X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FCertificateProfile.java;h=afcc019c417b172308d5092921df3e020e7879c5;hb=73ac9fa5e36efef14464f40294e43ef85fadf320;hp=87f55f7441bc6eaa9ce000ffd95152585741ea89;hpb=45e79fb2c635360f0afe589a47dd571f37158540;p=gigi.git diff --git a/src/org/cacert/gigi/dbObjects/CertificateProfile.java b/src/org/cacert/gigi/dbObjects/CertificateProfile.java index 87f55f74..afcc019c 100644 --- a/src/org/cacert/gigi/dbObjects/CertificateProfile.java +++ b/src/org/cacert/gigi/dbObjects/CertificateProfile.java @@ -10,7 +10,6 @@ import java.util.List; import java.util.Map; import java.util.Properties; -import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.database.GigiResultSet; @@ -181,7 +180,13 @@ public class CertificateProfile implements IdCachable { final HashMap myName = new HashMap(); final HashMap myId = new HashMap(); - for (File f : new File("config/profiles").listFiles()) { + File profiledir = new File("config/profiles"); + File[] profilelist = profiledir.listFiles(); + if (null == profilelist) { + throw new Error("Unable to list available profiles from " + profiledir.getName()); + } + + for (File f : profilelist) { Properties p = new Properties(); try (FileInputStream inStream = new FileInputStream(f)) { p.load(inStream); @@ -190,39 +195,41 @@ public class CertificateProfile implements IdCachable { } String[] parts = f.getName().split("\\.")[0].split("-", 2); - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `keyname`, `include`, `requires`, `name` FROM `profiles` WHERE `id`=?"); - ps.setInt(1, Integer.parseInt(parts[0])); - GigiResultSet rs = ps.executeQuery(); - - if (rs.next()) { - if ( !rs.getString("keyname").equals(parts[1])) { - throw new Error("Config error. Certificate Profile mismatch"); - } - if ( !rs.getString("include").equals(p.getProperty("include"))) { - throw new Error("Config error. Certificate Profile mismatch"); - } - if ( !rs.getString("requires").equals(p.getProperty("requires", ""))) { - throw new Error("Config error. Certificate Profile mismatch"); + try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `keyname`, `include`, `requires`, `name` FROM `profiles` WHERE `id`=?")) { + ps.setInt(1, Integer.parseInt(parts[0])); + GigiResultSet rs = ps.executeQuery(); + + if (rs.next()) { + if ( !rs.getString("keyname").equals(parts[1])) { + throw new Error("Config error. Certificate Profile mismatch"); + } + if ( !rs.getString("include").equals(p.getProperty("include"))) { + throw new Error("Config error. Certificate Profile mismatch"); + } + if ( !rs.getString("requires").equals(p.getProperty("requires", ""))) { + throw new Error("Config error. Certificate Profile mismatch"); + } + } else { + try (GigiPreparedStatement insert = new GigiPreparedStatement("INSERT INTO `profiles` SET `keyname`=?, `include`=?, `requires`=?, `name`=?, `id`=?")) { + insert.setString(1, parts[1]); + insert.setString(2, p.getProperty("include")); + insert.setString(3, p.getProperty("requires", "")); + insert.setString(4, p.getProperty("name")); + insert.setInt(5, Integer.parseInt(parts[0])); + insert.execute(); + } } - } else { - GigiPreparedStatement insert = DatabaseConnection.getInstance().prepare("INSERT INTO `profiles` SET `keyname`=?, `include`=?, `requires`=?, `name`=?, `id`=?"); - insert.setString(1, parts[1]); - insert.setString(2, p.getProperty("include")); - insert.setString(3, p.getProperty("requires", "")); - insert.setString(4, p.getProperty("name")); - insert.setInt(5, Integer.parseInt(parts[0])); - insert.execute(); } } - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT `id`, `keyname`, `name`, `requires`, `include` FROM `profiles`"); - GigiResultSet rs = ps.executeQuery(); - while (rs.next()) { - CertificateProfile cp = new CertificateProfile(rs.getInt("id"), rs.getString("keyName"), rs.getString("name"), rs.getString("requires"), rs.getString("include")); - myId.put(cp.getId(), cp); - myName.put(cp.getKeyName(), cp); + try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `id`, `keyname`, `name`, `requires`, `include` FROM `profiles`")) { + GigiResultSet rs = ps.executeQuery(); + while (rs.next()) { + CertificateProfile cp = new CertificateProfile(rs.getInt("id"), rs.getString("keyName"), rs.getString("name"), rs.getString("requires"), rs.getString("include")); + myId.put(cp.getId(), cp); + myName.put(cp.getKeyName(), cp); + } } - byName = Collections.unmodifiableMap(myName); byId = Collections.unmodifiableMap(myId); } @@ -259,7 +266,15 @@ public class CertificateProfile implements IdCachable { return false; } } else if (s.equals("codesign")) { - if (actor.isInGroup(Group.CODESIGNING)) { + if ( !actor.isInGroup(Group.CODESIGNING)) { + return false; + } + } else if (s.equals("ocsp")) { + if ( !(owner instanceof Organisation)) { + return false; + } + Organisation o = (Organisation) owner; + if ( !o.isSelfOrganisation()) { return false; } } else {