Re: [Pki-devel] [PATCH] 919 Merged /pki webapps.
On 1/27/2017 5:27 PM, Matthew Harmsen wrote: ACK (with CAVEAT) if tested to work. CAVEAT: This should be separated into three separate patches (one for base changes, one for dogtag changes, and a separate one containing the spec file change) prior to check-in: * Patch 1: o base/server/python/pki/server/deployment/scriptlets/instance_layout.py o base/server/tomcat7/conf/Catalina/localhost/pki#admin.xml o base/server/tomcat7/conf/Catalina/localhost/pki#js.xml o base/server/tomcat7/conf/Catalina/localhost/pki.xml o base/server/tomcat8/conf/Catalina/localhost/pki#admin.xml o base/server/tomcat8/conf/Catalina/localhost/pki#js.xml o base/server/tomcat8/conf/Catalina/localhost/pki.xml o base/server/upgrade/10.4.0/02-MergePKIWebapps o delete mode 100644 base/server/tomcat7/conf/Catalina/localhost/pki#admin.xml o delete mode 100644 base/server/tomcat7/conf/Catalina/localhost/pki#js.xml o delete mode 100644 base/server/tomcat8/conf/Catalina/localhost/pki#admin.xml o delete mode 100644 base/server/tomcat8/conf/Catalina/localhost/pki#js.xml o create mode 100755 base/server/upgrade/10.4.0/02-MergePKIWebapps * Patch 2: o dogtag/common-ui/CMakeLists.txt * Patch 3: o specs/dogtag-pki-theme.spec Thanks! Pushed to master. -- Endi S. Dewata ___ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel
[Pki-devel] [PATCH] 921 Cleaned up error handling in cert and profile CLIs.
The cert and profile CLIs have been modified to use Exceptions
instead of System.exit() such that errors can be handled
consistently.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From 26c39ed1db8e1fa9f122a538caa7942defb2acc4 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Tue, 17 Jan 2017 23:02:02 +0100
Subject: [PATCH] Cleaned up error handling in cert and profile CLIs.
The cert and profile CLIs have been modified to use Exceptions
instead of System.exit() such that errors can be handled
consistently.
---
.../com/netscape/cmstools/cert/CertFindCLI.java| 45 +--
.../com/netscape/cmstools/cert/CertHoldCLI.java| 24 +++---
.../netscape/cmstools/cert/CertReleaseHoldCLI.java | 20 ++---
.../netscape/cmstools/cert/CertRequestFindCLI.java | 18 ++--
.../cmstools/cert/CertRequestProfileFindCLI.java | 19 ++--
.../cmstools/cert/CertRequestProfileShowCLI.java | 22 ++---
.../cmstools/cert/CertRequestReviewCLI.java| 46 +--
.../netscape/cmstools/cert/CertRequestShowCLI.java | 21 ++---
.../cmstools/cert/CertRequestSubmitCLI.java| 34 +++---
.../com/netscape/cmstools/cert/CertRevokeCLI.java | 29 +++-
.../com/netscape/cmstools/cert/CertShowCLI.java| 18 ++--
.../src/com/netscape/cmstools/cli/CLI.java | 2 +-
.../netscape/cmstools/profile/ProfileAddCLI.java | 22 ++---
.../com/netscape/cmstools/profile/ProfileCLI.java | 5 +--
.../cmstools/profile/ProfileDisableCLI.java| 18 ++--
.../netscape/cmstools/profile/ProfileEditCLI.java | 25 +++
.../cmstools/profile/ProfileEnableCLI.java | 20 ++---
.../netscape/cmstools/profile/ProfileFindCLI.java | 18 ++--
.../cmstools/profile/ProfileModifyCLI.java | 52 +++---
.../cmstools/profile/ProfileRemoveCLI.java | 18 ++--
.../netscape/cmstools/profile/ProfileShowCLI.java | 22 ++---
21 files changed, 105 insertions(+), 393 deletions(-)
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
index 8e1045bf36cf222c0c0e745a49a73f801546cea2..1a9e4de1f48caa3b7e7675e546ec565c1f23d82c 100644
--- a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
@@ -18,18 +18,14 @@
package com.netscape.cmstools.cert;
-import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
-import javax.xml.bind.JAXBException;
-
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Option;
-import org.apache.commons.cli.ParseException;
import com.netscape.certsrv.cert.CertDataInfo;
import com.netscape.certsrv.cert.CertDataInfos;
@@ -199,27 +195,16 @@ public class CertFindCLI extends CLI {
public void execute(String[] args) throws Exception {
// Always check for "--help" prior to parsing
if (Arrays.asList(args).contains("--help")) {
-// Display usage
printHelp();
-System.exit(0);
+return;
}
-CommandLine cmd = null;
-
-try {
-cmd = parser.parse(options, args);
-} catch (ParseException e) {
-System.err.println("Error: " + e.getMessage());
-printHelp();
-System.exit(-1);
-}
+CommandLine cmd = parser.parse(options, args);
String[] cmdArgs = cmd.getArgs();
if (cmdArgs.length != 0) {
-System.err.println("Error: Too many arguments specified.");
-printHelp();
-System.exit(-1);
+throw new Exception("Too many arguments specified.");
}
CertSearchRequest searchData = null;
@@ -228,9 +213,7 @@ public class CertFindCLI extends CLI {
if (cmd.hasOption("input")) {
fileName = cmd.getOptionValue("input");
if (fileName == null || fileName.length() < 1) {
-System.err.println("Error: No file name specified.");
-printHelp();
-System.exit(-1);
+throw new Exception("No file name specified.");
}
}
@@ -240,14 +223,6 @@ public class CertFindCLI extends CLI {
reader = new FileReader(fileName);
searchData = CertSearchRequest.valueOf(reader);
-} catch (FileNotFoundException e) {
-System.err.println("Error: " + e.getMessage());
-System.exit(-1);
-
-} catch (JAXBException e) {
-System.err.println("Error: " + e.getMessage());
-System.exit(-1);
-
} finally {
if (reader != null)
try {
@@ -290,7 +265,7 @@ public class CertFindCLI extends CLI {
MainCLI.printM
[Pki-devel] [PATCH] 922 Cleaned up error handling in key CLIs.
The key CLIs have been modified to use Exceptions instead of
System.exit() such that errors can be handled consistently.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From ab05e6b094be0547c04092cd087bfe161546ac5e Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Wed, 18 Jan 2017 01:10:37 +0100
Subject: [PATCH] Cleaned up error handling in key CLIs.
The key CLIs have been modified to use Exceptions instead of
System.exit() such that errors can be handled consistently.
---
.../com/netscape/cmstools/key/KeyArchiveCLI.java | 49
.../src/com/netscape/cmstools/key/KeyFindCLI.java | 21 ++---
.../com/netscape/cmstools/key/KeyGenerateCLI.java | 37 ---
.../com/netscape/cmstools/key/KeyModifyCLI.java| 21 ++---
.../com/netscape/cmstools/key/KeyRecoverCLI.java | 35 +++---
.../netscape/cmstools/key/KeyRequestFindCLI.java | 21 ++---
.../netscape/cmstools/key/KeyRequestReviewCLI.java | 25 ++
.../netscape/cmstools/key/KeyRequestShowCLI.java | 21 ++---
.../com/netscape/cmstools/key/KeyRetrieveCLI.java | 29 +++-
.../src/com/netscape/cmstools/key/KeyShowCLI.java | 22 ++---
.../netscape/cmstools/key/KeyTemplateFindCLI.java | 39
.../netscape/cmstools/key/KeyTemplateShowCLI.java | 54 +++---
12 files changed, 70 insertions(+), 304 deletions(-)
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java
index e9ce7f2ec48017e6f78ab923dbc0adea2011abf6..c3116a673bba7c57ec9a04881b3a9fb5fc48899f 100644
--- a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java
@@ -10,7 +10,6 @@ import javax.xml.bind.Unmarshaller;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Option;
-import org.apache.commons.cli.ParseException;
import com.netscape.certsrv.key.KeyArchivalRequest;
import com.netscape.certsrv.key.KeyRequestResponse;
@@ -51,31 +50,19 @@ public class KeyArchiveCLI extends CLI {
options.addOption(option);
}
-public void execute(String[] args) {
+public void execute(String[] args) throws Exception {
// Always check for "--help" prior to parsing
if (Arrays.asList(args).contains("--help")) {
-// Display usage
printHelp();
-System.exit(0);
+return;
}
-CommandLine cmd = null;
-
-try {
-cmd = parser.parse(options, args);
-
-} catch (ParseException e) {
-System.err.println("Error: " + e.getMessage());
-printHelp();
-System.exit(-1);
-}
+CommandLine cmd = parser.parse(options, args);
String[] cmdArgs = cmd.getArgs();
if (cmdArgs.length != 0) {
-System.err.println("Error: Too many arguments specified.");
-printHelp();
-System.exit(-1);
+throw new Exception("Too many arguments specified.");
}
String requestFile = cmd.getOptionValue("input");
@@ -104,15 +91,10 @@ public class KeyArchiveCLI extends CLI {
}
} catch (JAXBException e) {
-System.err.println("Error: Cannot parse the request file.");
-if (verbose)
-e.printStackTrace();
-System.exit(-1);
+throw new Exception("Cannot parse the request file.", e);
+
} catch (FileNotFoundException e) {
-System.err.println("Error: Cannot locate file at path: " + requestFile);
-if (verbose)
-e.printStackTrace();
-System.exit(-1);
+throw new Exception("Cannot locate file at path: " + requestFile, e);
}
} else {
@@ -120,25 +102,14 @@ public class KeyArchiveCLI extends CLI {
String clientKeyId = cmd.getOptionValue("clientKeyID");
String passphrase = cmd.getOptionValue("passphrase");
if (clientKeyId == null) {
-System.err.println("Error: Client Key Id is not specified.");
-printHelp();
-System.exit(-1);
+throw new Exception("Client Key Id is not specified.");
}
if (passphrase == null) {
-System.err.println("Error: No passphrase provided to archive.");
-printHelp();
-System.exit(-1);
+throw new Exception("No passphrase provided to archive.");
}
String realm = cmd.getOptionValue("realm");
-try {
-response = keyCLI.keyClient.archivePassphrase(clientKeyId, passphrase, realm);
-} catch (Exception e) {
-System.err.println(e.getMessage());
-if (verbose)
-
[Pki-devel] [PATCH] 923 Refactored restricted command list in PKI CLI.
The names of restricted commands have been moved into a list for
clarity.
Pushed to master under trivial rule.
--
Endi S. Dewata
>From cfa678d2e41d46a0d108a8a8c05938fa0d024f4f Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata"
Date: Tue, 17 Jan 2017 15:17:02 +0100
Subject: [PATCH] Refactored restricted command list in PKI CLI.
The names of restricted commands have been moved into a list for
clarity.
---
.../src/com/netscape/cmstools/cli/MainCLI.java | 20 +++-
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index caccdafcbcb4fb071cc51210cb1df67de2450ddd..c5f20711a5c93f0886f8b017216b24ba22123f18 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -28,6 +28,7 @@ import java.lang.reflect.Field;
import java.net.InetAddress;
import java.net.URI;
import java.net.UnknownHostException;
+import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
@@ -62,6 +63,19 @@ import com.netscape.cmsutil.crypto.CryptoUtil;
*/
public class MainCLI extends CLI {
+/**
+ * These commands should not be executed after CryptoManager.initialize()
+ * since they may modify the NSS database or execute external commands
+ * using the same NSS database.
+ */
+public final static Collection RESTRICTED_COMMANDS = Arrays.asList(
+"client-init",
+"client-cert-import",
+"client-cert-mod",
+"client-cert-request",
+"client-cert-show"
+);
+
public ClientConfig config = new ClientConfig();
public Collection rejectedCertStatuses = new HashSet();
@@ -522,11 +536,7 @@ public class MainCLI extends CLI {
// Do not call CryptoManager.initialize() on some commands
// because otherwise the database will be locked.
String command = cmdArgs[0];
-if (!command.equals("client-init") &&
-!command.equals("client-cert-import") &&
-!command.equals("client-cert-mod") &&
-!command.equals("client-cert-request") &&
-!command.equals("client-cert-show")) {
+if (!RESTRICTED_COMMANDS.contains(command)) {
init();
}
--
2.5.5
___
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
[Pki-devel] [PATCH] 924 Fixed Ctrl-C handling in PKI CLI.
The PKI CLI has been modified to catch KeyboardInterrupt and exit cleanly without displaying the stack trace. Pushed to master under trivial rule. -- Endi S. Dewata >From 17df5982a5e312eb3400237655740efe7c2f74e1 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Mon, 30 Jan 2017 22:33:47 +0100 Subject: [PATCH] Fixed Ctrl-C handling in PKI CLI. The PKI CLI has been modified to catch KeyboardInterrupt and exit cleanly without displaying the stack trace. --- base/java-tools/bin/pki | 4 1 file changed, 4 insertions(+) diff --git a/base/java-tools/bin/pki b/base/java-tools/bin/pki index ba321be9698b385d2c726c8930f079663089ab6d..53e1b893a7e7a5f80c309039e08507b1ddf9c85e 100644 --- a/base/java-tools/bin/pki +++ b/base/java-tools/bin/pki @@ -230,3 +230,7 @@ if __name__ == '__main__': elif cli.debug: traceback.print_exc() sys.exit(e.returncode) + +except KeyboardInterrupt: +print() +sys.exit(-1) -- 2.5.5 ___ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel
