From a9ba1c2545ef442f76928469a424a6521cfa4725 Mon Sep 17 00:00:00 2001
From: jvergara <jvergara@localhost>
Date: Sun, 26 Aug 2007 17:43:55 +0000
Subject: [PATCH] Fix for issues 2104 and 2162.
---
opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/SecureConnectionCliParser.java | 149 ++++++++++++++++++++++++++-----------------------
1 files changed, 79 insertions(+), 70 deletions(-)
diff --git a/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/SecureConnectionCliParser.java b/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/SecureConnectionCliParser.java
index d2acf17..83e2bb1 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/SecureConnectionCliParser.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/SecureConnectionCliParser.java
@@ -161,14 +161,17 @@
*/
protected BooleanArgument useStartTLSArg = null;
+ // the trust manager.
+ private ApplicationTrustManager trustManager;
+
/** Short form of the option for specifying a noninteractive session. */
- static public final Character INTERACTIVE_OPTION_SHORT = 'i';
+ static public final Character NO_PROMPT_OPTION_SHORT = 'n';
/** Long form of the option for specifying a quiet session. */
static public final String QUIET_OPTION_LONG = "quiet";
/** Long form of the option for specifying a noninteractive session. */
- static public final String INTERACTIVE_OPTION_LONG = "interactive";
+ static public final String NO_PROMPT_OPTION_LONG = "no-prompt";
/** Short form of the option for specifying a quiet session. */
static public final Character QUIET_OPTION_SHORT = 'Q';
@@ -258,6 +261,7 @@
try
{
out.write(INFO_LDAPAUTH_PASSWORD_PROMPT.get(dn).getBytes());
+ out.flush();
char[] pwChars = PasswordReader.readPassword();
bindPasswordValue = new String(pwChars);
} catch(Exception ex)
@@ -289,8 +293,8 @@
// read the password from the stdin.
try
{
- out.write(INFO_LDAPAUTH_PASSWORD_PROMPT.get(dn).toString()
- .getBytes());
+ out.write(INFO_LDAPAUTH_PASSWORD_PROMPT.get(dn).toString().getBytes());
+ out.flush();
char[] pwChars = PasswordReader.readPassword();
return new String(pwChars);
}
@@ -664,7 +668,7 @@
*
* @return True if startTLS mode is required
*/
- public boolean startTLS()
+ public boolean useStartTLS()
{
if (useStartTLSArg.isPresent())
{
@@ -683,78 +687,83 @@
*/
public ApplicationTrustManager getTrustManager()
{
- ApplicationTrustManager truststoreManager = null ;
- KeyStore truststore = null ;
- if (trustAllArg.isPresent())
+ if (trustManager == null)
{
- // Running a null TrustManager will force createLdapsContext and
- // createStartTLSContext to use a bindTrustManager.
- return null ;
- }
- else
- if (trustStorePathArg.isPresent())
- {
- try
+ KeyStore truststore = null ;
+ if (trustAllArg.isPresent())
{
- FileInputStream fos = new FileInputStream(trustStorePathArg.getValue());
- String trustStorePasswordStringValue = null;
- char[] trustStorePasswordValue = null;
- if (trustStorePasswordArg.isPresent())
+ // Running a null TrustManager will force createLdapsContext and
+ // createStartTLSContext to use a bindTrustManager.
+ return null ;
+ }
+ else
+ if (trustStorePathArg.isPresent())
{
- trustStorePasswordStringValue = trustStorePasswordArg.getValue();
- }
- else if (trustStorePasswordFileArg.isPresent())
- {
- trustStorePasswordStringValue = trustStorePasswordFileArg.getValue();
- }
+ try
+ {
+ FileInputStream fos =
+ new FileInputStream(trustStorePathArg.getValue());
+ String trustStorePasswordStringValue = null;
+ char[] trustStorePasswordValue = null;
+ if (trustStorePasswordArg.isPresent())
+ {
+ trustStorePasswordStringValue = trustStorePasswordArg.getValue();
+ }
+ else if (trustStorePasswordFileArg.isPresent())
+ {
+ trustStorePasswordStringValue =
+ trustStorePasswordFileArg.getValue();
+ }
- if (trustStorePasswordStringValue != null)
- {
- trustStorePasswordStringValue = System
+ if (trustStorePasswordStringValue != null)
+ {
+ trustStorePasswordStringValue = System
.getProperty("javax.net.ssl.trustStorePassword");
+ }
+
+
+ if (trustStorePasswordStringValue != null)
+ {
+ trustStorePasswordValue =
+ trustStorePasswordStringValue.toCharArray();
+ }
+
+ truststore = KeyStore.getInstance(KeyStore.getDefaultType());
+ truststore.load(fos, trustStorePasswordValue);
+ fos.close();
+ }
+ catch (KeyStoreException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse the
+ // certificates. Maybe we should avoid this and be strict, but we
+ // are in a best effort mode.
+ LOG.log(Level.WARNING, "Error with the truststore", e);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse the
+ // certificates. Maybe we should avoid this and be strict, but we
+ // are in a best effort mode.
+ LOG.log(Level.WARNING, "Error with the truststore", e);
+ }
+ catch (CertificateException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse the
+ // certificates. Maybe we should avoid this and be strict, but we
+ // are in a best effort mode.
+ LOG.log(Level.WARNING, "Error with the truststore", e);
+ }
+ catch (IOException e)
+ {
+ // Nothing to do: if this occurs we will systematically refuse the
+ // certificates. Maybe we should avoid this and be strict, but we
+ // are in a best effort mode.
+ LOG.log(Level.WARNING, "Error with the truststore", e);
+ }
}
-
-
- if (trustStorePasswordStringValue != null)
- {
- trustStorePasswordValue = trustStorePasswordStringValue.toCharArray();
- }
-
- truststore = KeyStore.getInstance(KeyStore.getDefaultType());
- truststore.load(fos, trustStorePasswordValue);
- fos.close();
- }
- catch (KeyStoreException e)
- {
- // Nothing to do: if this occurs we will systematically refuse the
- // certificates. Maybe we should avoid this and be strict, but we are
- // in a best effort mode.
- LOG.log(Level.WARNING, "Error with the truststore", e);
- }
- catch (NoSuchAlgorithmException e)
- {
- // Nothing to do: if this occurs we will systematically refuse the
- // certificates. Maybe we should avoid this and be strict, but we are
- // in a best effort mode.
- LOG.log(Level.WARNING, "Error with the truststore", e);
- }
- catch (CertificateException e)
- {
- // Nothing to do: if this occurs we will systematically refuse the
- // certificates. Maybe we should avoid this and be strict, but we are
- // in a best effort mode.
- LOG.log(Level.WARNING, "Error with the truststore", e);
- }
- catch (IOException e)
- {
- // Nothing to do: if this occurs we will systematically refuse the
- // certificates. Maybe we should avoid this and be strict, but we are
- // in a best effort mode.
- LOG.log(Level.WARNING, "Error with the truststore", e);
- }
+ trustManager = new ApplicationTrustManager(truststore);
}
- truststoreManager = new ApplicationTrustManager(truststore);
- return truststoreManager;
+ return trustManager;
}
/**
--
Gitblit v1.10.0