mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: abe4e3c9 | patch | commit | ignore whitespace
david_page
11.53.2007 f8e6bac7953c58740321af82e13442140e0c8d01 
issue 466 (partial)
CryptoManager
- publish instance-key public-key-certificate in 'cn=instance keys,cn=admin data' at instance initialization
- misc cleanup in StaticUtils
3 files modified
43 ■■■■■ changed files
opendj-sdk/opends/src/server/org/opends/server/core/CryptoManagerSync.java 11 ●●●●● patch | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/types/CryptoManager.java 19 ●●●●● patch | view | raw | blame | history
opendj-sdk/opends/src/server/org/opends/server/util/StaticUtils.java 13 ●●●●● patch | view | raw | blame | history 
 opendj-sdk/opends/src/server/org/opends/server/core/CryptoManagerSync.java


@@ -111,9 +111,20 @@




  /**


   * Creates a new instance of this trust store synchronization thread.


   *


   * @throws InitializationException in case an exception occurs during


   * initialization, such as a failure to publish the instance-key-pair


   * public-key-certificate in ADS.


   */


  public CryptoManagerSync()


          throws InitializationException


  {


    try {


      CryptoManager.publishInstanceKeyEntryInADS();


    }


    catch (CryptoManager.CryptoManagerException ex) {


      throw new InitializationException(ex.getMessageObject());


    }


    DirectoryServer.registerBackendInitializationListener(this);




    try




 opendj-sdk/opends/src/server/org/opends/server/types/CryptoManager.java


@@ -504,27 +504,8 @@


   Publishes the instance key entry in ADS, if it does not already


   exist.




   TODO: The ADS configuration retrieves an instance's instance key


   certificate via ServerDescriptor and publishes it via ADSContext in


   that instance's ADS suffix (in the case a stand-alone instance is


   being configured) or in an existing ADS suffix (in the case the


   instance is being added to an existing ADS domain). Instead, have


   the instance call this routine at startup (after the backends and


   CryptoManager have been initialized), and change ADS configuration


   to retrieve the instance key from the ADS suffix in the second


   case, above (the first case would be unecessary).




   @throws CryptoManagerException In case there is a problem


   searching for the entry, or, if necessary, adding it.




   @see org.opends.admin.ads.ServerDescriptor


       #updatePublicKeyCertificate(


             org.opends.admin.ads.ServerDescriptor,


             javax.naming.ldap.InitialLdapContext)




   @see org.opends.admin.ads.ADSContext


       #registerInstanceKeyCertificate(


             java.util.Map, javax.naming.ldap.LdapName)


   */


  public static void publishInstanceKeyEntryInADS()


          throws CryptoManagerException {




 opendj-sdk/opends/src/server/org/opends/server/util/StaticUtils.java


@@ -112,14 +112,10 @@


   */


  public static byte[] getBytes(String s)


  {


    if (s == null) return null;




    try


    {


      if (s == null)


      {


        return null;


      }






      char c;


      int length = s.length();


      byte[] returnArray = new byte[length];


@@ -1040,7 +1036,6 @@


      buffer.append(indentBuf);


      buffer.append(byteToHex(currentByte));


      asciiBuf.append(byteToASCII(currentByte));


      pos++;




      for (int i=1; i < 16; i++)


      {


@@ -1647,7 +1642,7 @@


        try


        {


          className = className.substring(className.lastIndexOf('.') + 1);


        } catch (Exception e) {}


        } catch (Exception e) { /* ignored */ }


        buffer.append(className);


      }


      else


@@ -1656,7 +1651,7 @@


      }




      int i=0;


      buffer.append("(");


      buffer.append(" (");


      for (StackTraceElement e : t.getStackTrace())


      {


        if (i > 20)