[Pki-devel] [PATCH] Added fix for pki-server for db-update

Hi, Please review this patch.Below is a small summary about this fix and what we are trying to achieve. CLI : pki-server db-upgrade what it should be doing is if it sees that issuerName doesn't exist,NULL it will add it itself. Operation 1 : Search for the empty cn value for issuerName ------------------------------------------------------------------------------- Current : '(&(objectclass=certificateRecord)(issuerName=*)) -- I tried this it didn't show data even if i have record with empty issuerName Modified : (&(objectclass=certificateRecord)(!(issuerName=cn*)))' -- This solves the purpose as it shows all the certs without issuerName Operation 2 : If we see a empty cn value , we are replacing it with value we get from code ------------------------------------------------------------------------------------------------------------------ < code cert = nss.Certificate(bytearray(attr_cert[0])) issuer_name = str(cert.issuer) </code Current : we are updating the list it the format as mentioned 'issuerName': ['', 'CN=CA Signing Certificate,O=example.com Security Domain'] Do we want to keep this behavior or we want to overwrite it in first place? I believe in place of we do it MOD_REPLACE. <try: conn.ldap.modify_s(dn, [(ldap.MOD_ADD, 'issuerName', issuer_name)]) Modified : onn.ldap.modify_s(dn, [(ldap.MOD_REPLACE, 'issuerName', issuer_name)]) Thanks Geetika