Bug1990608 PS Allowing Token Transactions while the CA is Down

This patch propagates the exception thrown when revocation/unrevocation fails so that the token record is not updated on TPS; This allows the TPS token to be consistent with the certs on the CA. fixes https://bugzilla.redhat.com/show_bug.cgi?id=1990608
dogtagpki · Aug 5, 2021 · 196f449 · 196f449
1 parent 3e36712
commit 196f449
Showing 1 changed file with 10 additions and 4 deletions.
diff --git a/base/tps/src/main/java/org/dogtagpki/server/tps/TPSTokendb.java b/base/tps/src/main/java/org/dogtagpki/server/tps/TPSTokendb.java
@@ -614,7 +614,7 @@ private boolean isLastActiveSharedCert(String serial, String issuer, String cuid
     }
 
     private void revokeCert(TokenRecord tokenRecord, TPSCertRecord cert, String tokenReason,
-            String ipAddress, String remoteUser) {
+            String ipAddress, String remoteUser) throws Exception {
 
         String method = "TPSTokendb.revokeCert";
         String logMsg;
@@ -677,12 +677,15 @@ private void revokeCert(TokenRecord tokenRecord, TPSCertRecord cert, String toke
             tdbActivity(ActivityDatabase.OP_CERT_REVOCATION, tokenRecord,
                     ipAddress, e.getMessage(), "failure", remoteUser);
 
-            // continue revoking the next certificate
+            // bail out if revocation failed; This will allow the token
+            // status info to be consistent with that of the certs on the
+            // CA
+            throw e;
         }
     }
 
     private void unrevokeCert(TokenRecord tokenRecord, TPSCertRecord cert, String tokenReason,
-            String ipAddress, String remoteUser) {
+            String ipAddress, String remoteUser) throws Exception {
 
         String method = "TPSTokendb.unrevokeCert";
         String logMsg;
@@ -733,7 +736,10 @@ private void unrevokeCert(TokenRecord tokenRecord, TPSCertRecord cert, String to
             tdbActivity(ActivityDatabase.OP_CERT_RESTORATION, tokenRecord,
                     ipAddress, e.getMessage(), "failure", remoteUser);
 
-            // continue unrevoking the next certificate
+            // bail out if unrevocation failed; This will allow the token
+            // status info to be consistent with that of the certs on the
+            // CA
+            throw e;
         }
     }