mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java
@@ -33,12 +33,21 @@ import static org.opends.server.util.ServerConstants.MAX_LINE_WIDTH; import static org.opends.server.util.StaticUtils.wrapText; import java.io.FileInputStream; import java.io.IOException; import java.io.OutputStream; import java.io.PrintStream; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.util.HashSet; import java.util.logging.Level; import java.util.logging.Logger; import org.opends.admin.ads.ADSContext; import org.opends.admin.ads.ADSContextException; import org.opends.admin.ads.util.ApplicationTrustManager; import org.opends.server.admin.client.cli.DsServiceCliReturnCode.ReturnCode; import org.opends.server.loggers.debug.DebugTracer; import org.opends.server.types.DebugLogLevel; @@ -51,6 +60,7 @@ import org.opends.server.util.args.SubCommand; import org.opends.server.util.args.SubCommandArgumentParser; /** * This class will parser CLI arguments. */ @@ -102,6 +112,27 @@ private BooleanArgument verboseArg = null; /** * The 'trustStore' global argument. */ private StringArgument trustStorePathArg = null; /** * The 'trustStorePassword' global argument. */ private StringArgument trustStorePasswordArg = null; /** * The 'trustStorePasswordFile' global argument. */ private FileBasedArgument trustStorePasswordFileArg = null; /** * The Logger. */ static private final Logger LOG = Logger.getLogger(DsServiceCliParser.class.getName()); /** * The diferent CLI group. */ public HashSet<DsServiceCliSubCommandGroup> cliGroup; @@ -206,6 +237,24 @@ MSGID_DESCRIPTION_BINDPASSWORDFILE); addGlobalArgument(bindPasswordFileArg); trustStorePathArg = new StringArgument("trustStorePath", OPTION_SHORT_TRUSTSTOREPATH, OPTION_LONG_TRUSTSTOREPATH, false, false, true, OPTION_VALUE_TRUSTSTOREPATH, null, null, MSGID_DESCRIPTION_TRUSTSTOREPATH); addGlobalArgument(trustStorePathArg); trustStorePasswordArg = new StringArgument("trustStorePassword", null, OPTION_LONG_TRUSTSTORE_PWD, false, false, true, OPTION_VALUE_TRUSTSTORE_PWD, null, null, MSGID_DESCRIPTION_TRUSTSTOREPASSWORD); addGlobalArgument(trustStorePasswordArg); trustStorePasswordFileArg = new FileBasedArgument("truststorepasswordfile", OPTION_SHORT_TRUSTSTORE_PWD_FILE, OPTION_LONG_TRUSTSTORE_PWD_FILE, false, false, OPTION_VALUE_TRUSTSTORE_PWD_FILE, null, null, MSGID_DESCRIPTION_TRUSTSTOREPASSWORD_FILE); addGlobalArgument(trustStorePasswordFileArg); verboseArg = new BooleanArgument("verbose", 'v', "verbose", MSGID_DESCRIPTION_VERBOSE); addGlobalArgument(verboseArg); @@ -383,6 +432,84 @@ } } /** * Indicate if the SSL mode is required. * * @return True if SSL mode is required */ public boolean useSSL() { if (useSSLArg.isPresent()) { return true; } else { return false ; } } /** * Handle TrustStore. * * @return The trustStore manager to be used for the command. */ public ApplicationTrustManager getTrustManager() { ApplicationTrustManager trustStore = null ; KeyStore keyStore = null ; if (trustStorePathArg.isPresent()) { try { FileInputStream fos = new FileInputStream(trustStorePathArg.getValue()); String trustStorePasswordValue = null; if (trustStorePasswordArg.isPresent()) { trustStorePasswordValue = trustStorePasswordArg.getValue(); } else if (trustStorePasswordFileArg.isPresent()) { trustStorePasswordValue = trustStorePasswordFileArg.getValue(); } keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(fos, trustStorePasswordValue.toCharArray()); } catch (KeyStoreException e) { // Nothing to do: if this occurs we will systematically refuse the // certificates. Maybe we should avoid this and be strict, but we are // in a best effor mode. LOG.log(Level.WARNING, "Error with the keystore", e); } catch (NoSuchAlgorithmException e) { // Nothing to do: if this occurs we will systematically refuse the // certificates. Maybe we should avoid this and be strict, but we are // in a best effor mode. LOG.log(Level.WARNING, "Error with the keystore", e); } catch (CertificateException e) { // Nothing to do: if this occurs we will systematically refuse the // certificates. Maybe we should avoid this and be strict, but we are // in a best effor mode. LOG.log(Level.WARNING, "Error with the keystore", e); } catch (IOException e) { // Nothing to do: if this occurs we will systematically refuse the // certificates. Maybe we should avoid this and be strict, but we are // in a best effor mode. LOG.log(Level.WARNING, "Error with the keystore", e); } } trustStore = new ApplicationTrustManager(keyStore); trustStore.setHost(getHostName()); return trustStore ; } /** * Indication if provided global options are validate. * @@ -404,6 +531,18 @@ return returnCode.CONFLICTING_ARGS.getReturnCode(); } // Couldn't have at the same time trustStorePasswordArg and // trustStorePasswordFileArg if (trustStorePasswordArg.isPresent() && trustStorePasswordFileArg.isPresent()) { int msgID = MSGID_TOOL_CONFLICTING_ARGS; String message = getMessage(msgID, trustStorePasswordArg .getLongIdentifier(), trustStorePasswordFileArg.getLongIdentifier()); err.println(wrapText(message, MAX_LINE_WIDTH)); return returnCode.CONFLICTING_ARGS.getReturnCode(); } return ReturnCode.SUCCESSFUL_NOP.getReturnCode(); }
