Bug 480251 - rhds80 console - ssl - csr wizard really wants a country/region string
Summary: rhds80 console - ssl - csr wizard really wants a country/region string
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Directory Server
Classification: Red Hat
Component: UI - Wizards
Version: 8.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Rich Megginson
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks: 249650 FDS1.2.0
TreeView+ depends on / blocked
 
Reported: 2009-01-15 23:18 UTC by Marc Sauton
Modified: 2015-01-04 23:35 UTC (History)
3 users (show)

Fixed In Version: 8.1
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-04-29 23:09:25 UTC


Attachments (Terms of Use)
diffs (1.58 KB, patch)
2009-01-16 17:44 UTC, Rich Megginson
no flags Details | Diff
cvs commit log (267 bytes, text/plain)
2009-01-16 19:39 UTC, Rich Megginson
no flags Details

Description Marc Sauton 2009-01-15 23:18:07 UTC
Description of problem:

In RHDS 8.0 console, the certificate request wizard throws a java exception if I do not provide with a string for the country/region field, and does not allow to continue until any string is passed to this country/region field.

This field should be optional, the only mandatory field is the cn with the server name field.
All other files are expected to be re-written ba CA policies.

Version-Release number of selected component (if applicable):

Red Hat Enterprise Linux AS release 4 (Nahant Update 5)
Linux ms-ds8-1.sjc.redhat.com 2.6.9-55.EL #1 Fri Apr 20 16:35:59 EDT 2007 i686 i686 i386 GNU/Linux

alternatives --config java
*+ 1           /usr/lib/jvm/jre-1.5.0-ibm/bin/java

        Red Hat-Directory/8.0.4 B2008.225.2353
        ms-ds8-1.sjc.redhat.com:389 (/etc/dirsrv/slapd-ms-ds8-1)


rpm -qa | egrep "dirsec|nss|nspr|srvcore|mozldap6|perl-Mozilla-LDAP|redhat-ds|idm-console|redhat-idm"
...
fortitude-mod_nss-1.0.6-8el4idm
idm-console-framework-1.1.0-7.el4idm
redhat-ds-admin-8.0.4-3.el4dsrv
dirsec-nss-3.11.7-3.el4idm
dirsec-jss-4.2.4-41.el4idm
mozldap6-6.0.5-1el4idm
dirsec-nss-tools-3.11.7-3.el4idm
redhat-idm-console-1.0.0-22.el4idm
redhat-ds-base-8.0.4-7.el4dsrv
redhat-ds-8.0.0-1.3.el4dsrv
dirsec-nspr-4.6.7.1-1.el4idm
perl-Mozilla-LDAP-1.5.2-4el4idm
mozldap6-tools-6.0.5-1el4idm
redhat-ds-console-8.0.0-9.el4dsrv


How reproducible:
always


Steps to Reproduce:
1- Open Directory Server Console, select the Tasks tab, and click Manage Certificates.
  if first time, in popup window, set security device password
2- in Server Certs tab, click Request 
3- in popup window "Certificate Request Wizard", click Next
4- in step 2 out of 4, "Requestor Information", provide with the server name only, all other field left blank (should be allowed, this is legitimate), then click Next.

  
Actual results:

nothing in the console, java exception in the shell window that started the console

Expected results:
allow for only the server name filed in the requestor information fields

Additional info:
exception:

Exception occurred during event dispatching:
java.lang.StringIndexOutOfBoundsException
        at java.lang.String.substring(String.java:1088)
        at com.netscape.management.client.security.csr.CertRequestInfoPage.validated(Unknown Source)
        at com.netscape.management.client.security.csr.CertRequestInfoPage.getNextPage(Unknown Source)
        at com.netscape.management.client.security.CertRequestWizard$PluginWizardPage.nextInvoked(Unknown Source)
        at com.netscape.management.client.components.WizardNavigator.actionPerformed(Unknown Source)
        at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1879)
        at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2199)
        at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:450)
        at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:288)
        at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:264)
        at java.awt.Component.processMouseEvent(Component.java:5529)
        at javax.swing.JComponent.processMouseEvent(JComponent.java:3148)
        at java.awt.Component.processEvent(Component.java:5294)
        at java.awt.Container.processEvent(Container.java:2001)
        at java.awt.Component.dispatchEventImpl(Component.java:3996)
        at java.awt.Container.dispatchEventImpl(Container.java:2059)
        at java.awt.Component.dispatchEvent(Component.java:3844)
        at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4249)
        at java.awt.LightweightDispatcher.processMouseEvent(Container.java:3929)
        at java.awt.LightweightDispatcher.dispatchEvent(Container.java:3859)
        at java.awt.Container.dispatchEventImpl(Container.java:2045)
        at java.awt.Window.dispatchEventImpl(Window.java:1810)
        at java.awt.Component.dispatchEvent(Component.java:3844)
        at java.awt.EventQueue.dispatchEvent(EventQueue.java:545)
at java.awt.EventDispatchThread.pumpOneEventForHierarchy(EventDispatchThread.java:268)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:197)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:187)
at java.awt.Dialog$1.run(Dialog.java:572)
at java.awt.Dialog.show(Dialog.java:593)
at com.netscape.management.client.components.Wizard.show(Unknown Source)
at java.awt.Component.show(Component.java:1337)
at java.awt.Component.setVisible(Component.java:1290)
at com.netscape.management.client.security.CertRequestWizard.setVisible(Unknown Source)
at com.netscape.management.client.security.ServerCertificatePane.requestInvoked(Unknown Source)
at com.netscape.management.client.security.CertificateListPane$1.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1879)
at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2199)
at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:450)
at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:288)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:264)
        at java.awt.AWTEventMulticaster.mouseReleased(AWTEventMulticaster.java:263)
        at java.awt.Component.processMouseEvent(Component.java:5529)
        at javax.swing.JComponent.processMouseEvent(JComponent.java:3148)
        at java.awt.Component.processEvent(Component.java:5294)
        at java.awt.Container.processEvent(Container.java:2001)
        at java.awt.Component.dispatchEventImpl(Component.java:3996)
        at java.awt.Container.dispatchEventImpl(Container.java:2059)
        at java.awt.Component.dispatchEvent(Component.java:3844)
        at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4249)
        at java.awt.LightweightDispatcher.processMouseEvent(Container.java:3929)
        at java.awt.LightweightDispatcher.dispatchEvent(Container.java:3859)
        at java.awt.Container.dispatchEventImpl(Container.java:2045)
        at java.awt.Window.dispatchEventImpl(Window.java:1810)
        at java.awt.Component.dispatchEvent(Component.java:3844)
        at java.awt.EventQueue.dispatchEvent(EventQueue.java:545)
        at java.awt.EventDispatchThread.pumpOneEventForHierarchy(EventDispatchThread.java:268)
        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:197)
        at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:187)
        at java.awt.Dialog$1.run(Dialog.java:572)
        at java.awt.Dialog.show(Dialog.java:593)
        at com.netscape.management.client.util.AbstractDialog.show(Unknown Source)
        at com.netscape.management.client.security.CertificateDialog.show(Unknown Source)
        at java.awt.Component.show(Component.java:1337)
        at java.awt.Component.setVisible(Component.java:1290)
        at com.netscape.management.client.security.CertificateDialog.setVisible(Unknown Source)

Comment 1 Rich Megginson 2009-01-16 03:24:01 UTC
There is no way for the console to know what the CA policy is.  Should all of the fields be optional?  Should any of them be required?

Comment 2 Rich Megginson 2009-01-16 17:44:26 UTC
Created attachment 329234 [details]
diffs

Comment 3 Rich Megginson 2009-01-16 17:45:44 UTC
Note that the country and state fields are menu buttons, but you can put the cursor in the field and erase what is there.

Comment 4 Rich Megginson 2009-01-16 19:39:20 UTC
Created attachment 329244 [details]
cvs commit log

Reviewed by: nkinder (Thanks!)
Fix Description: Have to make sure the string is long enough before taking the substring
Platforms tested: RHEL5
Flag Day: no
Doc impact: no

Comment 5 Jenny Severance 2009-03-30 20:30:38 UTC
fix verified RHEL 5 DS 8.1 - certificate request successfully generated with only cn.  Popup warning asking if you want to continue and that the request may not be accepted by the certificate authority

Comment 6 Chandrasekar Kannan 2009-04-29 23:09:25 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2009-0455.html


Note You need to log in before you can comment on or make changes to this bug.