[Pki-devel] [PATCH] 0036 Use SimpleProperties to handle raw profile format

Tue May 19 13:20:22 UTC 2015

This patch fixes an issue when handling the "raw" (property-list)
profile format.
-------------- next part --------------
>From 03216b6bc908665d158aaaa997f7cb049f8c3c63 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftweedal at redhat.com>
Date: Mon, 18 May 2015 01:17:36 -0400
Subject: [PATCH] Use SimpleProperties to handle raw profile format

The store() method of the 'Properties' class escapes '=' and ':' in
values, corrupting the profile data.  Switch to the
'SimpleProperties' class which does not do this escaping.
---
 .../src/org/dogtagpki/server/ca/rest/ProfileService.java   |  3 ++-
 base/common/src/CMakeLists.txt                             |  9 ++++++++-
 .../src/com/netscape/certsrv/profile/ProfileClient.java    | 14 +++++++-------
 base/java-tools/bin/pki                                    |  1 +
 base/java-tools/src/CMakeLists.txt                         |  8 ++++++++
 .../src/com/netscape/cmstools/profile/ProfileAddCLI.java   |  4 ++--
 .../src/com/netscape/cmstools/profile/ProfileCLI.java      |  6 +++---
 .../src/com/netscape/cmstools/profile/ProfileEditCLI.java  |  6 +++---
 .../com/netscape/cmstools/profile/ProfileModifyCLI.java    |  4 ++--
 .../src/com/netscape/cmstools/profile/ProfileShowCLI.java  |  4 ++--
 10 files changed, 38 insertions(+), 21 deletions(-)

diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java b/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java
index 78f89b01231c17128c1fcea5fe3d38e073a5efc7..441e3699e192e0701b56d54536ad62495b9af713 100644
--- a/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java
+++ b/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java
@@ -80,6 +80,7 @@ import com.netscape.cms.realm.PKIPrincipal;
 import com.netscape.cms.servlet.base.PKIService;
 import com.netscape.cms.servlet.profile.PolicyConstraintFactory;
 import com.netscape.cms.servlet.profile.PolicyDefaultFactory;
+import com.netscape.cmscore.base.SimpleProperties;
 
 /**
  * @author alee
@@ -537,7 +538,7 @@ public class ProfileService extends PKIService implements ProfileResource {
         Map<String, String> auditParams = new LinkedHashMap<String, String>();
         String profileId = null;
         String classId = null;
-        Properties properties = new Properties();
+        SimpleProperties properties = new SimpleProperties();
         try {
             // load data and read profileId and classId
             properties.load(new ByteArrayInputStream(data));
diff --git a/base/common/src/CMakeLists.txt b/base/common/src/CMakeLists.txt
index 072bd00307f6f299679c107836b2163ed0ff4b7c..083112f515432af2d6ff70ddeafb36506d0ad8ab 100644
--- a/base/common/src/CMakeLists.txt
+++ b/base/common/src/CMakeLists.txt
@@ -125,12 +125,19 @@ find_file(HTTPCORE_JAR
         /usr/share/java/httpcomponents
 )
 
+find_file(PKI_CMSCORE_JAR
+    NAMES
+        pki-cmscore.jar
+    PATHS
+        /usr/share/java/pki
+)
+
 # build pki-certsrv
 javac(pki-certsrv-classes
     SOURCES
         *.java
     CLASSPATH
-        ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR}
+        ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR} ${PKI_CMSCORE_JAR}
         ${LDAPJDK_JAR} ${SERVLET_JAR} ${VELOCITY_JAR} ${XALAN_JAR} ${XERCES_JAR}
         ${JSS_JAR} ${COMMONS_CODEC_JAR} ${COMMONS_HTTPCLIENT_JAR}
         ${APACHE_COMMONS_LANG_JAR}
diff --git a/base/common/src/com/netscape/certsrv/profile/ProfileClient.java b/base/common/src/com/netscape/certsrv/profile/ProfileClient.java
index 7f0b08f0e40d9a5314bcf741c2dc2fc514802ad5..817623e9671ad5a4b7b292c29c35322d2170e28b 100644
--- a/base/common/src/com/netscape/certsrv/profile/ProfileClient.java
+++ b/base/common/src/com/netscape/certsrv/profile/ProfileClient.java
@@ -21,13 +21,13 @@ import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.net.URISyntaxException;
-import java.util.Properties;
 
 import javax.ws.rs.core.Response;
 
 import com.netscape.certsrv.base.PKIException;
 import com.netscape.certsrv.client.Client;
 import com.netscape.certsrv.client.PKIClient;
+import com.netscape.cmscore.base.SimpleProperties;
 
 /**
  * @author Ade Lee
@@ -50,7 +50,7 @@ public class ProfileClient extends Client {
         return client.getEntity(response, ProfileData.class);
     }
 
-    public Properties retrieveProfileRaw(String id) {
+    public SimpleProperties retrieveProfileRaw(String id) {
         Response response = profileClient.retrieveProfileRaw(id);
         return byteArrayToProperties(client.getEntity(response, byte[].class));
     }
@@ -75,7 +75,7 @@ public class ProfileClient extends Client {
         return client.getEntity(response, ProfileData.class);
     }
 
-    public Properties createProfileRaw(Properties properties) {
+    public SimpleProperties createProfileRaw(SimpleProperties properties) {
         Response response =
             profileClient.createProfileRaw(propertiesToByteArray(properties));
         return byteArrayToProperties(client.getEntity(response, byte[].class));
@@ -86,7 +86,7 @@ public class ProfileClient extends Client {
         return client.getEntity(response, ProfileData.class);
     }
 
-    public Properties modifyProfileRaw(String profileId, Properties properties) {
+    public SimpleProperties modifyProfileRaw(String profileId, SimpleProperties properties) {
         Response response =
             profileClient.modifyProfileRaw(profileId, propertiesToByteArray(properties));
         return byteArrayToProperties(client.getEntity(response, byte[].class));
@@ -97,8 +97,8 @@ public class ProfileClient extends Client {
         client.getEntity(response, Void.class);
     }
 
-    private Properties byteArrayToProperties(byte[] data) throws PKIException {
-        Properties properties = new Properties();
+    private SimpleProperties byteArrayToProperties(byte[] data) throws PKIException {
+        SimpleProperties properties = new SimpleProperties();
         try {
             properties.load(new ByteArrayInputStream(data));
         } catch (IOException e) {
@@ -107,7 +107,7 @@ public class ProfileClient extends Client {
         return properties;
     }
 
-    private byte[] propertiesToByteArray(Properties properties) throws PKIException {
+    private byte[] propertiesToByteArray(SimpleProperties properties) throws PKIException {
         ByteArrayOutputStream data = new ByteArrayOutputStream();
         try {
             properties.store(data, null);
diff --git a/base/java-tools/bin/pki b/base/java-tools/bin/pki
index 0bba06efb3674352751b44f69c6536e10db2c5e6..573a50a719191bcd1811ed742d6b8d6d517a09af 100644
--- a/base/java-tools/bin/pki
+++ b/base/java-tools/bin/pki
@@ -84,6 +84,7 @@ def run_java_cli(args):
         '/usr/share/java/pki/pki-nsutil.jar',
         '/usr/share/java/pki/pki-cmsutil.jar',
         '/usr/share/java/pki/pki-certsrv.jar',
+        '/usr/share/java/pki/pki-cmscore.jar',
         '/usr/share/java/pki/pki-tools.jar',
     ]
 
diff --git a/base/java-tools/src/CMakeLists.txt b/base/java-tools/src/CMakeLists.txt
index ade1ea2b15fa755ac8ddfdbdc022bafeb63bf967..b163b598e322be7f8344f2593199c468505cea61 100644
--- a/base/java-tools/src/CMakeLists.txt
+++ b/base/java-tools/src/CMakeLists.txt
@@ -95,12 +95,20 @@ find_file(HTTPCORE_JAR
         /usr/share/java/httpcomponents
 )
 
+find_file(PKI_CMSCORE_JAR
+    NAMES
+        pki-cmscore.jar
+    PATHS
+        /usr/share/java/pki
+)
+
 # build pki-tools
 javac(pki-tools-classes
     SOURCES
         com/netscape/cmstools/*.java
     CLASSPATH
         ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR} ${PKI_CERTSRV_JAR}
+        ${PKI_CMSCORE_JAR}
         ${XALAN_JAR} ${XERCES_JAR}
         ${JSS_JAR} ${LDAPJDK_JAR} ${COMMONS_CODEC_JAR} ${COMMONS_IO_JAR}
         ${APACHE_COMMONS_CLI_JAR} ${APACHE_COMMONS_LANG_JAR}
diff --git a/base/java-tools/src/com/netscape/cmstools/profile/ProfileAddCLI.java b/base/java-tools/src/com/netscape/cmstools/profile/ProfileAddCLI.java
index fc144c13dd555330b4d153bee709e9f36dcb7624..56fa79eaab7db8800278f35b77a9550de1e6044c 100644
--- a/base/java-tools/src/com/netscape/cmstools/profile/ProfileAddCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/profile/ProfileAddCLI.java
@@ -1,7 +1,6 @@
 package com.netscape.cmstools.profile;
 
 import java.util.Arrays;
-import java.util.Properties;
 
 import org.apache.commons.cli.CommandLine;
 import org.apache.commons.cli.Option;
@@ -10,6 +9,7 @@ import org.apache.commons.cli.ParseException;
 import com.netscape.certsrv.profile.ProfileData;
 import com.netscape.cmstools.cli.CLI;
 import com.netscape.cmstools.cli.MainCLI;
+import com.netscape.cmscore.base.SimpleProperties;
 
 public class ProfileAddCLI extends CLI {
 
@@ -62,7 +62,7 @@ public class ProfileAddCLI extends CLI {
         }
 
         if (cmd.hasOption("raw")) {
-            Properties properties = ProfileCLI.readRawProfileFromFile(filename);
+            SimpleProperties properties = ProfileCLI.readRawProfileFromFile(filename);
             String profileId = properties.getProperty("profileId");
             profileCLI.profileClient.createProfileRaw(properties).store(System.out, null);
             MainCLI.printMessage("Added profile " + profileId);
diff --git a/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java b/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java
index e9e21596a0593d63b417d6d8560f3ff9b54caaf0..2be2cb12b3da90d3a90f756a53aed6ce4ca3bb20 100644
--- a/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java
@@ -8,7 +8,6 @@ import java.net.URI;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.util.Locale;
-import java.util.Properties;
 
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.JAXBException;
@@ -24,6 +23,7 @@ import com.netscape.certsrv.profile.ProfileInput;
 import com.netscape.certsrv.profile.ProfileOutput;
 import com.netscape.cmstools.cli.CLI;
 import com.netscape.cmstools.cli.MainCLI;
+import com.netscape.cmscore.base.SimpleProperties;
 
 public class ProfileCLI extends CLI {
 
@@ -133,9 +133,9 @@ public class ProfileCLI extends CLI {
         return data;
     }
 
-    public static Properties readRawProfileFromFile(String filename)
+    public static SimpleProperties readRawProfileFromFile(String filename)
             throws IOException, RuntimeException {
-        Properties properties = new Properties();
+        SimpleProperties properties = new SimpleProperties();
         properties.load(Files.newInputStream(Paths.get(filename)));
         String profileId = properties.getProperty("profileId");
         if (profileId == null)
diff --git a/base/java-tools/src/com/netscape/cmstools/profile/ProfileEditCLI.java b/base/java-tools/src/com/netscape/cmstools/profile/ProfileEditCLI.java
index 50600ba155b9b84edfdeb54e1177b4d0d46cc397..90271ec1d03d9ade0227574cbccfe53e57925584 100644
--- a/base/java-tools/src/com/netscape/cmstools/profile/ProfileEditCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/profile/ProfileEditCLI.java
@@ -22,12 +22,12 @@ import java.lang.ProcessBuilder;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.util.Arrays;
-import java.util.Properties;
 
 import org.apache.commons.cli.CommandLine;
 import org.apache.commons.cli.ParseException;
 
 import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmscore.base.SimpleProperties;
 
 public class ProfileEditCLI extends CLI {
 
@@ -71,7 +71,7 @@ public class ProfileEditCLI extends CLI {
         String profileId = cmdArgs[0];
 
         // read profile into temporary file
-        Properties orig = profileCLI.profileClient.retrieveProfileRaw(profileId);
+        SimpleProperties orig = profileCLI.profileClient.retrieveProfileRaw(profileId);
         String enabled = orig.getProperty("enable");
         if (Boolean.valueOf(enabled)) {
             System.err.println("Error: Cannot edit profile. Profile must be disabled.");
@@ -99,7 +99,7 @@ public class ProfileEditCLI extends CLI {
             }
 
             // read data from temporary file and modify if changed
-            Properties cur = new Properties();
+            SimpleProperties cur = new SimpleProperties();
             cur.load(Files.newInputStream(tempFile));
 
             if (!cur.equals(orig)) {
diff --git a/base/java-tools/src/com/netscape/cmstools/profile/ProfileModifyCLI.java b/base/java-tools/src/com/netscape/cmstools/profile/ProfileModifyCLI.java
index cc0f415b78facbaa4cacb7ab4e914717586cfd0e..02bea0b50af40749d02731227bf7a8da43921b04 100644
--- a/base/java-tools/src/com/netscape/cmstools/profile/ProfileModifyCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/profile/ProfileModifyCLI.java
@@ -2,7 +2,6 @@ package com.netscape.cmstools.profile;
 
 import java.io.IOException;
 import java.util.Arrays;
-import java.util.Properties;
 
 import javax.xml.bind.JAXBException;
 
@@ -13,6 +12,7 @@ import org.apache.commons.cli.ParseException;
 import com.netscape.certsrv.profile.ProfileData;
 import com.netscape.cmstools.cli.CLI;
 import com.netscape.cmstools.cli.MainCLI;
+import com.netscape.cmscore.base.SimpleProperties;
 
 public class ProfileModifyCLI extends CLI {
 
@@ -66,7 +66,7 @@ public class ProfileModifyCLI extends CLI {
 
         try {
             if (cmd.hasOption("raw")) {
-                Properties properties = ProfileCLI.readRawProfileFromFile(filename);
+                SimpleProperties properties = ProfileCLI.readRawProfileFromFile(filename);
                 String profileId = properties.getProperty("profileId");
                 profileCLI.profileClient.modifyProfileRaw(profileId, properties).store(System.out, null);
                 MainCLI.printMessage("Modified profile " + profileId);
diff --git a/base/java-tools/src/com/netscape/cmstools/profile/ProfileShowCLI.java b/base/java-tools/src/com/netscape/cmstools/profile/ProfileShowCLI.java
index 1dd85f43bf349c4dbca9b4b764f2d40fe7f421aa..cdffa7e7676c0038c3b30b1199abecf7e7e34e40 100644
--- a/base/java-tools/src/com/netscape/cmstools/profile/ProfileShowCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/profile/ProfileShowCLI.java
@@ -2,7 +2,6 @@ package com.netscape.cmstools.profile;
 
 import java.io.FileOutputStream;
 import java.util.Arrays;
-import java.util.Properties;
 
 import org.apache.commons.cli.CommandLine;
 import org.apache.commons.cli.Option;
@@ -11,6 +10,7 @@ import org.apache.commons.cli.ParseException;
 import com.netscape.certsrv.profile.ProfileData;
 import com.netscape.cmstools.cli.CLI;
 import com.netscape.cmstools.cli.MainCLI;
+import com.netscape.cmscore.base.SimpleProperties;
 
 public class ProfileShowCLI extends CLI {
 
@@ -77,7 +77,7 @@ public class ProfileShowCLI extends CLI {
         }
 
         if (cmd.hasOption("raw")) {
-            Properties profileConfig = profileCLI.profileClient.retrieveProfileRaw(profileId);
+            SimpleProperties profileConfig = profileCLI.profileClient.retrieveProfileRaw(profileId);
 
             if (filename != null) {
                 profileConfig.store(new FileOutputStream(filename), null);
-- 
2.1.0

