From f73b655466092169abac34833fb628fce1fcdebe Mon Sep 17 00:00:00 2001
From: jcduff <jcduff@localhost>
Date: Thu, 23 Oct 2008 14:04:24 +0000
Subject: [PATCH] The commit will bring the following features :     - An updated version of the underlying database. BDB JE 3.3 is now used.     - Attribute API refactoring providing a better abstraction and offering improved performances.     - A new GUI called the Control-Panel to replace the Status-Panel: the specifications for this       GUI are available on OpenDS Wiki and contains a link to a mockup.        See <https://www.opends.org/wiki/page/ControlPanelUISpecification>.     - Some changes in the replication protocol to implement "Assured Replication Mode". The        specifications are on OpenDS Wiki at <https://www.opends.org/wiki/page/AssuredMode> and section 7       described some of the replication changes required to support this. Assured Replication is not finished,       but the main replication protocol changes to support it are done. As explained by Gilles on an email on       the Dev mailing list (http://markmail.org/message/46rgo3meq3vriy4a), with these changes the newer versions       of OpenDS may not be able to replicate with OpenDS 1.0 instances.     - Support for Service Tags on the platforms where the functionality is available and enabled. Specifications       are published at <https://www.opends.org/wiki/page/OpenDSServiceTagEnabled>. For more information on       Service Tags see <http://wikis.sun.com/display/ServiceTag/Sun+Service+Tag+FAQ>.     - The Admin Connector service. In order to provide agentry of the OpenDS server at any time, a new service       has been added, dedicated to the administration, configuration and monitoring of the server.       An overview of the Admin Connector service and it's use is available on the       OpenDS wiki <https://www.opends.org/wiki/page/ManagingAdministrationTrafficToTheServer>     - Updates to the various command line tools to support the Admin Connector service.     - Some internal re-architecting of the server to put the foundation of future developments such as virtual       directory services. The new NetworkGroups and WorkFlow internal services which have been specified in       <https://www.opends.org/wiki/page/BasicOperationRoutingThroughNetworkGroup> are now implemented.     - Many bug fixes...

---
 opends/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java |   39 ++++++++++++++++++++++++++++++---------
 1 files changed, 30 insertions(+), 9 deletions(-)

diff --git a/opends/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java b/opends/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java
index 4c89e6d..6257fc3 100644
--- a/opends/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java
+++ b/opends/src/server/org/opends/server/tools/dsconfig/LDAPManagementContextFactory.java
@@ -56,6 +56,8 @@
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.TrustManager;
 import java.util.LinkedHashSet;
+import javax.net.ssl.SSLException;
+import javax.net.ssl.SSLHandshakeException;
 
 
 /**
@@ -73,11 +75,17 @@
   // The connection parameters command builder.
   private CommandBuilder contextCommandBuilder;
 
+  // This CLI is always using the administration connector with SSL
+  private boolean alwaysSSL = false;
+
   /**
    * Creates a new LDAP management context factory.
+   *
+   * @param alwaysSSL If true, always use the SSL connection type. In this case,
+   * the arguments useSSL and startTLS are not present.
    */
-  public LDAPManagementContextFactory() {
-    // No implementation required.
+  public LDAPManagementContextFactory(boolean alwaysSSL) {
+    this.alwaysSSL = alwaysSSL;
   }
 
   /**
@@ -194,18 +202,31 @@
                     continue ;
                   }
               }
-              else
-              {
-                Message message = ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT.get(
+            }
+            if (e.getRootCause() != null) {
+              if (e.getRootCause().getCause() != null) {
+                if (((e.getRootCause().getCause()
+                  instanceof OpendsCertificateException)) ||
+                  (e.getRootCause() instanceof SSLHandshakeException)) {
+                  Message message =
+                    ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_NOT_TRUSTED.get(
                     hostName, String.valueOf(portNumber));
-                throw new ClientException(
+                  throw new ClientException(
                     LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
+                }
+              }
+              if (e.getRootCause() instanceof SSLException) {
+                Message message =
+                  ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT_WRONG_PORT.get(
+                  hostName, String.valueOf(portNumber));
+                throw new ClientException(
+                  LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
               }
             }
             Message message = ERR_DSCFG_ERROR_LDAP_FAILED_TO_CONNECT.get(
-                hostName, String.valueOf(portNumber));
+              hostName, String.valueOf(portNumber));
             throw new ClientException(
-                LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
+              LDAPResultCode.CLIENT_SIDE_CONNECT_ERROR, message);
           }
         }
       }
@@ -309,7 +330,7 @@
   public void registerGlobalArguments(SubCommandArgumentParser parser)
       throws ArgumentException {
     // Create the global arguments.
-    secureArgsList = new SecureConnectionCliArgs();
+    secureArgsList = new SecureConnectionCliArgs(alwaysSSL);
     LinkedHashSet<Argument> args = secureArgsList.createGlobalArguments();
 
 

--
Gitblit v1.10.0