mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-server-legacy/src/main/java/org/opends/quicksetup/installer/Installer.java
@@ -22,10 +22,20 @@ * * * Copyright 2006-2010 Sun Microsystems, Inc. * Portions Copyright 2011-2014 ForgeRock AS * Portions Copyright 2011-2015 ForgeRock AS */ package org.opends.quicksetup.installer; import static org.forgerock.util.Utils.*; import static org.opends.admin.ads.ServerDescriptor.*; import static org.opends.admin.ads.ServerDescriptor.ServerProperty.*; import static org.opends.admin.ads.util.ConnectionUtils.*; import static org.opends.messages.QuickSetupMessages.*; import static org.opends.quicksetup.Step.*; import static org.opends.quicksetup.util.Utils.*; import static com.forgerock.opendj.cli.Utils.*; import java.awt.event.WindowEvent; import java.io.BufferedWriter; import java.io.File; @@ -118,16 +128,6 @@ import com.forgerock.opendj.util.OperatingSystem; import static com.forgerock.opendj.cli.Utils.*; import static org.forgerock.util.Utils.*; import static org.opends.admin.ads.ServerDescriptor.*; import static org.opends.admin.ads.ServerDescriptor.ServerProperty.*; import static org.opends.admin.ads.util.ConnectionUtils.*; import static org.opends.messages.QuickSetupMessages.*; import static org.opends.quicksetup.Step.*; import static org.opends.quicksetup.util.Utils.*; /** * This is an abstract class that is in charge of actually performing the * installation. @@ -145,36 +145,18 @@ */ public abstract class Installer extends GuiApplication { private TopologyCache lastLoadedCache; /** The minimum integer value that can be used for a port. */ public static final int MIN_PORT_VALUE = 1; /** Indicates that we've detected that there is something installed. */ boolean forceToDisplaySetup; /** The maximum integer value that can be used for a port. */ public static final int MAX_PORT_VALUE = 65535; /** When true indicates that the user has canceled this operation. */ protected boolean canceled; private boolean javaVersionCheckFailed; /** Map containing information about what has been configured remotely. */ private Map<ServerDescriptor, ConfiguredReplication> hmConfiguredRemoteReplication = new HashMap<ServerDescriptor, ConfiguredReplication>(); /** The name of the backend created on setup. */ public static final String BACKEND_NAME = "userRoot"; /** Constants used to do checks. */ private static final int MIN_DIRECTORY_MANAGER_PWD = 1; private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass(); /** * The minimum integer value that can be used for a port. */ public static final int MIN_PORT_VALUE = 1; /** * The maximum integer value that can be used for a port. */ public static final int MAX_PORT_VALUE = 65535; private static final int MIN_NUMBER_ENTRIES = 1; private static final int MAX_NUMBER_ENTRIES = 10000000; @@ -191,9 +173,24 @@ */ private static final int THRESHOLD_VERBOSE_START = 100000; private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass(); private TopologyCache lastLoadedCache; /** Indicates that we've detected that there is something installed. */ boolean forceToDisplaySetup; /** When true indicates that the user has canceled this operation. */ protected boolean canceled; private boolean javaVersionCheckFailed; /** Map containing information about what has been configured remotely. */ private Map<ServerDescriptor, ConfiguredReplication> hmConfiguredRemoteReplication = new HashMap<ServerDescriptor, ConfiguredReplication>(); /** Set of progress steps that have been completed. */ protected Set<InstallProgressStep> completedProgress = new HashSet<InstallProgressStep>(); protected Set<InstallProgressStep> completedProgress = new HashSet<InstallProgressStep>(); private final List<WizardStep> lstSteps = new ArrayList<WizardStep>(); @@ -205,8 +202,7 @@ SUBSTEPS.add(Step.REMOTE_REPLICATION_PORTS); } private final Map<WizardStep, WizardStep> hmPreviousSteps = new HashMap<WizardStep, WizardStep>(); private final Map<WizardStep, WizardStep> hmPreviousSteps = new HashMap<WizardStep, WizardStep>(); private char[] selfSignedCertPw; @@ -215,24 +211,20 @@ private boolean createdRemoteAds; private String lastImportProgress; /** * An static String that contains the class name of ConfigFileHandler. */ protected static final String DEFAULT_CONFIG_CLASS_NAME = "org.opends.server.extensions.ConfigFileHandler"; /** A static String that contains the class name of ConfigFileHandler. */ protected static final String DEFAULT_CONFIG_CLASS_NAME = "org.opends.server.extensions.ConfigFileHandler"; /** Alias of a self-signed certificate. */ protected static final String SELF_SIGNED_CERT_ALIAS = SecurityOptions.SELF_SIGNED_CERT_ALIAS; /** The threshold in minutes used to know whether we must display a warning * informing that there is a server clock difference between two servers * whose contents are being replicated. */ public static final int THRESHOLD_CLOCK_DIFFERENCE_WARNING = 5; protected static final String SELF_SIGNED_CERT_ALIAS = SecurityOptions.SELF_SIGNED_CERT_ALIAS; /** * Creates a default instance. * The threshold in minutes used to know whether we must display a warning * informing that there is a server clock difference between two servers whose * contents are being replicated. */ public static final int THRESHOLD_CLOCK_DIFFERENCE_WARNING = 5; /** Creates a default instance. */ public Installer() { lstSteps.add(WELCOME); if (LicenseFile.exists()) { @@ -820,7 +812,9 @@ /** * This methods configures the server based on the contents of the UserData * object provided in the constructor. * @throws ApplicationException if something goes wrong. * * @throws ApplicationException * if something goes wrong. */ protected void configureServer() throws ApplicationException { notifyListeners(getFormattedWithPoints(INFO_PROGRESS_CONFIGURING.get())); @@ -832,11 +826,8 @@ } copyTemplateInstance(); writeOpenDSJavaHome(); writeHostName(); checkAbort(); List<String> argList = new ArrayList<String>(); @@ -866,77 +857,7 @@ argList.add("-q"); } String aliasInKeyStore = sec.getAliasToUse(); String aliasInTrustStore = aliasInKeyStore != null ? aliasInKeyStore : SELF_SIGNED_CERT_ALIAS; switch (sec.getCertificateType()) { case SELF_SIGNED_CERTIFICATE: argList.add("-k"); argList.add("cn=JKS,cn=Key Manager Providers,cn=config"); argList.add("-t"); argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); break; case JKS: argList.add("-k"); argList.add("cn=JKS,cn=Key Manager Providers,cn=config"); argList.add("-t"); argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); argList.add("-m"); argList.add(sec.getKeystorePath()); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case JCEKS: argList.add("-k"); argList.add("cn=JCEKS,cn=Key Manager Providers,cn=config"); argList.add("-t"); argList.add("cn=JCEKS,cn=Trust Manager Providers,cn=config"); argList.add("-m"); argList.add(sec.getKeystorePath()); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case PKCS12: argList.add("-k"); argList.add("cn=PKCS12,cn=Key Manager Providers,cn=config"); argList.add("-t"); // We are going to import the PCKS12 certificate in a JKS trust store argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); argList.add("-m"); argList.add(sec.getKeystorePath()); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case PKCS11: argList.add("-k"); argList.add("cn=PKCS11,cn=Key Manager Providers,cn=config"); argList.add("-t"); // We are going to import the PCKS11 certificate in a JKS trust store argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case NO_CERTIFICATE: // Nothing to do. break; default: throw new IllegalStateException("Unknown certificate type: "+ sec.getCertificateType()); } addCertificateArguments(sec, argList); // For the moment do not enable JMX if (getUserData().getServerJMXPort() > 0) { @@ -1002,7 +923,7 @@ } else if (getUserData().getNewSuffixOptions().getBaseDns().isEmpty()) { helper.deleteBackend(getBackendName()); helper.deleteBackend(BACKEND_NAME); } } catch (ApplicationException aex) { @@ -1019,6 +940,7 @@ } isOver = true; } @Override public void abort() { @@ -1028,18 +950,19 @@ invokeLongOperation(thread); notifyListeners(getFormattedDoneWithLineBreak()); checkAbort(); configureCertificate(sec); } private void configureCertificate(SecurityOptions sec) throws ApplicationException { try { SecurityOptions.CertificateType certType = sec.getCertificateType(); if (certType != SecurityOptions.CertificateType.NO_CERTIFICATE) { notifyListeners(getFormattedWithPoints( INFO_PROGRESS_UPDATING_CERTIFICATES.get())); notifyListeners(getFormattedWithPoints(INFO_PROGRESS_UPDATING_CERTIFICATES.get())); } CertificateManager certManager; CertificateManager trustManager; File f; switch (certType) { case NO_CERTIFICATE: @@ -1047,132 +970,38 @@ break; case SELF_SIGNED_CERTIFICATE: String pwd = getSelfSignedCertificatePwd(); certManager = new CertificateManager( getSelfSignedKeystorePath(), CertificateManager.KEY_STORE_TYPE_JKS, pwd); final CertificateManager certManager = new CertificateManager(getSelfSignedKeystorePath(), CertificateManager.KEY_STORE_TYPE_JKS, pwd); certManager.generateSelfSignedCertificate(SELF_SIGNED_CERT_ALIAS, getSelfSignedCertificateSubjectDN(), getSelfSignedCertificateValidity()); SetupUtils.exportCertificate(certManager, SELF_SIGNED_CERT_ALIAS, getTemporaryCertificatePath()); trustManager = new CertificateManager( getTrustManagerPath(), CertificateManager.KEY_STORE_TYPE_JKS, pwd); trustManager.addCertificate(SELF_SIGNED_CERT_ALIAS, new File(getTemporaryCertificatePath())); createProtectedFile(getKeystorePinPath(), pwd); f = new File(getTemporaryCertificatePath()); f.delete(); getSelfSignedCertificateSubjectDN(), getSelfSignedCertificateValidity()); SetupUtils.exportCertificate(certManager, SELF_SIGNED_CERT_ALIAS, getTemporaryCertificatePath()); configureTrustStore(CertificateManager.KEY_STORE_TYPE_JKS, SELF_SIGNED_CERT_ALIAS, pwd); break; case JKS: certManager = new CertificateManager( sec.getKeystorePath(), CertificateManager.KEY_STORE_TYPE_JKS, sec.getKeystorePassword()); if (aliasInKeyStore != null) { SetupUtils.exportCertificate(certManager, aliasInKeyStore, getTemporaryCertificatePath()); } else { SetupUtils.exportCertificate(certManager, getTemporaryCertificatePath()); } trustManager = new CertificateManager( getTrustManagerPath(), CertificateManager.KEY_STORE_TYPE_JKS, sec.getKeystorePassword()); trustManager.addCertificate(aliasInTrustStore, new File(getTemporaryCertificatePath())); createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword()); f = new File(getTemporaryCertificatePath()); f.delete(); configureKeyAndTrustStore(sec.getKeystorePath(), CertificateManager.KEY_STORE_TYPE_JKS, CertificateManager.KEY_STORE_TYPE_JKS, sec); break; case JCEKS: certManager = new CertificateManager( sec.getKeystorePath(), CertificateManager.KEY_STORE_TYPE_JCEKS, sec.getKeystorePassword()); if (aliasInKeyStore != null) { SetupUtils.exportCertificate(certManager, aliasInKeyStore, getTemporaryCertificatePath()); } else { SetupUtils.exportCertificate(certManager, getTemporaryCertificatePath()); } trustManager = new CertificateManager( getTrustManagerPath(), CertificateManager.KEY_STORE_TYPE_JCEKS, sec.getKeystorePassword()); trustManager.addCertificate(aliasInTrustStore, new File(getTemporaryCertificatePath())); createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword()); f = new File(getTemporaryCertificatePath()); f.delete(); configureKeyAndTrustStore(sec.getKeystorePath(), CertificateManager.KEY_STORE_TYPE_JCEKS, CertificateManager.KEY_STORE_TYPE_JCEKS, sec); break; case PKCS12: certManager = new CertificateManager( sec.getKeystorePath(), CertificateManager.KEY_STORE_TYPE_PKCS12, sec.getKeystorePassword()); if (aliasInKeyStore != null) { SetupUtils.exportCertificate(certManager, aliasInKeyStore, getTemporaryCertificatePath()); } else { SetupUtils.exportCertificate(certManager, getTemporaryCertificatePath()); } trustManager = new CertificateManager( getTrustManagerPath(), CertificateManager.KEY_STORE_TYPE_JKS, sec.getKeystorePassword()); trustManager.addCertificate(aliasInTrustStore, new File(getTemporaryCertificatePath())); createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword()); f = new File(getTemporaryCertificatePath()); f.delete(); configureKeyAndTrustStore(sec.getKeystorePath(), CertificateManager.KEY_STORE_TYPE_PKCS12, CertificateManager.KEY_STORE_TYPE_JKS, sec); break; case PKCS11: certManager = new CertificateManager( CertificateManager.KEY_STORE_PATH_PKCS11, CertificateManager.KEY_STORE_TYPE_PKCS11, sec.getKeystorePassword()); if (aliasInKeyStore != null) { SetupUtils.exportCertificate(certManager, aliasInKeyStore, getTemporaryCertificatePath()); } else { SetupUtils.exportCertificate(certManager, getTemporaryCertificatePath()); } trustManager = new CertificateManager( getTrustManagerPath(), CertificateManager.KEY_STORE_TYPE_JKS, sec.getKeystorePassword()); trustManager.addCertificate(aliasInTrustStore, new File(getTemporaryCertificatePath())); createProtectedFile(getKeystorePinPath(), sec.getKeystorePassword()); configureKeyAndTrustStore(CertificateManager.KEY_STORE_PATH_PKCS11, CertificateManager.KEY_STORE_TYPE_PKCS11, CertificateManager.KEY_STORE_TYPE_JKS, sec); break; default: throw new IllegalStateException("Unknown certificate type: "+certType); throw new IllegalStateException("Unknown certificate type: " + certType); } if (certType != SecurityOptions.CertificateType.NO_CERTIFICATE) { notifyListeners(getFormattedDoneWithLineBreak()); @@ -1180,11 +1009,104 @@ } catch (Throwable t) { logger.error(LocalizableMessage.raw("Error configuring certificate: "+t, t)); logger.error(LocalizableMessage.raw("Error configuring certificate: " + t, t)); throw new ApplicationException( ReturnCode.CONFIGURATION_ERROR, getThrowableMsg(INFO_ERROR_CONFIGURING_CERTIFICATE.get(), t), t); ReturnCode.CONFIGURATION_ERROR, getThrowableMsg(INFO_ERROR_CONFIGURING_CERTIFICATE.get(), t), t); } } private void configureKeyAndTrustStore(final String keyStorePath, final String keyStoreType, final String trustStoreType, final SecurityOptions sec) throws Exception { final String keystorePassword = sec.getKeystorePassword(); final String keyStoreAlias = sec.getAliasToUse(); CertificateManager certManager = new CertificateManager(keyStorePath, keyStoreType, keystorePassword); SetupUtils.exportCertificate(certManager, keyStoreAlias, getTemporaryCertificatePath()); configureTrustStore(trustStoreType, keyStoreAlias, keystorePassword); } private void configureTrustStore(final String type, final String keyStoreAlias, final String password) throws Exception { final String alias = keyStoreAlias != null ? keyStoreAlias : SELF_SIGNED_CERT_ALIAS; final CertificateManager trustMgr = new CertificateManager(getTrustManagerPath(), type, password); trustMgr.addCertificate(alias, new File(getTemporaryCertificatePath())); createProtectedFile(getKeystorePinPath(), password); final File f = new File(getTemporaryCertificatePath()); f.delete(); } private void addCertificateArguments(SecurityOptions sec, List<String> argList) { final String aliasInKeyStore = sec.getAliasToUse(); switch (sec.getCertificateType()) { case SELF_SIGNED_CERTIFICATE: argList.add("-k"); argList.add("cn=JKS,cn=Key Manager Providers,cn=config"); argList.add("-t"); argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); break; case JKS: argList.add("-k"); argList.add("cn=JKS,cn=Key Manager Providers,cn=config"); argList.add("-t"); argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); argList.add("-m"); argList.add(sec.getKeystorePath()); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case JCEKS: argList.add("-k"); argList.add("cn=JCEKS,cn=Key Manager Providers,cn=config"); argList.add("-t"); argList.add("cn=JCEKS,cn=Trust Manager Providers,cn=config"); argList.add("-m"); argList.add(sec.getKeystorePath()); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case PKCS12: argList.add("-k"); argList.add("cn=PKCS12,cn=Key Manager Providers,cn=config"); argList.add("-t"); // We are going to import the PCKS12 certificate in a JKS trust store argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); argList.add("-m"); argList.add(sec.getKeystorePath()); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case PKCS11: argList.add("-k"); argList.add("cn=PKCS11,cn=Key Manager Providers,cn=config"); argList.add("-t"); // We are going to import the PCKS11 certificate in a JKS trust store argList.add("cn=JKS,cn=Trust Manager Providers,cn=config"); if (aliasInKeyStore != null) { argList.add("-a"); argList.add(aliasInKeyStore); } break; case NO_CERTIFICATE: // Nothing to do. break; default: throw new IllegalStateException("Unknown certificate type: " + sec.getCertificateType()); } } @@ -1219,7 +1141,7 @@ List<String> argList = new ArrayList<String>(); argList.add("-n"); argList.add(getBackendName()); argList.add(BACKEND_NAME); for (File f : ldifFiles) { argList.add("-l"); @@ -1274,37 +1196,33 @@ /** * This methods imports the contents of an LDIF file based on the contents of * the UserData object provided in the constructor. * @throws ApplicationException if something goes wrong. * * @throws ApplicationException * if something goes wrong. */ private void importLDIF() throws ApplicationException { LinkedList<String> ldifPaths = getUserData().getNewSuffixOptions().getLDIFPaths(); LinkedList<String> ldifPaths = getUserData().getNewSuffixOptions().getLDIFPaths(); LocalizableMessageBuilder mb = new LocalizableMessageBuilder(); if (ldifPaths.size() > 1) { if (isVerbose()) { mb.append(getFormattedProgress(INFO_PROGRESS_IMPORTING_LDIFS.get( joinAsString(", ", ldifPaths)))); mb.append(getFormattedProgress(INFO_PROGRESS_IMPORTING_LDIFS.get(joinAsString(", ", ldifPaths)))); mb.append(getLineBreak()); } else { mb.append(getFormattedProgress( INFO_PROGRESS_IMPORTING_LDIFS_NON_VERBOSE.get( joinAsString(", ", ldifPaths)))); mb.append(getFormattedProgress(INFO_PROGRESS_IMPORTING_LDIFS_NON_VERBOSE.get(joinAsString(", ", ldifPaths)))); } } else if (isVerbose()) { mb.append(getFormattedProgress(INFO_PROGRESS_IMPORTING_LDIF.get( ldifPaths.getFirst()))); mb.append(getFormattedProgress(INFO_PROGRESS_IMPORTING_LDIF.get(ldifPaths.getFirst()))); mb.append(getLineBreak()); } else { mb.append(getFormattedProgress( INFO_PROGRESS_IMPORTING_LDIF_NON_VERBOSE.get(ldifPaths.getFirst()))); mb.append(getFormattedProgress(INFO_PROGRESS_IMPORTING_LDIF_NON_VERBOSE.get(ldifPaths.getFirst()))); } notifyListeners(mb.toMessage()); @@ -1318,7 +1236,7 @@ List<String> argList = new ArrayList<String>(); argList.add("-n"); argList.add(getBackendName()); argList.add(BACKEND_NAME); for (String ldifPath : ldifPaths) { argList.add("-l"); @@ -1420,14 +1338,12 @@ LocalizableMessageBuilder mb = new LocalizableMessageBuilder(); if (isVerbose() || nEntries > THRESHOLD_AUTOMATIC_DATA_VERBOSE) { mb.append(getFormattedProgress( INFO_PROGRESS_IMPORT_AUTOMATICALLY_GENERATED.get(nEntries))); mb.append(getFormattedProgress(INFO_PROGRESS_IMPORT_AUTOMATICALLY_GENERATED.get(nEntries))); mb.append(getLineBreak()); } else { mb.append(getFormattedProgress( INFO_PROGRESS_IMPORT_AUTOMATICALLY_GENERATED_NON_VERBOSE.get(nEntries))); mb.append(getFormattedProgress(INFO_PROGRESS_IMPORT_AUTOMATICALLY_GENERATED_NON_VERBOSE.get(nEntries))); } notifyListeners(mb.toMessage()); @@ -1443,7 +1359,7 @@ } final List<String> argList = new ArrayList<String>(); argList.add("-n"); argList.add(getBackendName()); argList.add(BACKEND_NAME); argList.add("-A"); argList.add(templatePath.getAbsolutePath()); argList.add("-s"); // seed @@ -1470,7 +1386,8 @@ ReturnCode.IMPORT_ERROR, INFO_ERROR_IMPORT_LDIF_TOOL_RETURN_CODE.get(result), null); } } catch (Throwable t) } catch (Throwable t) { ae = new ApplicationException( ReturnCode.IMPORT_ERROR, @@ -1626,7 +1543,7 @@ { Set<String> baseDns = new HashSet<String>( getUserData().getNewSuffixOptions().getBaseDns()); hmBackendSuffix.put(getBackendName(), baseDns); hmBackendSuffix.put(BACKEND_NAME, baseDns); } else { @@ -1684,7 +1601,7 @@ deleteUserRoot = true; for (String backendName : hmBackendSuffix.keySet()) { if (backendName.equalsIgnoreCase(getBackendName())) if (backendName.equalsIgnoreCase(BACKEND_NAME)) { deleteUserRoot = false; break; @@ -1701,12 +1618,12 @@ if (deleteUserRoot) { // Delete the userRoot backend. helper.deleteBackend(ctx, getBackendName(), helper.deleteBackend(ctx, BACKEND_NAME, ConnectionUtils.getHostPort(ctx)); } for (String backendName : hmBackendSuffix.keySet()) { if (backendName.equalsIgnoreCase(getBackendName())) if (backendName.equalsIgnoreCase(BACKEND_NAME)) { helper.setBaseDns( ctx, backendName, hmBackendSuffix.get(backendName), @@ -2234,15 +2151,6 @@ } /** * Returns the default backend name (the one that will be created). * @return the default backend name (the one that will be created). */ private String getBackendName() { return "userRoot"; } /** * Sets the current progress step of the installation process. * @param currentProgressStep the current progress step of the installation * process. @@ -2258,39 +2166,34 @@ /** * This methods updates the data on the server based on the contents of the * UserData object provided in the constructor. * @throws ApplicationException if something goes wrong. * * @throws ApplicationException * if something goes wrong. */ protected void createData() throws ApplicationException { if (createNotReplicatedSuffix()) if (createNotReplicatedSuffix() && getUserData().getNewSuffixOptions().getType() != NewSuffixOptions.Type.LEAVE_DATABASE_EMPTY) { currentProgressStep = getUserData().getNewSuffixOptions().getInstallProgressStep(); if (isVerbose()) { notifyListeners(getTaskSeparator()); } switch (getUserData().getNewSuffixOptions().getType()) { case CREATE_BASE_ENTRY: currentProgressStep = InstallProgressStep.CREATING_BASE_ENTRY; if (isVerbose()) { notifyListeners(getTaskSeparator()); } createBaseEntry(); break; case IMPORT_FROM_LDIF_FILE: currentProgressStep = InstallProgressStep.IMPORTING_LDIF; if (isVerbose()) { notifyListeners(getTaskSeparator()); } importLDIF(); break; case IMPORT_AUTOMATICALLY_GENERATED_DATA: currentProgressStep = InstallProgressStep.IMPORTING_AUTOMATICALLY_GENERATED; if (isVerbose()) { notifyListeners(getTaskSeparator()); } importAutomaticallyGenerated(); break; default: break; } } } opendj-server-legacy/src/main/java/org/opends/quicksetup/installer/NewSuffixOptions.java
@@ -22,7 +22,7 @@ * * * Copyright 2006-2008 Sun Microsystems, Inc. * Portions Copyright 2013 ForgeRock AS. * Portions Copyright 2013-2015 ForgeRock AS. */ package org.opends.quicksetup.installer; @@ -200,4 +200,26 @@ { return new LinkedList<String>(baseDns); } /** * Returns {@link InstallProgressStep} equivalent to the type of new suffix * options. * * @return Returns {@link InstallProgressStep} equivalent to the type of new * suffix options. */ public InstallProgressStep getInstallProgressStep() { switch (type) { case CREATE_BASE_ENTRY: return InstallProgressStep.CREATING_BASE_ENTRY; case IMPORT_FROM_LDIF_FILE: return InstallProgressStep.IMPORTING_LDIF; case IMPORT_AUTOMATICALLY_GENERATED_DATA: return InstallProgressStep.IMPORTING_AUTOMATICALLY_GENERATED; default: return null; } } } opendj-server-legacy/src/main/java/org/opends/server/tools/InstallDS.java
@@ -346,8 +346,7 @@ return InstallReturnCode.JAVA_VERSION_INCOMPATIBLE.getReturnCode(); } if (argParser.usageOrVersionDisplayed() || argParser.testOnlyArg.isPresent()) if (argParser.usageOrVersionDisplayed() || argParser.testOnlyArg.isPresent()) { return InstallReturnCode.SUCCESSFUL_NOP.getReturnCode(); } @@ -567,22 +566,13 @@ private void printStatusCommand() { String cmd; // Use this instead a call to Installation to avoid to launch a new JVM // just to retrieve a path. final String root = Utils.getInstallPathFromClasspath(); if (isWindows()) { final String binDir = Utils.getPath(root, Installation.WINDOWS_BINARIES_PATH_RELATIVE); cmd = Utils.getPath(binDir, Installation.WINDOWS_STATUSCLI_FILE_NAME); } else { final String binDir = Utils.getPath(root, Installation.UNIX_BINARIES_PATH_RELATIVE); cmd = Utils.getPath(binDir, Installation.UNIX_STATUSCLI_FILE_NAME); } // Use this instead a call to Installation to avoid to launch a new JVM just to retrieve a path. final String binariesRelativePath = isWindows() ? Installation.WINDOWS_BINARIES_PATH_RELATIVE : Installation.UNIX_BINARIES_PATH_RELATIVE; final String statusCliFileName = isWindows() ? Installation.WINDOWS_STATUSCLI_FILE_NAME : Installation.UNIX_STATUSCLI_FILE_NAME; final String binDir = Utils.getPath(Utils.getInstallPathFromClasspath(), binariesRelativePath); final String cmd = Utils.getPath(binDir, statusCliFileName); println(); println(INFO_INSTALLDS_STATUS_COMMAND_LINE.get(cmd)); println(); @@ -969,12 +959,10 @@ * @throws ClientException * if something went wrong checking passwords. */ private void promptIfRequiredForDirectoryManager(UserData uData) throws UserDataException, ClientException private void promptIfRequiredForDirectoryManager(UserData uData) throws UserDataException, ClientException { final LinkedList<String> dns = promptIfRequiredForDNs( argParser.directoryManagerDNArg, INFO_INSTALLDS_PROMPT_ROOT_DN.get(), true); argParser.directoryManagerDNArg, INFO_INSTALLDS_PROMPT_ROOT_DN.get(), true); uData.setDirectoryManagerDn(dns.getFirst()); int nTries = 0; @@ -1013,15 +1001,19 @@ } /** * This method returns a list of DNs. It checks that the provided list of * DNs actually contain some values. If no valid values are found it prompts * the user to provide a valid DN. * @param arg the Argument that the user provided to specify the DNs. * @param promptMsg the prompt message to be displayed. * @param includeLineBreak whether to include a line break before the first * prompt or not. * This method returns a list of DNs. It checks that the provided list of DNs * actually contain some values. If no valid values are found it prompts the * user to provide a valid DN. * * @param arg * the Argument that the user provided to specify the DNs. * @param promptMsg * the prompt message to be displayed. * @param includeLineBreak * whether to include a line break before the first prompt or not. * @return a list of valid DNs. * @throws UserDataException if something went wrong checking the data. * @throws UserDataException * if something went wrong checking the data. */ private LinkedList<String> promptIfRequiredForDNs(StringArgument arg, LocalizableMessage promptMsg, boolean includeLineBreak) throws UserDataException @@ -1035,8 +1027,7 @@ { if (nTries >= CONFIRMATION_MAX_TRIES) { throw new UserDataException(null, ERR_TRIES_LIMIT_REACHED.get(CONFIRMATION_MAX_TRIES)); throw new UserDataException(null, ERR_TRIES_LIMIT_REACHED.get(CONFIRMATION_MAX_TRIES)); } boolean prompted = false; if (usedProvided || !arg.isPresent()) @@ -1095,11 +1086,12 @@ /** * This method updates the contents of a UserData object with what the user * specified in the command-line for the administration connector, LDAP and * JMX port parameters. * If the user did not provide explicitly some data or if the provided data is * not valid, it prompts the user to provide it. * JMX port parameters. If the user did not provide explicitly some data or * if the provided data is not valid, it prompts the user to provide it. * Note: this method does not update nor check the LDAPS port. * @param uData the UserData object to be updated. * * @param uData * the UserData object to be updated. */ private void promptIfRequiredForPortData(UserData uData) { @@ -1113,8 +1105,7 @@ usedPorts.add(ldapPort); // Determine the Admin Connector port number. final int adminConnectorPort = promptIfRequiredForPortData(argParser.adminConnectorPortArg, final int adminConnectorPort = promptIfRequiredForPortData(argParser.adminConnectorPortArg, INFO_INSTALLDS_PROMPT_ADMINCONNECTORPORT.get(), usedPorts, true); uData.setAdminConnectorPort(adminConnectorPort); usedPorts.add(adminConnectorPort); @@ -1132,20 +1123,23 @@ } /** * This method returns a valid port value. It checks that the provided * argument contains a valid port. If a valid port is not found it prompts * the user to provide a valid port. * @param portArg the Argument that the user provided to specify the port. * @param promptMsg the prompt message to be displayed. * @param usedPorts the list of ports the user provided before for other * connection handlers. * @param includeLineBreak whether to include a line break before the first * prompt or not. * This method returns a valid port value. It checks that the provided * argument contains a valid port. If a valid port is not found it prompts the * user to provide a valid port. * * @param portArg * the Argument that the user provided to specify the port. * @param promptMsg * the prompt message to be displayed. * @param usedPorts * the list of ports the user provided before for other connection * handlers. * @param includeLineBreak * whether to include a line break before the first prompt or not. * @return a valid port number. */ private int promptIfRequiredForPortData(IntegerArgument portArg, LocalizableMessage promptMsg, Collection<Integer> usedPorts, boolean includeLineBreak) private int promptIfRequiredForPortData(IntegerArgument portArg, LocalizableMessage promptMsg, Collection<Integer> usedPorts, boolean includeLineBreak) { int portNumber = -1; boolean usedProvided = false; @@ -1188,8 +1182,7 @@ usedProvided = true; } if (!argParser.skipPortCheckArg.isPresent() && !SetupUtils.canUseAsPort(portNumber)) if (!argParser.skipPortCheckArg.isPresent() && !SetupUtils.canUseAsPort(portNumber)) { final LocalizableMessage message = getCannotBindErrorMessage(portNumber); if (prompted || includeLineBreak) @@ -1228,8 +1221,7 @@ * @throws UserDataException * if something went wrong checking the data. */ private NewSuffixOptions promptIfRequiredForImportData() throws UserDataException private NewSuffixOptions promptIfRequiredForImportData() throws UserDataException { boolean prompt = true; if (!argParser.baseDNArg.isPresent()) @@ -1237,29 +1229,24 @@ println(); try { prompt = confirmAction(INFO_INSTALLDS_PROVIDE_BASE_DN_PROMPT.get(), true); prompt = confirmAction(INFO_INSTALLDS_PROVIDE_BASE_DN_PROMPT.get(), true); } catch (final ClientException ce) { prompt = true; logger.warn(LocalizableMessage.raw("Error reading input: "+ce, ce)); logger.warn(LocalizableMessage.raw("Error reading input: " + ce, ce)); } } NewSuffixOptions dataOptions; if (!prompt) { final List<String> baseDNs = new LinkedList<String>(); dataOptions = NewSuffixOptions.createEmpty(baseDNs); return NewSuffixOptions.createEmpty(new LinkedList<String>()); } else { // Check the validity of the base DNs final List<String> baseDNs = promptIfRequiredForDNs( argParser.baseDNArg, INFO_INSTALLDS_PROMPT_BASEDN.get(), true); dataOptions = promptIfRequiredForDataOptions(baseDNs); } return dataOptions; // Check the validity of the base DNs final List<String> baseDNs = promptIfRequiredForDNs(argParser.baseDNArg, INFO_INSTALLDS_PROMPT_BASEDN.get(), true); return promptIfRequiredForDataOptions(baseDNs); } private NewSuffixOptions promptIfRequiredForDataOptions(List<String> baseDNs) @@ -1486,10 +1473,10 @@ * @throws UserDataException * if the user did not manage to provide the keystore password after * a certain number of tries. * @throws ClientException If an error occurs when reading inputs. * @throws ClientException * If an error occurs when reading inputs. */ private SecurityOptions promptIfRequiredForSecurityData(UserData uData) throws UserDataException, ClientException private SecurityOptions promptIfRequiredForSecurityData(UserData uData) throws UserDataException, ClientException { // Check that the security data provided is valid. boolean enableSSL = false; @@ -1768,24 +1755,28 @@ } /** * Checks that the provided parameters are valid to access an existing * key store. This method adds the encountered errors to the provided * list of LocalizableMessage. It also adds the alias (nicknames) found to the provided * list of String. * @param type the type of key store. * @param path the path of the key store. * @param pwd the password (PIN) to access the key store. * @param certNickname the certificate nickname that we are looking for (or * null if we just one to get the one that is in the key store). * @param errorMessages the list that will be updated with the errors * encountered. * @param nicknameList the list that will be updated with the nicknames found * in the key store. * Checks that the provided parameters are valid to access an existing key * store. This method adds the encountered errors to the provided list of * LocalizableMessage. It also adds the alias (nicknames) found to the * provided list of String. * * @param type * the type of key store. * @param path * the path of the key store. * @param pwd * the password (PIN) to access the key store. * @param certNickname * the certificate nickname that we are looking for (or null if we * just one to get the one that is in the key store). * @param errorMessages * the list that will be updated with the errors encountered. * @param nicknameList * the list that will be updated with the nicknames found in the key * store. */ public static void checkCertificateInKeystore( SecurityOptions.CertificateType type, String path, String pwd, String certNickname, Collection<LocalizableMessage> errorMessages, Collection<String> nicknameList) public static void checkCertificateInKeystore(SecurityOptions.CertificateType type, String path, String pwd, String certNickname, Collection<LocalizableMessage> errorMessages, Collection<String> nicknameList) { boolean errorWithPath = false; if (type != SecurityOptions.CertificateType.PKCS11) @@ -1920,20 +1911,25 @@ /** * Creates a SecurityOptions object that corresponds to the provided * parameters. If the parameters are not valid, it prompts the user to * provide them. * @param type the keystore type. * @param enableSSL whether to enable SSL or not. * @param enableStartTLS whether to enable StartTLS or not. * @param ldapsPort the LDAPS port to use. * parameters. If the parameters are not valid, it prompts the user to provide * them. * * @param type * the keystore type. * @param enableSSL * whether to enable SSL or not. * @param enableStartTLS * whether to enable StartTLS or not. * @param ldapsPort * the LDAPS port to use. * @return a SecurityOptions object that corresponds to the provided * parameters (or to what the user provided after being prompted). * @throws UserDataException if the user did not manage to provide the * keystore password after a certain number of tries. * parameters (or to what the user provided after being prompted). * @throws UserDataException * if the user did not manage to provide the keystore password after * a certain number of tries. * @throws ClientException */ private SecurityOptions createSecurityOptionsPrompting( SecurityOptions.CertificateType type, boolean enableSSL, private SecurityOptions createSecurityOptionsPrompting(SecurityOptions.CertificateType type, boolean enableSSL, boolean enableStartTLS, int ldapsPort) throws UserDataException, ClientException { SecurityOptions securityOptions; @@ -2090,11 +2086,14 @@ } /** * Tells if any of the error messages provided corresponds to a problem * with the key store path. * @param msgs the messages to analyze. * Tells if any of the error messages provided corresponds to a problem with * the key store path. * * @param msgs * the messages to analyze. * @return <CODE>true</CODE> if any of the error messages provided corresponds * to a problem with the key store path and <CODE>false</CODE> otherwise. * to a problem with the key store path and <CODE>false</CODE> * otherwise. */ public static boolean containsKeyStorePathErrorMessage(Collection<LocalizableMessage> msgs) { @@ -2118,11 +2117,14 @@ } /** * Tells if any of the error messages provided corresponds to a problem * with the key store password. * @param msgs the messages to analyze. * Tells if any of the error messages provided corresponds to a problem with * the key store password. * * @param msgs * the messages to analyze. * @return <CODE>true</CODE> if any of the error messages provided corresponds * to a problem with the key store password and <CODE>false</CODE> otherwise. * to a problem with the key store password and <CODE>false</CODE> * otherwise. */ public static boolean containsKeyStorePasswordErrorMessage(Collection<LocalizableMessage> msgs) { @@ -2145,12 +2147,14 @@ } /** * Tells if any of the error messages provided corresponds to a problem * with the certificate nickname. * @param msgs the messages to analyze. * Tells if any of the error messages provided corresponds to a problem with * the certificate nickname. * * @param msgs * the messages to analyze. * @return <CODE>true</CODE> if any of the error messages provided corresponds * to a problem with the certificate nickname and <CODE>false</CODE> * otherwise. * to a problem with the certificate nickname and <CODE>false</CODE> * otherwise. */ public static boolean containsCertNicknameErrorMessage( Collection<LocalizableMessage> msgs) @@ -2170,24 +2174,25 @@ /** * Interactively prompts (on standard output) the user to provide an integer * value. The answer provided must be parseable as an integer, and may be * required to be within a given set of bounds. It will keep prompting until * value. The answer provided must be parseable as an integer, and may be * required to be within a given set of bounds. It will keep prompting until * an acceptable value is given. * * @param prompt The prompt to present to the user. * @param defaultValue The default value to assume if the user presses ENTER * without typing anything, or <CODE>null</CODE> if * there should not be a default and the user must * explicitly provide a value. * @param lowerBound The lower bound that should be enforced, or * <CODE>null</CODE> if there is none. * @param upperBound The upper bound that should be enforced, or * <CODE>null</CODE> if there is none. * * @return The <CODE>int</CODE> value read from the user input. * @param prompt * The prompt to present to the user. * @param defaultValue * The default value to assume if the user presses ENTER without * typing anything, or <CODE>null</CODE> if there should not be a * default and the user must explicitly provide a value. * @param lowerBound * The lower bound that should be enforced, or <CODE>null</CODE> if * there is none. * @param upperBound * The upper bound that should be enforced, or <CODE>null</CODE> if * there is none. * @return The <CODE>int</CODE> value read from the user input. */ private int promptForInteger(LocalizableMessage prompt, Integer defaultValue, Integer lowerBound, Integer upperBound) private int promptForInteger(LocalizableMessage prompt, Integer defaultValue, Integer lowerBound, Integer upperBound) { int returnValue = -1; while (returnValue == -1) @@ -2245,9 +2250,11 @@ } /** * Prompts the user to accept on the certificates that appears on the list * and returns the chosen certificate nickname. * @param nicknames the list of certificates the user must choose from. * Prompts the user to accept on the certificates that appears on the list and * returns the chosen certificate nickname. * * @param nicknames * the list of certificates the user must choose from. * @return the chosen certificate nickname. */ private String promptForCertificateNickname(List<String> nicknames) @@ -2276,7 +2283,9 @@ /** * It displays the information provided by the user. * @param uData the UserData that the user provided. * * @param uData * the UserData that the user provided. */ private void printSummary(UserData uData) { @@ -2378,11 +2387,12 @@ } /** * This method asks the user to confirm to continue the setup. It basically * This method asks the user to confirm to continue the setup. It basically * displays the information provided by the user and at the end proposes a * menu with the different options to choose from. * * @return the answer provided by the user: cancel setup, continue setup or * provide information again. * provide information again. */ private ConfirmCode askForConfirmation() { @@ -2441,48 +2451,47 @@ try { argParser.initializeArguments(); argParser.directoryManagerDNArg.setDefaultValue( uData.getDirectoryManagerDn()); argParser.ldapPortArg.setDefaultValue( String.valueOf(uData.getServerPort())); argParser.adminConnectorPortArg.setDefaultValue( String.valueOf(uData.getAdminConnectorPort())); argParser.directoryManagerDNArg.setDefaultValue(uData.getDirectoryManagerDn()); argParser.ldapPortArg.setDefaultValue(String.valueOf(uData.getServerPort())); argParser.adminConnectorPortArg.setDefaultValue(String.valueOf(uData.getAdminConnectorPort())); final int jmxPort = uData.getServerJMXPort(); if (jmxPort != -1) { argParser.jmxPortArg.setDefaultValue(String.valueOf(jmxPort)); } final LinkedList<String> baseDNs = uData.getNewSuffixOptions().getBaseDns(); if (!baseDNs.isEmpty()) { argParser.baseDNArg.setDefaultValue(baseDNs.getFirst()); } final NewSuffixOptions suffixOptions = uData.getNewSuffixOptions(); lastResetPopulateOption = suffixOptions.getType(); if (lastResetPopulateOption == NewSuffixOptions.Type.IMPORT_AUTOMATICALLY_GENERATED_DATA) if (NewSuffixOptions.Type.IMPORT_AUTOMATICALLY_GENERATED_DATA == lastResetPopulateOption) { lastResetNumEntries = suffixOptions.getNumberEntries(); } else if (lastResetPopulateOption == NewSuffixOptions.Type.IMPORT_FROM_LDIF_FILE) else if (NewSuffixOptions.Type.IMPORT_FROM_LDIF_FILE == lastResetPopulateOption) { lastResetImportFile = suffixOptions.getLDIFPaths().getFirst(); lastResetRejectedFile = suffixOptions.getRejectedFile(); lastResetSkippedFile = suffixOptions.getSkippedFile(); } final SecurityOptions sec = uData.getSecurityOptions(); if (sec.getEnableSSL()) { argParser.ldapsPortArg.setDefaultValue( String.valueOf(sec.getSslPort())); argParser.ldapsPortArg.setDefaultValue(String.valueOf(sec.getSslPort())); } lastResetEnableSSL = sec.getEnableSSL(); lastResetEnableStartTLS = sec.getEnableStartTLS(); lastResetCertType = sec.getCertificateType(); if (lastResetCertType == SecurityOptions.CertificateType.JKS || lastResetCertType == SecurityOptions.CertificateType.JCEKS || lastResetCertType == SecurityOptions.CertificateType.PKCS12) if (SecurityOptions.CertificateType.JKS == lastResetCertType || SecurityOptions.CertificateType.JCEKS == lastResetCertType || SecurityOptions.CertificateType.PKCS12 == lastResetCertType) { lastResetKeyStorePath = sec.getKeystorePath(); } @@ -2496,7 +2505,7 @@ } catch (final Throwable t) { logger.warn(LocalizableMessage.raw("Error resetting arguments: "+t, t)); logger.warn(LocalizableMessage.raw("Error resetting arguments: " + t, t)); } } @@ -2514,8 +2523,7 @@ { try { hostName = readInput(INFO_INSTALLDS_PROMPT_HOST_NAME.get(), argParser.hostNameArg.getDefaultValue()); hostName = readInput(INFO_INSTALLDS_PROMPT_HOST_NAME.get(), argParser.hostNameArg.getDefaultValue()); } catch (final ClientException ce) { @@ -2527,10 +2535,11 @@ } /** * Returns the timeout to be used to connect in milliseconds. The method * must be called after parsing the arguments. * @return the timeout to be used to connect in milliseconds. Returns * {@code 0} if there is no timeout. * Returns the timeout to be used to connect in milliseconds. The method must * be called after parsing the arguments. * * @return the timeout to be used to connect in milliseconds. Returns * {@code 0} if there is no timeout. */ private int getConnectTimeout() { opendj-server-legacy/src/main/java/org/opends/server/util/SetupUtils.java
@@ -22,7 +22,7 @@ * * * Copyright 2006-2010 Sun Microsystems, Inc. * Portions Copyright 2011-2014 ForgeRock AS * Portions Copyright 2011-2015 ForgeRock AS */ package org.opends.server.util; @@ -399,28 +399,30 @@ return pwd; } /** * Export a certificate in a file. It will export the first certificate * defined. This method is required because of the way. * Export a certificate in a file. If the certificate alias to export is null, * It will export the first certificate defined. * * @param certManager Certificate manager to use. * @param path Path of the output file. * * @throws CertificateEncodingException If the certificate manager cannot * encode the certificate. * @throws IOException If a problem occurs while creating or writing in the * output file. * @throws KeyStoreException If the certificate manager cannot retrieve the * certificate to be exported. * @param certManager * Certificate manager to use. * @param alias * Certificate alias to export. If {@code null} the first certificate * defined will be exported. * @param path * Path of the output file. * @throws CertificateEncodingException * If the certificate manager cannot encode the certificate. * @throws IOException * If a problem occurs while creating or writing in the output file. * @throws KeyStoreException * If the certificate manager cannot retrieve the certificate to be * exported. */ public static void exportCertificate( CertificateManager certManager, String path) throws CertificateEncodingException, IOException, KeyStoreException public static void exportCertificate(CertificateManager certManager, String alias, String path) throws CertificateEncodingException, IOException, KeyStoreException { String[] aliases = certManager.getCertificateAliases(); Certificate certificate = certManager.getCertificate(aliases[0]); final Certificate certificate = certManager.getCertificate(alias != null ? alias : certManager.getCertificateAliases()[0]); byte[] certificateBytes = certificate.getEncoded(); FileOutputStream outputStream = new FileOutputStream(path, false); @@ -434,38 +436,6 @@ } } /** * Export a certificate in a file. * * @param certManager Certificate manager to use. * @param alias Certificate alias to export. * @param path Path of the output file. * * @throws CertificateEncodingException If the certificate manager cannot * encode the certificate. * @throws IOException If a problem occurs while creating or writing in the * output file. * @throws KeyStoreException If the certificate manager cannot retrieve the * certificate to be exported. */ public static void exportCertificate( CertificateManager certManager, String alias, String path) throws CertificateEncodingException, IOException, KeyStoreException { Certificate certificate = certManager.getCertificate(alias); byte[] certificateBytes = certificate.getEncoded(); FileOutputStream outputStream = new FileOutputStream(path, false); try { outputStream.write(certificateBytes); } finally { closeSilently(outputStream); } } /** * The next two methods are used to generate the random password for the
