From: Felix Dörre <felix@dogcraft.de>
Date: Thu, 26 Nov 2015 11:06:31 +0000 (+0100)
Subject: upd: allow deletion of ping configurations
X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=ceffae33b0339a2ea8708686320ef9d20e7daaea

upd: allow deletion of ping configurations
---

diff --git a/src/org/cacert/gigi/database/DatabaseConnection.java b/src/org/cacert/gigi/database/DatabaseConnection.java
index 2552ed90..868f4233 100644
--- a/src/org/cacert/gigi/database/DatabaseConnection.java
+++ b/src/org/cacert/gigi/database/DatabaseConnection.java
@@ -99,7 +99,7 @@ public class DatabaseConnection {
 
     }
 
-    public static final int CURRENT_SCHEMA_VERSION = 6;
+    public static final int CURRENT_SCHEMA_VERSION = 7;
 
     public static final int CONNECTION_TIMEOUT = 24 * 60 * 60;
 
diff --git a/src/org/cacert/gigi/database/tableStructure.sql b/src/org/cacert/gigi/database/tableStructure.sql
index 301dabd2..93014b9a 100644
--- a/src/org/cacert/gigi/database/tableStructure.sql
+++ b/src/org/cacert/gigi/database/tableStructure.sql
@@ -103,6 +103,7 @@ CREATE TABLE "pingconfig" (
   "domainid" int NOT NULL,
   "type" "pingType" NOT NULL,
   "info" varchar(255) NOT NULL,
+  "deleted" timestamp NULL DEFAULT NULL,
   PRIMARY KEY ("id")
 );
 
@@ -373,7 +374,7 @@ CREATE TABLE "schemeVersion" (
   "version" smallint NOT NULL,
   PRIMARY KEY ("version")
 );
-INSERT INTO "schemeVersion" (version)  VALUES(6);
+INSERT INTO "schemeVersion" (version)  VALUES(7);
 
 DROP TABLE IF EXISTS `passwordResetTickets`;
 CREATE TABLE `passwordResetTickets` (
diff --git a/src/org/cacert/gigi/database/upgrade/from_6.sql b/src/org/cacert/gigi/database/upgrade/from_6.sql
new file mode 100644
index 00000000..62e65bdb
--- /dev/null
+++ b/src/org/cacert/gigi/database/upgrade/from_6.sql
@@ -0,0 +1 @@
+ALTER TABLE "pingconfig" ADD COLUMN "deleted" timestamp NULL DEFAULT NULL;
diff --git a/src/org/cacert/gigi/dbObjects/Domain.java b/src/org/cacert/gigi/dbObjects/Domain.java
index 78ebc9bb..e5d66a93 100644
--- a/src/org/cacert/gigi/dbObjects/Domain.java
+++ b/src/org/cacert/gigi/dbObjects/Domain.java
@@ -171,7 +171,7 @@ public class Domain implements IdCachable, Verifyable {
         LinkedList<DomainPingConfiguration> configs = this.configs;
         if (configs == null) {
             configs = new LinkedList<>();
-            try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT id FROM pingconfig WHERE domainid=?")) {
+            try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT id FROM pingconfig WHERE domainid=? AND `deleted` IS NULL")) {
                 ps.setInt(1, id);
                 GigiResultSet rs = ps.executeQuery();
                 while (rs.next()) {
@@ -194,6 +194,14 @@ public class Domain implements IdCachable, Verifyable {
         configs = null;
     }
 
+    public void clearPings() throws GigiApiException {
+        try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `pingconfig` SET `deleted`=CURRENT_TIMESTAMP WHERE `deleted` is NULL AND `domainid`=?")) {
+            ps.setInt(1, id);
+            ps.execute();
+        }
+        configs = null;
+    }
+
     public synchronized void verify(String hash) throws GigiApiException {
         try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `domainPinglog` SET `state`='success' WHERE `challenge`=? AND `state`='open' AND `configId` IN (SELECT `id` FROM `pingconfig` WHERE `domainid`=? AND `type`='email')")) {
             ps.setString(1, hash);
diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
index 94a0cad0..1810b7ae 100644
--- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
+++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.java
@@ -108,6 +108,7 @@ public class PingConfigForm extends Form {
 
     @Override
     public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
+        target.clearPings();
         if (req.getParameter("emailType") != null && req.getParameter("email") != null) {
             try {
                 String mail = AUTHORATIVE_EMAILS[Integer.parseInt(req.getParameter("email"))];
diff --git a/src/org/cacert/gigi/ping/PingerDaemon.java b/src/org/cacert/gigi/ping/PingerDaemon.java
index fa12d033..bc67e666 100644
--- a/src/org/cacert/gigi/ping/PingerDaemon.java
+++ b/src/org/cacert/gigi/ping/PingerDaemon.java
@@ -28,7 +28,7 @@ public class PingerDaemon extends Thread {
 
     @Override
     public void run() {
-        searchNeededPings = new GigiPreparedStatement("SELECT `pingconfig`.`id` FROM `pingconfig` LEFT JOIN `domainPinglog` ON `domainPinglog`.`configId` = `pingconfig`.`id` INNER JOIN `domains` ON `domains`.`id` = `pingconfig`.`domainid` WHERE ( `domainPinglog`.`configId` IS NULL OR `domainPinglog`.`when` < CURRENT_TIMESTAMP - interval '6 mons') AND `domains`.`deleted` IS NOT NULL AND `pingconfig`.`deleted` IS NOT NULL GROUP BY `pingconfig`.`id`");
+        searchNeededPings = new GigiPreparedStatement("SELECT `pingconfig`.`id` FROM `pingconfig` LEFT JOIN `domainPinglog` ON `domainPinglog`.`configId` = `pingconfig`.`id` INNER JOIN `domains` ON `domains`.`id` = `pingconfig`.`domainid` WHERE ( `domainPinglog`.`configId` IS NULL OR `domainPinglog`.`when` < CURRENT_TIMESTAMP - interval '6 mons') AND `domains`.`deleted` IS NULL AND `pingconfig`.`deleted` IS NULL GROUP BY `pingconfig`.`id`");
         pingers.put(DomainPingType.EMAIL, new EmailPinger());
         pingers.put(DomainPingType.SSL, new SSLPinger(truststore));
         pingers.put(DomainPingType.HTTP, new HTTPFetch());
diff --git a/src/org/cacert/gigi/ping/SSLPinger.java b/src/org/cacert/gigi/ping/SSLPinger.java
index 33b0a622..505a6b34 100644
--- a/src/org/cacert/gigi/ping/SSLPinger.java
+++ b/src/org/cacert/gigi/ping/SSLPinger.java
@@ -179,7 +179,6 @@ public class SSLPinger extends DomainPinger {
                         public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws java.security.cert.CertificateException {
                             java.security.cert.X509Certificate c = chain[0];
                             if ( !c.getExtendedKeyUsage().contains("1.3.6.1.5.5.7.3.1")) {
-                                System.out.println(c.getExtendedKeyUsage());
                                 throw new java.security.cert.CertificateException("Illegal EKU");
                             }
                         }
@@ -273,17 +272,16 @@ public class SSLPinger extends DomainPinger {
             }
             return PING_SUCCEDED;
         } catch (GeneralSecurityException e) {
-            e.printStackTrace();
+            // e.printStackTrace();
             return "Security failed";
         } catch (SSLException e) {
-            e.printStackTrace();
             // e.printStackTrace(); TODO log for user debugging?
             return "Security failed";
         } catch (IOException e) {
             // e.printStackTrace(); TODO log for user debugging?
             return "Connection closed";
         } catch (CertificateException e) {
-            e.printStackTrace();
+            // e.printStackTrace();
             return "Security failed";
         }
     }