diff --git a/base/ca/shared/webapps/ca/agent/ca/queryBySerial.html b/base/ca/shared/webapps/ca/agent/ca/queryBySerial.html index f5dc717a98a..14bbe0739d5 100644 --- a/base/ca/shared/webapps/ca/agent/ca/queryBySerial.html +++ b/base/ca/shared/webapps/ca/agent/ca/queryBySerial.html @@ -104,13 +104,6 @@ form.queryCertFilter.value = "(|(certStatus=VALID)(certStatus=REVOKED))"; } - if (form.serialFrom.value == "") { - form.querySentinelDown.value = "0"; - } else { - form.querySentinelDown.value = form.serialFrom.value; - form.querySentinelUp.value = form.serialFrom.value; - form.direction.value = "down"; - } form.op.value = "listCerts"; form.submit(); } @@ -177,8 +170,6 @@    first  - - records    diff --git a/base/ca/shared/webapps/ca/agent/ca/queryCert.template b/base/ca/shared/webapps/ca/agent/ca/queryCert.template index 61218e8b925..be6144ee631 100644 --- a/base/ca/shared/webapps/ca/agent/ca/queryCert.template +++ b/base/ca/shared/webapps/ca/agent/ca/queryCert.template @@ -431,18 +431,12 @@ function doNext(element) form.direction.value= "down"; if (element.name == "begin") { - form.querySentinelDown.value = 0; form.direction.value = "begin"; } else if (element.name == "end") { - form.querySentinelDown.value = result.header.totalRecordCount - result.header.maxCount+1; form.direction.value = "end"; } else if (element.name == "down") { - form.querySentinelDown.value = result.header.querySentinelDown; - form.querySentinelUp.value = result.header.querySentinelUp; form.direction.value = "down"; } else if (element.name == "up") { - form.querySentinelUp.value = result.header.querySentinelUp; - form.querySentinelDown.value = result.header.querySentinelDown; form.direction.value = "up"; } @@ -470,9 +464,9 @@ if (result.header.revokeAll != null) { if (result.header.queryFilterHash != null) { document.write(renderHidden("queryFilterHash")); } -var disabledDown = ((result.header.querySentinelDown == null) || - (result.fixed.maxCount+1 >= result.header.currentRecordCount)) ? "disabled='true'" : ""; -var disabledUp = (result.header.querySentinelUp != null && result.header.querySentinelUp <= 1) ? "disabled='true'" : ""; + var disabledUp = ((result.header.previousStart == null) || + (result.header.previousStart <= 0)) ? "disabled='true'" : ""; + var disabledDown = (result.header.previousCount + result.header.previousStart >= result.header.totalRecordCount) ? "disabled='true'" : ""; document.write( "\n"+ @@ -485,14 +479,16 @@ result.header.queryCertFilter+ "'>\n"+ (result.header.skipRevoked ? result.header.skipRevoked : "") + "'>\n"+ "\n"+ -"\n"+ -"\n"+ +"\n"+ "\n"+ +(result.header.serialTo ? result.header.serialTo : '')+ "'>\n"+ "\n"+ +"\n"+ +"\n"+ "\n"+ diff --git a/base/ca/src/main/java/com/netscape/cms/servlet/cert/ListCerts.java b/base/ca/src/main/java/com/netscape/cms/servlet/cert/ListCerts.java index c8156007720..c2cad72653d 100644 --- a/base/ca/src/main/java/com/netscape/cms/servlet/cert/ListCerts.java +++ b/base/ca/src/main/java/com/netscape/cms/servlet/cert/ListCerts.java @@ -18,7 +18,6 @@ package com.netscape.cms.servlet.cert; import java.io.IOException; -import java.math.BigInteger; import java.security.PublicKey; import java.util.Enumeration; import java.util.Iterator; @@ -81,11 +80,10 @@ public class ListCerts extends CMSServlet { public static org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(ListCerts.class); private static final long serialVersionUID = -3568155814023099576L; - private final static String TPL_FILE = "queryCert.template"; - private final static BigInteger MINUS_ONE = new BigInteger("-1"); + private static final String TPL_FILE = "queryCert.template"; - private final static String USE_CLIENT_FILTER = "useClientFilter"; - private final static String ALLOWED_CLIENT_FILTERS = "allowedClientFilters"; + private static final String USE_CLIENT_FILTER = "useClientFilter"; + private static final String ALLOWED_CLIENT_FILTERS = "allowedClientFilters"; private CertificateRepository mCertDB; private X500Name mAuthName = null; @@ -142,6 +140,18 @@ public void init(ServletConfig sc) throws ServletException { } if (sc.getInitParameter(ALLOWED_CLIENT_FILTERS) == null || sc.getInitParameter(ALLOWED_CLIENT_FILTERS).equals("")) { + /* This following regexp + * + * (\(\&)?(\(\|)?(\(certStatus=(\*|VALID|INVALID|EXPIRED)\))*(\))?(\(certRecordId(<|>)=(0x)?\d+\))*(\))? + * + * will capture the following filter: + * - "(certStatus=*)" + * - "(certStatus=VALID)" + * - "(|(certStatus=VALID)(certStatus=INVALID)(certStatus=EXPIRED))" + * - "(|(certStatus=VALID)(certStatus=REVOKED))" + * - One of the above and a filters for serial number in hex or decimal (can be >=, <= or both), such as. + * "(& (|(certStatus=VALID)(certStatus=REVOKED))(certRecordId>=0x1) )" + */ mAllowedClientFilters.addElement("(\\\\(\\\\&)?(\\\\(\\\\|)?(\\\\(certStatus=(\\\\*|VALID|INVALID|EXPIRED)\\\\))*(\\\\))?(\\\\(certRecordId(<|>)=(0x)?\\\\d+\\\\))*(\\\\))?"); mUseClientFilterRegexp = true; } else { @@ -152,17 +162,17 @@ public void init(ServletConfig sc) throws ServletException { } } - public String buildFilter(HttpServletRequest req) { + private String buildFilter(HttpServletRequest req) { String queryCertFilter = req.getParameter("queryCertFilter"); - logger.debug("ListCerts: queryCertFilter: " + queryCertFilter); + logger.debug("ListCerts: queryCertFilter: {}", queryCertFilter); - logger.debug("ListCerts: useClientFilter: " + mUseClientFilter); + logger.debug("ListCerts: useClientFilter: {}", mUseClientFilter); if (mUseClientFilter) { Enumeration filters = mAllowedClientFilters.elements(); // check to see if the filter is allowed while (filters.hasMoreElements()) { String filter = filters.nextElement(); - logger.debug("ListCerts: Comparing with filter " + filter); + logger.debug("ListCerts: Comparing with filter {}", filter); if (mUseClientFilterRegexp) { if (queryCertFilter.matches(filter)) { return queryCertFilter; @@ -173,8 +183,7 @@ public String buildFilter(HttpServletRequest req) { } } } - logger.debug("ListCerts: Requested filter '" - + queryCertFilter + "' is not allowed. Please check the " + ALLOWED_CLIENT_FILTERS + "parameter"); + logger.debug("ListCerts: Requested filter '{}' is not allowed. Please check the {} parameter", queryCertFilter, ALLOWED_CLIENT_FILTERS); return null; } @@ -196,15 +205,15 @@ public String buildFilter(HttpServletRequest req) { filter.append("(certStatus=VALID)"); } else if (skipRevoked) { filter.append("(|(certStatus=VALID)(certStatus=INVALID)(certStatus=EXPIRED))"); - } else if (skipNonValid) { + } else { filter.append("(|(certStatus=VALID)(certStatus=REVOKED))"); } String serialFrom = req.getParameter("serialFrom"); - if (serialFrom != null && !serialFrom.equals("")) { + if (serialFrom != null && !serialFrom.isEmpty()) { filter.append("(certRecordId>=" + serialFrom + ")"); } String serialTo = req.getParameter("serialTo"); - if (serialTo != null && !serialTo.equals("")) { + if (serialTo != null && !serialTo.isEmpty()) { filter.append("(certRecordId<=" + serialTo + ")"); } @@ -217,11 +226,8 @@ public String buildFilter(HttpServletRequest req) { * */ @Override @@ -244,12 +250,9 @@ public void process(CMSRequest cmsReq) throws EBaseException { return; } - String revokeAll = null; EBaseException error = null; int maxCount = -1; - BigInteger sentinel = new BigInteger("0"); - ArgBlock header = new ArgBlock(); ArgBlock ctx = new ArgBlock(); CMSTemplateParams argSet = new CMSTemplateParams(header, ctx); @@ -265,7 +268,6 @@ public void process(CMSRequest cmsReq) throws EBaseException { } String direction = null; - boolean hardJumpTo = false; //jump to the end int previousCount = -1; int previousStart = 0; int start = 0; @@ -276,7 +278,7 @@ public void process(CMSRequest cmsReq) throws EBaseException { maxCount = Integer.parseInt(req.getParameter("maxCount")); } if (maxCount == -1 || maxCount > mMaxReturns) { - logger.debug("ListCerts: Resetting page size from " + maxCount + " to " + mMaxReturns); + logger.debug("ListCerts: Resetting page size from {} to {}", maxCount, mMaxReturns); maxCount = mMaxReturns; } if (req.getParameter("previousCount") != null && !req.getParameter("previousCount").isEmpty()) { @@ -286,13 +288,10 @@ public void process(CMSRequest cmsReq) throws EBaseException { previousStart = Integer.parseInt(req.getParameter("previousStart")); } - revokeAll = req.getParameter("revokeAll"); - CAEngine engine = CAEngine.getInstance(); CertificateAuthority ca = engine.getCA(); X509CertImpl caCert = ca.getSigningUnit().getCertImpl(); - //if (isCertFromCA(caCert)) header.addStringValue("caSerialNumber", caCert.getSerialNumber().toString(16)); @@ -304,7 +303,7 @@ public void process(CMSRequest cmsReq) throws EBaseException { return; } - logger.debug("ListCerts: queryCertFilter: " + queryCertFilter); + logger.debug("ListCerts: queryCertFilter: {}", queryCertFilter); int totalRecordCount = -1; @@ -315,7 +314,7 @@ public void process(CMSRequest cmsReq) throws EBaseException { if (req.getParameter("direction") != null) { direction = req.getParameter("direction").trim(); - logger.debug("ListCerts: direction: " + direction); + logger.debug("ListCerts: direction: {}", direction); switch(direction) { case "up": start = Math.max(0, previousStart - maxCount); @@ -334,10 +333,8 @@ public void process(CMSRequest cmsReq) throws EBaseException { processCertFilter(argSet, header, maxCount, start, totalRecordCount, - req.getParameter("serialTo"), queryCertFilter, - hardJumpTo, - req, resp, revokeAll, locale[0]); + req); } catch (NumberFormatException e) { logger.error(CMS.getLogMessage("BASE_INVALID_NUMBER_FORMAT"), e); @@ -376,26 +373,15 @@ private void processCertFilter( int maxCount, int start, int totalRecordCount, - String serialTo, String filter, - boolean hardJumpTo, - HttpServletRequest req, - HttpServletResponse resp, - String revokeAll, - Locale locale + HttpServletRequest req ) throws EBaseException { logger.debug("ListCerts.processCertFilter()"); - logger.debug("ListCerts: max count: " + maxCount); - logger.debug("ListCerts: start: " + start); - logger.debug("ListCerts: total record count: " + totalRecordCount); - logger.debug("ListCerts: serialTo: " + serialTo); - logger.debug("ListCerts: filter: " + filter); - - BigInteger serialToVal = MINUS_ONE; - - - + logger.debug("ListCerts: max count: {}", maxCount); + logger.debug("ListCerts: start: {}", start); + logger.debug("ListCerts: total record count: {}", totalRecordCount); + logger.debug("ListCerts: filter: {}", filter); logger.debug("ListCerts: calling searchCertificates"); Iterator list = mCertDB.searchCertificates( @@ -409,15 +395,12 @@ private void processCertFilter( } header.addStringValue("op", CMSTemplate.escapeJavaScriptString(req.getParameter("op"))); + String revokeAll = req.getParameter("revokeAll"); if (revokeAll != null) header.addStringValue("revokeAll", CMSTemplate.escapeJavaScriptString(revokeAll)); - if (mAuthName != null) header.addStringValue("issuerName", mAuthName.toString()); - if (!serialToVal.equals(MINUS_ONE)) - header.addStringValue("serialTo", serialToVal.toString()); - header.addStringValue("serviceURL", req.getRequestURI()); header.addStringValue("queryCertFilter", filter); @@ -441,10 +424,9 @@ private void processCertFilter( totalRecordCount = mCertDB.countCertificates(filter, -1); } - logger.debug("ListCerts: totalRecordCount: " + totalRecordCount); + logger.debug("ListCerts: totalRecordCount: {}", totalRecordCount); header.addIntegerValue("totalRecordCount", totalRecordCount); - header.addIntegerValue("currentRecordCount", currentRecordCount); }