From 913dfeb98ab7de6497414ad073fa89b976d1f388 Mon Sep 17 00:00:00 2001
From: jvergara <jvergara@localhost>
Date: Mon, 12 Nov 2007 04:26:49 +0000
Subject: [PATCH] Update the dsreplication command-line to be consistent with dsconfig in the use of menus and in the order that questions to connect to the servers. Update the upgrade to use the same menus as the other command-lines. Do some minor changes in the uninstall command-line in order to be more consistent with dsconfig in the order where the connection parameters are provided. Fix a bug in ApplicationTrustManager related to the accepted certificates when there is a mismatch between the certificate and the host name. Do some refactorization of the code and remove the CliApplicationHelper class so that we use ConsoleApplication everywhere.

---
 opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java |   20 +++++++++++++++++++-
 1 files changed, 19 insertions(+), 1 deletions(-)

diff --git a/opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java b/opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
index 6e0ef96..6add477 100644
--- a/opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
+++ b/opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
@@ -79,6 +79,7 @@
   private String lastRefusedAuthType;
   private X509Certificate[] lastRefusedChain;
   private Cause lastRefusedCause = null;
+  private KeyStore keystore = null;
 
   /*
    * The following ArrayList contain information about the certificates
@@ -101,6 +102,7 @@
     TrustManagerFactory tmf = null;
     String algo = "SunX509";
     String provider = "SunJSSE";
+    this.keystore = keystore;
     try
     {
       tmf = TrustManagerFactory.getInstance(algo, provider);
@@ -306,7 +308,7 @@
    */
   public ApplicationTrustManager createCopy()
   {
-    ApplicationTrustManager copy = new ApplicationTrustManager(null);
+    ApplicationTrustManager copy = new ApplicationTrustManager(keystore);
     copy.lastRefusedAuthType = lastRefusedAuthType;
     copy.lastRefusedChain = lastRefusedChain;
     copy.lastRefusedCause = lastRefusedCause;
@@ -370,6 +372,22 @@
         Rdn rdn = dn.getRdn(0);
         String value = rdn.getValue().toString();
         matches = host.equalsIgnoreCase(value);
+        if (!matches)
+        {
+          // Try with the accepted hosts names
+          for (int i =0; i<acceptedHosts.size() && !matches; i++)
+          {
+            if (host.equalsIgnoreCase(acceptedHosts.get(i)))
+            {
+              X509Certificate[] current = acceptedChains.get(i);
+              matches = current.length == chain.length;
+              for (int j=0; j<chain.length && matches; j++)
+              {
+                matches = chain[j].equals(current[j]);
+              }
+            }
+          }
+        }
       }
       catch (Throwable t)
       {

--
Gitblit v1.10.0