From 45690fbc42773415ef034419ed3f27d2974b78e1 Mon Sep 17 00:00:00 2001
From: Matthew Swift <matthew.swift@forgerock.com>
Date: Wed, 21 Nov 2012 23:24:40 +0000
Subject: [PATCH] Fix OPENDJ-649: Add supportedTLSCiphers and supportedTLSProtocols to RootDSE and system monitor

---
 opends/src/server/org/opends/server/admin/AdministrationConnector.java |   81 +++++++++++-----------------------------
 1 files changed, 23 insertions(+), 58 deletions(-)

diff --git a/opends/src/server/org/opends/server/admin/AdministrationConnector.java b/opends/src/server/org/opends/server/admin/AdministrationConnector.java
index 5678e40..605f479 100644
--- a/opends/src/server/org/opends/server/admin/AdministrationConnector.java
+++ b/opends/src/server/org/opends/server/admin/AdministrationConnector.java
@@ -30,13 +30,10 @@
 import static org.opends.server.loggers.ErrorLogger.logError;
 import static org.opends.server.loggers.debug.DebugLogger.*;
 import static org.opends.messages.AdminMessages.*;
-import java.io.IOException;
-import java.security.KeyStoreException;
 import java.io.File;
 import java.io.FileWriter;
 import java.io.PrintWriter;
 import java.net.InetAddress;
-import java.security.cert.CertificateEncodingException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.SortedSet;
@@ -172,16 +169,12 @@
       AdministrationConnectorCfg configuration) throws ConfigException,
       InitializationException
   {
-
     this.config = configuration;
 
     // Create a fake LDAP connection handler configuration
     LDAPConnectionHandlerCfg ldapConnectionHandlerCfg =
       new FakeLDAPConnectionHandlerCfg(config);
 
-    createSelfSignedCertifIfNeeded();
-
-
     // Administration Connector uses the LDAP connection handler
     // implementation
     adminConnectionHandler = new LDAPConnectionHandler(
@@ -604,20 +597,26 @@
 
   /**
    * Creates a self-signed JKS certificate if needed.
+   *
+   * @throws InitializationException
+   *           If an unexpected error occurred whilst trying to create the
+   *           certificate.
    */
-  private void createSelfSignedCertifIfNeeded() throws InitializationException
+  public static void createSelfSignedCertificateIfNeeded()
+      throws InitializationException
   {
-
     try
     {
+      RootCfg root = ServerManagementContext.getInstance()
+          .getRootConfiguration();
+      AdministrationConnectorCfg config = root.getAdministrationConnector();
 
       // Check if certificate generation is needed
       String certAlias = config.getSSLCertNickname();
-      KeyManagerProviderCfg keyMgrConfig =
-        getAdminConnectorKeyManagerConfig(config.getKeyManagerProvider());
-
-      TrustManagerProviderCfg trustMgrConfig =
-        getAdminConnectorTrustManagerConfig(config.getTrustManagerProvider());
+      KeyManagerProviderCfg keyMgrConfig = root.getKeyManagerProvider(config
+          .getKeyManagerProvider());
+      TrustManagerProviderCfg trustMgrConfig = root
+          .getTrustManagerProvider(config.getTrustManagerProvider());
 
       if (!(keyMgrConfig instanceof FileBasedKeyManagerProviderCfg)
           || !(trustMgrConfig instanceof FileBasedTrustManagerProviderCfg))
@@ -747,54 +746,20 @@
       File f = new File(tempCertPath);
       f.delete();
     }
-    catch (ConfigException e)
+    catch (InitializationException e)
     {
-      handleCertifExceptions(e);
+      throw e;
     }
-    catch (KeyStoreException e)
+    catch (Exception e)
     {
-      handleCertifExceptions(e);
+      if (debugEnabled())
+      {
+        TRACER.debugCaught(DebugLogLevel.ERROR, e);
+      }
+      Message message = ERR_ADMIN_CERTIFICATE_GENERATION.get(e.getMessage());
+      logError(message);
+      throw new InitializationException(message);
     }
-    catch (IOException e)
-    {
-      handleCertifExceptions(e);
-    }
-    catch (CertificateEncodingException e)
-    {
-      handleCertifExceptions(e);
-    }
-  }
-
-
-
-  private void handleCertifExceptions(Exception e)
-      throws InitializationException
-  {
-    if (debugEnabled())
-    {
-      TRACER.debugCaught(DebugLogLevel.ERROR, e);
-    }
-    Message message = ERR_ADMIN_CERTIFICATE_GENERATION.get(e.getMessage());
-    logError(message);
-    throw new InitializationException(message);
-  }
-
-
-
-  private KeyManagerProviderCfg getAdminConnectorKeyManagerConfig(String name)
-      throws ConfigException
-  {
-    RootCfg root = ServerManagementContext.getInstance().getRootConfiguration();
-    return root.getKeyManagerProvider(name);
-  }
-
-
-
-  private TrustManagerProviderCfg getAdminConnectorTrustManagerConfig(
-      String name) throws ConfigException
-  {
-    RootCfg root = ServerManagementContext.getInstance().getRootConfiguration();
-    return root.getTrustManagerProvider(name);
   }
 
 

--
Gitblit v1.10.0