external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 295f7dc1 | patch | commit | ignore whitespace

Provide valid OIDs for the ds-cfg-ssl-protocol and ds-cfg-ssl-cipher-suite ...

neil_a_wilson

30.43.2007 a7e5cbfe8176b8ce6df6e7937f4eb4002d14d6a2

Provide valid OIDs for the ds-cfg-ssl-protocol and ds-cfg-ssl-cipher-suite
configuration attributes and define them in the server schema, and make the
names singular instead of plural.  Also, update some of the configuration
definitions to align the OIDs used in them with the OIDs used in the server
schema.

4 files modified

	opends/resource/schema/02-config.ldif	7 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/admin/defn/org/opends/server/admin/std/AlertHandlerConfiguration.xml	4 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/admin/defn/org/opends/server/admin/std/GlobalConfiguration.xml	6 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/admin/defn/org/opends/server/admin/std/LDAPConnectionHandlerConfiguration.xml	32 ●●●●● patch \| view \| raw \| blame \| history

 opends/resource/schema/02-config.ldif

@@ -1543,6 +1543,10 @@
attributeTypes: ( 1.3.6.1.4.1.26027.1.1.460
  NAME 'ds-cfg-disabled-alert-type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
  X-ORIGIN 'OpenDS Directory Server' )
attributeTypes: ( 1.3.6.1.4.1.26027.1.1.461 NAME 'ds-cfg-ssl-protocol'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'OpenDS Directory Server' )
attributeTypes: ( 1.3.6.1.4.1.26027.1.1.462 NAME 'ds-cfg-ssl-cipher-suite'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'OpenDS Directory Server' )
objectClasses: ( 1.3.6.1.4.1.26027.1.2.1
  NAME 'ds-cfg-access-control-handler' SUP top STRUCTURAL
  MUST ( cn $ ds-cfg-acl-handler-class $ ds-cfg-acl-handler-enabled )
@@ -1633,7 +1637,8 @@
  ds-cfg-num-request-handlers $ ds-cfg-allow-start-tls $ ds-cfg-use-ssl $
  ds-cfg-ssl-client-auth-policy $ ds-cfg-ssl-cert-nickname $
  ds-cfg-accept-backlog $ ds-cfg-key-manager-provider-dn $
  ds-cfg-trust-manager-provider-dn ) X-ORIGIN 'OpenDS Directory Server' )
  ds-cfg-trust-manager-provider-dn $ ds-cfg-ssl-protocol $
  ds-cfg-ssl-cipher-suite ) X-ORIGIN 'OpenDS Directory Server' )
objectClasses: ( 1.3.6.1.4.1.26027.1.2.15 NAME 'ds-cfg-entry-cache'
  SUP top STRUCTURAL MUST ( cn $ ds-cfg-entry-cache-class $
  ds-cfg-entry-cache-enabled ) X-ORIGIN 'OpenDS Directory Server' )

 opends/src/admin/defn/org/opends/server/admin/std/AlertHandlerConfiguration.xml

@@ -107,7 +107,7 @@
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.457</ldap:oid>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.459</ldap:oid>
        <ldap:name>ds-cfg-enabled-alert-type</ldap:name>
      </ldap:attribute>
    </adm:profile>
@@ -136,7 +136,7 @@
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.458</ldap:oid>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.460</ldap:oid>
        <ldap:name>ds-cfg-disabled-alert-type</ldap:name>
      </ldap:attribute>
    </adm:profile>

 opends/src/admin/defn/org/opends/server/admin/std/GlobalConfiguration.xml

@@ -520,7 +520,7 @@
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.454</ldap:oid>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.456</ldap:oid>
        <ldap:name>ds-cfg-allowed-task</ldap:name>
      </ldap:attribute>
    </adm:profile>
@@ -661,7 +661,7 @@
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.455</ldap:oid>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.457</ldap:oid>
        <ldap:name>ds-cfg-disabled-privilege</ldap:name>
      </ldap:attribute>
    </adm:profile>
@@ -687,7 +687,7 @@
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.456</ldap:oid>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.458</ldap:oid>
        <ldap:name>ds-cfg-return-bind-error-messages</ldap:name>
      </ldap:attribute>
    </adm:profile>

 opends/src/admin/defn/org/opends/server/admin/std/LDAPConnectionHandlerConfiguration.xml

@@ -43,6 +43,7 @@
      <ldap:superior>ds-cfg-connection-handler</ldap:superior>
    </ldap:object-class>
  </adm:profile>

  <adm:property-override name="java-implementation-class">
    <adm:default-behavior>
      <adm:defined>
@@ -52,11 +53,17 @@
      </adm:defined>
    </adm:default-behavior>
  </adm:property-override>

  <adm:property-reference name="listen-port" />

  <adm:property-reference name="use-ssl" />

  <adm:property-reference name="ssl-cert-nickname" />

  <adm:property-reference name="key-manager-provider-dn" />

  <adm:property-reference name="trust-manager-provider-dn" />

  <adm:property name="listen-addresses" multi-valued="true">
    <adm:synopsis>
      Specifies the address or set of addresses on which this
@@ -87,6 +94,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="allow-ldap-v2">
    <adm:synopsis>
      Indicates whether connections from LDAPv2 clients will be allowed.
@@ -113,6 +121,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="keep-stats">
    <adm:synopsis>
      Indicates whether the
@@ -140,6 +149,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="use-tcp-keep-alive">
    <adm:synopsis>
      Indicates whether the
@@ -171,6 +181,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="use-tcp-no-delay">
    <adm:synopsis>
      Indicates whether the
@@ -202,6 +213,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="allow-tcp-reuse-address">
    <adm:synopsis>
      Indicates whether the
@@ -234,6 +246,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="send-rejection-notice">
    <adm:synopsis>
      Indicates whether the
@@ -260,6 +273,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="max-request-size">
    <adm:synopsis>
      Specifies the size of the largest LDAP request message that will
@@ -289,6 +303,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="num-request-handlers">
    <adm:synopsis>
      Specifies the number of request handlers that will be used to read
@@ -322,6 +337,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="allow-start-tls">
    <adm:synopsis>
      Indicates whether clients will be allowed to use StartTLS.
@@ -351,6 +367,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="ssl-client-auth-policy">
    <adm:synopsis>
      Specifies the policy that the
@@ -400,6 +417,7 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="accept-backlog">
    <adm:synopsis>
      Specifies the maximum number of pending connection attempts that
@@ -434,8 +452,8 @@
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="ssl-protocols" multi-valued="true">
    <adm:TODO>No LDAP OID is assigned for this yet!</adm:TODO>
    <adm:synopsis>
      Specifies the names of the SSL protocols that will be allowed for
      use in SSL or StartTLS communication.
@@ -462,13 +480,13 @@
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.9999</ldap:oid>
        <ldap:name>ds-cfg-ssl-protocols</ldap:name>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.461</ldap:oid>
        <ldap:name>ds-cfg-ssl-protocol</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>

  <adm:property name="ssl-cipher-suites" multi-valued="true">
    <adm:TODO>No LDAP OID is assigned for this yet!</adm:TODO>
    <adm:synopsis>
      Specifies the names of the SSL cipher suites that will be allowed
      for use in SSL or StartTLS communication.
@@ -495,9 +513,11 @@
    </adm:syntax>
    <adm:profile name="ldap">
      <ldap:attribute>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.9999</ldap:oid>
        <ldap:name>ds-cfg-ssl-protocols</ldap:name>
        <ldap:oid>1.3.6.1.4.1.26027.1.1.462</ldap:oid>
        <ldap:name>ds-cfg-ssl-cipher-suite</ldap:name>
      </ldap:attribute>
    </adm:profile>
  </adm:property>

</adm:managed-object>

			@@ -1543,6 +1543,10 @@
			attributeTypes: ( 1.3.6.1.4.1.26027.1.1.460
			NAME 'ds-cfg-disabled-alert-type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
			X-ORIGIN 'OpenDS Directory Server' )
			attributeTypes: ( 1.3.6.1.4.1.26027.1.1.461 NAME 'ds-cfg-ssl-protocol'
			SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'OpenDS Directory Server' )
			attributeTypes: ( 1.3.6.1.4.1.26027.1.1.462 NAME 'ds-cfg-ssl-cipher-suite'
			SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'OpenDS Directory Server' )
			objectClasses: ( 1.3.6.1.4.1.26027.1.2.1
			NAME 'ds-cfg-access-control-handler' SUP top STRUCTURAL
			MUST ( cn $ ds-cfg-acl-handler-class $ ds-cfg-acl-handler-enabled )
			@@ -1633,7 +1637,8 @@
			ds-cfg-num-request-handlers $ ds-cfg-allow-start-tls $ ds-cfg-use-ssl $
			ds-cfg-ssl-client-auth-policy $ ds-cfg-ssl-cert-nickname $
			ds-cfg-accept-backlog $ ds-cfg-key-manager-provider-dn $
			ds-cfg-trust-manager-provider-dn ) X-ORIGIN 'OpenDS Directory Server' )
			ds-cfg-trust-manager-provider-dn $ ds-cfg-ssl-protocol $
			ds-cfg-ssl-cipher-suite ) X-ORIGIN 'OpenDS Directory Server' )
			objectClasses: ( 1.3.6.1.4.1.26027.1.2.15 NAME 'ds-cfg-entry-cache'
			SUP top STRUCTURAL MUST ( cn $ ds-cfg-entry-cache-class $
			ds-cfg-entry-cache-enabled ) X-ORIGIN 'OpenDS Directory Server' )

			@@ -107,7 +107,7 @@
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.457</ldap:oid>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.459</ldap:oid>
			<ldap:name>ds-cfg-enabled-alert-type</ldap:name>
			</ldap:attribute>
			</adm:profile>
			@@ -136,7 +136,7 @@
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.458</ldap:oid>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.460</ldap:oid>
			<ldap:name>ds-cfg-disabled-alert-type</ldap:name>
			</ldap:attribute>
			</adm:profile>

			@@ -520,7 +520,7 @@
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.454</ldap:oid>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.456</ldap:oid>
			<ldap:name>ds-cfg-allowed-task</ldap:name>
			</ldap:attribute>
			</adm:profile>
			@@ -661,7 +661,7 @@
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.455</ldap:oid>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.457</ldap:oid>
			<ldap:name>ds-cfg-disabled-privilege</ldap:name>
			</ldap:attribute>
			</adm:profile>
			@@ -687,7 +687,7 @@
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.456</ldap:oid>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.458</ldap:oid>
			<ldap:name>ds-cfg-return-bind-error-messages</ldap:name>
			</ldap:attribute>
			</adm:profile>

			@@ -43,6 +43,7 @@
			<ldap:superior>ds-cfg-connection-handler</ldap:superior>
			</ldap:object-class>
			</adm:profile>

			<adm:property-override name="java-implementation-class">
			<adm:default-behavior>
			<adm:defined>
			@@ -52,11 +53,17 @@
			</adm:defined>
			</adm:default-behavior>
			</adm:property-override>

			<adm:property-reference name="listen-port" />

			<adm:property-reference name="use-ssl" />

			<adm:property-reference name="ssl-cert-nickname" />

			<adm:property-reference name="key-manager-provider-dn" />

			<adm:property-reference name="trust-manager-provider-dn" />

			<adm:property name="listen-addresses" multi-valued="true">
			<adm:synopsis>
			Specifies the address or set of addresses on which this
			@@ -87,6 +94,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="allow-ldap-v2">
			<adm:synopsis>
			Indicates whether connections from LDAPv2 clients will be allowed.
			@@ -113,6 +121,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="keep-stats">
			<adm:synopsis>
			Indicates whether the
			@@ -140,6 +149,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="use-tcp-keep-alive">
			<adm:synopsis>
			Indicates whether the
			@@ -171,6 +181,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="use-tcp-no-delay">
			<adm:synopsis>
			Indicates whether the
			@@ -202,6 +213,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="allow-tcp-reuse-address">
			<adm:synopsis>
			Indicates whether the
			@@ -234,6 +246,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="send-rejection-notice">
			<adm:synopsis>
			Indicates whether the
			@@ -260,6 +273,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="max-request-size">
			<adm:synopsis>
			Specifies the size of the largest LDAP request message that will
			@@ -289,6 +303,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="num-request-handlers">
			<adm:synopsis>
			Specifies the number of request handlers that will be used to read
			@@ -322,6 +337,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="allow-start-tls">
			<adm:synopsis>
			Indicates whether clients will be allowed to use StartTLS.
			@@ -351,6 +367,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="ssl-client-auth-policy">
			<adm:synopsis>
			Specifies the policy that the
			@@ -400,6 +417,7 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="accept-backlog">
			<adm:synopsis>
			Specifies the maximum number of pending connection attempts that
			@@ -434,8 +452,8 @@
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="ssl-protocols" multi-valued="true">
			<adm:TODO>No LDAP OID is assigned for this yet!</adm:TODO>
			<adm:synopsis>
			Specifies the names of the SSL protocols that will be allowed for
			use in SSL or StartTLS communication.
			@@ -462,13 +480,13 @@
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.9999</ldap:oid>
			<ldap:name>ds-cfg-ssl-protocols</ldap:name>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.461</ldap:oid>
			<ldap:name>ds-cfg-ssl-protocol</ldap:name>
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			<adm:property name="ssl-cipher-suites" multi-valued="true">
			<adm:TODO>No LDAP OID is assigned for this yet!</adm:TODO>
			<adm:synopsis>
			Specifies the names of the SSL cipher suites that will be allowed
			for use in SSL or StartTLS communication.
			@@ -495,9 +513,11 @@
			</adm:syntax>
			<adm:profile name="ldap">
			<ldap:attribute>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.9999</ldap:oid>
			<ldap:name>ds-cfg-ssl-protocols</ldap:name>
			<ldap:oid>1.3.6.1.4.1.26027.1.1.462</ldap:oid>
			<ldap:name>ds-cfg-ssl-cipher-suite</ldap:name>
			</ldap:attribute>
			</adm:profile>
			</adm:property>

			</adm:managed-object>