From 68ceb8ea8c8d2c2745f1c2449635764f4a51a993 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Thu, 28 Jun 2007 23:54:43 +0000
Subject: [PATCH] Migrate the key and trust manager provider configuration to the admin framework.
---
opends/src/server/org/opends/server/extensions/FileBasedKeyManagerProvider.java | 1469 +++++++++++-----------------------------------------------
1 files changed, 284 insertions(+), 1,185 deletions(-)
diff --git a/opends/src/server/org/opends/server/extensions/FileBasedKeyManagerProvider.java b/opends/src/server/org/opends/server/extensions/FileBasedKeyManagerProvider.java
index 33bb93e..f0bee53 100644
--- a/opends/src/server/org/opends/server/extensions/FileBasedKeyManagerProvider.java
+++ b/opends/src/server/org/opends/server/extensions/FileBasedKeyManagerProvider.java
@@ -36,19 +36,14 @@
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.LinkedList;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
+import org.opends.server.admin.server.ConfigurationChangeListener;
import org.opends.server.admin.std.server.FileBasedKeyManagerCfg;
-import org.opends.server.api.ConfigurableComponent;
import org.opends.server.api.KeyManagerProvider;
-import org.opends.server.config.ConfigAttribute;
-import org.opends.server.config.ConfigEntry;
import org.opends.server.config.ConfigException;
-import org.opends.server.config.StringConfigAttribute;
import org.opends.server.core.DirectoryServer;
import org.opends.server.types.ConfigChangeResult;
import org.opends.server.types.DirectoryException;
@@ -72,7 +67,7 @@
*/
public class FileBasedKeyManagerProvider
extends KeyManagerProvider<FileBasedKeyManagerCfg>
- implements ConfigurableComponent
+ implements ConfigurationChangeListener<FileBasedKeyManagerCfg>
{
/**
* The tracer object for the debug logger.
@@ -81,25 +76,18 @@
-
// The DN of the configuration entry for this key manager provider.
private DN configEntryDN;
// The PIN needed to access the keystore.
private char[] keyStorePIN;
+ // The configuration for this key manager provider.
+ private FileBasedKeyManagerCfg currentConfig;
+
// The path to the key store backing file.
private String keyStoreFile;
- // The name of the environment variable containing the keystore PIN.
- private String keyStorePINEnVar;
-
- // The path to the file containing the keystore PIN.
- private String keyStorePINFile;
-
- // The name of the Java property containing the keystore PIN.
- private String keyStorePINProperty;
-
// The key store type to use.
private String keyStoreType;
@@ -118,388 +106,18 @@
/**
- * Initializes this key manager provider based on the information in the
- * provided configuration entry.
- *
- * @param configEntry The configuration entry that contains the information
- * to use to initialize this key manager provider.
- *
- * @throws ConfigException If an unrecoverable problem arises in the
- * process of performing the initialization as a
- * result of the server configuration.
- *
- * @throws InitializationException If a problem occurs during initialization
- * that is not related to the server
- * configuration.
- */
- public void initializeKeyManagerProvider(ConfigEntry configEntry)
- throws ConfigException, InitializationException
- {
- // Store the DN of the configuration entry.
- configEntryDN = configEntry.getDN();
-
-
- // Get the path to the key store file.
- int msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_FILE;
- StringConfigAttribute fileStub =
- new StringConfigAttribute(ATTR_KEYSTORE_FILE, getMessage(msgID), true,
- false, false);
- try
- {
- StringConfigAttribute fileAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(fileStub);
- if ((fileAttr == null) ||
- ((keyStoreFile = fileAttr.activeValue()) == null))
- {
- msgID = MSGID_FILE_KEYMANAGER_NO_FILE_ATTR;
- String message = getMessage(msgID, String.valueOf(configEntryDN));
- throw new ConfigException(msgID, message);
- }
-
- File f = getFileForPath(keyStoreFile);
- if (! (f.exists() && f.isFile()))
- {
- msgID = MSGID_FILE_KEYMANAGER_NO_SUCH_FILE;
- String message = getMessage(msgID, String.valueOf(keyStoreFile),
- String.valueOf(configEntryDN));
- throw new InitializationException(msgID, message);
- }
- }
- catch (ConfigException ce)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ce);
- }
-
- throw ce;
- }
- catch (InitializationException ie)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ie);
- }
-
- throw ie;
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_FILE;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- throw new InitializationException(msgID, message, e);
- }
-
-
- // Get the keystore type. If none is specified, then use the default type.
- keyStoreType = KeyStore.getDefaultType();
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_TYPE;
- StringConfigAttribute typeStub =
- new StringConfigAttribute(ATTR_KEYSTORE_TYPE, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute typeAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(typeStub);
- if (typeAttr != null)
- {
- // A keystore type was specified, so make sure it is valid.
- String typeStr = typeAttr.activeValue();
-
- try
- {
- KeyStore.getInstance(typeStr);
- keyStoreType = typeStr;
- }
- catch (KeyStoreException kse)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, kse);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_INVALID_TYPE;
- String message = getMessage(msgID, String.valueOf(typeStr),
- String.valueOf(configEntryDN),
- getExceptionMessage(kse));
- throw new InitializationException(msgID, message);
- }
- }
- }
- catch (InitializationException ie)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ie);
- }
-
- throw ie;
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_TYPE;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- throw new InitializationException(msgID, message, e);
- }
-
-
- // Get the PIN needed to access the contents of the keystore file. We will
- // offer several places to look for the PIN, and we will do so in the
- // following order:
- // - In a specified Java property
- // - In a specified environment variable
- // - In a specified file on the server filesystem.
- // - As the value of a configuration attribute.
- // In any case, the PIN must be in the clear.
- keyStorePIN = null;
- keyStorePINEnVar = null;
- keyStorePINFile = null;
- keyStorePINProperty = null;
-pinSelection:
- {
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_PROPERTY;
- StringConfigAttribute pinPropertyStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_PROPERTY,
- getMessage(msgID), false, false, false);
- try
- {
- StringConfigAttribute pinPropertyAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinPropertyStub);
- if (pinPropertyAttr != null)
- {
- String propertyName = pinPropertyAttr.activeValue();
- String pinStr = System.getProperty(propertyName);
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_PROPERTY_NOT_SET;
- String message = getMessage(msgID, String.valueOf(propertyName),
- String.valueOf(configEntryDN));
- throw new InitializationException(msgID, message);
- }
- else
- {
- keyStorePIN = pinStr.toCharArray();
- keyStorePINProperty = propertyName;
- break pinSelection;
- }
- }
- }
- catch (InitializationException ie)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ie);
- }
-
- throw ie;
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_PROPERTY;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- throw new InitializationException(msgID, message, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ENVAR;
- StringConfigAttribute pinEnVarStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_ENVAR, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinEnVarAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinEnVarStub);
- if (pinEnVarAttr != null)
- {
- String enVarName = pinEnVarAttr.activeValue();
- String pinStr = System.getenv(enVarName);
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_ENVAR_NOT_SET;
- String message = getMessage(msgID, String.valueOf(enVarName),
- String.valueOf(configEntryDN));
- throw new InitializationException(msgID, message);
- }
- else
- {
- keyStorePIN = pinStr.toCharArray();
- keyStorePINEnVar = enVarName;
- break pinSelection;
- }
- }
- }
- catch (InitializationException ie)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ie);
- }
-
- throw ie;
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_ENVAR;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- throw new InitializationException(msgID, message, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_FILE;
- StringConfigAttribute pinFileStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_FILE, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinFileAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinFileStub);
- if (pinFileAttr != null)
- {
- String fileName = pinFileAttr.activeValue();
-
- File pinFile = getFileForPath(fileName);
- if (! pinFile.exists())
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_NO_SUCH_FILE;
- String message = getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN));
- throw new InitializationException(msgID, message);
- }
- else
- {
- String pinStr;
-
- try
- {
- BufferedReader br = new BufferedReader(new FileReader(pinFile));
- pinStr = br.readLine();
- br.close();
- }
- catch (IOException ioe)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_CANNOT_READ;
- String message = getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN),
- getExceptionMessage(ioe));
- throw new InitializationException(msgID, message, ioe);
- }
-
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_EMPTY;
- String message = getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN));
- throw new InitializationException(msgID, message);
- }
- else
- {
- keyStorePIN = pinStr.toCharArray();
- keyStorePINFile = fileName;
- break pinSelection;
- }
- }
- }
- }
- catch (InitializationException ie)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ie);
- }
-
- throw ie;
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_FILE;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- throw new InitializationException(msgID, message, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ATTR;
- StringConfigAttribute pinStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinStub);
- if (pinAttr != null)
- {
- keyStorePIN = pinAttr.activeValue().toCharArray();
- break pinSelection;
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_FROM_ATTR;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- throw new InitializationException(msgID, message, e);
- }
- }
-
- if (keyStorePIN == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_NO_PIN;
- String message = getMessage(msgID, String.valueOf(configEntryDN));
- throw new ConfigException(msgID, message);
- }
-
-
- DirectoryServer.registerConfigurableComponent(this);
- }
-
-
-
-
-
- /**
* {@inheritDoc}
*/
@Override
public void initializeKeyManagerProvider(
FileBasedKeyManagerCfg configuration)
throws ConfigException, InitializationException {
- // Store the DN of the configuration entry.
+ // Store the DN of the configuration entry and register as a change
+ // listener.
+ currentConfig = configuration;
configEntryDN = configuration.dn();
+ configuration.addFileBasedChangeListener(this);
+
// Get the path to the key store file.
keyStoreFile = configuration.getKeyStoreFile();
@@ -557,9 +175,6 @@
//
// In any case, the PIN must be in the clear.
keyStorePIN = null;
- keyStorePINEnVar = null;
- keyStorePINFile = null;
- keyStorePINProperty = null;
if (configuration.getKeyStorePinProperty() != null) {
String propertyName = configuration.getKeyStorePinProperty();
@@ -573,7 +188,6 @@
}
keyStorePIN = pinStr.toCharArray();
- keyStorePINProperty = propertyName;
} else if (configuration.getKeyStorePinEnvironmentVariable() != null) {
String enVarName = configuration
.getKeyStorePinEnvironmentVariable();
@@ -587,7 +201,6 @@
}
keyStorePIN = pinStr.toCharArray();
- keyStorePINEnVar = enVarName;
} else if (configuration.getKeyStorePinFile() != null) {
String fileName = configuration.getKeyStorePinFile();
File pinFile = getFileForPath(fileName);
@@ -620,7 +233,6 @@
}
keyStorePIN = pinStr.toCharArray();
- keyStorePINFile = fileName;
} else if (configuration.getKeyStorePin() != null) {
keyStorePIN = configuration.getKeyStorePin().toCharArray();
} else {
@@ -630,8 +242,6 @@
.valueOf(configEntryDN));
throw new ConfigException(msgID, message);
}
-
- DirectoryServer.registerConfigurableComponent(this);
}
@@ -642,7 +252,7 @@
*/
public void finalizeKeyManagerProvider()
{
- DirectoryServer.deregisterConfigurableComponent(this);
+ currentConfig.removeFileBasedChangeListener(this);
}
@@ -709,487 +319,186 @@
/**
- * Retrieves the DN of the configuration entry with which this component is
- * associated.
- *
- * @return The DN of the configuration entry with which this component is
- * associated.
+ * {@inheritDoc}
*/
- public DN getConfigurableComponentEntryDN()
+ public boolean isConfigurationChangeAcceptable(
+ FileBasedKeyManagerCfg configuration,
+ List<String> unacceptableReasons)
{
- return configEntryDN;
- }
+ boolean configAcceptable = true;
-
- /**
- * Retrieves the set of configuration attributes that are associated with this
- * configurable component.
- *
- * @return The set of configuration attributes that are associated with this
- * configurable component.
- */
- public List<ConfigAttribute> getConfigurationAttributes()
- {
- LinkedList<ConfigAttribute> attrList = new LinkedList<ConfigAttribute>();
-
-
- int msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_FILE;
- StringConfigAttribute fileAttr =
- new StringConfigAttribute(ATTR_KEYSTORE_FILE, getMessage(msgID), true,
- false, false, keyStoreFile);
- attrList.add(fileAttr);
-
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_TYPE;
- StringConfigAttribute typeAttr =
- new StringConfigAttribute(ATTR_KEYSTORE_TYPE, getMessage(msgID), true,
- false, false, keyStoreType);
- attrList.add(typeAttr);
-
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_PROPERTY;
- StringConfigAttribute pinPropertyAttr =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_PROPERTY,
- getMessage(msgID), false, false, false,
- keyStorePINProperty);
- attrList.add(pinPropertyAttr);
-
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ENVAR;
- StringConfigAttribute pinEnvVarAttr =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_ENVAR,
- getMessage(msgID), false, false, false,
- keyStorePINEnVar);
- attrList.add(pinEnvVarAttr);
-
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_FILE;
- StringConfigAttribute pinFileAttr =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_FILE,
- getMessage(msgID), false, false, false,
- keyStorePINFile);
- attrList.add(pinFileAttr);
-
-
- String pinString;
- if ((keyStorePINProperty == null) && (keyStorePINEnVar == null) &&
- (keyStorePINFile == null))
+ // Get the path to the key store file.
+ String newKeyStoreFile = configuration.getKeyStoreFile();
+ try
{
- pinString = new String(keyStorePIN);
+ File f = getFileForPath(newKeyStoreFile);
+ if (!(f.exists() && f.isFile()))
+ {
+ int msgID = MSGID_FILE_KEYMANAGER_NO_SUCH_FILE;
+ unacceptableReasons.add(getMessage(msgID,
+ String.valueOf(newKeyStoreFile),
+ String.valueOf(configEntryDN)));
+ configAcceptable = false;
+ }
+ }
+ catch (Exception e)
+ {
+ if (debugEnabled())
+ {
+ TRACER.debugCaught(DebugLogLevel.ERROR, e);
+ }
+
+ int msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_FILE;
+ unacceptableReasons.add(getMessage(msgID, String.valueOf(configEntryDN),
+ getExceptionMessage(e)));
+ configAcceptable = false;
+ }
+
+ // Get the keystore type. If none is specified, then use the default type.
+ if (configuration.getKeyStoreType() != null)
+ {
+ try
+ {
+ KeyStore.getInstance(configuration.getKeyStoreType());
+ }
+ catch (KeyStoreException kse)
+ {
+ if (debugEnabled())
+ {
+ TRACER.debugCaught(DebugLogLevel.ERROR, kse);
+ }
+
+ int msgID = MSGID_FILE_KEYMANAGER_INVALID_TYPE;
+ unacceptableReasons.add(getMessage(msgID,
+ String.valueOf(configuration.getKeyStoreType()),
+ String.valueOf(configEntryDN), getExceptionMessage(kse)));
+ configAcceptable = false;
+ }
+ }
+
+ // Get the PIN needed to access the contents of the keystore file.
+ //
+ // We will offer several places to look for the PIN, and we will
+ // do so in the following order:
+ //
+ // - In a specified Java property
+ // - In a specified environment variable
+ // - In a specified file on the server filesystem.
+ // - As the value of a configuration attribute.
+ //
+ // In any case, the PIN must be in the clear.
+ if (configuration.getKeyStorePinProperty() != null)
+ {
+ String propertyName = configuration.getKeyStorePinProperty();
+ String pinStr = System.getProperty(propertyName);
+
+ if (pinStr == null)
+ {
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_PROPERTY_NOT_SET;
+ unacceptableReasons.add(getMessage(msgID, String.valueOf(propertyName),
+ String.valueOf(configEntryDN)));
+ configAcceptable = false;
+ }
+ }
+ else if (configuration.getKeyStorePinEnvironmentVariable() != null)
+ {
+ String enVarName = configuration.getKeyStorePinEnvironmentVariable();
+ String pinStr = System.getenv(enVarName);
+
+ if (pinStr == null)
+ {
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_ENVAR_NOT_SET;
+ unacceptableReasons.add(getMessage(msgID, String.valueOf(enVarName),
+ String.valueOf(configEntryDN)));
+ configAcceptable = false;
+ }
+ }
+ else if (configuration.getKeyStorePinFile() != null)
+ {
+ String fileName = configuration.getKeyStorePinFile();
+ File pinFile = getFileForPath(fileName);
+
+ if (!pinFile.exists())
+ {
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_NO_SUCH_FILE;
+ unacceptableReasons.add(getMessage(msgID, String.valueOf(fileName),
+ String.valueOf(configEntryDN)));
+ configAcceptable = false;
+ }
+ else
+ {
+ String pinStr = null;
+ BufferedReader br = null;
+ try {
+ br = new BufferedReader(new FileReader(pinFile));
+ pinStr = br.readLine();
+ }
+ catch (IOException ioe)
+ {
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_CANNOT_READ;
+ unacceptableReasons.add(getMessage(msgID, String.valueOf(fileName),
+ String.valueOf(configEntryDN),
+ getExceptionMessage(ioe)));
+ configAcceptable = false;
+ }
+ finally
+ {
+ try
+ {
+ br.close();
+ } catch (Exception e) {}
+ }
+
+ if (pinStr == null)
+ {
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_EMPTY;
+ unacceptableReasons.add(getMessage(msgID, String.valueOf(fileName),
+ String.valueOf(configEntryDN)));
+ configAcceptable = false;
+ }
+ }
+ }
+ else if (configuration.getKeyStorePin() != null)
+ {
+ configuration.getKeyStorePin().toCharArray();
}
else
{
- pinString = null;
+ // Pin wasn't defined anywhere.
+ int msgID = MSGID_FILE_KEYMANAGER_NO_PIN;
+ unacceptableReasons.add(getMessage(msgID, String.valueOf(configEntryDN)));
+ configAcceptable = false;
}
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ATTR;
- StringConfigAttribute pinAttr =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN, getMessage(msgID), false,
- false, false, pinString);
- attrList.add(pinAttr);
-
- return attrList;
+ return configAcceptable;
}
/**
- * Indicates whether the provided configuration entry has an acceptable
- * configuration for this component. If it does not, then detailed
- * information about the problem(s) should be added to the provided list.
- *
- * @param configEntry The configuration entry for which to make the
- * determination.
- * @param unacceptableReasons A list that can be used to hold messages about
- * why the provided entry does not have an
- * acceptable configuration.
- *
- * @return <CODE>true</CODE> if the provided entry has an acceptable
- * configuration for this component, or <CODE>false</CODE> if not.
+ * {@inheritDoc}
*/
- public boolean hasAcceptableConfiguration(ConfigEntry configEntry,
- List<String> unacceptableReasons)
- {
- DN configEntryDN = configEntry.getDN();
-
-
- // Make sure that a keystore file was provided.
- int msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_FILE;
- StringConfigAttribute fileStub =
- new StringConfigAttribute(ATTR_KEYSTORE_FILE, getMessage(msgID), true,
- false, false);
- try
- {
- String newKeyStoreFile = null;
-
- StringConfigAttribute fileAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(fileStub);
- if ((fileAttr == null) ||
- ((newKeyStoreFile = fileAttr.activeValue()) == null))
- {
- msgID = MSGID_FILE_KEYMANAGER_NO_FILE_ATTR;
- String message = getMessage(msgID, String.valueOf(configEntryDN));
- throw new ConfigException(msgID, message);
- }
-
- File f = getFileForPath(newKeyStoreFile);
- if (! (f.exists() && f.isFile()))
- {
- msgID = MSGID_FILE_KEYMANAGER_NO_SUCH_FILE;
- String message = getMessage(msgID, String.valueOf(newKeyStoreFile),
- String.valueOf(configEntryDN));
- unacceptableReasons.add(message);
- return false;
- }
- }
- catch (ConfigException ce)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ce);
- }
-
- unacceptableReasons.add(ce.getMessage());
- return false;
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_FILE;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- unacceptableReasons.add(message);
- return false;
- }
-
-
- // See if a keystore type was provided. It is optional, but if one was
- // provided, then it must be a valid type.
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_TYPE;
- StringConfigAttribute typeStub =
- new StringConfigAttribute(ATTR_KEYSTORE_TYPE, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute typeAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(typeStub);
- if (typeAttr != null)
- {
- // A keystore type was specified, so make sure it is valid.
- String typeStr = typeAttr.activeValue();
-
- try
- {
- KeyStore.getInstance(typeStr);
- }
- catch (KeyStoreException kse)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, kse);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_INVALID_TYPE;
- String message = getMessage(msgID, String.valueOf(typeStr),
- String.valueOf(configEntryDN),
- getExceptionMessage(kse));
- unacceptableReasons.add(message);
- return false;
- }
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_TYPE;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- unacceptableReasons.add(message);
- return false;
- }
-
-
- // Make sure that there is some way to determine the PIN. Look for the PIN
- // in a property, environment variable, file, or configuration attribute, in
- // that order.
- char[] keyStorePIN = null;
-pinSelection:
- {
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_PROPERTY;
- StringConfigAttribute pinPropertyStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_PROPERTY,
- getMessage(msgID), false, false, false);
- try
- {
- StringConfigAttribute pinPropertyAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinPropertyStub);
- if (pinPropertyAttr != null)
- {
- String propertyName = pinPropertyAttr.activeValue();
- String pinStr = System.getProperty(propertyName);
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_PROPERTY_NOT_SET;
- String message = getMessage(msgID, String.valueOf(propertyName),
- String.valueOf(configEntryDN));
- unacceptableReasons.add(message);
- return false;
- }
- else
- {
- keyStorePIN = pinStr.toCharArray();
- break pinSelection;
- }
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_PROPERTY;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- unacceptableReasons.add(message);
- return false;
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ENVAR;
- StringConfigAttribute pinEnVarStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_ENVAR, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinEnVarAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinEnVarStub);
- if (pinEnVarAttr != null)
- {
- String enVarName = pinEnVarAttr.activeValue();
- String pinStr = System.getenv(enVarName);
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_ENVAR_NOT_SET;
- String message = getMessage(msgID, String.valueOf(enVarName),
- String.valueOf(configEntryDN));
- unacceptableReasons.add(message);
- return false;
- }
- else
- {
- keyStorePIN = pinStr.toCharArray();
- break pinSelection;
- }
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_ENVAR;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- unacceptableReasons.add(message);
- return false;
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_FILE;
- StringConfigAttribute pinFileStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_FILE, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinFileAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinFileStub);
- if (pinFileAttr != null)
- {
- String fileName = pinFileAttr.activeValue();
-
- File pinFile = getFileForPath(fileName);
- if (! pinFile.exists())
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_NO_SUCH_FILE;
- String message = getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN));
- unacceptableReasons.add(message);
- return false;
- }
- else
- {
- String pinStr;
-
- try
- {
- BufferedReader br = new BufferedReader(new FileReader(pinFile));
- pinStr = br.readLine();
- br.close();
- }
- catch (IOException ioe)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_CANNOT_READ;
- String message = getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN),
- getExceptionMessage(ioe));
- unacceptableReasons.add(message);
- return false;
- }
-
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_EMPTY;
- String message = getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN));
- unacceptableReasons.add(message);
- return false;
- }
- else
- {
- keyStorePIN = pinStr.toCharArray();
- break pinSelection;
- }
- }
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_FILE;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- unacceptableReasons.add(message);
- return false;
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ATTR;
- StringConfigAttribute pinStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinStub);
- if (pinAttr != null)
- {
- keyStorePIN = pinAttr.pendingValue().toCharArray();
- break pinSelection;
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_FROM_ATTR;
- String message = getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e));
- unacceptableReasons.add(message);
- return false;
- }
- }
-
- if (keyStorePIN == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_NO_PIN;
- String message = getMessage(msgID, String.valueOf(configEntryDN));
- unacceptableReasons.add(message);
- return false;
- }
-
-
- // If we've gotten here, then everything looks OK.
- return true;
- }
-
-
-
- /**
- * Makes a best-effort attempt to apply the configuration contained in the
- * provided entry. Information about the result of this processing should be
- * added to the provided message list. Information should always be added to
- * this list if a configuration change could not be applied. If detailed
- * results are requested, then information about the changes applied
- * successfully (and optionally about parameters that were not changed) should
- * also be included.
- *
- * @param configEntry The entry containing the new configuration to
- * apply for this component.
- * @param detailedResults Indicates whether detailed information about the
- * processing should be added to the list.
- *
- * @return Information about the result of the configuration update.
- */
- public ConfigChangeResult applyNewConfiguration(ConfigEntry configEntry,
- boolean detailedResults)
+ public ConfigChangeResult applyConfigurationChange(
+ FileBasedKeyManagerCfg configuration)
{
ResultCode resultCode = ResultCode.SUCCESS;
boolean adminActionRequired = false;
ArrayList<String> messages = new ArrayList<String>();
- // Make sure that a keystore file was provided.
- String newKeyStoreFile = null;
- int msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_FILE;
- StringConfigAttribute fileStub =
- new StringConfigAttribute(ATTR_KEYSTORE_FILE, getMessage(msgID), true,
- false, false);
+ // Get the path to the key store file.
+ String newKeyStoreFile = configuration.getKeyStoreFile();
try
{
- StringConfigAttribute fileAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(fileStub);
- if ((fileAttr == null) ||
- ((newKeyStoreFile = fileAttr.activeValue()) == null))
- {
- msgID = MSGID_FILE_KEYMANAGER_NO_FILE_ATTR;
- String message = getMessage(msgID, String.valueOf(configEntryDN));
- throw new ConfigException(msgID, message);
- }
-
File f = getFileForPath(newKeyStoreFile);
- if (! (f.exists() && f.isFile()))
+ if (!(f.exists() && f.isFile()))
{
- msgID = MSGID_FILE_KEYMANAGER_NO_SUCH_FILE;
+ resultCode = DirectoryServer.getServerErrorResultCode();
+
+ int msgID = MSGID_FILE_KEYMANAGER_NO_SUCH_FILE;
messages.add(getMessage(msgID, String.valueOf(newKeyStoreFile),
String.valueOf(configEntryDN)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
- }
- }
- }
- catch (ConfigException ce)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ce);
- }
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
}
}
catch (Exception e)
@@ -1199,370 +508,160 @@
TRACER.debugCaught(DebugLogLevel.ERROR, e);
}
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_FILE;
+ resultCode = DirectoryServer.getServerErrorResultCode();
+
+ int msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_FILE;
messages.add(getMessage(msgID, String.valueOf(configEntryDN),
getExceptionMessage(e)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = DirectoryServer.getServerErrorResultCode();
- }
}
-
- // See if a keystore type was provided. It is optional, but if one was
- // provided, then it must be a valid type.
+ // Get the keystore type. If none is specified, then use the default type.
String newKeyStoreType = KeyStore.getDefaultType();
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_TYPE;
- StringConfigAttribute typeStub =
- new StringConfigAttribute(ATTR_KEYSTORE_TYPE, getMessage(msgID),
- false, false, false);
- try
+ if (configuration.getKeyStoreType() != null)
{
- StringConfigAttribute typeAttr =
- (StringConfigAttribute) configEntry.getConfigAttribute(typeStub);
- if (typeAttr != null)
+ try
{
- // A keystore type was specified, so make sure it is valid.
- newKeyStoreType = typeAttr.activeValue();
-
- try
+ KeyStore.getInstance(configuration.getKeyStoreType());
+ newKeyStoreType = configuration.getKeyStoreType();
+ }
+ catch (KeyStoreException kse)
+ {
+ if (debugEnabled())
{
- KeyStore.getInstance(newKeyStoreType);
+ TRACER.debugCaught(DebugLogLevel.ERROR, kse);
}
- catch (KeyStoreException kse)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, kse);
- }
- msgID = MSGID_FILE_KEYMANAGER_INVALID_TYPE;
- messages.add(getMessage(msgID, String.valueOf(newKeyStoreType),
- String.valueOf(configEntryDN),
- getExceptionMessage(kse)));
+ resultCode = DirectoryServer.getServerErrorResultCode();
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
- }
- }
+ int msgID = MSGID_FILE_KEYMANAGER_INVALID_TYPE;
+ messages.add(getMessage(msgID,
+ String.valueOf(configuration.getKeyStoreType()),
+ String.valueOf(configEntryDN),
+ getExceptionMessage(kse)));
}
}
- catch (Exception e)
+
+ // Get the PIN needed to access the contents of the keystore file.
+ //
+ // We will offer several places to look for the PIN, and we will
+ // do so in the following order:
+ //
+ // - In a specified Java property
+ // - In a specified environment variable
+ // - In a specified file on the server filesystem.
+ // - As the value of a configuration attribute.
+ //
+ // In any case, the PIN must be in the clear.
+ char[] newPIN = null;
+
+ if (configuration.getKeyStorePinProperty() != null)
{
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
+ String propertyName = configuration.getKeyStorePinProperty();
+ String pinStr = System.getProperty(propertyName);
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_TYPE;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e)));
-
- if (resultCode == ResultCode.SUCCESS)
+ if (pinStr == null)
{
resultCode = DirectoryServer.getServerErrorResultCode();
+
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_PROPERTY_NOT_SET;
+ messages.add(getMessage(msgID, String.valueOf(propertyName),
+ String.valueOf(configEntryDN)));
+ }
+ else
+ {
+ newPIN = pinStr.toCharArray();
}
}
-
-
- // Make sure that there is some way to determine the PIN. Look for the PIN
- // in a property, environment variable, file, or configuration attribute, in
- // that order.
- char[] newKeyStorePIN = null;
- String newKeyStorePINEnVar = null;
- String newKeyStorePINFile = null;
- String newKeyStorePINProperty = null;
-pinSelection:
+ else if (configuration.getKeyStorePinEnvironmentVariable() != null)
{
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_PROPERTY;
- StringConfigAttribute pinPropertyStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_PROPERTY,
- getMessage(msgID), false, false, false);
- try
+ String enVarName = configuration.getKeyStorePinEnvironmentVariable();
+ String pinStr = System.getenv(enVarName);
+
+ if (pinStr == null)
{
- StringConfigAttribute pinPropertyAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinPropertyStub);
- if (pinPropertyAttr != null)
- {
- String propertyName = pinPropertyAttr.activeValue();
- String pinStr = System.getProperty(propertyName);
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_PROPERTY_NOT_SET;
- messages.add(getMessage(msgID, String.valueOf(propertyName),
- String.valueOf(configEntryDN)));
+ resultCode = DirectoryServer.getServerErrorResultCode();
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
- }
-
- break pinSelection;
- }
- else
- {
- newKeyStorePIN = pinStr.toCharArray();
- newKeyStorePINProperty = propertyName;
- break pinSelection;
- }
- }
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_ENVAR_NOT_SET;
+ messages.add(getMessage(msgID, String.valueOf(enVarName),
+ String.valueOf(configEntryDN)));
}
- catch (Exception e)
+ else
{
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_PROPERTY;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = DirectoryServer.getServerErrorResultCode();
- }
-
- break pinSelection;
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ENVAR;
- StringConfigAttribute pinEnVarStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_ENVAR, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinEnVarAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinEnVarStub);
- if (pinEnVarAttr != null)
- {
- String enVarName = pinEnVarAttr.activeValue();
- String pinStr = System.getenv(enVarName);
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_ENVAR_NOT_SET;
- messages.add(getMessage(msgID, String.valueOf(enVarName),
- String.valueOf(configEntryDN)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
- }
-
- break pinSelection;
- }
- else
- {
- newKeyStorePIN = pinStr.toCharArray();
- newKeyStorePINEnVar = enVarName;
- break pinSelection;
- }
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_ENVAR;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = DirectoryServer.getServerErrorResultCode();
- }
-
- break pinSelection;
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_FILE;
- StringConfigAttribute pinFileStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN_FILE, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinFileAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinFileStub);
- if (pinFileAttr != null)
- {
- String fileName = pinFileAttr.activeValue();
-
- File pinFile = getFileForPath(fileName);
- if (! pinFile.exists())
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_NO_SUCH_FILE;
- messages.add(getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
- }
-
- break pinSelection;
- }
- else
- {
- String pinStr;
-
- try
- {
- BufferedReader br = new BufferedReader(new FileReader(pinFile));
- pinStr = br.readLine();
- br.close();
- }
- catch (IOException ioe)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_CANNOT_READ;
- messages.add(getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN),
- getExceptionMessage(ioe)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = DirectoryServer.getServerErrorResultCode();
- }
-
- break pinSelection;
- }
-
- if (pinStr == null)
- {
- msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_EMPTY;
- messages.add(getMessage(msgID, String.valueOf(fileName),
- String.valueOf(configEntryDN)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
- }
-
- break pinSelection;
- }
- else
- {
- newKeyStorePIN = pinStr.toCharArray();
- newKeyStorePINFile = fileName;
- break pinSelection;
- }
- }
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_FILE;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = DirectoryServer.getServerErrorResultCode();
- }
-
- break pinSelection;
- }
-
- msgID = MSGID_FILE_KEYMANAGER_DESCRIPTION_PIN_ATTR;
- StringConfigAttribute pinStub =
- new StringConfigAttribute(ATTR_KEYSTORE_PIN, getMessage(msgID),
- false, false, false);
- try
- {
- StringConfigAttribute pinAttr =
- (StringConfigAttribute)
- configEntry.getConfigAttribute(pinStub);
- if (pinAttr != null)
- {
- newKeyStorePIN = pinAttr.activeValue().toCharArray();
- break pinSelection;
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- msgID = MSGID_FILE_KEYMANAGER_CANNOT_DETERMINE_PIN_FROM_ATTR;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- getExceptionMessage(e)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = DirectoryServer.getServerErrorResultCode();
- }
-
- break pinSelection;
+ newPIN = pinStr.toCharArray();
}
}
-
- if (newKeyStorePIN == null)
+ else if (configuration.getKeyStorePinFile() != null)
{
- msgID = MSGID_FILE_KEYMANAGER_NO_PIN;
+ String fileName = configuration.getKeyStorePinFile();
+ File pinFile = getFileForPath(fileName);
+
+ if (!pinFile.exists())
+ {
+ resultCode = DirectoryServer.getServerErrorResultCode();
+
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_NO_SUCH_FILE;
+ messages.add(getMessage(msgID, String.valueOf(fileName),
+ String.valueOf(configEntryDN)));
+ }
+ else
+ {
+ String pinStr = null;
+ BufferedReader br = null;
+ try {
+ br = new BufferedReader(new FileReader(pinFile));
+ pinStr = br.readLine();
+ }
+ catch (IOException ioe)
+ {
+ resultCode = DirectoryServer.getServerErrorResultCode();
+
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_CANNOT_READ;
+ messages.add(getMessage(msgID, String.valueOf(fileName),
+ String.valueOf(configEntryDN),
+ getExceptionMessage(ioe)));
+ }
+ finally
+ {
+ try
+ {
+ br.close();
+ } catch (Exception e) {}
+ }
+
+ if (pinStr == null)
+ {
+ resultCode = DirectoryServer.getServerErrorResultCode();
+
+ int msgID = MSGID_FILE_KEYMANAGER_PIN_FILE_EMPTY;
+ messages.add(getMessage(msgID, String.valueOf(fileName),
+ String.valueOf(configEntryDN)));
+ }
+ else
+ {
+ newPIN = pinStr.toCharArray();
+ }
+ }
+ }
+ else if (configuration.getKeyStorePin() != null)
+ {
+ newPIN = configuration.getKeyStorePin().toCharArray();
+ }
+ else
+ {
+ // Pin wasn't defined anywhere.
+ resultCode = DirectoryServer.getServerErrorResultCode();
+
+ int msgID = MSGID_FILE_KEYMANAGER_NO_PIN;
messages.add(getMessage(msgID, String.valueOf(configEntryDN)));
-
- if (resultCode == ResultCode.SUCCESS)
- {
- resultCode = ResultCode.CONSTRAINT_VIOLATION;
- }
}
- // If everything looks successful, then apply the changes.
if (resultCode == ResultCode.SUCCESS)
{
- if (! keyStoreFile.equals(newKeyStoreFile))
- {
- keyStoreFile = newKeyStoreFile;
-
- if (detailedResults)
- {
- msgID = MSGID_FILE_KEYMANAGER_UPDATED_FILE;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- String.valueOf(newKeyStoreFile)));
- }
- }
-
- if (! keyStoreType.equals(newKeyStoreType))
- {
- keyStoreType = newKeyStoreType;
-
- if (detailedResults)
- {
- msgID = MSGID_FILE_KEYMANAGER_UPDATED_TYPE;
- messages.add(getMessage(msgID, String.valueOf(configEntryDN),
- String.valueOf(newKeyStoreType)));
- }
- }
-
- if (! Arrays.equals(keyStorePIN, newKeyStorePIN))
- {
- keyStorePIN = newKeyStorePIN;
-
- keyStorePINProperty = newKeyStorePINProperty;
- keyStorePINEnVar = newKeyStorePINEnVar;
- keyStorePINFile = newKeyStorePINFile;
-
- if (detailedResults)
- {
- msgID = MSGID_FILE_KEYMANAGER_UPDATED_PIN;
- messages.add(getMessage(msgID));
- }
- }
+ currentConfig = configuration;
+ keyStorePIN = newPIN;
+ keyStoreFile = newKeyStoreFile;
+ keyStoreType = newKeyStoreType;
}
--
Gitblit v1.10.0