mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opends/src/server/org/opends/server/tools/dsreplication/ReplicationCliMain.java
@@ -1163,7 +1163,7 @@ if (!error) { ctx2 = createInitialLdapContextInteracting(ci); ctx2 = createInitialLdapContextInteracting(ci, true); if (ctx2 == null) { @@ -2315,7 +2315,7 @@ if (!error) { ctxDestination = createInitialLdapContextInteracting(ci); ctxDestination = createInitialLdapContextInteracting(ci, true); if (ctxDestination == null) { opends/src/server/org/opends/server/util/cli/ConsoleApplication.java
@@ -863,6 +863,25 @@ protected InitialLdapContext createInitialLdapContextInteracting( LDAPConnectionConsoleInteraction ci) throws ClientException { return createInitialLdapContextInteracting(ci, isInteractive() && ci.isTrustStoreInMemory()); } /** * Creates an Initial LDAP Context interacting with the user if the * application is interactive. * @param ci the LDAPConnectionConsoleInteraction object that is assumed * to have been already run. * @param promptForCertificate whether we should prompt for the certificate * or not. * @return the initial LDAP context or <CODE>null</CODE> if the user did * not accept to trust the certificates. * @throws ClientException if there was an error establishing the connection. */ protected InitialLdapContext createInitialLdapContextInteracting( LDAPConnectionConsoleInteraction ci, boolean promptForCertificate) throws ClientException { // Interact with the user though the console to get // LDAP connection information String hostName = ConnectionUtils.getHostNameForLdapUrl(ci.getHostName()); @@ -889,7 +908,7 @@ } catch (NamingException e) { if ( isInteractive() && ci.isTrustStoreInMemory()) if (promptForCertificate) { OpendsCertificateException oce = getCertificateRootException(e); if (oce != null) @@ -919,7 +938,7 @@ } if (e.getCause() != null) { if (!ci.isTrustStoreInMemory() && if (!isInteractive() && !ci.isTrustAll()) { if (getCertificateRootException(e) != null || @@ -964,7 +983,7 @@ } catch (NamingException e) { if ( isInteractive() && ci.isTrustStoreInMemory()) if (promptForCertificate) { OpendsCertificateException oce = getCertificateRootException(e); if (oce != null) @@ -1021,41 +1040,6 @@ } catch (NamingException e) { if ( isInteractive() && ci.isTrustStoreInMemory()) { OpendsCertificateException oce = getCertificateRootException(e); if (oce != null) { String authType = null; if (trustManager instanceof ApplicationTrustManager) { ApplicationTrustManager appTrustManager = (ApplicationTrustManager)trustManager; authType = appTrustManager.getLastRefusedAuthType(); } if (ci.checkServerCertificate(oce.getChain(), authType, hostName)) { // If the certificate is trusted, update the trust manager. trustManager = ci.getTrustManager(); // Try to connect again. continue; } else { // Assume user canceled. return null; } } else { Message message = ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT.get( hostName, String.valueOf(portNumber)); throw new ClientException( LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message); } } Message message = ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT.get( hostName, String.valueOf(portNumber)); throw new ClientException( opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java
@@ -94,7 +94,7 @@ // the Console application private ConsoleApplication app; // Indicate if the truststore in in memory // Indicate if the trust store in in memory private boolean trustStoreInMemory = false; // Indicate if the all certificates are accepted @@ -103,7 +103,7 @@ // Indicate that the trust manager was created with the parameters provided private boolean trustManagerInitialized; // The truststore to use for the SSL or STARTTLS connection // The trust store to use for the SSL or STARTTLS connection private KeyStore truststore; private String keystorePath; @@ -835,8 +835,8 @@ trustAll = secureArgsList.trustAllArg.isPresent(); // Try to use the local instance trustore, to avoid certifacte validation // when both the CLI and the server are in the same instance. // Try to use the local instance trust store, to avoid certificate // validation when both the CLI and the server are in the same instance. if (weDontKnowTheTrustMethod) { if (addLocalTrustStore()) { weDontKnowTheTrustMethod = false; @@ -883,7 +883,7 @@ else if (result.getValue().equals( TrustMethod.TRUSTSTORE.getChoice())) { // We have to ask for truststore info // We have to ask for trust store info askForTrustStore = true; } else if (result.getValue().equals( @@ -917,7 +917,7 @@ } // If we do not trust all server certificates, we have to get info // about truststore. First get the truststore path. // about trust store. First get the trust store path. truststorePath = secureArgsList.trustStorePathArg.getValue(); if (app.isInteractive() && !secureArgsList.trustStorePathArg.isPresent() @@ -1438,9 +1438,9 @@ } /** * Indicate if the truststore is in memory. * Indicate if the trust store is in memory. * * @return true if the truststore is in memory. * @return true if the trust store is in memory. */ public boolean isTrustStoreInMemory() { return this.trustStoreInMemory; @@ -1933,7 +1933,7 @@ /** * Resets the trust manager, so that next time we call the run() method * the trust manager takes into account the local truststore. * the trust manager takes into account the local trust store. */ public void resetTrustManager() { @@ -2043,7 +2043,7 @@ private void initializeTrustManager() throws ArgumentException { // Get truststore info // Get trust store info trustManager = getTrustManagerInternal(); // Check if we need client side authentication @@ -2076,7 +2076,7 @@ /** * Add the TrustStore of the administration connector of the local instance. * * @return true if the local trustore has been added. * @return true if the local trust store has been added. */ private boolean addLocalTrustStore() {
