mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ConnectionUtils.java
@@ -18,7 +18,6 @@ import java.io.IOException; import java.net.ConnectException; import java.net.URI; import java.util.HashSet; import java.util.Hashtable; import java.util.Set; @@ -88,7 +87,7 @@ * @see javax.naming.Context * @see javax.naming.ldap.InitialLdapContext */ public static InitialLdapContext createLdapContext(String ldapURL, String dn, static InitialLdapContext createLdapContext(String ldapURL, String dn, String pwd, int timeout, Hashtable<String, String> env) throws NamingException { @@ -163,7 +162,7 @@ * @see javax.naming.ldap.InitialLdapContext * @see TrustedSocketFactory */ public static InitialLdapContext createLdapsContext(String ldapsURL, static InitialLdapContext createLdapsContext(String ldapsURL, String dn, String pwd, int timeout, Hashtable<String, String> env, TrustManager trustManager, KeyManager keyManager) throws NamingException { env = copy(env); @@ -276,8 +275,7 @@ * @see javax.naming.ldap.StartTlsResponse * @see TrustedSocketFactory */ public static InitialLdapContext createStartTLSContext(String ldapURL, static InitialLdapContext createStartTLSContext(String ldapURL, String dn, String pwd, int timeout, Hashtable<String, String> env, TrustManager trustManager, KeyManager keyManager, HostnameVerifier verifier) @@ -363,64 +361,11 @@ * @param ctx the context to analyze. * @return the LDAP URL used in the provided InitialLdapContext. */ public static String getLdapUrl(InitialLdapContext ctx) static String getLdapUrl(InitialLdapContext ctx) { return getEnvProperty(ctx, Context.PROVIDER_URL); } /** * Returns the host name used in the provided InitialLdapContext. * @param ctx the context to analyze. * @return the host name used in the provided InitialLdapContext. */ public static String getHostName(InitialLdapContext ctx) { HostPort hp = getHostPort(ctx); return hp != null ? hp.getHost() : null; } /** * Returns the host port representation of the server to which this * context is connected. * @param ctx the context to analyze. * @return the host port representation of the server to which this * context is connected. */ public static HostPort getHostPort(InitialLdapContext ctx) { try { URI ldapURL = new URI(getLdapUrl(ctx)); return new HostPort(ldapURL.getHost(), ldapURL.getPort()); } catch (Throwable t) { // This is really strange. Seems like a bug somewhere. logger.warn(LocalizableMessage.raw("Error getting host: "+t, t)); return null; } } /** * Returns the bind DN used in the provided InitialLdapContext. * @param ctx the context to analyze. * @return the bind DN used in the provided InitialLdapContext. */ public static String getBindDN(InitialLdapContext ctx) { return getEnvProperty(ctx, Context.SECURITY_PRINCIPAL); } /** * Returns the password used in the provided InitialLdapContext. * @param ctx the context to analyze. * @return the password used in the provided InitialLdapContext. */ public static String getBindPassword(InitialLdapContext ctx) { return getEnvProperty(ctx, Context.SECURITY_CREDENTIALS); } private static String getEnvProperty(InitialLdapContext ctx, String property) { try { return (String) ctx.getEnvironment().get(property); @@ -432,32 +377,12 @@ } /** * Tells whether we are using SSL in the provided InitialLdapContext. * @param ctx the context to analyze. * @return <CODE>true</CODE> if we are using SSL and <CODE>false</CODE> * otherwise. */ public static boolean isSSL(InitialLdapContext ctx) { try { return getLdapUrl(ctx).toLowerCase().startsWith("ldaps"); } catch (Throwable t) { // This is really strange. Seems like a bug somewhere. logger.warn(LocalizableMessage.raw("Error getting if is SSL "+t, t)); return false; } } /** * Tells whether we are using StartTLS in the provided InitialLdapContext. * @param ctx the context to analyze. * @return <CODE>true</CODE> if we are using StartTLS and <CODE>false</CODE> * otherwise. */ public static boolean isStartTLS(InitialLdapContext ctx) static boolean isStartTLS(InitialLdapContext ctx) { return "true".equalsIgnoreCase(getEnvProperty(ctx, STARTTLS_PROPERTY)); } opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ConnectionWrapper.java
@@ -36,6 +36,8 @@ import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import org.forgerock.i18n.LocalizableMessage; import org.forgerock.i18n.slf4j.LocalizedLogger; import org.forgerock.opendj.config.LDAPProfile; import org.forgerock.opendj.ldap.Connection; import org.forgerock.opendj.ldap.DN; @@ -60,6 +62,8 @@ */ public class ConnectionWrapper implements Closeable { private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass(); private final LDAPConnectionFactory connectionFactory; private final Connection connection; private final InitialLdapContext ldapContext; @@ -263,7 +267,18 @@ */ public boolean isSSL() { return ConnectionUtils.isSSL(ldapContext); // FIXME the code down below is what the code was doing in the control-panel / dsreplication // We might as well just return this.connectionType == LDAPS; try { return ConnectionUtils.getLdapUrl(ldapContext).toLowerCase().startsWith("ldaps"); } catch (Throwable t) { // This is really strange. Seems like a bug somewhere. logger.warn(LocalizableMessage.raw("Error getting if is SSL " + t, t)); return false; } } /** @@ -273,6 +288,8 @@ */ public boolean isStartTLS() { // FIXME the code down below is what the code was doing in the control-panel / dsreplication // We might as well just return this.connectionType == START_TLS; return ConnectionUtils.isStartTLS(ldapContext); } @@ -327,6 +344,29 @@ } /** * Returns the connection type used by this connection wrapper. * * @return the connection type used by this connection wrapper */ public PreferredConnection.Type getConnectionType() { // FIXME the code down below is what the code was doing in the control-panel / dsreplication // We might as well just return this.connectionType; if (isSSL()) { return LDAPS; } else if (isStartTLS()) { return START_TLS; } else { return LDAP; } } /** * Returns the ldap context (JNDI). * * @return the ldap context opendj-server-legacy/src/main/java/org/opends/admin/ads/util/PreferredConnection.java
@@ -99,21 +99,7 @@ */ private static PreferredConnection getPreferredConnection(ConnectionWrapper conn) { String ldapUrl = conn.getLdapUrl(); PreferredConnection.Type type; if (conn.isStartTLS()) { type = PreferredConnection.Type.START_TLS; } else if (conn.isSSL()) { type = PreferredConnection.Type.LDAPS; } else { type = PreferredConnection.Type.LDAP; } return new PreferredConnection(ldapUrl, type); return new PreferredConnection(conn.getLdapUrl(), conn.getConnectionType()); } /** opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ServerLoader.java
@@ -16,6 +16,8 @@ */ package org.opends.admin.ads.util; import static org.opends.admin.ads.util.PreferredConnection.Type.*; import java.util.LinkedHashSet; import java.util.Map; import java.util.Set; @@ -379,17 +381,17 @@ ldapUrls.add(connection); } else if (url.equalsIgnoreCase(ldapsUrl) && connection.getType() == PreferredConnection.Type.LDAPS) connection.getType() == LDAPS) { ldapUrls.add(connection); } else if (url.equalsIgnoreCase(startTLSUrl) && connection.getType() == PreferredConnection.Type.START_TLS) connection.getType() == START_TLS) { ldapUrls.add(connection); } else if (url.equalsIgnoreCase(ldapUrl) && connection.getType() == PreferredConnection.Type.LDAP) connection.getType() == LDAP) { ldapUrls.add(connection); } @@ -397,19 +399,19 @@ if (adminConnectorUrl != null) { ldapUrls.add(new PreferredConnection(adminConnectorUrl, PreferredConnection.Type.LDAPS)); ldapUrls.add(new PreferredConnection(adminConnectorUrl, LDAPS)); } if (ldapsUrl != null) { ldapUrls.add(new PreferredConnection(ldapsUrl, PreferredConnection.Type.LDAPS)); ldapUrls.add(new PreferredConnection(ldapsUrl, LDAPS)); } if (startTLSUrl != null) { ldapUrls.add(new PreferredConnection(startTLSUrl, PreferredConnection.Type.START_TLS)); ldapUrls.add(new PreferredConnection(startTLSUrl, START_TLS)); } if (ldapUrl != null) { ldapUrls.add(new PreferredConnection(ldapUrl, PreferredConnection.Type.LDAP)); ldapUrls.add(new PreferredConnection(ldapUrl, LDAP)); } return ldapUrls; } opendj-server-legacy/src/main/java/org/opends/guitools/controlpanel/browser/BrowserController.java
@@ -16,7 +16,6 @@ */ package org.opends.guitools.controlpanel.browser; import static org.opends.admin.ads.util.ConnectionUtils.*; import static org.opends.server.util.ServerConstants.*; import java.awt.Font; @@ -1031,7 +1030,7 @@ */ LDAPURL findUrlForLocalEntry(BasicNode node) { if (node == rootNode) { return LDAPConnectionPool.makeLDAPUrl(connConfig.getHostPort(), "", isSSL(connConfig.getLdapContext())); return LDAPConnectionPool.makeLDAPUrl(connConfig.getHostPort(), "", connConfig.isSSL()); } final BasicNode parent = (BasicNode) node.getParent(); if (parent != null) @@ -1039,7 +1038,7 @@ final LDAPURL parentUrl = findUrlForDisplayedEntry(parent); return LDAPConnectionPool.makeLDAPUrl(parentUrl, node.getDN()); } return LDAPConnectionPool.makeLDAPUrl(connConfig.getHostPort(), node.getDN(), isSSL(connConfig.getLdapContext())); return LDAPConnectionPool.makeLDAPUrl(connConfig.getHostPort(), node.getDN(), connConfig.isSSL()); }
@@ -43,7 +43,6 @@ import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.Hashtable; import java.util.LinkedHashSet; import java.util.List; import java.util.Locale; @@ -59,10 +58,7 @@ import javax.naming.NoPermissionException; import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapName; import javax.net.ssl.HostnameVerifier; import javax.net.ssl.TrustManager; import org.forgerock.i18n.LocalizableMessage; import org.forgerock.i18n.LocalizableMessageBuilder; @@ -646,45 +642,6 @@ } /** * Creates an LDAP+StartTLS connection and returns the corresponding * LdapContext. This method first creates an LdapContext with anonymous bind. * Then it requests a StartTlsRequest extended operation. The StartTlsResponse * is setup with the specified hostname verifier. Negotiation is done using a * TrustSocketFactory so that the specified TrustManager gets called during * the SSL handshake. If trust manager is null, certificates are not checked * during SSL handshake. * * @param ldapsURL * the target *LDAPS* URL. * @param dn * passed as Context.SECURITY_PRINCIPAL if not null. * @param pwd * passed as Context.SECURITY_CREDENTIALS if not null. * @param timeout * passed as com.sun.jndi.ldap.connect.timeout if > 0. * @param env * null or additional environment properties. * @param trustManager * null or the trust manager to be invoked during SSL. negociation. * @param verifier * null or the hostname verifier to be setup in the StartTlsResponse. * @return the established connection with the given parameters. * @throws NamingException * the exception thrown when instantiating InitialLdapContext. * @see javax.naming.Context * @see javax.naming.ldap.InitialLdapContext * @see javax.naming.ldap.StartTlsRequest * @see javax.naming.ldap.StartTlsResponse * @see org.opends.admin.ads.util.TrustedSocketFactory */ public static InitialLdapContext createStartTLSContext(String ldapsURL, String dn, String pwd, int timeout, Hashtable<String, String> env, TrustManager trustManager, HostnameVerifier verifier) throws NamingException { return ConnectionUtils.createStartTLSContext(ldapsURL, dn, pwd, timeout, env, trustManager, null, verifier); } /** * Returns a message object for the given NamingException. The code assume * that we are trying to connect to the local server. * opendj-server-legacy/src/main/java/org/opends/server/tools/dsreplication/ReplicationCliMain.java
@@ -3418,7 +3418,7 @@ boolean triedWithUserProvidedAdmin = false; final ConnectionWrapper conn1 = conn.get(); HostPort hostPort = conn1.getHostPort(); Type connectionType = getConnectionType(conn1); Type connectionType = conn1.getConnectionType(); if (getTrustManager(ci) == null) { // This is required when the user did connect to the server using SSL or @@ -3591,22 +3591,6 @@ return !cancelled; } private Type getConnectionType(final ConnectionWrapper conn) { if (conn.isSSL()) { return LDAPS; } else if (conn.isStartTLS()) { return START_TLS; } else { return LDAP; } } /** * Tells whether there is a Global Administrator defined in the server for which the connection is * provided.
