external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 01d5388b | patch | commit | ignore whitespace

Fix OPENDJ-668 Cannot configure ssl-cipher-suites on admin connector

Chris Ridd

21.48.2012 92397c3112e0a1ed8ae46fcc9404ffec4e0ccaa7

Fix OPENDJ-668 Cannot configure ssl-cipher-suites on admin connector

4 files modified

	opends/resource/schema/02-config.ldif	4 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/admin/defn/org/opends/server/admin/std/AdministrationConnectorConfiguration.xml	63 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/admin/messages/AdministrationConnectorCfgDefn.properties	6 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/admin/AdministrationConnector.java	4 ●●●●● patch \| view \| raw \| blame \| history

 opends/resource/schema/02-config.ldif

@@ -4952,7 +4952,9 @@
         ds-cfg-key-manager-provider $
         ds-cfg-trust-manager-provider $
         ds-cfg-ssl-cert-nickname )
  MAY ( ds-cfg-listen-address )
  MAY ( ds-cfg-listen-address $
        ds-cfg-ssl-cipher-suite $
        ds-cfg-ssl-protocol )
  X-ORIGIN 'OpenDS Directory Server' )
objectClasses: ( 1.3.6.1.4.1.26027.1.2.199
  NAME 'ds-cfg-qos-policy'

 opends/src/admin/defn/org/opends/server/admin/std/AdministrationConnectorConfiguration.xml

@@ -24,6 +24,7 @@
  !
  !
  !      Copyright 2007-2008 Sun Microsystems, Inc.
  !      Portions Copyright 2012 ForgeRock, AS.
  ! -->
<adm:managed-object name="administration-connector"
  plural-name="administration-connectors"
@@ -163,4 +164,66 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>
  <adm:property name="ssl-protocol" multi-valued="true">
    <adm:synopsis>
      Specifies the names of the SSL protocols that are allowed for
      use in SSL or StartTLS communication.
    </adm:synopsis>
    <adm:requires-admin-action>
      <adm:none>
        <adm:synopsis>
          Changes to this property take effect immediately but only 
          impact new SSL/TLS-based sessions created after the
          change.
        </adm:synopsis>
      </adm:none>
    </adm:requires-admin-action>
    <adm:default-behavior>
      <adm:alias>
        <adm:synopsis>
          Uses the default set of SSL protocols provided by the server's
          JVM.
        </adm:synopsis>
      </adm:alias>
    </adm:default-behavior>
    <adm:syntax>
      <adm:string />
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:name>ds-cfg-ssl-protocol</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>
  <adm:property name="ssl-cipher-suite" multi-valued="true">
    <adm:synopsis>
      Specifies the names of the SSL cipher suites that are allowed
      for use in SSL communication.
    </adm:synopsis>
    <adm:requires-admin-action>
      <adm:none>
        <adm:synopsis>
          Changes to this property take effect immediately but will
          only impact new SSL/TLS-based sessions created after the
          change.
        </adm:synopsis>
      </adm:none>
    </adm:requires-admin-action>
    <adm:default-behavior>
      <adm:alias>
        <adm:synopsis>
          Uses the default set of SSL cipher suites provided by the
          server's JVM.
        </adm:synopsis>
      </adm:alias>
    </adm:default-behavior>
    <adm:syntax>
      <adm:string />
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:name>ds-cfg-ssl-cipher-suite</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>
</adm:managed-object>

 opends/src/admin/messages/AdministrationConnectorCfgDefn.properties

@@ -10,5 +10,11 @@
property.listen-port.description=Only a single port number may be provided.
property.ssl-cert-nickname.synopsis=Specifies the nickname (also called the alias) of the certificate that the Administration Connector will use when performing SSL communication.
property.ssl-cert-nickname.default-behavior.alias.synopsis=Let the server decide.
property.ssl-cipher-suite.synopsis=Specifies the names of the SSL cipher suites that are allowed for use in SSL communication.
property.ssl-cipher-suite.default-behavior.alias.synopsis=Uses the default set of SSL cipher suites provided by the server's JVM.
property.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
property.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.
property.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.
property.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.
property.trust-manager-provider.synopsis=Specifies the name of the trust manager that is used with the Administration Connector .
property.trust-manager-provider.syntax.aggregation.constraint-synopsis=The referenced trust manager provider must be enabled.

 opends/src/server/org/opends/server/admin/AdministrationConnector.java

@@ -457,7 +457,7 @@
     */
    public SortedSet<String> getSSLCipherSuite()
    {
      return ADMIN_SSL_CIPHER_SUITE;
      return config.getSSLCipherSuite();
    }


@@ -477,7 +477,7 @@
     */
    public SortedSet<String> getSSLProtocol()
    {
      return ADMIN_SSL_PROTOCOL;
      return config.getSSLProtocol();
    }

			@@ -4952,7 +4952,9 @@
			ds-cfg-key-manager-provider $
			ds-cfg-trust-manager-provider $
			ds-cfg-ssl-cert-nickname )
			MAY ( ds-cfg-listen-address )
			MAY ( ds-cfg-listen-address $
			ds-cfg-ssl-cipher-suite $
			ds-cfg-ssl-protocol )
			X-ORIGIN 'OpenDS Directory Server' )
			objectClasses: ( 1.3.6.1.4.1.26027.1.2.199
			NAME 'ds-cfg-qos-policy'

			@@ -24,6 +24,7 @@
			!
			!
			! Copyright 2007-2008 Sun Microsystems, Inc.
			! Portions Copyright 2012 ForgeRock, AS.
			! -->
			<adm:managed-object name="administration-connector"
			plural-name="administration-connectors"
			@@ -163,4 +164,66 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>
			<adm:property name="ssl-protocol" multi-valued="true">
			<adm:synopsis>
			Specifies the names of the SSL protocols that are allowed for
			use in SSL or StartTLS communication.
			</adm:synopsis>
			<adm:requires-admin-action>
			<adm:none>
			<adm:synopsis>
			Changes to this property take effect immediately but only
			impact new SSL/TLS-based sessions created after the
			change.
			</adm:synopsis>
			</adm:none>
			</adm:requires-admin-action>
			<adm:default-behavior>
			<adm:alias>
			<adm:synopsis>
			Uses the default set of SSL protocols provided by the server's
			JVM.
			</adm:synopsis>
			</adm:alias>
			</adm:default-behavior>
			<adm:syntax>
			<adm:string />
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:name>ds-cfg-ssl-protocol</ldap:name>
			</ldap:attribute>
			</adm:profile>
			</adm:property>
			<adm:property name="ssl-cipher-suite" multi-valued="true">
			<adm:synopsis>
			Specifies the names of the SSL cipher suites that are allowed
			for use in SSL communication.
			</adm:synopsis>
			<adm:requires-admin-action>
			<adm:none>
			<adm:synopsis>
			Changes to this property take effect immediately but will
			only impact new SSL/TLS-based sessions created after the
			change.
			</adm:synopsis>
			</adm:none>
			</adm:requires-admin-action>
			<adm:default-behavior>
			<adm:alias>
			<adm:synopsis>
			Uses the default set of SSL cipher suites provided by the
			server's JVM.
			</adm:synopsis>
			</adm:alias>
			</adm:default-behavior>
			<adm:syntax>
			<adm:string />
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:name>ds-cfg-ssl-cipher-suite</ldap:name>
			</ldap:attribute>
			</adm:profile>
			</adm:property>
			</adm:managed-object>

			@@ -10,5 +10,11 @@
			property.listen-port.description=Only a single port number may be provided.
			property.ssl-cert-nickname.synopsis=Specifies the nickname (also called the alias) of the certificate that the Administration Connector will use when performing SSL communication.
			property.ssl-cert-nickname.default-behavior.alias.synopsis=Let the server decide.
			property.ssl-cipher-suite.synopsis=Specifies the names of the SSL cipher suites that are allowed for use in SSL communication.
			property.ssl-cipher-suite.default-behavior.alias.synopsis=Uses the default set of SSL cipher suites provided by the server's JVM.
			property.ssl-cipher-suite.requires-admin-action.synopsis=Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change.
			property.ssl-protocol.synopsis=Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication.
			property.ssl-protocol.default-behavior.alias.synopsis=Uses the default set of SSL protocols provided by the server's JVM.
			property.ssl-protocol.requires-admin-action.synopsis=Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change.
			property.trust-manager-provider.synopsis=Specifies the name of the trust manager that is used with the Administration Connector .
			property.trust-manager-provider.syntax.aggregation.constraint-synopsis=The referenced trust manager provider must be enabled.

			@@ -457,7 +457,7 @@
			*/
			public SortedSet<String> getSSLCipherSuite()
			{
			return ADMIN_SSL_CIPHER_SUITE;
			return config.getSSLCipherSuite();
			}


			@@ -477,7 +477,7 @@
			*/
			public SortedSet<String> getSSLProtocol()
			{
			return ADMIN_SSL_PROTOCOL;
			return config.getSSLProtocol();
			}