From 8aa9e3c4288898f16445e768320b6dad1de612e1 Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Wed, 25 Mar 2009 21:26:49 +0000
Subject: [PATCH] These changes:
---
opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java | 77 +++++++++++++++++++++-----------------
1 files changed, 43 insertions(+), 34 deletions(-)
diff --git a/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java b/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
index a5ea34d..9b8fdee 100644
--- a/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
+++ b/opends/src/ads/org/opends/admin/ads/util/ApplicationTrustManager.java
@@ -43,6 +43,8 @@
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
+import org.opends.server.util.Platform;
+
/**
* This class is in charge of checking whether the certificates that are
* presented are trusted or not.
@@ -108,6 +110,13 @@
String userSpecifiedProvider =
System.getProperty("org.opends.admin.trustmanagerprovider");
+ //Handle IBM specific cases if the user did not specify a algorithm and/or
+ //provider.
+ if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
+ userSpecifiedAlgo = "IbmX509";
+ if(userSpecifiedProvider == null && Platform.isVendor("IBM"))
+ userSpecifiedProvider = "IBMJSEE2";
+
// Have some fallbacks to choose the provider and algorith of the key
// manager. First see if the user wanted to use something specific,
// then try with the SunJSSE provider and SunX509 algorithm. Finally,
@@ -126,48 +135,48 @@
"SunX509",
TrustManagerFactory.getDefaultAlgorithm()
};
- for (int i=0; i<preferredProvider.length && trustManager == null; i++)
- {
- String provider = preferredProvider[i];
- String algo = preferredAlgo[i];
- if (algo == null)
+ for (int i=0; i<preferredProvider.length && trustManager == null; i++)
{
- continue;
- }
- try
- {
- if (provider != null)
+ String provider = preferredProvider[i];
+ String algo = preferredAlgo[i];
+ if (algo == null)
{
- tmf = TrustManagerFactory.getInstance(algo, provider);
+ continue;
}
- else
+ try
{
- tmf = TrustManagerFactory.getInstance(algo);
- }
- tmf.init(keystore);
- TrustManager[] trustManagers = tmf.getTrustManagers();
- for (int j=0; j < trustManagers.length; j++)
- {
- if (trustManagers[j] instanceof X509TrustManager)
+ if (provider != null)
{
- trustManager = (X509TrustManager)trustManagers[j];
- break;
+ tmf = TrustManagerFactory.getInstance(algo, provider);
+ }
+ else
+ {
+ tmf = TrustManagerFactory.getInstance(algo);
+ }
+ tmf.init(keystore);
+ TrustManager[] trustManagers = tmf.getTrustManagers();
+ for (int j=0; j < trustManagers.length; j++)
+ {
+ if (trustManagers[j] instanceof X509TrustManager)
+ {
+ trustManager = (X509TrustManager)trustManagers[j];
+ break;
+ }
}
}
+ catch (NoSuchProviderException e)
+ {
+ LOG.log(Level.WARNING, "Error with the provider: "+provider, e);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ LOG.log(Level.WARNING, "Error with the algorithm: "+algo, e);
+ }
+ catch (KeyStoreException e)
+ {
+ LOG.log(Level.WARNING, "Error with the keystore", e);
+ }
}
- catch (NoSuchProviderException e)
- {
- LOG.log(Level.WARNING, "Error with the provider: "+provider, e);
- }
- catch (NoSuchAlgorithmException e)
- {
- LOG.log(Level.WARNING, "Error with the algorithm: "+algo, e);
- }
- catch (KeyStoreException e)
- {
- LOG.log(Level.WARNING, "Error with the keystore", e);
- }
- }
}
/**
--
Gitblit v1.10.0