From f7036e50348484f4daf39f9e8457de602ab83939 Mon Sep 17 00:00:00 2001
From: coulbeck <coulbeck@localhost>
Date: Tue, 28 Aug 2007 15:54:13 +0000
Subject: [PATCH] Changes for replication security issues 511, 512, 608.
---
opends/src/server/org/opends/server/replication/protocol/ReplServerStartMessage.java | 41 ++++++++++++++++++++++++++++++++++++++---
1 files changed, 38 insertions(+), 3 deletions(-)
diff --git a/opends/src/server/org/opends/server/replication/protocol/ReplServerStartMessage.java b/opends/src/server/org/opends/server/replication/protocol/ReplServerStartMessage.java
index 013d4cd..96140c3 100644
--- a/opends/src/server/org/opends/server/replication/protocol/ReplServerStartMessage.java
+++ b/opends/src/server/org/opends/server/replication/protocol/ReplServerStartMessage.java
@@ -43,12 +43,18 @@
{
private static final long serialVersionUID = -5871385537169856856L;
- private String baseDn = null;
private short serverId;
private String serverURL;
+ private String baseDn = null;
+ private int windowSize;
private ServerState serverState;
- private int windowSize;
+ /**
+ * Whether to continue using SSL to encrypt messages after the start
+ * messages have been exchanged.
+ */
+ private boolean sslEncryption;
+
/**
* Create a ReplServerStartMessage.
@@ -59,11 +65,14 @@
* @param windowSize The window size.
* @param serverState our ServerState for this baseDn.
* @param protocolVersion The replication protocol version of the creator.
+ * @param sslEncryption Whether to continue using SSL to encrypt messages
+ * after the start messages have been exchanged.
*/
public ReplServerStartMessage(short serverId, String serverURL, DN baseDn,
int windowSize,
ServerState serverState,
- short protocolVersion)
+ short protocolVersion,
+ boolean sslEncryption)
{
super(protocolVersion);
this.serverId = serverId;
@@ -74,6 +83,7 @@
this.baseDn = null;
this.windowSize = windowSize;
this.serverState = serverState;
+ this.sslEncryption = sslEncryption;
}
/**
@@ -125,6 +135,13 @@
pos += length +1;
/*
+ * read the sslEncryption setting
+ */
+ length = getNextLength(in, pos);
+ sslEncryption = Boolean.valueOf(new String(in, pos, length, "UTF-8"));
+ pos += length +1;
+
+ /*
* read the ServerState
*/
serverState = new ServerState(in, pos, in.length-1);
@@ -194,9 +211,12 @@
byte[] byteServerUrl = serverURL.getBytes("UTF-8");
byte[] byteServerState = serverState.getBytes();
byte[] byteWindowSize = String.valueOf(windowSize).getBytes("UTF-8");
+ byte[] byteSSLEncryption =
+ String.valueOf(sslEncryption).getBytes("UTF-8");
int length = byteDn.length + 1 + byteServerId.length + 1 +
byteServerUrl.length + 1 + byteWindowSize.length + 1 +
+ byteSSLEncryption.length + 1 +
byteServerState.length + 1;
/* encode the header in a byte[] large enough to also contain the mods */
@@ -215,6 +235,9 @@
/* put the window size */
pos = addByteArray(byteWindowSize, resultByteArray, pos);
+ /* put the SSL Encryption setting */
+ pos = addByteArray(byteSSLEncryption, resultByteArray, pos);
+
/* put the ServerState */
pos = addByteArray(byteServerState, resultByteArray, pos);
@@ -235,4 +258,16 @@
{
return windowSize;
}
+
+ /**
+ * Get the SSL encryption value for the server that created the
+ * message.
+ *
+ * @return The SSL encryption value for the server that created the
+ * message.
+ */
+ public boolean getSSLEncryption()
+ {
+ return sslEncryption;
+ }
}
--
Gitblit v1.10.0