[Pki-devel] [PATCH] 626 Fixed NPE in key-archive CLI.
Endi Sukma Dewata
edewata at redhat.com
Thu Jul 2 22:50:10 UTC 2015
The pki CLI has been modified such that if the security database
location (-d) is not specified, the config.certDatabase will be
initialized with the default value (i.e. ~/.dogtag/nssdb). The
config.certDatabase is needed by the CLI to prepare the client
library for key archival operations.
--
Endi S. Dewata
-------------- next part --------------
From 262abc276a863f4e0469088e5983ab55d938bdce Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Thu, 2 Jul 2015 18:33:48 -0400
Subject: [PATCH] Fixed NPE in key-archive CLI.
The pki CLI has been modified such that if the security database
location (-d) is not specified, the config.certDatabase will be
initialized with the default value (i.e. ~/.dogtag/nssdb). The
config.certDatabase is needed by the CLI to prepare the client
library for key archival operations.
---
.../src/com/netscape/cmstools/cli/MainCLI.java | 21 ++++++++-------------
.../src/com/netscape/cmstools/key/KeyCLI.java | 10 ++++++++--
2 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index 77245ec531a13769c633d879b81fc08f7d88803f..4d63d9bc12c012bc1db207f7a31a0b50cf5bc2af 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -330,9 +330,14 @@ public class MainCLI extends CLI {
}
}
- // store security database path
- if (certDatabase != null)
+ if (certDatabase != null) {
+ // store user-provided security database location
config.setCertDatabase(new File(certDatabase).getAbsolutePath());
+ } else {
+ // store default security database location
+ config.setCertDatabase(System.getProperty("user.home") +
+ File.separator + ".dogtag" + File.separator + "nssdb");
+ }
// store token name
config.setTokenName(tokenName);
@@ -395,17 +400,7 @@ public class MainCLI extends CLI {
list = cmd.getOptionValue("ignore-cert-status");
convertCertStatusList(list, ignoredCertStatuses);
- if (config.getCertDatabase() == null) {
- // Use default client security database
- this.certDatabase = new File(
- System.getProperty("user.home") + File.separator +
- ".dogtag" + File.separator + "nssdb");
-
- } else {
- // Use existing client security database
- this.certDatabase = new File(config.getCertDatabase());
- }
-
+ this.certDatabase = new File(config.getCertDatabase());
if (verbose) System.out.println("Client security database: "+this.certDatabase.getAbsolutePath());
String messageFormat = cmd.getOptionValue("message-format");
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java
index d83bcf2fc89a4d6bafb61dd45637e53e7660ea9f..582bf8ee4c6128161a42b261fdab3aa2e8cc3770 100644
--- a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java
@@ -81,12 +81,18 @@ public class KeyCLI extends CLI {
// create new key client
keyClient = new KeyClient(client, subsystem);
- if (client.getConfig().getCertDatabase() != null && client.getConfig().getCertPassword() != null) {
+
+ // if security database password is specified,
+ // prepare key client for archival/retrieval
+ if (client.getConfig().getCertPassword() != null) {
+ // create crypto provider for key client
keyClient.setCrypto(new NSSCryptoProvider(client.getConfig()));
- // Set the transport cert for crypto operations
+ // download transport cert
systemCertClient = new SystemCertClient(client, subsystem);
String transportCert = systemCertClient.getTransportCert().getEncoded();
+
+ // set transport cert for key client
transportCert = transportCert.substring(CertData.HEADER.length(),
transportCert.indexOf(CertData.FOOTER));
keyClient.setTransportCert(transportCert);
--
1.9.3
More information about the Pki-devel
mailing list