summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java471
1 files changed, 254 insertions, 217 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java b/pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
index ccba3362..8ea34b1b 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.cert;
-
import java.io.IOException;
import java.math.BigInteger;
import java.util.Enumeration;
@@ -58,10 +57,9 @@ import com.netscape.cms.servlet.common.CMSTemplate;
import com.netscape.cms.servlet.common.CMSTemplateParams;
import com.netscape.cms.servlet.common.ECMSGWException;
-
/**
* Update the configured LDAP server with specified objects
- *
+ *
* @version $Revision$, $Date$
*/
public class UpdateDir extends CMSServlet {
@@ -85,12 +83,10 @@ public class UpdateDir extends CMSServlet {
private final static int REVOKED_FROM = 10;
private final static int REVOKED_TO = 11;
private final static int CHECK_FLAG = 12;
- private final static String[] updateName =
- {"updateAll", "updateCRL", "updateCA",
- "updateValid", "validFrom", "validTo",
- "updateExpired", "expiredFrom", "expiredTo",
- "updateRevoked", "revokedFrom", "revokedTo",
- "checkFlag"};
+ private final static String[] updateName = { "updateAll", "updateCRL",
+ "updateCA", "updateValid", "validFrom", "validTo", "updateExpired",
+ "expiredFrom", "expiredTo", "updateRevoked", "revokedFrom",
+ "revokedTo", "checkFlag" };
private String mFormPath = null;
private ICertificateAuthority mCA = null;
@@ -112,7 +108,7 @@ public class UpdateDir extends CMSServlet {
public void init(ServletConfig sc) throws ServletException {
super.init(sc);
- if( mAuthority != null ) {
+ if (mAuthority != null) {
mFormPath = "/" + mAuthority.getId() + "/" + TPL_FILE;
if (mAuthority instanceof ICertificateAuthority) {
mCA = (ICertificateAuthority) mAuthority;
@@ -129,8 +125,8 @@ public class UpdateDir extends CMSServlet {
}
/**
- * Process the HTTP request.
- *
+ * Process the HTTP request.
+ *
* @param cmsReq the object holding the request and response information
*/
public void process(CMSRequest cmsReq) throws EBaseException {
@@ -142,14 +138,14 @@ public class UpdateDir extends CMSServlet {
AuthzToken authzToken = null;
try {
- authzToken = authorize(mAclMethod, authToken,
- mAuthzResourceName, "update");
+ authzToken = authorize(mAclMethod, authToken, mAuthzResourceName,
+ "update");
} catch (EAuthzAccessDenied e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
+ CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
} catch (Exception e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
+ CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
}
if (authzToken == null) {
@@ -169,18 +165,19 @@ public class UpdateDir extends CMSServlet {
try {
form = getTemplate(mFormPath, req, locale);
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", mFormPath, e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", mFormPath,
+ e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
}
try {
String crlIssuingPointId = req.getParameter("crlIssuingPoint");
- if (mPublisherProcessor == null ||
- !mPublisherProcessor.enabled())
- throw new ECMSGWException(CMS.getUserMessage("CMS_GW_NO_PUB_MODULE"));
+ if (mPublisherProcessor == null || !mPublisherProcessor.enabled())
+ throw new ECMSGWException(
+ CMS.getUserMessage("CMS_GW_NO_PUB_MODULE"));
String[] updateValue = new String[updateName.length];
@@ -188,14 +185,17 @@ public class UpdateDir extends CMSServlet {
updateValue[i] = req.getParameter(updateName[i]);
}
- String masterHost = CMS.getConfigStore().getString("master.ca.agent.host", "");
- String masterPort = CMS.getConfigStore().getString("master.ca.agent.port", "");
- if (masterHost != null && masterHost.length() > 0 &&
- masterPort != null && masterPort.length() > 0) {
+ String masterHost = CMS.getConfigStore().getString(
+ "master.ca.agent.host", "");
+ String masterPort = CMS.getConfigStore().getString(
+ "master.ca.agent.port", "");
+ if (masterHost != null && masterHost.length() > 0
+ && masterPort != null && masterPort.length() > 0) {
mClonedCA = true;
}
- process(argSet, header, req, resp, crlIssuingPointId, updateValue, locale[0]);
+ process(argSet, header, req, resp, crlIssuingPointId, updateValue,
+ locale[0]);
} catch (EBaseException e) {
error = e;
}
@@ -206,29 +206,28 @@ public class UpdateDir extends CMSServlet {
if (error == null) {
String xmlOutput = req.getParameter("xml");
if (xmlOutput != null && xmlOutput.equals("true")) {
- outputXML(resp, argSet);
+ outputXML(resp, argSet);
} else {
- resp.setContentType("text/html");
- form.renderOutput(out, argSet);
- cmsReq.setStatus(CMSRequest.SUCCESS);
+ resp.setContentType("text/html");
+ form.renderOutput(out, argSet);
+ cmsReq.setStatus(CMSRequest.SUCCESS);
}
} else {
cmsReq.setStatus(CMSRequest.ERROR);
cmsReq.setError(error);
}
} catch (IOException e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE",
+ e.toString()));
throw new ECMSGWException(
- CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
}
}
- private void updateCRLIssuingPoint(
- IArgBlock header,
- String crlIssuingPointId,
- ICRLIssuingPoint crlIssuingPoint,
- Locale locale) {
+ private void updateCRLIssuingPoint(IArgBlock header,
+ String crlIssuingPointId, ICRLIssuingPoint crlIssuingPoint,
+ Locale locale) {
SessionContext sc = SessionContext.getContext();
sc.put(ICRLIssuingPoint.SC_ISSUING_POINT_ID, crlIssuingPointId);
@@ -237,53 +236,67 @@ public class UpdateDir extends CMSServlet {
try {
if (mCRLRepository != null) {
- crlRecord = (ICRLIssuingPointRecord)mCRLRepository.readCRLIssuingPointRecord(crlIssuingPointId);
+ crlRecord = (ICRLIssuingPointRecord) mCRLRepository
+ .readCRLIssuingPointRecord(crlIssuingPointId);
}
} catch (EBaseException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_GET_CRL_RECORD", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_GET_CRL_RECORD", e.toString()));
}
if (crlRecord == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_CRL_NOT_YET_UPDATED_1", crlIssuingPointId));
header.addStringValue("crlPublished", "Failure");
- header.addStringValue("crlError",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
+ header.addStringValue(
+ "crlError",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
} else {
- String publishDN = (crlIssuingPoint != null)? crlIssuingPoint.getPublishDN(): null;
+ String publishDN = (crlIssuingPoint != null) ? crlIssuingPoint
+ .getPublishDN() : null;
byte[] crlbytes = crlRecord.getCRL();
if (crlbytes == null) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_CRL_NOT_YET_UPDATED_1", ""));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_CRL_NOT_YET_UPDATED_1", ""));
header.addStringValue("crlPublished", "Failure");
- header.addStringValue("crlError",
- new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
+ header.addStringValue(
+ "crlError",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_CRL_NOT_YET_UPDATED")).toString());
} else {
X509CRLImpl crl = null;
try {
crl = new X509CRLImpl(crlbytes);
} catch (Exception e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_DECODE_CRL", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_DECODE_CRL",
+ e.toString()));
}
if (crl == null) {
header.addStringValue("crlPublished", "Failure");
- header.addStringValue("crlError",
- new ECMSGWException(CMS.getUserMessage(locale,"CMS_GW_DECODE_CRL_FAILED")).toString());
+ header.addStringValue(
+ "crlError",
+ new ECMSGWException(CMS.getUserMessage(locale,
+ "CMS_GW_DECODE_CRL_FAILED")).toString());
} else {
try {
if (publishDN != null) {
mPublisherProcessor.publishCRL(publishDN, crl);
} else {
- mPublisherProcessor.publishCRL(crl,crlIssuingPointId);
+ mPublisherProcessor.publishCRL(crl,
+ crlIssuingPointId);
}
header.addStringValue("crlPublished", "Success");
} catch (ELdapException e) {
header.addStringValue("crlPublished", "Failure");
header.addStringValue("crlError", e.toString(locale));
- log(ILogger.LL_FAILURE, CMS.getLogMessage("LDAP_ERROR_PUBLISH_CRL", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("LDAP_ERROR_PUBLISH_CRL",
+ e.toString()));
}
}
}
@@ -298,7 +311,9 @@ public class UpdateDir extends CMSServlet {
try {
deltaCrl = new X509CRLImpl(deltaCrlBytes);
} catch (Exception e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_DECODE_DELTA_CRL", e.toString()));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_DECODE_DELTA_CRL",
+ e.toString()));
}
boolean goodDelta = false;
@@ -306,24 +321,26 @@ public class UpdateDir extends CMSServlet {
BigInteger crlNumber = crlRecord.getCRLNumber();
BigInteger deltaNumber = crlRecord.getDeltaCRLNumber();
Long deltaCRLSize = crlRecord.getDeltaCRLSize();
- if (deltaCRLSize != null && deltaCRLSize.longValue() > -1 &&
- crlNumber != null && deltaNumber != null &&
- deltaNumber.compareTo(crlNumber) >= 0) {
+ if (deltaCRLSize != null && deltaCRLSize.longValue() > -1
+ && crlNumber != null && deltaNumber != null
+ && deltaNumber.compareTo(crlNumber) >= 0) {
goodDelta = true;
}
}
- if (deltaCrl != null && ((mClonedCA && goodDelta) ||
- (crlIssuingPoint != null &&
- crlIssuingPoint.isThisCurrentDeltaCRL(deltaCrl)))) {
+ if (deltaCrl != null
+ && ((mClonedCA && goodDelta) || (crlIssuingPoint != null && crlIssuingPoint
+ .isThisCurrentDeltaCRL(deltaCrl)))) {
try {
if (publishDN != null) {
mPublisherProcessor.publishCRL(publishDN, deltaCrl);
} else {
- mPublisherProcessor.publishCRL(deltaCrl,crlIssuingPointId);
+ mPublisherProcessor.publishCRL(deltaCrl,
+ crlIssuingPointId);
}
} catch (ELdapException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_PUBLISH_DELTA_CRL", e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_ERR_PUBLISH_DELTA_CRL", e.toString()));
}
}
}
@@ -331,17 +348,14 @@ public class UpdateDir extends CMSServlet {
}
private void process(CMSTemplateParams argSet, IArgBlock header,
- HttpServletRequest req,
- HttpServletResponse resp,
- String crlIssuingPointId,
- String[] updateValue,
- Locale locale)
- throws EBaseException {
+ HttpServletRequest req, HttpServletResponse resp,
+ String crlIssuingPointId, String[] updateValue, Locale locale)
+ throws EBaseException {
// all or crl
- if ((updateValue[UPDATE_ALL] != null &&
- updateValue[UPDATE_ALL].equalsIgnoreCase("yes")) ||
- (updateValue[UPDATE_CRL] != null &&
- updateValue[UPDATE_CRL].equalsIgnoreCase("yes"))) {
+ if ((updateValue[UPDATE_ALL] != null && updateValue[UPDATE_ALL]
+ .equalsIgnoreCase("yes"))
+ || (updateValue[UPDATE_CRL] != null && updateValue[UPDATE_CRL]
+ .equalsIgnoreCase("yes"))) {
// check if received issuing point ID is known to the server
if (crlIssuingPointId != null) {
Enumeration ips = mCA.getCRLIssuingPoints();
@@ -352,7 +366,8 @@ public class UpdateDir extends CMSServlet {
if (crlIssuingPointId.equals(ip.getId())) {
break;
}
- if (!ips.hasMoreElements()) crlIssuingPointId = null;
+ if (!ips.hasMoreElements())
+ crlIssuingPointId = null;
}
}
if (crlIssuingPointId == null) {
@@ -361,7 +376,7 @@ public class UpdateDir extends CMSServlet {
Vector ipNames = mCRLRepository.getIssuingPointsNames();
if (ipNames != null && ipNames.size() > 0) {
for (int i = 0; i < ipNames.size(); i++) {
- String ipName = (String)ipNames.elementAt(i);
+ String ipName = (String) ipNames.elementAt(i);
updateCRLIssuingPoint(header, ipName, null, locale);
}
@@ -370,46 +385,49 @@ public class UpdateDir extends CMSServlet {
Enumeration oips = mCA.getCRLIssuingPoints();
while (oips.hasMoreElements()) {
- ICRLIssuingPoint oip = (ICRLIssuingPoint) oips.nextElement();
+ ICRLIssuingPoint oip = (ICRLIssuingPoint) oips
+ .nextElement();
updateCRLIssuingPoint(header, oip.getId(), oip, locale);
}
}
} else {
- ICRLIssuingPoint crlIssuingPoint =
- mCA.getCRLIssuingPoint(crlIssuingPointId);
+ ICRLIssuingPoint crlIssuingPoint = mCA
+ .getCRLIssuingPoint(crlIssuingPointId);
ICRLIssuingPointRecord crlRecord = null;
- updateCRLIssuingPoint(header, crlIssuingPointId,
- crlIssuingPoint, locale);
+ updateCRLIssuingPoint(header, crlIssuingPointId,
+ crlIssuingPoint, locale);
}
}
- ICertificateRepository certificateRepository = (ICertificateRepository) mCA.getCertificateRepository();
+ ICertificateRepository certificateRepository = (ICertificateRepository) mCA
+ .getCertificateRepository();
// all or ca
- if ((updateValue[UPDATE_ALL] != null &&
- updateValue[UPDATE_ALL].equalsIgnoreCase("yes")) ||
- (updateValue[UPDATE_CA] != null &&
- updateValue[UPDATE_CA].equalsIgnoreCase("yes"))) {
+ if ((updateValue[UPDATE_ALL] != null && updateValue[UPDATE_ALL]
+ .equalsIgnoreCase("yes"))
+ || (updateValue[UPDATE_CA] != null && updateValue[UPDATE_CA]
+ .equalsIgnoreCase("yes"))) {
X509CertImpl caCert = mCA.getSigningUnit().getCertImpl();
try {
mPublisherProcessor.publishCACert(caCert);
header.addStringValue("caCertPublished", "Success");
} catch (ELdapException e) {
- log(ILogger.LL_FAILURE, CMS.getLogMessage("LDAP_ERROR_PUBLISH_CACERT_1",
- caCert.getSerialNumber().toString(16), e.toString()));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "LDAP_ERROR_PUBLISH_CACERT_1", caCert.getSerialNumber()
+ .toString(16), e.toString()));
header.addStringValue("caCertPublished", "Failure");
header.addStringValue("caCertError", e.toString(locale));
}
}
// all or valid
- if ((updateValue[UPDATE_ALL] != null &&
- updateValue[UPDATE_ALL].equalsIgnoreCase("yes")) ||
- (updateValue[UPDATE_VALID] != null &&
- updateValue[UPDATE_VALID].equalsIgnoreCase("yes"))) {
+ if ((updateValue[UPDATE_ALL] != null && updateValue[UPDATE_ALL]
+ .equalsIgnoreCase("yes"))
+ || (updateValue[UPDATE_VALID] != null && updateValue[UPDATE_VALID]
+ .equalsIgnoreCase("yes"))) {
if (certificateRepository != null) {
if (updateValue[VALID_FROM].startsWith("0x")) {
updateValue[VALID_FROM] = hexToDecimal(updateValue[VALID_FROM]);
@@ -419,17 +437,15 @@ public class UpdateDir extends CMSServlet {
}
Enumeration validCerts = null;
- if (updateValue[CHECK_FLAG] != null &&
- updateValue[CHECK_FLAG].equalsIgnoreCase("yes")) {
- validCerts =
- certificateRepository.getValidNotPublishedCertificates(
- updateValue[VALID_FROM],
- updateValue[VALID_TO]);
+ if (updateValue[CHECK_FLAG] != null
+ && updateValue[CHECK_FLAG].equalsIgnoreCase("yes")) {
+ validCerts = certificateRepository
+ .getValidNotPublishedCertificates(
+ updateValue[VALID_FROM],
+ updateValue[VALID_TO]);
} else {
- validCerts =
- certificateRepository.getValidCertificates(
- updateValue[VALID_FROM],
- updateValue[VALID_TO]);
+ validCerts = certificateRepository.getValidCertificates(
+ updateValue[VALID_FROM], updateValue[VALID_TO]);
}
int i = 0;
int l = 0;
@@ -437,9 +453,9 @@ public class UpdateDir extends CMSServlet {
if (validCerts != null) {
while (validCerts.hasMoreElements()) {
- ICertRecord certRecord =
- (ICertRecord) validCerts.nextElement();
- //X509CertImpl cert = certRecord.getCertificate();
+ ICertRecord certRecord = (ICertRecord) validCerts
+ .nextElement();
+ // X509CertImpl cert = certRecord.getCertificate();
X509CertImpl cert = null;
Object o = certRecord.getCertificate();
@@ -449,84 +465,92 @@ public class UpdateDir extends CMSServlet {
MetaInfo metaInfo = null;
String ridString = null;
- metaInfo = (MetaInfo) certRecord.get(ICertRecord.ATTR_META_INFO);
+ metaInfo = (MetaInfo) certRecord
+ .get(ICertRecord.ATTR_META_INFO);
if (metaInfo == null) {
// ca's self signed signing cert and
// server cert has no related request and
// have no metaInfo
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAIL_GET_ICERT_RECORD",
- cert.getSerialNumber().toString(16)));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_FAIL_GET_ICERT_RECORD", cert
+ .getSerialNumber().toString(16)));
} else {
- ridString = (String) metaInfo.get(ICertRecord.META_REQUEST_ID);
+ ridString = (String) metaInfo
+ .get(ICertRecord.META_REQUEST_ID);
}
IRequest r = null;
if (ridString != null) {
RequestId rid = new RequestId(ridString);
-
+
r = mCA.getRequestQueue().findRequest(rid);
- }
+ }
try {
l++;
- SessionContext sc = SessionContext.getContext();
+ SessionContext sc = SessionContext.getContext();
if (r == null) {
if (CMS.isEncryptionCert(cert))
- sc.put((Object) "isEncryptionCert", (Object) "true");
- else
- sc.put((Object) "isEncryptionCert", (Object) "false");
+ sc.put((Object) "isEncryptionCert",
+ (Object) "true");
+ else
+ sc.put((Object) "isEncryptionCert",
+ (Object) "false");
mPublisherProcessor.publishCert(cert, null);
} else {
if (CMS.isEncryptionCert(cert))
r.setExtData("isEncryptionCert", "true");
- else
+ else
r.setExtData("isEncryptionCert", "false");
mPublisherProcessor.publishCert(cert, r);
}
i++;
} catch (Exception e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAIL_PUBLISH_CERT", certRecord.getSerialNumber().toString(16),
- e.toString()));
- validCertsError +=
- "Failed to publish certificate: 0x" +
- certRecord.getSerialNumber().toString(16) +
- ".\n <BR> &nbsp;&nbsp;&nbsp;&nbsp;";
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_FAIL_PUBLISH_CERT", certRecord
+ .getSerialNumber().toString(16), e
+ .toString()));
+ validCertsError += "Failed to publish certificate: 0x"
+ + certRecord.getSerialNumber().toString(16)
+ + ".\n <BR> &nbsp;&nbsp;&nbsp;&nbsp;";
}
}
}
if (i > 0 && i == l) {
- header.addStringValue("validCertsPublished",
- "Success");
+ header.addStringValue("validCertsPublished", "Success");
if (i == 1)
- header.addStringValue("validCertsError", i +
- " valid certificate is published in the directory.");
+ header.addStringValue(
+ "validCertsError",
+ i
+ + " valid certificate is published in the directory.");
else
- header.addStringValue("validCertsError", i +
- " valid certificates are published in the directory.");
+ header.addStringValue(
+ "validCertsError",
+ i
+ + " valid certificates are published in the directory.");
} else {
if (l == 0) {
header.addStringValue("validCertsPublished", "No");
} else {
header.addStringValue("validCertsPublished", "Failure");
- header.addStringValue("validCertsError",
- validCertsError);
+ header.addStringValue("validCertsError",
+ validCertsError);
}
}
} else {
header.addStringValue("validCertsPublished", "Failure");
- header.addStringValue("validCertsError", "Certificate repository is unavailable.");
+ header.addStringValue("validCertsError",
+ "Certificate repository is unavailable.");
}
}
// all or expired
- if ((updateValue[UPDATE_ALL] != null &&
- updateValue[UPDATE_ALL].equalsIgnoreCase("yes")) ||
- (updateValue[UPDATE_EXPIRED] != null &&
- updateValue[UPDATE_EXPIRED].equalsIgnoreCase("yes"))) {
+ if ((updateValue[UPDATE_ALL] != null && updateValue[UPDATE_ALL]
+ .equalsIgnoreCase("yes"))
+ || (updateValue[UPDATE_EXPIRED] != null && updateValue[UPDATE_EXPIRED]
+ .equalsIgnoreCase("yes"))) {
if (certificateRepository != null) {
if (updateValue[EXPIRED_FROM].startsWith("0x")) {
updateValue[EXPIRED_FROM] = hexToDecimal(updateValue[EXPIRED_FROM]);
@@ -536,27 +560,26 @@ public class UpdateDir extends CMSServlet {
}
Enumeration expiredCerts = null;
- if (updateValue[CHECK_FLAG] != null &&
- updateValue[CHECK_FLAG].equalsIgnoreCase("yes")) {
- expiredCerts =
- certificateRepository.getExpiredPublishedCertificates(
- updateValue[EXPIRED_FROM],
- updateValue[EXPIRED_TO]);
+ if (updateValue[CHECK_FLAG] != null
+ && updateValue[CHECK_FLAG].equalsIgnoreCase("yes")) {
+ expiredCerts = certificateRepository
+ .getExpiredPublishedCertificates(
+ updateValue[EXPIRED_FROM],
+ updateValue[EXPIRED_TO]);
} else {
- expiredCerts =
- certificateRepository.getExpiredCertificates(
- updateValue[EXPIRED_FROM],
- updateValue[EXPIRED_TO]);
+ expiredCerts = certificateRepository
+ .getExpiredCertificates(updateValue[EXPIRED_FROM],
+ updateValue[EXPIRED_TO]);
}
int i = 0;
int l = 0;
StringBuffer expiredCertsError = new StringBuffer();
- if (expiredCerts != null) {
+ if (expiredCerts != null) {
while (expiredCerts.hasMoreElements()) {
- ICertRecord certRecord =
- (ICertRecord) expiredCerts.nextElement();
- //X509CertImpl cert = certRecord.getCertificate();
+ ICertRecord certRecord = (ICertRecord) expiredCerts
+ .nextElement();
+ // X509CertImpl cert = certRecord.getCertificate();
X509CertImpl cert = null;
Object o = certRecord.getCertificate();
@@ -566,25 +589,27 @@ public class UpdateDir extends CMSServlet {
MetaInfo metaInfo = null;
String ridString = null;
- metaInfo = (MetaInfo) certRecord.get(ICertRecord.ATTR_META_INFO);
+ metaInfo = (MetaInfo) certRecord
+ .get(ICertRecord.ATTR_META_INFO);
if (metaInfo == null) {
// ca's self signed signing cert and
// server cert has no related request and
// have no metaInfo
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAIL_GET_ICERT_RECORD",
- cert.getSerialNumber().toString(16)));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_FAIL_GET_ICERT_RECORD", cert
+ .getSerialNumber().toString(16)));
} else {
- ridString = (String) metaInfo.get(ICertRecord.META_REQUEST_ID);
+ ridString = (String) metaInfo
+ .get(ICertRecord.META_REQUEST_ID);
}
IRequest r = null;
if (ridString != null) {
RequestId rid = new RequestId(ridString);
-
+
r = mCA.getRequestQueue().findRequest(rid);
- }
+ }
try {
l++;
@@ -595,47 +620,53 @@ public class UpdateDir extends CMSServlet {
}
i++;
} catch (Exception e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LDAP_ERROR_UNPUBLISH_CERT",
- certRecord.getSerialNumber().toString(16),
- e.toString()));
- expiredCertsError.append(
- "Failed to unpublish certificate: 0x");
- expiredCertsError.append(
- certRecord.getSerialNumber().toString(16));
- expiredCertsError.append(
- ".\n <BR> &nbsp;&nbsp;&nbsp;&nbsp;");
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "LDAP_ERROR_UNPUBLISH_CERT", certRecord
+ .getSerialNumber().toString(16), e
+ .toString()));
+ expiredCertsError
+ .append("Failed to unpublish certificate: 0x");
+ expiredCertsError.append(certRecord
+ .getSerialNumber().toString(16));
+ expiredCertsError
+ .append(".\n <BR> &nbsp;&nbsp;&nbsp;&nbsp;");
}
}
}
if (i > 0 && i == l) {
header.addStringValue("expiredCertsUnpublished", "Success");
if (i == 1)
- header.addStringValue("expiredCertsError", i +
- " expired certificate is unpublished in the directory.");
+ header.addStringValue(
+ "expiredCertsError",
+ i
+ + " expired certificate is unpublished in the directory.");
else
- header.addStringValue("expiredCertsError", i +
- " expired certificates are unpublished in the directory.");
+ header.addStringValue(
+ "expiredCertsError",
+ i
+ + " expired certificates are unpublished in the directory.");
} else {
if (l == 0) {
header.addStringValue("expiredCertsUnpublished", "No");
} else {
- header.addStringValue("expiredCertsUnpublished", "Failure");
- header.addStringValue("expiredCertsError",
- expiredCertsError.toString());
+ header.addStringValue("expiredCertsUnpublished",
+ "Failure");
+ header.addStringValue("expiredCertsError",
+ expiredCertsError.toString());
}
}
} else {
header.addStringValue("expiredCertsUnpublished", "Failure");
- header.addStringValue("expiredCertsError", "Certificate repository is unavailable.");
+ header.addStringValue("expiredCertsError",
+ "Certificate repository is unavailable.");
}
}
// all or revoked
- if ((updateValue[UPDATE_ALL] != null &&
- updateValue[UPDATE_ALL].equalsIgnoreCase("yes")) ||
- (updateValue[UPDATE_REVOKED] != null &&
- updateValue[UPDATE_REVOKED].equalsIgnoreCase("yes"))) {
+ if ((updateValue[UPDATE_ALL] != null && updateValue[UPDATE_ALL]
+ .equalsIgnoreCase("yes"))
+ || (updateValue[UPDATE_REVOKED] != null && updateValue[UPDATE_REVOKED]
+ .equalsIgnoreCase("yes"))) {
if (certificateRepository != null) {
if (updateValue[REVOKED_FROM].startsWith("0x")) {
updateValue[REVOKED_FROM] = hexToDecimal(updateValue[REVOKED_FROM]);
@@ -645,27 +676,26 @@ public class UpdateDir extends CMSServlet {
}
Enumeration revokedCerts = null;
- if (updateValue[CHECK_FLAG] != null &&
- updateValue[CHECK_FLAG].equalsIgnoreCase("yes")) {
- revokedCerts =
- certificateRepository.getRevokedPublishedCertificates(
- updateValue[REVOKED_FROM],
- updateValue[REVOKED_TO]);
+ if (updateValue[CHECK_FLAG] != null
+ && updateValue[CHECK_FLAG].equalsIgnoreCase("yes")) {
+ revokedCerts = certificateRepository
+ .getRevokedPublishedCertificates(
+ updateValue[REVOKED_FROM],
+ updateValue[REVOKED_TO]);
} else {
- revokedCerts =
- certificateRepository.getRevokedCertificates(
- updateValue[REVOKED_FROM],
- updateValue[REVOKED_TO]);
+ revokedCerts = certificateRepository
+ .getRevokedCertificates(updateValue[REVOKED_FROM],
+ updateValue[REVOKED_TO]);
}
int i = 0;
int l = 0;
String revokedCertsError = "";
- if (revokedCerts != null) {
+ if (revokedCerts != null) {
while (revokedCerts.hasMoreElements()) {
- ICertRecord certRecord =
- (ICertRecord) revokedCerts.nextElement();
- //X509CertImpl cert = certRecord.getCertificate();
+ ICertRecord certRecord = (ICertRecord) revokedCerts
+ .nextElement();
+ // X509CertImpl cert = certRecord.getCertificate();
X509CertImpl cert = null;
Object o = certRecord.getCertificate();
@@ -675,25 +705,27 @@ public class UpdateDir extends CMSServlet {
MetaInfo metaInfo = null;
String ridString = null;
- metaInfo = (MetaInfo) certRecord.get(ICertRecord.ATTR_META_INFO);
+ metaInfo = (MetaInfo) certRecord
+ .get(ICertRecord.ATTR_META_INFO);
if (metaInfo == null) {
// ca's self signed signing cert and
// server cert has no related request and
// have no metaInfo
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSGW_FAIL_GET_ICERT_RECORD",
- cert.getSerialNumber().toString(16)));
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "CMSGW_FAIL_GET_ICERT_RECORD", cert
+ .getSerialNumber().toString(16)));
} else {
- ridString = (String) metaInfo.get(ICertRecord.META_REQUEST_ID);
+ ridString = (String) metaInfo
+ .get(ICertRecord.META_REQUEST_ID);
}
IRequest r = null;
if (ridString != null) {
RequestId rid = new RequestId(ridString);
-
+
r = mCA.getRequestQueue().findRequest(rid);
- }
+ }
try {
l++;
@@ -704,37 +736,42 @@ public class UpdateDir extends CMSServlet {
}
i++;
} catch (Exception e) {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("LDAP_ERROR_UNPUBLISH_CERT",
- certRecord.getSerialNumber().toString(16),
- e.toString()));
- revokedCertsError +=
- "Failed to unpublish certificate: 0x" +
- certRecord.getSerialNumber().toString(16) +
- ".\n <BR> &nbsp;&nbsp;&nbsp;&nbsp;";
+ log(ILogger.LL_FAILURE, CMS.getLogMessage(
+ "LDAP_ERROR_UNPUBLISH_CERT", certRecord
+ .getSerialNumber().toString(16), e
+ .toString()));
+ revokedCertsError += "Failed to unpublish certificate: 0x"
+ + certRecord.getSerialNumber().toString(16)
+ + ".\n <BR> &nbsp;&nbsp;&nbsp;&nbsp;";
}
}
}
if (i > 0 && i == l) {
header.addStringValue("revokedCertsUnpublished", "Success");
if (i == 1)
- header.addStringValue("revokedCertsError", i +
- " revoked certificate is unpublished in the directory.");
+ header.addStringValue(
+ "revokedCertsError",
+ i
+ + " revoked certificate is unpublished in the directory.");
else
- header.addStringValue("revokedCertsError", i +
- " revoked certificates are unpublished in the directory.");
+ header.addStringValue(
+ "revokedCertsError",
+ i
+ + " revoked certificates are unpublished in the directory.");
} else {
if (l == 0) {
header.addStringValue("revokedCertsUnpublished", "No");
} else {
- header.addStringValue("revokedCertsUnpublished", "Failure");
- header.addStringValue("revokedCertsError",
- revokedCertsError);
+ header.addStringValue("revokedCertsUnpublished",
+ "Failure");
+ header.addStringValue("revokedCertsError",
+ revokedCertsError);
}
}
} else {
header.addStringValue("revokedCertsUnpublished", "Failure");
- header.addStringValue("revokedCertsError", "Certificate repository is unavailable.");
+ header.addStringValue("revokedCertsError",
+ "Certificate repository is unavailable.");
}
}
generated by cgit (git 2.34.1) at 2024-05-05 09:23:04 +0000