Trying to submit HTTP POST to revoke some certificates, and getting java.lang.NullPointerException when parameter revokeAll is missing
Steps to Reproduce: 1. Create a ca instance
create a temp directory for agent or default admin NSS db, import p12 file
get nonce, for example:
wget --no-check-certificate -O ./reasonToRevoke.11.html --ca-directory=/root/tmpcert.agent2 --certificate=agent2.crt.pem --private-key=agent2.key.pem --ca-certificate=ca.crt.pem https://ca1.example.com:9443/ca/agent/ca/reasonToRevoke --post-data='commit=yes &op=reasonToRevoke&updateCRL=yes&totalRecordCount=1&serialNumber=11&revokeAll=% 28certRecordId=11%29'
grep -i nonce ./reasonToRevoke.11.html header.nonce = "-643408552814703747";
wget --no-check-certificate -O ./dorevoke.11.html --ca-directory=/root/tmpcert.agent2 --certificate=agent2.crt.pem --private-key=agent2.key.pem --ca-certificate=ca.crt.pem https://ca1.example.com:9443/ca/agent/ca/doRevoke --post-data='op=doRevoke&revo cationReason=6&totalRecordCount=1&verifiedRecordCount=1&serialNumber=b&csrReque storComments=testHttpPostDirect&nonce=-5754086369626330733'
Actual results:
... [25/Mar/2013:18:48:41]http-9443-Processor25: CMSServlet auditSubjectID: subjectID: agent2 [25/Mar/2013:18:48:41]http-9443-Processor25: DoRevoke: eeSerialNumber: b auditSerialNumber: 0xb [25/Mar/2013:18:48:41]http-9443-Processor25: In LdapBoundConnFactory::getConn() [25/Mar/2013:18:48:41]http-9443-Processor25: masterConn is connected: true [25/Mar/2013:18:48:41]http-9443-Processor25: getConn: conn is connected true [25/Mar/2013:18:48:41]http-9443-Processor25: getConn: mNumConns now 2 [25/Mar/2013:18:48:41]http-9443-Processor25: searchCertificateswith time limit filter null [25/Mar/2013:18:48:41]http-9443-Processor25: returnConn: mNumConns now 3
==> /var/log/pki-ca/catalina.out <== he.catalina.core.ApplicationContext log INFO: caDoRevoke-agent: java.lang.NullPointerException at com.netscape.cmscore.dbs.DBRegistry.getFilter(DBRegistry.java:203) at com.netscape.cmscore.dbs.DBRegistry.getFilter(DBRegistry.java:196) at com.netscape.cmscore.dbs.DBSSession.search(DBSSession.java:277) at com.netscape.cmscore.dbs.CertificateRepository.searchCertificates(Ce rtificateRepository.java:764) at com.netscape.cms.servlet.cert.DoRevoke.process(DoRevoke.java:434) at com.netscape.cms.servlet.cert.DoRevoke.process(DoRevoke.java:288) at com.netscape.cms.servlet.base.CMSServlet.service(CMSServlet.java:502)
Expected results:
no Java exception, may be a warning or error message
Additional info:
missing null test on f and c, line 203 is on the f = f.trim();
file ./base/common/src/com/netscape/cmscore/dbs/DBRegistry.java ... public String getFilter(String filter, IFilterConverter c) throws EBaseException { String f = filter;
f = f.trim(); if (f.startsWith("(") && f.endsWith(")")) { return "(" + getFilterComp(f.substring(1, f.length() - 1), c) + ")"; } else { return getFilterComp(filter, c); } }
Metadata Update from @nkinder: - Issue assigned to kaskahn - Issue set to the milestone: UNTRIAGED
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1151
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Metadata Update from @dmoluguw: - Issue close_status updated to: migrated - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.