Issue #1260: Installation fails due to double hyphen "--" in hostname - dogtagpki

dogtagpki

#1260 Installation fails due to double hyphen "--" in hostname

Closed: Fixed None Opened 9 years ago by mkosek.

This is a clone of https://bugzilla.redhat.com/show_bug.cgi?id=1162173.

Currently pkispawn fails if the hostname contains double hypen "--".

WARNING: Catalina.start using conf/server.xml: The string "--" is not permitted within comments.
Nov 07, 2014 10:12:05 PM org.apache.tomcat.util.digester.Digester fatalError
SEVERE: Parse Fatal Error at line 31 column 40: The string "--" is not permitted within comments.
org.xml.sax.SAXParseException; systemId: file:/var/lib/pki/pki-tomcat/conf/server.xml; lineNumber: 31; columnNumber: 40; The string "--" is not permitted within comments.
        at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
        at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)
...

The problem is pkispawn stores the hostname in a comment section in server.xml to provide the server URLs for pkidaemon, so if the hostname contains a double hypen the XML format becomes invalid.

<!-- DO NOT REMOVE - Begin PKI Status Definitions -->
<!-- CA Status Definitions -->
<!--
Unsecure URL        = http://[PKI_HOSTNAME]:[PKI_UNSECURE_PORT]/ca/ee/ca
Secure Agent URL    = https://[PKI_HOSTNAME]:[PKI_AGENT_SECURE_PORT]/ca/agent/ca
Secure EE URL       = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_PORT]/ca/ee/ca
Secure Admin URL    = https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca/services
EE Client Auth URL  = https://[PKI_HOSTNAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT]/ca/eeca/ca
PKI Console Command = pkiconsole https://[PKI_HOSTNAME]:[PKI_ADMIN_SECURE_PORT]/ca
Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
...
-->
<!-- DO NOT REMOVE - End PKI Status Definitions -->

Proposed solution: The above lines should be removed from server.xml with an upgrade script. The pkidaemon should obtain the URLs (or the hostname and ports) directly from the CS.cfg of each subsystem.

mharmsen commented 9 years ago

Per CS/DS meeting of 02/16/2015: 10.3

mharmsen commented 8 years ago

Per discussions in the Dogtag 10.3 Triage meeting of 01/06/2016: priority low

ftweedal commented 8 years ago

attachment
pki-ftweedal-0076-Avoid-XML-parse-fail-with-double-hyphen-in-hostname.patch

ftweedal commented 8 years ago

Pushed to master (8beb5cfa4cd81fbf47ea8cd6839b793c2a12284e)

Metadata Update from @mkosek:
- Issue assigned to ftweedal
- Issue set to the milestone: 10.3.0.a1

7 years ago

dmoluguw commented 3 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/1822

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata

Assignee

ftweedal

Tags

None

Blocking

None

Depending on

None

Priority

minor

Milestone

10.3.0.a1

lowhangingfruit

None

reporter

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1162173

type

defect

version

None

keywords

None

estimate

None

feature

None

origin

Community

proposedpriority

None

fixedinversion

None

platforms

None

blockedby

None

blocking

None

reviewer

None

component

Installation/Configuration

proposedmilestone

None

dogtagpki

Source Code

#1260 Installation fails due to double hyphen "--" in hostname Closed: Fixed None Opened 9 years ago by mkosek.

Metadata

#1260 Installation fails due to double hyphen "--" in hostname

Closed: Fixed None Opened 9 years ago by mkosek.