commit d37d1cb1a2d33d17f15cbf9565a4bba99050e59a

Author: Fraser Tweedale <ftweedal@redhat.com>

Date:   Mon Jan 23 17:11:26 2017 +1000

    Use BigInteger for entryUSN

    Currently we try to parse the entryUSN into an Integer, which wraps

    the 'int' primitive type.  If entryUSN value is too large to fit in

    'int', NumberFormatException is raised.

    Change LDAPProfileSubsystem and CertificateAuthority to use

    BigInteger for entryUSN values.

    Fixes: https://fedorahosted.org/pki/ticket/2579

    (cherry picked from commit 79c6d70a8434cf52f9bac8bfa0367876baccb054)

    (cherry picked from commit 7727940c7f43161d5a7597756cf01f159b2a72d8)

diff --git a/base/ca/src/com/netscape/ca/CertificateAuthority.java b/base/ca/src/com/netscape/ca/CertificateAuthority.java

index ae90d3a..9b2ba03 100644

--- a/base/ca/src/com/netscape/ca/CertificateAuthority.java

+++ b/base/ca/src/com/netscape/ca/CertificateAuthority.java

@@ -333,7 +333,7 @@ public class CertificateAuthority

     /* Maps and sets of entryUSNs and nsUniqueIds for avoiding race

      * conditions and unnecessary reloads related to replication */

-    private static TreeMap<AuthorityID,Integer> entryUSNs = new TreeMap<>();

+    private static TreeMap<AuthorityID,BigInteger> entryUSNs = new TreeMap<>();

     private static TreeMap<AuthorityID,String> nsUniqueIds = new TreeMap<>();

     private static TreeSet<String> deletedNsUniqueIds = new TreeSet<>();

@@ -2904,7 +2904,7 @@ public class CertificateAuthority

         LDAPAttribute attr = entry.getAttribute("entryUSN");

         if (attr != null) {

-            Integer entryUSN = new Integer(attr.getStringValueArray()[0]);

+            BigInteger entryUSN = new BigInteger(attr.getStringValueArray()[0]);

             entryUSNs.put(aid, entryUSN);

             CMS.debug("postCommit: new entryUSN = " + entryUSN);

         }

@@ -3270,7 +3270,7 @@ public class CertificateAuthority

             return;

         }

-        Integer newEntryUSN = null;

+        BigInteger newEntryUSN = null;

         LDAPAttribute entryUSNAttr = entry.getAttribute("entryUSN");

         if (entryUSNAttr == null) {

             CMS.debug("readAuthority: no entryUSN");

@@ -3287,14 +3287,14 @@ public class CertificateAuthority

                 // entryUSN attribute being added.

             }

         } else {

-            newEntryUSN = new Integer(entryUSNAttr.getStringValueArray()[0]);

+            newEntryUSN = new BigInteger(entryUSNAttr.getStringValueArray()[0]);

             CMS.debug("readAuthority: new entryUSN = " + newEntryUSN);

         }

-        Integer knownEntryUSN = entryUSNs.get(aid);

+        BigInteger knownEntryUSN = entryUSNs.get(aid);

         if (newEntryUSN != null && knownEntryUSN != null) {

             CMS.debug("readAuthority: known entryUSN = " + knownEntryUSN);

-            if (newEntryUSN <= knownEntryUSN) {

+            if (newEntryUSN.compareTo(knownEntryUSN) <= 0) {

                 CMS.debug("readAuthority: data is current");

                 return;

             }

diff --git a/base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java

index 6dea1a0..348a9ab 100644

--- a/base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java

+++ b/base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java

@@ -19,6 +19,7 @@ package com.netscape.cmscore.profile;

 import java.io.ByteArrayInputStream;

 import java.io.InputStream;

+import java.math.BigInteger;

 import java.util.Arrays;

 import java.util.Hashtable;

 import java.util.LinkedHashMap;

@@ -64,7 +65,7 @@ public class LDAPProfileSubsystem

     /* Map of profileId -> entryUSN for the most recent view

      * of the profile entry that this instance has seen */

-    private TreeMap<String,Integer> entryUSNs;

+    private TreeMap<String,BigInteger> entryUSNs;

     private TreeMap<String,String> nsUniqueIds;

@@ -149,14 +150,14 @@ public class LDAPProfileSubsystem

         }

         profileId = LDAPDN.explodeDN(dn, true)[0];

-        Integer newEntryUSN = new Integer(

+        BigInteger newEntryUSN = new BigInteger(

                 ldapProfile.getAttribute("entryUSN").getStringValueArray()[0]);

         CMS.debug("readProfile: new entryUSN = " + newEntryUSN);

-        Integer knownEntryUSN = entryUSNs.get(profileId);

+        BigInteger knownEntryUSN = entryUSNs.get(profileId);

         if (knownEntryUSN != null) {

             CMS.debug("readProfile: known entryUSN = " + knownEntryUSN);

-            if (newEntryUSN <= knownEntryUSN) {

+            if (newEntryUSN.compareTo(knownEntryUSN) <= 0) {

                 CMS.debug("readProfile: data is current");

                 return;

             }

@@ -327,10 +328,10 @@ public class LDAPProfileSubsystem

                 return;

             }

-            Integer entryUSN = null;

+            BigInteger entryUSN = null;

             LDAPAttribute attr = entry.getAttribute("entryUSN");

             if (attr != null)

-                entryUSN = new Integer(attr.getStringValueArray()[0]);

+                entryUSN = new BigInteger(attr.getStringValueArray()[0]);

             entryUSNs.put(id, entryUSN);

             CMS.debug("commitProfile: new entryUSN = " + entryUSN);