From 2fcf1d613593b70af7613af3e31165b9519ca60a Mon Sep 17 00:00:00 2001
From: lutoff <lutoff@localhost>
Date: Mon, 18 Jun 2007 13:47:34 +0000
Subject: [PATCH] Add the following global options in dsservice to handle client keystore Also modify ads.util package for this purpose.
---
opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java | 123 +++++++++++++++++++++++++++++++++++++----
1 files changed, 111 insertions(+), 12 deletions(-)
diff --git a/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java b/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java
index fa1e865..8e904fa 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java
@@ -47,6 +47,7 @@
import org.opends.admin.ads.ADSContext;
import org.opends.admin.ads.ADSContextException;
+import org.opends.admin.ads.util.ApplicationKeyManager;
import org.opends.admin.ads.util.ApplicationTrustManager;
import org.opends.server.admin.client.cli.DsServiceCliReturnCode.ReturnCode;
import org.opends.server.loggers.debug.DebugTracer;
@@ -127,6 +128,21 @@
private FileBasedArgument trustStorePasswordFileArg = null;
/**
+ * The 'keyStore' global argument.
+ */
+ private StringArgument keyStorePathArg = null;
+
+ /**
+ * The 'keyStorePassword' global argument.
+ */
+ private StringArgument keyStorePasswordArg = null;
+
+ /**
+ * The 'keyStorePasswordFile' global argument.
+ */
+ private FileBasedArgument keyStorePasswordFileArg = null;
+
+ /**
* The Logger.
*/
static private final Logger LOG =
@@ -255,6 +271,24 @@
MSGID_DESCRIPTION_TRUSTSTOREPASSWORD_FILE);
addGlobalArgument(trustStorePasswordFileArg);
+ keyStorePathArg = new StringArgument("keyStorePath",
+ OPTION_SHORT_KEYSTOREPATH, OPTION_LONG_KEYSTOREPATH, false, false,
+ true, OPTION_VALUE_KEYSTOREPATH, null, null,
+ MSGID_DESCRIPTION_KEYSTOREPATH);
+ addGlobalArgument(keyStorePathArg);
+
+ keyStorePasswordArg = new StringArgument("keyStorePassword", null,
+ OPTION_LONG_KEYSTORE_PWD, false, false, true,
+ OPTION_VALUE_KEYSTORE_PWD, null, null,
+ MSGID_DESCRIPTION_KEYSTOREPASSWORD);
+ addGlobalArgument(keyStorePasswordArg);
+
+ keyStorePasswordFileArg = new FileBasedArgument("keystorepasswordfile",
+ OPTION_SHORT_KEYSTORE_PWD_FILE, OPTION_LONG_KEYSTORE_PWD_FILE, false,
+ false, OPTION_VALUE_KEYSTORE_PWD_FILE, null, null,
+ MSGID_DESCRIPTION_KEYSTOREPASSWORD_FILE);
+ addGlobalArgument(keyStorePasswordFileArg);
+
verboseArg = new BooleanArgument("verbose", 'v', "verbose",
MSGID_DESCRIPTION_VERBOSE);
addGlobalArgument(verboseArg);
@@ -457,8 +491,8 @@
*/
public ApplicationTrustManager getTrustManager()
{
- ApplicationTrustManager trustStore = null ;
- KeyStore keyStore = null ;
+ ApplicationTrustManager truststoreManager = null ;
+ KeyStore truststore = null ;
if (trustStorePathArg.isPresent())
{
try
@@ -473,55 +507,120 @@
{
trustStorePasswordValue = trustStorePasswordFileArg.getValue();
}
- keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
- keyStore.load(fos, trustStorePasswordValue.toCharArray());
+ truststore = KeyStore.getInstance(KeyStore.getDefaultType());
+ truststore.load(fos, trustStorePasswordValue.toCharArray());
}
catch (KeyStoreException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effor mode.
- LOG.log(Level.WARNING, "Error with the keystore", e);
+ LOG.log(Level.WARNING, "Error with the truststore", e);
}
catch (NoSuchAlgorithmException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effor mode.
- LOG.log(Level.WARNING, "Error with the keystore", e);
+ LOG.log(Level.WARNING, "Error with the truststore", e);
}
catch (CertificateException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effor mode.
- LOG.log(Level.WARNING, "Error with the keystore", e);
+ LOG.log(Level.WARNING, "Error with the truststore", e);
}
catch (IOException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effor mode.
+ LOG.log(Level.WARNING, "Error with the truststore", e);
+ }
+ }
+ truststoreManager = new ApplicationTrustManager(truststore);
+ truststoreManager.setHost(getHostName());
+ return truststoreManager;
+ }
+
+ /**
+ * Handle KeyStore.
+ *
+ * @return The keyStore manager to be used for the command.
+ */
+ public ApplicationKeyManager getKeyManager()
+ {
+ KeyStore keyStore = null;
+ String keyStorePasswordValue = null;
+ if (keyStorePathArg.isPresent())
+ {
+ try
+ {
+ FileInputStream fos = new FileInputStream(keyStorePathArg.getValue());
+ if (keyStorePasswordArg.isPresent())
+ {
+ keyStorePasswordValue = keyStorePasswordArg.getValue();
+ }
+ else if (keyStorePasswordFileArg.isPresent())
+ {
+ keyStorePasswordValue = keyStorePasswordFileArg.getValue();
+ }
+ keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ keyStore.load(fos, keyStorePasswordValue.toCharArray());
+ }
+ catch (KeyStoreException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse
+ // the
+ // certificates. Maybe we should avoid this and be strict, but
+ // we are
+ // in a best effor mode.
+ LOG.log(Level.WARNING, "Error with the keystore", e);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse
+ // the
+ // certificates. Maybe we should avoid this and be strict, but
+ // we are
+ // in a best effor mode.
+ LOG.log(Level.WARNING, "Error with the keystore", e);
+ }
+ catch (CertificateException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse
+ // the
+ // certificates. Maybe we should avoid this and be strict, but
+ // we are
+ // in a best effor mode.
+ LOG.log(Level.WARNING, "Error with the keystore", e);
+ }
+ catch (IOException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse
+ // the
+ // certificates. Maybe we should avoid this and be strict, but
+ // we are
+ // in a best effor mode.
LOG.log(Level.WARNING, "Error with the keystore", e);
}
}
- trustStore = new ApplicationTrustManager(keyStore);
- trustStore.setHost(getHostName());
- return trustStore ;
+ return new ApplicationKeyManager(keyStore, keyStorePasswordValue
+ .toCharArray());
}
/**
* Indication if provided global options are validate.
*
* @param err the stream to be used to print error message.
- *
* @return return code.
*/
public int validateGlobalOption(PrintStream err)
{
ReturnCode returnCode = ReturnCode.SUCCESSFUL_NOP;
- // Couldn't have at the same time bindPassword and bibdPasswordFile
+ // Couldn't have at the same time bindPassword and bindPasswordFile
if(bindPasswordArg.isPresent() && bindPasswordFileArg.isPresent())
{
int msgID = MSGID_TOOL_CONFLICTING_ARGS;
--
Gitblit v1.10.0