Suggestions to enhance the SQL call pattern.

[gigi.git] / util-testing / org / cacert / gigi / util / SimpleSigner.java

diff --git a/util-testing/org/cacert/gigi/util/SimpleSigner.java b/util-testing/org/cacert/gigi/util/SimpleSigner.java
index a0c3898369391b0a14bc019326373402f140aa8d..296eb99e5bb73a9f3c88697bc206b24d7e7bbacb 100644 (file)
--- a/util-testing/org/cacert/gigi/util/SimpleSigner.java
+++ b/util-testing/org/cacert/gigi/util/SimpleSigner.java
@@ -40,6 +40,7 @@ import javax.security.auth.x500.X500Principal;
 
 import org.cacert.gigi.crypto.SPKAC;
 import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.database.DatabaseConnection.Link;
 import org.cacert.gigi.database.GigiPreparedStatement;
 import org.cacert.gigi.database.GigiResultSet;
 import org.cacert.gigi.dbObjects.Certificate.CSRType;
@@ -116,30 +117,35 @@ public class SimpleSigner {
             throw new IllegalStateException("already running");
         }
         running = true;
-        readyCerts = new GigiPreparedStatement("SELECT certs.id AS id, certs.csr_name, jobs.id AS jobid, csr_type, md, `executeFrom`, `executeTo`, profile FROM jobs " + //
-                "INNER JOIN certs ON certs.id=jobs.`targetId` " + //
-                "INNER JOIN profiles ON profiles.id=certs.profile " + //
-                "WHERE jobs.state='open' "//
-                + "AND task='sign'");
 
-        getSANSs = new GigiPreparedStatement("SELECT contents, type FROM `subjectAlternativeNames` " + //
-                "WHERE `certId`=?");
+        runner = new Thread() {
 
-        updateMail = new GigiPreparedStatement("UPDATE certs SET crt_name=?," + " created=NOW(), serial=?, caid=? WHERE id=?");
-        warnMail = new GigiPreparedStatement("UPDATE jobs SET warning=warning+1, state=IF(warning<3, 'open','error') WHERE id=?");
+            @Override
+            public void run() {
+                try (Link l = DatabaseConnection.newLink(false)) {
+                    readyCerts = new GigiPreparedStatement("SELECT certs.id AS id, certs.csr_name, jobs.id AS jobid, csr_type, md, `executeFrom`, `executeTo`, profile FROM jobs " + //
+                            "INNER JOIN certs ON certs.id=jobs.`targetId` " + //
+                            "INNER JOIN profiles ON profiles.id=certs.profile " + //
+                            "WHERE jobs.state='open' "//
+                            + "AND task='sign'");
 
-        revoke = new GigiPreparedStatement("SELECT certs.id, certs.csr_name,jobs.id FROM jobs INNER JOIN certs ON jobs.`targetId`=certs.id" + " WHERE jobs.state='open' AND task='revoke'");
-        revokeCompleted = new GigiPreparedStatement("UPDATE certs SET revoked=NOW() WHERE id=?");
+                    getSANSs = new GigiPreparedStatement("SELECT contents, type FROM `subjectAlternativeNames` " + //
+                            "WHERE `certId`=?");
 
-        finishJob = new GigiPreparedStatement("UPDATE jobs SET state='done' WHERE id=?");
+                    updateMail = new GigiPreparedStatement("UPDATE certs SET crt_name=?," + " created=NOW(), serial=?, caid=? WHERE id=?");
+                    warnMail = new GigiPreparedStatement("UPDATE jobs SET warning=warning+1, state=IF(warning<3, 'open','error') WHERE id=?");
 
-        locateCA = new GigiPreparedStatement("SELECT id FROM cacerts WHERE keyname=?");
+                    revoke = new GigiPreparedStatement("SELECT certs.id, certs.csr_name,jobs.id FROM jobs INNER JOIN certs ON jobs.`targetId`=certs.id" + " WHERE jobs.state='open' AND task='revoke'");
+                    revokeCompleted = new GigiPreparedStatement("UPDATE certs SET revoked=NOW() WHERE id=?");
 
-        runner = new Thread() {
+                    finishJob = new GigiPreparedStatement("UPDATE jobs SET state='done' WHERE id=?");
 
-            @Override
-            public void run() {
-                work();
+                    locateCA = new GigiPreparedStatement("SELECT id FROM cacerts WHERE keyname=?");
+
+                    work();
+                } catch (InterruptedException e) {
+                    throw new Error(e);
+                }
             }
 
         };
@@ -374,7 +380,7 @@ public class SimpleSigner {
         return i;
     }
 
-    private static synchronized byte[] generateCert(PublicKey pk, PrivateKey prk, Map<String, String> subj, X500Principal issuer, List<SubjectAlternateName> altnames, Date fromDate, Date toDate, Digest digest, String eku) throws IOException, GeneralSecurityException {
+    public static synchronized byte[] generateCert(PublicKey pk, PrivateKey prk, Map<String, String> subj, X500Principal issuer, List<SubjectAlternateName> altnames, Date fromDate, Date toDate, Digest digest, String eku) throws IOException, GeneralSecurityException {
         File f = Paths.get("signer", "serial").toFile();
         if ( !f.exists()) {
             try (FileOutputStream fos = new FileOutputStream(f)) {
@@ -494,6 +500,9 @@ public class SimpleSigner {
             case "emailProtection":
                 oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.4");
                 break;
+            case "OCSPSigning":
+                oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.9");
+                break;
 
             default:
                 throw new Error(name);
@@ -506,7 +515,7 @@ public class SimpleSigner {
         return dos.toByteArray();
     }
 
-    private static X500Name genX500Name(Map<String, String> subj) throws IOException {
+    public static X500Name genX500Name(Map<String, String> subj) throws IOException {
         LinkedList<RDN> rdns = new LinkedList<>();
         for (Entry<String, String> i : subj.entrySet()) {
             RDN rdn = genRDN(i);