Fix for issue 4295 (Issues with dsreplication interactive mode)

jvergara

17.07.2009 a0843f89806c512784a1752421fe384a97a35810

Fix for issue 4295 (Issues with dsreplication interactive mode)

The biggest issue was that the trust manager was reset when connecting to the second server, this caused the establishing of the connections to fail.

There was also a problem with the way the code found out whether a NamingException was caused by a certificate problem or not.

Finally the code handles the particular case where the user provides global administrator credentials but this is not defined on the second server.  If this is the case, the code now prompts only for the credentials (and not for the whole second server connection parameters).

 opends/src/server/org/opends/server/tools/dsreplication/ReplicationCliArgumentParser.java

@@ -40,7 +40,6 @@
import org.opends.messages.Message;
import org.opends.messages.MessageBuilder;
import org.opends.quicksetup.Constants;
import org.opends.quicksetup.UserData;
import org.opends.quicksetup.util.Utils;
import org.opends.server.admin.client.cli.SecureConnectionCliArgs;
import org.opends.server.admin.client.cli.SecureConnectionCliParser;
@@ -2064,7 +2063,14 @@
  {
    if (defaultLocalHostValue == null)
    {
      defaultLocalHostValue = UserData.getDefaultHostName();
      try
      {
        defaultLocalHostValue =
          java.net.InetAddress.getLocalHost().getHostName();
      }
      catch (Throwable t)
      {
      }
      if (defaultLocalHostValue == null)
      {
        defaultLocalHostValue = "localhost";

 opends/src/server/org/opends/server/tools/dsreplication/ReplicationCliMain.java

@@ -1067,7 +1067,9 @@
    String bindDn2 = null;
    String pwd2 = null;
    ci.resetHeadingDisplayed();
    ci.resetTrustManager();

    boolean doNotDisplayFirstError = false;

    if (!cancelled)
    {
      host2 = argParser.getHostName2();
@@ -1087,6 +1089,7 @@
      }
      else if (bindDn2 == null)
      {
        doNotDisplayFirstError = true;
        pwd = adminPwd;
        if (argParser.getSecureArgsList().bindPasswordFileArg.isPresent())
        {
@@ -1156,11 +1159,20 @@
      catch (ClientException ce)
      {
        LOG.log(Level.WARNING, "Client exception "+ce);
        if (!doNotDisplayFirstError)
        {
        println();
        println(ce.getMessageObject());
        println();
        ci.resetConnectionArguments();
      }
        else
        {
          // Reset only the credential parameters.
          ci.resetConnectionArguments();
          ci.initializeGlobalArguments(host2, port2, null, null, null, null);
        }
      }
      catch (ArgumentException ae)
      {
        LOG.log(Level.WARNING, "Argument exception "+ae);
@@ -1169,6 +1181,10 @@
        println();
        cancelled = true;
      }
      finally
      {
        doNotDisplayFirstError = false;
      }
    }

    if (!cancelled)

 opends/src/server/org/opends/server/util/cli/ConsoleApplication.java

@@ -57,6 +57,7 @@
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManager;

import org.opends.admin.ads.ServerDescriptor;
import org.opends.admin.ads.util.ApplicationTrustManager;
import org.opends.admin.ads.util.ConnectionUtils;
import org.opends.admin.ads.util.OpendsCertificateException;
@@ -890,12 +891,9 @@
        {
          if ( isInteractive() && ci.isTrustStoreInMemory())
          {
            if ((e.getRootCause() != null)
                && (e.getRootCause().getCause()
                    instanceof OpendsCertificateException))
            OpendsCertificateException oce = getCertificateRootException(e);
            if (oce != null)
            {
              OpendsCertificateException oce =
                (OpendsCertificateException) e.getRootCause().getCause();
              String authType = null;
              if (trustManager instanceof ApplicationTrustManager)
              {
@@ -914,20 +912,18 @@
                }
                else
                {
                  // Assume user cancelled.
                // Assume user canceled.
                  return null;
                }
            }
          }
          if (e.getRootCause() != null)
          if (e.getCause() != null)
          {
            if (e.getRootCause().getCause() != null &&
                !ci.isTrustStoreInMemory() &&
            if (!ci.isTrustStoreInMemory() &&
                !ci.isTrustAll())
            {
              if (((e.getRootCause().getCause()
                instanceof OpendsCertificateException)) ||
                (e.getRootCause() instanceof SSLHandshakeException))
              if (getCertificateRootException(e) != null ||
                (e.getCause() instanceof SSLHandshakeException))
              {
                Message message =
                  ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_NOT_TRUSTED.get(
@@ -936,7 +932,7 @@
                  LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
              }
            }
            if (e.getRootCause() instanceof SSLException)
            if (e.getCause() instanceof SSLException)
            {
              Message message =
                ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_WRONG_PORT.get(
@@ -945,8 +941,9 @@
                LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
            }
          }
          Message message = ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT.get(
              hostName, String.valueOf(portNumber));
          String hostPort =
            ServerDescriptor.getServerRepresentation(hostName, portNumber);
          Message message = Utils.getMessageForException(e, hostPort);
          throw new ClientException(
              LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
        }
@@ -969,9 +966,8 @@
        {
          if ( isInteractive() && ci.isTrustStoreInMemory())
          {
            if ((e.getRootCause() != null)
                && (e.getRootCause().getCause()
                    instanceof OpendsCertificateException))
            OpendsCertificateException oce = getCertificateRootException(e);
            if (oce != null)
            {
              String authType = null;
              if (trustManager instanceof ApplicationTrustManager)
@@ -980,8 +976,7 @@
                  (ApplicationTrustManager)trustManager;
                authType = appTrustManager.getLastRefusedAuthType();
              }
              OpendsCertificateException oce =
                (OpendsCertificateException) e.getRootCause().getCause();

                if (ci.checkServerCertificate(oce.getChain(), authType,
                    hostName))
                {
@@ -1028,9 +1023,8 @@
        {
          if ( isInteractive() && ci.isTrustStoreInMemory())
          {
            if ((e.getRootCause() != null)
                && (e.getRootCause().getCause()
                    instanceof OpendsCertificateException))
            OpendsCertificateException oce = getCertificateRootException(e);
            if (oce != null)
            {
              String authType = null;
              if (trustManager instanceof ApplicationTrustManager)
@@ -1039,8 +1033,6 @@
                  (ApplicationTrustManager)trustManager;
                authType = appTrustManager.getLastRefusedAuthType();
              }
              OpendsCertificateException oce =
                (OpendsCertificateException) e.getRootCause().getCause();
                if (ci.checkServerCertificate(oce.getChain(), authType,
                    hostName))
                {
@@ -1052,7 +1044,7 @@
                }
                else
                {
                  // Assume user cancelled.
                // Assume user canceled.
                  return null;
                }
            }
@@ -1252,4 +1244,18 @@
      pointAdderStopped = true;
    }
  }

  private OpendsCertificateException getCertificateRootException(Throwable t)
  {
    OpendsCertificateException oce = null;
    while (t != null && oce == null)
    {
      t = t.getCause();
      if (t instanceof OpendsCertificateException)
      {
        oce = (OpendsCertificateException)t;
      }
    }
    return oce;
  }
}