mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-core/src/main/java/org/forgerock/opendj/ldap/SSLContextBuilder.java
@@ -72,7 +72,7 @@ private TrustManager trustManager; private KeyManager keyManager; private String protocol = PROTOCOL_TLS1; private String protocol = PROTOCOL_TLS1_2; private SecureRandom random; /** These are mutually exclusive. */ opendj-core/src/test/java/org/forgerock/opendj/ldap/LDAPServer.java
@@ -23,6 +23,8 @@ import java.io.IOException; import java.net.InetSocketAddress; import java.security.KeyStore; import java.security.cert.X509Certificate; import java.util.Collections; import java.util.HashMap; import java.util.Iterator; @@ -31,6 +33,7 @@ import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.atomic.AtomicBoolean; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import javax.security.auth.callback.Callback; @@ -74,6 +77,9 @@ import com.forgerock.opendj.ldap.controls.AccountUsabilityResponseControl; import com.forgerock.reactive.ServerConnectionFactoryAdapter; import sun.security.tools.keytool.CertAndKeyGen; import sun.security.x509.X500Name; /** * A simple ldap server that manages 1000 entries and used for running * testcases. @@ -394,7 +400,7 @@ final IntermediateResponseHandler intermediateResponseHandler, final LdapResultHandler<R> resultHandler) throws UnsupportedOperationException { if (request.getOID().equals(StartTLSExtendedRequest.OID)) { final SSLEngine engine = sslContext.createSSLEngine(); final SSLEngine engine = sslContext.createSSLEngine(); engine.setEnabledCipherSuites(sslContext.getServerSocketFactory().getSupportedCipherSuites()); engine.setNeedClientAuth(false); engine.setUseClientMode(false); @@ -404,6 +410,7 @@ } } @Override public void handleModify(final Integer context, final ModifyRequest request, final IntermediateResponseHandler intermediateResponseHandler, @@ -472,7 +479,7 @@ */ private final ConcurrentHashMap<Integer, AbandonableRequest> requestsInProgress = new ConcurrentHashMap<>(); private SSLContext sslContext; private static SSLContext sslContext; private LDAPServer() { // Add the root dse first. @@ -509,6 +516,25 @@ return isRunning; } static { final String password="keypassword"; try { CertAndKeyGen keyGen=new CertAndKeyGen("RSA","SHA1WithRSA",null); keyGen.generate(2048); X509Certificate[] chain=new X509Certificate[1]; chain[0]=keyGen.getSelfCertificate(new X500Name("CN=localhost"), (long)1*3600); KeyStore ks = KeyStore.getInstance("JKS"); ks.load(null, null); ks.setKeyEntry("localhost", keyGen.getPrivateKey(),password.toCharArray(), chain); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, password.toCharArray()); sslContext = new SSLContextBuilder().setKeyManager(kmf.getKeyManagers()[0]).getSSLContext(); }catch (Exception e) { new RuntimeException("generate self-signed certificate",e); } } /** * Starts the server. * @@ -518,7 +544,6 @@ if (isRunning) { return; } sslContext = new SSLContextBuilder().getSSLContext(); listener = new LDAPListener(Collections.singleton(loopbackWithDynamicPort()), new ServerConnectionFactoryAdapter(Options.defaultOptions().get(LDAP_DECODE_OPTIONS), getInstance()), opendj-grizzly/pom.xml
@@ -75,6 +75,11 @@ <artifactId>forgerock-build-tools</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.testng</groupId> <artifactId>testng</artifactId> <scope>test</scope> </dependency> </dependencies>
@@ -818,8 +818,10 @@ false); sslEngineConfigurator.setEnabledProtocols(protocols.isEmpty() ? null : protocols .toArray(new String[protocols.size()])); sslEngineConfigurator.setProtocolConfigured(true); sslEngineConfigurator.setEnabledCipherSuites(cipherSuites.isEmpty() ? null : cipherSuites .toArray(new String[cipherSuites.size()])); sslEngineConfigurator.setCipherConfigured(true); final SSLFilter sslFilter = new SSLFilter(DUMMY_SSL_ENGINE_CONFIGURATOR, sslEngineConfigurator); installFilter(sslFilter); sslFilter.handshake(connection, completionHandler); opendj-grizzly/src/test/java/org/forgerock/opendj/grizzly/ConnectionFactoryTestCase.java
@@ -176,14 +176,7 @@ final Options startTlsOptions = defaultOptions() .set(SSL_CONTEXT, sslContext) .set(SSL_USE_STARTTLS, true) .set(SSL_ENABLED_CIPHER_SUITES, asList("SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", "SSL_DH_anon_WITH_DES_CBC_SHA", "SSL_DH_anon_WITH_RC4_128_MD5", "TLS_DH_anon_WITH_AES_128_CBC_SHA", "TLS_DH_anon_WITH_AES_256_CBC_SHA")); ; factories[5][0] = new LDAPConnectionFactory(serverAddress.getHostName(), serverAddress.getPort(), startTlsOptions); opendj-server-legacy/src/test/java/org/opends/server/replication/protocol/ProtocolCompatibilityTest.java
@@ -245,8 +245,8 @@ AddOperationBasis genAddOpBasis = (AddOperationBasis) generatedOperation; assertEquals(addOpBasis.getRawEntryDN(), genAddOpBasis.getRawEntryDN()); assertEquals( addOpBasis.getAttachment(SYNCHROCONTEXT), genAddOpBasis.getAttachment(SYNCHROCONTEXT)); assertEquals((Object) addOpBasis.getAttachment(SYNCHROCONTEXT), (Object)genAddOpBasis.getAttachment(SYNCHROCONTEXT)); assertEquals(addOpBasis.getObjectClasses(), genAddOpBasis.getObjectClasses()); assertEquals(addOpBasis.getOperationalAttributes(), genAddOpBasis.getOperationalAttributes()); assertEquals(addOpBasis.getUserAttributes(), genAddOpBasis.getUserAttributes()); @@ -293,8 +293,8 @@ genAddOpBasis = (AddOperationBasis) generatedOperation; assertEquals(addOpBasis.getRawEntryDN(), genAddOpBasis.getRawEntryDN()); assertEquals( addOpBasis.getAttachment(SYNCHROCONTEXT), genAddOpBasis.getAttachment(SYNCHROCONTEXT)); assertEquals((Object) addOpBasis.getAttachment(SYNCHROCONTEXT), (Object)genAddOpBasis.getAttachment(SYNCHROCONTEXT)); assertEquals(addOpBasis.getObjectClasses(), genAddOpBasis.getObjectClasses()); assertEquals(addOpBasis.getOperationalAttributes(), genAddOpBasis.getOperationalAttributes()); assertEquals(addOpBasis.getUserAttributes(), genAddOpBasis.getUserAttributes()); @@ -546,8 +546,8 @@ ModifyOperationBasis genModOpBasisFromV1 = (ModifyOperationBasis) opFromV1; assertEquals(modOpBasisFromOrigVlast.getRawEntryDN(), genModOpBasisFromV1.getRawEntryDN()); assertEquals( modOpBasisFromOrigVlast.getAttachment(SYNCHROCONTEXT), genModOpBasisFromV1.getAttachment(SYNCHROCONTEXT)); assertEquals( (Object)modOpBasisFromOrigVlast.getAttachment(SYNCHROCONTEXT), (Object)genModOpBasisFromV1.getAttachment(SYNCHROCONTEXT)); List<Modification> modsvlast = modOpBasisFromOrigVlast.getModifications(); List<Modification> modsv1 = genModOpBasisFromV1.getModifications(); @@ -595,8 +595,8 @@ assertEquals(modOpBasisFromOrigVlast.getRawEntryDN(), modOpBasisFromGeneratedVlast.getRawEntryDN()); assertEquals( modOpBasisFromOrigVlast.getAttachment(SYNCHROCONTEXT), modOpBasisFromGeneratedVlast.getAttachment(SYNCHROCONTEXT)); assertEquals((Object) modOpBasisFromOrigVlast.getAttachment(SYNCHROCONTEXT), (Object)modOpBasisFromGeneratedVlast.getAttachment(SYNCHROCONTEXT)); assertEquals(modOpBasisFromOrigVlast.getModifications(), modOpBasisFromGeneratedVlast.getModifications()); } @@ -719,8 +719,8 @@ ModifyDNOperationBasis genModDnOpBasis = (ModifyDNOperationBasis) generatedOperation; assertEquals(modDnOpBasis.getRawEntryDN(), genModDnOpBasis.getRawEntryDN()); assertEquals( modDnOpBasis.getAttachment(SYNCHROCONTEXT), genModDnOpBasis.getAttachment(SYNCHROCONTEXT)); assertEquals((Object) modDnOpBasis.getAttachment(SYNCHROCONTEXT), (Object)genModDnOpBasis.getAttachment(SYNCHROCONTEXT)); // Check default value for only VLAST fields assertEquals(newMsg.getAssuredMode(), AssuredMode.SAFE_DATA_MODE); @@ -770,8 +770,8 @@ genModDnOpBasis = (ModifyDNOperationBasis) generatedOperation; assertEquals(modDnOpBasis.getRawEntryDN(), genModDnOpBasis.getRawEntryDN()); assertEquals( modDnOpBasis.getAttachment(SYNCHROCONTEXT), genModDnOpBasis.getAttachment(SYNCHROCONTEXT)); assertEquals((Object) modDnOpBasis.getAttachment(SYNCHROCONTEXT), (Object)genModDnOpBasis.getAttachment(SYNCHROCONTEXT)); assertEquals(modDnOpBasis.getModifications(), genModDnOpBasis.getModifications()); }
@@ -190,8 +190,8 @@ ModifyOperation mod2 = (ModifyOperation) generatedMsg.createOperation(conn); assertEquals(mod1.getRawEntryDN(), mod2.getRawEntryDN()); assertEquals(mod1.getAttachment(SYNCHROCONTEXT), mod2.getAttachment(SYNCHROCONTEXT)); assertEquals((Object)mod1.getAttachment(SYNCHROCONTEXT), (Object)mod2.getAttachment(SYNCHROCONTEXT)); assertEquals(mod1.getModifications(), mod2.getModifications()); } @@ -494,7 +494,7 @@ AddOperation genAddOp = generatedMsg.createOperation(conn, dn); assertEquals(addOp.getRawEntryDN(), genAddOp.getRawEntryDN()); assertEquals(addOp.getAttachment(SYNCHROCONTEXT), genAddOp.getAttachment(SYNCHROCONTEXT)); assertEquals((Object)addOp.getAttachment(SYNCHROCONTEXT), (Object)genAddOp.getAttachment(SYNCHROCONTEXT)); assertEquals(addOp.getObjectClasses(), genAddOp.getObjectClasses()); assertEquals(addOp.getOperationalAttributes(), genAddOp.getOperationalAttributes()); assertEquals(addOp.getUserAttributes(), genAddOp.getUserAttributes()); pom.xml
@@ -336,8 +336,12 @@ <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <configuration> <source>1.7</source> <target>1.7</target> <source>1.8</source> <target>1.8</target> <fork>true</fork> <compilerArgs> <arg>-XDignore.symbol.file</arg> </compilerArgs> </configuration> </plugin>
