From baa64ee50a0d3c851cea791e01ce80de9edb040c Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Mon, 21 Mar 2016 17:10:39 +0100 Subject: Removed unnecessary URL encoding for admin cert request. Due to changes in aaacd71a2f125501645885d3da1de18459782572, when pki_import_admin_cert is set to False the installation code performs an unnecessary URL encoding for the admin certificate request. The extra URL encoding has now been removed. https://fedorahosted.org/pki/ticket/1803 --- .../src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java | 6 ++++-- .../cms/src/org/dogtagpki/server/rest/SystemConfigService.java | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'base/server/cms/src') diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index 3c69fa75f..51e5f0824 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -30,7 +30,6 @@ import java.io.PrintStream; import java.math.BigInteger; import java.net.URI; import java.net.URISyntaxException; -import java.net.URLEncoder; import java.security.DigestException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; @@ -3640,12 +3639,15 @@ public class ConfigurationUtils { public static String submitAdminCertRequest(String ca_hostname, int ca_port, String profileId, String certRequestType, String certRequest, String subjectDN) throws Exception { + + CMS.debug("ConfigurationUtils: submitAdminCertRequest()"); + IConfigStore config = CMS.getConfigStore(); if (profileId == null) { profileId = config.getString("preop.admincert.profile", "caAdminCert"); } - certRequest = URLEncoder.encode(certRequest, "UTF-8"); + String session_id = CMS.getConfigSDSessionId(); MultivaluedMap content = new MultivaluedHashMap(); diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index f7e5a6b05..c56f33281 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -609,11 +609,13 @@ public class SystemConfigService extends PKIService implements SystemConfigResou } public void configureAdministrator(ConfigurationRequest data, ConfigurationResponse response) { + if (!data.isClone()) { try { X509CertImpl admincerts[] = new X509CertImpl[1]; ConfigurationUtils.createAdmin(data.getAdminUID(), data.getAdminEmail(), data.getAdminName(), data.getAdminPassword()); + if (data.getImportAdminCert().equalsIgnoreCase("true")) { String b64 = CryptoUtil.stripCertBrackets(data.getAdminCert().trim()); if (data.getStandAlone() && data.getStepTwo()) { @@ -625,6 +627,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou // Convert Admin Cert to X509CertImpl byte[] b = CryptoUtil.base64Decode(b64); admincerts[0] = new X509CertImpl(b); + } else { if (csType.equals("CA")) { ConfigurationUtils.createAdminCertificate(data.getAdminCertRequest(), @@ -634,6 +637,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(ICertificateAuthority.ID); ICertificateRepository repo = ca.getCertificateRepository(); admincerts[0] = repo.getX509Certificate(new BigInteger(serialno, 16)); + } else { String type = cs.getString("preop.ca.type", ""); String ca_hostname = ""; -- cgit