summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java238
1 files changed, 128 insertions, 110 deletions
diff --git a/pki/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java b/pki/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java
index f0154e44..c7ccd41e 100644
--- a/pki/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java
+++ b/pki/base/common/src/com/netscape/cms/publish/publishers/FileBasedPublisher.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.publish.publishers;
-
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
@@ -47,10 +46,9 @@ import com.netscape.certsrv.ldap.ELdapException;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.publish.ILdapPublisher;
-/**
- * This publisher writes certificate and CRL into
- * a directory.
- *
+/**
+ * This publisher writes certificate and CRL into a directory.
+ *
* @version $Revision$, $Date$
*/
public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
@@ -74,10 +72,10 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
protected String mLinkExt = null;
protected int mZipLevel = 9;
- public void setIssuingPointId(String crlIssuingPointId)
- {
+ public void setIssuingPointId(String crlIssuingPointId) {
mCrlIssuingPointId = crlIssuingPointId;
}
+
/**
* Returns the implementation name.
*/
@@ -95,19 +93,26 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
public String[] getExtendedPluginInfo(Locale locale) {
String[] params = {
- PROP_DIR + ";string;Directory in which to put the files (absolute path or relative path to cert-* instance directory).",
- PROP_DER + ";boolean;Store certificates or CRLs into *.der files.",
- PROP_B64 + ";boolean;Store certificates or CRLs into *.b64 files.",
- PROP_GMT + ";choice(LocalTime,GMT);Use local time or GMT to time stamp CRL file name with CRL's 'thisUpdate' field.",
- PROP_LNK + ";boolean;Generate link to the latest binary CRL. It requires '"+PROP_DER+"' to be enabled.",
- PROP_EXT + ";string;Name extension used by link to the latest CRL. Default name extension is 'der'.",
+ PROP_DIR
+ + ";string;Directory in which to put the files (absolute path or relative path to cert-* instance directory).",
+ PROP_DER
+ + ";boolean;Store certificates or CRLs into *.der files.",
+ PROP_B64
+ + ";boolean;Store certificates or CRLs into *.b64 files.",
+ PROP_GMT
+ + ";choice(LocalTime,GMT);Use local time or GMT to time stamp CRL file name with CRL's 'thisUpdate' field.",
+ PROP_LNK
+ + ";boolean;Generate link to the latest binary CRL. It requires '"
+ + PROP_DER + "' to be enabled.",
+ PROP_EXT
+ + ";string;Name extension used by link to the latest CRL. Default name extension is 'der'.",
PROP_ZIP + ";boolean;Generate compressed CRLs.",
- PROP_LEV + ";choice(0,1,2,3,4,5,6,7,8,9);Set compression level from 0 to 9.",
- IExtendedPluginInfo.HELP_TOKEN +
- ";configuration-ldappublish-publisher-filepublisher",
- IExtendedPluginInfo.HELP_TEXT +
- ";Stores the certificates or CRLs into files. Certificate is named as cert-<serialno>.der or *.b64, and CRL is named as <IssuingPoint>-<thisUpdate-time>.der or *.b64."
- };
+ PROP_LEV
+ + ";choice(0,1,2,3,4,5,6,7,8,9);Set compression level from 0 to 9.",
+ IExtendedPluginInfo.HELP_TOKEN
+ + ";configuration-ldappublish-publisher-filepublisher",
+ IExtendedPluginInfo.HELP_TEXT
+ + ";Stores the certificates or CRLs into files. Certificate is named as cert-<serialno>.der or *.b64, and CRL is named as <IssuingPoint>-<thisUpdate-time>.der or *.b64." };
return params;
}
@@ -139,14 +144,14 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
try {
if (mTimeStamp == null || (!mTimeStamp.equals("GMT")))
mTimeStamp = "LocalTime";
- v.addElement(PROP_DIR+"=" + dir);
- v.addElement(PROP_DER+"=" + mConfig.getBoolean(PROP_DER,true));
- v.addElement(PROP_B64+"=" + mConfig.getBoolean(PROP_B64,false));
- v.addElement(PROP_GMT+"=" + mTimeStamp);
- v.addElement(PROP_LNK+"=" + mConfig.getBoolean(PROP_LNK,false));
- v.addElement(PROP_EXT+"=" + ext);
- v.addElement(PROP_ZIP+"=" + mConfig.getBoolean(PROP_ZIP,false));
- v.addElement(PROP_LEV+"=" + mZipLevel);
+ v.addElement(PROP_DIR + "=" + dir);
+ v.addElement(PROP_DER + "=" + mConfig.getBoolean(PROP_DER, true));
+ v.addElement(PROP_B64 + "=" + mConfig.getBoolean(PROP_B64, false));
+ v.addElement(PROP_GMT + "=" + mTimeStamp);
+ v.addElement(PROP_LNK + "=" + mConfig.getBoolean(PROP_LNK, false));
+ v.addElement(PROP_EXT + "=" + ext);
+ v.addElement(PROP_ZIP + "=" + mConfig.getBoolean(PROP_ZIP, false));
+ v.addElement(PROP_LEV + "=" + mZipLevel);
} catch (Exception e) {
}
return v;
@@ -158,14 +163,14 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
public Vector<String> getDefaultParams() {
Vector<String> v = new Vector<String>();
- v.addElement(PROP_DIR+"=");
- v.addElement(PROP_DER+"=true");
- v.addElement(PROP_B64+"=false");
- v.addElement(PROP_GMT+"=LocalTime");
- v.addElement(PROP_LNK+"=false");
- v.addElement(PROP_EXT+"=");
- v.addElement(PROP_ZIP+"=false");
- v.addElement(PROP_LEV+"=9");
+ v.addElement(PROP_DIR + "=");
+ v.addElement(PROP_DER + "=true");
+ v.addElement(PROP_B64 + "=false");
+ v.addElement(PROP_GMT + "=LocalTime");
+ v.addElement(PROP_LNK + "=false");
+ v.addElement(PROP_EXT + "=");
+ v.addElement(PROP_ZIP + "=false");
+ v.addElement(PROP_LEV + "=9");
return v;
}
@@ -193,7 +198,7 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
}
// convert to forward slash
- dir = dir.replace('\\', '/');
+ dir = dir.replace('\\', '/');
config.putString(PROP_DIR, dir);
File dirCheck = new File(dir);
@@ -209,8 +214,7 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
} catch (Exception e) {
throw new RuntimeException("Invalid Instance Dir " + e);
}
- dirCheck = new File(mInstanceRoot +
- File.separator + dir);
+ dirCheck = new File(mInstanceRoot + File.separator + dir);
if (dirCheck.isDirectory()) {
mDir = mInstanceRoot + File.separator + dir;
} else {
@@ -224,18 +228,20 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
}
private String[] getCrlNamePrefix(X509CRL crl, boolean useGMT) {
- String[] namePrefix = {"crl", "crl"};
+ String[] namePrefix = { "crl", "crl" };
if (mCrlIssuingPointId != null && mCrlIssuingPointId.length() != 0) {
namePrefix[0] = mCrlIssuingPointId;
namePrefix[1] = mCrlIssuingPointId;
}
- java.text.SimpleDateFormat format = new java.text.SimpleDateFormat("yyyyMMdd-HHmmss");
+ java.text.SimpleDateFormat format = new java.text.SimpleDateFormat(
+ "yyyyMMdd-HHmmss");
TimeZone tz = TimeZone.getTimeZone("GMT");
- if (useGMT) format.setTimeZone(tz);
+ if (useGMT)
+ format.setTimeZone(tz);
String timeStamp = format.format(crl.getThisUpdate()).toString();
namePrefix[0] += "-" + timeStamp;
- if (((netscape.security.x509.X509CRLImpl)crl).isDeltaCRL()) {
+ if (((netscape.security.x509.X509CRLImpl) crl).isDeltaCRL()) {
namePrefix[0] += "-delta";
namePrefix[1] += "-delta";
}
@@ -243,65 +249,60 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
return namePrefix;
}
- private void createLink(String linkName, String fileName) {
+ private void createLink(String linkName, String fileName) {
String cmd = "ln -s " + fileName + " " + linkName + ".new";
if (com.netscape.cmsutil.util.Utils.exec(cmd)) {
File oldLink = new File(linkName + ".old");
- if (oldLink.exists()) { // remove old link if exists
+ if (oldLink.exists()) { // remove old link if exists
oldLink.delete();
}
File link = new File(linkName);
- if (link.exists()) { // current link becomes an old link
+ if (link.exists()) { // current link becomes an old link
link.renameTo(new File(linkName + ".old"));
}
File newLink = new File(linkName + ".new");
- if (newLink.exists()) { // new link becomes current link
+ if (newLink.exists()) { // new link becomes current link
newLink.renameTo(new File(linkName));
}
oldLink = new File(linkName + ".old");
- if (oldLink.exists()) { // remove a new old link
+ if (oldLink.exists()) { // remove a new old link
oldLink.delete();
}
} else {
- CMS.debug("FileBasedPublisher: createLink: '" + cmd + "' --- failed");
+ CMS.debug("FileBasedPublisher: createLink: '" + cmd
+ + "' --- failed");
}
}
/**
* Publishs a object to the ldap directory.
*
- * @param conn a Ldap connection
- * (null if LDAP publishing is not enabled)
- * @param dn dn of the ldap entry to publish cert
- * (null if LDAP publishing is not enabled)
- * @param object object to publish
- * (java.security.cert.X509Certificate or,
- * java.security.cert.X509CRL)
+ * @param conn a Ldap connection (null if LDAP publishing is not enabled)
+ * @param dn dn of the ldap entry to publish cert (null if LDAP publishing
+ * is not enabled)
+ * @param object object to publish (java.security.cert.X509Certificate or,
+ * java.security.cert.X509CRL)
*/
public void publish(LDAPConnection conn, String dn, Object object)
- throws ELdapException {
+ throws ELdapException {
CMS.debug("FileBasedPublisher: publish");
try {
if (object instanceof X509Certificate) {
X509Certificate cert = (X509Certificate) object;
BigInteger sno = cert.getSerialNumber();
- String name = mDir +
- File.separator + "cert-" +
- sno.toString();
- if (mDerAttr)
- {
+ String name = mDir + File.separator + "cert-" + sno.toString();
+ if (mDerAttr) {
String fileName = name + ".der";
FileOutputStream fos = new FileOutputStream(fileName);
fos.write(cert.getEncoded());
fos.close();
}
- if (mB64Attr)
- {
+ if (mB64Attr) {
String fileName = name + ".b64";
FileOutputStream fos = new FileOutputStream(fileName);
ByteArrayOutputStream output = new ByteArrayOutputStream();
- Base64OutputStream b64 =
- new Base64OutputStream(new PrintStream(new FilterOutputStream(output)));
+ Base64OutputStream b64 = new Base64OutputStream(
+ new PrintStream(new FilterOutputStream(output)));
b64.write(cert.getEncoded());
b64.flush();
(new PrintStream(fos)).print(output.toString("8859_1"));
@@ -309,12 +310,13 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
}
} else if (object instanceof X509CRL) {
X509CRL crl = (X509CRL) object;
- String[] namePrefix = getCrlNamePrefix(crl, mTimeStamp.equals("GMT"));
+ String[] namePrefix = getCrlNamePrefix(crl,
+ mTimeStamp.equals("GMT"));
String baseName = mDir + File.separator + namePrefix[0];
String tempFile = baseName + ".temp";
FileOutputStream fos;
ZipOutputStream zos;
- byte [] encodedArray = null;
+ byte[] encodedArray = null;
File destFile = null;
String destName = null;
File renameFile = null;
@@ -325,16 +327,17 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
fos.write(encodedArray);
fos.close();
if (mZipCRL) {
- zos = new ZipOutputStream(new FileOutputStream(baseName+".zip"));
+ zos = new ZipOutputStream(new FileOutputStream(baseName
+ + ".zip"));
zos.setLevel(mZipLevel);
- zos.putNextEntry(new ZipEntry(baseName+".der"));
+ zos.putNextEntry(new ZipEntry(baseName + ".der"));
zos.write(encodedArray, 0, encodedArray.length);
zos.closeEntry();
zos.close();
}
destName = baseName + ".der";
destFile = new File(destName);
-
+
if (destFile.exists())
destFile.delete();
renameFile = new File(tempFile);
@@ -347,59 +350,71 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
} else {
linkExt += "der";
}
- String linkName = mDir + File.separator + namePrefix[1] + linkExt;
- createLink(linkName, destName);
+ String linkName = mDir + File.separator + namePrefix[1]
+ + linkExt;
+ createLink(linkName, destName);
if (mZipCRL) {
- linkName = mDir + File.separator + namePrefix[1] + ".zip";
- createLink(linkName, baseName+".zip");
+ linkName = mDir + File.separator + namePrefix[1]
+ + ".zip";
+ createLink(linkName, baseName + ".zip");
}
}
}
-
+
// output base64 file
- if(mB64Attr==true)
- {
- if (encodedArray ==null)
- encodedArray = crl.getEncoded();
-
- ByteArrayOutputStream os = new ByteArrayOutputStream();
-
- fos = new FileOutputStream(tempFile);
- fos.write(com.netscape.osutil.OSUtil.BtoA(encodedArray).getBytes());
- fos.close();
- destName = baseName + ".b64";
- destFile = new File(destName);
-
- if(destFile.exists())
- destFile.delete();
- renameFile = new File(tempFile);
- renameFile.renameTo(destFile);
- }
+ if (mB64Attr == true) {
+ if (encodedArray == null)
+ encodedArray = crl.getEncoded();
+
+ ByteArrayOutputStream os = new ByteArrayOutputStream();
+
+ fos = new FileOutputStream(tempFile);
+ fos.write(com.netscape.osutil.OSUtil.BtoA(encodedArray)
+ .getBytes());
+ fos.close();
+ destName = baseName + ".b64";
+ destFile = new File(destName);
+
+ if (destFile.exists())
+ destFile.delete();
+ renameFile = new File(tempFile);
+ renameFile.renameTo(destFile);
+ }
}
} catch (IOException e) {
- mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER,
- ILogger.LL_FAILURE, CMS.getLogMessage("PUBLISH_FILE_PUBLISHER_ERROR", e.toString()));
+ mLogger.log(
+ ILogger.EV_SYSTEM,
+ ILogger.S_OTHER,
+ ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_FILE_PUBLISHER_ERROR",
+ e.toString()));
} catch (CertificateEncodingException e) {
- mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER,
- ILogger.LL_FAILURE, CMS.getLogMessage("PUBLISH_FILE_PUBLISHER_ERROR", e.toString()));
+ mLogger.log(
+ ILogger.EV_SYSTEM,
+ ILogger.S_OTHER,
+ ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_FILE_PUBLISHER_ERROR",
+ e.toString()));
} catch (CRLException e) {
- mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER,
- ILogger.LL_FAILURE, CMS.getLogMessage("PUBLISH_FILE_PUBLISHER_ERROR", e.toString()));
+ mLogger.log(
+ ILogger.EV_SYSTEM,
+ ILogger.S_OTHER,
+ ILogger.LL_FAILURE,
+ CMS.getLogMessage("PUBLISH_FILE_PUBLISHER_ERROR",
+ e.toString()));
}
}
/**
* Unpublishs a object to the ldap directory.
- *
- * @param conn the Ldap connection
- * (null if LDAP publishing is not enabled)
- * @param dn dn of the ldap entry to unpublish cert
- * (null if LDAP publishing is not enabled)
- * @param object object to unpublish
- * (java.security.cert.X509Certificate)
+ *
+ * @param conn the Ldap connection (null if LDAP publishing is not enabled)
+ * @param dn dn of the ldap entry to unpublish cert (null if LDAP publishing
+ * is not enabled)
+ * @param object object to unpublish (java.security.cert.X509Certificate)
*/
public void unpublish(LDAPConnection conn, String dn, Object object)
- throws ELdapException {
+ throws ELdapException {
CMS.debug("FileBasedPublisher: unpublish");
String name = mDir + File.separator;
String fileName;
@@ -410,7 +425,8 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
name += "cert-" + sno.toString();
} else if (object instanceof X509CRL) {
X509CRL crl = (X509CRL) object;
- String[] namePrefix = getCrlNamePrefix(crl, mTimeStamp.equals("GMT"));
+ String[] namePrefix = getCrlNamePrefix(crl,
+ mTimeStamp.equals("GMT"));
name += namePrefix[0];
fileName = name + ".zip";
@@ -425,13 +441,15 @@ public class FileBasedPublisher implements ILdapPublisher, IExtendedPluginInfo {
f = new File(fileName);
f.delete();
}
- /**
+
+ /**
* returns the Der attribute where it'll be published.
*/
public boolean getDerAttr() {
return mDerAttr;
}
- /**
+
+ /**
* returns the B64 attribute where it'll be published.
*/
public boolean getB64Attr() {
generated by cgit (git 2.34.1) at 2024-05-05 10:08:47 +0000