external-software/github_OpenIdentityPlatform_OpenDJ.git

			@@ -27,17 +27,23 @@

			package org.opends.server.replication.protocol;

			import static org.opends.server.loggers.ErrorLogger.logError;
			import static org.opends.messages.ReplicationMessages.*;

			import org.opends.messages.Message;
			import org.opends.server.admin.std.server.ReplicationServerCfg;
			import org.opends.server.admin.std.server.ReplicationDomainCfg;
			import org.opends.server.types.DirectoryConfig;
			import org.opends.server.types.CryptoManager;
			import org.opends.server.config.ConfigException;

			import javax.net.ssl.SSLException;
			import javax.net.ssl.SSLSocket;
			import javax.net.ssl.SSLContext;
			import javax.net.ssl.SSLSocketFactory;
			import java.util.SortedSet;
			import java.net.Socket;
			import java.net.InetAddress;
			import java.io.IOException;

			/**
			@@ -75,7 +81,6 @@
			*/
			private String sslCipherSuites[];


			/**
			* Create a ReplSessionSecurity instance from the supplied configuration
			* values.
			@@ -205,8 +210,7 @@
			SSLContext sslContext = cryptoManager.getSslContext(sslCertNickname);
			SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

			SSLSocket secureSocket = (SSLSocket)
			sslSocketFactory.createSocket(socket,
			SSLSocket secureSocket = (SSLSocket) sslSocketFactory.createSocket(socket,
			socket.getInetAddress().getHostName(),
			socket.getPort(), false);
			secureSocket.setUseClientMode(true);
			@@ -246,6 +250,8 @@
			{
			if (useSSL)
			{
			try
			{
			// Create a new SSL context every time to make sure we pick up the
			// latest contents of the trust store.
			CryptoManager cryptoManager = DirectoryConfig.getCryptoManager();
			@@ -278,8 +284,17 @@
			// System.out.println("Principal = " + sslSession.getPeerPrincipal());

			return new TLSSocketSession(socket, secureSocket);
			} catch (SSLException e)
			{
			// This is probably a connection attempt from an unexpected client
			// log that to warn the administrator.
			InetAddress remHost = socket.getInetAddress();
			Message message = NOTE_SSL_SERVER_CON_ATTEMPT_ERROR.get(remHost.
			getHostName(), remHost.getHostAddress(), e.getLocalizedMessage());
			logError(message);
			return null;
			}
			else
			} else
			{
			return new SocketSession(socket);
			}

	opends/src/messages/messages/replication.properties	3 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/replication/protocol/ReplSessionSecurity.java	23 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/replication/server/ReplicationServer.java	2 ●●●●● patch \| view \| raw \| blame \| history

			@@ -257,4 +257,5 @@
			for domain %s to replication server %s : %s
			SEVERE_ERR_COMPUTING_FAKE_OPS_104=Caught exception computing fake operations \
			for domain %s for replication server %s : %s

			NOTICE_SSL_SERVER_CON_ATTEMPT_ERROR_105=SSL connection attempt from %s (%s) \
			failed: %s

			@@ -248,6 +248,8 @@
			newSocket.setKeepAlive(true);
			ProtocolSession session =
			replSessionSecurity.createServerSession(newSocket);
			if (session == null) // Error, go back to accept
			continue;
			ServerHandler handler = new ServerHandler(session, queueSize);
			handler.start(null, serverId, serverURL, rcvWindow,
			false, this);