[Pki-devel] [PATCH] 296 - fix cert requests problem ..

Fri, 22 Apr 2016 11:31:30 -0700 

     Fix problem in creating certificate requests
    
    Some incorrect code was added to request processing
    in the realm patches.  In the request LDAP modification code,
    if the realm was not present, we added a modification to remove the
    realm attribute.
    
    Unfortunately, if the realm was not present to begin with, this resulted
    in LDAP returning a "No Such Attribute (16)" error, causing all kinds
    of requests - including certificate requests to fail to be submitted.
    
    At this point, we do not permit users to change the realm of a request.
    Therefore, there is no reason to remove the realm.  If we ever need
    to do this in future, we'll have to be smarter about it.
From 63032b005bf88313b08bb2c55fe1b6d114be708f Mon Sep 17 00:00:00 2001
From: Ade Lee <a...@redhat.com>
Date: Fri, 22 Apr 2016 14:22:16 -0400
Subject: [PATCH] Fix problem in creating certificate requests

Some incorrect code was added to request processing
in the realm patches.  In the request LDAP modification code,
if the realm was not present, we added a modification to remove the
realm attribute.

Unfortunately, if the realm was not present to begin with, this resulted
in LDAP returning a "No Such Attribute (16)" error, causing all kinds
of requests - including certificate requests to fail to be submitted.

At this point, we do not permit users to change the realm of a request.
Therefore, there is no reason to remove the realm.  If we ever need
to do this in future, we'll have to be smarter about it.
---
 base/server/cmscore/src/com/netscape/cmscore/request/RequestRecord.java | 2 --
 1 file changed, 2 deletions(-)

diff --git a/base/server/cmscore/src/com/netscape/cmscore/request/RequestRecord.java b/base/server/cmscore/src/com/netscape/cmscore/request/RequestRecord.java
index 074bff41c8090f6d998e3c879b06d3518550ce70..f617e26ae5dfe3b06fde2f52dffc29f83ba71e9c 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/request/RequestRecord.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/request/RequestRecord.java
@@ -200,8 +200,6 @@ public class RequestRecord
 
         if (r.getRealm() != null) {
             mods.add(IRequestRecord.ATTR_REALM, Modification.MOD_REPLACE, r.getRealm());
-        } else {
-            mods.add(IRequestRecord.ATTR_REALM, Modification.MOD_DELETE, null);
         }
 
         for (int i = 0; i < mRequestA.length; i++) {
-- 
2.4.3


_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel

Reply via email to