From 486ffa6d0abfa0b91dc7ab22ee71758b5eecfb88 Mon Sep 17 00:00:00 2001
From: jvergara <jvergara@localhost>
Date: Wed, 26 Sep 2007 18:57:15 +0000
Subject: [PATCH] Fix for 2306: configure replication encryption on or off in dsreplication and setup-gui
---
opends/src/quicksetup/org/opends/quicksetup/installer/InstallerHelper.java | 37 +++++++++++++++++++++++++++++++++++--
1 files changed, 35 insertions(+), 2 deletions(-)
diff --git a/opends/src/quicksetup/org/opends/quicksetup/installer/InstallerHelper.java b/opends/src/quicksetup/org/opends/quicksetup/installer/InstallerHelper.java
index 1e210e4..1b73493 100644
--- a/opends/src/quicksetup/org/opends/quicksetup/installer/InstallerHelper.java
+++ b/opends/src/quicksetup/org/opends/quicksetup/installer/InstallerHelper.java
@@ -218,6 +218,8 @@
* the value is the list of replication servers for that base dn (or domain).
* @param replicationPort the replicationPort of the server that is being
* configured (it might not exist and the user specified it in the setup).
+ * @param useSecureReplication whether to encrypt connections with the
+ * replication port or not.
* @param serverDisplay the server display.
* @param usedReplicationServerIds the list of replication server ids that
* are already used.
@@ -229,13 +231,14 @@
public ConfiguredReplication configureReplication(
InitialLdapContext remoteCtx, Set<String> dns,
Map<String,Set<String>> replicationServers,
- int replicationPort, String serverDisplay,
+ int replicationPort, boolean useSecureReplication, String serverDisplay,
Set<Integer> usedReplicationServerIds, Set<Integer> usedServerIds)
throws ApplicationException
{
boolean synchProviderCreated;
boolean synchProviderEnabled;
boolean replicationServerCreated;
+ boolean secureReplicationEnabled;
try
{
ManagementContext mCtx = LDAPManagementContext.createFromContext(
@@ -291,6 +294,25 @@
if (!sync.hasReplicationServer())
{
+ if (useSecureReplication)
+ {
+ CryptoManagerCfgClient crypto = root.getCryptoManager();
+ if (!crypto.isSSLEncryption())
+ {
+ crypto.setSSLEncryption(true);
+ crypto.commit();
+ secureReplicationEnabled = true;
+ }
+ else
+ {
+ // Only mark as true if we actually change the configuration
+ secureReplicationEnabled = false;
+ }
+ }
+ else
+ {
+ secureReplicationEnabled = false;
+ }
int id = getReplicationId(usedReplicationServerIds);
usedReplicationServerIds.add(id);
replicationServer = sync.createReplicationServer(
@@ -302,6 +324,7 @@
}
else
{
+ secureReplicationEnabled = false;
replicationServer = sync.getReplicationServer();
usedReplicationServerIds.add(
replicationServer.getReplicationServerId());
@@ -390,7 +413,8 @@
domainsConf.add(domainConf);
}
return new ConfiguredReplication(synchProviderCreated,
- synchProviderEnabled, replicationServerCreated, newReplicationServers,
+ synchProviderEnabled, replicationServerCreated,
+ secureReplicationEnabled, newReplicationServers,
domainsConf);
}
catch (Throwable t)
@@ -496,6 +520,15 @@
// It does not exist.
}
}
+ if (replConf.isSecureReplicationEnabled())
+ {
+ CryptoManagerCfgClient crypto = root.getCryptoManager();
+ if (crypto.isSSLEncryption())
+ {
+ crypto.setSSLEncryption(false);
+ crypto.commit();
+ }
+ }
}
catch (Throwable t)
{
--
Gitblit v1.10.0