diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/dbs')
40 files changed, 2335 insertions, 2281 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java index 838306f0..8d6c325f 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/BigIntegerMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Enumeration; import java.util.Vector; @@ -28,12 +29,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java BigInteger object - * into LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java BigInteger object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class BigIntegerMapper implements IDBAttrMapper { @@ -58,34 +61,38 @@ public class BigIntegerMapper implements IDBAttrMapper { /** * Maps object into ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { - attrs.add(new LDAPAttribute(mLdapName, BigIntegerToDB((BigInteger) obj))); + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { + attrs.add(new LDAPAttribute(mLdapName, + BigIntegerToDB((BigInteger) obj))); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) return; - parent.set(name, BigIntegerFromDB((String) attr.getStringValues() - .nextElement())); + parent.set(name, BigIntegerFromDB( + (String) attr.getStringValues().nextElement())); } /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { String v = null; try { if (value.startsWith("0x") || value.startsWith("0X")) { - v = BigIntegerToDB(new BigInteger(value.substring(2), 16)); + v = BigIntegerToDB(new + BigInteger(value.substring(2), 16)); } else { v = BigIntegerToDB(new BigInteger(value)); } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java index 281177e1..b8e5b73d 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/ByteArrayMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Vector; @@ -28,12 +29,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java byte array object - * into LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java byte array object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class ByteArrayMapper implements IDBAttrMapper { @@ -58,24 +61,26 @@ public class ByteArrayMapper implements IDBAttrMapper { /** * Maps object to ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { byte data[] = (byte[]) obj; if (data == null) { - CMS.debug("ByteArrayMapper:mapObjectToLDAPAttributeSet " + name - + " size=0"); + CMS.debug("ByteArrayMapper:mapObjectToLDAPAttributeSet " + name + + " size=0"); } else { - CMS.debug("ByteArrayMapper:mapObjectToLDAPAttributeSet " + name - + " size=" + data.length); + CMS.debug("ByteArrayMapper:mapObjectToLDAPAttributeSet " + name + + " size=" + data.length); } attrs.add(new LDAPAttribute(mLdapName, data)); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) @@ -86,8 +91,8 @@ public class ByteArrayMapper implements IDBAttrMapper { /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java b/pki/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java index a47553fb..58342a55 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CRLDBSchema.java @@ -17,10 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + + + /** - * A class represents a collection of schema information for CRL. + * A class represents a collection of schema information + * for CRL. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java b/pki/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java index 3dc567f4..ea110d1c 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CRLIssuingPointRecord.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Date; import java.util.Enumeration; @@ -28,10 +29,11 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord; + /** * A class represents a CRL issuing point record. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -41,8 +43,8 @@ public class CRLIssuingPointRecord implements ICRLIssuingPointRecord, IDBObj { * */ private static final long serialVersionUID = 400565044343905267L; - protected String mId = null; // internal unique id - protected BigInteger mCRLNumber = null; // CRL number + protected String mId = null; // internal unique id + protected BigInteger mCRLNumber = null; // CRL number protected Long mCRLSize = null; protected Date mThisUpdate = null; protected Date mNextUpdate = null; @@ -76,8 +78,8 @@ public class CRLIssuingPointRecord implements ICRLIssuingPointRecord, IDBObj { } /** - * Constructs empty CRLIssuingPointRecord. This is required in database - * framework. + * Constructs empty CRLIssuingPointRecord. This is + * required in database framework. */ public CRLIssuingPointRecord() { } @@ -85,8 +87,8 @@ public class CRLIssuingPointRecord implements ICRLIssuingPointRecord, IDBObj { /** * Constructs a CRLIssuingPointRecord */ - public CRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize, - Date thisUpdate, Date nextUpdate) { + public CRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize, + Date thisUpdate, Date nextUpdate) { mId = id; mCRLNumber = crlNumber; mCRLSize = crlSize; @@ -104,10 +106,9 @@ public class CRLIssuingPointRecord implements ICRLIssuingPointRecord, IDBObj { /** * Constructs a CRLIssuingPointRecord */ - public CRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize, - Date thisUpdate, Date nextUpdate, BigInteger deltaCRLNumber, - Long deltaCRLSize, Hashtable revokedCerts, - Hashtable unrevokedCerts, Hashtable expiredCerts) { + public CRLIssuingPointRecord(String id, BigInteger crlNumber, Long crlSize, + Date thisUpdate, Date nextUpdate, BigInteger deltaCRLNumber, Long deltaCRLSize, + Hashtable revokedCerts, Hashtable unrevokedCerts, Hashtable expiredCerts) { mId = id; mCRLNumber = crlNumber; mCRLSize = crlSize; @@ -154,8 +155,7 @@ public class CRLIssuingPointRecord implements ICRLIssuingPointRecord, IDBObj { } else if (name.equalsIgnoreCase(ATTR_DELTA_CRL)) { mDeltaCRL = (byte[]) obj; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -191,14 +191,12 @@ public class CRLIssuingPointRecord implements ICRLIssuingPointRecord, IDBObj { } else if (name.equalsIgnoreCase(ATTR_DELTA_CRL)) { return mDeltaCRL; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } public void delete(String name) throws EBaseException { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } public Enumeration getElements() { diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java b/pki/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java index 8223e6ad..ba3ed5a7 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CRLRepository.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Date; import java.util.Hashtable; @@ -35,9 +36,10 @@ import com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord; import com.netscape.certsrv.dbs.crldb.ICRLRepository; /** - * A class represents a CRL repository. It stores all the CRL issuing points. + * A class represents a CRL repository. It stores all the + * CRL issuing points. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -50,8 +52,8 @@ public class CRLRepository extends Repository implements ICRLRepository { /** * Constructs a CRL repository. */ - public CRLRepository(IDBSubsystem dbService, int increment, String baseDN) - throws EDBException { + public CRLRepository(IDBSubsystem dbService, int increment, String baseDN) + throws EDBException { super(dbService, increment, baseDN); mBaseDN = baseDN; mDBService = dbService; @@ -59,21 +61,22 @@ public class CRLRepository extends Repository implements ICRLRepository { IDBRegistry reg = dbService.getRegistry(); /** - * String crlRecordOC[] = new String[1]; crlRecordOC[0] = - * Schema.LDAP_OC_CRL_RECORD; - * reg.registerObjectClass(CRLIssuingPointRecord.class.getName(), - * crlRecordOC); reg.registerAttribute(ICRLIssuingPointRecord.ATTR_ID, - * new StringMapper(Schema.LDAP_ATTR_CRL_ID)); - * reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, new - * BigIntegerMapper(Schema.LDAP_ATTR_CRL_NUMBER)); - * reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_SIZE, new - * LongMapper(Schema.LDAP_ATTR_CRL_SIZE)); - * reg.registerAttribute(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, new - * DateMapper(Schema.LDAP_ATTR_THIS_UPDATE)); - * reg.registerAttribute(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, new - * DateMapper(Schema.LDAP_ATTR_NEXT_UPDATE)); - * reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL, new - * ByteArrayMapper(Schema.LDAP_ATTR_CRL)); + String crlRecordOC[] = new String[1]; + crlRecordOC[0] = Schema.LDAP_OC_CRL_RECORD; + reg.registerObjectClass(CRLIssuingPointRecord.class.getName(), + crlRecordOC); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_ID, new + StringMapper(Schema.LDAP_ATTR_CRL_ID)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, new + BigIntegerMapper(Schema.LDAP_ATTR_CRL_NUMBER)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_SIZE, new + LongMapper(Schema.LDAP_ATTR_CRL_SIZE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, new + DateMapper(Schema.LDAP_ATTR_THIS_UPDATE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, new + DateMapper(Schema.LDAP_ATTR_NEXT_UPDATE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL, new + ByteArrayMapper(Schema.LDAP_ATTR_CRL)); **/ } @@ -94,24 +97,24 @@ public class CRLRepository extends Repository implements ICRLRepository { /** * Removes all objects with this repository. */ - public void removeAllObjects() throws EBaseException { + public void removeAllObjects() throws EBaseException + { } /** * Adds CRL issuing points. */ public void addCRLIssuingPointRecord(ICRLIssuingPointRecord rec) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = mLdapCRLIssuingPointName + "=" - + ((CRLIssuingPointRecord) rec).getId().toString() + "," - + getDN(); + String name = mLdapCRLIssuingPointName + "=" + + ((CRLIssuingPointRecord) rec).getId().toString() + "," + getDN(); s.add(name, rec); - } finally { - if (s != null) + } finally { + if (s != null) s.close(); } } @@ -122,21 +125,21 @@ public class CRLRepository extends Repository implements ICRLRepository { public Vector getIssuingPointsNames() throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String[] attrs = { ICRLIssuingPointRecord.ATTR_ID, "objectclass" }; + String[] attrs = {ICRLIssuingPointRecord.ATTR_ID, "objectclass"}; String filter = "objectclass=" + CMS.getCRLIssuingPointRecordName(); IDBSearchResults res = s.search(getDN(), filter, attrs); Vector v = new Vector(); while (res.hasMoreElements()) { - ICRLIssuingPointRecord nextelement = (ICRLIssuingPointRecord) res - .nextElement(); + ICRLIssuingPointRecord nextelement = + (ICRLIssuingPointRecord)res.nextElement(); CMS.debug("CRLRepository getIssuingPointsNames(): name = " - + nextelement.getId()); + +nextelement.getId()); v.addElement(nextelement.getId()); } return v; } finally { - if (s != null) + if (s != null) s.close(); } } @@ -145,19 +148,19 @@ public class CRLRepository extends Repository implements ICRLRepository { * Reads issuing point record. */ public ICRLIssuingPointRecord readCRLIssuingPointRecord(String id) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); CRLIssuingPointRecord rec = null; try { - String name = mLdapCRLIssuingPointName + "=" + id + "," + getDN(); + String name = mLdapCRLIssuingPointName + "=" + id + + "," + getDN(); if (s != null) { rec = (CRLIssuingPointRecord) s.read(name); } - } finally { - if (s != null) - s.close(); + } finally { + if (s != null) s.close(); } return rec; } @@ -165,33 +168,32 @@ public class CRLRepository extends Repository implements ICRLRepository { /** * deletes issuing point record. */ - public void deleteCRLIssuingPointRecord(String id) throws EBaseException { + public void deleteCRLIssuingPointRecord(String id) + throws EBaseException { IDBSSession s = null; try { s = mDBService.createSession(); - String name = mLdapCRLIssuingPointName + "=" + id + "," + getDN(); + String name = mLdapCRLIssuingPointName + "=" + id + + "," + getDN(); - if (s != null) - s.delete(name); + if (s != null) s.delete(name); } finally { - if (s != null) - s.close(); + if (s != null) s.close(); } } - public void modifyCRLIssuingPointRecord(String id, ModificationSet mods) - throws EBaseException { + public void modifyCRLIssuingPointRecord(String id, + ModificationSet mods) throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = mLdapCRLIssuingPointName + "=" + id + "," + getDN(); + String name = mLdapCRLIssuingPointName + "=" + id + + "," + getDN(); - if (s != null) - s.modify(name, mods); - } finally { - if (s != null) - s.close(); + if (s != null) s.modify(name, mods); + } finally { + if (s != null) s.close(); } } @@ -199,24 +201,24 @@ public class CRLRepository extends Repository implements ICRLRepository { * Updates CRL issuing point record. */ public void updateCRLIssuingPointRecord(String id, byte[] newCRL, - Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize) - throws EBaseException { + Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize) + throws EBaseException { ModificationSet mods = new ModificationSet(); if (newCRL != null) { - mods.add(ICRLIssuingPointRecord.ATTR_CRL, Modification.MOD_REPLACE, - newCRL); + mods.add(ICRLIssuingPointRecord.ATTR_CRL, + Modification.MOD_REPLACE, newCRL); } if (nextUpdate != null) { - mods.add(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, - Modification.MOD_REPLACE, nextUpdate); + mods.add(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, + Modification.MOD_REPLACE, nextUpdate); } - mods.add(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, - Modification.MOD_REPLACE, thisUpdate); - mods.add(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, - Modification.MOD_REPLACE, crlNumber); - mods.add(ICRLIssuingPointRecord.ATTR_CRL_SIZE, - Modification.MOD_REPLACE, crlSize); + mods.add(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, + Modification.MOD_REPLACE, thisUpdate); + mods.add(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, + Modification.MOD_REPLACE, crlNumber); + mods.add(ICRLIssuingPointRecord.ATTR_CRL_SIZE, + Modification.MOD_REPLACE, crlSize); modifyCRLIssuingPointRecord(id, mods); } @@ -224,41 +226,40 @@ public class CRLRepository extends Repository implements ICRLRepository { * Updates CRL issuing point record. */ public void updateCRLIssuingPointRecord(String id, byte[] newCRL, - Date thisUpdate, Date nextUpdate, BigInteger crlNumber, - Long crlSize, Hashtable revokedCerts, Hashtable unrevokedCerts, - Hashtable expiredCerts) throws EBaseException { + Date thisUpdate, Date nextUpdate, BigInteger crlNumber, Long crlSize, + Hashtable revokedCerts, Hashtable unrevokedCerts, Hashtable expiredCerts) + throws EBaseException { ModificationSet mods = new ModificationSet(); if (newCRL != null) { - mods.add(ICRLIssuingPointRecord.ATTR_CRL, Modification.MOD_REPLACE, - newCRL); + mods.add(ICRLIssuingPointRecord.ATTR_CRL, + Modification.MOD_REPLACE, newCRL); } if (nextUpdate != null) { - mods.add(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, - Modification.MOD_REPLACE, nextUpdate); + mods.add(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, + Modification.MOD_REPLACE, nextUpdate); } - mods.add(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, - Modification.MOD_REPLACE, thisUpdate); - mods.add(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, - Modification.MOD_REPLACE, crlNumber); - mods.add(ICRLIssuingPointRecord.ATTR_CRL_SIZE, - Modification.MOD_REPLACE, crlSize); + mods.add(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, + Modification.MOD_REPLACE, thisUpdate); + mods.add(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, + Modification.MOD_REPLACE, crlNumber); + mods.add(ICRLIssuingPointRecord.ATTR_CRL_SIZE, + Modification.MOD_REPLACE, crlSize); if (revokedCerts != null) { - mods.add(ICRLIssuingPointRecord.ATTR_REVOKED_CERTS, - Modification.MOD_REPLACE, revokedCerts); + mods.add(ICRLIssuingPointRecord.ATTR_REVOKED_CERTS, + Modification.MOD_REPLACE, revokedCerts); } if (unrevokedCerts != null) { - mods.add(ICRLIssuingPointRecord.ATTR_UNREVOKED_CERTS, - Modification.MOD_REPLACE, unrevokedCerts); + mods.add(ICRLIssuingPointRecord.ATTR_UNREVOKED_CERTS, + Modification.MOD_REPLACE, unrevokedCerts); } if (expiredCerts != null) { - mods.add(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, - Modification.MOD_REPLACE, expiredCerts); + mods.add(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, + Modification.MOD_REPLACE, expiredCerts); } if (revokedCerts != null || unrevokedCerts != null) { mods.add(ICRLIssuingPointRecord.ATTR_FIRST_UNSAVED, - Modification.MOD_REPLACE, - ICRLIssuingPointRecord.CLEAN_CACHE); + Modification.MOD_REPLACE, ICRLIssuingPointRecord.CLEAN_CACHE); } modifyCRLIssuingPointRecord(id, mods); } @@ -267,15 +268,16 @@ public class CRLRepository extends Repository implements ICRLRepository { * Updates CRL issuing point record with recently revoked certificates info. */ public void updateRevokedCerts(String id, Hashtable revokedCerts, - Hashtable unrevokedCerts) throws EBaseException { + Hashtable unrevokedCerts) + throws EBaseException { ModificationSet mods = new ModificationSet(); - mods.add(ICRLIssuingPointRecord.ATTR_REVOKED_CERTS, - Modification.MOD_REPLACE, revokedCerts); - mods.add(ICRLIssuingPointRecord.ATTR_UNREVOKED_CERTS, - Modification.MOD_REPLACE, unrevokedCerts); + mods.add(ICRLIssuingPointRecord.ATTR_REVOKED_CERTS, + Modification.MOD_REPLACE, revokedCerts); + mods.add(ICRLIssuingPointRecord.ATTR_UNREVOKED_CERTS, + Modification.MOD_REPLACE, unrevokedCerts); mods.add(ICRLIssuingPointRecord.ATTR_FIRST_UNSAVED, - Modification.MOD_REPLACE, ICRLIssuingPointRecord.CLEAN_CACHE); + Modification.MOD_REPLACE, ICRLIssuingPointRecord.CLEAN_CACHE); modifyCRLIssuingPointRecord(id, mods); } @@ -283,34 +285,36 @@ public class CRLRepository extends Repository implements ICRLRepository { * Updates CRL issuing point record with recently expired certificates info. */ public void updateExpiredCerts(String id, Hashtable expiredCerts) - throws EBaseException { + throws EBaseException { ModificationSet mods = new ModificationSet(); - mods.add(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, - Modification.MOD_REPLACE, expiredCerts); + mods.add(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, + Modification.MOD_REPLACE, expiredCerts); modifyCRLIssuingPointRecord(id, mods); } /** * Updates CRL issuing point record with CRL cache info. */ - public void updateCRLCache(String id, Long crlSize, Hashtable revokedCerts, - Hashtable unrevokedCerts, Hashtable expiredCerts) - throws EBaseException { + public void updateCRLCache(String id, Long crlSize, + Hashtable revokedCerts, + Hashtable unrevokedCerts, + Hashtable expiredCerts) + throws EBaseException { ModificationSet mods = new ModificationSet(); if (crlSize != null) { - mods.add(ICRLIssuingPointRecord.ATTR_CRL_SIZE, - Modification.MOD_REPLACE, crlSize); + mods.add(ICRLIssuingPointRecord.ATTR_CRL_SIZE, + Modification.MOD_REPLACE, crlSize); } mods.add(ICRLIssuingPointRecord.ATTR_REVOKED_CERTS, - Modification.MOD_REPLACE, revokedCerts); + Modification.MOD_REPLACE, revokedCerts); mods.add(ICRLIssuingPointRecord.ATTR_UNREVOKED_CERTS, - Modification.MOD_REPLACE, unrevokedCerts); + Modification.MOD_REPLACE, unrevokedCerts); mods.add(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, - Modification.MOD_REPLACE, expiredCerts); + Modification.MOD_REPLACE, expiredCerts); mods.add(ICRLIssuingPointRecord.ATTR_FIRST_UNSAVED, - Modification.MOD_REPLACE, ICRLIssuingPointRecord.CLEAN_CACHE); + Modification.MOD_REPLACE, ICRLIssuingPointRecord.CLEAN_CACHE); modifyCRLIssuingPointRecord(id, mods); } @@ -318,42 +322,43 @@ public class CRLRepository extends Repository implements ICRLRepository { * Updates CRL issuing point record with delta-CRL. */ public void updateDeltaCRL(String id, BigInteger deltaCRLNumber, - Long deltaCRLSize, Date nextUpdate, byte[] deltaCRL) - throws EBaseException { + Long deltaCRLSize, Date nextUpdate, + byte[] deltaCRL) + throws EBaseException { ModificationSet mods = new ModificationSet(); if (deltaCRLNumber != null) { mods.add(ICRLIssuingPointRecord.ATTR_DELTA_NUMBER, - Modification.MOD_REPLACE, deltaCRLNumber); + Modification.MOD_REPLACE, deltaCRLNumber); } if (deltaCRLSize != null) { - mods.add(ICRLIssuingPointRecord.ATTR_DELTA_SIZE, - Modification.MOD_REPLACE, deltaCRLSize); + mods.add(ICRLIssuingPointRecord.ATTR_DELTA_SIZE, + Modification.MOD_REPLACE, deltaCRLSize); } if (nextUpdate != null) { - mods.add(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, - Modification.MOD_REPLACE, nextUpdate); + mods.add(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, + Modification.MOD_REPLACE, nextUpdate); } if (deltaCRL != null) { - mods.add(ICRLIssuingPointRecord.ATTR_DELTA_CRL, - Modification.MOD_REPLACE, deltaCRL); + mods.add(ICRLIssuingPointRecord.ATTR_DELTA_CRL, + Modification.MOD_REPLACE, deltaCRL); } modifyCRLIssuingPointRecord(id, mods); } public void updateFirstUnsaved(String id, String firstUnsaved) - throws EBaseException { + throws EBaseException { ModificationSet mods = new ModificationSet(); if (firstUnsaved != null) { - mods.add(ICRLIssuingPointRecord.ATTR_FIRST_UNSAVED, - Modification.MOD_REPLACE, firstUnsaved); + mods.add(ICRLIssuingPointRecord.ATTR_FIRST_UNSAVED, + Modification.MOD_REPLACE, firstUnsaved); } modifyCRLIssuingPointRecord(id, mods); } - public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, - BigInteger serial_upper_bound) throws EBaseException { + public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, BigInteger serial_upper_bound) + throws EBaseException { return null; } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java b/pki/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java index 3718e504..83164aab 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CertDBSchema.java @@ -17,11 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + + + /** - * A class represents a collection of certificate record specific schema - * information. + * A class represents a collection of certificate record + * specific schema information. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CertRecord.java b/pki/base/common/src/com/netscape/cmscore/dbs/CertRecord.java index af38839d..321ce618 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CertRecord.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CertRecord.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.security.cert.Certificate; import java.util.Date; @@ -33,11 +34,12 @@ import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.dbs.certdb.ICertRecord; import com.netscape.certsrv.dbs.certdb.IRevocationInfo; + /** * A class represents a serializable certificate record. * <P> - * - * @author thomask + * + * @author thomask * @version $Revision$, $Date$ */ public class CertRecord implements IDBObj, ICertRecord { @@ -81,7 +83,8 @@ public class CertRecord implements IDBObj, ICertRecord { } /** - * Constructs certiificate record with certificate and meta info. + * Constructs certiificate record with certificate + * and meta info. */ public CertRecord(BigInteger id, Certificate cert, MetaInfo meta) { mId = id; @@ -121,8 +124,7 @@ public class CertRecord implements IDBObj, ICertRecord { } else if (name.equalsIgnoreCase(ATTR_REVOKED_ON)) { mRevokedOn = (Date) obj; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -153,8 +155,7 @@ public class CertRecord implements IDBObj, ICertRecord { } else if (name.equalsIgnoreCase(ATTR_REVOKED_ON)) { return mRevokedOn; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -162,8 +163,7 @@ public class CertRecord implements IDBObj, ICertRecord { * Deletes attribute from this record. */ public void delete(String name) throws EBaseException { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } public Enumeration getElements() { @@ -205,13 +205,14 @@ public class CertRecord implements IDBObj, ICertRecord { /** * Retrieves revocation information. */ - public IRevocationInfo getRevocationInfo() { - return mRevocationInfo; + public IRevocationInfo getRevocationInfo() { + return mRevocationInfo; } /** - * Retrieves serial number of this record. Usually, it is the same of the - * serial number of the associated certificate. + * Retrieves serial number of this record. Usually, + * it is the same of the serial number of the + * associated certificate. */ public BigInteger getSerialNumber() { return mId; @@ -270,7 +271,7 @@ public class CertRecord implements IDBObj, ICertRecord { public Date getModifyTime() { return mModifyTime; } - + /** * String representation */ diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java b/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java index 72cdb64c..e8d7df9c 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordList.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Vector; @@ -25,10 +26,11 @@ import com.netscape.certsrv.dbs.IDBVirtualList; import com.netscape.certsrv.dbs.IElementProcessor; import com.netscape.certsrv.dbs.certdb.ICertRecordList; + /** * A class represents a list of certificate records. * <P> - * + * * @author thomask mzhao * @version $Revision$, $Date$ */ @@ -66,33 +68,35 @@ public class CertRecordList implements ICertRecordList { } /** - * Process certificate record as soon as it is returned. kmccarth: changed - * to ignore startidx and endidx because VLVs don't provide a stable list. + * Process certificate record as soon as it is returned. + * kmccarth: changed to ignore startidx and endidx because VLVs don't + * provide a stable list. */ public void processCertRecords(int startidx, int endidx, - IElementProcessor ep) throws EBaseException { + IElementProcessor ep) throws EBaseException { int i = 0; - while (i < mVlist.getSize()) { - Object element = mVlist.getElementAt(i); - if (element != null && (!(element instanceof String))) { - ep.process(element); - } - i++; + while ( i<mVlist.getSize() ) { + Object element = mVlist.getElementAt(i); + if (element != null && (! (element instanceof String)) ) { + ep.process(element); + } + i++; } } /** - * Retrieves requests. It's no good to call this if you didnt check if the - * startidx, endidx are valid. + * Retrieves requests. + * It's no good to call this if you didnt check + * if the startidx, endidx are valid. */ public Enumeration getCertRecords(int startidx, int endidx) - throws EBaseException { + throws EBaseException { Vector entries = new Vector(); for (int i = startidx; i <= endidx; i++) { Object element = mVlist.getElementAt(i); - // CMS.debug("gerCertRecords[" + i + "] element: " + element); + // CMS.debug("gerCertRecords[" + i + "] element: " + element); if (element != null) { entries.addElement(element); } @@ -100,7 +104,8 @@ public class CertRecordList implements ICertRecordList { return entries.elements(); } - public Object getCertRecord(int index) throws EBaseException { + public Object getCertRecord(int index) + throws EBaseException { Object element = mVlist.getElementAt(index); diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java index 7eda230d..510da3c5 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CertRecordMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Enumeration; import java.util.Vector; @@ -33,11 +34,13 @@ import com.netscape.certsrv.dbs.certdb.ICertRecord; import com.netscape.certsrv.dbs.certdb.ICertificateRepository; import com.netscape.cmscore.util.Debug; + /** - * A class represents a mapper to serialize certificate record into database. + * A class represents a mapper to serialize + * certificate record into database. * <P> - * - * @author thomask + * + * @author thomask * @version $Revision$, $Date$ */ public class CertRecordMapper implements IDBAttrMapper { @@ -55,42 +58,44 @@ public class CertRecordMapper implements IDBAttrMapper { return v.elements(); } - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, + Object obj, LDAPAttributeSet attrs) + throws EBaseException { try { CertRecord rec = (CertRecord) obj; - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_CERT_RECORD_ID, + attrs.add(new LDAPAttribute( + CertDBSchema.LDAP_ATTR_CERT_RECORD_ID, rec.getSerialNumber().toString())); } catch (Exception e) { Debug.trace(e.toString()); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_SERIALIZE_FAILED", name)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_SERIALIZE_FAILED", name)); } } - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { - try { - LDAPAttribute attr = attrs - .getAttribute(CertDBSchema.LDAP_ATTR_CERT_RECORD_ID); + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { + try { + LDAPAttribute attr = attrs.getAttribute( + CertDBSchema.LDAP_ATTR_CERT_RECORD_ID); if (attr == null) return; String serialno = (String) attr.getStringValues().nextElement(); - ICertRecord rec = mDB - .readCertificateRecord(new BigInteger(serialno)); + ICertRecord rec = mDB.readCertificateRecord( + new BigInteger(serialno)); parent.set(name, rec); } catch (Exception e) { Debug.trace(e.toString()); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_DESERIALIZE_FAILED", name)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_DESERIALIZE_FAILED", name)); } } public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + throws EBaseException { return name + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/CertificateRepository.java b/pki/base/common/src/com/netscape/cmscore/dbs/CertificateRepository.java index fa069245..74094871 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/CertificateRepository.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/CertificateRepository.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.security.cert.Certificate; import java.util.Arrays; @@ -54,17 +55,18 @@ import com.netscape.certsrv.dbs.certdb.IRevocationInfo; import com.netscape.certsrv.dbs.repository.IRepository; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents a certificate repository. It stores all the issued - * certificate. + * A class represents a certificate repository. It + * stores all the issued certificate. * <P> - * + * * @author thomask * @author kanda * @version $Revision$, $Date$ */ -public class CertificateRepository extends Repository implements - ICertificateRepository { +public class CertificateRepository extends Repository + implements ICertificateRepository { public final String CERT_X509ATTRIBUTE = "x509signedcert"; @@ -83,11 +85,11 @@ public class CertificateRepository extends Repository implements /** * Constructs a certificate repository. */ - public CertificateRepository(IDBSubsystem dbService, String certRepoBaseDN, - int increment, String baseDN) throws EDBException { + public CertificateRepository(IDBSubsystem dbService, String certRepoBaseDN, int increment, String baseDN) + throws EDBException { super(dbService, increment, baseDN); mBaseDN = certRepoBaseDN; - + mDBService = dbService; // registers CMS database attributes @@ -96,19 +98,17 @@ public class CertificateRepository extends Repository implements IConfigStore cfg = mDBService.getConfigStore(); } - public ICertRecord createCertRecord(BigInteger id, Certificate cert, - MetaInfo meta) { + public ICertRecord createCertRecord(BigInteger id, Certificate cert, MetaInfo meta) { return new CertRecord(id, cert, meta); } - public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, - BigInteger serial_upper_bound) throws EBaseException { + public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, BigInteger serial_upper_bound) + throws EBaseException { - CMS.debug("CertificateRepository: in getLastSerialNumberInRange: low " - + serial_low_bound + " high " + serial_upper_bound); + CMS.debug("CertificateRepository: in getLastSerialNumberInRange: low " + serial_low_bound + " high " + serial_upper_bound); - if (serial_low_bound == null || serial_upper_bound == null - || serial_low_bound.compareTo(serial_upper_bound) >= 0) { + if(serial_low_bound == null || serial_upper_bound == null || serial_low_bound.compareTo(serial_upper_bound) >= 0 ) + { return null; } @@ -117,30 +117,26 @@ public class CertificateRepository extends Repository implements String[] attrs = null; - ICertRecordList recList = findCertRecordsInList(ldapfilter, attrs, - serial_upper_bound.toString(10), "serialno", 5 * -1); + ICertRecordList recList = findCertRecordsInList(ldapfilter,attrs,serial_upper_bound.toString(10),"serialno", 5 * -1); int size = recList.getSize(); - CMS.debug("CertificateRepository:getLastSerialNumberInRange: recList size " - + size); + CMS.debug("CertificateRepository:getLastSerialNumberInRange: recList size " + size); if (size <= 0) { CMS.debug("CertificateRepository:getLastSerialNumberInRange: index may be empty"); BigInteger ret = new BigInteger(serial_low_bound.toString(10)); - ret = ret.add(new BigInteger("-1")); - CMS.debug("CertificateRepository:getLastCertRecordSerialNo: returning " - + ret); + ret = ret.add(new BigInteger("-1")); + CMS.debug("CertificateRepository:getLastCertRecordSerialNo: returning " + ret); return ret; } int ltSize = recList.getSizeBeforeJumpTo(); Vector cList = new Vector(ltSize); - CMS.debug("CertificateRepository:getLastSerialNumberInRange: ltSize " - + ltSize); + CMS.debug("CertificateRepository:getLastSerialNumberInRange: ltSize " + ltSize); CertRecord curRec = null; @@ -155,13 +151,11 @@ public class CertificateRepository extends Repository implements BigInteger serial = curRec.getSerialNumber(); - CMS.debug("CertificateRepository:getLastCertRecordSerialNo: serialno " - + serial); + CMS.debug("CertificateRepository:getLastCertRecordSerialNo: serialno " + serial); - if (((serial.compareTo(serial_low_bound) == 0) || (serial - .compareTo(serial_low_bound) == 1)) - && ((serial.compareTo(serial_upper_bound) == 0) || (serial - .compareTo(serial_upper_bound) == -1))) { + if( ((serial.compareTo(serial_low_bound) == 0) || (serial.compareTo(serial_low_bound) == 1) ) && + ((serial.compareTo(serial_upper_bound) == 0) || (serial.compareTo(serial_upper_bound) == -1) )) + { CMS.debug("getLastSerialNumberInRange returning: " + serial); return serial; } @@ -169,25 +163,25 @@ public class CertificateRepository extends Repository implements CMS.debug("getLastSerialNumberInRange:found null from getCertRecord"); } } + BigInteger ret = new BigInteger(serial_low_bound.toString(10)); - ret = ret.add(new BigInteger("-1")); + ret = ret.add(new BigInteger("-1")); - CMS.debug("CertificateRepository:getLastCertRecordSerialNo: returning " - + ret); - return ret; + CMS.debug("CertificateRepository:getLastCertRecordSerialNo: returning " + ret); + return ret; } /** * Removes all objects with this repository. */ - public void removeCertRecords(BigInteger beginS, BigInteger endS) - throws EBaseException { + public void removeCertRecords(BigInteger beginS, BigInteger endS) throws EBaseException + { String filter = "(" + CertRecord.ATTR_CERT_STATUS + "=*" + ")"; - ICertRecordList list = findCertRecordsInList(filter, null, "serialno", - 10); + ICertRecordList list =findCertRecordsInList(filter, + null, "serialno", 10); int size = list.getSize(); Enumeration e = list.getCertRecords(0, size - 1); while (e.hasMoreElements()) { @@ -197,8 +191,8 @@ public class CertificateRepository extends Repository implements BigInteger min = cur; if (endS != null) min = cur.min(endS); - if (cur.equals(beginS) || cur.equals(endS) - || (cur.equals(max) && cur.equals(min))) + if (cur.equals(beginS) || cur.equals(endS) || + (cur.equals(max) && cur.equals(min))) deleteCertificateRecord(cur); } } @@ -228,13 +222,14 @@ public class CertificateRepository extends Repository implements } /** - * interval value: (in seconds) 0 - disable >0 - enable + * interval value: (in seconds) + * 0 - disable + * >0 - enable */ public CertStatusUpdateThread mCertStatusUpdateThread = null; public RetrieveModificationsThread mRetrieveModificationsThread = null; - public void setCertStatusUpdateInterval(IRepository requestRepo, - int interval, boolean listenToCloneModifications) { + public void setCertStatusUpdateInterval(IRepository requestRepo, int interval, boolean listenToCloneModifications) { CMS.debug("In setCertStatusUpdateInterval " + interval); if (interval == 0) { CMS.debug("In setCertStatusUpdateInterval interval = 0" + interval); @@ -247,14 +242,11 @@ public class CertificateRepository extends Repository implements return; } - CMS.debug("In setCertStatusUpdateInterval listenToCloneModifications=" - + listenToCloneModifications - + " mRetrieveModificationsThread=" - + mRetrieveModificationsThread); + CMS.debug("In setCertStatusUpdateInterval listenToCloneModifications="+listenToCloneModifications+ + " mRetrieveModificationsThread="+mRetrieveModificationsThread); if (listenToCloneModifications && mRetrieveModificationsThread == null) { CMS.debug("In setCertStatusUpdateInterval about to create RetrieveModificationsThread"); - mRetrieveModificationsThread = new RetrieveModificationsThread( - this, "RetrieveModificationsThread"); + mRetrieveModificationsThread = new RetrieveModificationsThread(this, "RetrieveModificationsThread"); LDAPSearchResults mResults = null; try { mResults = startSearchForModifiedCertificateRecords(); @@ -267,12 +259,10 @@ public class CertificateRepository extends Repository implements } } - CMS.debug("In setCertStatusUpdateInterval mCertStatusUpdateThread " - + mCertStatusUpdateThread); + CMS.debug("In setCertStatusUpdateInterval mCertStatusUpdateThread " + mCertStatusUpdateThread); if (mCertStatusUpdateThread == null) { CMS.debug("In setCertStatusUpdateInterval about to create CertStatusUpdateThread "); - mCertStatusUpdateThread = new CertStatusUpdateThread(this, - requestRepo, "CertStatusUpdateThread"); + mCertStatusUpdateThread = new CertStatusUpdateThread(this, requestRepo, "CertStatusUpdateThread"); mCertStatusUpdateThread.setInterval(interval); mCertStatusUpdateThread.start(); } else { @@ -282,6 +272,7 @@ public class CertificateRepository extends Repository implements } } + /** * Blocking method. */ @@ -289,21 +280,21 @@ public class CertificateRepository extends Repository implements CMS.debug("In updateCertStatus()"); - CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - CMS.getLogMessage("CMSCORE_DBS_START_VALID_SEARCH")); + CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, + CMS.getLogMessage("CMSCORE_DBS_START_VALID_SEARCH")); transitInvalidCertificates(); CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - CMS.getLogMessage("CMSCORE_DBS_FINISH_VALID_SEARCH")); + CMS.getLogMessage("CMSCORE_DBS_FINISH_VALID_SEARCH")); CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - CMS.getLogMessage("CMSCORE_DBS_START_EXPIRED_SEARCH")); + CMS.getLogMessage("CMSCORE_DBS_START_EXPIRED_SEARCH")); transitValidCertificates(); CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - CMS.getLogMessage("CMSCORE_DBS_FINISH_EXPIRED_SEARCH")); + CMS.getLogMessage("CMSCORE_DBS_FINISH_EXPIRED_SEARCH")); CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - CMS.getLogMessage("CMSCORE_DBS_START_REVOKED_EXPIRED_SEARCH")); + CMS.getLogMessage("CMSCORE_DBS_START_REVOKED_EXPIRED_SEARCH")); transitRevokedExpiredCertificates(); CMS.getLogger().log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - CMS.getLogMessage("CMSCORE_DBS_FINISH_REVOKED_EXPIRED_SEARCH")); + CMS.getLogMessage("CMSCORE_DBS_FINISH_REVOKED_EXPIRED_SEARCH")); } /** @@ -313,14 +304,13 @@ public class CertificateRepository extends Repository implements return mBaseDN; } - public void setRequestDN(String requestDN) { + public void setRequestDN( String requestDN ) { mRequestBaseDN = requestDN; } - public String getRequestDN() { + public String getRequestDN() { return mRequestBaseDN; } - /** * Retrieves backend database handle. */ @@ -329,21 +319,22 @@ public class CertificateRepository extends Repository implements } /** - * Adds a certificate record to the repository. Each certificate record - * contains four parts: certificate, meta-attributes, issue information and - * reovcation information. + * Adds a certificate record to the repository. Each certificate + * record contains four parts: certificate, meta-attributes, + * issue information and reovcation information. * <P> - * + * * @param cert X.509 certificate - * @exception EBaseException failed to add new certificate to the repository + * @exception EBaseException failed to add new certificate to + * the repository */ - public void addCertificateRecord(ICertRecord record) throws EBaseException { + public void addCertificateRecord(ICertRecord record) + throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" - + ((CertRecord) record).getSerialNumber().toString() + "," - + getDN(); + String name = "cn" + "=" + + ((CertRecord) record).getSerialNumber().toString() + "," + getDN(); SessionContext ctx = SessionContext.getContext(); String uid = (String) ctx.get(SessionContext.USER_ID); @@ -352,30 +343,30 @@ public class CertificateRepository extends Repository implements record.set(CertRecord.ATTR_ISSUED_BY, "system"); /** - * System.out.println("XXX servlet should set USER_ID"); throw - * new EBaseException(BaseResources.UNKNOWN_PRINCIPAL_1, - * "null"); + System.out.println("XXX servlet should set USER_ID"); + throw new EBaseException(BaseResources.UNKNOWN_PRINCIPAL_1, + "null"); **/ } else { record.set(CertRecord.ATTR_ISSUED_BY, uid); } - // Check validity of this certificate. If it is not invalid, + // Check validity of this certificate. If it is not invalid, // mark it so. We will have a thread to transit the status // from INVALID to VALID. - X509CertImpl x509cert = (X509CertImpl) record - .get(CertRecord.ATTR_X509CERT); + X509CertImpl x509cert = (X509CertImpl) record.get( + CertRecord.ATTR_X509CERT); if (x509cert != null) { Date now = CMS.getCurrentDate(); if (x509cert.getNotBefore().after(now)) { // not yet valid - record.set(ICertRecord.ATTR_CERT_STATUS, - ICertRecord.STATUS_INVALID); + record.set(ICertRecord.ATTR_CERT_STATUS, + ICertRecord.STATUS_INVALID); } } - + s.add(name, record); } finally { if (s != null) @@ -384,19 +375,21 @@ public class CertificateRepository extends Repository implements } /** - * Used by the Clone Master (CLA) to add a revoked certificate record to the - * repository. + * Used by the Clone Master (CLA) to add a revoked certificate + * record to the repository. * <p> - * + * * @param record a CertRecord - * @exception EBaseException failed to add new certificate to the repository + * @exception EBaseException failed to add new certificate to + * the repository */ - public void addRevokedCertRecord(CertRecord record) throws EBaseException { + public void addRevokedCertRecord(CertRecord record) + throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" + record.getSerialNumber().toString() - + "," + getDN(); + String name = "cn" + "=" + + record.getSerialNumber().toString() + "," + getDN(); s.add(name, record); } finally { @@ -406,14 +399,13 @@ public class CertificateRepository extends Repository implements } /** - * This transits a certificate status from VALID to EXPIRED if a certificate - * becomes expired. + * This transits a certificate status from VALID to EXPIRED + * if a certificate becomes expired. */ public void transitValidCertificates() throws EBaseException { Date now = CMS.getCurrentDate(); - ICertRecordList recList = getValidCertsByNotAfterDate(now, -1 - * mTransitRecordPageSize); + ICertRecordList recList = getValidCertsByNotAfterDate(now, -1 * mTransitRecordPageSize); int size = recList.getSize(); @@ -438,21 +430,18 @@ public class CertificateRepository extends Repository implements for (i = 0; i < ltSize; i++) { obj = recList.getCertRecord(i); - if (obj != null) { + if (obj != null) { curRec = (CertRecord) obj; Date notAfter = curRec.getNotAfter(); - // CMS.debug("notAfter " + notAfter.toString() + " now " + - // now.toString()); + //CMS.debug("notAfter " + notAfter.toString() + " now " + now.toString()); if (notAfter.after(now)) { - CMS.debug("Record does not qualify,notAfter " - + notAfter.toString() + " date " + now.toString()); + CMS.debug("Record does not qualify,notAfter " + notAfter.toString() + " date " + now.toString()); continue; } - CMS.debug("transitValid: curRec: " + i + " " - + curRec.toString()); + CMS.debug("transitValid: curRec: " + i + " " + curRec.toString()); if (mConsistencyCheck) { cList.add(curRec); @@ -471,14 +460,13 @@ public class CertificateRepository extends Repository implements } /** - * This transits a certificate status from REVOKED to REVOKED_EXPIRED if an - * revoked certificate becomes expired. + * This transits a certificate status from REVOKED to REVOKED_EXPIRED + * if an revoked certificate becomes expired. */ public void transitRevokedExpiredCertificates() throws EBaseException { Date now = CMS.getCurrentDate(); - ICertRecordList recList = getRevokedCertsByNotAfterDate(now, -1 - * mTransitRecordPageSize); - + ICertRecordList recList = getRevokedCertsByNotAfterDate(now, -1 * mTransitRecordPageSize); + int size = recList.getSize(); if (size <= 0) { @@ -502,16 +490,13 @@ public class CertificateRepository extends Repository implements obj = recList.getCertRecord(i); if (obj != null) { curRec = (CertRecord) obj; - CMS.debug("transitRevokedExpired: curRec: " + i + " " - + curRec.toString()); + CMS.debug("transitRevokedExpired: curRec: " + i + " " + curRec.toString()); Date notAfter = curRec.getNotAfter(); - // CMS.debug("notAfter " + notAfter.toString() + " now " + - // now.toString()); + // CMS.debug("notAfter " + notAfter.toString() + " now " + now.toString()); if (notAfter.after(now)) { - CMS.debug("Record does not qualify,notAfter " - + notAfter.toString() + " date " + now.toString()); + CMS.debug("Record does not qualify,notAfter " + notAfter.toString() + " date " + now.toString()); continue; } @@ -520,7 +505,7 @@ public class CertificateRepository extends Repository implements } else { cList.add(curRec.getSerialNumber()); } - } else { + } else { CMS.debug("found null record in getCertRecord"); } } @@ -530,15 +515,14 @@ public class CertificateRepository extends Repository implements } /** - * This transits a certificate status from INVALID to VALID if a certificate - * becomes valid. + * This transits a certificate status from INVALID to VALID + * if a certificate becomes valid. */ public void transitInvalidCertificates() throws EBaseException { Date now = CMS.getCurrentDate(); - ICertRecordList recList = getInvalidCertsByNotBeforeDate(now, -1 - * mTransitRecordPageSize); + ICertRecordList recList = getInvalidCertsByNotBeforeDate(now, -1 * mTransitRecordPageSize); int size = recList.getSize(); @@ -569,16 +553,13 @@ public class CertificateRepository extends Repository implements Date notBefore = curRec.getNotBefore(); - // CMS.debug("notBefore " + notBefore.toString() + " now " + - // now.toString()); + //CMS.debug("notBefore " + notBefore.toString() + " now " + now.toString()); if (notBefore.after(now)) { - CMS.debug("Record does not qualify,notBefore " - + notBefore.toString() + " date " + now.toString()); + CMS.debug("Record does not qualify,notBefore " + notBefore.toString() + " date " + now.toString()); continue; } - CMS.debug("transitInValid: curRec: " + i + " " - + curRec.toString()); + CMS.debug("transitInValid: curRec: " + i + " " + curRec.toString()); if (mConsistencyCheck) { cList.add(curRec); @@ -595,8 +576,7 @@ public class CertificateRepository extends Repository implements } - private void transitCertList(Vector cList, String newCertStatus) - throws EBaseException { + private void transitCertList(Vector cList, String newCertStatus) throws EBaseException { CertRecord cRec = null; BigInteger serial = null; @@ -619,9 +599,8 @@ public class CertificateRepository extends Repository implements updateStatus(serial, newCertStatus); if (newCertStatus.equals(CertRecord.STATUS_REVOKED_EXPIRED)) { - - // inform all CRLIssuingPoints about revoked and expired - // certificate + + // inform all CRLIssuingPoints about revoked and expired certificate Enumeration eIPs = mCRLIssuingPoints.elements(); @@ -645,7 +624,7 @@ public class CertificateRepository extends Repository implements * Reads the certificate identified by the given serial no. */ public X509CertImpl getX509Certificate(BigInteger serialNo) - throws EBaseException { + throws EBaseException { X509CertImpl cert = null; ICertRecord cr = readCertificateRecord(serialNo); @@ -656,15 +635,16 @@ public class CertificateRepository extends Repository implements * Deletes certificate record. */ public void deleteCertificateRecord(BigInteger serialNo) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" + serialNo.toString() + "," + getDN(); + String name = "cn" + "=" + + serialNo.toString() + "," + getDN(); s.delete(name); } finally { - if (s != null) + if (s != null) s.close(); } } @@ -673,33 +653,35 @@ public class CertificateRepository extends Repository implements * Reads certificate from repository. */ public ICertRecord readCertificateRecord(BigInteger serialNo) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); CertRecord rec = null; try { - String name = "cn" + "=" + serialNo.toString() + "," + getDN(); + String name = "cn" + "=" + + serialNo.toString() + "," + getDN(); rec = (CertRecord) s.read(name); } finally { - if (s != null) + if (s != null) s.close(); } return rec; } public synchronized void modifyCertificateRecord(BigInteger serialNo, - ModificationSet mods) throws EBaseException { + ModificationSet mods) throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" + serialNo.toString() + "," + getDN(); + String name = "cn" + "=" + + serialNo.toString() + "," + getDN(); mods.add(CertRecord.ATTR_MODIFY_TIME, Modification.MOD_REPLACE, - CMS.getCurrentDate()); + CMS.getCurrentDate()); s.modify(name, mods); } finally { - if (s != null) + if (s != null) s.close(); } } @@ -708,7 +690,7 @@ public class CertificateRepository extends Repository implements * Checks if the specified certificate is in the repository. */ public boolean containsCertificate(BigInteger serialNo) - throws EBaseException { + throws EBaseException { try { ICertRecord cr = readCertificateRecord(serialNo); @@ -723,7 +705,7 @@ public class CertificateRepository extends Repository implements * Marks certificate as revoked. */ public void markAsRevoked(BigInteger id, IRevocationInfo info) - throws EBaseException { + throws EBaseException { ModificationSet mods = new ModificationSet(); mods.add(CertRecord.ATTR_REVO_INFO, Modification.MOD_ADD, info); @@ -731,14 +713,16 @@ public class CertificateRepository extends Repository implements String uid = (String) ctx.get(SessionContext.USER_ID); if (uid == null) { - mods.add(CertRecord.ATTR_REVOKED_BY, Modification.MOD_ADD, "system"); + mods.add(CertRecord.ATTR_REVOKED_BY, Modification.MOD_ADD, + "system"); } else { - mods.add(CertRecord.ATTR_REVOKED_BY, Modification.MOD_ADD, uid); + mods.add(CertRecord.ATTR_REVOKED_BY, Modification.MOD_ADD, + uid); } mods.add(CertRecord.ATTR_REVOKED_ON, Modification.MOD_ADD, - CMS.getCurrentDate()); + CMS.getCurrentDate()); mods.add(CertRecord.ATTR_CERT_STATUS, Modification.MOD_REPLACE, - CertRecord.STATUS_REVOKED); + CertRecord.STATUS_REVOKED); modifyCertificateRecord(id, mods); } @@ -746,14 +730,15 @@ public class CertificateRepository extends Repository implements * Unmarks revoked certificate. */ public void unmarkRevoked(BigInteger id, IRevocationInfo info, - Date revokedOn, String revokedBy) throws EBaseException { + Date revokedOn, String revokedBy) + throws EBaseException { ModificationSet mods = new ModificationSet(); mods.add(CertRecord.ATTR_REVO_INFO, Modification.MOD_DELETE, info); mods.add(CertRecord.ATTR_REVOKED_BY, Modification.MOD_DELETE, revokedBy); mods.add(CertRecord.ATTR_REVOKED_ON, Modification.MOD_DELETE, revokedOn); mods.add(CertRecord.ATTR_CERT_STATUS, Modification.MOD_REPLACE, - CertRecord.STATUS_VALID); + CertRecord.STATUS_VALID); modifyCertificateRecord(id, mods); } @@ -761,16 +746,17 @@ public class CertificateRepository extends Repository implements * Updates the certificiate record status to the specified. */ public void updateStatus(BigInteger id, String status) - throws EBaseException { + throws EBaseException { CMS.debug("updateStatus: " + id + " status " + status); ModificationSet mods = new ModificationSet(); - mods.add(CertRecord.ATTR_CERT_STATUS, Modification.MOD_REPLACE, status); + mods.add(CertRecord.ATTR_CERT_STATUS, Modification.MOD_REPLACE, + status); modifyCertificateRecord(id, mods); } public Enumeration searchCertificates(String filter, int maxSize) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -778,14 +764,14 @@ public class CertificateRepository extends Repository implements try { e = s.search(getDN(), filter, maxSize); } finally { - if (s != null) + if (s != null) s.close(); } return e; } - public Enumeration searchCertificates(String filter, int maxSize, - int timeLimit) throws EBaseException { + public Enumeration searchCertificates(String filter, int maxSize, int timeLimit) + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -793,7 +779,7 @@ public class CertificateRepository extends Repository implements try { e = s.search(getDN(), filter, maxSize, timeLimit); } finally { - if (s != null) + if (s != null) s.close(); } return e; @@ -801,39 +787,39 @@ public class CertificateRepository extends Repository implements /** * Returns a list of X509CertImp that satisfies the filter. - * * @deprecated replaced by <code>findCertificatesInList</code> */ - public Enumeration findCertRecs(String filter) throws EBaseException { + public Enumeration findCertRecs(String filter) + throws EBaseException { CMS.debug("findCertRecs " + filter); IDBSSession s = mDBService.createSession(); Enumeration e = null; try { e = s.search(getDN(), filter); } finally { - if (s != null) - s.close(); + if (s != null) s.close(); } return e; } public Enumeration findCertRecs(String filter, String[] attrs) - throws EBaseException { + throws EBaseException { - CMS.debug("findCertRecs " + filter + "attrs " + Arrays.toString(attrs)); + CMS.debug( "findCertRecs " + filter + + "attrs " + Arrays.toString( attrs ) ); IDBSSession s = mDBService.createSession(); Enumeration e = null; try { e = s.search(getDN(), filter, attrs); } finally { - if (s != null) - s.close(); + if (s != null) s.close(); } return e; } - public Enumeration findCertificates(String filter) throws EBaseException { + public Enumeration findCertificates(String filter) + throws EBaseException { Enumeration e = findCertRecords(filter); Vector v = new Vector(); @@ -846,15 +832,18 @@ public class CertificateRepository extends Repository implements } /** - * Finds a list of certificate records that satisifies the filter. If you - * are going to process everything in the list, use this. + * Finds a list of certificate records that satisifies + * the filter. + * If you are going to process everything in the list, + * use this. */ - public Enumeration findCertRecords(String filter) throws EBaseException { + public Enumeration findCertRecords(String filter) + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; try { - // e = s.search(getDN(), filter); + //e = s.search(getDN(), filter); ICertRecordList list = null; list = findCertRecordsInList(filter, null, "serialno", 10); @@ -862,16 +851,15 @@ public class CertificateRepository extends Repository implements e = list.getCertRecords(0, size - 1); } finally { - if (s != null) + if (s != null) s.close(); } return e; } /** - * Finds certificate records. Here is a list of filter attribute can be - * used: - * + * Finds certificate records. Here is a list of filter + * attribute can be used: * <pre> * certRecordId * certMetaInfo @@ -882,48 +870,49 @@ public class CertificateRepository extends Repository implements * x509Cert.notAfter * x509Cert.subject * </pre> - * - * The filter should follow RFC1558 LDAP filter syntax. For example, - * + * The filter should follow RFC1558 LDAP filter syntax. + * For example, * <pre> * (&(certRecordId=5)(x509Cert.notBefore=934398398)) * </pre> */ - public ICertRecordList findCertRecordsInList(String filter, String attrs[], - int pageSize) throws EBaseException { - return findCertRecordsInList(filter, attrs, CertRecord.ATTR_ID, + public ICertRecordList findCertRecordsInList(String filter, + String attrs[], int pageSize) throws EBaseException { + return findCertRecordsInList(filter, attrs, CertRecord.ATTR_ID, pageSize); } - public ICertRecordList findCertRecordsInList(String filter, String attrs[], - String sortKey, int pageSize) throws EBaseException { + public ICertRecordList findCertRecordsInList(String filter, + String attrs[], String sortKey, int pageSize) + throws EBaseException { IDBSSession s = mDBService.createSession(); CMS.debug("In findCertRecordsInList"); CertRecordList list = null; try { - DBVirtualList vlist = (DBVirtualList) s.createVirtualList(getDN(), - filter, attrs, sortKey, pageSize); + DBVirtualList vlist = (DBVirtualList) s.createVirtualList(getDN(), filter, attrs, + sortKey, pageSize); list = new CertRecordList(vlist); } finally { - if (s != null) + if (s != null) s.close(); } return list; } - public ICertRecordList findCertRecordsInList(String filter, String attrs[], - String jumpTo, String sortKey, int pageSize) throws EBaseException { - return findCertRecordsInList(filter, attrs, jumpTo, false, sortKey, - pageSize); + public ICertRecordList findCertRecordsInList(String filter, + String attrs[], String jumpTo, String sortKey, int pageSize) + throws EBaseException { + return findCertRecordsInList(filter, attrs, jumpTo, false, sortKey, pageSize); } - public ICertRecordList findCertRecordsInList(String filter, String attrs[], - String jumpTo, boolean hardJumpTo, String sortKey, int pageSize) - throws EBaseException { + public ICertRecordList findCertRecordsInList(String filter, + String attrs[], String jumpTo, boolean hardJumpTo, + String sortKey, int pageSize) + throws EBaseException { IDBSSession s = mDBService.createSession(); CertRecordList list = null; @@ -931,33 +920,33 @@ public class CertificateRepository extends Repository implements try { String jumpToVal = null; - if (hardJumpTo) { - CMS.debug("In findCertRecordsInList with hardJumpto "); - jumpToVal = "99"; - } else { - int len = jumpTo.length(); + if (hardJumpTo) { + CMS.debug("In findCertRecordsInList with hardJumpto "); + jumpToVal = "99"; + } else { + int len = jumpTo.length(); - if (len > 9) { - jumpToVal = Integer.toString(len) + jumpTo; - } else { - jumpToVal = "0" + Integer.toString(len) + jumpTo; - } + if (len > 9) { + jumpToVal = Integer.toString(len) + jumpTo; + } else { + jumpToVal = "0" + Integer.toString(len) + jumpTo; } + } - DBVirtualList vlist = (DBVirtualList) s.createVirtualList(getDN(), - filter, attrs, jumpToVal, sortKey, pageSize); + DBVirtualList vlist = (DBVirtualList) s.createVirtualList(getDN(), filter, + attrs, jumpToVal, sortKey, pageSize); list = new CertRecordList(vlist); } finally { - if (s != null) + if (s != null) s.close(); } return list; } public ICertRecordList findCertRecordsInListRawJumpto(String filter, - String attrs[], String jumpTo, String sortKey, int pageSize) - throws EBaseException { + String attrs[], String jumpTo, String sortKey, int pageSize) + throws EBaseException { IDBSSession s = mDBService.createSession(); CertRecordList list = null; @@ -965,8 +954,8 @@ public class CertificateRepository extends Repository implements try { - DBVirtualList vlist = (DBVirtualList) s.createVirtualList(getDN(), - filter, attrs, jumpTo, sortKey, pageSize); + DBVirtualList vlist = (DBVirtualList) s.createVirtualList(getDN(), filter, + attrs, jumpTo, sortKey, pageSize); list = new CertRecordList(vlist); } finally { @@ -980,42 +969,44 @@ public class CertificateRepository extends Repository implements * Marks certificate as renewable. */ public void markCertificateAsRenewable(ICertRecord record) - throws EBaseException { - changeRenewalAttribute(((CertRecord) record).getSerialNumber() - .toString(), CertRecord.AUTO_RENEWAL_ENABLED); + throws EBaseException { + changeRenewalAttribute(((CertRecord) record).getSerialNumber().toString(), + CertRecord.AUTO_RENEWAL_ENABLED); } /** * Marks certificate as renewable. */ public void markCertificateAsNotRenewable(ICertRecord record) - throws EBaseException { - changeRenewalAttribute(((CertRecord) record).getSerialNumber() - .toString(), CertRecord.AUTO_RENEWAL_DISABLED); + throws EBaseException { + changeRenewalAttribute(((CertRecord) record).getSerialNumber().toString(), + CertRecord.AUTO_RENEWAL_DISABLED); } - public void markCertificateAsRenewed(String serialNo) throws EBaseException { + public void markCertificateAsRenewed(String serialNo) + throws EBaseException { changeRenewalAttribute(serialNo, CertRecord.AUTO_RENEWAL_DONE); } public void markCertificateAsRenewalNotified(String serialNo) - throws EBaseException { + throws EBaseException { changeRenewalAttribute(serialNo, CertRecord.AUTO_RENEWAL_NOTIFIED); } private void changeRenewalAttribute(String serialno, String value) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" + serialno + "," + getDN(); + String name = "cn" + "=" + serialno + + "," + getDN(); ModificationSet mods = new ModificationSet(); mods.add(CertRecord.ATTR_AUTO_RENEW, Modification.MOD_REPLACE, - value); + value); s.modify(name, mods); } finally { - if (s != null) + if (s != null) s.close(); } } @@ -1026,7 +1017,6 @@ public class CertificateRepository extends Repository implements public class RenewableCertificateCollection { Vector mToRenew = null; Vector mToNotify = null; - public RenewableCertificateCollection() { } @@ -1053,20 +1043,21 @@ public class CertificateRepository extends Repository implements } public Hashtable getRenewableCertificates(String renewalTime) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Hashtable tab = null; try { - String filter = "(&(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_VALID + ")(" + CertRecord.ATTR_X509CERT - + "." + CertificateValidity.NOT_AFTER + "<=" + renewalTime - + ")(!(" + CertRecord.ATTR_AUTO_RENEW + "=" - + CertRecord.AUTO_RENEWAL_DONE + "))(!(" - + CertRecord.ATTR_AUTO_RENEW + "=" - + CertRecord.AUTO_RENEWAL_NOTIFIED + ")))"; - // Enumeration e = s.search(getDN(), filter); + String filter = "(&(" + CertRecord.ATTR_CERT_STATUS + "=" + + CertRecord.STATUS_VALID + ")(" + + CertRecord.ATTR_X509CERT + + "." + CertificateValidity.NOT_AFTER + "<=" + renewalTime + + ")(!(" + CertRecord.ATTR_AUTO_RENEW + "=" + + CertRecord.AUTO_RENEWAL_DONE + + "))(!(" + CertRecord.ATTR_AUTO_RENEW + "=" + + CertRecord.AUTO_RENEWAL_NOTIFIED + ")))"; + //Enumeration e = s.search(getDN(), filter); ICertRecordList list = null; list = findCertRecordsInList(filter, null, "serialno", 10); @@ -1084,54 +1075,57 @@ public class CertificateRepository extends Repository implements Object val = null; if ((val = tab.get(subjectDN)) == null) { - RenewableCertificateCollection collection = new RenewableCertificateCollection(); + RenewableCertificateCollection collection = + new RenewableCertificateCollection(); collection.addCertificate(renewalFlag, cert); tab.put(subjectDN, collection); } else { - ((RenewableCertificateCollection) val).addCertificate( - renewalFlag, cert); + ((RenewableCertificateCollection) val).addCertificate(renewalFlag, cert); } } } finally { - if (s != null) + if (s != null) s.close(); } return tab; } /** - * Gets all valid and unexpired certificates pertaining to a subject DN. - * - * @param subjectDN The distinguished name of the subject. - * @param validityType The type of certificates to get. + * Gets all valid and unexpired certificates pertaining + * to a subject DN. + * + * @param subjectDN The distinguished name of the subject. + * @param validityType The type of certificates to get. * @return An array of certificates. */ - public X509CertImpl[] getX509Certificates(String subjectDN, int validityType) - throws EBaseException { + public X509CertImpl[] getX509Certificates(String subjectDN, + int validityType) throws EBaseException { IDBSSession s = mDBService.createSession(); X509CertImpl certs[] = null; try { // XXX - not checking validityType... - String filter = "(&(" + CertRecord.ATTR_X509CERT + "." - + X509CertInfo.SUBJECT + "=" + subjectDN; + String filter = "(&(" + CertRecord.ATTR_X509CERT + + "." + X509CertInfo.SUBJECT + "=" + subjectDN; if (validityType == ALL_VALID_CERTS) { - filter += ")(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_VALID; + filter += ")(" + + CertRecord.ATTR_CERT_STATUS + "=" + + CertRecord.STATUS_VALID; } if (validityType == ALL_UNREVOKED_CERTS) { - filter += ")(|(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_VALID + ")(" - + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_EXPIRED + ")"; + filter += ")(|(" + + CertRecord.ATTR_CERT_STATUS + "=" + + CertRecord.STATUS_VALID + ")(" + + CertRecord.ATTR_CERT_STATUS + "=" + + CertRecord.STATUS_EXPIRED + ")"; } filter += "))"; - // Enumeration e = s.search(getDN(), filter); + //Enumeration e = s.search(getDN(), filter); ICertRecordList list = null; list = findCertRecordsInList(filter, null, "serialno", 10); @@ -1150,14 +1144,14 @@ public class CertificateRepository extends Repository implements certs = new X509CertImpl[v.size()]; v.copyInto(certs); } finally { - if (s != null) + if (s != null) s.close(); } return certs; } public X509CertImpl[] getX509Certificates(String filter) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); X509CertImpl certs[] = null; @@ -1166,7 +1160,7 @@ public class CertificateRepository extends Repository implements Enumeration e = null; if (filter != null && filter.length() > 0) { - // e = s.search(getDN(), filter); + //e = s.search(getDN(), filter); ICertRecordList list = null; list = findCertRecordsInList(filter, null, "serialno", 10); @@ -1187,7 +1181,7 @@ public class CertificateRepository extends Repository implements v.copyInto(certs); } } finally { - if (s != null) + if (s != null) s.close(); } return certs; @@ -1195,108 +1189,106 @@ public class CertificateRepository extends Repository implements /** * Retrives all valid certificates excluding ones already revoked. - * - * @param from The starting point of the serial number range. - * @param to The ending point of the serial number range. + * @param from The starting point of the serial number range. + * @param to The ending point of the serial number range. */ public Enumeration getValidCertificates(String from, String to) - throws EBaseException { - IDBSSession s = mDBService.createSession(); - Vector v = new Vector(); + throws EBaseException { + IDBSSession s = mDBService.createSession(); + Vector v = new Vector(); - try { + try { - // 'from' determines 'jumpto' value - // 'to' determines where to stop looking + // 'from' determines 'jumpto' value + // 'to' determines where to stop looking - String ldapfilter = "(certstatus=VALID)"; + String ldapfilter = "(certstatus=VALID)"; - String fromVal = "0"; - try { - if (from != null) { - int fv = Integer.parseInt(from); - fromVal = from; + String fromVal = "0"; + try { + if (from != null) { + int fv = Integer.parseInt(from); + fromVal = from; + } + } catch (Exception e1) { + // from is not integer } - } catch (Exception e1) { - // from is not integer - } - - ICertRecordList list = findCertRecordsInList(ldapfilter, null, - fromVal, "serialno", 40); - - BigInteger toInt = null; - if (to != null && !to.trim().equals("")) { - toInt = new BigInteger(to); - } - for (int i = 0;; i++) { - CertRecord rec = (CertRecord) list.getCertRecord(i); - CMS.debug("processing record: " + i); - if (rec == null) { - break; // no element returned - } else { + ICertRecordList list = + findCertRecordsInList(ldapfilter, null, fromVal, "serialno", 40); - CMS.debug("processing record: " + i + " " - + rec.getSerialNumber()); - // Check if we are past the 'to' marker - if (toInt != null) { - if (rec.getSerialNumber().compareTo(toInt) > 0) { - break; - } - } - v.addElement(rec); + BigInteger toInt = null; + if (to != null && !to.trim().equals("")) { + toInt = new BigInteger(to); } - } - } finally { - if (s != null) - s.close(); - } - CMS.debug("returning " + v.size() + " elements"); - return v.elements(); - } + for (int i=0;; i++) { + CertRecord rec = (CertRecord) list.getCertRecord(i); + CMS.debug("processing record: "+i); + if (rec == null) { + break; // no element returned + } else { + + CMS.debug("processing record: "+i+" "+rec.getSerialNumber()); + // Check if we are past the 'to' marker + if (toInt != null) { + if (rec.getSerialNumber().compareTo(toInt) > 0) { + break; + } + } + v.addElement(rec); + } + } + + } finally { + if (s != null) + s.close(); + } + CMS.debug("returning "+v.size()+" elements"); + return v.elements(); + } /** * Retrives all valid certificates excluding ones already revoked. */ - public Enumeration getAllValidCertificates() throws EBaseException { + public Enumeration getAllValidCertificates() + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; try { Date now = CMS.getCurrentDate(); - String ldapfilter = "(&(!(" + CertRecord.ATTR_REVO_INFO + "=*))(" - + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_BEFORE + "<=" - + DateMapper.dateToDB(now) + ")(" - + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + ">=" - + DateMapper.dateToDB(now) + "))"; - // e = s.search(getDN(), ldapfilter); + String ldapfilter = "(&(!(" + CertRecord.ATTR_REVO_INFO + "=*))(" + + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_BEFORE + "<=" + + DateMapper.dateToDB(now) + ")(" + + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_AFTER + ">=" + + DateMapper.dateToDB(now) + "))"; + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); int size = list.getSize(); e = list.getCertRecords(0, size - 1); - + } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; } /** - * Retrives all valid not published certificates excluding ones already - * revoked. - * - * @param from The starting point of the serial number range. - * @param to The ending point of the serial number range. + * Retrives all valid not published certificates + * excluding ones already revoked. + * @param from The starting point of the serial number range. + * @param to The ending point of the serial number range. */ public Enumeration getValidNotPublishedCertificates(String from, String to) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -1308,59 +1300,63 @@ public class CertificateRepository extends Repository implements ldapfilter += CertRecord.ATTR_ID + ">=" + from + ")("; if (to != null && to.length() > 0) ldapfilter += CertRecord.ATTR_ID + "<=" + to + ")("; - ldapfilter += "!(" + CertRecord.ATTR_REVO_INFO + "=*))(" - + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_BEFORE + "<=" - + DateMapper.dateToDB(now) + ")(" - + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + ">=" - + DateMapper.dateToDB(now) + ")(!(" + "certMetainfo=" - + CertRecord.META_LDAPPUBLISH + ":true)))"; - // e = s.search(getDN(), ldapfilter); + ldapfilter += "!(" + CertRecord.ATTR_REVO_INFO + "=*))(" + + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_BEFORE + "<=" + + DateMapper.dateToDB(now) + ")(" + + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_AFTER + ">=" + + DateMapper.dateToDB(now) + ")(!(" + + "certMetainfo=" + + CertRecord.META_LDAPPUBLISH + + ":true)))"; + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); int size = list.getSize(); e = list.getCertRecords(0, size - 1); - + } finally { - if (s != null) + if (s != null) s.close(); } return e; } /** - * Retrives all valid not published certificates excluding ones already - * revoked. + * Retrives all valid not published certificates + * excluding ones already revoked. */ public Enumeration getAllValidNotPublishedCertificates() - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; try { Date now = CMS.getCurrentDate(); - String ldapfilter = "(&(!(" + CertRecord.ATTR_REVO_INFO + "=*))(" - + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_BEFORE + "<=" - + DateMapper.dateToDB(now) + ")(" - + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + ">=" - + DateMapper.dateToDB(now) + ")(!(" + "certMetainfo=" - + CertRecord.META_LDAPPUBLISH + ":true)))"; - // e = s.search(getDN(), ldapfilter); + String ldapfilter = "(&(!(" + CertRecord.ATTR_REVO_INFO + "=*))(" + + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_BEFORE + "<=" + + DateMapper.dateToDB(now) + ")(" + + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_AFTER + ">=" + + DateMapper.dateToDB(now) + ")(!(" + + "certMetainfo=" + + CertRecord.META_LDAPPUBLISH + + ":true)))"; + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); int size = list.getSize(); e = list.getCertRecords(0, size - 1); - + } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; @@ -1368,12 +1364,11 @@ public class CertificateRepository extends Repository implements /** * Retrives all expired certificates. - * - * @param from The starting point of the serial number range. - * @param to The ending point of the serial number range. + * @param from The starting point of the serial number range. + * @param to The ending point of the serial number range. */ public Enumeration getExpiredCertificates(String from, String to) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -1385,20 +1380,20 @@ public class CertificateRepository extends Repository implements ldapfilter += CertRecord.ATTR_ID + ">=" + from + ")("; if (to != null && to.length() > 0) ldapfilter += CertRecord.ATTR_ID + "<=" + to + ")("; - ldapfilter += "!(" + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + ">=" - + DateMapper.dateToDB(now) + ")))"; - // e = s.search(getDN(), ldapfilter); - + ldapfilter += "!(" + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_AFTER + ">=" + + DateMapper.dateToDB(now) + ")))"; + //e = s.search(getDN(), ldapfilter); + ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); int size = list.getSize(); e = list.getCertRecords(0, size - 1); - } finally { + } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; @@ -1407,26 +1402,27 @@ public class CertificateRepository extends Repository implements /** * Retrives all expired certificates. */ - public Enumeration getAllExpiredCertificates() throws EBaseException { + public Enumeration getAllExpiredCertificates() + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; try { Date now = CMS.getCurrentDate(); - String ldapfilter = "(!(" + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + ">=" - + DateMapper.dateToDB(now) + "))"; - // e = s.search(getDN(), ldapfilter); + String ldapfilter = "(!(" + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_AFTER + ">=" + + DateMapper.dateToDB(now) + "))"; + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); int size = list.getSize(); e = list.getCertRecords(0, size - 1); - - } finally { + + } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; @@ -1434,12 +1430,11 @@ public class CertificateRepository extends Repository implements /** * Retrives all expired published certificates. - * - * @param from The starting point of the serial number range. - * @param to The ending point of the serial number range. + * @param from The starting point of the serial number range. + * @param to The ending point of the serial number range. */ public Enumeration getExpiredPublishedCertificates(String from, String to) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -1451,23 +1446,24 @@ public class CertificateRepository extends Repository implements ldapfilter += CertRecord.ATTR_ID + ">=" + from + ")("; if (to != null && to.length() > 0) ldapfilter += CertRecord.ATTR_ID + "<=" + to + ")("; - ldapfilter += "!(" + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + ">=" - + - // DateMapper.dateToDB(now) + ")))"; - DateMapper.dateToDB(now) + "))(" + "certMetainfo=" - + CertRecord.META_LDAPPUBLISH + ":true))"; - // e = s.search(getDN(), ldapfilter); - + ldapfilter += "!(" + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_AFTER + ">=" + + //DateMapper.dateToDB(now) + ")))"; + DateMapper.dateToDB(now) + "))(" + + "certMetainfo=" + + CertRecord.META_LDAPPUBLISH + + ":true))"; + //e = s.search(getDN(), ldapfilter); + ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); int size = list.getSize(); e = list.getCertRecords(0, size - 1); - } finally { + } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; @@ -1477,7 +1473,7 @@ public class CertificateRepository extends Repository implements * Retrives all expired publishedcertificates. */ public Enumeration getAllExpiredPublishedCertificates() - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -1485,30 +1481,31 @@ public class CertificateRepository extends Repository implements Date now = CMS.getCurrentDate(); String ldapfilter = "(&"; - ldapfilter += "(!(" + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + ">=" - + DateMapper.dateToDB(now) + "))"; - ldapfilter += "(certMetainfo=" + CertRecord.META_LDAPPUBLISH - + ":true))"; - - // e = s.search(getDN(), ldapfilter); + ldapfilter += "(!(" + CertRecord.ATTR_X509CERT + "." + + CertificateValidity.NOT_AFTER + ">=" + + DateMapper.dateToDB(now) + "))"; + ldapfilter += "(certMetainfo=" + + CertRecord.META_LDAPPUBLISH + + ":true))"; + + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); int size = list.getSize(); e = list.getCertRecords(0, size - 1); - - } finally { + + } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; } - public ICertRecordList getInvalidCertsByNotBeforeDate(Date date, - int pageSize) throws EBaseException { + public ICertRecordList getInvalidCertsByNotBeforeDate(Date date, int pageSize) + throws EBaseException { String now = null; @@ -1518,29 +1515,27 @@ public class CertificateRepository extends Repository implements IDBSSession s = mDBService.createSession(); try { - String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_INVALID + ")"; + String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_INVALID + ")"; String[] attrs = null; if (mConsistencyCheck == false) { - attrs = new String[] { "objectclass", CertRecord.ATTR_ID, - CertRecord.ATTR_X509CERT }; + attrs = new String[] { "objectclass", CertRecord.ATTR_ID, CertRecord.ATTR_X509CERT}; } - CMS.debug("getInvalidCertificatesByNotBeforeDate filter " - + ldapfilter); - // e = s.search(getDN(), ldapfilter); + CMS.debug("getInvalidCertificatesByNotBeforeDate filter " + ldapfilter); + //e = s.search(getDN(), ldapfilter); CMS.debug("getInvalidCertificatesByNotBeforeDate: about to call findCertRecordsInList"); list = findCertRecordsInListRawJumpto(ldapfilter, attrs, - DateMapper.dateToDB(date), "notBefore", pageSize); + DateMapper.dateToDB(date), "notBefore", pageSize); - // e = list.getCertRecords(0, size - 1); + //e = list.getCertRecords(0, size - 1); } finally { // XXX - transaction is not done at this moment + CMS.debug("In getInvalidCertsByNotBeforeDate finally."); if (s != null) @@ -1551,7 +1546,7 @@ public class CertificateRepository extends Repository implements } public ICertRecordList getValidCertsByNotAfterDate(Date date, int pageSize) - throws EBaseException { + throws EBaseException { String now = null; @@ -1559,20 +1554,17 @@ public class CertificateRepository extends Repository implements IDBSSession s = mDBService.createSession(); try { - String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_VALID + ")"; + String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_VALID + ")"; String[] attrs = null; if (mConsistencyCheck == false) { - attrs = new String[] { "objectclass", CertRecord.ATTR_ID, - CertRecord.ATTR_X509CERT }; + attrs = new String[] { "objectclass", CertRecord.ATTR_ID, CertRecord.ATTR_X509CERT}; } CMS.debug("getValidCertsByNotAfterDate filter " + ldapfilter); - // e = s.search(getDN(), ldapfilter); - list = findCertRecordsInListRawJumpto(ldapfilter, attrs, - DateMapper.dateToDB(date), "notAfter", pageSize); + //e = s.search(getDN(), ldapfilter); + list = findCertRecordsInListRawJumpto(ldapfilter, attrs, DateMapper.dateToDB(date), "notAfter", pageSize); } finally { // XXX - transaction is not done at this moment @@ -1584,50 +1576,46 @@ public class CertificateRepository extends Repository implements } public ICertRecordList getRevokedCertsByNotAfterDate(Date date, int pageSize) - throws EBaseException { + throws EBaseException { ICertRecordList list = null; IDBSSession s = mDBService.createSession(); try { - String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_REVOKED + ")"; + String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_REVOKED + ")"; String[] attrs = null; if (mConsistencyCheck == false) { - attrs = new String[] { "objectclass", - CertRecord.ATTR_REVOKED_ON, CertRecord.ATTR_ID, - CertRecord.ATTR_REVO_INFO, - CertificateValidity.NOT_AFTER, CertRecord.ATTR_X509CERT }; + attrs = new String[] { "objectclass", CertRecord.ATTR_REVOKED_ON, CertRecord.ATTR_ID, + CertRecord.ATTR_REVO_INFO, CertificateValidity.NOT_AFTER, CertRecord.ATTR_X509CERT}; } - CMS.debug("getRevokedCertificatesByNotAfterDate filter " - + ldapfilter); - // e = s.search(getDN(), ldapfilter); + CMS.debug("getRevokedCertificatesByNotAfterDate filter " + ldapfilter); + //e = s.search(getDN(), ldapfilter); CMS.debug("getRevokedCertificatesByNotAfterDate: about to call findCertRecordsInList"); list = findCertRecordsInListRawJumpto(ldapfilter, attrs, - DateMapper.dateToDB(date), "notafter", pageSize); + DateMapper.dateToDB(date), "notafter", pageSize); } finally { // XXX - transaction is not done at this moment + if (s != null) s.close(); } return list; } - + /** - * Retrieves all revoked certificates in the serial number range. - * - * @param from The starting point of the serial number range. - * @param to The ending point of the serial number range. + * Retrieves all revoked certificates in the serial number range. + * @param from The starting point of the serial number range. + * @param to The ending point of the serial number range. */ public Enumeration getRevokedCertificates(String from, String to) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -1639,7 +1627,7 @@ public class CertificateRepository extends Repository implements if (to != null && to.length() > 0) ldapfilter += "(" + CertRecord.ATTR_ID + "<=" + to + ")"; ldapfilter += ")"; - // e = s.search(getDN(), ldapfilter); + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); @@ -1648,27 +1636,24 @@ public class CertificateRepository extends Repository implements e = list.getCertRecords(0, size - 1); } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; } /** - * Retrives all revoked certificates including ones already expired or not - * yet valid. + * Retrives all revoked certificates including ones already expired or + * not yet valid. */ - public Enumeration getAllRevokedCertificates() throws EBaseException { + public Enumeration getAllRevokedCertificates() + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; - String ldapfilter = "(|(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_REVOKED + ")(" - + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_REVOKED_EXPIRED + "))"; // index is setup - // for this filter + String ldapfilter = "(|(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_REVOKED + ")(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_REVOKED_EXPIRED + "))"; // index is setup for this filter try { - // e = s.search(getDN(), ldapfilter); + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); @@ -1676,20 +1661,19 @@ public class CertificateRepository extends Repository implements e = list.getCertRecords(0, size - 1); } finally { - if (s != null) + if (s != null) s.close(); } return e; } /** - * Retrieves all revoked publishedcertificates in the serial number range. - * - * @param from The starting point of the serial number range. - * @param to The ending point of the serial number range. + * Retrieves all revoked publishedcertificates in the serial number range. + * @param from The starting point of the serial number range. + * @param to The ending point of the serial number range. */ public Enumeration getRevokedPublishedCertificates(String from, String to) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -1700,10 +1684,11 @@ public class CertificateRepository extends Repository implements ldapfilter += "(" + CertRecord.ATTR_ID + ">=" + from + ")"; if (to != null && to.length() > 0) ldapfilter += "(" + CertRecord.ATTR_ID + "<=" + to + ")"; - // ldapfilter += ")"; - ldapfilter += "(certMetainfo=" + CertRecord.META_LDAPPUBLISH - + ":true))"; - // e = s.search(getDN(), ldapfilter); + //ldapfilter += ")"; + ldapfilter += "(certMetainfo=" + + CertRecord.META_LDAPPUBLISH + + ":true))"; + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); @@ -1712,30 +1697,27 @@ public class CertificateRepository extends Repository implements e = list.getCertRecords(0, size - 1); } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; } /** - * Retrives all revoked published certificates including ones already - * expired or not yet valid. + * Retrives all revoked published certificates including ones + * already expired or not yet valid. */ public Enumeration getAllRevokedPublishedCertificates() - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; - String ldapfilter = "(&(|(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_REVOKED + ")(" - + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_REVOKED_EXPIRED + "))"; // index is setup - // for this filter - - ldapfilter += "(certMetainfo=" + CertRecord.META_LDAPPUBLISH - + ":true))"; + String ldapfilter = "(&(|(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_REVOKED + ")(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_REVOKED_EXPIRED + "))"; // index is setup for this filter + + ldapfilter += "(certMetainfo=" + + CertRecord.META_LDAPPUBLISH + + ":true))"; try { - // e = s.search(getDN(), ldapfilter); + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); @@ -1743,31 +1725,30 @@ public class CertificateRepository extends Repository implements e = list.getCertRecords(0, size - 1); } finally { - if (s != null) + if (s != null) s.close(); } return e; } /** - * Retrieves all revoked certificates that have not expired. + * Retrieves all revoked certificates that have not expired. */ public Enumeration getRevokedCertificates(Date asOfDate) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; try { - /* - * e = s.search(getDN(), "(&(" + CertRecord.ATTR_REVO_INFO + "=*)(" - * + CertRecord.ATTR_X509CERT + "." + CertificateValidity.NOT_AFTER - * + " >= " + DateMapper.dateToDB(asOfDate) + "))"); - */ - String ldapfilter = "(&(" + CertRecord.ATTR_REVO_INFO + "=*)(" - + CertRecord.ATTR_X509CERT + "." - + CertificateValidity.NOT_AFTER + " >= " - + DateMapper.dateToDB(asOfDate) + "))"; + /*e = s.search(getDN(), "(&(" + + CertRecord.ATTR_REVO_INFO + "=*)(" + CertRecord.ATTR_X509CERT + + "." + CertificateValidity.NOT_AFTER + " >= " + + DateMapper.dateToDB(asOfDate) + "))");*/ + String ldapfilter = "(&(" + + CertRecord.ATTR_REVO_INFO + "=*)(" + CertRecord.ATTR_X509CERT + + "." + CertificateValidity.NOT_AFTER + " >= " + + DateMapper.dateToDB(asOfDate) + "))"; ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); @@ -1776,7 +1757,7 @@ public class CertificateRepository extends Repository implements e = list.getCertRecords(0, size - 1); } finally { // XXX - transaction is not done at this moment - if (s != null) + if (s != null) s.close(); } return e; @@ -1786,15 +1767,13 @@ public class CertificateRepository extends Repository implements * Retrives all revoked certificates excluing ones already expired. */ public Enumeration getAllRevokedNonExpiredCertificates() - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; - String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" - + CertRecord.STATUS_REVOKED + ")"; // index is setup for this - // filter + String ldapfilter = "(" + CertRecord.ATTR_CERT_STATUS + "=" + CertRecord.STATUS_REVOKED + ")"; // index is setup for this filter try { - // e = s.search(getDN(), ldapfilter); + //e = s.search(getDN(), ldapfilter); ICertRecordList list = null; list = findCertRecordsInList(ldapfilter, null, "serialno", 10); @@ -1802,14 +1781,14 @@ public class CertificateRepository extends Repository implements e = list.getCertRecords(0, size - 1); } finally { - if (s != null) + if (s != null) s.close(); } return e; } private LDAPSearchResults startSearchForModifiedCertificateRecords() - throws EBaseException { + throws EBaseException { CMS.debug("startSearchForModifiedCertificateRecords"); LDAPSearchResults r = null; IDBSSession s = mDBService.createSession(); @@ -1819,10 +1798,9 @@ public class CertificateRepository extends Repository implements r = s.persistentSearch(getDN(), filter, null); CMS.debug("startSearchForModifiedCertificateRecords persistentSearch started"); } catch (Exception e) { - CMS.debug("startSearchForModifiedCertificateRecords persistentSearch Exception=" - + e); + CMS.debug("startSearchForModifiedCertificateRecords persistentSearch Exception="+e); r = null; - if (s != null) + if (s != null) s.close(); } return r; @@ -1830,40 +1808,34 @@ public class CertificateRepository extends Repository implements public void getModifications(LDAPEntry entry) { if (entry != null) { - CMS.debug("getModifications entry DN=" + entry.getDN()); + CMS.debug("getModifications entry DN="+entry.getDN()); LDAPAttributeSet entryAttrs = entry.getAttributeSet(); ICertRecord certRec = null; try { - certRec = (ICertRecord) mDBService.getRegistry().createObject( - entryAttrs); + certRec = (ICertRecord)mDBService.getRegistry().createObject(entryAttrs); } catch (Exception e) { } if (certRec != null) { String status = certRec.getStatus(); - CMS.debug("getModifications serialNumber=" - + certRec.getSerialNumber() + " status=" + status); - if (status != null - && (status.equals(ICertRecord.STATUS_VALID) || status - .equals(ICertRecord.STATUS_REVOKED))) { + CMS.debug("getModifications serialNumber="+certRec.getSerialNumber()+ + " status="+status); + if (status != null && (status.equals(ICertRecord.STATUS_VALID) || + status.equals(ICertRecord.STATUS_REVOKED))) { Enumeration eIPs = mCRLIssuingPoints.elements(); while (eIPs.hasMoreElements()) { - ICRLIssuingPoint ip = (ICRLIssuingPoint) eIPs - .nextElement(); + ICRLIssuingPoint ip = (ICRLIssuingPoint) eIPs.nextElement(); if (ip != null) { if (status.equals(ICertRecord.STATUS_REVOKED)) { - IRevocationInfo rInfo = certRec - .getRevocationInfo(); + IRevocationInfo rInfo = certRec.getRevocationInfo(); if (rInfo != null) { - ip.addRevokedCert( - certRec.getSerialNumber(), - new RevokedCertImpl(certRec - .getSerialNumber(), rInfo - .getRevocationDate(), rInfo - .getCRLEntryExtensions())); + ip.addRevokedCert(certRec.getSerialNumber(), + new RevokedCertImpl(certRec.getSerialNumber(), + rInfo.getRevocationDate(), + rInfo.getCRLEntryExtensions())); } } else { ip.addUnrevokedCert(certRec.getSerialNumber()); @@ -1878,16 +1850,16 @@ public class CertificateRepository extends Repository implements } } + /** - * Checks if the presented certificate belongs to the repository and is - * revoked. - * - * @param cert certificate to verify. - * @return RevocationInfo if the presented certificate is revoked otherwise - * null. + * Checks if the presented certificate belongs to the repository + * and is revoked. + * + * @param cert certificate to verify. + * @return RevocationInfo if the presented certificate is revoked otherwise null. */ public RevocationInfo isCertificateRevoked(X509CertImpl cert) - throws EBaseException { + throws EBaseException { RevocationInfo info = null; // 615932 @@ -1899,8 +1871,7 @@ public class CertificateRepository extends Repository implements if (rec != null) { if (rec.getStatus().equals(ICertRecord.STATUS_REVOKED)) { X500Name name = (X500Name) cert.getSubjectDN(); - X500Name repCertName = (X500Name) rec.getCertificate() - .getSubjectDN(); + X500Name repCertName = (X500Name) rec.getCertificate().getSubjectDN(); if (name.equals(repCertName)) { byte[] certEncoded = null; @@ -1912,8 +1883,9 @@ public class CertificateRepository extends Repository implements } catch (Exception e) { } - if (certEncoded != null && repCertEncoded != null - && certEncoded.length == repCertEncoded.length) { + if (certEncoded != null && + repCertEncoded != null && + certEncoded.length == repCertEncoded.length) { int i; for (i = 0; i < certEncoded.length; i++) { @@ -1921,8 +1893,7 @@ public class CertificateRepository extends Repository implements break; } if (i >= certEncoded.length) { - info = (RevocationInfo) ((CertRecord) rec) - .getRevocationInfo(); + info = (RevocationInfo) ((CertRecord) rec).getRevocationInfo(); } } } @@ -1933,14 +1904,15 @@ public class CertificateRepository extends Repository implements } public void shutdown() { - // if (mCertStatusUpdateThread != null) - // mCertStatusUpdateThread.destroy(); + //if (mCertStatusUpdateThread != null) + // mCertStatusUpdateThread.destroy(); - // if (mRetrieveModificationsThread != null) - // mRetrieveModificationsThread.destroy(); + //if (mRetrieveModificationsThread != null) + // mRetrieveModificationsThread.destroy(); } } + class CertStatusUpdateThread extends Thread { CertificateRepository _cr = null; IRepository _rr = null; @@ -1949,7 +1921,7 @@ class CertStatusUpdateThread extends Thread { CertStatusUpdateThread(CertificateRepository cr, IRepository rr, String name) { super(name); CMS.debug("new CertStatusUpdateThread"); - // setName(name); + //setName(name); _cr = cr; _rr = rr; @@ -1992,6 +1964,7 @@ class CertStatusUpdateThread extends Thread { } } + class RetrieveModificationsThread extends Thread { CertificateRepository _cr = null; LDAPSearchResults _results = null; @@ -1999,7 +1972,7 @@ class RetrieveModificationsThread extends Thread { RetrieveModificationsThread(CertificateRepository cr, String name) { super(name); CMS.debug("new RetrieveModificationsThread"); - // setName(name); + //setName(name); _cr = cr; } @@ -2018,7 +1991,7 @@ class RetrieveModificationsThread extends Thread { _cr.getModifications(entry); } } catch (LDAPException e) { - CMS.debug("LDAPException: " + e.toString()); + CMS.debug("LDAPException: "+e.toString()); } } else { CMS.debug("_results are null"); diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java b/pki/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java index 6436b052..adbae506 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DBRegistry.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Hashtable; import java.util.Iterator; @@ -36,18 +37,22 @@ import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.dbs.IDBRegistry; import com.netscape.certsrv.dbs.IFilterConverter; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents a registry where all the schema (object classes and - * attribute) information is stored. - * - * Attribute mappers can be registered with this registry. - * - * Given the schema information stored, this registry has knowledge to convert a - * Java object into a LDAPAttributeSet or vice versa. - * + * A class represents a registry where all the + * schema (object classes and attribute) information + * is stored. + * + * Attribute mappers can be registered with this + * registry. + * + * Given the schema information stored, this registry + * has knowledge to convert a Java object into a + * LDAPAttributeSet or vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class DBRegistry implements IDBRegistry, ISubsystem { @@ -74,25 +79,25 @@ public class DBRegistry implements IDBRegistry, ISubsystem { } /** - * Sets subsystem identifier. This is an internal subsystem, and is not - * loadable. + * Sets subsystem identifier. This is an internal + * subsystem, and is not loadable. */ public void setId(String id) throws EBaseException { - throw new EBaseException( - CMS.getUserMessage("CMS_BASE_INVALID_OPERATION")); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_OPERATION")); } /** - * Initializes the internal registery. Connects to the data source, and - * create a pool of connection of which applications can use. Optionally, - * check the integrity of the database. + * Initializes the internal registery. Connects to the + * data source, and create a pool of connection of which + * applications can use. Optionally, check the integrity + * of the database. */ - public void init(ISubsystem owner, IConfigStore config) - throws EBaseException { + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { mConfig = config; mConverter = new LdapFilterConverter(mAttrufNames); } - + /** * Retrieves configuration store. */ @@ -123,28 +128,26 @@ public class DBRegistry implements IDBRegistry, ISubsystem { * Registers object class. */ public void registerObjectClass(String className, String ldapNames[]) - throws EDBException { + throws EDBException { try { Class c = Class.forName(className); mOCclassNames.put(className, ldapNames); - mOCldapNames.put(sortAndConcate(ldapNames).toLowerCase(), - new NameAndObject(className, c)); + mOCldapNames.put(sortAndConcate( + ldapNames).toLowerCase(), + new NameAndObject(className, c)); } catch (ClassNotFoundException e) { - /* - * LogDoc - * + /*LogDoc + * * @phase db startup - * * @reason failed to register object class - * * @message DBRegistry: <exception thrown> */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_INVALID_CLASS_NAME", className)); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, + ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_INVALID_CLASS_NAME", className)); } } @@ -158,8 +161,8 @@ public class DBRegistry implements IDBRegistry, ISubsystem { /** * Registers attribute mapper. */ - public void registerAttribute(String ufName, IDBAttrMapper mapper) - throws EDBException { + public void registerAttribute(String ufName, IDBAttrMapper mapper) + throws EDBException { // should not allows 'objectclass' as attribute; it has // special meaning mAttrufNames.put(ufName.toLowerCase(), mapper); @@ -177,9 +180,9 @@ public class DBRegistry implements IDBRegistry, ISubsystem { } /** - * Creates LDAP-based search filters with help of registered mappers. Parses - * filter from filter string specified in RFC1558. - * + * Creates LDAP-based search filters with help of + * registered mappers. + * Parses filter from filter string specified in RFC1558. * <pre> * <filter> ::= '(' <filtercomp> ')' * <filtercomp> ::= <and> | <or> | <not> | <item> @@ -206,34 +209,37 @@ public class DBRegistry implements IDBRegistry, ISubsystem { return getFilter(filter, mConverter); } - public String getFilter(String filter, IFilterConverter c) - throws EBaseException { + public String getFilter(String filter, IFilterConverter c) + throws EBaseException { String f = filter; f = f.trim(); if (f.startsWith("(") && f.endsWith(")")) { - return "(" + getFilterComp(f.substring(1, f.length() - 1), c) + ")"; + return "(" + getFilterComp(f.substring(1, + f.length() - 1), c) + ")"; } else { return getFilterComp(filter, c); } } - private String getFilterComp(String f, IFilterConverter c) - throws EBaseException { + private String getFilterComp(String f, IFilterConverter c) + throws EBaseException { f = f.trim(); - if (f.startsWith("&")) { // AND operation - return "&" + getFilterList(f.substring(1, f.length()), c); + if (f.startsWith("&")) { // AND operation + return "&" + getFilterList(f.substring(1, + f.length()), c); } else if (f.startsWith("|")) { // OR operation - return "|" + getFilterList(f.substring(1, f.length()), c); + return "|" + getFilterList(f.substring(1, + f.length()), c); } else if (f.startsWith("!")) { // NOT operation return "!" + getFilter(f.substring(1, f.length()), c); - } else { // item + } else { // item return getFilterItem(f, c); } } - - private String getFilterList(String f, IFilterConverter c) - throws EBaseException { + + private String getFilterList(String f, IFilterConverter c) + throws EBaseException { f = f.trim(); int level = 0; int start = 0; @@ -268,14 +274,14 @@ public class DBRegistry implements IDBRegistry, ISubsystem { /** * So, here we need to separate item into name, op, value. */ - private String getFilterItem(String f, IFilterConverter c) - throws EBaseException { + private String getFilterItem(String f, IFilterConverter c) + throws EBaseException { f = f.trim(); int idx = f.indexOf('='); if (idx == -1) { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_INVALID_FILTER_ITEM", "=")); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_INVALID_FILTER_ITEM", "=")); } String type = f.substring(0, idx).trim(); @@ -311,15 +317,17 @@ public class DBRegistry implements IDBRegistry, ISubsystem { // if value contains no '*', then it is equality if (value.indexOf('*') == -1) { if (type.equals("objectclass")) { - String ldapNames[] = (String[]) mOCclassNames.get(value); + String ldapNames[] = (String[]) + mOCclassNames.get(value); if (ldapNames == null) - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_INVALID_FILTER_ITEM", f)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_INVALID_FILTER_ITEM", f)); String filter = ""; for (int g = 0; g < ldapNames.length; g++) { - filter += "(objectclass=" + ldapNames[g] + ")"; + filter += "(objectclass=" + + ldapNames[g] + ")"; } return "&" + filter; } else { @@ -333,25 +341,27 @@ public class DBRegistry implements IDBRegistry, ISubsystem { /** * Maps object into LDAP attribute set. */ - public void mapObject(IDBObj parent, String name, Object obj, - LDAPAttributeSet attrs) throws EBaseException { - IDBAttrMapper mapper = (IDBAttrMapper) mAttrufNames.get(name - .toLowerCase()); + public void mapObject(IDBObj parent, String name, Object obj, + LDAPAttributeSet attrs) throws EBaseException { + IDBAttrMapper mapper = (IDBAttrMapper) mAttrufNames.get( + name.toLowerCase()); if (mapper == null) { return; // no mapper found, just skip this attribute - } + } mapper.mapObjectToLDAPAttributeSet(parent, name, obj, attrs); } /** - * Retrieves a list of LDAP attributes that are associated with the given - * attributes. This method is used for searches, to map the database - * attributes to LDAP attributes. + * Retrieves a list of LDAP attributes that are associated + * with the given attributes. + * This method is used for searches, to map the database attributes + * to LDAP attributes. */ - public String[] getLDAPAttributes(String attrs[]) throws EBaseException { + public String[] getLDAPAttributes(String attrs[]) + throws EBaseException { IDBAttrMapper mapper; - + if (attrs == null) return null; Vector v = new Vector(); @@ -364,11 +374,10 @@ public class DBRegistry implements IDBRegistry, ISubsystem { } if (isAttributeRegistered(attrs[i])) { - mapper = (IDBAttrMapper) mAttrufNames.get(attrs[i] - .toLowerCase()); + mapper = (IDBAttrMapper) + mAttrufNames.get(attrs[i].toLowerCase()); if (mapper == null) { - throw new EDBException( - CMS.getUserMessage("CMS_DBS_INVALID_ATTRS")); + throw new EDBException(CMS.getUserMessage("CMS_DBS_INVALID_ATTRS")); } Enumeration e = mapper.getSupportedLDAPAttributeNames(); @@ -382,10 +391,10 @@ public class DBRegistry implements IDBRegistry, ISubsystem { } else { IDBDynAttrMapper matchingDynAttrMapper = null; // check if a dynamic mapper can handle the attribute - for (Iterator dynMapperIter = mDynAttrMappers.iterator(); dynMapperIter - .hasNext();) { - IDBDynAttrMapper dynAttrMapper = (IDBDynAttrMapper) dynMapperIter - .next(); + for (Iterator dynMapperIter = mDynAttrMappers.iterator(); + dynMapperIter.hasNext();) { + IDBDynAttrMapper dynAttrMapper = + (IDBDynAttrMapper)dynMapperIter.next(); if (dynAttrMapper.supportsLDAPAttributeName(attrs[i])) { matchingDynAttrMapper = dynAttrMapper; break; @@ -394,20 +403,15 @@ public class DBRegistry implements IDBRegistry, ISubsystem { if (matchingDynAttrMapper != null) { v.addElement(attrs[i]); } else { - /* - * LogDoc - * + /*LogDoc + * * @phase retrieve ldap attr - * * @reason failed to get registered object class - * * @message DBRegistry: <attr> is not registered */ mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, - ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_DBS_ATTR_NOT_REGISTER", attrs[i])); - throw new EDBException(CMS.getLogMessage( - "CMSCORE_DBS_ATTR_NOT_REGISTER", attrs[i])); + ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_DBS_ATTR_NOT_REGISTER", attrs[i])); + throw new EDBException(CMS.getLogMessage("CMSCORE_DBS_ATTR_NOT_REGISTER", attrs[i])); } } @@ -423,8 +427,8 @@ public class DBRegistry implements IDBRegistry, ISubsystem { /** * Creates attribute set from object. */ - public LDAPAttributeSet createLDAPAttributeSet(IDBObj obj) - throws EBaseException { + public LDAPAttributeSet createLDAPAttributeSet(IDBObj obj) + throws EBaseException { Enumeration e = obj.getSerializableAttrNames(); LDAPAttributeSet attrs = new LDAPAttributeSet(); @@ -448,11 +452,12 @@ public class DBRegistry implements IDBRegistry, ISubsystem { /** * Creates object from attribute set. */ - public IDBObj createObject(LDAPAttributeSet attrs) throws EBaseException { + public IDBObj createObject(LDAPAttributeSet attrs) + throws EBaseException { // map object class attribute to object LDAPAttribute attr = attrs.getAttribute("objectclass"); - // CMS.debug("createObject: attrs " + attrs.toString()); + //CMS.debug("createObject: attrs " + attrs.toString()); attrs.remove("objectclass"); @@ -470,8 +475,8 @@ public class DBRegistry implements IDBRegistry, ISubsystem { NameAndObject no = (NameAndObject) mOCldapNames.get(sorted); if (no == null) { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_INVALID_CLASS_NAME", sorted)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_INVALID_CLASS_NAME", sorted)); } Class c = (Class) no.getObject(); @@ -481,29 +486,28 @@ public class DBRegistry implements IDBRegistry, ISubsystem { while (ee.hasMoreElements()) { String oname = (String) ee.nextElement(); - IDBAttrMapper mapper = (IDBAttrMapper) mAttrufNames.get(oname - .toLowerCase()); + IDBAttrMapper mapper = (IDBAttrMapper) + mAttrufNames.get( + oname.toLowerCase()); if (mapper == null) { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_NO_MAPPER_FOUND", oname)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_NO_MAPPER_FOUND", oname)); } - mapper.mapLDAPAttributeSetToObject(attrs, oname, obj); + mapper.mapLDAPAttributeSetToObject(attrs, + oname, obj); } return obj; } catch (Exception e) { - /* - * LogDoc - * + /*LogDoc + * * @phase create ldap attr - * * @reason failed to create object class - * * @message DBRegistry: <attr> is not registered */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, + ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); throw new EDBException(CMS.getUserMessage("CMS_DBS_INVALID_ATTRS")); } } @@ -538,6 +542,7 @@ public class DBRegistry implements IDBRegistry, ISubsystem { } } + /** * Just a convenient container class. */ @@ -550,7 +555,7 @@ class NameAndObject { mN = name; mO = o; } - + public String getName() { return mN; } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DBSSession.java b/pki/base/common/src/com/netscape/cmscore/dbs/DBSSession.java index 1b6633dc..efdbceec 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DBSSession.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DBSSession.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import netscape.ldap.LDAPAttribute; @@ -46,12 +47,14 @@ import com.netscape.certsrv.dbs.Modification; import com.netscape.certsrv.dbs.ModificationSet; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents the database session. Operations can be performed with a - * session. - * - * Transaction and Caching support can be integrated into session. - * + * A class represents the database session. Operations + * can be performed with a session. + * + * Transaction and Caching support can be integrated + * into session. + * * @author thomask * @version $Revision$, $Date$ */ @@ -63,7 +66,7 @@ public class DBSSession implements IDBSSession { /** * Constructs a database session. - * + * * @param system the database subsytem * @param c the ldap connection */ @@ -72,7 +75,7 @@ public class DBSSession implements IDBSSession { mConn = c; try { // no limit - mConn.setOption(LDAPv2.SIZELIMIT, Integer.valueOf(0)); + mConn.setOption(LDAPv2.SIZELIMIT, Integer.valueOf(0)); } catch (LDAPException e) { } } @@ -94,40 +97,39 @@ public class DBSSession implements IDBSSession { /** * Adds object to backend database. For example, - * * <PRE> - * session.add("cn=123459,o=certificate repository,o=airius.com", certRec); + * session.add("cn=123459,o=certificate repository,o=airius.com", + * certRec); * </PRE> - * + * * @param name the name of the ldap entry * @param obj the DBobj that can be mapped to ldap attrubute set */ public void add(String name, IDBObj obj) throws EBaseException { try { - LDAPAttributeSet attrs = mDBSystem.getRegistry() - .createLDAPAttributeSet(obj); + LDAPAttributeSet attrs = mDBSystem.getRegistry( + ).createLDAPAttributeSet(obj); LDAPEntry e = new LDAPEntry(name, attrs); - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap add - * * @message DBSSession: begin LDAP add <entry> */ mConn.add(e); } catch (LDAPException e) { - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", name + " " + e.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + name + " " + e.toString())); } } /** - * Reads an object from the database. all attributes will be returned - * + * Reads an object from the database. + * all attributes will be returned + * * @param name the name of the ldap entry */ public IDBObj read(String name) throws EBaseException { @@ -135,52 +137,50 @@ public class DBSSession implements IDBSSession { } /** - * Reads an object from the database, and only populates the selected - * attributes. - * + * Reads an object from the database, and only populates + * the selected attributes. + * * @param name the name of the ldap entry * @param attrs the attributes to be selected */ - public IDBObj read(String name, String attrs[]) throws EBaseException { + public IDBObj read(String name, String attrs[]) + throws EBaseException { try { String ldapattrs[] = null; if (attrs != null) { - ldapattrs = mDBSystem.getRegistry().getLDAPAttributes(attrs); + ldapattrs = mDBSystem.getRegistry( + ).getLDAPAttributes(attrs); } - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap read - * * @message DBSSession: begin LDAP read <entry> */ - LDAPSearchResults res = mConn.search(name, LDAPv2.SCOPE_BASE, - "(objectclass=*)", ldapattrs, false); + LDAPSearchResults res = mConn.search(name, + LDAPv2.SCOPE_BASE, "(objectclass=*)", + ldapattrs, false); LDAPEntry entry = (LDAPEntry) res.nextElement(); - return mDBSystem.getRegistry() - .createObject(entry.getAttributeSet()); + return mDBSystem.getRegistry().createObject( + entry.getAttributeSet()); } catch (LDAPException e) { - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap read - * * @message DBSSession: <exception thrown> */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_INFO, - "DBSSession: " + e.toString()); - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_INFO, "DBSSession: " + e.toString()); + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - if (e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT) + if (e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT) throw new EDBRecordNotFoundException( CMS.getUserMessage("CMS_DBS_RECORD_NOT_FOUND")); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", name + " " + e.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + name + " " + e.toString())); } } @@ -191,50 +191,52 @@ public class DBSSession implements IDBSSession { try { mConn.delete(name); } catch (LDAPException e) { - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", name + " " + e.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + name + " " + e.toString())); } } /** * Modify an object in the database. */ - public void modify(String name, ModificationSet mods) throws EBaseException { + public void modify(String name, ModificationSet mods) + throws EBaseException { try { - LDAPModificationSet ldapMods = new LDAPModificationSet(); + LDAPModificationSet ldapMods = new + LDAPModificationSet(); Enumeration e = mods.getModifications(); while (e.hasMoreElements()) { - Modification mod = (Modification) e.nextElement(); + Modification mod = (Modification) + e.nextElement(); LDAPAttributeSet attrs = new LDAPAttributeSet(); - mDBSystem.getRegistry().mapObject(null, mod.getName(), - mod.getValue(), attrs); + mDBSystem.getRegistry().mapObject(null, + mod.getName(), mod.getValue(), attrs); Enumeration e0 = attrs.getAttributes(); while (e0.hasMoreElements()) { ldapMods.add(toLdapModOp(mod.getOp()), - (LDAPAttribute) e0.nextElement()); + (LDAPAttribute) + e0.nextElement()); } } - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap add - * * @message DBSSession: begin LDAP modify <entry> */ mConn.modify(name, ldapMods); } catch (LDAPException e) { - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", name + " " + e.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + name + " " + e.toString())); } } @@ -250,120 +252,128 @@ public class DBSSession implements IDBSSession { return LDAPModification.REPLACE; } throw new EBaseException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", - Integer.toString(modOp))); + Integer.toString(modOp))); } /** - * Searchs for a list of objects that match the filter. + * Searchs for a list of objects that match the + * filter. */ public IDBSearchResults search(String base, String filter) - throws EBaseException { + throws EBaseException { return search(base, filter, null); } public IDBSearchResults search(String base, String filter, int maxSize) - throws EBaseException { + throws EBaseException { try { String ldapattrs[] = null; - String ldapfilter = mDBSystem.getRegistry().getFilter(filter); + String ldapfilter = + mDBSystem.getRegistry().getFilter(filter); LDAPSearchConstraints cons = new LDAPSearchConstraints(); cons.setMaxResults(maxSize); - LDAPSearchResults res = mConn.search(base, LDAPv2.SCOPE_ONE, - ldapfilter, ldapattrs, false, cons); + LDAPSearchResults res = mConn.search(base, + LDAPv2.SCOPE_ONE, ldapfilter, ldapattrs, false, cons); - return new DBSearchResults(mDBSystem.getRegistry(), res); + return new DBSearchResults(mDBSystem.getRegistry(), + res); } catch (LDAPException e) { - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - // XXX error handling, should not raise exception if - // entry not found - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", e.toString())); + // XXX error handling, should not raise exception if + // entry not found + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + e.toString())); } } - public IDBSearchResults search(String base, String filter, int maxSize, - int timeLimit) throws EBaseException { + public IDBSearchResults search(String base, String filter, int maxSize, int timeLimit) + throws EBaseException { try { String ldapattrs[] = null; - String ldapfilter = mDBSystem.getRegistry().getFilter(filter); + String ldapfilter = + mDBSystem.getRegistry().getFilter(filter); LDAPSearchConstraints cons = new LDAPSearchConstraints(); cons.setMaxResults(maxSize); cons.setServerTimeLimit(timeLimit); - LDAPSearchResults res = mConn.search(base, LDAPv2.SCOPE_ONE, - ldapfilter, ldapattrs, false, cons); + LDAPSearchResults res = mConn.search(base, + LDAPv2.SCOPE_ONE, ldapfilter, ldapattrs, false, cons); - return new DBSearchResults(mDBSystem.getRegistry(), res); + return new DBSearchResults(mDBSystem.getRegistry(), + res); } catch (LDAPException e) { - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - // XXX error handling, should not raise exception if - // entry not found - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", e.toString())); + // XXX error handling, should not raise exception if + // entry not found + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + e.toString())); } } /** - * Retrieves a list of object that satifies the given filter. + * Retrieves a list of object that satifies the given + * filter. */ - public IDBSearchResults search(String base, String filter, String attrs[]) - throws EBaseException { + public IDBSearchResults search(String base, String filter, + String attrs[]) throws EBaseException { try { String ldapattrs[] = null; if (attrs != null) { - ldapattrs = mDBSystem.getRegistry().getLDAPAttributes(attrs); + ldapattrs = mDBSystem.getRegistry( + ).getLDAPAttributes(attrs); } - String ldapfilter = mDBSystem.getRegistry().getFilter(filter); + String ldapfilter = + mDBSystem.getRegistry().getFilter(filter); - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap add - * * @message DBSSession: begin LDAP search <filter> */ LDAPSearchConstraints cons = new LDAPSearchConstraints(); - cons.setMaxResults(0); - - LDAPSearchResults res = mConn.search(base, LDAPv2.SCOPE_ONE, - ldapfilter, ldapattrs, false, cons); + cons.setMaxResults(0); + + LDAPSearchResults res = mConn.search(base, + LDAPv2.SCOPE_ONE, ldapfilter, ldapattrs, false, cons); - return new DBSearchResults(mDBSystem.getRegistry(), res); + return new DBSearchResults(mDBSystem.getRegistry(), + res); } catch (LDAPException e) { - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - // XXX error handling, should not raise exception if - // entry not found - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", e.toString())); + // XXX error handling, should not raise exception if + // entry not found + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + e.toString())); } } - public LDAPSearchResults persistentSearch(String base, String filter, - String attrs[]) throws EBaseException { + public LDAPSearchResults persistentSearch(String base, String filter, String attrs[]) + throws EBaseException { try { String ldapattrs[] = null; if (attrs != null) { - ldapattrs = mDBSystem.getRegistry().getLDAPAttributes(attrs); + ldapattrs = mDBSystem.getRegistry( + ).getLDAPAttributes(attrs); } - String ldapfilter = mDBSystem.getRegistry().getFilter(filter); + String ldapfilter = + mDBSystem.getRegistry().getFilter(filter); - Integer version = (Integer) (mConn - .getOption(LDAPv2.PROTOCOL_VERSION)); + Integer version = (Integer)(mConn.getOption(LDAPv2.PROTOCOL_VERSION)); - // Only version 3 protocol supports persistent search. + // Only version 3 protocol supports persistent search. if (version.intValue() == 2) { mConn.setOption(LDAPv2.PROTOCOL_VERSION, Integer.valueOf(3)); } @@ -373,24 +383,25 @@ public class DBSSession implements IDBSSession { boolean changesOnly = true; boolean returnControls = true; boolean isCritical = true; - LDAPPersistSearchControl persistCtrl = new LDAPPersistSearchControl( - op, changesOnly, returnControls, isCritical); + LDAPPersistSearchControl persistCtrl = new + LDAPPersistSearchControl( op, changesOnly, + returnControls, isCritical ); LDAPSearchConstraints cons = new LDAPSearchConstraints(); cons.setBatchSize(0); - cons.setServerControls(persistCtrl); + cons.setServerControls( persistCtrl ); - LDAPSearchResults res = mConn.search(base, LDAPv2.SCOPE_ONE, - ldapfilter, ldapattrs, false, cons); + LDAPSearchResults res = mConn.search(base, + LDAPv2.SCOPE_ONE, ldapfilter, ldapattrs, false, cons); return res; } catch (LDAPException e) { - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - // XXX error handling, should not raise exception if - // entry not found - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LDAP_OP_FAILURE", e.toString())); + // XXX error handling, should not raise exception if + // entry not found + throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE", + e.toString())); } } @@ -398,59 +409,57 @@ public class DBSSession implements IDBSSession { * Retrieves a list of objects. */ public IDBVirtualList createVirtualList(String base, String filter, - String attrs[]) throws EBaseException { - return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, filter, - attrs); + String attrs[]) throws EBaseException { + return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, + filter, attrs); } /** * Retrieves a list of objects. */ public IDBVirtualList createVirtualList(String base, String filter, - String attrs[], String sortKey[]) throws EBaseException { - return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, filter, - attrs, sortKey); + String attrs[], String sortKey[]) throws EBaseException { + return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, + filter, attrs, sortKey); } /** * Retrieves a list of objects. */ public IDBVirtualList createVirtualList(String base, String filter, - String attrs[], String sortKey) throws EBaseException { - return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, filter, - attrs, sortKey); + String attrs[], String sortKey) throws EBaseException { + return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, + filter, attrs, sortKey); } /** * Retrieves a list of objects. */ public IDBVirtualList createVirtualList(String base, String filter, - String attrs[], String sortKey[], int pageSize) - throws EBaseException { - return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, filter, - attrs, sortKey, pageSize); + String attrs[], String sortKey[], int pageSize) throws EBaseException { + return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, + filter, attrs, sortKey, pageSize); } /** * Retrieves a list of objects. */ public IDBVirtualList createVirtualList(String base, String filter, - String attrs[], String sortKey, int pageSize) throws EBaseException { - return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, filter, - attrs, sortKey, pageSize); + String attrs[], String sortKey, int pageSize) throws EBaseException { + return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, + filter, attrs, sortKey, pageSize); } public IDBVirtualList createVirtualList(String base, String filter, - String attrs[], String startFrom, String sortKey, int pageSize) - throws EBaseException { - return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, filter, - attrs, startFrom, sortKey, pageSize); + String attrs[], String startFrom, String sortKey, int pageSize) throws EBaseException { + return new DBVirtualList(mDBSystem.getRegistry(), mConn, base, + filter, attrs, startFrom, sortKey, pageSize); } /** - * Releases object to this interface. This allows us to use memory more - * efficiently. + * Releases object to this interface. This allows us to + * use memory more efficiently. */ public void release(Object obj) { // not implemented diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java b/pki/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java index e18906ff..123fb847 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DBSUtil.java @@ -17,12 +17,16 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + + + /** - * A class represents ann attribute mapper that maps a Java BigInteger object - * into LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java BigInteger object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class DBSUtil { diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java b/pki/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java index b0a3b2f7..c515b330 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DBSearchResults.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import netscape.ldap.LDAPEntry; @@ -26,13 +27,15 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.dbs.IDBRegistry; import com.netscape.certsrv.dbs.IDBSearchResults; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents the search results. A search results object contain a - * enumeration of Java objects that are just read from the database. - * + * A class represents the search results. A search + * results object contain a enumeration of + * Java objects that are just read from the database. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class DBSearchResults implements IDBSearchResults { @@ -68,29 +71,24 @@ public class DBSearchResults implements IDBSearchResults { entry = (LDAPEntry) o; return mRegistry.createObject(entry.getAttributeSet()); } else { - if (o instanceof LDAPException) + if (o instanceof LDAPException) ; - // doing nothing because the last object in the search - // results is always LDAPException + // doing nothing because the last object in the search + // results is always LDAPException else mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, - ILogger.LL_FAILURE, - "DBSearchResults: result format error class=" - + o.getClass().getName()); + ILogger.LL_FAILURE, "DBSearchResults: result format error class=" + o.getClass().getName()); } } catch (Exception e) { - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap search - * * @reason failed to get next element - * * @message DBSearchResults: <exception thrown> */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - "DBSearchResults: " + e.toString()); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, + ILogger.LL_FAILURE, "DBSearchResults: " + e.toString()); } return null; } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java b/pki/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java index 458fdce4..3208a23d 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DBSubsystem.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Hashtable; @@ -52,15 +53,17 @@ import com.netscape.cmscore.ldapconn.LdapAuthInfo; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.ldapconn.LdapConnInfo; + /** - * A class represents the database subsystem that manages the backend data - * storage. - * - * This subsystem maintains multiple sessions that allows operations to be - * performed, and provide a registry where all the schema information is stored. - * + * A class represents the database subsystem that manages + * the backend data storage. + * + * This subsystem maintains multiple sessions that allows + * operations to be performed, and provide a registry + * where all the schema information is stored. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class DBSubsystem implements IDBSubsystem { @@ -95,38 +98,40 @@ public class DBSubsystem implements IDBSubsystem { private static final String KR_DN = "ou=keyRepository, ou=kra"; private static final String KRA_REQUESTS_DN = "ou=kra, ou=requests"; private static final String REPLICA_DN = "ou=replica"; - private static final String PROP_ENABLE_SERIAL_NUMBER_RECOVERY = "enableSerialNumberRecovery"; + private static final String PROP_ENABLE_SERIAL_NUMBER_RECOVERY = + "enableSerialNumberRecovery"; // This value is only equal to the next Serial number that the CA's // going to issue when cms just start up or it's just set from console. // It doesn't record the next serial number at other time when cms's // runing not to increase overhead when issuing certs. - private static final String PROP_NEXT_SERIAL_NUMBER = "nextSerialNumber"; - private static final String PROP_MIN_SERIAL_NUMBER = "beginSerialNumber"; + private static final String PROP_NEXT_SERIAL_NUMBER = + "nextSerialNumber"; + private static final String PROP_MIN_SERIAL_NUMBER="beginSerialNumber"; private static final String PROP_MAX_SERIAL_NUMBER = "endSerialNumber"; - private static final String PROP_NEXT_MIN_SERIAL_NUMBER = "nextBeginSerialNumber"; - private static final String PROP_NEXT_MAX_SERIAL_NUMBER = "nextEndSerialNumber"; - private static final String PROP_SERIAL_LOW_WATER_MARK = "serialLowWaterMark"; - private static final String PROP_SERIAL_INCREMENT = "serialIncrement"; - private static final String PROP_SERIAL_BASEDN = "serialDN"; - private static final String PROP_SERIAL_RANGE_DN = "serialRangeDN"; - - private static final String PROP_MIN_REQUEST_NUMBER = "beginRequestNumber"; - private static final String PROP_MAX_REQUEST_NUMBER = "endRequestNumber"; - private static final String PROP_NEXT_MIN_REQUEST_NUMBER = "nextBeginRequestNumber"; - private static final String PROP_NEXT_MAX_REQUEST_NUMBER = "nextEndRequestNumber"; - private static final String PROP_REQUEST_LOW_WATER_MARK = "requestLowWaterMark"; - private static final String PROP_REQUEST_INCREMENT = "requestIncrement"; - private static final String PROP_REQUEST_BASEDN = "requestDN"; - private static final String PROP_REQUEST_RANGE_DN = "requestRangeDN"; - - private static final String PROP_MIN_REPLICA_NUMBER = "beginReplicaNumber"; + private static final String PROP_NEXT_MIN_SERIAL_NUMBER="nextBeginSerialNumber"; + private static final String PROP_NEXT_MAX_SERIAL_NUMBER ="nextEndSerialNumber"; + private static final String PROP_SERIAL_LOW_WATER_MARK="serialLowWaterMark"; + private static final String PROP_SERIAL_INCREMENT="serialIncrement"; + private static final String PROP_SERIAL_BASEDN="serialDN"; + private static final String PROP_SERIAL_RANGE_DN="serialRangeDN"; + + private static final String PROP_MIN_REQUEST_NUMBER="beginRequestNumber"; + private static final String PROP_MAX_REQUEST_NUMBER="endRequestNumber"; + private static final String PROP_NEXT_MIN_REQUEST_NUMBER="nextBeginRequestNumber"; + private static final String PROP_NEXT_MAX_REQUEST_NUMBER="nextEndRequestNumber"; + private static final String PROP_REQUEST_LOW_WATER_MARK="requestLowWaterMark"; + private static final String PROP_REQUEST_INCREMENT="requestIncrement"; + private static final String PROP_REQUEST_BASEDN="requestDN"; + private static final String PROP_REQUEST_RANGE_DN="requestRangeDN"; + + private static final String PROP_MIN_REPLICA_NUMBER="beginReplicaNumber"; private static final String PROP_MAX_REPLICA_NUMBER = "endReplicaNumber"; - private static final String PROP_NEXT_MIN_REPLICA_NUMBER = "nextBeginReplicaNumber"; - private static final String PROP_NEXT_MAX_REPLICA_NUMBER = "nextEndReplicaNumber"; - private static final String PROP_REPLICA_LOW_WATER_MARK = "replicaLowWaterMark"; - private static final String PROP_REPLICA_INCREMENT = "replicaIncrement"; - private static final String PROP_REPLICA_BASEDN = "replicaDN"; - private static final String PROP_REPLICA_RANGE_DN = "replicaRangeDN"; + private static final String PROP_NEXT_MIN_REPLICA_NUMBER="nextBeginReplicaNumber"; + private static final String PROP_NEXT_MAX_REPLICA_NUMBER ="nextEndReplicaNumber"; + private static final String PROP_REPLICA_LOW_WATER_MARK="replicaLowWaterMark"; + private static final String PROP_REPLICA_INCREMENT="replicaIncrement"; + private static final String PROP_REPLICA_BASEDN="replicaDN"; + private static final String PROP_REPLICA_RANGE_DN="replicaRangeDN"; private static final String PROP_INFINITE_SERIAL_NUMBER = "1000000000"; private static final String PROP_INFINITE_REQUEST_NUMBER = "1000000000"; @@ -135,27 +140,27 @@ public class DBSubsystem implements IDBSubsystem { private static final String PROP_LDAP = "ldap"; private static final String PROP_NEXT_RANGE = "nextRange"; private static final String PROP_ENABLE_SERIAL_MGMT = "enableSerialManagement"; - + // hash keys - private static final String NAME = "name"; - private static final String PROP_MIN = "min"; - private static final String PROP_MIN_NAME = "min_name"; + private static final String NAME="name"; + private static final String PROP_MIN="min"; + private static final String PROP_MIN_NAME="min_name"; private static final String PROP_MAX = "max"; private static final String PROP_MAX_NAME = "max_name"; - private static final String PROP_NEXT_MIN = "next_min"; - private static final String PROP_NEXT_MIN_NAME = "next_min_name"; + private static final String PROP_NEXT_MIN="next_min"; + private static final String PROP_NEXT_MIN_NAME="next_min_name"; private static final String PROP_NEXT_MAX = "next_max"; private static final String PROP_NEXT_MAX_NAME = "next_max_name"; - private static final String PROP_LOW_WATER_MARK = "lowWaterMark"; - private static final String PROP_LOW_WATER_MARK_NAME = "lowWaterMark_name"; + private static final String PROP_LOW_WATER_MARK="lowWaterMark"; + private static final String PROP_LOW_WATER_MARK_NAME="lowWaterMark_name"; private static final String PROP_INCREMENT = "increment"; private static final String PROP_INCREMENT_NAME = "increment_name"; - private static final String PROP_RANGE_DN = "rangeDN"; + private static final String PROP_RANGE_DN="rangeDN"; private static final BigInteger BI_ONE = new BigInteger("1"); private ILogger mLogger = null; - + // singleton enforcement private static IDBSubsystem mInstance = new DBSubsystem(); @@ -165,10 +170,9 @@ public class DBSubsystem implements IDBSubsystem { } /** - * This method is used for unit tests. It allows the underlying instance to - * be stubbed out. - * - * @param dbSubsystem The stubbed out subsystem to override with. + * This method is used for unit tests. It allows the underlying instance + * to be stubbed out. + * @param dbSubsystem The stubbed out subsystem to override with. */ public static void setInstance(IDBSubsystem dbSubsystem) { mInstance = dbSubsystem; @@ -187,20 +191,19 @@ public class DBSubsystem implements IDBSubsystem { */ public String getId() { return IDBSubsystem.SUB_ID; - } + } /** * Sets subsystem identifier. */ public void setId(String id) throws EBaseException { - throw new EBaseException( - CMS.getUserMessage("CMS_BASE_INVALID_OPERATION")); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_OPERATION")); } public boolean enableSerialNumberRecovery() { try { - return mDBConfig.getBoolean(PROP_ENABLE_SERIAL_NUMBER_RECOVERY, - true); + return mDBConfig.getBoolean( + PROP_ENABLE_SERIAL_NUMBER_RECOVERY, true); } catch (EBaseException e) { // by default return true; @@ -211,13 +214,14 @@ public class DBSubsystem implements IDBSubsystem { return mEnableSerialMgmt; } - public void setEnableSerialMgmt(boolean v) throws EBaseException { + public void setEnableSerialMgmt(boolean v) + throws EBaseException { if (v) { CMS.debug("DBSubsystem: Enabling Serial Number Management"); } else { CMS.debug("DBSubsystem: Disabling Serial Number Management"); } - + mDBConfig.putBoolean(PROP_ENABLE_SERIAL_MGMT, v); IConfigStore rootStore = getOwner().getConfigStore(); rootStore.commit(false); @@ -228,30 +232,30 @@ public class DBSubsystem implements IDBSubsystem { return mNextSerialConfig; } - public void setNextSerialConfig(BigInteger serial) throws EBaseException { - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_DB, - ILogger.LL_INFO, - "DBSubsystem: " + "Setting next serial number: 0x" - + serial.toString(16)); - mDBConfig.putString(PROP_NEXT_SERIAL_NUMBER, serial.toString(16)); + public void setNextSerialConfig(BigInteger serial) + throws EBaseException { + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, + ILogger.LL_INFO, "DBSubsystem: " + + "Setting next serial number: 0x" + serial.toString(16)); + mDBConfig.putString(PROP_NEXT_SERIAL_NUMBER, + serial.toString(16)); } /** * Gets minimum serial number limit in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @return min serial number */ - public String getMinSerialConfig(int repo) { + public String getMinSerialConfig(int repo) + { return (String) (mRepos[repo]).get(PROP_MIN); } /** * Gets maximum serial number limit in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @return max serial number */ public String getMaxSerialConfig(int repo) { @@ -260,38 +264,41 @@ public class DBSubsystem implements IDBSubsystem { /** * Gets minimum serial number limit in next range in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @return min serial number in next range */ - public String getNextMinSerialConfig(int repo) { + public String getNextMinSerialConfig(int repo) + { String ret = (String) (mRepos[repo]).get(PROP_NEXT_MIN); if (ret.equals("-1")) { return null; - } else { + } + else { return ret; } } /** * Gets maximum serial number limit in next range in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @return max serial number in next range */ public String getNextMaxSerialConfig(int repo) { String ret = (String) (mRepos[repo]).get(PROP_NEXT_MAX); if (ret.equals("-1")) { return null; - } else { + } + else { return ret; } } /** * Gets low water mark limit in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @return low water mark */ public String getLowWaterMarkConfig(int repo) { @@ -300,28 +307,28 @@ public class DBSubsystem implements IDBSubsystem { /** * Gets range increment for next range in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @return range increment */ - public String getIncrementConfig(int repo) { + public String getIncrementConfig(int repo) + { return (String) (mRepos[repo]).get(PROP_INCREMENT); } /** * Sets maximum serial number limit in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @param serial max serial number - * @exception EBaseException failed to set + * @exception EBaseException failed to set */ - public void setMaxSerialConfig(int repo, String serial) - throws EBaseException { + public void setMaxSerialConfig(int repo, String serial) + throws EBaseException { Hashtable h = mRepos[repo]; - CMS.debug("DBSubsystem: Setting max serial number for " + h.get(NAME) - + ": " + serial); + CMS.debug("DBSubsystem: Setting max serial number for " + h.get(NAME) + ": " + serial); - // persist to file + //persist to file mDBConfig.putString((String) h.get(PROP_MAX_NAME), serial); IConfigStore rootStore = getOwner().getConfigStore(); rootStore.commit(false); @@ -332,18 +339,17 @@ public class DBSubsystem implements IDBSubsystem { /** * Sets minimum serial number limit in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @param serial min serial number - * @exception EBaseException failed to set + * @exception EBaseException failed to set */ - public void setMinSerialConfig(int repo, String serial) - throws EBaseException { + public void setMinSerialConfig(int repo, String serial) + throws EBaseException { Hashtable h = mRepos[repo]; - CMS.debug("DBSubsystem: Setting min serial number for " + h.get(NAME) - + ": " + serial); + CMS.debug("DBSubsystem: Setting min serial number for " + h.get(NAME) + ": " + serial); - // persist to file + //persist to file mDBConfig.putString((String) h.get(PROP_MIN_NAME), serial); IConfigStore rootStore = getOwner().getConfigStore(); rootStore.commit(false); @@ -354,21 +360,19 @@ public class DBSubsystem implements IDBSubsystem { /** * Sets maximum serial number limit for next range in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @param serial max serial number for next range - * @exception EBaseException failed to set + * @exception EBaseException failed to set */ - public void setNextMaxSerialConfig(int repo, String serial) - throws EBaseException { + public void setNextMaxSerialConfig(int repo, String serial) + throws EBaseException { Hashtable h = mRepos[repo]; if (serial == null) { - CMS.debug("DBSubsystem: Removing next max " + h.get(NAME) - + " number"); + CMS.debug("DBSubsystem: Removing next max " + h.get(NAME) + " number"); mDBConfig.remove((String) h.get(PROP_NEXT_MAX_NAME)); } else { - CMS.debug("DBSubsystem: Setting next max " + h.get(NAME) - + " number: " + serial); + CMS.debug("DBSubsystem: Setting next max " + h.get(NAME) + " number: " + serial); mDBConfig.putString((String) h.get(PROP_NEXT_MAX_NAME), serial); } IConfigStore rootStore = getOwner().getConfigStore(); @@ -383,39 +387,37 @@ public class DBSubsystem implements IDBSubsystem { /** * Sets minimum serial number limit for next range in config file - * - * @param repo repo identifier + * + * @param repo repo identifier * @param serial min serial number for next range - * @exception EBaseException failed to set + * @exception EBaseException failed to set */ public void setNextMinSerialConfig(int repo, String serial) - throws EBaseException { + throws EBaseException { Hashtable h = mRepos[repo]; if (serial == null) { - CMS.debug("DBSubsystem: Removing next min " + h.get(NAME) - + " number"); + CMS.debug("DBSubsystem: Removing next min " + h.get(NAME) + " number"); mDBConfig.remove((String) h.get(PROP_NEXT_MIN_NAME)); } else { - CMS.debug("DBSubsystem: Setting next min " + h.get(NAME) - + " number: " + serial); + CMS.debug("DBSubsystem: Setting next min " + h.get(NAME) + " number: " + serial); mDBConfig.putString((String) h.get(PROP_NEXT_MIN_NAME), serial); } IConfigStore rootStore = getOwner().getConfigStore(); rootStore.commit(false); if (serial == null) { - Object o2 = h.remove(PROP_NEXT_MIN); + Object o2 = h.remove(PROP_NEXT_MIN); } else { - h.put(PROP_NEXT_MIN, serial); + h.put(PROP_NEXT_MIN, serial); } mRepos[repo] = h; } /** - * Gets start of next range from database. Increments the nextRange - * attribute and allocates this range to the current instance by creating a - * pkiRange object. - * - * @param repo repo identifier + * Gets start of next range from database. + * Increments the nextRange attribute and allocates + * this range to the current instance by creating a pkiRange object. + * + * @param repo repo identifier * @return start of next range */ public String getNextRange(int repo) { @@ -428,48 +430,44 @@ public class DBSubsystem implements IDBSubsystem { String rangeDN = (String) h.get(PROP_RANGE_DN) + "," + mBaseDN; LDAPEntry entry = conn.read(dn); - LDAPAttribute attr = entry.getAttribute(PROP_NEXT_RANGE); + LDAPAttribute attr = entry.getAttribute(PROP_NEXT_RANGE); nextRange = (String) attr.getStringValues().nextElement(); BigInteger nextRangeNo = new BigInteger(nextRange); - BigInteger incrementNo = new BigInteger( - (String) h.get(PROP_INCREMENT)); - // To make sure attrNextRange always increments, first delete the - // current value and then - // increment. Two operations in the same transaction - LDAPAttribute attrNextRange = new LDAPAttribute(PROP_NEXT_RANGE, - nextRangeNo.add(incrementNo).toString()); - LDAPModification[] mods = { - new LDAPModification(LDAPModification.DELETE, attr), - new LDAPModification(LDAPModification.ADD, attrNextRange) }; - conn.modify(dn, mods); + BigInteger incrementNo = new BigInteger((String) h.get(PROP_INCREMENT)); + // To make sure attrNextRange always increments, first delete the current value and then + // increment. Two operations in the same transaction + LDAPAttribute attrNextRange = new LDAPAttribute(PROP_NEXT_RANGE, nextRangeNo.add(incrementNo).toString()); + LDAPModification [] mods = { + new LDAPModification( LDAPModification.DELETE, attr), + new LDAPModification( LDAPModification.ADD, attrNextRange ) }; + conn.modify( dn, mods ); // Add new range object - String endRange = nextRangeNo.add(incrementNo).subtract(BI_ONE) - .toString(); + String endRange = nextRangeNo.add(incrementNo).subtract(BI_ONE).toString(); LDAPAttributeSet attrs = new LDAPAttributeSet(); attrs.add(new LDAPAttribute("objectClass", "top")); attrs.add(new LDAPAttribute("objectClass", "pkiRange")); - attrs.add(new LDAPAttribute("beginRange", nextRange)); - attrs.add(new LDAPAttribute("endRange", endRange)); + attrs.add(new LDAPAttribute("beginRange" , nextRange)); + attrs.add(new LDAPAttribute("endRange" , endRange)); attrs.add(new LDAPAttribute("cn", nextRange)); - attrs.add(new LDAPAttribute("host", CMS.getEESSLHost())); + attrs.add(new LDAPAttribute("host", CMS.getEESSLHost())); attrs.add(new LDAPAttribute("securePort", CMS.getEESSLPort())); String dn2 = "cn=" + nextRange + "," + rangeDN; LDAPEntry rangeEntry = new LDAPEntry(dn2, attrs); conn.add(rangeEntry); } catch (Exception e) { - CMS.debug("DBSubsystem: getNextRange. Unable to provide next range :" - + e); + CMS.debug("DBSubsystem: getNextRange. Unable to provide next range :" + e); e.printStackTrace(); nextRange = null; } finally { try { - if ((conn != null) && (mLdapConnFactory != null)) { + if ((conn != null) && (mLdapConnFactory!= null)) { CMS.debug("Releasing ldap connection"); mLdapConnFactory.returnConn(conn); } - } catch (Exception e) { + } + catch (Exception e) { CMS.debug("Error releasing the ldap connection" + e.toString()); } } @@ -477,32 +475,31 @@ public class DBSubsystem implements IDBSubsystem { } /** - * Determines if a range conflict has been observed in database. If so, - * delete the conflict entry and remove the next range. When the next number - * is requested, if the number of certs is still below the low water mark, - * then a new range will be requested. + * Determines if a range conflict has been observed in database. + * If so, delete the conflict entry and remove the next range. + * When the next number is requested, if the number of certs is still + * below the low water mark, then a new range will be requested. * - * @param repo repo identifier + * @param repo repo identifier * @return true if range conflict, false otherwise */ - public boolean hasRangeConflict(int repo) { + public boolean hasRangeConflict(int repo) + { LDAPConnection conn = null; boolean conflict = false; try { String nextRangeStart = getNextMinSerialConfig(repo); - if (nextRangeStart == null) { + if (nextRangeStart == null) { return false; } Hashtable h = mRepos[repo]; conn = mLdapConnFactory.getConn(); String rangedn = (String) h.get(PROP_RANGE_DN) + "," + mBaseDN; - String filter = "(&(nsds5ReplConflict=*)(objectClass=pkiRange)(host= " - + CMS.getEESSLHost() - + ")(SecurePort=" - + CMS.getEESSLPort() - + ")(beginRange=" + nextRangeStart + "))"; + String filter = "(&(nsds5ReplConflict=*)(objectClass=pkiRange)(host= " + + CMS.getEESSLHost() + ")(SecurePort=" + CMS.getEESSLPort() + + ")(beginRange=" + nextRangeStart + "))"; LDAPSearchResults results = conn.search(rangedn, LDAPv3.SCOPE_SUB, - filter, null, false); + filter, null, false); while (results.hasMoreElements()) { conflict = true; @@ -512,16 +509,16 @@ public class DBSubsystem implements IDBSubsystem { conn.delete(dn); } } catch (Exception e) { - CMS.debug("DBSubsystem: hasRangeConflict. Error while checking next range." - + e); + CMS.debug("DBSubsystem: hasRangeConflict. Error while checking next range." + e); e.printStackTrace(); } finally { try { - if ((conn != null) && (mLdapConnFactory != null)) { + if ((conn != null) && (mLdapConnFactory!= null)) { CMS.debug("Releasing ldap connection"); mLdapConnFactory.returnConn(conn); } - } catch (Exception e) { + } + catch (Exception e) { CMS.debug("Error releasing the ldap connection" + e.toString()); } } @@ -533,12 +530,14 @@ public class DBSubsystem implements IDBSubsystem { } /** - * Initializes the internal registery. Connects to the data source, and - * create a pool of connection of which applications can use. Optionally, - * check the integrity of the database. + * Initializes the internal registery. Connects to the + * data source, and create a pool of connection of which + * applications can use. Optionally, check the integrity + * of the database. */ - public void init(ISubsystem owner, IConfigStore config) - throws EBaseException { + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { + mLogger = CMS.getLogger(); mDBConfig = config; @@ -547,119 +546,112 @@ public class DBSubsystem implements IDBSubsystem { mConfig = config.getSubStore(PROP_LDAP); IConfigStore tmpConfig = null; try { - mBaseDN = mConfig.getString(PROP_BASEDN, - "o=NetscapeCertificateServer"); + mBaseDN = mConfig.getString(PROP_BASEDN, "o=NetscapeCertificateServer"); - mOwner = owner; + mOwner = owner; mNextSerialConfig = new BigInteger(mDBConfig.getString( - PROP_NEXT_SERIAL_NUMBER, "0"), 16); + PROP_NEXT_SERIAL_NUMBER, "0"), 16); - mEnableSerialMgmt = mDBConfig.getBoolean(PROP_ENABLE_SERIAL_MGMT, - false); + mEnableSerialMgmt = mDBConfig.getBoolean(PROP_ENABLE_SERIAL_MGMT, false); // populate the certs hash entry Hashtable certs = new Hashtable(); certs.put(NAME, "certs"); - certs.put(PROP_BASEDN, mDBConfig.getString(PROP_SERIAL_BASEDN, "")); - certs.put(PROP_RANGE_DN, - mDBConfig.getString(PROP_SERIAL_RANGE_DN, "")); + certs.put(PROP_BASEDN, mDBConfig.getString(PROP_SERIAL_BASEDN,"")); + certs.put(PROP_RANGE_DN, mDBConfig.getString(PROP_SERIAL_RANGE_DN, "")); certs.put(PROP_MIN_NAME, PROP_MIN_SERIAL_NUMBER); - certs.put(PROP_MIN, - mDBConfig.getString(PROP_MIN_SERIAL_NUMBER, "0")); + certs.put(PROP_MIN, mDBConfig.getString( + PROP_MIN_SERIAL_NUMBER, "0")); certs.put(PROP_MAX_NAME, PROP_MAX_SERIAL_NUMBER); - certs.put(PROP_MAX, mDBConfig.getString(PROP_MAX_SERIAL_NUMBER, - PROP_INFINITE_SERIAL_NUMBER)); + certs.put(PROP_MAX, mDBConfig.getString( + PROP_MAX_SERIAL_NUMBER, PROP_INFINITE_SERIAL_NUMBER)); certs.put(PROP_NEXT_MIN_NAME, PROP_NEXT_MIN_SERIAL_NUMBER); - certs.put(PROP_NEXT_MIN, - mDBConfig.getString(PROP_NEXT_MIN_SERIAL_NUMBER, "-1")); + certs.put(PROP_NEXT_MIN, mDBConfig.getString( + PROP_NEXT_MIN_SERIAL_NUMBER, "-1")); certs.put(PROP_NEXT_MAX_NAME, PROP_NEXT_MAX_SERIAL_NUMBER); - certs.put(PROP_NEXT_MAX, - mDBConfig.getString(PROP_NEXT_MAX_SERIAL_NUMBER, "-1")); + certs.put(PROP_NEXT_MAX, mDBConfig.getString( + PROP_NEXT_MAX_SERIAL_NUMBER, "-1")); certs.put(PROP_LOW_WATER_MARK_NAME, PROP_SERIAL_LOW_WATER_MARK); - certs.put(PROP_LOW_WATER_MARK, - mDBConfig.getString(PROP_SERIAL_LOW_WATER_MARK, "5000")); + certs.put(PROP_LOW_WATER_MARK, mDBConfig.getString( + PROP_SERIAL_LOW_WATER_MARK, "5000")); certs.put(PROP_INCREMENT_NAME, PROP_SERIAL_INCREMENT); certs.put(PROP_INCREMENT, mDBConfig.getString( - PROP_SERIAL_INCREMENT, PROP_INFINITE_SERIAL_NUMBER)); + PROP_SERIAL_INCREMENT, PROP_INFINITE_SERIAL_NUMBER)); - mRepos[CERTS] = certs; + mRepos[CERTS]=certs; // populate the requests hash entry Hashtable requests = new Hashtable(); requests.put(NAME, "requests"); - requests.put(PROP_BASEDN, - mDBConfig.getString(PROP_REQUEST_BASEDN, "")); - requests.put(PROP_RANGE_DN, - mDBConfig.getString(PROP_REQUEST_RANGE_DN, "")); + requests.put(PROP_BASEDN, mDBConfig.getString(PROP_REQUEST_BASEDN,"")); + requests.put(PROP_RANGE_DN, mDBConfig.getString(PROP_REQUEST_RANGE_DN, "")); requests.put(PROP_MIN_NAME, PROP_MIN_REQUEST_NUMBER); - requests.put(PROP_MIN, - mDBConfig.getString(PROP_MIN_REQUEST_NUMBER, "0")); + requests.put(PROP_MIN, mDBConfig.getString( + PROP_MIN_REQUEST_NUMBER, "0")); requests.put(PROP_MAX_NAME, PROP_MAX_REQUEST_NUMBER); - requests.put(PROP_MAX, mDBConfig.getString(PROP_MAX_REQUEST_NUMBER, - PROP_INFINITE_REQUEST_NUMBER)); + requests.put(PROP_MAX, mDBConfig.getString( + PROP_MAX_REQUEST_NUMBER, PROP_INFINITE_REQUEST_NUMBER)); requests.put(PROP_NEXT_MIN_NAME, PROP_NEXT_MIN_REQUEST_NUMBER); - requests.put(PROP_NEXT_MIN, - mDBConfig.getString(PROP_NEXT_MIN_REQUEST_NUMBER, "-1")); + requests.put(PROP_NEXT_MIN, mDBConfig.getString( + PROP_NEXT_MIN_REQUEST_NUMBER, "-1")); requests.put(PROP_NEXT_MAX_NAME, PROP_NEXT_MAX_REQUEST_NUMBER); - requests.put(PROP_NEXT_MAX, - mDBConfig.getString(PROP_NEXT_MAX_REQUEST_NUMBER, "-1")); + requests.put(PROP_NEXT_MAX, mDBConfig.getString( + PROP_NEXT_MAX_REQUEST_NUMBER, "-1")); requests.put(PROP_LOW_WATER_MARK_NAME, PROP_REQUEST_LOW_WATER_MARK); - requests.put(PROP_LOW_WATER_MARK, - mDBConfig.getString(PROP_REQUEST_LOW_WATER_MARK, "5000")); + requests.put(PROP_LOW_WATER_MARK, mDBConfig.getString( + PROP_REQUEST_LOW_WATER_MARK, "5000")); requests.put(PROP_INCREMENT_NAME, PROP_REQUEST_INCREMENT); requests.put(PROP_INCREMENT, mDBConfig.getString( - PROP_REQUEST_INCREMENT, PROP_INFINITE_REQUEST_NUMBER)); + PROP_REQUEST_INCREMENT, PROP_INFINITE_REQUEST_NUMBER)); mRepos[REQUESTS] = requests; // populate replica ID hash entry Hashtable replicaID = new Hashtable(); replicaID.put(NAME, "requests"); - replicaID.put(PROP_BASEDN, - mDBConfig.getString(PROP_REPLICA_BASEDN, "")); - replicaID.put(PROP_RANGE_DN, - mDBConfig.getString(PROP_REPLICA_RANGE_DN, "")); + replicaID.put(PROP_BASEDN, mDBConfig.getString(PROP_REPLICA_BASEDN,"")); + replicaID.put(PROP_RANGE_DN, mDBConfig.getString(PROP_REPLICA_RANGE_DN, "")); replicaID.put(PROP_MIN_NAME, PROP_MIN_REPLICA_NUMBER); - replicaID.put(PROP_MIN, - mDBConfig.getString(PROP_MIN_REPLICA_NUMBER, "1")); + replicaID.put(PROP_MIN, mDBConfig.getString( + PROP_MIN_REPLICA_NUMBER, "1")); replicaID.put(PROP_MAX_NAME, PROP_MAX_REPLICA_NUMBER); replicaID.put(PROP_MAX, mDBConfig.getString( - PROP_MAX_REPLICA_NUMBER, PROP_INFINITE_REPLICA_NUMBER)); + PROP_MAX_REPLICA_NUMBER, PROP_INFINITE_REPLICA_NUMBER)); replicaID.put(PROP_NEXT_MIN_NAME, PROP_NEXT_MIN_REPLICA_NUMBER); - replicaID.put(PROP_NEXT_MIN, - mDBConfig.getString(PROP_NEXT_MIN_REPLICA_NUMBER, "-1")); + replicaID.put(PROP_NEXT_MIN, mDBConfig.getString( + PROP_NEXT_MIN_REPLICA_NUMBER, "-1")); replicaID.put(PROP_NEXT_MAX_NAME, PROP_NEXT_MAX_REPLICA_NUMBER); - replicaID.put(PROP_NEXT_MAX, - mDBConfig.getString(PROP_NEXT_MAX_REPLICA_NUMBER, "-1")); + replicaID.put(PROP_NEXT_MAX, mDBConfig.getString( + PROP_NEXT_MAX_REPLICA_NUMBER, "-1")); - replicaID - .put(PROP_LOW_WATER_MARK_NAME, PROP_REPLICA_LOW_WATER_MARK); - replicaID.put(PROP_LOW_WATER_MARK, - mDBConfig.getString(PROP_REPLICA_LOW_WATER_MARK, "10")); + replicaID.put(PROP_LOW_WATER_MARK_NAME, PROP_REPLICA_LOW_WATER_MARK); + replicaID.put(PROP_LOW_WATER_MARK, mDBConfig.getString( + PROP_REPLICA_LOW_WATER_MARK, "10")); replicaID.put(PROP_INCREMENT_NAME, PROP_REPLICA_INCREMENT); replicaID.put(PROP_INCREMENT, mDBConfig.getString( - PROP_REPLICA_INCREMENT, PROP_INFINITE_REPLICA_NUMBER)); + PROP_REPLICA_INCREMENT, PROP_INFINITE_REPLICA_NUMBER)); mRepos[REPLICA_ID] = replicaID; + // initialize registry mRegistry = new DBRegistry(); mRegistry.init(this, null); @@ -686,8 +678,7 @@ public class DBSubsystem implements IDBSubsystem { } catch (ELdapException ex) { if (CMS.isPreOpMode()) return; - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_INTERNAL_DIR_ERROR", ex.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_ERROR", ex.toString())); } catch (EBaseException e) { if (CMS.isPreOpMode()) return; @@ -697,7 +688,7 @@ public class DBSubsystem implements IDBSubsystem { try { // registers CMS database attributes IDBRegistry reg = getRegistry(); - + String certRecordOC[] = new String[2]; certRecordOC[0] = CertDBSchema.LDAP_OC_TOP; @@ -705,61 +696,61 @@ public class DBSubsystem implements IDBSubsystem { if (!reg.isObjectClassRegistered(CertRecord.class.getName())) { reg.registerObjectClass(CertRecord.class.getName(), - certRecordOC); + certRecordOC); } if (!reg.isAttributeRegistered(CertRecord.ATTR_ID)) { - reg.registerAttribute(CertRecord.ATTR_ID, new BigIntegerMapper( - CertDBSchema.LDAP_ATTR_SERIALNO)); + reg.registerAttribute(CertRecord.ATTR_ID, new + BigIntegerMapper(CertDBSchema.LDAP_ATTR_SERIALNO)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_META_INFO)) { - reg.registerAttribute(CertRecord.ATTR_META_INFO, - new MetaInfoMapper(CertDBSchema.LDAP_ATTR_META_INFO)); + reg.registerAttribute(CertRecord.ATTR_META_INFO, new + MetaInfoMapper(CertDBSchema.LDAP_ATTR_META_INFO)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_REVO_INFO)) { - reg.registerAttribute(CertRecord.ATTR_REVO_INFO, - new RevocationInfoMapper()); + reg.registerAttribute(CertRecord.ATTR_REVO_INFO, new + RevocationInfoMapper()); } if (!reg.isAttributeRegistered(CertRecord.ATTR_X509CERT)) { - reg.registerAttribute(CertRecord.ATTR_X509CERT, - new X509CertImplMapper()); + reg.registerAttribute(CertRecord.ATTR_X509CERT, new + X509CertImplMapper()); } if (!reg.isAttributeRegistered(CertRecord.ATTR_CERT_STATUS)) { - reg.registerAttribute(CertRecord.ATTR_CERT_STATUS, - new StringMapper(CertDBSchema.LDAP_ATTR_CERT_STATUS)); + reg.registerAttribute(CertRecord.ATTR_CERT_STATUS, new + StringMapper(CertDBSchema.LDAP_ATTR_CERT_STATUS)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_AUTO_RENEW)) { - reg.registerAttribute(CertRecord.ATTR_AUTO_RENEW, - new StringMapper(CertDBSchema.LDAP_ATTR_AUTO_RENEW)); + reg.registerAttribute(CertRecord.ATTR_AUTO_RENEW, new + StringMapper(CertDBSchema.LDAP_ATTR_AUTO_RENEW)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_CREATE_TIME)) { - reg.registerAttribute(CertRecord.ATTR_CREATE_TIME, - new DateMapper(CertDBSchema.LDAP_ATTR_CREATE_TIME)); + reg.registerAttribute(CertRecord.ATTR_CREATE_TIME, new + DateMapper(CertDBSchema.LDAP_ATTR_CREATE_TIME)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_MODIFY_TIME)) { - reg.registerAttribute(CertRecord.ATTR_MODIFY_TIME, - new DateMapper(CertDBSchema.LDAP_ATTR_MODIFY_TIME)); + reg.registerAttribute(CertRecord.ATTR_MODIFY_TIME, new + DateMapper(CertDBSchema.LDAP_ATTR_MODIFY_TIME)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_ISSUED_BY)) { - reg.registerAttribute(CertRecord.ATTR_ISSUED_BY, - new StringMapper(CertDBSchema.LDAP_ATTR_ISSUED_BY)); + reg.registerAttribute(CertRecord.ATTR_ISSUED_BY, new + StringMapper(CertDBSchema.LDAP_ATTR_ISSUED_BY)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_REVOKED_BY)) { - reg.registerAttribute(CertRecord.ATTR_REVOKED_BY, - new StringMapper(CertDBSchema.LDAP_ATTR_REVOKED_BY)); + reg.registerAttribute(CertRecord.ATTR_REVOKED_BY, new + StringMapper(CertDBSchema.LDAP_ATTR_REVOKED_BY)); } if (!reg.isAttributeRegistered(CertRecord.ATTR_REVOKED_ON)) { - reg.registerAttribute(CertRecord.ATTR_REVOKED_ON, - new DateMapper(CertDBSchema.LDAP_ATTR_REVOKED_ON)); + reg.registerAttribute(CertRecord.ATTR_REVOKED_ON, new + DateMapper(CertDBSchema.LDAP_ATTR_REVOKED_ON)); } if (!reg.isAttributeRegistered(CertificateValidity.NOT_AFTER)) { - reg.registerAttribute(CertificateValidity.NOT_AFTER, - new DateMapper(CertDBSchema.LDAP_ATTR_NOT_AFTER)); + reg.registerAttribute(CertificateValidity.NOT_AFTER, new + DateMapper(CertDBSchema.LDAP_ATTR_NOT_AFTER)); } if (!reg.isAttributeRegistered(CertificateValidity.NOT_BEFORE)) { - reg.registerAttribute(CertificateValidity.NOT_BEFORE, - new DateMapper(CertDBSchema.LDAP_ATTR_NOT_BEFORE)); + reg.registerAttribute(CertificateValidity.NOT_BEFORE, new + DateMapper(CertDBSchema.LDAP_ATTR_NOT_BEFORE)); } String crlRecordOC[] = new String[2]; @@ -767,55 +758,54 @@ public class DBSubsystem implements IDBSubsystem { crlRecordOC[0] = CRLDBSchema.LDAP_OC_TOP; crlRecordOC[1] = CRLDBSchema.LDAP_OC_CRL_RECORD; reg.registerObjectClass(CRLIssuingPointRecord.class.getName(), - crlRecordOC); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_ID, - new StringMapper(CRLDBSchema.LDAP_ATTR_CRL_ID)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, - new BigIntegerMapper(CRLDBSchema.LDAP_ATTR_CRL_NUMBER)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_DELTA_NUMBER, - new BigIntegerMapper(CRLDBSchema.LDAP_ATTR_DELTA_NUMBER)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_SIZE, - new LongMapper(CRLDBSchema.LDAP_ATTR_CRL_SIZE)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_DELTA_SIZE, - new LongMapper(CRLDBSchema.LDAP_ATTR_DELTA_SIZE)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, - new DateMapper(CRLDBSchema.LDAP_ATTR_THIS_UPDATE)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, - new DateMapper(CRLDBSchema.LDAP_ATTR_NEXT_UPDATE)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_FIRST_UNSAVED, - new StringMapper(CRLDBSchema.LDAP_ATTR_FIRST_UNSAVED)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL, - new ByteArrayMapper(CRLDBSchema.LDAP_ATTR_CRL)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_DELTA_CRL, - new ByteArrayMapper(CRLDBSchema.LDAP_ATTR_DELTA_CRL)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CA_CERT, - new ByteArrayMapper(CRLDBSchema.LDAP_ATTR_CA_CERT)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_CACHE, - new ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_CRL_CACHE)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_REVOKED_CERTS, - new ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_REVOKED_CERTS)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_UNREVOKED_CERTS, - new ObjectStreamMapper( - CRLDBSchema.LDAP_ATTR_UNREVOKED_CERTS)); - reg.registerAttribute(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, - new ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_EXPIRED_CERTS)); - - if (!reg.isObjectClassRegistered(RepositoryRecord.class.getName())) { + crlRecordOC); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_ID, new + StringMapper(CRLDBSchema.LDAP_ATTR_CRL_ID)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_NUMBER, new + BigIntegerMapper(CRLDBSchema.LDAP_ATTR_CRL_NUMBER)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_DELTA_NUMBER, new + BigIntegerMapper(CRLDBSchema.LDAP_ATTR_DELTA_NUMBER)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_SIZE, new + LongMapper(CRLDBSchema.LDAP_ATTR_CRL_SIZE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_DELTA_SIZE, new + LongMapper(CRLDBSchema.LDAP_ATTR_DELTA_SIZE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_THIS_UPDATE, new + DateMapper(CRLDBSchema.LDAP_ATTR_THIS_UPDATE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_NEXT_UPDATE, new + DateMapper(CRLDBSchema.LDAP_ATTR_NEXT_UPDATE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_FIRST_UNSAVED, new + StringMapper(CRLDBSchema.LDAP_ATTR_FIRST_UNSAVED)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL, new + ByteArrayMapper(CRLDBSchema.LDAP_ATTR_CRL)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_DELTA_CRL, new + ByteArrayMapper(CRLDBSchema.LDAP_ATTR_DELTA_CRL)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CA_CERT, new + ByteArrayMapper(CRLDBSchema.LDAP_ATTR_CA_CERT)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_CRL_CACHE, new + ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_CRL_CACHE)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_REVOKED_CERTS, new + ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_REVOKED_CERTS)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_UNREVOKED_CERTS, new + ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_UNREVOKED_CERTS)); + reg.registerAttribute(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, new + ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_EXPIRED_CERTS)); + + if (!reg.isObjectClassRegistered( + RepositoryRecord.class.getName())) { String repRecordOC[] = new String[2]; repRecordOC[0] = RepositorySchema.LDAP_OC_TOP; repRecordOC[1] = RepositorySchema.LDAP_OC_REPOSITORY; - reg.registerObjectClass(RepositoryRecord.class.getName(), - repRecordOC); + reg.registerObjectClass( + RepositoryRecord.class.getName(), repRecordOC); } if (!reg.isAttributeRegistered(IRepositoryRecord.ATTR_SERIALNO)) { reg.registerAttribute(IRepositoryRecord.ATTR_SERIALNO, - new BigIntegerMapper( - RepositorySchema.LDAP_ATTR_SERIALNO)); + new BigIntegerMapper(RepositorySchema.LDAP_ATTR_SERIALNO)); } if (!reg.isAttributeRegistered(IRepositoryRecord.ATTR_PUB_STATUS)) { reg.registerAttribute(IRepositoryRecord.ATTR_PUB_STATUS, - new StringMapper(RepositorySchema.LDAP_ATTR_PUB_STATUS)); + new StringMapper(RepositorySchema.LDAP_ATTR_PUB_STATUS)); } } catch (EBaseException e) { @@ -830,7 +820,7 @@ public class DBSubsystem implements IDBSubsystem { */ public void startup() throws EBaseException { } - + /** * Retrieves configuration store. */ @@ -871,19 +861,16 @@ public class DBSubsystem implements IDBSubsystem { } } catch (ELdapException e) { - /* - * LogDoc - * + /*LogDoc + * * @phase shutdown server - * * @reason shutdown db subsystem - * * @message DBSubsystem: <exception thrown> */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, + ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); } - if (mRegistry != null) + if (mRegistry != null) mRegistry.shutdown(); } @@ -910,29 +897,24 @@ public class DBSubsystem implements IDBSubsystem { // create new attribute: userType dirSchema.fetchSchema(conn); - LDAPAttributeSchema userType = dirSchema - .getAttribute("usertype"); + LDAPAttributeSchema userType = dirSchema.getAttribute("usertype"); if (userType == null) { - userType = new LDAPAttributeSchema( - "usertype", - "usertype-oid", - "Distinguish whether the user is administrator, agent or subsystem.", - LDAPAttributeSchema.cis, false); + userType = new LDAPAttributeSchema("usertype", "usertype-oid", + "Distinguish whether the user is administrator, agent or subsystem.", + LDAPAttributeSchema.cis, false); userType.add(conn); } - + // create new objectclass: cmsuser dirSchema.fetchSchema(conn); - LDAPObjectClassSchema newObjClass = dirSchema - .getObjectClass("cmsuser"); - String[] requiredAttrs = { "usertype" }; + LDAPObjectClassSchema newObjClass = dirSchema.getObjectClass("cmsuser"); + String[] requiredAttrs = {"usertype"}; String[] optionalAttrs = new String[0]; if (newObjClass == null) { - newObjClass = new LDAPObjectClassSchema("cmsuser", - "cmsuser-oid", "top", "CMS User", requiredAttrs, - optionalAttrs); + newObjClass = new LDAPObjectClassSchema("cmsuser", "cmsuser-oid", + "top", "CMS User", requiredAttrs, optionalAttrs); newObjClass.add(conn); } mDBConfig.putString("newSchemaEntryAdded", "true"); @@ -946,29 +928,25 @@ public class DBSubsystem implements IDBSubsystem { CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); } - /* - * LogDoc - * + /*LogDoc + * * @phase create db session */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_CONN_ERROR", e.toString())); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_CONNECT_LDAP_FAILED", e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_CONN_ERROR", e.toString())); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_CONNECT_LDAP_FAILED", e.toString())); } catch (LDAPException e) { if (e.getLDAPResultCode() != 20) { - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_DB, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_SCHEMA_ERROR", - e.toString())); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_ADD_ENTRY_FAILED", e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_SCHEMA_ERROR", e.toString())); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_ADD_ENTRY_FAILED", e.toString())); } } catch (EBaseException e) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_CONF_ERROR", e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_CONF_ERROR", + e.toString())); } return new DBSSession(this, conn); } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DBVirtualList.java b/pki/base/common/src/com/netscape/cmscore/dbs/DBVirtualList.java index 11ee353e..e5fc8c7b 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DBVirtualList.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DBVirtualList.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Arrays; import java.util.Vector; @@ -37,11 +38,12 @@ import com.netscape.certsrv.dbs.IDBVirtualList; import com.netscape.certsrv.dbs.IElementProcessor; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents a virtual list of search results. Note that this class - * must be used with DS4.0. - * - * @author thomask + * A class represents a virtual list of search results. + * Note that this class must be used with DS4.0. + * + * @author thomask * @author mzhao * @version $Revision$, $Date$ */ @@ -69,63 +71,64 @@ public class DBVirtualList implements IDBVirtualList { // the index of the first entry returned private int mSelectedIndex = 0; private int mJumpToIndex = 0; - private int mJumpToInitialIndex = 0; // Initial index hit in jumpto - // operation - private int mJumpToDirection = 1; // Do we proceed forward or backwards - private String mJumpTo = null; // Determines if this is the jumpto case + private int mJumpToInitialIndex = 0; // Initial index hit in jumpto operation + private int mJumpToDirection = 1; // Do we proceed forward or backwards + private String mJumpTo = null; // Determines if this is the jumpto case private ILogger mLogger = CMS.getLogger(); /** - * Constructs a virtual list. Be sure to setPageSize() later if your - * pageSize is not the default 10 Be sure to setSortKey() before fetchs - * - * param registry the registry of attribute mappers param c the ldap - * connection. It has to be version 3 and upper param base the base - * distinguished name to search from param filter search filter specifying - * the search criteria param attrs list of attributes that you want returned - * in the search results + * Constructs a virtual list. + * Be sure to setPageSize() later if your pageSize is not the default 10 + * Be sure to setSortKey() before fetchs + * + * param registry the registry of attribute mappers + * param c the ldap connection. It has to be version 3 and upper + * param base the base distinguished name to search from + * param filter search filter specifying the search criteria + * param attrs list of attributes that you want returned in the search results */ - public DBVirtualList(IDBRegistry registry, LDAPConnection c, String base, - String filter, String attrs[]) throws EBaseException { + public DBVirtualList(IDBRegistry registry, LDAPConnection c, + String base, String filter, String attrs[]) throws EBaseException { mRegistry = registry; mFilter = filter; mBase = base; mAttrs = attrs; - CMS.debug("In DBVirtualList filter attrs filter: " + filter - + " attrs: " + Arrays.toString(attrs)); + CMS.debug( "In DBVirtualList filter attrs filter: " + filter + + " attrs: " + Arrays.toString( attrs ) ); mPageControls = new LDAPControl[2]; try { mConn = (LDAPConnection) c.clone(); } catch (Exception e) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", - e.toString())); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", + e.toString())); } } /** - * Constructs a virtual list. Be sure to setPageSize() later if your - * pageSize is not the default 10 - * - * param registry the registry of attribute mappers param c the ldap - * connection. It has to be version 3 and upper param base the base - * distinguished name to search from param filter search filter specifying - * the search criteria param attrs list of attributes that you want returned - * in the search results param sortKey the attributes to sort by + * Constructs a virtual list. + * Be sure to setPageSize() later if your pageSize is not the default 10 + * + * param registry the registry of attribute mappers + * param c the ldap connection. It has to be version 3 and upper + * param base the base distinguished name to search from + * param filter search filter specifying the search criteria + * param attrs list of attributes that you want returned in the search results + * param sortKey the attributes to sort by */ - public DBVirtualList(IDBRegistry registry, LDAPConnection c, String base, - String filter, String attrs[], String sortKey[]) - throws EBaseException { + public DBVirtualList(IDBRegistry registry, LDAPConnection c, + String base, String filter, String attrs[], String sortKey[]) + throws EBaseException { - CMS.debug("In DBVirtualList filter attrs sotrKey[] filter: " + filter - + " attrs: " + Arrays.toString(attrs)); + CMS.debug( "In DBVirtualList filter attrs sotrKey[] filter: " + filter + + " attrs: " + Arrays.toString( attrs ) ); mRegistry = registry; mFilter = filter; try { mConn = (LDAPConnection) c.clone(); } catch (Exception e) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", - e.toString())); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", + e.toString())); } mBase = base; mAttrs = attrs; @@ -134,28 +137,28 @@ public class DBVirtualList implements IDBVirtualList { } /** - * Constructs a virtual list. Be sure to setPageSize() later if your - * pageSize is not the default 10 - * - * param registry the registry of attribute mappers param c the ldap - * connection. It has to be version 3 and upper param base the base - * distinguished name to search from param filter search filter specifying - * the search criteria param attrs list of attributes that you want returned - * in the search results param sortKey the attribute to sort by + * Constructs a virtual list. + * Be sure to setPageSize() later if your pageSize is not the default 10 + * + * param registry the registry of attribute mappers + * param c the ldap connection. It has to be version 3 and upper + * param base the base distinguished name to search from + * param filter search filter specifying the search criteria + * param attrs list of attributes that you want returned in the search results + * param sortKey the attribute to sort by */ - public DBVirtualList(IDBRegistry registry, LDAPConnection c, String base, - String filter, String attrs[], String sortKey) - throws EBaseException { + public DBVirtualList(IDBRegistry registry, LDAPConnection c, + String base, String filter, String attrs[], String sortKey) + throws EBaseException { - CMS.debug("In DBVirtualList filter attrs sortKey filter: " + filter - + " attrs: " + Arrays.toString(attrs)); + CMS.debug( "In DBVirtualList filter attrs sortKey filter: " + filter + " attrs: " + Arrays.toString( attrs ) ); mRegistry = registry; mFilter = filter; try { mConn = (LDAPConnection) c.clone(); } catch (Exception e) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", - e.toString())); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", + e.toString())); } mBase = base; mAttrs = attrs; @@ -165,29 +168,30 @@ public class DBVirtualList implements IDBVirtualList { /** * Constructs a virtual list. - * - * param registry the registry of attribute mappers param c the ldap - * connection. It has to be version 3 and upper param base the base - * distinguished name to search from param filter search filter specifying - * the search criteria param attrs list of attributes that you want returned - * in the search results param sortKey the attributes to sort by param - * pageSize the size of a page. There is a 3*pageSize buffer maintained so - * pageUp and pageDown won't invoke fetch from ldap server + * + * param registry the registry of attribute mappers + * param c the ldap connection. It has to be version 3 and upper + * param base the base distinguished name to search from + * param filter search filter specifying the search criteria + * param attrs list of attributes that you want returned in the search results + * param sortKey the attributes to sort by + * param pageSize the size of a page. There is a 3*pageSize buffer maintained so + * pageUp and pageDown won't invoke fetch from ldap server */ - public DBVirtualList(IDBRegistry registry, LDAPConnection c, String base, - String filter, String attrs[], String sortKey[], int pageSize) - throws EBaseException { + public DBVirtualList(IDBRegistry registry, LDAPConnection c, + String base, String filter, String attrs[], String sortKey[], + int pageSize) throws EBaseException { - CMS.debug("In DBVirtualList filter attrs sortKey[] pageSize filter: " - + filter + " attrs: " + Arrays.toString(attrs) + " pageSize " - + pageSize); + CMS.debug( "In DBVirtualList filter attrs sortKey[] pageSize filter: " + + filter + " attrs: " + Arrays.toString( attrs ) + + " pageSize " + pageSize ); mRegistry = registry; mFilter = filter; try { mConn = (LDAPConnection) c.clone(); } catch (Exception e) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", - e.toString())); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", + e.toString())); } mBase = base; mAttrs = attrs; @@ -198,29 +202,30 @@ public class DBVirtualList implements IDBVirtualList { /** * Constructs a virtual list. - * - * param registry the registry of attribute mappers param c the ldap - * connection. It has to be version 3 and upper param base the base - * distinguished name to search from param filter search filter specifying - * the search criteria param attrs list of attributes that you want returned - * in the search results param sortKey the attribute to sort by param - * pageSize the size of a page. There is a 3*pageSize buffer maintained so - * pageUp and pageDown won't invoke fetch from ldap server + * + * param registry the registry of attribute mappers + * param c the ldap connection. It has to be version 3 and upper + * param base the base distinguished name to search from + * param filter search filter specifying the search criteria + * param attrs list of attributes that you want returned in the search results + * param sortKey the attribute to sort by + * param pageSize the size of a page. There is a 3*pageSize buffer maintained so + * pageUp and pageDown won't invoke fetch from ldap server */ - public DBVirtualList(IDBRegistry registry, LDAPConnection c, String base, - String filter, String attrs[], String sortKey, int pageSize) - throws EBaseException { + public DBVirtualList(IDBRegistry registry, LDAPConnection c, + String base, String filter, String attrs[], String sortKey, + int pageSize) throws EBaseException { - CMS.debug("In DBVirtualList filter attrs sortKey pageSize filter: " - + filter + " attrs: " + Arrays.toString(attrs) + " pageSize " - + pageSize); + CMS.debug( "In DBVirtualList filter attrs sortKey pageSize filter: " + + filter + " attrs: " + Arrays.toString( attrs ) + + " pageSize " + pageSize ); mRegistry = registry; mFilter = filter; try { mConn = (LDAPConnection) c.clone(); } catch (Exception e) { throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", - e.toString())); + e.toString())); } mBase = base; mAttrs = attrs; @@ -229,20 +234,22 @@ public class DBVirtualList implements IDBVirtualList { setPageSize(pageSize); } - public DBVirtualList(IDBRegistry registry, LDAPConnection c, String base, - String filter, String attrs[], String startFrom, String sortKey, - int pageSize) throws EBaseException { + public DBVirtualList(IDBRegistry registry, LDAPConnection c, + String base, String filter, String attrs[], + String startFrom, String sortKey, + int pageSize) throws EBaseException { - CMS.debug("In DBVirtualList filter attrs startFrom sortKey pageSize " - + "filter: " + filter + " attrs: " + Arrays.toString(attrs) - + " pageSize " + pageSize + " startFrom " + startFrom); + CMS.debug( "In DBVirtualList filter attrs startFrom sortKey pageSize " + + "filter: " + filter + + " attrs: " + Arrays.toString( attrs ) + + " pageSize " + pageSize + " startFrom " + startFrom ); mRegistry = registry; mFilter = filter; try { mConn = (LDAPConnection) c.clone(); } catch (Exception e) { - throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", - e.toString())); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_CONN_FAILED", + e.toString())); } mBase = base; mAttrs = attrs; @@ -253,7 +260,7 @@ public class DBVirtualList implements IDBVirtualList { if (pageSize < 0) { mJumpToDirection = -1; - } + } mPageSize = pageSize; mBeforeCount = 0; @@ -261,10 +268,11 @@ public class DBVirtualList implements IDBVirtualList { } /** - * Set the paging size of this virtual list. The page size here is just a - * buffer size. A buffer is kept around that is three times as large as the - * number of visible entries. That way, you can scroll up/down several - * items(up to a page-full) without refetching entries from the directory. + * Set the paging size of this virtual list. + * The page size here is just a buffer size. A buffer is kept around + * that is three times as large as the number of visible entries. + * That way, you can scroll up/down several items(up to a page-full) + * without refetching entries from the directory. * * @param size the page size */ @@ -275,16 +283,15 @@ public class DBVirtualList implements IDBVirtualList { } mPageSize = size; - mBeforeCount = 0; // mPageSize; + mBeforeCount = 0; //mPageSize; mAfterCount = mPageSize; // mPageSize + mPageSize; - // CMS.debug("In setPageSize " + size + " mBeforeCount " + mBeforeCount - // + " mAfterCount " + mAfterCount); + //CMS.debug("In setPageSize " + size + " mBeforeCount " + mBeforeCount + " mAfterCount " + mAfterCount); } /** * set the sort key - * + * * @param sortKey the attribute to sort by */ public void setSortKey(String sortKey) throws EBaseException { @@ -296,7 +303,7 @@ public class DBVirtualList implements IDBVirtualList { /** * set the sort key - * + * * @param sortKey the attributes to sort by */ public void setSortKey(String[] sortKeys) throws EBaseException { @@ -312,30 +319,28 @@ public class DBVirtualList implements IDBVirtualList { } } catch (Exception e) { - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap search - * * @reason Failed at setSortKey. - * * @message DBVirtualList: <exception thrown> */ mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + CMS.getLogMessage("OPERATION_ERROR", e.toString())); } // Paged results also require a sort control if (mKeys != null) { - mPageControls[0] = new LDAPSortControl(mKeys, true); - } else { + mPageControls[0] = + new LDAPSortControl(mKeys, true); + }else { throw new EBaseException("sort keys cannot be null"); } } /** - * Retrieves the size of this virtual list. Recommend to call getSize() - * before getElementAt() or getElements() since you'd better check if the - * index is out of bound first. + * Retrieves the size of this virtual list. + * Recommend to call getSize() before getElementAt() or getElements() + * since you'd better check if the index is out of bound first. */ public int getSize() { if (!mInitialized) { @@ -343,31 +348,31 @@ public class DBVirtualList implements IDBVirtualList { // Do an initial search to get the virtual list size // Keep one page before and one page after the start if (mJumpTo == null) { - mBeforeCount = 0; // mPageSize; - mAfterCount = mPageSize; // mPageSize + mPageSize; + mBeforeCount = 0; //mPageSize; + mAfterCount = mPageSize; // mPageSize + mPageSize; } // Create the initial paged results control - /* - * Since this one is only used to get the size of the virtual list; - * we don't care about the starting index. If there is no partial - * match, the first one before (or after, if none before) is - * returned as the index entry. Instead of "A", you could use the - * other constructor and specify 0 both for startIndex and for - * contentCount. - */ + /* Since this one is only used to get the size of the virtual list; + we don't care about the starting index. If there is no partial + match, the first one before (or after, if none before) is returned + as the index entry. Instead of "A", you could use the other + constructor and specify 0 both for startIndex and for + contentCount. */ LDAPVirtualListControl cont = null; if (mJumpTo == null) { - cont = new LDAPVirtualListControl("A", mBeforeCount, - mAfterCount); + cont = new LDAPVirtualListControl("A", + mBeforeCount, + mAfterCount); } else { if (mPageSize < 0) { mBeforeCount = mPageSize * -1; - mAfterCount = 0; + mAfterCount = 0; } - cont = new LDAPVirtualListControl(mJumpTo, mBeforeCount, - mAfterCount); + cont = new LDAPVirtualListControl(mJumpTo, + mBeforeCount, + mAfterCount); } mPageControls[1] = cont; getJumpToPage(); @@ -377,21 +382,21 @@ public class DBVirtualList implements IDBVirtualList { return mSize; } - public int getSizeBeforeJumpTo() { + public int getSizeBeforeJumpTo() { if (!mInitialized || mJumpTo == null) return 0; int size = 0; - - if (mJumpToDirection < 0) { + + if (mJumpToDirection < 0) { size = mTop + mEntries.size(); } else { size = mTop; } - return size; + return size; } @@ -405,7 +410,7 @@ public class DBVirtualList implements IDBVirtualList { return size; } - + private synchronized boolean getEntries() { // Specify necessary controls for vlist // LDAPSearchConstraints cons = mConn.getSearchConstraints(); @@ -414,13 +419,13 @@ public class DBVirtualList implements IDBVirtualList { cons.setMaxResults(0); if (mPageControls != null) { cons.setServerControls(mPageControls); - // System.out.println( "setting vlist control" ); + //System.out.println( "setting vlist control" ); } // Empty the buffer mEntries.removeAllElements(); // Do a search try { - // what happen if there is no matching? + //what happen if there is no matching? String ldapFilter = mRegistry.getFilter(mFilter); String ldapAttrs[] = null; LDAPSearchResults result; @@ -429,17 +434,21 @@ public class DBVirtualList implements IDBVirtualList { ldapAttrs = mRegistry.getLDAPAttributes(mAttrs); /* - * LDAPv2.SCOPE_BASE: (search only the base DN) - * LDAPv2.SCOPE_ONE: (search only entries under the base DN) - * LDAPv2.SCOPE_SUB: (search the base DN and all entries within - * its subtree) + LDAPv2.SCOPE_BASE: + (search only the base DN) + LDAPv2.SCOPE_ONE: + (search only entries under the base DN) + LDAPv2.SCOPE_SUB: + (search the base DN and all entries within its subtree) */ - result = mConn.search(mBase, LDAPConnection.SCOPE_ONE, - ldapFilter, ldapAttrs, false, cons); + result = mConn.search(mBase, + LDAPConnection.SCOPE_ONE, ldapFilter, ldapAttrs, + false, cons); } else { - result = mConn.search(mBase, LDAPConnection.SCOPE_ONE, - ldapFilter, null, false, cons); + result = mConn.search(mBase, + LDAPConnection.SCOPE_ONE, ldapFilter, null, + false, cons); } if (result == null) { return false; @@ -450,7 +459,7 @@ public class DBVirtualList implements IDBVirtualList { LDAPEntry entry = (LDAPEntry) result.nextElement(); try { - // maintain mEntries as vector of LDAPEntry + //maintain mEntries as vector of LDAPEntry Object o = mRegistry.createObject(entry.getAttributeSet()); mEntries.addElement(o); @@ -458,50 +467,38 @@ public class DBVirtualList implements IDBVirtualList { CMS.debug("Exception " + e); - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap search - * * @reason Failed to get enties. - * * @message DBVirtualList: <exception thrown> */ - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_DB, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_VL_ADD", - e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_VL_ADD", e.toString())); // #539044 damageCounter++; if (damageCounter > 100) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, - ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_DBS_VL_CORRUPTED_ENTRIES", - Integer.toString(damageCounter))); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_VL_CORRUPTED_ENTRIES", Integer.toString(damageCounter))); return false; } } } } catch (Exception e) { - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap search - * * @reason Failed to get enties. - * * @message DBVirtualList: <exception thrown> */ CMS.debug("getEntries: exception " + e); mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + CMS.getLogMessage("OPERATION_ERROR", e.toString())); } - // System.out.println( "Returning " + mEntries.size() + - // " entries" ); + //System.out.println( "Returning " + mEntries.size() + + // " entries" ); CMS.debug("getEntries returning " + mEntries.size()); return true; @@ -517,10 +514,10 @@ public class DBVirtualList implements IDBVirtualList { if (!getEntries()) return false; - // Check if we have a control returned + // Check if we have a control returned LDAPControl[] c = mConn.getResponseControls(); - LDAPVirtualListResponse nextCont = LDAPVirtualListResponse - .parseResponse(c); + LDAPVirtualListResponse nextCont = + LDAPVirtualListResponse.parseResponse(c); if (nextCont != null) { mSelectedIndex = nextCont.getFirstPosition() - 1; @@ -535,13 +532,11 @@ public class DBVirtualList implements IDBVirtualList { mSize = nextCont.getContentCount(); ((LDAPVirtualListControl) mPageControls[1]).setListSize(mSize); mInitialized = true; - // System.out.println( "Virtual window: " + mTop + - // ".." + (mTop+mEntries.size()-1) + - // " of " + mSize ); - } else { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_VL_NULL_RESPONSE")); + //System.out.println( "Virtual window: " + mTop + + // ".." + (mTop+mEntries.size()-1) + + // " of " + mSize ); + } else { + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_DBS_VL_NULL_RESPONSE")); } return true; } catch (Exception e) { @@ -550,163 +545,150 @@ public class DBVirtualList implements IDBVirtualList { } } - /** - * Get a page starting at "first" (although we may also fetch some preceding - * entries) Recommend to call getSize() before getElementAt() or - * getElements() since you'd better check if the index is out of bound - * first. - * + /** Get a page starting at "first" (although we may also fetch + * some preceding entries) + * Recommend to call getSize() before getElementAt() or getElements() + * since you'd better check if the index is out of bound first. + * * @param first the index of the first entry of the page you want to fetch */ - public boolean getPage(int first) { + public boolean getPage(int first) { CMS.debug("getPage " + first); if (!mInitialized) { LDAPVirtualListControl cont = new LDAPVirtualListControl(0, - mBeforeCount, mAfterCount, 0); + mBeforeCount, + mAfterCount, 0); mPageControls[1] = cont; } - // CMS.debug("about to set range first " + first + " mBeforeCount " + - // mBeforeCount + " mAfterCount " + mAfterCount); - ((LDAPVirtualListControl) mPageControls[1]).setRange(first, - mBeforeCount, mAfterCount); + //CMS.debug("about to set range first " + first + " mBeforeCount " + mBeforeCount + " mAfterCount " + mAfterCount); + ((LDAPVirtualListControl) mPageControls[1]).setRange(first, mBeforeCount, mAfterCount); return getPage(); } - /** - * Fetch a buffer + /** Fetch a buffer */ - private boolean getPage() { + private boolean getPage() { // Get the actual entries if (!getEntries()) return false; - // Check if we have a control returned + // Check if we have a control returned LDAPControl[] c = mConn.getResponseControls(); - LDAPVirtualListResponse nextCont = LDAPVirtualListResponse - .parseResponse(c); + LDAPVirtualListResponse nextCont = + LDAPVirtualListResponse.parseResponse(c); if (nextCont != null) { mSelectedIndex = nextCont.getFirstPosition() - 1; mTop = Math.max(0, mSelectedIndex - mBeforeCount); - // CMS.debug("New mTop: " + mTop + " mSelectedIndex " + - // mSelectedIndex); + //CMS.debug("New mTop: " + mTop + " mSelectedIndex " + mSelectedIndex); // Now we know the total size of the virtual list box mSize = nextCont.getContentCount(); ((LDAPVirtualListControl) mPageControls[1]).setListSize(mSize); mInitialized = true; - // System.out.println( "Virtual window: " + mTop + - // ".." + (mTop+mEntries.size()-1) + - // " of " + mSize ); + //System.out.println( "Virtual window: " + mTop + + // ".." + (mTop+mEntries.size()-1) + + // " of " + mSize ); } else { - /* - * LogDoc - * + /*LogDoc + * * @phase local ldap search */ mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_VL_NULL_RESPONSE")); + CMS.getLogMessage("CMSCORE_DBS_VL_NULL_RESPONSE")); } return true; } - /** - * Called by application to scroll the list with initial letters. Consider - * text to be an initial substring of the attribute of the primary sorting - * key(the first one specified in the sort key array) of an entry. If no - * entries match, the one just before(or after, if none before) will be - * returned as mSelectedIndex - * + /** Called by application to scroll the list with initial letters. + * Consider text to be an initial substring of the attribute of the + * primary sorting key(the first one specified in the sort key array) + * of an entry. + * If no entries match, the one just before(or after, if none before) + * will be returned as mSelectedIndex + * * @param text the prefix of the first entry of the page you want to fetch */ public boolean getPage(String text) { - mPageControls[1] = new LDAPVirtualListControl(text, mBeforeCount, - mAfterCount); - // System.out.println( "Setting requested start to " + - // text + ", -" + mBeforeCount + ", +" + - // mAfterCount ); + mPageControls[1] = + new LDAPVirtualListControl(text, + mBeforeCount, + mAfterCount); + //System.out.println( "Setting requested start to " + + // text + ", -" + mBeforeCount + ", +" + + // mAfterCount ); return getPage(); } - /** - * fetch data of a single list item Recommend to call getSize() before - * getElementAt() or getElements() since you'd better check if the index is - * out of bound first. If the index is out of range of the virtual list, an - * exception will be thrown and return null - * + /** + * fetch data of a single list item + * Recommend to call getSize() before getElementAt() or getElements() + * since you'd better check if the index is out of bound first. + * If the index is out of range of the virtual list, an exception will be thrown + * and return null + * * @param index the index of the element to fetch */ public Object getElementAt(int index) { - /* - * mSize may not be init at this time! Bad ! the caller should really - * check the index is within bound before this but I'll take care of - * this just in case they are too irresponsible + /* mSize may not be init at this time! Bad ! + * the caller should really check the index is within bound before this + * but I'll take care of this just in case they are too irresponsible */ int baseJumpTo = 0; if (!mInitialized) mSize = getSize(); - CMS.debug("getElementAt: " + index + " mTop " + mTop); - - // System.out.println( "need entry " + index ); + CMS.debug("getElementAt: " + index + " mTop " + mTop); + + //System.out.println( "need entry " + index ); if ((index < 0) || (index >= mSize)) { CMS.debug("returning null"); return null; } - if (mJumpTo != null) { // Handle the explicit jumpto case + if (mJumpTo != null) { //Handle the explicit jumpto case if (index == 0) - mJumpToIndex = 0; // Keep a running jumpto index for this page - // of data + mJumpToIndex = 0; // Keep a running jumpto index for this page of data else mJumpToIndex++; - - // CMS.debug("getElementAtJT: " + index + " mTop " + mTop + - // " mEntries.size() " + mEntries.size()); - - if ((mJumpToDirection > 0) - && (mJumpToInitialIndex + index >= mSize)) // out of data in - // forward paging - // jumpto case + + //CMS.debug("getElementAtJT: " + index + " mTop " + mTop + " mEntries.size() " + mEntries.size()); + + if ((mJumpToDirection > 0) && (mJumpToInitialIndex + index >= mSize)) // out of data in forward paging jumpto case { - CMS.debug("mJumpTo virtual list exhausted mTop " + mTop - + " mSize " + mSize); + CMS.debug("mJumpTo virtual list exhausted mTop " + mTop + " mSize " + mSize); return null; } - - if (mJumpToIndex >= mEntries.size()) // In jumpto case, page of data - // has been exhausted + + if (mJumpToIndex >= mEntries.size()) // In jumpto case, page of data has been exhausted { - mJumpToIndex = 0; // new page will be needed reset running count + mJumpToIndex = 0; // new page will be needed reset running count - if (mJumpToDirection > 0) { // proceed in positive direction - // past hit point - getPage(index + mJumpToInitialIndex + 1); - } else { // proceed backwards from hit point + if (mJumpToDirection > 0) { //proceed in positive direction past hit point + getPage(index + mJumpToInitialIndex + 1); + } else { //proceed backwards from hit point if (mTop == 0) { getPage(0); CMS.debug("asking for a page less than zero in reverse case, return null"); return null; } - CMS.debug("getting page reverse mJumptoIndex " - + mJumpToIndex + " mTop " + mTop); + CMS.debug("getting page reverse mJumptoIndex " + mJumpToIndex + " mTop " + mTop); getPage(mTop); - + } } - if (mJumpToDirection > 0) // handle getting entry in forward - // direction + if (mJumpToDirection > 0) // handle getting entry in forward direction { return mEntries.elementAt(mJumpToIndex); - } else { // handle getting entry in reverse direction + } else { // handle getting entry in reverse direction int reverse_index = mEntries.size() - mJumpToIndex - 1; CMS.debug("reverse direction getting index " + reverse_index); @@ -719,23 +701,20 @@ public class DBVirtualList implements IDBVirtualList { } } - // CMS.debug("getElementAt noJumpto: " + index); + //CMS.debug("getElementAt noJumpto: " + index); - if ((index < mTop) || (index >= mTop + mEntries.size())) { // handle the - // non jumpto - // case - // fetch a new page - // System.out.println( "fetching a page starting at " + - // index ); - // CMS.debug("getElementAt noJumpto: getting page index: " + index + - // " mEntries.size() " + mEntries.size() + " mTop: " + mTop); + if ((index < mTop) || (index >= mTop + mEntries.size())) { // handle the non jumpto case + //fetch a new page + //System.out.println( "fetching a page starting at " + + // index ); + // CMS.debug("getElementAt noJumpto: getting page index: " + index + " mEntries.size() " + mEntries.size() + " mTop: " + mTop); getPage(index); } int offset = index - mTop; if ((offset < 0) || (offset >= mEntries.size())) - // XXX + //XXX return ("No entry at " + index); else return mEntries.elementAt(offset); @@ -746,21 +725,20 @@ public class DBVirtualList implements IDBVirtualList { } /** - * This function processes elements as soon as it arrives. It is more - * memory-efficient. + * This function processes elements as soon as it arrives. It is + * more memory-efficient. */ public void processElements(int startidx, int endidx, IElementProcessor ep) - throws EBaseException { + throws EBaseException { - /* - * mSize may not be init at this time! Bad ! the caller should really - * check the index is within bound before this but I'll take care of - * this just in case they are too irresponsible + /* mSize may not be init at this time! Bad ! + * the caller should really check the index is within bound before this + * but I'll take care of this just in case they are too irresponsible */ if (!mInitialized) mSize = getSize(); - // short-cut the existing code ... :( + // short-cut the existing code ... :( if (mJumpTo != null) { for (int i = startidx; i <= endidx; i++) { Object element = getJumpToElementAt(i); @@ -771,10 +749,10 @@ public class DBVirtualList implements IDBVirtualList { return; } - // guess this is what you really mean to try to improve performance + //guess this is what you really mean to try to improve performance if (startidx >= endidx) { throw new EBaseException("startidx must be less than endidx"); - } else { + }else { setPageSize(endidx - startidx); getPage(startidx); } @@ -787,14 +765,14 @@ public class DBVirtualList implements IDBVirtualList { } } - /** + /** * get the virutal selected index */ public int getSelectedIndex() { return mSelectedIndex; } - /** + /** * get the top of the buffer */ public int getFirstIndex() { diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java index 9c90fe27..b8df1240 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DateArrayMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Date; import java.util.Enumeration; import java.util.Vector; @@ -28,12 +29,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java Date array object - * into LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java Date array object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class DateArrayMapper implements IDBAttrMapper { @@ -58,8 +61,9 @@ public class DateArrayMapper implements IDBAttrMapper { /** * Maps object to a set of attributes. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { Date dates[] = (Date[]) obj; if (dates == null) @@ -73,10 +77,11 @@ public class DateArrayMapper implements IDBAttrMapper { } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) @@ -85,7 +90,8 @@ public class DateArrayMapper implements IDBAttrMapper { Vector v = new Vector(); while (e.hasMoreElements()) { - v.addElement(DateMapper.dateFromDB((String) e.nextElement())); + v.addElement(DateMapper.dateFromDB((String) + e.nextElement())); } if (v.size() == 0) return; @@ -98,8 +104,8 @@ public class DateArrayMapper implements IDBAttrMapper { /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/DateMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/DateMapper.java index 97847ee1..d547a445 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/DateMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/DateMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Date; @@ -30,10 +31,12 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java Date object into - * LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java Date object into LDAP attribute, + * and vice versa. + * * @author thomask * @version $Revision$, $Date$ */ @@ -41,8 +44,8 @@ public class DateMapper implements IDBAttrMapper { private String mLdapName = null; private Vector v = new Vector(); - private static SimpleDateFormat formatter = new SimpleDateFormat( - "yyyyMMddHHmmss'Z'"); + private static SimpleDateFormat formatter = new + SimpleDateFormat("yyyyMMddHHmmss'Z'"); /** * Constructs date mapper. @@ -62,29 +65,32 @@ public class DateMapper implements IDBAttrMapper { /** * Maps object to ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { - attrs.add(new LDAPAttribute(mLdapName, dateToDB((Date) obj))); + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { + attrs.add(new LDAPAttribute(mLdapName, + dateToDB((Date) obj))); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) return; - parent.set(name, dateFromDB((String) attr.getStringValues() - .nextElement())); + parent.set(name, dateFromDB((String) + attr.getStringValues().nextElement())); } /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { String val = null; try { diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java index 6763e8b2..c5601a9b 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/IntegerMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Vector; @@ -27,12 +28,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java Integer object into - * LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java Integer object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class IntegerMapper implements IDBAttrMapper { @@ -57,29 +60,32 @@ public class IntegerMapper implements IDBAttrMapper { /** * Maps object to ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { - attrs.add(new LDAPAttribute(mLdapName, ((Integer) obj).toString())); + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { + attrs.add(new LDAPAttribute(mLdapName, + ((Integer) obj).toString())); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) return; - parent.set(name, new Integer((String) attr.getStringValues() - .nextElement())); + parent.set(name, new Integer((String) + attr.getStringValues().nextElement())); } /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java b/pki/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java index 627b0fdc..ff776424 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/KeyDBSchema.java @@ -17,10 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + + + /** - * A class represents a collection of key record specific schema information. + * A class represents a collection of key record + * specific schema information. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -39,7 +43,9 @@ public class KeyDBSchema { public static final String LDAP_ATTR_KEY_SIZE = "keySize"; public static final String LDAP_ATTR_ALGORITHM = "algorithm"; public static final String LDAP_ATTR_STATE = "keyState"; - public static final String LDAP_ATTR_DATE_OF_RECOVERY = "dateOfRecovery"; - public static final String LDAP_ATTR_PUBLIC_KEY_FORMAT = "publicKeyFormat"; + public static final String LDAP_ATTR_DATE_OF_RECOVERY = + "dateOfRecovery"; + public static final String LDAP_ATTR_PUBLIC_KEY_FORMAT = + "publicKeyFormat"; public static final String LDAP_ATTR_ARCHIVED_BY = "archivedBy"; } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java index b8684a5a..2c1265f7 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecord.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Date; import java.util.Enumeration; @@ -28,12 +29,14 @@ import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.dbs.keydb.IKeyRecord; import com.netscape.certsrv.dbs.keydb.KeyState; + /** - * A class represents a Key record. It maintains the key life cycle as well as - * other information about an archived key. Namely, whether a key is inactive - * because of compromise. + * A class represents a Key record. It maintains the key + * life cycle as well as other information about an + * archived key. Namely, whether a key is inactive because + * of compromise. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -79,13 +82,14 @@ public class KeyRecord implements IDBObj, IKeyRecord { } /* - * Constructs key record. + * Constructs key record. * * @param key key to be archived */ - public KeyRecord(BigInteger serialNo, byte publicData[], - byte privateData[], String owner, String algorithm, String agentId) - throws EBaseException { + public KeyRecord(BigInteger serialNo, byte publicData[], + byte privateData[], String owner, + String algorithm, String agentId) + throws EBaseException { mSerialNo = serialNo; mPublicKey = publicData; mPrivateKey = privateData; @@ -127,9 +131,7 @@ public class KeyRecord implements IDBObj, IKeyRecord { } else if (name.equalsIgnoreCase(ATTR_ARCHIVED_BY)) { mArchivedBy = (String) object; } else { - throw new EBaseException( - com.netscape.certsrv.apps.CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(com.netscape.certsrv.apps.CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -163,9 +165,7 @@ public class KeyRecord implements IDBObj, IKeyRecord { } else if (name.equalsIgnoreCase(ATTR_ARCHIVED_BY)) { return mArchivedBy; } else { - throw new EBaseException( - com.netscape.certsrv.apps.CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(com.netscape.certsrv.apps.CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -174,8 +174,7 @@ public class KeyRecord implements IDBObj, IKeyRecord { * <P> */ public void delete(String name) throws EBaseException { - throw new EBaseException(com.netscape.certsrv.apps.CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(com.netscape.certsrv.apps.CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } /** @@ -194,10 +193,10 @@ public class KeyRecord implements IDBObj, IKeyRecord { } /** - * Retrieves serial number of the key record. Each key record is uniquely - * identified by serial number. + * Retrieves serial number of the key record. Each key record + * is uniquely identified by serial number. * <P> - * + * * @return serial number of this key record */ public BigInteger getSerialNumber() throws EBaseException { @@ -212,9 +211,10 @@ public class KeyRecord implements IDBObj, IKeyRecord { } /** - * Retrieves the key state. This gives key life cycle information. + * Retrieves the key state. This gives key life cycle + * information. * <P> - * + * * @return key state */ public KeyState getState() throws EBaseException { @@ -239,7 +239,7 @@ public class KeyRecord implements IDBObj, IKeyRecord { /** * Retrieves key. * <P> - * + * * @return archived key */ public byte[] getPrivateKeyData() throws EBaseException { @@ -256,7 +256,7 @@ public class KeyRecord implements IDBObj, IKeyRecord { /** * Retrieves the key size. * <P> - * + * * @return key size */ public Integer getKeySize() throws EBaseException { @@ -280,7 +280,7 @@ public class KeyRecord implements IDBObj, IKeyRecord { } /** - * Sets owner name. + * Sets owner name. * <P> */ public void setOwnerName(String name) throws EBaseException { @@ -338,7 +338,8 @@ public class KeyRecord implements IDBObj, IKeyRecord { } /** - * Retrieves the last modification time of this record. + * Retrieves the last modification time of + * this record. */ public Date getModifyTime() { return mModifyTime; diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java index dd0c88a9..f4882ffc 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordList.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Vector; @@ -25,10 +26,11 @@ import com.netscape.certsrv.dbs.IDBVirtualList; import com.netscape.certsrv.dbs.keydb.IKeyRecord; import com.netscape.certsrv.dbs.keydb.IKeyRecordList; + /** * A class represents a list of key records. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -44,13 +46,13 @@ public class KeyRecordList implements IKeyRecordList { } /** - * Retrieves the size of key list. + * Retrieves the size of key list. */ public int getSize() { return mVlist.getSize(); } - public int getSizeBeforeJumpTo() { + public int getSizeBeforeJumpTo() { return mVlist.getSizeBeforeJumpTo(); @@ -64,17 +66,15 @@ public class KeyRecordList implements IKeyRecordList { public IKeyRecord getKeyRecord(int i) { KeyRecord record = (KeyRecord) mVlist.getElementAt(i); - if (record == null) - return null; - - return record; - } + if (record == null) return null; + return record; + } /** * Retrieves requests. */ public Enumeration getKeyRecords(int startidx, int endidx) - throws EBaseException { + throws EBaseException { Vector entries = new Vector(); for (int i = startidx; i <= endidx; i++) { diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java index 2d064ae8..1cbd3229 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRecordMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Enumeration; import java.util.Vector; @@ -32,12 +33,14 @@ import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.dbs.keydb.IKeyRecord; import com.netscape.certsrv.dbs.keydb.IKeyRepository; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents a mapper to serialize key record into database. + * A class represents a mapper to serialize + * key record into database. * <P> - * - * @author thomask + * + * @author thomask * @version $Revision$, $Date$ */ public class KeyRecordMapper implements IDBAttrMapper { @@ -56,8 +59,8 @@ public class KeyRecordMapper implements IDBAttrMapper { return v.elements(); } - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, + Object obj, LDAPAttributeSet attrs) throws EBaseException { try { KeyRecord rec = (KeyRecord) obj; @@ -65,58 +68,47 @@ public class KeyRecordMapper implements IDBAttrMapper { rec.getSerialNumber().toString())); } catch (Exception e) { - /* - * LogDoc - * - * @phase Maps object to ldap attribute set - * + /*LogDoc + * + * @phase Maps object to ldap attribute set * @message KeyRecordMapper: <exception thrown> */ - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_DB, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_KEYRECORD_MAPPER_ERROR", - e.toString())); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_SERIALIZE_FAILED", name)); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_KEYRECORD_MAPPER_ERROR", e.toString())); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_SERIALIZE_FAILED", name)); } } - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { - try { - LDAPAttribute attr = attrs - .getAttribute(KeyDBSchema.LDAP_ATTR_KEY_RECORD_ID); + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { + try { + LDAPAttribute attr = attrs.getAttribute( + KeyDBSchema.LDAP_ATTR_KEY_RECORD_ID); if (attr == null) return; String serialno = (String) attr.getStringValues().nextElement(); - IKeyRecord rec = mDB.readKeyRecord(new BigInteger(serialno)); + IKeyRecord rec = mDB.readKeyRecord(new + BigInteger(serialno)); parent.set(name, rec); } catch (Exception e) { - /* - * LogDoc - * - * @phase Maps ldap attribute set to object - * + /*LogDoc + * + * @phase Maps ldap attribute set to object * @message KeyRecordMapper: <exception thrown> */ - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_DB, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_KEYRECORD_MAPPER_ERROR", - e.toString())); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_DESERIALIZE_FAILED", name)); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_KEYRECORD_MAPPER_ERROR", e.toString())); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_DESERIALIZE_FAILED", name)); } } public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + throws EBaseException { return name + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java index 244824ca..6d4e4688 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/KeyRepository.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.security.PublicKey; import java.util.Date; @@ -39,10 +40,12 @@ import com.netscape.certsrv.dbs.keydb.IKeyRecordList; import com.netscape.certsrv.dbs.keydb.IKeyRepository; import com.netscape.certsrv.dbs.repository.IRepository; + /** - * A class represents a Key repository. This is the container of archived keys. + * A class represents a Key repository. This is the container of + * archived keys. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -57,15 +60,15 @@ public class KeyRepository extends Repository implements IKeyRepository { private String mBaseDN = null; /** - * Constructs a key repository. It checks if the key repository does exist. - * If not, it creates the repository. + * Constructs a key repository. It checks if the key repository + * does exist. If not, it creates the repository. * <P> - * + * * @param service db service * @exception EBaseException failed to setup key repository */ public KeyRepository(IDBSubsystem service, int increment, String baseDN) - throws EDBException { + throws EDBException { super(service, increment, baseDN); mBaseDN = baseDN; mDBService = service; @@ -78,55 +81,56 @@ public class KeyRepository extends Repository implements IKeyRepository { keyRecordOC[1] = KeyDBSchema.LDAP_OC_KEYRECORD; if (!reg.isObjectClassRegistered(KeyRecord.class.getName())) { - reg.registerObjectClass(KeyRecord.class.getName(), keyRecordOC); + reg.registerObjectClass(KeyRecord.class.getName(), + keyRecordOC); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_ID)) { - reg.registerAttribute(KeyRecord.ATTR_ID, new BigIntegerMapper( - KeyDBSchema.LDAP_ATTR_SERIALNO)); + reg.registerAttribute(KeyRecord.ATTR_ID, new + BigIntegerMapper(KeyDBSchema.LDAP_ATTR_SERIALNO)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_ALGORITHM)) { - reg.registerAttribute(KeyRecord.ATTR_ALGORITHM, new StringMapper( - KeyDBSchema.LDAP_ATTR_ALGORITHM)); + reg.registerAttribute(KeyRecord.ATTR_ALGORITHM, new + StringMapper(KeyDBSchema.LDAP_ATTR_ALGORITHM)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_STATE)) { - reg.registerAttribute(KeyRecord.ATTR_STATE, new KeyStateMapper( - KeyDBSchema.LDAP_ATTR_STATE)); + reg.registerAttribute(KeyRecord.ATTR_STATE, new + KeyStateMapper(KeyDBSchema.LDAP_ATTR_STATE)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_KEY_SIZE)) { - reg.registerAttribute(KeyRecord.ATTR_KEY_SIZE, new IntegerMapper( - KeyDBSchema.LDAP_ATTR_KEY_SIZE)); + reg.registerAttribute(KeyRecord.ATTR_KEY_SIZE, new + IntegerMapper(KeyDBSchema.LDAP_ATTR_KEY_SIZE)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_OWNER_NAME)) { - reg.registerAttribute(KeyRecord.ATTR_OWNER_NAME, new StringMapper( - KeyDBSchema.LDAP_ATTR_OWNER_NAME)); + reg.registerAttribute(KeyRecord.ATTR_OWNER_NAME, new + StringMapper(KeyDBSchema.LDAP_ATTR_OWNER_NAME)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_PRIVATE_KEY_DATA)) { - reg.registerAttribute(KeyRecord.ATTR_PRIVATE_KEY_DATA, - new ByteArrayMapper(KeyDBSchema.LDAP_ATTR_PRIVATE_KEY_DATA)); + reg.registerAttribute(KeyRecord.ATTR_PRIVATE_KEY_DATA, new + ByteArrayMapper(KeyDBSchema.LDAP_ATTR_PRIVATE_KEY_DATA)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_PUBLIC_KEY_DATA)) { - reg.registerAttribute(KeyRecord.ATTR_PUBLIC_KEY_DATA, - new PublicKeyMapper(KeyDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA)); + reg.registerAttribute(KeyRecord.ATTR_PUBLIC_KEY_DATA, new + PublicKeyMapper(KeyDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_DATE_OF_RECOVERY)) { - reg.registerAttribute(KeyRecord.ATTR_DATE_OF_RECOVERY, - new DateArrayMapper(KeyDBSchema.LDAP_ATTR_DATE_OF_RECOVERY)); + reg.registerAttribute(KeyRecord.ATTR_DATE_OF_RECOVERY, new + DateArrayMapper(KeyDBSchema.LDAP_ATTR_DATE_OF_RECOVERY)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_CREATE_TIME)) { - reg.registerAttribute(KeyRecord.ATTR_CREATE_TIME, new DateMapper( - KeyDBSchema.LDAP_ATTR_CREATE_TIME)); + reg.registerAttribute(KeyRecord.ATTR_CREATE_TIME, new + DateMapper(KeyDBSchema.LDAP_ATTR_CREATE_TIME)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_MODIFY_TIME)) { - reg.registerAttribute(KeyRecord.ATTR_MODIFY_TIME, new DateMapper( - KeyDBSchema.LDAP_ATTR_MODIFY_TIME)); + reg.registerAttribute(KeyRecord.ATTR_MODIFY_TIME, new + DateMapper(KeyDBSchema.LDAP_ATTR_MODIFY_TIME)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_META_INFO)) { - reg.registerAttribute(KeyRecord.ATTR_META_INFO, new MetaInfoMapper( - KeyDBSchema.LDAP_ATTR_META_INFO)); + reg.registerAttribute(KeyRecord.ATTR_META_INFO, new + MetaInfoMapper(KeyDBSchema.LDAP_ATTR_META_INFO)); } if (!reg.isAttributeRegistered(KeyRecord.ATTR_ARCHIVED_BY)) { - reg.registerAttribute(KeyRecord.ATTR_ARCHIVED_BY, new StringMapper( - KeyDBSchema.LDAP_ATTR_ARCHIVED_BY)); + reg.registerAttribute(KeyRecord.ATTR_ARCHIVED_BY, new + StringMapper(KeyDBSchema.LDAP_ATTR_ARCHIVED_BY)); } } @@ -141,12 +145,10 @@ public class KeyRepository extends Repository implements IKeyRepository { return; } - CMS.debug("In setKeyStatusUpdateInterval mKeyStatusUpdateThread " - + mKeyStatusUpdateThread); + CMS.debug("In setKeyStatusUpdateInterval mKeyStatusUpdateThread " + mKeyStatusUpdateThread); if (mKeyStatusUpdateThread == null) { CMS.debug("In setKeyStatusUpdateInterval about to create KeyStatusUpdateThread "); - mKeyStatusUpdateThread = new KeyStatusUpdateThread(this, - requestRepo, "KeyStatusUpdateThread"); + mKeyStatusUpdateThread = new KeyStatusUpdateThread(this, requestRepo, "KeyStatusUpdateThread"); mKeyStatusUpdateThread.setInterval(interval); mKeyStatusUpdateThread.start(); } else { @@ -170,9 +172,11 @@ public class KeyRepository extends Repository implements IKeyRepository { /** * Removes all objects with this repository. */ - public void removeAllObjects() throws EBaseException { + public void removeAllObjects() throws EBaseException + { String filter = "(" + KeyRecord.ATTR_OWNER_NAME + "=*" + ")"; - IKeyRecordList list = findKeyRecordsInList(filter, null, "serialno", 10); + IKeyRecordList list = findKeyRecordsInList(filter, + null, "serialno", 10); int size = list.getSize(); Enumeration e = list.getKeyRecords(0, size - 1); while (e.hasMoreElements()) { @@ -184,7 +188,7 @@ public class KeyRepository extends Repository implements IKeyRepository { /** * Archives a key to the repository. * <P> - * + * * @param record key record * @exception EBaseException failed to archive key */ @@ -192,38 +196,35 @@ public class KeyRepository extends Repository implements IKeyRepository { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" - + ((KeyRecord) record).getSerialNumber().toString() + "," - + getDN(); + String name = "cn" + "=" + + ((KeyRecord) record).getSerialNumber().toString() + "," + getDN(); - if (s != null) - s.add(name, (KeyRecord) record); - } finally { - if (s != null) - s.close(); + if (s != null) s.add(name, (KeyRecord) record); + } finally { + if (s != null) s.close(); } } /** * Recovers an archived key by serial number. * <P> - * + * * @param serialNo serial number * @return key record * @exception EBaseException failed to recover key */ - public IKeyRecord readKeyRecord(BigInteger serialNo) throws EBaseException { + public IKeyRecord readKeyRecord(BigInteger serialNo) + throws EBaseException { IDBSSession s = mDBService.createSession(); KeyRecord rec = null; try { - String name = "cn" + "=" + serialNo.toString() + "," + getDN(); + String name = "cn" + "=" + + serialNo.toString() + "," + getDN(); - if (s != null) - rec = (KeyRecord) s.read(name); - } finally { - if (s != null) - s.close(); + if (s != null) rec = (KeyRecord) s.read(name); + } finally { + if (s != null) s.close(); } return rec; } @@ -231,26 +232,26 @@ public class KeyRepository extends Repository implements IKeyRepository { /** * Recovers an archived key by owner name. * <P> - * + * * @param ownerName owner name * @return key record * @exception EBaseException failed to recover key */ - public IKeyRecord readKeyRecord(X500Name ownerName) throws EBaseException { + public IKeyRecord readKeyRecord(X500Name ownerName) + throws EBaseException { IDBSSession s = mDBService.createSession(); KeyRecord keyRec = null; try { if (ownerName != null) { - String filter = "(" + KeyRecord.ATTR_OWNER_NAME + "=" - + ownerName.toString() + ")"; + String filter = "(" + KeyRecord.ATTR_OWNER_NAME + "=" + + ownerName.toString() + ")"; IDBSearchResults res = s.search(getDN(), filter); keyRec = (KeyRecord) res.nextElement(); - } - } finally { - if (s != null) - s.close(); + } + } finally { + if (s != null) s.close(); } return keyRec; } @@ -258,7 +259,8 @@ public class KeyRepository extends Repository implements IKeyRepository { /** * Recovers archived key using public key. */ - public IKeyRecord readKeyRecord(PublicKey publicKey) throws EBaseException { + public IKeyRecord readKeyRecord(PublicKey publicKey) + throws EBaseException { // XXX - setup binary search attributes byte data[] = publicKey.getEncoded(); @@ -268,40 +270,40 @@ public class KeyRepository extends Repository implements IKeyRepository { KeyRecord rec = null; try { - String filter = "(" + KeyRecord.ATTR_PUBLIC_KEY_DATA + "=" - + escapeBinaryData(data) + ")"; - if (s != null) { + String filter = "(" + KeyRecord.ATTR_PUBLIC_KEY_DATA + "=" + + escapeBinaryData(data) + ")"; + if( s != null ) { IDBSearchResults res = s.search(getDN(), filter); rec = (KeyRecord) res.nextElement(); } - } finally { - if (s != null) - s.close(); + } finally { + if (s != null) s.close(); } return rec; } + /** * Recovers archived key using b64 encoded cert */ - public IKeyRecord readKeyRecord(String cert) throws EBaseException { + public IKeyRecord readKeyRecord(String cert) + throws EBaseException { IDBSSession s = mDBService.createSession(); KeyRecord rec = null; try { - String filter = "(publicKey=x509cert#\"" + cert + "\")"; - CMS.debug("filter= " + filter); + String filter = "(publicKey=x509cert#\"" +cert+"\")"; +CMS.debug("filter= " + filter); - if (s != null) { + if( s != null ) { IDBSearchResults res = s.search(getDN(), filter); rec = (KeyRecord) res.nextElement(); } - } finally { - if (s != null) - s.close(); + } finally { + if (s != null) s.close(); } return rec; } @@ -310,33 +312,32 @@ public class KeyRepository extends Repository implements IKeyRepository { * Modifies key record. */ public void modifyKeyRecord(BigInteger serialNo, ModificationSet mods) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" + serialNo.toString() + "," + getDN(); + String name = "cn" + "=" + + serialNo.toString() + "," + getDN(); mods.add(KeyRecord.ATTR_MODIFY_TIME, Modification.MOD_REPLACE, - new Date()); - if (s != null) - s.modify(name, mods); - } finally { - if (s != null) - s.close(); + new Date()); + if (s != null) s.modify(name, mods); + } finally { + if (s != null) s.close(); } } - public void deleteKeyRecord(BigInteger serialNo) throws EBaseException { + public void deleteKeyRecord(BigInteger serialNo) + throws EBaseException { IDBSSession s = mDBService.createSession(); try { - String name = "cn" + "=" + serialNo.toString() + "," + getDN(); + String name = "cn" + "=" + + serialNo.toString() + "," + getDN(); - if (s != null) - s.delete(name); - } finally { - if (s != null) - s.close(); + if (s != null) s.delete(name); + } finally { + if (s != null) s.close(); } } @@ -353,7 +354,7 @@ public class KeyRepository extends Repository implements IKeyRepository { } public Enumeration searchKeys(String filter, int maxSize) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -367,7 +368,7 @@ public class KeyRepository extends Repository implements IKeyRepository { } public Enumeration searchKeys(String filter, int maxSize, int timeLimit) - throws EBaseException { + throws EBaseException { IDBSSession s = mDBService.createSession(); Enumeration e = null; @@ -383,31 +384,34 @@ public class KeyRepository extends Repository implements IKeyRepository { /** * Retrieves key record list. */ - public IKeyRecordList findKeyRecordsInList(String filter, String attrs[], - int pageSize) throws EBaseException { - return findKeyRecordsInList(filter, attrs, IKeyRecord.ATTR_ID, pageSize); + public IKeyRecordList findKeyRecordsInList(String filter, + String attrs[], int pageSize) throws EBaseException { + return findKeyRecordsInList(filter, attrs, IKeyRecord.ATTR_ID, + pageSize); } - public IKeyRecordList findKeyRecordsInList(String filter, String attrs[], - String sortKey, int pageSize) throws EBaseException { + public IKeyRecordList findKeyRecordsInList(String filter, + String attrs[], String sortKey, int pageSize) + throws EBaseException { IDBSSession s = mDBService.createSession(); IKeyRecordList list = null; try { if (s != null) { - list = new KeyRecordList(s.createVirtualList(getDN(), - "(&(objectclass=" + KeyRecord.class.getName() + ")" - + filter + ")", attrs, sortKey, pageSize)); + list = new KeyRecordList( + s.createVirtualList(getDN(), "(&(objectclass=" + + KeyRecord.class.getName() + ")" + filter + ")", + attrs, sortKey, pageSize)); } - } finally { - if (s != null) - s.close(); + } finally { + if (s != null) s.close(); } return list; } - public IKeyRecordList findKeyRecordsInList(String filter, String attrs[], - String jumpTo, String sortKey, int pageSize) throws EBaseException { + public IKeyRecordList findKeyRecordsInList(String filter, + String attrs[],String jumpTo, String sortKey, int pageSize) + throws EBaseException { IDBSSession s = mDBService.createSession(); IKeyRecordList list = null; @@ -416,103 +420,94 @@ public class KeyRepository extends Repository implements IKeyRepository { String jumpToVal = null; if (len > 9) { - jumpToVal = Integer.toString(len) + jumpTo; - } else { - jumpToVal = "0" + Integer.toString(len) + jumpTo; + jumpToVal = Integer.toString(len) + jumpTo; + } else { + jumpToVal = "0" + Integer.toString(len) + jumpTo; } try { if (s != null) { - list = new KeyRecordList(s.createVirtualList(getDN(), - "(&(objectclass=" + KeyRecord.class.getName() + ")" - + filter + ")", attrs, jumpToVal, sortKey, - pageSize)); + list = new KeyRecordList( + s.createVirtualList(getDN(), "(&(objectclass=" + + KeyRecord.class.getName() + ")" + filter + ")", + attrs,jumpToVal, sortKey, pageSize)); } } finally { - if (s != null) - s.close(); + if (s != null) s.close(); } return list; } - public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, - BigInteger serial_upper_bound) throws EBaseException { + public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, BigInteger serial_upper_bound) throws + EBaseException { - CMS.debug("KeyRepository: in getLastSerialNumberInRange: low " - + serial_low_bound + " high " + serial_upper_bound); + CMS.debug("KeyRepository: in getLastSerialNumberInRange: low " + serial_low_bound + " high " + serial_upper_bound); - if (serial_low_bound == null || serial_upper_bound == null - || serial_low_bound.compareTo(serial_upper_bound) >= 0) { - return null; - } + if(serial_low_bound == null || serial_upper_bound == null || serial_low_bound.compareTo(serial_upper_bound) >= 0) + { + return null; + } - String ldapfilter = "(" + "serialno" + "=*" + ")"; - String[] attrs = null; + String ldapfilter = "(" + "serialno" + "=*" + ")"; + String[] attrs = null; - KeyRecordList recList = (KeyRecordList) findKeyRecordsInList( - ldapfilter, attrs, serial_upper_bound.toString(10), "serialno", - 5 * -1); + KeyRecordList recList = (KeyRecordList) findKeyRecordsInList(ldapfilter,attrs,serial_upper_bound.toString(10),"serialno", 5 * -1); - int size = recList.getSize(); + int size = recList.getSize(); - CMS.debug("KeyRepository: getLastSerialNumberInRange: recList size " - + size); + CMS.debug("KeyRepository: getLastSerialNumberInRange: recList size " + size); - if (size <= 0) { - CMS.debug("KeyRepository: getLastSerialNumberInRange: index may be empty"); + if (size <= 0) { + CMS.debug("KeyRepository: getLastSerialNumberInRange: index may be empty"); - BigInteger ret = new BigInteger(serial_low_bound.toString(10)); + BigInteger ret = new BigInteger(serial_low_bound.toString(10)); - ret = ret.add(new BigInteger("-1")); + ret = ret.add(new BigInteger("-1")); - CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " - + ret); - return ret; - } - int ltSize = recList.getSizeBeforeJumpTo(); + CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + ret ); + return ret; + } + int ltSize = recList.getSizeBeforeJumpTo(); - Vector cList = new Vector(ltSize); + Vector cList = new Vector(ltSize); - CMS.debug("KeyRepository:getLastSerialNumberInRange: ltSize " + ltSize); + CMS.debug("KeyRepository:getLastSerialNumberInRange: ltSize " + ltSize); - int i; - KeyRecord curRec = null; + int i; + KeyRecord curRec = null; - for (i = 0; i < 5; i++) { - curRec = (KeyRecord) recList.getKeyRecord(i); + for (i = 0; i < 5; i++) { + curRec = (KeyRecord) recList.getKeyRecord(i); - if (curRec != null) { + if (curRec != null) { - BigInteger serial = curRec.getSerialNumber(); + BigInteger serial = curRec.getSerialNumber(); - CMS.debug("KeyRepository: getLastCertRecordSerialNo: serialno " - + serial); + CMS.debug("KeyRepository: getLastCertRecordSerialNo: serialno " + serial); - if (((serial.compareTo(serial_low_bound) == 0) || (serial - .compareTo(serial_low_bound) == 1)) - && ((serial.compareTo(serial_upper_bound) == 0) || (serial - .compareTo(serial_upper_bound) == -1))) { - CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " - + serial); - return serial; - } - } else { - CMS.debug("KeyRepository: getLastSerialNumberInRange:found null from getCertRecord"); - } - } + if( ((serial.compareTo(serial_low_bound) == 0) || (serial.compareTo(serial_low_bound) == 1) ) && + ((serial.compareTo(serial_upper_bound) == 0) || (serial.compareTo(serial_upper_bound) == -1) )) + { + CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + serial); + return serial; + } + } else { + CMS.debug("KeyRepository: getLastSerialNumberInRange:found null from getCertRecord"); + } + } - BigInteger ret = new BigInteger(serial_low_bound.toString(10)); + BigInteger ret = new BigInteger(serial_low_bound.toString(10)); - ret = ret.add(new BigInteger("-1")); + ret = ret.add(new BigInteger("-1")); - CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + ret); - return ret; + CMS.debug("KeyRepository: getLastSerialNumberInRange returning: " + ret ); + return ret ; } public void shutdown() { - // if (mKeyStatusUpdateThread != null) - // mKeyStatusUpdateThread.destroy(); + //if (mKeyStatusUpdateThread != null) + // mKeyStatusUpdateThread.destroy(); } } @@ -546,7 +541,7 @@ class KeyStatusUpdateThread extends Thread { CMS.debug("Starting key checkRanges"); _kr.checkRanges(); CMS.debug("key checkRanges done"); - + CMS.debug("Starting request checkRanges"); _rr.checkRanges(); CMS.debug("request checkRanges done"); @@ -561,3 +556,5 @@ class KeyStatusUpdateThread extends Thread { } } } + + diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java index a9f91b59..7f13c8ed 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/KeyStateMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Vector; @@ -28,12 +29,13 @@ import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.dbs.keydb.KeyState; + /** * A class represents a key state mapper. * <P> - * + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class KeyStateMapper implements IDBAttrMapper { @@ -50,30 +52,33 @@ public class KeyStateMapper implements IDBAttrMapper { return v.elements(); } - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { - attrs.add(new LDAPAttribute(mLdapName, ((KeyState) obj).toString())); + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { + attrs.add(new LDAPAttribute(mLdapName, + ((KeyState) obj).toString())); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) { return; } - parent.set(name, KeyState.toKeyState(((String) attr.getStringValues() - .nextElement()))); + parent.set(name, KeyState.toKeyState( + ((String) attr.getStringValues().nextElement()))); } /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java b/pki/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java index 001c143b..909bf47e 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/LdapFilterConverter.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Hashtable; import com.netscape.certsrv.base.AttributeNameHelper; @@ -24,12 +25,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IFilterConverter; + /** - * A class represents a filter converter that understands how to convert a - * attribute type from one defintion to another. + * A class represents a filter converter + * that understands how to convert a attribute + * type from one defintion to another. * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class LdapFilterConverter implements IFilterConverter { @@ -47,8 +50,8 @@ public class LdapFilterConverter implements IFilterConverter { */ public String convert(String name, String op, String value) { AttributeNameHelper h = new AttributeNameHelper(name); - IDBAttrMapper mapper = (IDBAttrMapper) mReg.get(h.getPrefix() - .toLowerCase()); + IDBAttrMapper mapper = (IDBAttrMapper) mReg.get( + h.getPrefix().toLowerCase()); if (mapper == null) return null; diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/LongMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/LongMapper.java index fff2f05a..cdd9aeb7 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/LongMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/LongMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Vector; @@ -27,12 +28,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java Long object into - * LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java Long object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class LongMapper implements IDBAttrMapper { @@ -57,29 +60,32 @@ public class LongMapper implements IDBAttrMapper { /** * Maps object into ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { - attrs.add(new LDAPAttribute(mLdapName, LongToDB((Long) obj))); + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { + attrs.add(new LDAPAttribute(mLdapName, + LongToDB((Long) obj))); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) return; - parent.set(name, LongFromDB((String) attr.getStringValues() - .nextElement())); + parent.set(name, LongFromDB( + (String) attr.getStringValues().nextElement())); } /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { String v = null; try { diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java index ccf40569..605e2fad 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/MetaInfoMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.StringTokenizer; import java.util.Vector; @@ -29,19 +30,20 @@ import com.netscape.certsrv.base.MetaInfo; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represent mapper for metainfo attribute. Metainfo is in format of the - * following: - * + * A class represent mapper for metainfo attribute. Metainfo + * is in format of the following: + * * <PRE> * metaInfoType:metaInfoValue * metaInfoType:metaInfoValue * metaInfoType:metaInfoValue * metaInfoType:metaInfoValue * </PRE> - * + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class MetaInfoMapper implements IDBAttrMapper { @@ -68,8 +70,9 @@ public class MetaInfoMapper implements IDBAttrMapper { /** * Maps object into ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { MetaInfo info = (MetaInfo) obj; Enumeration e = info.getElements(); @@ -89,10 +92,11 @@ public class MetaInfoMapper implements IDBAttrMapper { } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object into + * 'parent'. */ public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) @@ -110,11 +114,12 @@ public class MetaInfoMapper implements IDBAttrMapper { } /** - * Map search filters into LDAP search filter. Possible search filter: + * Map search filters into LDAP search filter. + * Possible search filter: * (&(metaInfo=reserver0:value0)(metaInfo=reserved1:value1)) */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java index 99b1bc02..cb5e4cb6 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/ObjectStreamMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -34,13 +35,15 @@ import com.netscape.certsrv.dbs.EDBException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents ann attribute mapper that maps a Java object into LDAP - * attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class ObjectStreamMapper implements IDBAttrMapper { @@ -66,8 +69,9 @@ public class ObjectStreamMapper implements IDBAttrMapper { /** * Maps object to ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, + Object obj, LDAPAttributeSet attrs) + throws EBaseException { try { ByteArrayOutputStream bos = new ByteArrayOutputStream(); ObjectOutputStream os = new ObjectOutputStream(bos); @@ -75,60 +79,60 @@ public class ObjectStreamMapper implements IDBAttrMapper { os.writeObject(obj); byte data[] = bos.toByteArray(); if (data == null) { - CMS.debug("ObjectStreamMapper:mapObjectToLDAPAttributeSet " - + name + " size=0"); + CMS.debug("ObjectStreamMapper:mapObjectToLDAPAttributeSet " + + name + " size=0"); } else { - CMS.debug("ObjectStreamMapper:mapObjectToLDAPAttributeSet " - + name + " size=" + data.length); + CMS.debug("ObjectStreamMapper:mapObjectToLDAPAttributeSet " + + name + " size=" + data.length); } - attrs.add(new LDAPAttribute(mLdapName, data)); + attrs.add(new LDAPAttribute(mLdapName, + data)); } catch (IOException e) { - /* - * LogDoc - * + /*LogDoc + * * @phase Maps object to ldap attribute set - * * @message ObjectStreamMapper: <exception thrown> */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_OBJECTSTREAM_MAPPER_ERROR", - e.toString())); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_SERIALIZE_FAILED", name)); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_OBJECTSTREAM_MAPPER_ERROR", + e.toString())); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_SERIALIZE_FAILED", name)); } } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { try { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) { return; } - ByteArrayInputStream bis = new ByteArrayInputStream((byte[]) attr - .getByteValues().nextElement()); + ByteArrayInputStream bis = new ByteArrayInputStream( + (byte[]) attr.getByteValues().nextElement()); ObjectInputStream is = new ObjectInputStream(bis); parent.set(name, is.readObject()); } catch (IOException e) { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_DESERIALIZE_FAILED", name)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_DESERIALIZE_FAILED", name)); } catch (ClassNotFoundException e) { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_DESERIALIZE_FAILED", name)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_DESERIALIZE_FAILED", name)); } } /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java index dafc13d8..f55248ee 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/PublicKeyMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.security.PublicKey; import java.security.cert.X509Certificate; import java.util.Enumeration; @@ -31,14 +32,16 @@ import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.logging.ILogger; import com.netscape.cmscore.cert.CertUtils; + /** - * A class represents an attribute mapper that maps a public key data into LDAP - * attribute and vice versa. + * A class represents an attribute mapper that maps + * a public key data into LDAP attribute and + * vice versa. * <P> - * + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class PublicKeyMapper implements IDBAttrMapper { @@ -65,16 +68,18 @@ public class PublicKeyMapper implements IDBAttrMapper { /** * Maps object to ldap attribute set. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { attrs.add(new LDAPAttribute(mLdapName, (byte[]) obj)); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) { @@ -84,11 +89,11 @@ public class PublicKeyMapper implements IDBAttrMapper { } /** - * Maps search filters into LDAP search filter. It knows how to extract - * public key from the certificate. + * Maps search filters into LDAP search filter. It knows + * how to extract public key from the certificate. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { int i = value.indexOf("#"); if (i != -1) { @@ -106,17 +111,14 @@ public class PublicKeyMapper implements IDBAttrMapper { return mLdapName + op + escapeBinaryData(pub); } catch (Exception e) { - /* - * LogDoc - * + /*LogDoc + * * @phase Maps search filters into LDAP search filter - * * @message PublicKeyMapper: <exception thrown> */ - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, - ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_DBS_PUBLICKEY_MAPPER_ERROR", - e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_PUBLICKEY_MAPPER_ERROR", + e.toString())); } } return mLdapName + op + value; @@ -144,8 +146,8 @@ public class PublicKeyMapper implements IDBAttrMapper { for (int i = 0; i < data.length; i++) { int v = 0xff & data[i]; - result = result + "\\" + (v < 16 ? "0" : "") - + Integer.toHexString(v); + result = result + "\\" + (v < 16 ? "0" : "") + + Integer.toHexString(v); } return result; } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java b/pki/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java index 72cef899..61beb423 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/ReplicaIDRepository.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import com.netscape.certsrv.apps.CMS; @@ -26,15 +27,15 @@ import com.netscape.certsrv.dbs.IDBSubsystem; import com.netscape.certsrv.dbs.replicadb.IReplicaIDRepository; /** - * A class represents a replica repository. It creates unique managed replica - * IDs. + * A class represents a replica repository. It + * creates unique managed replica IDs. * <P> - * + * * @author alee * @version $Revision$, $Date$ */ -public class ReplicaIDRepository extends Repository implements - IReplicaIDRepository { +public class ReplicaIDRepository extends Repository + implements IReplicaIDRepository { private IDBSubsystem mDBService; private String mBaseDN; @@ -42,27 +43,25 @@ public class ReplicaIDRepository extends Repository implements /** * Constructs a certificate repository. */ - public ReplicaIDRepository(IDBSubsystem dbService, int increment, - String baseDN) throws EDBException { + public ReplicaIDRepository(IDBSubsystem dbService, int increment, String baseDN) + throws EDBException { super(dbService, increment, baseDN); mBaseDN = baseDN; mDBService = dbService; } - + + /** * Returns last serial number in given range */ - public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, - BigInteger serial_upper_bound) throws EBaseException { - CMS.debug("ReplicaIDReposoitory: in getLastSerialNumberInRange: low " - + serial_low_bound + " high " + serial_upper_bound); - if (serial_low_bound == null || serial_upper_bound == null - || serial_low_bound.compareTo(serial_upper_bound) >= 0) { + public BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, BigInteger serial_upper_bound) + throws EBaseException { + CMS.debug("ReplicaIDReposoitory: in getLastSerialNumberInRange: low " + serial_low_bound + " high " + serial_upper_bound); + if(serial_low_bound == null || serial_upper_bound == null || serial_low_bound.compareTo(serial_upper_bound) >= 0 ) { return null; } BigInteger ret = new BigInteger(getMinSerial()); - if ((ret == null) || (ret.compareTo(serial_upper_bound) > 0) - || (ret.compareTo(serial_low_bound) < 0)) { + if ((ret==null) || (ret.compareTo(serial_upper_bound) >0) || (ret.compareTo(serial_low_bound) <0)) { return null; } return ret; diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/Repository.java b/pki/base/common/src/com/netscape/cmscore/dbs/Repository.java index ac9428d1..858e7a63 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/Repository.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/Repository.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import com.netscape.certsrv.apps.CMS; @@ -35,17 +36,18 @@ import com.netscape.certsrv.dbs.repository.IRepository; import com.netscape.certsrv.dbs.repository.IRepositoryRecord; /** - * A class represents a generic repository. It maintains unique serial number - * within repository. + * A class represents a generic repository. It maintains unique + * serial number within repository. * <P> - * To build domain specific repository, subclass should be created. + * To build domain specific repository, subclass should be + * created. * <P> - * + * * @author galperin * @author thomask * @version $Revision: 1.4 - * - * $, $Date$ + * + $, $Date$ */ public abstract class Repository implements IRepository { @@ -54,7 +56,7 @@ public abstract class Repository implements IRepository { private BigInteger BI_INCREMENT = null; private static final BigInteger BI_ZERO = new BigInteger("0"); // (the next serialNo to be issued) - 1 - private BigInteger mSerialNo = null; + private BigInteger mSerialNo = null; // the serialNo attribute stored in db private BigInteger mNext = null; @@ -77,45 +79,51 @@ public abstract class Repository implements IRepository { private int mRadix = 10; private int mRepo = -1; - private BigInteger mLastSerialNo = null; + private BigInteger mLastSerialNo = null; /** * Constructs a repository. * <P> */ - public Repository(IDBSubsystem db, int increment, String baseDN) - throws EDBException { + public Repository(IDBSubsystem db, int increment, String baseDN) + throws EDBException { mDB = db; mBaseDN = baseDN; + BI_INCREMENT = new BigInteger(Integer.toString(increment)); // register schema IDBRegistry reg = db.getRegistry(); /** - * if (!reg.isObjectClassRegistered( RepositoryRecord.class.getName())) - * { String repRecordOC[] = new String[2]; repRecordOC[0] = - * RepositorySchema.LDAP_OC_TOP; repRecordOC[1] = - * RepositorySchema.LDAP_OC_REPOSITORY; reg.registerObjectClass( - * RepositoryRecord.class.getName(), repRecordOC); } if - * (!reg.isAttributeRegistered(RepositoryRecord.ATTR_SERIALNO)) { - * reg.registerAttribute(RepositoryRecord.ATTR_SERIALNO, new - * BigIntegerMapper(RepositorySchema.LDAP_ATTR_SERIALNO)); } + if (!reg.isObjectClassRegistered( + RepositoryRecord.class.getName())) { + String repRecordOC[] = new String[2]; + repRecordOC[0] = RepositorySchema.LDAP_OC_TOP; + repRecordOC[1] = RepositorySchema.LDAP_OC_REPOSITORY; + reg.registerObjectClass( + RepositoryRecord.class.getName(), repRecordOC); + } + if (!reg.isAttributeRegistered(RepositoryRecord.ATTR_SERIALNO)) { + reg.registerAttribute(RepositoryRecord.ATTR_SERIALNO, + new BigIntegerMapper(RepositorySchema.LDAP_ATTR_SERIALNO)); + } **/ } /** * Resets serial number. */ - public void resetSerialNumber(BigInteger serial) throws EBaseException { + public void resetSerialNumber(BigInteger serial) throws EBaseException + { IDBSSession s = mDB.createSession(); - + try { String name = mBaseDN; ModificationSet mods = new ModificationSet(); - mods.add(IRepositoryRecord.ATTR_SERIALNO, Modification.MOD_REPLACE, - serial); + mods.add(IRepositoryRecord.ATTR_SERIALNO, + Modification.MOD_REPLACE, serial); s.modify(name, mods); } finally { if (s != null) @@ -126,7 +134,7 @@ public abstract class Repository implements IRepository { /** * Retrieves the next serial number attr in db. * <P> - * + * * @return next serial number */ protected BigInteger getSerialNumber() throws EBaseException { @@ -136,31 +144,31 @@ public abstract class Repository implements IRepository { RepositoryRecord rec = null; try { - if (s != null) - rec = (RepositoryRecord) s.read(mBaseDN); - } finally { - if (s != null) - s.close(); + if (s != null) rec = (RepositoryRecord) s.read(mBaseDN); + } finally { + if (s != null) s.close(); } - if (rec == null) { - CMS.debug("Repository::getSerialNumber() - " + "- rec is null!"); - throw new EBaseException("rec is null"); + if( rec == null ) { + CMS.debug( "Repository::getSerialNumber() - " + + "- rec is null!" ); + throw new EBaseException( "rec is null" ); } BigInteger serial = rec.getSerialNumber(); if (!mInit) { - // cms may crash after issue a cert but before update + // cms may crash after issue a cert but before update // the serial number record try { - IDBObj obj = s.read("cn=" + serial + "," + mBaseDN); + IDBObj obj = s.read("cn=" + + serial + "," + mBaseDN); if (obj != null) { serial = serial.add(BI_ONE); setSerialNumber(serial); } - } catch (EBaseException e) { + }catch (EBaseException e) { // do nothing } mInit = true; @@ -171,12 +179,12 @@ public abstract class Repository implements IRepository { /** * Updates the serial number to the specified in db. * <P> - * + * * @param num serial number */ protected void setSerialNumber(BigInteger num) throws EBaseException { - CMS.debug("Repository:setSerialNumber " + num.toString()); + CMS.debug("Repository:setSerialNumber " + num.toString()); return; @@ -203,8 +211,8 @@ public abstract class Repository implements IRepository { maxSerial = new BigInteger(serial, mRadix); if (maxSerial != null) { - mMaxSerial = serial; - mMaxSerialNo = maxSerial; + mMaxSerial = serial; + mMaxSerialNo = maxSerial; } } @@ -221,8 +229,7 @@ public abstract class Repository implements IRepository { * Set the maximum serial number in next range * * @param serial maximum number in next range - * @exception EBaseException failed to set maximum serial number in next - * range + * @exception EBaseException failed to set maximum serial number in next range */ public void setNextMaxSerial(String serial) throws EBaseException { BigInteger maxSerial = null; @@ -230,22 +237,23 @@ public abstract class Repository implements IRepository { maxSerial = new BigInteger(serial, mRadix); if (maxSerial != null) { - mNextMaxSerial = serial; - mNextMaxSerialNo = maxSerial; + mNextMaxSerial = serial; + mNextMaxSerialNo = maxSerial; } return; } - + /** * Get the minimum serial number. * * @return minimum serial number */ public String getMinSerial() { - return mMinSerial; + return mMinSerial; } + /** * init serial number cache */ @@ -253,17 +261,16 @@ public abstract class Repository implements IRepository { mNext = getSerialNumber(); BigInteger serialConfig = new BigInteger("0"); mRadix = 10; - + CMS.debug("Repository: in InitCache"); if (this instanceof ICertificateRepository) { CMS.debug("Repository: Instance of Certificate Repository."); mRadix = 16; mRepo = IDBSubsystem.CERTS; - } else if (this instanceof IKeyRepository) { - // Key Repository uses the same configuration parameters as - // Certificate - // Repository. This is ok because they are on separate subsystems. + } else if (this instanceof IKeyRepository) { + // Key Repository uses the same configuration parameters as Certificate + // Repository. This is ok because they are on separate subsystems. CMS.debug("Repository: Instance of Key Repository"); mRadix = 16; mRepo = IDBSubsystem.CERTS; @@ -271,8 +278,7 @@ public abstract class Repository implements IRepository { CMS.debug("Repository: Instance of Replica ID repository"); mRepo = IDBSubsystem.REPLICA_ID; } else { - // CRLRepository subclasses this too, but does not use serial number - // stuff + // CRLRepository subclasses this too, but does not use serial number stuff CMS.debug("Repository: Instance of Request Repository or CRLRepository."); mRepo = IDBSubsystem.REQUESTS; } @@ -284,54 +290,52 @@ public abstract class Repository implements IRepository { String increment = mDB.getIncrementConfig(mRepo); String lowWaterMark = mDB.getLowWaterMarkConfig(mRepo); - CMS.debug("Repository: minSerial " + mMinSerial + " maxSerial: " - + mMaxSerial); + CMS.debug("Repository: minSerial " + mMinSerial + " maxSerial: " + mMaxSerial); - if (mMinSerial != null) - mMinSerialNo = new BigInteger(mMinSerial, mRadix); + if(mMinSerial != null) + mMinSerialNo = new BigInteger(mMinSerial,mRadix); - if (mMaxSerial != null) - mMaxSerialNo = new BigInteger(mMaxSerial, mRadix); + if(mMaxSerial != null) + mMaxSerialNo = new BigInteger(mMaxSerial,mRadix); - if (mNextMinSerial != null) - mNextMinSerialNo = new BigInteger(mNextMinSerial, mRadix); + if(mNextMinSerial != null) + mNextMinSerialNo = new BigInteger(mNextMinSerial,mRadix); - if (mNextMaxSerial != null) - mNextMaxSerialNo = new BigInteger(mNextMaxSerial, mRadix); + if(mNextMaxSerial != null) + mNextMaxSerialNo = new BigInteger(mNextMaxSerial,mRadix); - if (lowWaterMark != null) - mLowWaterMarkNo = new BigInteger(lowWaterMark, mRadix); + if(lowWaterMark != null) + mLowWaterMarkNo = new BigInteger(lowWaterMark,mRadix); - if (increment != null) - mIncrementNo = new BigInteger(increment, mRadix); + if(increment != null) + mIncrementNo = new BigInteger(increment,mRadix); BigInteger theSerialNo = null; - theSerialNo = getLastSerialNumberInRange(mMinSerialNo, mMaxSerialNo); + theSerialNo = getLastSerialNumberInRange(mMinSerialNo,mMaxSerialNo); - if (theSerialNo != null) { + if(theSerialNo != null) { mLastSerialNo = new BigInteger(theSerialNo.toString()); CMS.debug("Repository: mLastSerialNo: " + mLastSerialNo.toString()); - } else { + } + else { - throw new EBaseException( - "Error in obtaining the last serial number in the repository!"); + throw new EBaseException("Error in obtaining the last serial number in the repository!"); } } - + /** * get the next serial number in cache */ public BigInteger getTheSerialNumber() throws EBaseException { - - CMS.debug("Repository:In getTheSerialNumber "); - if (mLastSerialNo == null) + + CMS.debug("Repository:In getTheSerialNumber " ); + if (mLastSerialNo == null) initCache(); - BigInteger serial = new BigInteger( - (mLastSerialNo.add(BI_ONE)).toString()); + BigInteger serial = new BigInteger((mLastSerialNo.add(BI_ONE)).toString()); if (mMaxSerialNo != null && serial.compareTo(mMaxSerialNo) > 0) return null; @@ -342,7 +346,7 @@ public abstract class Repository implements IRepository { /** * Updates the serial number to the specified in db and cache. * <P> - * + * * @param num serial number */ public void setTheSerialNumber(BigInteger num) throws EBaseException { @@ -366,44 +370,46 @@ public abstract class Repository implements IRepository { } /** - * Retrieves the next serial number, and also increase the serial number by - * one. + * Retrieves the next serial number, and also increase the + * serial number by one. * <P> - * + * * @return serial number */ - public synchronized BigInteger getNextSerialNumber() throws EBaseException { + public synchronized BigInteger getNextSerialNumber() throws + EBaseException { CMS.debug("Repository: in getNextSerialNumber. "); - + if (mLastSerialNo == null) { initCache(); mLastSerialNo = mLastSerialNo.add(BI_ONE); - + + } else { mLastSerialNo = mLastSerialNo.add(BI_ONE); } - if (mLastSerialNo == null) { - CMS.debug("Repository::getNextSerialNumber() " - + "- mLastSerialNo is null!"); - throw new EBaseException("mLastSerialNo is null"); + if( mLastSerialNo == null ) { + CMS.debug( "Repository::getNextSerialNumber() " + + "- mLastSerialNo is null!" ); + throw new EBaseException( "mLastSerialNo is null" ); } // check if we have reached the end of the range // if so, move to next range - if (mLastSerialNo.compareTo(mMaxSerialNo) > 0) { + if (mLastSerialNo.compareTo( mMaxSerialNo ) > 0 ) { if (mDB.getEnableSerialMgmt()) { CMS.debug("Reached the end of the range. Attempting to move to next range"); mMinSerialNo = mNextMinSerialNo; mMaxSerialNo = mNextMaxSerialNo; mLastSerialNo = mMinSerialNo; - mNextMinSerialNo = null; - mNextMaxSerialNo = null; + mNextMinSerialNo = null; + mNextMaxSerialNo = null; if ((mMaxSerialNo == null) || (mMinSerialNo == null)) { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LIMIT_REACHED", mLastSerialNo.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_LIMIT_REACHED", + mLastSerialNo.toString())); } // persist the changes @@ -412,25 +418,25 @@ public abstract class Repository implements IRepository { mDB.setNextMinSerialConfig(mRepo, null); mDB.setNextMaxSerialConfig(mRepo, null); } else { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_LIMIT_REACHED", mLastSerialNo.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_LIMIT_REACHED", + mLastSerialNo.toString())); } } BigInteger retSerial = new BigInteger(mLastSerialNo.toString()); - CMS.debug("Repository: getNextSerialNumber: returning retSerial " - + retSerial); - return retSerial; + CMS.debug("Repository: getNextSerialNumber: returning retSerial " + retSerial); + return retSerial; } /** - * Checks to see if a new range is needed, or if we have reached the end of - * the current range, or if a range conflict has occurred. - * + * Checks to see if a new range is needed, or if we have reached the end of the + * current range, or if a range conflict has occurred. + * * @exception EBaseException failed to check next range for conflicts */ - public void checkRanges() throws EBaseException { + public void checkRanges() throws EBaseException + { if (!mDB.getEnableSerialMgmt()) { CMS.debug("Serial Management not enabled. Returning .. "); return; @@ -451,55 +457,52 @@ public abstract class Repository implements IRepository { if ((mNextMaxSerialNo != null) && (mNextMinSerialNo != null)) { numsInNextRange = mNextMaxSerialNo.subtract(mNextMinSerialNo); numsAvail = numsInRange.add(numsInNextRange); - CMS.debug("Serial Numbers in next range: " - + numsInNextRange.toString()); + CMS.debug("Serial Numbers in next range: " + numsInNextRange.toString()); CMS.debug("Serial Numbers available: " + numsAvail.toString()); } else { numsAvail = numsInRange; CMS.debug("Serial Numbers available: " + numsAvail.toString()); } - if ((numsAvail.compareTo(mLowWaterMarkNo) < 0) && (!CMS.isPreOpMode())) { + if ((numsAvail.compareTo(mLowWaterMarkNo) < 0) && (!CMS.isPreOpMode()) ) { CMS.debug("Low water mark reached. Requesting next range"); mNextMinSerialNo = new BigInteger(mDB.getNextRange(mRepo), mRadix); if (mNextMinSerialNo == null) { CMS.debug("Next Range not available"); } else { - CMS.debug("nNextMinSerialNo has been set to " - + mNextMinSerialNo.toString(mRadix)); + CMS.debug("nNextMinSerialNo has been set to " + mNextMinSerialNo.toString(mRadix)); mNextMaxSerialNo = mNextMinSerialNo.add(mIncrementNo); numsAvail = numsAvail.add(mIncrementNo); - mDB.setNextMinSerialConfig(mRepo, - mNextMinSerialNo.toString(mRadix)); - mDB.setNextMaxSerialConfig(mRepo, - mNextMaxSerialNo.toString(mRadix)); + mDB.setNextMinSerialConfig(mRepo, mNextMinSerialNo.toString(mRadix)); + mDB.setNextMaxSerialConfig(mRepo, mNextMaxSerialNo.toString(mRadix)); } } - if (numsInRange.compareTo(mLowWaterMarkNo) < 0) { + if (numsInRange.compareTo (mLowWaterMarkNo) < 0 ) { // check for a replication error CMS.debug("Checking for a range conflict"); if (mDB.hasRangeConflict(mRepo)) { - CMS.debug("Range Conflict found! Removing next range."); - mNextMaxSerialNo = null; - mNextMinSerialNo = null; - mDB.setNextMinSerialConfig(mRepo, null); - mDB.setNextMaxSerialConfig(mRepo, null); + CMS.debug("Range Conflict found! Removing next range."); + mNextMaxSerialNo = null; + mNextMinSerialNo= null; + mDB.setNextMinSerialConfig(mRepo, null); + mDB.setNextMaxSerialConfig(mRepo, null); } - } + } } /** - * Sets whether serial number management is enabled for certs and requests. - * - * @param value true/false - * @exception EBaseException failed to set + * Sets whether serial number management is enabled for certs + * and requests. + * + * @param value true/false + * @exception EBaseException failed to set */ - public void setEnableSerialMgmt(boolean value) throws EBaseException { + public void setEnableSerialMgmt(boolean value) throws EBaseException + { mDB.setEnableSerialMgmt(value); - } + } - public abstract BigInteger getLastSerialNumberInRange( - BigInteger serial_low_bound, BigInteger serial_upper_bound) - throws EBaseException; + public abstract BigInteger getLastSerialNumberInRange(BigInteger serial_low_bound, BigInteger serial_upper_bound) throws + EBaseException; } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java b/pki/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java index 79ffa31f..97cedac8 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/RepositoryRecord.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.math.BigInteger; import java.util.Enumeration; import java.util.Vector; @@ -25,10 +26,11 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.repository.IRepositoryRecord; + /** * A class represents a repository record. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ @@ -63,8 +65,7 @@ public class RepositoryRecord implements IRepositoryRecord { } else if (name.equalsIgnoreCase(IRepositoryRecord.ATTR_PUB_STATUS)) { mPublishingStatus = (String) obj; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -77,8 +78,7 @@ public class RepositoryRecord implements IRepositoryRecord { } else if (name.equalsIgnoreCase(IRepositoryRecord.ATTR_PUB_STATUS)) { return mPublishingStatus; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -86,8 +86,7 @@ public class RepositoryRecord implements IRepositoryRecord { * Deletes an attribute. */ public void delete(String name) throws EBaseException { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } /** diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java b/pki/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java index a926187f..67cc5c1c 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/RepositorySchema.java @@ -17,10 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + + + /** - * A class represents a collection of repository-specific schema information. + * A class represents a collection of repository-specific + * schema information. * <P> - * + * * @author thomask * @version $Revision$, $Date$ */ diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java b/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java index 87da8b91..001089fb 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfo.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.io.Serializable; import java.util.Date; @@ -25,12 +26,13 @@ import netscape.security.x509.CRLReasonExtension; import com.netscape.certsrv.dbs.certdb.IRevocationInfo; + /** - * A class represents a certificate revocation info. This object is written as - * an attribute of certificate record which essentially signifies a revocation - * act. + * A class represents a certificate revocation info. This + * object is written as an attribute of certificate record + * which essentially signifies a revocation act. * <P> - * + * * @author galperin * @version $Revision$, $Date$ */ @@ -50,10 +52,11 @@ public class RevocationInfo implements IRevocationInfo, Serializable { } /** - * Constructs revocation info used by revocation request implementation. - * - * @param reason if not null contains CRL entry extension that specifies - * revocation reason + * Constructs revocation info used by revocation + * request implementation. + * + * @param reason if not null contains CRL entry extension + * that specifies revocation reason * @see CRLReasonExtension */ public RevocationInfo(Date revocationDate, CRLExtensions exts) { diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java index 72412700..fc0eb386 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/RevocationInfoMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Date; import java.util.Enumeration; import java.util.Vector; @@ -36,12 +37,13 @@ import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; import com.netscape.cmscore.util.Debug; + /** - * A class represents a mapper to serialize revocation information into - * database. + * A class represents a mapper to serialize + * revocation information into database. * <P> - * - * @author thomask + * + * @author thomask * @version $Revision$, $Date$ */ public class RevocationInfoMapper implements IDBAttrMapper { @@ -61,8 +63,9 @@ public class RevocationInfoMapper implements IDBAttrMapper { return mNames.elements(); } - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, + Object obj, LDAPAttributeSet attrs) + throws EBaseException { try { // in format of <date>;<extensions> String value = ""; @@ -79,34 +82,35 @@ public class RevocationInfoMapper implements IDBAttrMapper { Extension ext = (Extension) e.nextElement(); if (ext instanceof CRLReasonExtension) { - RevocationReason reason = ((CRLReasonExtension) ext) - .getReason(); + RevocationReason reason = + ((CRLReasonExtension) ext).getReason(); - value = value + ";CRLReasonExtension=" - + Integer.toString(reason.toInt()); + value = value + ";CRLReasonExtension=" + + Integer.toString(reason.toInt()); } else if (ext instanceof InvalidityDateExtension) { - Date invalidityDate = ((InvalidityDateExtension) ext) - .getInvalidityDate(); + Date invalidityDate = + ((InvalidityDateExtension) ext).getInvalidityDate(); - value = value + ";InvalidityDateExtension=" - + DateMapper.dateToDB(invalidityDate); + value = value + ";InvalidityDateExtension=" + + DateMapper.dateToDB(invalidityDate); } else { Debug.trace("XXX skipped extension"); } } - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_REVO_INFO, value)); + attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_REVO_INFO, + value)); } catch (Exception e) { Debug.trace(e.toString()); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_SERIALIZE_FAILED", name)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_SERIALIZE_FAILED", name)); } } - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { try { - LDAPAttribute attr = attrs - .getAttribute(CertDBSchema.LDAP_ATTR_REVO_INFO); + LDAPAttribute attr = attrs.getAttribute( + CertDBSchema.LDAP_ATTR_REVO_INFO); if (attr == null) return; @@ -135,36 +139,36 @@ public class RevocationInfoMapper implements IDBAttrMapper { } if (str.startsWith("CRLReasonExtension=")) { String reasonStr = str.substring(19); - RevocationReason reason = RevocationReason - .fromInt(Integer.parseInt(reasonStr)); + RevocationReason reason = RevocationReason.fromInt( + Integer.parseInt(reasonStr)); CRLReasonExtension ext = new CRLReasonExtension(reason); exts.set(CRLReasonExtension.NAME, ext); } else if (str.startsWith("InvalidityDateExtension=")) { String invalidityDateStr = str.substring(24); - Date invalidityDate = DateMapper - .dateFromDB(invalidityDateStr); - InvalidityDateExtension ext = new InvalidityDateExtension( - invalidityDate); + Date invalidityDate = DateMapper.dateFromDB(invalidityDateStr); + InvalidityDateExtension ext = + new InvalidityDateExtension(invalidityDate); exts.set(InvalidityDateExtension.NAME, ext); } else { Debug.trace("XXX skipped extension"); } - } while (i != -1); - } + } + while (i != -1); + } RevocationInfo info = new RevocationInfo(d, exts); parent.set(name, info); } catch (Exception e) { Debug.trace(e.toString()); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_DESERIALIZE_FAILED", name)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_DESERIALIZE_FAILED", name)); } } public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + throws EBaseException { return CertDBSchema.LDAP_ATTR_REVO_INFO + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/StringMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/StringMapper.java index 45fd4e34..39fdac87 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/StringMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/StringMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.NoSuchElementException; import java.util.Vector; @@ -28,12 +29,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java String object into - * LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java String object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class StringMapper implements IDBAttrMapper { @@ -58,23 +61,27 @@ public class StringMapper implements IDBAttrMapper { /** * Maps attribute value to ldap attributes. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { attrs.add(new LDAPAttribute(mLdapName, (String) obj)); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) + throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) { return; } try { - parent.set(name, (String) attr.getStringValues().nextElement()); + parent.set(name, (String) + attr.getStringValues().nextElement()); } catch (NoSuchElementException e) { // attribute present, but without value } @@ -83,8 +90,8 @@ public class StringMapper implements IDBAttrMapper { /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java index a4cf4a12..d14470a2 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/StringVectorMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.util.Enumeration; import java.util.Vector; @@ -27,12 +28,14 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; + /** - * A class represents ann attribute mapper that maps a Java String object into - * LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java String object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class StringVectorMapper implements IDBAttrMapper { @@ -57,8 +60,9 @@ public class StringVectorMapper implements IDBAttrMapper { /** * Maps attribute value to ldap attributes. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { Vector v = (Vector) obj; int s = v.size(); @@ -74,10 +78,11 @@ public class StringVectorMapper implements IDBAttrMapper { } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) @@ -99,8 +104,8 @@ public class StringVectorMapper implements IDBAttrMapper { /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java index d3b31ee1..963c2fdc 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/X500NameMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.io.IOException; import java.util.Enumeration; import java.util.Vector; @@ -31,13 +32,15 @@ import com.netscape.certsrv.dbs.EDBException; import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.logging.ILogger; + /** - * A class represents ann attribute mapper that maps a Java X500Name object into - * LDAP attribute, and vice versa. - * + * A class represents ann attribute mapper that maps + * a Java X500Name object into LDAP attribute, + * and vice versa. + * * @author thomask - * @version $Revision$, $Date$ + * @version $Revision$, $Date$ */ public class X500NameMapper implements IDBAttrMapper { @@ -64,49 +67,47 @@ public class X500NameMapper implements IDBAttrMapper { /** * Maps attribute value to ldap attributes. */ - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { - attrs.add(new LDAPAttribute(mLdapName, ((X500Name) obj).toString())); + public void mapObjectToLDAPAttributeSet(IDBObj parent, + String name, Object obj, LDAPAttributeSet attrs) + throws EBaseException { + attrs.add(new LDAPAttribute(mLdapName, + ((X500Name) obj).toString())); } /** - * Maps LDAP attributes into object, and put the object into 'parent'. + * Maps LDAP attributes into object, and put the object + * into 'parent'. */ - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { LDAPAttribute attr = attrs.getAttribute(mLdapName); if (attr == null) { return; } try { - parent.set(name, new X500Name((String) attr.getStringValues() - .nextElement())); + parent.set(name, new X500Name((String) + attr.getStringValues().nextElement())); } catch (IOException e) { - /* - * LogDoc - * + /*LogDoc + * * @phase Maps LDAP attributes into object - * * @message X500NameMapper: <exception thrown> */ - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_DB, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_DBS_X500NAME_MAPPER_ERROR", - e.toString())); - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_DESERIALIZE_FAILED", name)); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_DBS_X500NAME_MAPPER_ERROR", + e.toString())); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_DESERIALIZE_FAILED", name)); } } /** * Maps search filters into LDAP search filter. */ - public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + public String mapSearchFilter(String name, String op, + String value) throws EBaseException { return mLdapName + op + value; } } diff --git a/pki/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java b/pki/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java index 57b7a1f3..e1aa144b 100644 --- a/pki/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java +++ b/pki/base/common/src/com/netscape/cmscore/dbs/X509CertImplMapper.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.dbs; + import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.util.Date; @@ -42,10 +43,12 @@ import com.netscape.certsrv.dbs.IDBAttrMapper; import com.netscape.certsrv.dbs.IDBObj; import com.netscape.certsrv.dbs.certdb.ICertRecord; + /** - * A class represents a mapper to serialize x509 certificate into database. - * - * @author thomask + * A class represents a mapper to serialize + * x509 certificate into database. + * + * @author thomask * @version $Revision$, $Date$ */ public class X509CertImplMapper implements IDBAttrMapper { @@ -69,25 +72,25 @@ public class X509CertImplMapper implements IDBAttrMapper { return v.elements(); } - public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, - Object obj, LDAPAttributeSet attrs) throws EBaseException { + public void mapObjectToLDAPAttributeSet(IDBObj parent, String name, + Object obj, LDAPAttributeSet attrs) throws EBaseException { try { X509CertImpl cert = (X509CertImpl) obj; // make information searchable Date notBefore = cert.getNotBefore(); - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_NOT_BEFORE, + attrs.add(new LDAPAttribute( + CertDBSchema.LDAP_ATTR_NOT_BEFORE, DateMapper.dateToDB(notBefore))); Date notAfter = cert.getNotAfter(); - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_NOT_AFTER, + attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_NOT_AFTER, DateMapper.dateToDB(notAfter))); - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_DURATION, + attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_DURATION, DBSUtil.longToDB(notAfter.getTime() - notBefore.getTime()))); - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_SUBJECT, cert - .getSubjectDN().getName())); - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA, - cert.getPublicKey().getEncoded())); + attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_SUBJECT, + cert.getSubjectDN().getName())); + attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA, cert.getPublicKey().getEncoded())); // make extension searchable Set nonCritSet = cert.getNonCriticalExtensionOIDs(); @@ -141,21 +144,24 @@ public class X509CertImplMapper implements IDBAttrMapper { // if we dont add ";binary", communicator does // not know how to display the certificate in // pretty print format. - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_SIGNED_CERT - + ";binary", cert.getEncoded())); + attrs.add(new LDAPAttribute( + CertDBSchema.LDAP_ATTR_SIGNED_CERT + ";binary", + cert.getEncoded())); - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_VERSION, Integer - .toString(cert.getVersion()))); + attrs.add(new LDAPAttribute( + CertDBSchema.LDAP_ATTR_VERSION, + Integer.toString(cert.getVersion()))); X509Key pubKey = (X509Key) cert.getPublicKey(); - attrs.add(new LDAPAttribute(CertDBSchema.LDAP_ATTR_ALGORITHM, + attrs.add(new LDAPAttribute( + CertDBSchema.LDAP_ATTR_ALGORITHM, pubKey.getAlgorithmId().getOID().toString())); attrs.add(new LDAPAttribute( - CertDBSchema.LDAP_ATTR_SIGNING_ALGORITHM, cert - .getSigAlgOID())); + CertDBSchema.LDAP_ATTR_SIGNING_ALGORITHM, + cert.getSigAlgOID())); } catch (CertificateEncodingException e) { - throw new EDBException(CMS.getUserMessage( - "CMS_DBS_SERIALIZE_FAILED", name)); + throw new EDBException( + CMS.getUserMessage("CMS_DBS_SERIALIZE_FAILED", name)); } } @@ -174,27 +180,31 @@ public class X509CertImplMapper implements IDBAttrMapper { String result = ""; - Boolean sslServer = (Boolean) nsExt - .get(NSCertTypeExtension.SSL_SERVER); + Boolean sslServer = (Boolean) nsExt.get( + NSCertTypeExtension.SSL_SERVER); result += "SSLServer=" + sslServer.toString() + ","; - Boolean sslClient = (Boolean) nsExt - .get(NSCertTypeExtension.SSL_CLIENT); + Boolean sslClient = (Boolean) nsExt.get( + NSCertTypeExtension.SSL_CLIENT); result += "SSLClient=" + sslClient.toString() + ","; - Boolean email = (Boolean) nsExt.get(NSCertTypeExtension.EMAIL); + Boolean email = (Boolean) nsExt.get( + NSCertTypeExtension.EMAIL); result += "Email=" + email.toString() + ","; - Boolean sslCA = (Boolean) nsExt.get(NSCertTypeExtension.SSL_CA); + Boolean sslCA = (Boolean) nsExt.get( + NSCertTypeExtension.SSL_CA); result += "SSLCA=" + sslCA.toString() + ","; - Boolean mailCA = (Boolean) nsExt.get(NSCertTypeExtension.EMAIL_CA); + Boolean mailCA = (Boolean) nsExt.get( + NSCertTypeExtension.EMAIL_CA); result += "EmailCA=" + mailCA.toString() + ","; - Boolean objectSigning = (Boolean) nsExt - .get(NSCertTypeExtension.OBJECT_SIGNING); + Boolean objectSigning = (Boolean) nsExt.get( + NSCertTypeExtension.OBJECT_SIGNING); - result += "objectSigning=" + objectSigning.toString(); + result += "objectSigning=" + + objectSigning.toString(); return result; } catch (Exception e) { return null; @@ -216,11 +226,12 @@ public class X509CertImplMapper implements IDBAttrMapper { String result = ""; - Boolean isCA = (Boolean) bcExt.get(BasicConstraintsExtension.IS_CA); + Boolean isCA = (Boolean) bcExt.get( + BasicConstraintsExtension.IS_CA); result += "isCA=" + isCA.toString() + ","; - Integer pathLen = (Integer) bcExt - .get(BasicConstraintsExtension.PATH_LEN); + Integer pathLen = (Integer) bcExt.get( + BasicConstraintsExtension.PATH_LEN); result += "pathLen=" + pathLen.toString(); return result; @@ -229,8 +240,8 @@ public class X509CertImplMapper implements IDBAttrMapper { } } - public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, - String name, IDBObj parent) throws EBaseException { + public void mapLDAPAttributeSetToObject(LDAPAttributeSet attrs, + String name, IDBObj parent) throws EBaseException { try { // rebuild object quickly using binary image // XXX bad! when we add this attribute, @@ -238,57 +249,59 @@ public class X509CertImplMapper implements IDBAttrMapper { // we retrieve it, DS returns it as // userCertificate;binary. So I cannot do the // following: - // LDAPAttribute attr = attrs.getAttribute( - // Schema.LDAP_ATTR_SIGNED_CERT); + // LDAPAttribute attr = attrs.getAttribute( + // Schema.LDAP_ATTR_SIGNED_CERT); X509CertInfo certinfo = new X509CertInfo(); - LDAPAttribute attr = attrs - .getAttribute(CertDBSchema.LDAP_ATTR_SIGNED_CERT); + LDAPAttribute attr = attrs.getAttribute( + CertDBSchema.LDAP_ATTR_SIGNED_CERT); if (attr == null) { // YUK! - attr = attrs.getAttribute(CertDBSchema.LDAP_ATTR_SIGNED_CERT - + ";binary"); + attr = attrs.getAttribute( + CertDBSchema.LDAP_ATTR_SIGNED_CERT + ";binary"); } if (attr != null) { - byte der[] = (byte[]) attr.getByteValues().nextElement(); + byte der[] = (byte[]) + attr.getByteValues().nextElement(); X509CertImpl impl = new X509CertImpl(der); parent.set(name, impl); } } catch (CertificateException e) { - // throw new EDBException( - // DBResources.FAILED_TO_DESERIALIZE_1, name); + //throw new EDBException( + // DBResources.FAILED_TO_DESERIALIZE_1, name); parent.set(name, null); } catch (Exception e) { - // throw new EDBException( - // DBResources.FAILED_TO_DESERIALIZE_1, name); + //throw new EDBException( + // DBResources.FAILED_TO_DESERIALIZE_1, name); parent.set(name, null); - + } } public String mapSearchFilter(String name, String op, String value) - throws EBaseException { + throws EBaseException { AttributeNameHelper h = new AttributeNameHelper(name); String suffix = h.getSuffix(); if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_NOT_BEFORE)) { name = CertDBSchema.LDAP_ATTR_NOT_BEFORE; try { - value = DateMapper.dateToDB(new Date(Long.parseLong(value))); + value = DateMapper.dateToDB(new + Date(Long.parseLong(value))); } catch (NumberFormatException e) { } } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_NOT_AFTER)) { name = CertDBSchema.LDAP_ATTR_NOT_AFTER; try { - value = DateMapper.dateToDB(new Date(Long.parseLong(value))); + value = DateMapper.dateToDB(new + Date(Long.parseLong(value))); } catch (NumberFormatException e) { } } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_SUBJECT)) { name = CertDBSchema.LDAP_ATTR_SUBJECT; - } else if (suffix - .equalsIgnoreCase(ICertRecord.X509CERT_PUBLIC_KEY_DATA)) { + } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_PUBLIC_KEY_DATA)) { name = CertDBSchema.LDAP_ATTR_PUBLIC_KEY_DATA; } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_DURATION)) { name = CertDBSchema.LDAP_ATTR_DURATION; @@ -297,19 +310,18 @@ public class X509CertImplMapper implements IDBAttrMapper { name = CertDBSchema.LDAP_ATTR_VERSION; } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_ALGORITHM)) { name = CertDBSchema.LDAP_ATTR_ALGORITHM; - } else if (suffix - .equalsIgnoreCase(ICertRecord.X509CERT_SIGNING_ALGORITHM)) { + } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_SIGNING_ALGORITHM)) { name = CertDBSchema.LDAP_ATTR_SIGNING_ALGORITHM; } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_SERIAL_NUMBER)) { - name = CertDBSchema.LDAP_ATTR_CERT_RECORD_ID; + name = CertDBSchema.LDAP_ATTR_CERT_RECORD_ID; } else if (suffix.equalsIgnoreCase(ICertRecord.X509CERT_EXTENSION)) { - name = CertDBSchema.LDAP_ATTR_EXTENSION; + name = CertDBSchema.LDAP_ATTR_EXTENSION; } else if (suffix.equalsIgnoreCase(ICertRecord.ATTR_REVO_INFO)) { - name = CertDBSchema.LDAP_ATTR_REVO_INFO; + name = CertDBSchema.LDAP_ATTR_REVO_INFO; value = "*;CRLReasonExtension=" + value + "*"; } else if (suffix.equalsIgnoreCase("nsExtension.SSLClient")) { // special case for NS cert type extension - name = CertDBSchema.LDAP_ATTR_EXTENSION; + name = CertDBSchema.LDAP_ATTR_EXTENSION; if (value.equals("on")) { value = "2.16.840.1.113730.1.1;*SSLClient=true*"; } else { @@ -317,7 +329,7 @@ public class X509CertImplMapper implements IDBAttrMapper { } } else if (suffix.equalsIgnoreCase("nsExtension.SSLServer")) { // special case for NS cert type extension - name = CertDBSchema.LDAP_ATTR_EXTENSION; + name = CertDBSchema.LDAP_ATTR_EXTENSION; if (value.equals("on")) { value = "2.16.840.1.113730.1.1;*SSLServer=true*"; } else { @@ -325,7 +337,7 @@ public class X509CertImplMapper implements IDBAttrMapper { } } else if (suffix.equalsIgnoreCase("nsExtension.SecureEmail")) { // special case for NS cert type extension - name = CertDBSchema.LDAP_ATTR_EXTENSION; + name = CertDBSchema.LDAP_ATTR_EXTENSION; if (value.equals("on")) { value = "2.16.840.1.113730.1.1;*Email=true*"; } else { @@ -333,7 +345,7 @@ public class X509CertImplMapper implements IDBAttrMapper { } } else if (suffix.equalsIgnoreCase("nsExtension.SubordinateSSLCA")) { // special case for NS cert type extension - name = CertDBSchema.LDAP_ATTR_EXTENSION; + name = CertDBSchema.LDAP_ATTR_EXTENSION; if (value.equals("on")) { value = "2.16.840.1.113730.1.1;*SSLCA=true*"; } else { @@ -341,7 +353,7 @@ public class X509CertImplMapper implements IDBAttrMapper { } } else if (suffix.equalsIgnoreCase("nsExtension.SubordinateEmailCA")) { // special case for NS cert type extension - name = CertDBSchema.LDAP_ATTR_EXTENSION; + name = CertDBSchema.LDAP_ATTR_EXTENSION; if (value.equals("on")) { value = "2.16.840.1.113730.1.1;*EmailCA=true*"; } else { @@ -349,7 +361,7 @@ public class X509CertImplMapper implements IDBAttrMapper { } } else if (suffix.equalsIgnoreCase("BasicConstraints.isCA")) { // special case for Basic Constraints extension - name = CertDBSchema.LDAP_ATTR_EXTENSION; + name = CertDBSchema.LDAP_ATTR_EXTENSION; if (value.equals("on")) { value = "2.5.29.19;*isCA=true*"; } else { |