Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 310294 Details for
Bug 443687
Improve CA's agent and end entity interface to reflect disabled CRL cache
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
Proposed improvement to CA's UI reflecting cache presence.
443687.txt (text/plain), 10.07 KB, created by
Andrew Wnuk
on 2008-06-25 20:46:25 UTC
(
hide
)
Description:
Proposed improvement to CA's UI reflecting cache presence.
Filename:
MIME Type:
Creator:
Andrew Wnuk
Created:
2008-06-25 20:46:25 UTC
Size:
10.07 KB
patch
obsolete
>Index: base/ca/src/com/netscape/ca/CRLIssuingPoint.java >=================================================================== >--- base/ca/src/com/netscape/ca/CRLIssuingPoint.java (revision 51) >+++ base/ca/src/com/netscape/ca/CRLIssuingPoint.java (working copy) >@@ -1928,6 +1928,10 @@ > return mEnableCRLCache; > } > >+ public boolean isCRLCacheEmpty() { >+ return ((mCRLCerts != null)? mCRLCerts.isEmpty(): true); >+ } >+ > public Date getRevocationDateFromCache(BigInteger serialNumber, > boolean checkDeltaCache, > boolean includeExpiredCerts) { >Index: base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java >=================================================================== >--- base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java (revision 51) >+++ base/common/src/com/netscape/certsrv/ca/ICRLIssuingPoint.java (working copy) >@@ -490,6 +490,20 @@ > public boolean isDeltaCRLEnabled(); > > /** >+ * Returns true if CRL cache is enabled. >+ * >+ * @return true if CRL cache is enabled >+ */ >+ public boolean isCRLCacheEnabled(); >+ >+ /** >+ * Returns true if CRL cache is empty. >+ * >+ * @return true if CRL cache is empty >+ */ >+ public boolean isCRLCacheEmpty(); >+ >+ /** > * Returns true if supplied delta-CRL is matching current delta-CRL. > * > * @param deltaCRL delta-CRL to verify against current delta-CRL >Index: base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java >=================================================================== >--- base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java (revision 51) >+++ base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java (working copy) >@@ -176,6 +176,7 @@ > ICRLIssuingPoint crlIP = null; > X509CRLImpl crl = null; > boolean clonedCA = false; >+ boolean isCRLCacheEnabled = false; > String masterHost = null; > String masterPort = null; > Vector ipNames = null; >@@ -217,6 +218,7 @@ > > if (crlIssuingPointId.equals(ip.getId())) { > crlIP = ip; >+ isCRLCacheEnabled = ip.isCRLCacheEnabled(); > break; > } > if (!ips.hasMoreElements()) crlIssuingPointId = null; >@@ -297,7 +299,7 @@ > } > } > >- if (crl != null || crlDisplayType.equals("cachedCRL")) { >+ if (crl != null || (isCRLCacheEnabled && crlDisplayType.equals("cachedCRL"))) { > if (crlDisplayType.equals("entireCRL") || crlDisplayType.equals("cachedCRL")) { > ICRLPrettyPrint crlDetails = null; > if (crlDisplayType.equals("entireCRL")) { >@@ -453,6 +455,9 @@ > } > } > >+ } else if (!isCRLCacheEnabled && crlDisplayType.equals("cachedCRL")) { >+ header.addStringValue("error", CMS.getUserMessage(locale, "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId)); >+ header.addStringValue("crlPrettyPrint", CMS.getUserMessage(locale, "CMS_GW_CRL_CACHE_IS_NOT_ENABLED", crlIssuingPointId)); > } else { > header.addStringValue("error", > new ECMSGWException(CMS.getUserMessage(locale, "CMS_GW_DECODE_CRL_FAILED")).toString()); >Index: base/common/src/com/netscape/cms/servlet/cert/GetCRL.java >=================================================================== >--- base/common/src/com/netscape/cms/servlet/cert/GetCRL.java (revision 51) >+++ base/common/src/com/netscape/cms/servlet/cert/GetCRL.java (working copy) >@@ -195,6 +195,17 @@ > header.addStringValue("crlDisplayType", crlDisplayType); > } > >+ if ((op.equals("checkCRLcache") || >+ (op.equals("displayCRL") && crlDisplayType != null && crlDisplayType.equals("cachedCRL"))) && >+ (crlIP == null || (!crlIP.isCRLCacheEnabled()) || crlIP.isCRLCacheEmpty())) { >+ cmsReq.setError( >+ CMS.getUserMessage( >+ ((crlIP != null && crlIP.isCRLCacheEnabled() && crlIP.isCRLCacheEmpty())? >+ "CMS_GW_CRL_CACHE_IS_EMPTY":"CMS_GW_CRL_CACHE_IS_NOT_ENABLED"), crlId)); >+ cmsReq.setStatus(CMSRequest.ERROR); >+ return; >+ } >+ > byte[] crlbytes = null; > > if (op.equals("importDeltaCRL") || op.equals("getDeltaCRL") || >Index: base/common/src/com/netscape/cmscore/cert/CrlCachePrettyPrint.java >=================================================================== >--- base/common/src/com/netscape/cmscore/cert/CrlCachePrettyPrint.java (revision 51) >+++ base/common/src/com/netscape/cmscore/cert/CrlCachePrettyPrint.java (working copy) >@@ -236,6 +236,9 @@ > } > l++; > } >+ } else if (mIP.isCRLCacheEnabled() && mIP.isCRLCacheEmpty()) { >+ sb.append("\n" + pp.indent(16) + resource.getString( >+ PrettyPrintResources.TOKEN_CACHE_IS_EMPTY) + "\n\n"); > } else { > sb.append("\n" + pp.indent(16) + resource.getString( > PrettyPrintResources.TOKEN_CACHE_NOT_AVAILABLE) + "\n\n"); >Index: base/common/src/com/netscape/cmscore/cert/PrettyPrintResources.java >=================================================================== >--- base/common/src/com/netscape/cmscore/cert/PrettyPrintResources.java (revision 51) >+++ base/common/src/com/netscape/cmscore/cert/PrettyPrintResources.java (working copy) >@@ -171,6 +171,7 @@ > public final static String TOKEN_NONE = "none"; > > public final static String TOKEN_CACHE_NOT_AVAILABLE = "cacheNotAvailable"; >+ public final static String TOKEN_CACHE_IS_EMPTY = "cacheIsEmpty"; > > //Tokens should have blank_space as trailer > static final Object[][] contents = { >@@ -287,6 +288,7 @@ > {TOKEN_NOT_SET, "not set"}, > {TOKEN_NONE, "none"}, > {TOKEN_CACHE_NOT_AVAILABLE, "CRL cache is not available. "}, >+ {TOKEN_CACHE_IS_EMPTY, "CRL cache is empty. "}, > }; > > } >Index: base/common/src/UserMessages_en.properties >=================================================================== >--- base/common/src/UserMessages_en.properties (revision 51) >+++ base/common/src/UserMessages_en.properties (working copy) >@@ -255,6 +255,8 @@ > CMS_GW_NO_CMC_CONTENT=No PKCS #10 nor CRMF in the CMC full enrollment request. > CMS_GW_CMC_ERROR=Unexpected error processing the CMC full enrollment request: {0} > CMS_GW_UNAUTHORIZED_CREATE_GROUP=Unauthorized to create group: {0} >+CMS_GW_CRL_CACHE_IS_NOT_ENABLED=CRL cache is not enabled for {0} issuing point. >+CMS_GW_CRL_CACHE_IS_EMPTY=CRL cache for {0} issuing point is empty. > ####################################################### > # Admin Servlets > # >Index: base/util/src/netscape/security/util/PrettyPrintResources.java >=================================================================== >--- base/util/src/netscape/security/util/PrettyPrintResources.java (revision 51) >+++ base/util/src/netscape/security/util/PrettyPrintResources.java (working copy) >@@ -175,6 +175,7 @@ > public final static String TOKEN_NONE = "none"; > > public final static String TOKEN_CACHE_NOT_AVAILABLE = "cacheNotAvailable"; >+ public final static String TOKEN_CACHE_IS_EMPTY = "cacheIsEmpty"; > > //Tokens should have blank_space as trailer > static final Object[][] contents = { >@@ -295,6 +296,7 @@ > {TOKEN_NOT_SET, "not set"}, > {TOKEN_NONE, "none"}, > {TOKEN_CACHE_NOT_AVAILABLE, "CRL cache is not available. "}, >+ {TOKEN_CACHE_IS_EMPTY, "CRL cache is empty. "}, > }; > > } >Index: linux/common/pki-common.spec >=================================================================== >--- linux/common/pki-common.spec (revision 51) >+++ linux/common/pki-common.spec (working copy) >@@ -33,7 +33,7 @@ > ## Package Header Definitions > %define base_name %{base_prefix}-%{base_component} > %define base_version 1.0.0 >-%define base_release 8 >+%define base_release 9 > %define base_group System Environment/Base > %define base_vendor Red Hat, Inc. > %define base_license GPLv2 with exceptions >@@ -298,6 +298,8 @@ > ############################################################################### > > %changelog >+* Wed Jun 25 2008 Andrew Wnuk <awnuk@redhat.com> 1.0.0-9 >+- Fix for bug #443687. > * Fri May 16 2008 Andrew Wnuk <awnuk@redhat.com> 1.0.0-8 > - Fix for bug #445470. > * Tue May 7 2008 Jack Magne <jmagne@redhat.com> 1.0.0-7 >Index: linux/ca/pki-ca.spec >=================================================================== >--- linux/ca/pki-ca.spec (revision 51) >+++ linux/ca/pki-ca.spec (working copy) >@@ -34,7 +34,7 @@ > ## Package Header Definitions > %define base_name %{base_prefix}-%{base_component} > %define base_version 1.0.0 >-%define base_release 6 >+%define base_release 7 > %define base_group System Environment/Daemons > %define base_vendor Red Hat, Inc. > %define base_license GPLv2 with exceptions >@@ -282,6 +282,8 @@ > ############################################################################### > > %changelog >+* Wed Jun 25 2008 Andrew Wnuk <awnuk@redhat.com> 1.0.0-7 >+- Fix for bug #443687. > * Mon Jun 9 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-6 > - Bugzilla Bug #450345: Port Dogtag 1.0.0 to > Fedora 9 (32-bit i386 & 64-bit x86_64). >Index: linux/util/pki-util.spec >=================================================================== >--- linux/util/pki-util.spec (revision 51) >+++ linux/util/pki-util.spec (working copy) >@@ -33,7 +33,7 @@ > ## Package Header Definitions > %define base_name %{base_prefix}-%{base_component} > %define base_version 1.0.0 >-%define base_release 2 >+%define base_release 3 > %define base_group System Environment/Base > %define base_vendor Red Hat, Inc. > %define base_license GPLv2 with exceptions >@@ -278,6 +278,8 @@ > ############################################################################### > > %changelog >+* Wed Jun 25 2008 Andrew Wnuk <awnuk@redhat.com> 1.0.0-3 >+- Fix for bug #443687. > * Mon Jun 9 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-2 > - Bugzilla Bug #450345: Port Dogtag 1.0.0 to > Fedora 9 (32-bit i386 & 64-bit x86_64).
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 443687
:
303379
|
303381
|
303382
| 310294