mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: e5ad0233 | patch | commit | ignore whitespace
david_page
11.53.2007 4c15dbb9e9c9e369dcb56dad014a9d47165a65be 
issue 466 (partial)
CryptoManager
- publish instance-key public-key-certificate in 'cn=instance keys,cn=admin data' at instance initialization
- misc cleanup in StaticUtils
3 files modified
43 ■■■■■ changed files
opends/src/server/org/opends/server/core/CryptoManagerSync.java 11 ●●●●● patch | view | raw | blame | history
opends/src/server/org/opends/server/types/CryptoManager.java 19 ●●●●● patch | view | raw | blame | history
opends/src/server/org/opends/server/util/StaticUtils.java 13 ●●●●● patch | view | raw | blame | history 
 opends/src/server/org/opends/server/core/CryptoManagerSync.java


@@ -111,9 +111,20 @@




  /**


   * Creates a new instance of this trust store synchronization thread.


   *


   * @throws InitializationException in case an exception occurs during


   * initialization, such as a failure to publish the instance-key-pair


   * public-key-certificate in ADS.


   */


  public CryptoManagerSync()


          throws InitializationException


  {


    try {


      CryptoManager.publishInstanceKeyEntryInADS();


    }


    catch (CryptoManager.CryptoManagerException ex) {


      throw new InitializationException(ex.getMessageObject());


    }


    DirectoryServer.registerBackendInitializationListener(this);




    try




 opends/src/server/org/opends/server/types/CryptoManager.java


@@ -504,27 +504,8 @@


   Publishes the instance key entry in ADS, if it does not already


   exist.




   TODO: The ADS configuration retrieves an instance's instance key


   certificate via ServerDescriptor and publishes it via ADSContext in


   that instance's ADS suffix (in the case a stand-alone instance is


   being configured) or in an existing ADS suffix (in the case the


   instance is being added to an existing ADS domain). Instead, have


   the instance call this routine at startup (after the backends and


   CryptoManager have been initialized), and change ADS configuration


   to retrieve the instance key from the ADS suffix in the second


   case, above (the first case would be unecessary).




   @throws CryptoManagerException In case there is a problem


   searching for the entry, or, if necessary, adding it.




   @see org.opends.admin.ads.ServerDescriptor


       #updatePublicKeyCertificate(


             org.opends.admin.ads.ServerDescriptor,


             javax.naming.ldap.InitialLdapContext)




   @see org.opends.admin.ads.ADSContext


       #registerInstanceKeyCertificate(


             java.util.Map, javax.naming.ldap.LdapName)


   */


  public static void publishInstanceKeyEntryInADS()


          throws CryptoManagerException {




 opends/src/server/org/opends/server/util/StaticUtils.java


@@ -112,14 +112,10 @@


   */


  public static byte[] getBytes(String s)


  {


    if (s == null) return null;




    try


    {


      if (s == null)


      {


        return null;


      }






      char c;


      int length = s.length();


      byte[] returnArray = new byte[length];


@@ -1040,7 +1036,6 @@


      buffer.append(indentBuf);


      buffer.append(byteToHex(currentByte));


      asciiBuf.append(byteToASCII(currentByte));


      pos++;




      for (int i=1; i < 16; i++)


      {


@@ -1647,7 +1642,7 @@


        try


        {


          className = className.substring(className.lastIndexOf('.') + 1);


        } catch (Exception e) {}


        } catch (Exception e) { /* ignored */ }


        buffer.append(className);


      }


      else


@@ -1656,7 +1651,7 @@


      }




      int i=0;


      buffer.append("(");


      buffer.append(" (");


      for (StackTraceElement e : t.getStackTrace())


      {


        if (i > 20)