Skip to content

Commit

Permalink
Move legacy2 ranges in a new tree
Browse files Browse the repository at this point in the history
When an instance is updated from legacy generator to the new legacy2
generator the ranges will be stored in a new tree. The default tree
name is "ou=range_v2,<subsystem_base_db>".

The name of the ranges entry can be customised with the option `-r` (or
--range) to the command `pki-server <subsystem>-id-generator-update`.
  • Loading branch information
fmarco76 committed Oct 28, 2024
1 parent 6ae10a5 commit 89a1447
Show file tree
Hide file tree
Showing 5 changed files with 211 additions and 122 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,7 @@
import com.netscape.cmscore.dbs.CertificateRepository;
import com.netscape.cmscore.dbs.Repository;
import com.netscape.cmscore.dbs.Repository.IDGenerator;
import com.netscape.cmscore.ldapconn.LdapAuthInfo;
import com.netscape.cmscore.ldapconn.LdapConnInfo;
import com.netscape.cmscore.ldapconn.PKISocketFactory;
import com.netscape.cmscore.ldapconn.LdapBoundConnection;
import org.dogtagpki.cli.CLI;
import org.dogtagpki.server.cli.SubsystemIdGeneratorUpdateCLI;
import org.slf4j.Logger;
Expand All @@ -28,8 +26,9 @@ public CAIdGeneratorUpdateCLI(CLI parent) {
}

@Override
protected void updateSerialNumberRangeGenerator(PKISocketFactory socketFactory, LdapConnInfo connInfo,
LdapAuthInfo authInfo, DatabaseConfig dbConfig, String baseDN, IDGenerator newGenerator, String hostName, String securePort) throws Exception {
protected void updateSerialNumberRangeGenerator(LdapBoundConnection conn,
DatabaseConfig dbConfig, String baseDN, String newRangesName,
IDGenerator newGenerator, String hostName, String securePort) throws Exception {
String value = dbConfig.getString(
CertificateRepository.PROP_CERT_ID_GENERATOR,
CertificateRepository.DEFAULT_CERT_ID_GENERATOR);
Expand All @@ -46,7 +45,7 @@ protected void updateSerialNumberRangeGenerator(PKISocketFactory socketFactory,
dbConfig.put(CertificateRepository.PROP_CERT_ID_RADIX, Integer.toString(Repository.HEX));
}

super.updateSerialNumberRangeGenerator(socketFactory, connInfo, authInfo, dbConfig, baseDN, newGenerator, hostName, securePort);
super.updateSerialNumberRangeGenerator(conn, dbConfig, baseDN, newRangesName, newGenerator, hostName, securePort);
}


Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,7 @@
import com.netscape.cmscore.apps.DatabaseConfig;
import com.netscape.cmscore.dbs.KeyRepository;
import com.netscape.cmscore.dbs.Repository;
import com.netscape.cmscore.ldapconn.LdapAuthInfo;
import com.netscape.cmscore.ldapconn.LdapConnInfo;
import com.netscape.cmscore.ldapconn.PKISocketFactory;
import com.netscape.cmscore.ldapconn.LdapBoundConnection;
import org.dogtagpki.cli.CLI;
import org.dogtagpki.server.cli.SubsystemIdGeneratorUpdateCLI;

Expand All @@ -24,8 +22,9 @@ public kraIdGeneratorUpdateCLI(CLI parent) {
}

@Override
protected void updateSerialNumberRangeGenerator(PKISocketFactory socketFactory, LdapConnInfo connInfo,
LdapAuthInfo authInfo, DatabaseConfig dbConfig, String baseDN, Repository.IDGenerator newGenerator, String hostName, String securePort) throws Exception {
protected void updateSerialNumberRangeGenerator(LdapBoundConnection conn,
DatabaseConfig dbConfig, String baseDN, String newRangesName,
Repository.IDGenerator newGenerator, String hostName, String securePort) throws Exception {
String value = dbConfig.getString(
KeyRepository.PROP_KEY_ID_GENERATOR,
KeyRepository.DEFAULT_KEY_ID_GENERATOR);
Expand All @@ -40,6 +39,6 @@ protected void updateSerialNumberRangeGenerator(PKISocketFactory socketFactory,
dbConfig.put(KeyRepository.PROP_KEY_ID_RADIX, Integer.toString(Repository.HEX));
}

super.updateSerialNumberRangeGenerator(socketFactory, connInfo, authInfo, dbConfig, baseDN, newGenerator, hostName, securePort);
super.updateSerialNumberRangeGenerator(conn, dbConfig, baseDN, newRangesName, newGenerator, hostName, securePort);
}
}
23 changes: 14 additions & 9 deletions base/server/python/pki/server/cli/id.py
Original file line number Diff line number Diff line change
Expand Up @@ -115,18 +115,19 @@ def print_help(self):
print('Usage: pki-server %s-id-generator-update [OPTIONS] <object>' %
self.parent.parent.parent.name)
print()
print(' <object> Element to apply the generator (e.g. cert).')
print(' -t, --type <generator type> Type of generator to use (e.g. random).')
print(' -i, --instance <instance ID> Instance ID (default: pki-tomcat).')
print(' -v, --verbose Run in verbose mode.')
print(' --debug Run in debug mode.')
print(' --help Show help message.')
print(' <object> Element to apply the generator (e.g. cert).')
print(' -t, --type <generator type> Type of generator to use (e.g. random).')
print(' -r, --range <rangeTree> Name for the new range tree if needed.')
print(' -i, --instance <instance ID> Instance ID (default: pki-tomcat).')
print(' -v, --verbose Run in verbose mode.')
print(' --debug Run in debug mode.')
print(' --help Show help message.')
print()

def execute(self, argv):
try:
opts, args = getopt.gnu_getopt(argv, 'i:t:v', [
'instance=', 'type=',
opts, args = getopt.gnu_getopt(argv, 'i:t:r:v', [
'instance=', 'type=', 'range=',
'verbose', 'debug', 'help'])

except getopt.GetoptError as e:
Expand All @@ -143,11 +144,15 @@ def execute(self, argv):
instance_name = 'pki-tomcat'
subsystem_name = self.parent.parent.parent.name
generator = None
range_object = None

for o, a in opts:
if o in ('-t', '--type'):
generator = a

elif o in ('-r', '--range'):
range_object = a

elif o in ('-i', '--instance'):
instance_name = a

Expand Down Expand Up @@ -185,4 +190,4 @@ def execute(self, argv):
subsystem_name.upper(), instance_name)
sys.exit(1)

subsystem.update_id_generator(generator, generator_object)
subsystem.update_id_generator(generator, generator_object, range_object)
8 changes: 7 additions & 1 deletion base/server/python/pki/server/subsystem.py
Original file line number Diff line number Diff line change
Expand Up @@ -1563,7 +1563,9 @@ def update_ranges(self, as_current_user=False):

self.run(cmd, as_current_user=as_current_user)

def update_id_generator(self, generator, generator_object, as_current_user=False):
def update_id_generator(
self, generator, generator_object,
range_object=None, as_current_user=False):

cmd = [self.name + '-id-generator-update']

Expand All @@ -1573,6 +1575,10 @@ def update_id_generator(self, generator, generator_object, as_current_user=False
elif logger.isEnabledFor(logging.INFO):
cmd.append('--verbose')

if range_object:
cmd.append('--range')
cmd.append(range_object)

cmd.append('--type')
cmd.append(generator)
cmd.append(generator_object)
Expand Down
Loading

0 comments on commit 89a1447

Please sign in to comment.