From f8059a90d007f1c0374f80dbd3825ddb0050ab3a Mon Sep 17 00:00:00 2001 From: Marco Fargetta Date: Wed, 9 Oct 2024 16:26:59 +0200 Subject: [PATCH] Update range format for new legacy generator in clients --- .../server/ca/cli/CARangeUpdateCLI.java | 4 +- .../servlet/csadmin/UpdateNumberRange.java | 46 +++++++++++++------ .../server/cli/SubsystemRangeUpdateCLI.java | 36 +++++++++------ 3 files changed, 58 insertions(+), 28 deletions(-) diff --git a/base/ca/src/main/java/org/dogtagpki/server/ca/cli/CARangeUpdateCLI.java b/base/ca/src/main/java/org/dogtagpki/server/ca/cli/CARangeUpdateCLI.java index 5628173fbc0..1f10bd92fe3 100644 --- a/base/ca/src/main/java/org/dogtagpki/server/ca/cli/CARangeUpdateCLI.java +++ b/base/ca/src/main/java/org/dogtagpki/server/ca/cli/CARangeUpdateCLI.java @@ -39,9 +39,9 @@ public void updateSerialNumberRange( String value = dbConfig.getString( CertificateRepository.PROP_CERT_ID_GENERATOR, CertificateRepository.DEFAULT_CERT_ID_GENERATOR); - IDGenerator idGenerator = IDGenerator.fromString(value); + idGenerator = IDGenerator.fromString(value); - if (idGenerator != IDGenerator.LEGACY) { + if (idGenerator == IDGenerator.RANDOM) { logger.info("No need to update certificate ID range"); return; } diff --git a/base/server/src/main/java/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java b/base/server/src/main/java/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java index cdf355c19b9..7c1980e1e1d 100644 --- a/base/server/src/main/java/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java +++ b/base/server/src/main/java/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java @@ -124,25 +124,22 @@ protected void process(CMSRequest cmsReq) throws EBaseException { repo.checkRanges(); } - int radix = 10; + int radix = repo.getRadix(); String endNumConfig = null; String cloneNumConfig = null; String nextEndConfig = null; if (type.equals("request")) { - radix = 10; endNumConfig = "endRequestNumber"; cloneNumConfig = "requestCloneTransferNumber"; nextEndConfig = "nextEndRequestNumber"; } else if (type.equals("serialNo")) { - radix = 16; endNumConfig = "endSerialNumber"; cloneNumConfig = "serialCloneTransferNumber"; nextEndConfig = "nextEndSerialNumber"; } else if (type.equals("replicaId")) { - radix = 10; endNumConfig = "endReplicaNumber"; cloneNumConfig = "replicaCloneTransferNumber"; nextEndConfig = "nextEndReplicaNumber"; @@ -165,12 +162,19 @@ protected void process(CMSRequest cmsReq) throws EBaseException { * cases this is done by a scheduled task). */ - String endNumStr = dbConfig.getString(endNumConfig); - BigInteger endNum = new BigInteger(endNumStr, radix); + BigInteger endNum; + BigInteger transferSize; + if (repo.getIDGenerator() == Repository.IDGenerator.NEW_LEGACY) { + endNum = dbConfig.getBigInteger(endNumConfig); + transferSize = dbConfig.getBigInteger(cloneNumConfig); + } else { + String endNumStr = dbConfig.getString(endNumConfig); + endNum = new BigInteger(endNumStr, radix); + + String transferSizeStr = dbConfig.getString(cloneNumConfig, ""); + transferSize = new BigInteger(transferSizeStr, radix); + } logger.info("UpdateNumberRange: dbs." + endNumConfig + ": " + endNum); - - String transferSizeStr = dbConfig.getString(cloneNumConfig, ""); - BigInteger transferSize = new BigInteger(transferSizeStr, radix); logger.info("UpdateNumberRange: dbs." + cloneNumConfig + ": " + transferSize); // transferred range will start at beginNum @@ -228,7 +232,11 @@ protected void process(CMSRequest cmsReq) throws EBaseException { * this scenario is unlikely to arise. Furthermore, * recovery is automatic thanks to the scheduled tasks. */ - endNum = new BigInteger(dbConfig.getString(nextEndConfig, ""), radix); + if (repo.getIDGenerator() == Repository.IDGenerator.NEW_LEGACY) { + endNum = dbConfig.getBigInteger(nextEndConfig); + } else { + endNum = new BigInteger(dbConfig.getString(nextEndConfig, ""), radix); + } BigInteger newEndNum = endNum.subtract(transferSize); logger.info("UpdateNumberRange: Transferring from the end of next range"); @@ -236,7 +244,11 @@ protected void process(CMSRequest cmsReq) throws EBaseException { logger.info("UpdateNumberRange: Next range new end: " + newEndNum); repo.setNextMaxSerial(newEndNum); - dbConfig.putString(nextEndConfig, newEndNum.toString(radix)); + String strNewEndNum = newEndNum.toString(radix); + if (repo.getIDGenerator() == Repository.IDGenerator.NEW_LEGACY && radix == Repository.HEX) { + strNewEndNum = "0x" + strNewEndNum; + } + dbConfig.putString(nextEndConfig, strNewEndNum); beginNum = newEndNum.add(BigInteger.ONE); } else { @@ -246,6 +258,9 @@ protected void process(CMSRequest cmsReq) throws EBaseException { BigInteger newEndNum = beginNum.subtract(BigInteger.ONE); repo.setMaxSerial(newEndNum); String newValStr = newEndNum.toString(radix); + if (repo.getIDGenerator() == Repository.IDGenerator.NEW_LEGACY && radix == Repository.HEX) { + newValStr = "0x" + newValStr; + } dbConfig.putString(endNumConfig, newValStr); logger.info("UpdateNumberRange: New current range: " + nextSerial + ".." + newEndNum); @@ -277,8 +292,13 @@ protected void process(CMSRequest cmsReq) throws EBaseException { JSONObject jsonObj = new JSONObject(); ObjectNode responseNode = jsonObj.getMapper().createObjectNode(); responseNode.put("Status", SUCCESS); - responseNode.put("beginNumber", beginNum.toString(radix)); - responseNode.put("endNumber", endNum.toString(radix)); + if(repo.getIDGenerator() == Repository.IDGenerator.NEW_LEGACY && radix == Repository.HEX) { + responseNode.put("beginNumber", "0x" + beginNum.toString(radix)); + responseNode.put("endNumber", "0x" + endNum.toString(radix)); + } else { + responseNode.put("beginNumber", beginNum.toString(radix)); + responseNode.put("endNumber", endNum.toString(radix)); + } jsonObj.getRootNode().set("Response", responseNode); outputResult(httpResp, "application/json", jsonObj.toByteArray()); cs.commit(false); diff --git a/base/server/src/main/java/org/dogtagpki/server/cli/SubsystemRangeUpdateCLI.java b/base/server/src/main/java/org/dogtagpki/server/cli/SubsystemRangeUpdateCLI.java index 90ce9ca8ab9..461664dae98 100644 --- a/base/server/src/main/java/org/dogtagpki/server/cli/SubsystemRangeUpdateCLI.java +++ b/base/server/src/main/java/org/dogtagpki/server/cli/SubsystemRangeUpdateCLI.java @@ -38,6 +38,8 @@ public class SubsystemRangeUpdateCLI extends SubsystemCLI { public static final Logger logger = LoggerFactory.getLogger(SubsystemRangeUpdateCLI.class); + protected IDGenerator idGenerator; + public SubsystemRangeUpdateCLI(CLI parent) { super("update", "Update " + parent.getParent().getName().toUpperCase() + " ranges", parent); } @@ -109,17 +111,21 @@ public void updateSerialNumberRange( LdapBoundConnection conn = new LdapBoundConnection(socketFactory, connInfo, authInfo); try { - // parse the end of current cert range as decimal - // NOTE: this is a bug, cert range is stored as hex in CS.cfg - BigInteger endSerialNumber = new BigInteger(dbConfig.getEndSerialNumber()); - + BigInteger endSerialNumber; + if (idGenerator == IDGenerator.NEW_LEGACY) { + endSerialNumber = dbConfig.getBigInteger(DatabaseConfig.MAX_SERIAL_NUMBER); + } else { + // parse the end of current cert range as decimal + // NOTE: this is a bug, cert range is stored as hex in CS.cfg + endSerialNumber = new BigInteger(dbConfig.getEndSerialNumber()); + } // generate nextRange in decimal - String nextSerialNumber = endSerialNumber.add(BigInteger.ONE).toString(); + BigInteger nextSerialNumber = endSerialNumber.add(BigInteger.ONE); String serialDN = dbConfig.getSerialDN() + "," + baseDN; // store nextRange as decimal - LDAPAttribute attrSerialNextRange = new LDAPAttribute("nextRange", nextSerialNumber); + LDAPAttribute attrSerialNextRange = new LDAPAttribute("nextRange", nextSerialNumber.toString()); LDAPModification serialmod = new LDAPModification(LDAPModification.REPLACE, attrSerialNextRange); @@ -140,9 +146,9 @@ public void updateRequestNumberRange( String value = dbConfig.getString( RequestRepository.PROP_REQUEST_ID_GENERATOR, RequestRepository.DEFAULT_REQUEST_ID_GENERATOR); - IDGenerator idGenerator = IDGenerator.fromString(value); + idGenerator = IDGenerator.fromString(value); - if (idGenerator != IDGenerator.LEGACY) { + if (idGenerator == IDGenerator.RANDOM) { logger.info("No need to update request ID range"); return; } @@ -152,16 +158,20 @@ public void updateRequestNumberRange( try { logger.info("Updating request ID range"); - // parse the end of current range as decimal - BigInteger endRequestNumber = new BigInteger(dbConfig.getEndRequestNumber()); - + BigInteger endRequestNumber; + if (idGenerator == IDGenerator.NEW_LEGACY) { + endRequestNumber = dbConfig.getBigInteger(DatabaseConfig.MAX_REQUEST_NUMBER); + } else { + // parse the end of current range as decimal + endRequestNumber = new BigInteger(dbConfig.getEndRequestNumber()); + } // generate nextRange in decimal - String nextRequestNumber = endRequestNumber.add(BigInteger.ONE).toString(); + BigInteger nextRequestNumber = endRequestNumber.add(BigInteger.ONE); String requestDN = dbConfig.getRequestDN() + "," + baseDN; // store nextRange as decimal - LDAPAttribute attrRequestNextRange = new LDAPAttribute("nextRange", nextRequestNumber); + LDAPAttribute attrRequestNextRange = new LDAPAttribute("nextRange", nextRequestNumber.toString()); LDAPModification requestmod = new LDAPModification(LDAPModification.REPLACE, attrRequestNextRange);