[Pki-devel] [PATCH] pki-cfu-0157-Ticket-2534-additional-reset-cert-status-after-succe.patch

Wed, 04 Jan 2017 11:26:39 -0800 

This patch addresses additional issue found after last fix for
https://fedorahosted.org/pki/ticket/2534 Automatic recovery of encryption cert - CA and TPS tokendb shows different certificate status
where the cert status still shows revoked_on_hold, even though the cert was just unrevoked successfully on the CA. 

thanks,

Christina


>From c1656bd16dfca8bb5eef4436ee64b95daaac70c8 Mon Sep 17 00:00:00 2001
From: Christina Fu <[email protected]>
Date: Wed, 4 Jan 2017 11:20:06 -0800
Subject: [PATCH] Ticket #2534 (additional) - reset cert status after
 successful unrevoke

---
 .../tps/src/org/dogtagpki/server/tps/processor/EnrolledCertsInfo.java | 4 ++++
 .../src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java    | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/EnrolledCertsInfo.java b/base/tps/src/org/dogtagpki/server/tps/processor/EnrolledCertsInfo.java
index 35793c71f2da2bb7a0c8e6525f3bcc52e21da87f..9395001b82d320312cfa8df4c7014e3967b9fa0a 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/EnrolledCertsInfo.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/EnrolledCertsInfo.java
@@ -163,6 +163,10 @@ public class EnrolledCertsInfo {
         certStatuses.add(status);
     }
 
+    public void setCertStatus(int index, TokenCertStatus status) {
+        certStatuses.set(index, status);
+    }
+
     public void setStartProgress(int startP) {
         startProgress = startP;
 
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
index 64cc571e3ce56d1722e197388647e3b65196b79f..aba0e99a361c2b3e99a3e4364d138312cf119d39 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
@@ -1960,7 +1960,8 @@ public class TPSEnrollProcessor extends TPSProcessor {
                             auditRevoke(certToRecover.getTokenID(), false /*off-hold*/, -1 /*na*/,
                                     String.valueOf(response.getStatus()), serialToRecover, caConnId, null);
                             // successful unrevoke should mark the cert "active"
-                            certsInfo.addCertStatus(TokenCertStatus.ACTIVE);
+                            CMS.debug(method + ": unrevoke successful. Setting cert status to active for actualCertIndex:" + actualCertIndex);
+                            certsInfo.setCertStatus(actualCertIndex, TokenCertStatus.ACTIVE);
                         } catch (EBaseException e) {
                             logMsg = "failed getting CARemoteRequestHandler";
                             CMS.debug(method + ":" + logMsg);
-- 
2.7.4


_______________________________________________
Pki-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pki-devel

Reply via email to