From f73b655466092169abac34833fb628fce1fcdebe Mon Sep 17 00:00:00 2001
From: jcduff <jcduff@localhost>
Date: Thu, 23 Oct 2008 14:04:24 +0000
Subject: [PATCH] The commit will bring the following features :     - An updated version of the underlying database. BDB JE 3.3 is now used.     - Attribute API refactoring providing a better abstraction and offering improved performances.     - A new GUI called the Control-Panel to replace the Status-Panel: the specifications for this       GUI are available on OpenDS Wiki and contains a link to a mockup.        See <https://www.opends.org/wiki/page/ControlPanelUISpecification>.     - Some changes in the replication protocol to implement "Assured Replication Mode". The        specifications are on OpenDS Wiki at <https://www.opends.org/wiki/page/AssuredMode> and section 7       described some of the replication changes required to support this. Assured Replication is not finished,       but the main replication protocol changes to support it are done. As explained by Gilles on an email on       the Dev mailing list (http://markmail.org/message/46rgo3meq3vriy4a), with these changes the newer versions       of OpenDS may not be able to replicate with OpenDS 1.0 instances.     - Support for Service Tags on the platforms where the functionality is available and enabled. Specifications       are published at <https://www.opends.org/wiki/page/OpenDSServiceTagEnabled>. For more information on       Service Tags see <http://wikis.sun.com/display/ServiceTag/Sun+Service+Tag+FAQ>.     - The Admin Connector service. In order to provide agentry of the OpenDS server at any time, a new service       has been added, dedicated to the administration, configuration and monitoring of the server.       An overview of the Admin Connector service and it's use is available on the       OpenDS wiki <https://www.opends.org/wiki/page/ManagingAdministrationTrafficToTheServer>     - Updates to the various command line tools to support the Admin Connector service.     - Some internal re-architecting of the server to put the foundation of future developments such as virtual       directory services. The new NetworkGroups and WorkFlow internal services which have been specified in       <https://www.opends.org/wiki/page/BasicOperationRoutingThroughNetworkGroup> are now implemented.     - Many bug fixes...

---
 opends/src/server/org/opends/server/tools/StopDS.java |   95 +++++++++++++----------------------------------
 1 files changed, 27 insertions(+), 68 deletions(-)

diff --git a/opends/src/server/org/opends/server/tools/StopDS.java b/opends/src/server/org/opends/server/tools/StopDS.java
index bad879c..90b7f23 100644
--- a/opends/src/server/org/opends/server/tools/StopDS.java
+++ b/opends/src/server/org/opends/server/tools/StopDS.java
@@ -40,6 +40,7 @@
 import java.util.UUID;
 import java.util.concurrent.atomic.AtomicInteger;
 
+import javax.net.ssl.SSLException;
 import org.opends.server.controls.ProxiedAuthV2Control;
 import org.opends.server.core.DirectoryServer;
 import org.opends.server.core.LockFileManager;
@@ -215,8 +216,6 @@
     BooleanArgument   restart;
     BooleanArgument   showUsage;
     BooleanArgument   trustAll;
-    BooleanArgument   useSSL;
-    BooleanArgument   useStartTLS;
     FileBasedArgument bindPWFile;
     FileBasedArgument keyStorePWFile;
     FileBasedArgument trustStorePWFile;
@@ -266,19 +265,6 @@
       port.setPropertyName(OPTION_LONG_PORT);
       argParser.addArgument(port);
 
-      useSSL = new BooleanArgument("usessl", OPTION_SHORT_USE_SSL,
-                                   OPTION_LONG_USE_SSL,
-                                   INFO_STOPDS_DESCRIPTION_USESSL.get());
-      useSSL.setPropertyName(OPTION_LONG_USE_SSL);
-      argParser.addArgument(useSSL);
-
-      useStartTLS = new BooleanArgument(
-              "usestarttls", OPTION_SHORT_START_TLS,
-              OPTION_LONG_START_TLS,
-              INFO_STOPDS_DESCRIPTION_USESTARTTLS.get());
-      useStartTLS.setPropertyName(OPTION_LONG_START_TLS);
-      argParser.addArgument(useStartTLS);
-
       bindDN = new StringArgument("binddn", OPTION_SHORT_BINDDN,
                                   OPTION_LONG_BINDDN, false, false, true,
                                   INFO_BINDDN_PLACEHOLDER.get(), null, null,
@@ -544,60 +530,26 @@
     connectionOptions.setVersionNumber(3);
 
 
-    // See if we should use SSL or StartTLS when establishing the connection.
-    // If so, then make sure only one of them was specified.
-    if (useSSL.isPresent())
-    {
-      if (useStartTLS.isPresent())
-      {
-        Message message = ERR_STOPDS_MUTUALLY_EXCLUSIVE_ARGUMENTS.get(
-                useSSL.getLongIdentifier(),
-                useStartTLS.getLongIdentifier());
-        err.println(wrapText(message, MAX_LINE_WIDTH));
-        return LDAPResultCode.CLIENT_SIDE_PARAM_ERROR;
+    try {
+      String clientAlias;
+      if (certNickname.isPresent()) {
+        clientAlias = certNickname.getValue();
+      } else {
+        clientAlias = null;
       }
-      else
-      {
-        connectionOptions.setUseSSL(true);
-      }
-    }
-    else if (useStartTLS.isPresent())
-    {
-      connectionOptions.setStartTLS(true);
-    }
 
+      SSLConnectionFactory sslConnectionFactory = new SSLConnectionFactory();
+      sslConnectionFactory.init(trustAll.isPresent(), keyStoreFile.getValue(),
+        keyStorePW.getValue(), clientAlias,
+        trustStoreFile.getValue(),
+        trustStorePW.getValue());
 
-    // If we should blindly trust any certificate, then install the appropriate
-    // SSL connection factory.
-    if (useSSL.isPresent() || useStartTLS.isPresent())
-    {
-      try
-      {
-        String clientAlias;
-        if (certNickname.isPresent())
-        {
-          clientAlias = certNickname.getValue();
-        }
-        else
-        {
-          clientAlias = null;
-        }
-
-        SSLConnectionFactory sslConnectionFactory = new SSLConnectionFactory();
-        sslConnectionFactory.init(trustAll.isPresent(), keyStoreFile.getValue(),
-                                  keyStorePW.getValue(), clientAlias,
-                                  trustStoreFile.getValue(),
-                                  trustStorePW.getValue());
-
-        connectionOptions.setSSLConnectionFactory(sslConnectionFactory);
-      }
-      catch (SSLConnectionException sce)
-      {
-        Message message =
-                ERR_STOPDS_CANNOT_INITIALIZE_SSL.get(sce.getMessage());
-        err.println(wrapText(message, MAX_LINE_WIDTH));
-        return LDAPResultCode.CLIENT_SIDE_LOCAL_ERROR;
-      }
+      connectionOptions.setSSLConnectionFactory(sslConnectionFactory);
+    } catch (SSLConnectionException sce) {
+      Message message =
+        ERR_STOPDS_CANNOT_INITIALIZE_SSL.get(sce.getMessage());
+      err.println(wrapText(message, MAX_LINE_WIDTH));
+      return LDAPResultCode.CLIENT_SIDE_LOCAL_ERROR;
     }
 
 
@@ -669,9 +621,16 @@
     }
     catch (LDAPConnectionException lce)
     {
-      String hostPort = host.getValue() + ":" + port.getValue();
-      Message message = ERR_STOPDS_CANNOT_CONNECT.get(hostPort,
+      Message message = null;
+      if ((lce.getCause() != null) && (lce.getCause().getCause() != null) &&
+        lce.getCause().getCause() instanceof SSLException) {
+      message = ERR_STOPDS_CANNOT_CONNECT_SSL.get(host.getValue(),
+        port.getValue());
+      } else {
+        String hostPort = host.getValue() + ":" + port.getValue();
+        message = ERR_STOPDS_CANNOT_CONNECT.get(hostPort,
           lce.getMessage());
+      }
       err.println(wrapText(message, MAX_LINE_WIDTH));
       return LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR;
     }

--
Gitblit v1.10.0