From 3790dd899db51a47f770ee52f339cfd2539e2bbd Mon Sep 17 00:00:00 2001
From: jvergara <jvergara@localhost>
Date: Thu, 17 Jan 2008 08:50:31 +0000
Subject: [PATCH] Fix for 2811 (dsreplication disable doesn't remove references to current server from replicated servers) The fix makes dsreplication enable and dsreplication disable symmetric. When the user disables the last replicated suffix, we inform that the replication server will also be disabled. So when the last repilcated suffix is disabled, replication on cn=schema and cn=admin data are also disabled and the registration information updated properly.
---
opends/src/ads/org/opends/admin/ads/ADSContextHelper.java | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 57 insertions(+), 2 deletions(-)
diff --git a/opends/src/ads/org/opends/admin/ads/ADSContextHelper.java b/opends/src/ads/org/opends/admin/ads/ADSContextHelper.java
index b9581f2..96c1ba4 100644
--- a/opends/src/ads/org/opends/admin/ads/ADSContextHelper.java
+++ b/opends/src/ads/org/opends/admin/ads/ADSContextHelper.java
@@ -22,7 +22,7 @@
* CDDL HEADER END
*
*
- * Portions Copyright 2007 Sun Microsystems, Inc.
+ * Portions Copyright 2007-2008 Sun Microsystems, Inc.
*/
package org.opends.admin.ads;
@@ -31,6 +31,7 @@
import java.util.SortedSet;
import java.util.TreeSet;
+import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
@@ -197,7 +198,7 @@
@param serverEntryDn The server's ADS entry DN.
@throws ADSContextException In case some JNDI operation fails or there is a
problem getting the instance public key certificate ID.
- */
+ */
public void registerInstanceKeyCertificate(
InitialLdapContext ctx, Map<ServerProperty, Object> serverProperties,
LdapName serverEntryDn)
@@ -285,6 +286,60 @@
}
}
+
+ /**
+ Unregister instance key-pair public-key certificate provided in
+ serverProperties.
+ @param ctx the connection to the server.
+ @param serverProperties Properties of the server being unregistered to which
+ the instance key entry belongs.
+ @param serverEntryDn The server's ADS entry DN.
+ @throws ADSContextException In case some JNDI operation fails.
+ */
+ public void unregisterInstanceKeyCertificate(
+ InitialLdapContext ctx, Map<ServerProperty, Object> serverProperties,
+ LdapName serverEntryDn)
+ throws ADSContextException {
+ assert serverProperties.containsKey(
+ ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE);
+ if (! serverProperties.containsKey(
+ ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) {
+ return;
+ }
+
+ /* these attributes are used both to search for an existing certificate
+ entry and, if one does not exist, add a new certificate entry */
+ final BasicAttributes keyAttrs = new BasicAttributes();
+ final Attribute oc = new BasicAttribute("objectclass");
+ oc.add("top"); oc.add("ds-cfg-instance-key");
+ keyAttrs.put(oc);
+ keyAttrs.put(new BasicAttribute(
+ ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE.getAttributeName()
+ + ";binary",
+ serverProperties.get(
+ ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)));
+
+ /* search for public-key certificate entry in ADS DIT */
+ final String attrIDs[] = { "ds-cfg-key-id" };
+ try
+ {
+ final NamingEnumeration<SearchResult> results = ctx.search(
+ ADSContext.getInstanceKeysContainerDN(), keyAttrs, attrIDs);
+ if (results.hasMore()) {
+ SearchResult res = results.next();
+ ctx.destroySubcontext(res.getNameInNamespace());
+ }
+ }
+ catch (NameNotFoundException nnfe)
+ {
+ }
+ catch (NamingException ne)
+ {
+ throw new ADSContextException(
+ ADSContextException.ErrorType.ERROR_UNEXPECTED, ne);
+ }
+ }
+
/**
* Returns the crypto instance key objectclass name as defined in
* ConfigConstants.
--
Gitblit v1.10.0