing point that contains revoked certs, include onces that + * have expired. + */ +public class CRLWithExpiredCerts extends CRLIssuingPoint { + + /** + * overrides getRevokedCerts in CRLIssuingPoint to include + * all revoked certs, including once that have expired. + * + * @param thisUpdate parameter is ignored. + * + * @exception EBaseException if an exception occured getting revoked + * certificates from the database. + */ + public String getFilter() { + // PLEASE DONT CHANGE THE FILTER. It is indexed. + // Changing it will degrade performance. See + // also com.netscape.certsetup.LDAPUtil.java + String filter = + "(|(" + CertRecord.ATTR_CERT_STATUS + "=" + + CertRecord.STATUS_REVOKED + ")" + + "(" + CertRecord.ATTR_CERT_STATUS + "=" + + CertRecord.STATUS_REVOKED_EXPIRED + "))"; + + // check if any ranges specified. + if (mBeginSerial != null) + filter += "(" + CertRecord.ATTR_ID + ">=" + mBeginSerial.toString() + ")"; + if (mEndSerial != null) + filter += "(" + CertRecord.ATTR_ID + "<=" + mEndSerial.toString() + ")"; + // get all revoked non-expired certs. + if (mEndSerial != null || mBeginSerial != null) { + filter = "(&" + filter + ")"; + } + return filter; + } + + /** + * registers expired certificates + */ + public void addExpiredCert(BigInteger serialNumber) { + // don't do anything + } +} -- cgit