[Pki-devel] [PATCH] 548 Updated CRMFPopClient parameter handling.

John Magne jmagne at redhat.com
Mon Feb 9 19:45:05 UTC 2015


Minor comments, otherwise looks great:


The following part of the usage string:

 System.out.println("  -q <POP option>              POP option (default: POP_SUCCESS)");
+        System.out.println("                               - POP_NONE");
+        System.out.println("                               - POP_SUCCESS");
+        System.out.println("                               - POP_FAIL");

We originally added POP_NONE and POP_FAIL as a way to test Proof Of Possession.
This was when this thing was mainly a test tool.

I would imagine the major legit cases would be POP_SUCCESS and POP_NONE, 
with SUCCESS merely meaning that we include POP with the request.

It might be nice to add a little more info to the string  for POP_FAIL that this is to test a failure case,
and POP_NONE is to not provide POP, while POP_SUCCESS means to provide POP information with the request.


Here:


if (sensitive != 0 && sensitive != 1 && sensitive != -1) {
+            printError("Illegal input parameters for -s: " + sensitive);
+            System.exit(1);
+        }
+
+        if (extractable != 0 && extractable != 1 && extractable != -1) {
+            printError("Illegal input parameters for -e: " + extractable);
+            System.exit(1);
+        }

There is checking for the validity of the sensitive and extractable params here.
>From the usage string it looks like we only want this for the EC case, would it make 
sense to make sure ec is in effect here?

Also, when an error is detected in the params, should be re-print out the usage, or does the system handle this for us somehow?




----- Original Message -----
From: "Endi Sukma Dewata" <edewata at redhat.com>
To: "pki-devel" <pki-devel at redhat.com>
Sent: Wednesday, February 4, 2015 10:03:55 AM
Subject: Re: [Pki-devel] [PATCH] 548 Updated CRMFPopClient parameter	handling.

On 1/29/2015 12:18 PM, Endi Sukma Dewata wrote:
> The CRMFPopClient has been modified to use Apache Commons CLI
> library to handle the parameters. The help message has been
> rewritten to make it more readable. The submitRequest() will
> now display the error reason.
>
> The options in ClientCertRequestCLI have been simplified. A new
> option was added to generate CRMF request without POP.
>
> https://fedorahosted.org/pki/ticket/1074

New patch attached for additional cleanup.

-- 
Endi S. Dewata

_______________________________________________
Pki-devel mailing list
Pki-devel at redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel




More information about the Pki-devel mailing list