[ozone] branch master updated: HDDS-9050. Added exploratory logging to gather further information (#5103)

Mon, 24 Jul 2023 08:29:02 -0700 

This is an automated email from the ASF dual-hosted git repository.

arp pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git


The following commit(s) were added to refs/heads/master by this push:
     new 9adc5f4bd7 HDDS-9050. Added exploratory logging to gather further 
information (#5103)
9adc5f4bd7 is described below

commit 9adc5f4bd72478f6bdebdf4d7276197c30d08b11
Author: Istvan Fajth <[email protected]>
AuthorDate: Mon Jul 24 17:28:11 2023 +0200

    HDDS-9050. Added exploratory logging to gather further information (#5103)
---
 .../x509/certificate/authority/DefaultApprover.java        | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git 
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
 
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
index ad08cb4629..bd394fe095 100644
--- 
a/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
+++ 
b/hadoop-hdds/framework/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/authority/DefaultApprover.java
@@ -42,12 +42,16 @@ import 
org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
 import org.bouncycastle.operator.OperatorCreationException;
 import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
 import org.bouncycastle.pkcs.PKCS10CertificationRequest;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.math.BigInteger;
 import java.security.PrivateKey;
+import java.util.Arrays;
 import java.util.Date;
 import java.util.concurrent.CompletableFuture;
+import java.util.stream.Collectors;
 
 import static 
org.apache.hadoop.hdds.security.x509.certificate.utils.CertificateSignRequest.getDistinguishedName;
 import static 
org.apache.hadoop.hdds.security.x509.certificate.utils.CertificateSignRequest.getPkcs9Extensions;
@@ -57,6 +61,8 @@ import static 
org.apache.hadoop.hdds.security.x509.certificate.utils.Certificate
  */
 public class DefaultApprover extends BaseApprover {
 
+  private static final Logger LOG =
+      LoggerFactory.getLogger(DefaultApprover.class);
   /**
    * Constructs the Default Approver.
    *
@@ -145,6 +151,14 @@ public class DefaultApprover extends BaseApprover {
             x500Name, keyInfo);
 
     Extensions exts = getPkcs9Extensions(certificationRequest);
+    LOG.info("Extensions in CSR: {}",
+        Arrays.stream(exts.getExtensionOIDs())
+            .map(ASN1ObjectIdentifier::getId)
+            .collect(Collectors.joining(", ")));
+    LOG.info("Extensions to add to the certificate if they present in CSR: {}",
+        Arrays.stream(getProfile().getSupportedExtensions())
+            .map(oid -> oid == null ? "null" : oid.getId())
+            .collect(Collectors.joining(", ")));
     for (ASN1ObjectIdentifier extId : getProfile().getSupportedExtensions()) {
       Extension ext = exts.getExtension(extId);
       if (ext != null) {


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to