mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 209bce62 | patch | commit | show whitespace
kenneth_suter
26.52.2007 e11b9eac5eac70b10e06d0adb13d44cf70c8ed9c 
Addresses issue 2338 in which manage-tasks signals an error if the user tries to use SSL connection options.  The reason for the error is that LDAPConnectionArgumentParser does not properly support initialization of the LDAPConnectionOption's SSL connection factory.  This change involves adding some state variables to LDAPConnectionConsoleInteraction that are populated during the session
2 files modified
46 ■■■■ changed files
opends/src/server/org/opends/server/util/args/LDAPConnectionArgumentParser.java 5 ●●●●● patch | view | raw | blame | history
opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java 41 ●●●● patch | view | raw | blame | history 
 opends/src/server/org/opends/server/util/args/LDAPConnectionArgumentParser.java


@@ -38,6 +38,7 @@


import static org.opends.server.util.StaticUtils.wrapText;


import org.opends.server.util.cli.LDAPConnectionConsoleInteraction;


import org.opends.server.admin.client.cli.SecureConnectionCliArgs;


import org.opends.server.types.OpenDsException;




import java.util.LinkedList;


import java.util.LinkedHashSet;


@@ -357,8 +358,8 @@


              ui.getBindDN(),


              ui.getBindPassword(),


              ui.populateLDAPOptions(options), out, err);


    } catch (ArgumentException ae) {


      err.println(ae.getMessageObject());


    } catch (OpenDsException e) {


      err.println(e.getMessageObject());


    }


    return connection;


  }




 opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java


@@ -32,6 +32,8 @@


import static org.opends.messages.ToolMessages.INFO_LDAPAUTH_PASSWORD_PROMPT;


import org.opends.server.tools.dsconfig.ArgumentExceptionFactory;


import org.opends.server.tools.LDAPConnectionOptions;


import org.opends.server.tools.SSLConnectionFactory;


import org.opends.server.tools.SSLConnectionException;


import org.opends.server.admin.client.cli.SecureConnectionCliArgs;


import org.opends.server.util.args.ArgumentException;


import org.opends.server.util.SelectableCertificateKeyManager;


@@ -81,6 +83,16 @@


  // The truststore to use for the SSL or STARTTLS connection


  private KeyStore truststore;




  private String keystorePath;




  private String keystorePassword;




  private String certifNickname;




  private String truststorePath;




  private String truststorePassword;




  /**


   * Enumeration description protocols for interactive CLI choices.


   */


@@ -149,7 +161,7 @@


     *


     * @param i


     *          the menu return value.


     * @param s


     * @param msg


     *          the message message.


     */


    private TrustMethod(int i, Message msg)


@@ -199,7 +211,7 @@


     *


     * @param i


     *          the menu return value.


     * @param s


     * @param msg


     *          the message message.


     */


    private TrustOption(int i, Message msg)


@@ -689,7 +701,7 @@




    // If we not trust all server certificates, we have to get info


    // about truststore. First get the truststore path.


    String truststorePath = secureArgsList.trustStorePathArg.getValue();


    truststorePath = secureArgsList.trustStorePathArg.getValue();


    if (app.isInteractive() && !secureArgsList.trustStorePathArg.isPresent()


        && askForTrustStore)


    {


@@ -746,7 +758,7 @@


    // Then the truststore password.


    //  As the most common case is to have no password for truststore,


    // we don't ask it in the interactive mode.


    String truststorePassword = secureArgsList.trustStorePasswordArg


    truststorePassword = secureArgsList.trustStorePasswordArg


        .getValue();




    if (secureArgsList.trustStorePasswordFileArg.isPresent())


@@ -845,7 +857,7 @@


    }




    // Get info about keystore. First get the keystore path.


    String keystorePath = secureArgsList.keyStorePathArg.getValue();


    keystorePath = secureArgsList.keyStorePathArg.getValue();


    if (app.isInteractive() && !secureArgsList.keyStorePathArg.isPresent())


    {


      if (!isHeadingDisplayed)


@@ -895,7 +907,7 @@


    }




    // Then the keystore password.


    String keystorePassword = secureArgsList.keyStorePasswordArg.getValue();


    keystorePassword = secureArgsList.keyStorePasswordArg.getValue();




    if (secureArgsList.keyStorePasswordFileArg.isPresent())


    {


@@ -953,7 +965,7 @@


      throw ArgumentExceptionFactory.unableToReadConnectionParameters(e);


    }




    String certifNickname = secureArgsList.certNicknameArg.getValue();


    certifNickname = secureArgsList.certNicknameArg.getValue();


    if (app.isInteractive() && !secureArgsList.certNicknameArg.isPresent()


        && aliasesEnum.hasMoreElements())


    {


@@ -1330,14 +1342,27 @@


  *         method will create a new set of <code>LDAPConnectionOptions</code>


  *         to be returned


  * @return used during this interaction


  * @throws SSLConnectionException if this interaction has specified the use


  *         of SSL and there is a problem initializing the SSL connection


  *         factory


  */


 public LDAPConnectionOptions populateLDAPOptions(


         LDAPConnectionOptions options)


         throws SSLConnectionException


 {


   if (options == null) {


     options = new LDAPConnectionOptions();


   }


   options.setUseSSL(this.useSSL);


   if (this.useSSL) {


     options.setUseSSL(true);


     SSLConnectionFactory sslConnectionFactory = new SSLConnectionFactory();


     sslConnectionFactory.init(getTrustManager() == null, keystorePath,


                               keystorePassword, certifNickname,


                               truststorePath, truststorePassword);


     options.setSSLConnectionFactory(sslConnectionFactory);


   } else {


     options.setUseSSL(false);


   }


   options.setStartTLS(this.useStartTLS);


   return options;


 }