From ef0a62ee67dbfdda6bcea6935baf0d206d5afc7e Mon Sep 17 00:00:00 2001
From: jvergara <jvergara@localhost>
Date: Mon, 30 Nov 2009 15:51:03 +0000
Subject: [PATCH] Fix for issue 4375 (Consider not using default certificate nick names in configuration) Update ConfigureDS to remove by default the nick names (or to use everywhere the nick name of the user provided certificate).

---
 opends/src/server/org/opends/server/tools/ConfigureDS.java |   89 ++++++++++++++++++++++----------------------
 1 files changed, 44 insertions(+), 45 deletions(-)

diff --git a/opends/src/server/org/opends/server/tools/ConfigureDS.java b/opends/src/server/org/opends/server/tools/ConfigureDS.java
index 7c92a5f..b596376 100644
--- a/opends/src/server/org/opends/server/tools/ConfigureDS.java
+++ b/opends/src/server/org/opends/server/tools/ConfigureDS.java
@@ -1081,39 +1081,49 @@
                     INFO_LDAP_CONNHANDLER_DESCRIPTION_SSL_CERT_NICKNAME.get(),
                 false, false, true, certNickName.getValue());
 
+          DN ldapListenerDN = DN.decode(DN_LDAP_CONNECTION_HANDLER);
+          ConfigEntry configEntry =
+            configHandler.getConfigEntry(ldapListenerDN);
           if (ldapPort.isPresent())
           {
             // Use the key manager specified for the LDAP connection handler.
-            DN ldapListenerDN = DN.decode(DN_LDAP_CONNECTION_HANDLER);
-            ConfigEntry configEntry =
-              configHandler.getConfigEntry(ldapListenerDN);
-
             configEntry.putConfigAttribute(certNickNameAttr);
           }
+          else
+          {
+            configEntry.removeConfigAttribute(
+                ATTR_SSL_CERT_NICKNAME.toLowerCase());
+          }
 
+          // Use the key manager specified for the LDAPS connection handler.
+          DN ldapsListenerDN = DN.decode(DN_LDAPS_CONNECTION_HANDLER);
+          configEntry = configHandler.getConfigEntry(ldapsListenerDN);
           if (ldapsPort.isPresent())
           {
-            // Use the key manager specified for the LDAPS connection handler.
-            DN ldapsListenerDN = DN.decode(DN_LDAPS_CONNECTION_HANDLER);
-            ConfigEntry configEntry =
-              configHandler.getConfigEntry(ldapsListenerDN);
-
             configEntry.putConfigAttribute(certNickNameAttr);
           }
+          else
+          {
+            configEntry.removeConfigAttribute(
+                ATTR_SSL_CERT_NICKNAME.toLowerCase());
+          }
 
+          certNickNameAttr = new StringConfigAttribute(ATTR_SSL_CERT_NICKNAME,
+              INFO_JMX_CONNHANDLER_DESCRIPTION_SSL_CERT_NICKNAME.get(),
+                  false, false, true, certNickName.getValue());
+
+          // Use the key manager specified for the JMX connection handler.
+          DN jmxListenerDN = DN.decode(DN_JMX_CONNECTION_HANDLER);
+          configEntry = configHandler.getConfigEntry(jmxListenerDN);
           if (jmxPort.isPresent())
           {
-            certNickNameAttr = new StringConfigAttribute(ATTR_SSL_CERT_NICKNAME,
-                INFO_JMX_CONNHANDLER_DESCRIPTION_SSL_CERT_NICKNAME.get(),
-                    false, false, true, certNickName.getValue());
-
-            // Use the key manager specified for the JMX connection handler.
-            DN jmxListenerDN = DN.decode(DN_JMX_CONNECTION_HANDLER);
-            ConfigEntry configEntry =
-              configHandler.getConfigEntry(jmxListenerDN);
-
             configEntry.putConfigAttribute(certNickNameAttr);
           }
+          else
+          {
+            configEntry.removeConfigAttribute(
+                ATTR_SSL_CERT_NICKNAME.toLowerCase());
+          }
         }
         catch (Exception e)
         {
@@ -1127,38 +1137,27 @@
       {
         try
         {
-          if (ldapPort.isPresent())
-          {
-            // Use the key manager specified for the LDAP connection handler.
-            DN ldapListenerDN = DN.decode(DN_LDAP_CONNECTION_HANDLER);
-            ConfigEntry configEntry =
-              configHandler.getConfigEntry(ldapListenerDN);
+          // Use the key manager specified for the LDAP connection handler.
+          DN ldapListenerDN = DN.decode(DN_LDAP_CONNECTION_HANDLER);
+          ConfigEntry configEntry =
+            configHandler.getConfigEntry(ldapListenerDN);
 
-            configEntry.removeConfigAttribute(
-                ATTR_SSL_CERT_NICKNAME.toLowerCase());
-          }
+          configEntry.removeConfigAttribute(
+              ATTR_SSL_CERT_NICKNAME.toLowerCase());
 
-          if (ldapsPort.isPresent())
-          {
-            // Use the key manager specified for the LDAPS connection handler.
-            DN ldapsListenerDN = DN.decode(DN_LDAPS_CONNECTION_HANDLER);
-            ConfigEntry configEntry =
-              configHandler.getConfigEntry(ldapsListenerDN);
+          // Use the key manager specified for the LDAPS connection handler.
+          DN ldapsListenerDN = DN.decode(DN_LDAPS_CONNECTION_HANDLER);
+          configEntry = configHandler.getConfigEntry(ldapsListenerDN);
 
-            configEntry.removeConfigAttribute(
-                ATTR_SSL_CERT_NICKNAME.toLowerCase());
-          }
+          configEntry.removeConfigAttribute(
+              ATTR_SSL_CERT_NICKNAME.toLowerCase());
 
-          if (jmxPort.isPresent())
-          {
-            // Use the key manager specified for the JMX connection handler.
-            DN jmxListenerDN = DN.decode(DN_JMX_CONNECTION_HANDLER);
-            ConfigEntry configEntry =
-              configHandler.getConfigEntry(jmxListenerDN);
+          // Use the key manager specified for the JMX connection handler.
+          DN jmxListenerDN = DN.decode(DN_JMX_CONNECTION_HANDLER);
+          configEntry = configHandler.getConfigEntry(jmxListenerDN);
 
-            configEntry.removeConfigAttribute(
-                ATTR_SSL_CERT_NICKNAME.toLowerCase());
-          }
+          configEntry.removeConfigAttribute(
+              ATTR_SSL_CERT_NICKNAME.toLowerCase());
         }
         catch (Exception e)
         {

--
Gitblit v1.10.0