From 8a0c7b4a24af390782c917be4f68b45174972b19 Mon Sep 17 00:00:00 2001
From: Violette Roche-Montane <violette.roche-montane@forgerock.com>
Date: Mon, 24 Mar 2014 09:50:32 +0000
Subject: [PATCH] Checkpoint OPENDJ-1343 Migrate dsconfig - Code cleanup on the StatusCli and UnistallCliHelper as they are linked to the LDAPManagementContextFactory.java which is in the dsconfig package.

---
 opendj3-server-dev/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java |   92 +++++++++++-----------------------------------
 1 files changed, 22 insertions(+), 70 deletions(-)

diff --git a/opendj3-server-dev/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java b/opendj3-server-dev/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java
index 5a11d86..3be2146 100644
--- a/opendj3-server-dev/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java
+++ b/opendj3-server-dev/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java
@@ -179,78 +179,17 @@
           try
           {
             final SSLContextBuilder sslBuilder = new SSLContextBuilder();
-            sslBuilder.setTrustManager((trustManager==null?TrustManagers.trustAll():trustManager));
-            sslBuilder.setKeyManager(keyManager);
-            sslBuilder.setProtocol(SSLContextBuilder.PROTOCOL_SSL);
-            options.setUseStartTLS(false);
-            options.setSSLContext(sslBuilder.getSSLContext());
-
-            factory = new LDAPConnectionFactory(hostName, portNumber, options);
-            connection = factory.getConnection();
-            connection.bind(bindDN, bindPassword.toCharArray());
-            break;
-          }
-          catch (ErrorResultException e)
-          {
-            if (app.isInteractive()
-                && ci.isTrustStoreInMemory()
-                && e.getCause() != null
-                && e.getCause() instanceof SSLException
-                && e.getCause().getCause() instanceof CertificateException)
-            {
-              String authType = null;
-              if (trustManager instanceof ApplicationTrustManager)
-              { // FIXME use PromptingTrustManager
-                ApplicationTrustManager appTrustManager =
-                    (ApplicationTrustManager) trustManager;
-                authType = appTrustManager.getLastRefusedAuthType();
-                X509Certificate[] cert = appTrustManager.getLastRefusedChain();
-
-                if (ci.checkServerCertificate(cert, authType, hostName))
-                {
-                  // If the certificate is trusted, update the trust manager.
-                  trustManager = ci.getTrustManager();
-                  // Try to connect again.
-                  continue;
-                }
-              }
-            }
-            if (e.getCause() != null && e.getCause() instanceof SSLException)
-            {
-              LocalizableMessage message =
-                  ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_NOT_TRUSTED.get(
-                      hostName, portNumber);
-              throw new ClientException(ReturnCode.CLIENT_SIDE_CONNECT_ERROR,
-                  message);
-            }
-            LocalizableMessage message =
-                ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT
-                    .get(hostName, portNumber);
-            throw new ClientException(ReturnCode.CLIENT_SIDE_CONNECT_ERROR,
-                message);
-          }
-          catch (GeneralSecurityException e)
-          {
-            LocalizableMessage message =
-                ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT
-                    .get(hostName, portNumber);
-            throw new ClientException(ReturnCode.CLIENT_SIDE_CONNECT_ERROR,
-                message);
-          }
-        }
-      }
-      else if (ci.useStartTLS())
-      {
-        while (true)
-        {
-          try
-          {
-            final SSLContextBuilder sslBuilder = new SSLContextBuilder();
             sslBuilder.setTrustManager((trustManager == null ? TrustManagers
                 .trustAll() : trustManager));
             sslBuilder.setKeyManager(keyManager);
-            sslBuilder.setProtocol(SSLContextBuilder.PROTOCOL_SSL);
-            options.setUseStartTLS(true);
+            if (ci.useStartTLS())
+            {
+              options.setUseStartTLS(true);
+            }
+            else
+            {
+              options.setUseStartTLS(false);
+            }
             options.setSSLContext(sslBuilder.getSSLContext());
 
             factory = new LDAPConnectionFactory(hostName, portNumber, options);
@@ -283,7 +222,7 @@
                 }
               }
             }
-            if (e.getCause() != null && e.getCause() instanceof SSLException)
+            if (e.getCause() instanceof SSLException)
             {
               LocalizableMessage message =
                   ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_NOT_TRUSTED.get(
@@ -291,6 +230,19 @@
               throw new ClientException(ReturnCode.CLIENT_SIDE_CONNECT_ERROR,
                   message);
             }
+            if (e.getCause() instanceof AuthorizationException)
+            {
+              LocalizableMessage message =
+                  ERR_DSCFG_ERROR_LDAP_SIMPLE_BIND_NOT_SUPPORTED.get();
+              throw new ClientException(ReturnCode.AUTH_METHOD_NOT_SUPPORTED,
+                  message);
+            }
+            else if (e.getCause() instanceof AuthenticationException)
+            {
+              LocalizableMessage message =
+                  ERR_DSCFG_ERROR_LDAP_SIMPLE_BIND_FAILED.get(bindDN);
+              throw new ClientException(ReturnCode.INVALID_CREDENTIALS, message);
+            }
             LocalizableMessage message =
                 ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT
                     .get(hostName, portNumber);

--
Gitblit v1.10.0