From aee86f542ba75505e24c0b19d0a6f914571811a4 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Thu, 15 Oct 2015 00:16:40 +0200 Subject: [PATCH] Refactored DBSubsystem.getNextRange(). To improve troubleshooting the DBSubsystem.getNextRange() has been modified to throw an exception instead of returning null. https://fedorahosted.org/pki/ticket/1654 --- .../src/com/netscape/certsrv/dbs/IDBSubsystem.java | 16 ++--- .../src/com/netscape/cmscore/dbs/DBSubsystem.java | 73 +++++++++++++--------- 2 files changed, 53 insertions(+), 36 deletions(-) diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java b/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java index de4060e34061ef86a8562c11a3b70de63b2172f5..d051b957755e346f0906d5c6d6b20f5015839292 100644 --- a/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java +++ b/base/common/src/com/netscape/certsrv/dbs/IDBSubsystem.java @@ -19,11 +19,11 @@ package com.netscape.certsrv.dbs; import java.math.BigInteger; -import netscape.ldap.LDAPConnection; - import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.ISubsystem; import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISubsystem; + +import netscape.ldap.LDAPConnection; /** * An interface represents certificate server @@ -178,7 +178,7 @@ public interface IDBSubsystem extends ISubsystem { * @param repo repo identifier * @return start of next range */ - public String getNextRange(int repo); + public String getNextRange(int repo) throws EBaseException; /** * Determines if a range conflict has been observed in database @@ -221,10 +221,10 @@ public interface IDBSubsystem extends ISubsystem { /** * Gets attribute value for specified entry * - * @param dn entry's distinguished name - * @param attrName attribute's name - * @param defaultValue attribute's default value - * @param errorValue attribute's error value + * @param dn entry's distinguished name + * @param attrName attribute's name + * @param defaultValue attribute's default value + * @param errorValue attribute's error value * @return attribute value */ public String getEntryAttribute(String dn, String attrName, diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java index 2de9945f78ad8a0417217ecf34ea04f21959c152..e8982f5946f7ee5f3100d9b77508f80a79930fdb 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java @@ -20,19 +20,6 @@ package com.netscape.cmscore.dbs; import java.math.BigInteger; import java.util.Hashtable; -import netscape.ldap.LDAPAttribute; -import netscape.ldap.LDAPAttributeSchema; -import netscape.ldap.LDAPAttributeSet; -import netscape.ldap.LDAPConnection; -import netscape.ldap.LDAPEntry; -import netscape.ldap.LDAPException; -import netscape.ldap.LDAPModification; -import netscape.ldap.LDAPObjectClassSchema; -import netscape.ldap.LDAPSchema; -import netscape.ldap.LDAPSearchResults; -import netscape.ldap.LDAPv3; -import netscape.security.x509.CertificateValidity; - import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.EPropertyNotDefined; @@ -53,6 +40,19 @@ import com.netscape.cmscore.ldapconn.LdapAuthInfo; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.ldapconn.LdapConnInfo; +import netscape.ldap.LDAPAttribute; +import netscape.ldap.LDAPAttributeSchema; +import netscape.ldap.LDAPAttributeSet; +import netscape.ldap.LDAPConnection; +import netscape.ldap.LDAPEntry; +import netscape.ldap.LDAPException; +import netscape.ldap.LDAPModification; +import netscape.ldap.LDAPObjectClassSchema; +import netscape.ldap.LDAPSchema; +import netscape.ldap.LDAPSearchResults; +import netscape.ldap.LDAPv3; +import netscape.security.x509.CertificateValidity; + /** * A class represents the database subsystem that manages * the backend data storage. @@ -396,34 +396,44 @@ public class DBSubsystem implements IDBSubsystem { * @param repo repo identifier * @return start of next range */ - public String getNextRange(int repo) { + public String getNextRange(int repo) throws EBaseException { + LDAPConnection conn = null; - String nextRange = null; try { Hashtable h = mRepos[repo]; + conn = mLdapConnFactory.getConn(); String dn = h.get(PROP_BASEDN) + "," + mBaseDN; String rangeDN = h.get(PROP_RANGE_DN) + "," + mBaseDN; LDAPEntry entry = conn.read(dn); + LDAPAttribute attr = entry.getAttribute(PROP_NEXT_RANGE); if (attr == null) { - throw new Exception("Missing Attribute" + PROP_NEXT_RANGE + "in Entry " + dn); + CMS.debug("DBSubsystem: Missing attribute " + PROP_NEXT_RANGE + " in " + dn); + throw new EBaseException("Missing attribute " + PROP_NEXT_RANGE + " in " + dn); } - nextRange = (String) attr.getStringValues().nextElement(); + String nextRange = (String)attr.getStringValues().nextElement(); BigInteger nextRangeNo = new BigInteger(nextRange); BigInteger incrementNo = new BigInteger(h.get(PROP_INCREMENT)); + String endRange = nextRangeNo.add(incrementNo).subtract(BigInteger.ONE).toString(); + + String newNextRange = nextRangeNo.add(incrementNo).toString(); + + CMS.debug("DBSubsystem: Updating range tracker: " + dn); // To make sure attrNextRange always increments, first delete the current value and then // increment. Two operations in the same transaction - LDAPAttribute attrNextRange = new LDAPAttribute(PROP_NEXT_RANGE, nextRangeNo.add(incrementNo).toString()); + + LDAPAttribute attrNextRange = new LDAPAttribute(PROP_NEXT_RANGE, newNextRange); LDAPModification[] mods = { new LDAPModification(LDAPModification.DELETE, attr), new LDAPModification(LDAPModification.ADD, attrNextRange) }; conn.modify(dn, mods); - // Add new range object - String endRange = nextRangeNo.add(incrementNo).subtract(BigInteger.ONE).toString(); + String dn2 = "cn=" + nextRange + "," + rangeDN; + CMS.debug("DBSubsystem: Adding new range object: " + dn2); + LDAPAttributeSet attrs = new LDAPAttributeSet(); attrs.add(new LDAPAttribute("objectClass", "top")); attrs.add(new LDAPAttribute("objectClass", "pkiRange")); @@ -432,26 +442,33 @@ public class DBSubsystem implements IDBSubsystem { attrs.add(new LDAPAttribute("cn", nextRange)); attrs.add(new LDAPAttribute("host", CMS.getEESSLHost())); attrs.add(new LDAPAttribute("securePort", CMS.getEESSLPort())); - String dn2 = "cn=" + nextRange + "," + rangeDN; LDAPEntry rangeEntry = new LDAPEntry(dn2, attrs); conn.add(rangeEntry); - CMS.debug("DBSubsystem: getNextRange Next range has been added: " + + + CMS.debug("DBSubsystem: Next range has been added: " + nextRange + " - " + endRange); + + return nextRange; + + } catch (EBaseException e) { + throw e; + } catch (Exception e) { - CMS.debug("DBSubsystem: getNextRange. Unable to provide next range :" + e); - e.printStackTrace(); - nextRange = null; + CMS.debug("DBSubsystem: Unable to create next range"); + CMS.debug(e); + throw new EBaseException(e); + } finally { try { if ((conn != null) && (mLdapConnFactory != null)) { - CMS.debug("Releasing ldap connection"); + CMS.debug("DBSubsystem: Releasing LDAP connection"); mLdapConnFactory.returnConn(conn); } } catch (Exception e) { - CMS.debug("Error releasing the ldap connection" + e.toString()); + CMS.debug("DBSubsystem: Unable to release LDAP connection"); + CMS.debug(e); } } - return nextRange; } /** -- 2.4.3