From 60f5dfd7eaa64aa931033c0e5266391ecbbc96fa Mon Sep 17 00:00:00 2001
From: Nicolas Capponi <nicolas.capponi@forgerock.com>
Date: Wed, 25 Sep 2013 07:31:13 +0000
Subject: [PATCH] Fix OPENDJ-18 - keystore import failes due to empty PIN Review CR-2353

---
 opends/src/server/org/opends/server/extensions/PKCS11KeyManagerProvider.java |   26 +++-----------------------
 1 files changed, 3 insertions(+), 23 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/PKCS11KeyManagerProvider.java b/opends/src/server/org/opends/server/extensions/PKCS11KeyManagerProvider.java
index a212537..2bd9ca5 100644
--- a/opends/src/server/org/opends/server/extensions/PKCS11KeyManagerProvider.java
+++ b/opends/src/server/org/opends/server/extensions/PKCS11KeyManagerProvider.java
@@ -23,7 +23,7 @@
  *
  *
  *      Copyright 2006-2008 Sun Microsystems, Inc.
- *      Portions Copyright 2011 ForgeRock AS
+ *      Portions Copyright 2011-2013 ForgeRock AS
  */
 package org.opends.server.extensions;
 import org.opends.messages.Message;
@@ -192,11 +192,6 @@
       keyStorePIN = pinStr.toCharArray();
     } else if (configuration.getKeyStorePin() != null) {
       keyStorePIN = configuration.getKeyStorePin().toCharArray();
-    } else {
-      // Pin wasn't defined anywhere.
-      Message message =
-          ERR_PKCS11_KEYMANAGER_NO_PIN.get(String.valueOf(configEntryDN));
-      throw new ConfigException(message);
     }
   }
 
@@ -305,6 +300,8 @@
     // - As the value of a configuration attribute.
     //
     // In any case, the PIN must be in the clear.
+    //
+    // It is acceptable to have no PIN (OPENDJ-18)
     if (configuration.getKeyStorePinProperty() != null)
     {
       String propertyName = configuration.getKeyStorePinProperty();
@@ -391,13 +388,6 @@
         configAcceptable = false;
       }
     }
-    else
-    {
-      // Pin wasn't defined anywhere.
-      unacceptableReasons.add(ERR_PKCS11_KEYMANAGER_NO_PIN.get(
-              String.valueOf(cfgEntryDN)));
-      configAcceptable = false;
-    }
 
     return configAcceptable;
   }
@@ -520,16 +510,6 @@
     {
       newPIN = configuration.getKeyStorePin().toCharArray();
     }
-    else
-    {
-      // Pin wasn't defined anywhere.
-      resultCode = DirectoryServer.getServerErrorResultCode();
-
-
-      messages.add(ERR_PKCS11_KEYMANAGER_NO_PIN.get(
-              String.valueOf(configEntryDN)));
-    }
-
 
     if (resultCode == ResultCode.SUCCESS)
     {

--
Gitblit v1.10.0