Clone CA: pkispawn does not throw an error when master CA has serialCloneTransferNumber=0 set #2104

pki-bot · 2020-10-03T00:47:57Z

This issue was migrated from Pagure Issue #1545. Originally filed by mharmsen (@mharmsen) on 2015-08-06 22:34:37:

Assigned to nobody

Clone CA: pkispawn does not throw an error when master CA has
serialCloneTransferNumber=0 set

Steps to Reproduce:

1. pkispawn master CA
2. Edit the CS.cfg

beginSerialNumber=1
endSerialNumber=100000

cloneTansferNumber=0

Actual results:

pkispawn does not throw any error

Debug log has the following error message

[05/Aug/2015:16:53:36][localhost-startStop-1]: masterConn is connected: true
[05/Aug/2015:16:53:36][localhost-startStop-1]: getConn: conn is connected true
[05/Aug/2015:16:53:36][localhost-startStop-1]: getConn: mNumConns now 2
[05/Aug/2015:16:53:36][localhost-startStop-1]: DBSubsystem: getNextRange  Next
range has been added: 10000001 - 20000000
[05/Aug/2015:16:53:36][localhost-startStop-1]: Releasing ldap connection
[05/Aug/2015:16:53:36][localhost-startStop-1]: returnConn: mNumConns now 3
[05/Aug/2015:16:53:36][localhost-startStop-1]: nNextMinSerialNo has been set to
10000001
[05/Aug/2015:16:53:36][localhost-startStop-1]: DBSubsystem: Setting next min
requests number: 10000001
[05/Aug/2015:16:53:36][localhost-startStop-1]: DBSubsystem: Setting next max
requests number: 20000000
[05/Aug/2015:16:53:36][localhost-startStop-1]: Checking for a range conflict
[05/Aug/2015:16:53:36][localhost-startStop-1]: In
LdapBoundConnFactory::getConn()
[05/Aug/2015:16:53:36][localhost-startStop-1]: masterConn is connected: true
[05/Aug/2015:16:53:36][localhost-startStop-1]: getConn: conn is connected true
[05/Aug/2015:16:53:36][localhost-startStop-1]: getConn: mNumConns now 2
[05/Aug/2015:16:53:36][localhost-startStop-1]: Releasing ldap connection
[05/Aug/2015:16:53:36][localhost-startStop-1]: returnConn: mNumConns now 3
[05/Aug/2015:16:53:36][localhost-startStop-1]: CMSEngine: checking certificate
serial number ranges
[05/Aug/2015:16:53:36][localhost-startStop-1]: In
LdapBoundConnFactory::getConn()
[05/Aug/2015:16:53:36][localhost-startStop-1]: masterConn is connected: true
[05/Aug/2015:16:53:36][localhost-startStop-1]: getConn: conn is connected true
[05/Aug/2015:16:53:36][localhost-startStop-1]: getConn: mNumConns now 2
[05/Aug/2015:16:53:36][localhost-startStop-1]: Repository: getSerialNumber()
[05/Aug/2015:16:53:37][localhost-startStop-1]: returnConn: mNumConns now 3
[05/Aug/2015:16:53:37][localhost-startStop-1]: Repository: getSerialNumber
serial=1
[05/Aug/2015:16:53:37][localhost-startStop-1]: Repository:setSerialNumber 2
[05/Aug/2015:16:53:37][localhost-startStop-1]: Repository: in InitCache
[05/Aug/2015:16:53:37][localhost-startStop-1]: Repository: Instance of
Certificate Repository.
[05/Aug/2015:16:53:37][localhost-startStop-1]: Repository: minSerial:101
maxSerial: 100
[05/Aug/2015:16:53:37][localhost-startStop-1]: Repository: nextMinSerial:
nextMaxSerial:
[05/Aug/2015:16:53:37][localhost-startStop-1]: Repository: increment:10000000
lowWaterMark: 2000000
[05/Aug/2015:16:53:37][localhost-startStop-1]: CertificateRepository:  in
getLastSerialNumberInRange: low 257 high 256
Error in obtaining the last serial number in the repository!
        at com.netscape.cmscore.dbs.Repository.initCache(Repository.java:323)
        at com.netscape.cmscore.dbs.Repository.checkRanges(Repository.java:475)
        at
org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1272)
        at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1197)
        at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1087)
        at org.apache.catalina.core.StandardContext.loadOnStartup(StandardConte
xt.java:5210)
        at org.apache.catalina.core.StandardContext.startInternal(StandardConte
xt.java:5493)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
        at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
        at
org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java:133)
        at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(Contai
nerBase.java:156)
        at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(Contai
nerBase.java:145)
        at java.security.AccessController.doPrivileged(Native Method)
        at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:875)
        at
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632)
        at
org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:672)
        at org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConf
ig.java:1862)
        at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
        at java.util.concurrent.FutureTask.run(FutureTask.java:262)
        at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
        at java.lang.Thread.run(Thread.java:745)
[05/Aug/2015:16:53:37][localhost-startStop-1]: CMSEngine.shutdown()
[05/Aug/2015:16:53:37][localhost-startStop-1]: Destroying
LdapBoundConnFactory(DirAclAuthz)
[05/Aug/2015:16:53:37][localhost-startStop-1]: Destroying
LdapBoundConnFactory(PasswdUserDBAuthentication)
[05/Aug/2015:16:53:37][localhost-startStop-1]: Destroying
LdapAnonConnFactory(PasswdUserDBAuthentication)
[05/Aug/2015:16:53:37][localhost-startStop-1]: disconnecting connection 0

Expected results: