[Pki-devel] [Patch] Cloning of CA with random serial number enabled

Andrew Wnuk awnuk at redhat.com
Wed Apr 3 19:52:02 UTC 2013 

This patch provides ability to clone CA with random serial number enabled.

Bug: 920816.
-------------- next part --------------
Index: pki/base/common/src/com/netscape/cmscore/dbs/Repository.java
===================================================================
--- pki/base/common/src/com/netscape/cmscore/dbs/Repository.java	(revision 2533)
+++ pki/base/common/src/com/netscape/cmscore/dbs/Repository.java	(working copy)
@@ -290,7 +290,10 @@
         String increment = mDB.getIncrementConfig(mRepo);
         String lowWaterMark = mDB.getLowWaterMarkConfig(mRepo);
 
-        CMS.debug("Repository: minSerial " + mMinSerial + " maxSerial: " + mMaxSerial);
+        CMS.debug("Repository: minSerial:" + mMinSerial + " maxSerial: " + mMaxSerial);
+        CMS.debug("Repository: nextMinSerial: " + ((mNextMinSerial == null)?"":mNextMinSerial) +
+                             " nextMaxSerial: " + ((mNextMaxSerial == null)?"":mNextMaxSerial));
+        CMS.debug("Repository: increment:" + increment + " lowWaterMark: " + lowWaterMark);
 
         if(mMinSerial != null) 
             mMinSerialNo = new BigInteger(mMinSerial,mRadix);
@@ -423,7 +426,7 @@
         }
         CMS.debug("Repository: checkRange  mLastSerialNo="+mLastSerialNo);
         if (mLastSerialNo.compareTo( mMaxSerialNo ) > 0 ||
-            (randomLimit != null && mCounter.compareTo(randomLimit) > 0)) {
+            ((!CMS.isPreOpMode()) && randomLimit != null && mCounter.compareTo(randomLimit) > 0)) {
 
             if (mDB.getEnableSerialMgmt()) {
                 CMS.debug("Reached the end of the range.  Attempting to move to next range");
Index: pki/base/common/src/com/netscape/cmscore/dbs/CertificateRepository.java
===================================================================
--- pki/base/common/src/com/netscape/cmscore/dbs/CertificateRepository.java	(revision 2533)
+++ pki/base/common/src/com/netscape/cmscore/dbs/CertificateRepository.java	(working copy)
@@ -376,7 +376,7 @@
             if (count.compareTo(BigInteger.ZERO) > 0) {
                 counter = counter.add(count);
             }
-        } else if (s.equals("-2")) {
+        } else if (s.equals("-2") || (c.equals("-1") && CMS.isPreOpMode())) {
             count = getInRangeCount(t, minSerialNo, maxSerialNo);
             if (count.compareTo(BigInteger.ZERO) >= 0) {
                 counter = count;

More information about the Pki-devel mailing list