https://fedorahosted.org/pki/ticket/2335
Ticket #2335 Missing activity logs when formatting/enrolling unknown
token This patch adds activity logs for adding unknown token during
format or enrollment
thanks,
Christina
>From 844c5c03d5981f6c881bb82f114c72e335478b44 Mon Sep 17 00:00:00 2001
From: Christina Fu <c...@redhat.com>
Date: Fri, 3 Jun 2016 17:26:47 -0700
Subject: [PATCH] Ticket #2335 Missing activity logs when formatting/enrolling
unknown token This patch adds activity logs for adding unknown token during
format or enrollment
---
base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java | 11 +++++------
.../server/tps/processor/TPSEnrollProcessor.java | 18 ++++++++++--------
.../server/tps/processor/TPSPinResetProcessor.java | 7 ++++---
.../dogtagpki/server/tps/processor/TPSProcessor.java | 17 ++++++++++++++---
4 files changed, 33 insertions(+), 20 deletions(-)
diff --git a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java
index ed7e022faf7d85bee8e53ebe37b35a16b713bde5..e9190d09a6fd48e34a15ce761fa0aec201db9c30 100644
--- a/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java
+++ b/base/tps/src/org/dogtagpki/server/tps/TPSTokendb.java
@@ -180,19 +180,18 @@ public class TPSTokendb {
public void tdbUpdateTokenEntry(TokenRecord tokenRecord)
throws Exception {
+ String method = "TPSTokendb.tdbUpdateTokenEntry:";
String id = tokenRecord.getId();
TokenRecord existingTokenRecord;
try {
existingTokenRecord = tps.tokenDatabase.getRecord(id);
} catch (EDBRecordNotFoundException e) {
- CMS.debug("TPSTokendb.tdbUpdateTokenEntry: " + e);
- CMS.debug("TPSTokendb.tdbUpdateTokenEntry: Adding token " + id);
- // add and exit
- tdbAddTokenEntry(tokenRecord, TokenStatus.FORMATTED);
- return;
+ String logMsg = method + e;
+ CMS.debug(logMsg);
+ throw new TPSException(logMsg, TPSStatus.STATUS_ERROR_CONTACT_ADMIN);
}
// token found; modify
- CMS.debug("TPSTokendb.tdbUpdateTokenEntry: token entry found; Modifying with status: " + tokenRecord.getTokenStatus());
+ CMS.debug(method + " token entry found; Modifying with status: " + tokenRecord.getTokenStatus());
// don't change the create time of an existing token record; put it back
tokenRecord.setCreateTimestamp(existingTokenRecord.getCreateTimestamp());
tps.tokenDatabase.updateRecord(id, tokenRecord);
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
index 24b2dbf8200ae32dc4627e1fed6e9c5af64b187f..4182cc1c879f69b8200c90586fdd4a13d23ec6c5 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
@@ -366,13 +366,14 @@ public class TPSEnrollProcessor extends TPSProcessor {
pkcs11objx.setCUID(appletInfo.getCUID());
+ logMsg = "add token during enrollment";
if (!isTokenPresent) {
try {
- tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.FORMATTED);
+ tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.UNFORMATTED);
+ tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg, "success");
} catch (Exception e) {
- String failMsg = "add token failure";
- logMsg = failMsg + ":" + e.toString();
- tps.tdb.tdbActivity(ActivityDatabase.OP_ENROLLMENT, tokenRecord, session.getIpAddress(), logMsg,
+ logMsg = logMsg + ":" + e.toString();
+ tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg,
"failure");
throw new TPSException(logMsg);
}
@@ -397,6 +398,7 @@ public class TPSEnrollProcessor extends TPSProcessor {
}
//most failed would have thrown an exception
+ logMsg = " generateCertsAfterRenewalRecoveryPolicy returned status=" + status;
String statusString = "Unknown"; // gives some meaningful debug message
if (status == TPSStatus.STATUS_NO_ERROR)
statusString = "Enrollment to follow";
@@ -409,7 +411,6 @@ public class TPSEnrollProcessor extends TPSProcessor {
renewed = true;
tps.tdb.tdbActivity(ActivityDatabase.OP_RENEWAL, tokenRecord, session.getIpAddress(), logMsg, "success");
} else {
- logMsg = " generateCertsAfterRenewalRecoveryPolicy returned status=" + status;
CMS.debug(method + logMsg);
tps.tdb.tdbActivity(ActivityDatabase.OP_ENROLLMENT, tokenRecord, session.getIpAddress(), logMsg,
"failure");
@@ -536,13 +537,14 @@ public class TPSEnrollProcessor extends TPSProcessor {
statusUpdate(99, "PROGRESS_SET_LIFECYCLE");
channel.setLifeycleState((byte) 0x0f);
+ logMsg = "update token during enrollment";
try {
tokenRecord.setTokenStatus(TokenStatus.ACTIVE);
tps.tdb.tdbUpdateTokenEntry(tokenRecord);
+ tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "success");
} catch (Exception e) {
- String failMsg = "update token failure";
- logMsg = failMsg + ":" + e.toString();
- tps.tdb.tdbActivity(ActivityDatabase.OP_ENROLLMENT, tokenRecord, session.getIpAddress(), logMsg,
+ logMsg = logMsg + ":" + e.toString();
+ tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg,
"failure");
throw new TPSException(logMsg);
}
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java
index d9a79f4f024f701641252da2b13ff69b5735db1b..1dd5d2f8490cb7c77ec70cefc49bd4b55cac549d 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSPinResetProcessor.java
@@ -153,13 +153,14 @@ public class TPSPinResetProcessor extends TPSProcessor {
auditPinReset(session.getIpAddress(), userid, appletInfo, "success",
channel.getKeyInfoData().toHexStringPlain(), null);
+ logMsg = "update token during pin reset";
try {
tps.tdb.tdbUpdateTokenEntry(tokenRecord);
+ tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "success");
CMS.debug(method + ": token record updated!");
} catch (Exception e) {
- String failMsg = "update token failure";
- logMsg = failMsg + ":" + e.toString();
- tps.tdb.tdbActivity(ActivityDatabase.OP_PIN_RESET, tokenRecord, session.getIpAddress(), logMsg,
+ logMsg = logMsg + ":" + e.toString();
+ tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg,
"failure");
throw new TPSException(logMsg);
}
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
index 26c438b3a365525a7d366b859786ef5d1506ef0e..d6133793f00b76f70b845ac447a39c973808775e 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
@@ -2120,6 +2120,16 @@ public class TPSProcessor {
}
} else {
CMS.debug("TPSProcessor.format: token does not exist");
+ logMsg = "add token during format";
+ try {
+ tps.tdb.tdbAddTokenEntry(tokenRecord, TokenStatus.UNFORMATTED);
+ tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg, "success");
+ } catch (Exception e) {
+ logMsg = logMsg + ":" + e.toString();
+ tps.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord, session.getIpAddress(), logMsg,
+ "failure");
+ throw new TPSException(logMsg);
+ }
checkAllowUnknownToken(TPSEngine.OP_FORMAT_PREFIX);
}
@@ -2205,12 +2215,13 @@ public class TPSProcessor {
// Update Token DB
tokenRecord.setTokenStatus(TokenStatus.FORMATTED);
+ logMsg = "update token during format";
try {
tps.tdb.tdbUpdateTokenEntry(tokenRecord);
+ tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg, "success");
} catch (Exception e) {
- String failMsg = "update token failure";
- logMsg = failMsg + ":" + e.toString();
- tps.tdb.tdbActivity(ActivityDatabase.OP_FORMAT, tokenRecord, session.getIpAddress(), failMsg,
+ logMsg = logMsg + ":" + e.toString();
+ tps.tdb.tdbActivity(ActivityDatabase.OP_TOKEN_MODIFY, tokenRecord, session.getIpAddress(), logMsg,
"failure");
throw new TPSException(logMsg, TPSStatus.STATUS_ERROR_CONTACT_ADMIN);
--
2.4.3
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
