From d3a10338d643cf04e89e577ba496c547e0bf7516 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Wed, 28 Feb 2007 21:01:32 +0000
Subject: [PATCH] Add a new key manager which provides the ability to specify which certificate should be presented based on its alias (aka its nickname).  This is used both by server-side code which needs to present a certificate to clients, as well as by client-side code which needs to present a certificate to the server.

---
 opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java |  110 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 109 insertions(+), 1 deletions(-)

diff --git a/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java b/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java
index 212f5fa..b0b096b 100644
--- a/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java
+++ b/opends/tests/unit-tests-testng/src/server/org/opends/server/tools/LDAPModifyTestCase.java
@@ -22,7 +22,7 @@
  * CDDL HEADER END
  *
  *
- *      Portions Copyright 2006 Sun Microsystems, Inc.
+ *      Portions Copyright 2006-2007 Sun Microsystems, Inc.
  */
 package org.opends.server.tools;
 
@@ -562,6 +562,114 @@
 
 
   /**
+   * Tests a simple modify operation over SSL using a trust store and SASL
+   * EXTERNAL while explicitly specifying a valid client certificate.
+   *
+   * @throws  Exception  If an unexpected problem occurs.
+   */
+  @Test()
+  public void testSSLTrustStoreSASLExternalValidClientCert()
+         throws Exception
+  {
+    TestCaseUtils.initializeTestBackend(true);
+
+    Entry e = TestCaseUtils.makeEntry(
+         "dn: cn=Test User,o=test",
+         "objectClass: top",
+         "objectClass: person",
+         "objectClass: organizationalPerson",
+         "objectClass: inetOrgPerson",
+         "cn: Test User",
+         "givenName: Test",
+         "ds-privilege-name: bypass-acl",
+         "sn: User");
+
+    InternalClientConnection conn =
+         InternalClientConnection.getRootConnection();
+    AddOperation addOperation =
+         conn.processAdd(e.getDN(), e.getObjectClasses(), e.getUserAttributes(),
+                         e.getOperationalAttributes());
+    assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+
+
+    String keyStorePath   = DirectoryServer.getServerRoot() + File.separator +
+                            "config" + File.separator + "client.keystore";
+    String trustStorePath = DirectoryServer.getServerRoot() + File.separator +
+                            "config" + File.separator + "client.truststore";
+
+    String[] args =
+    {
+      "-h", "127.0.0.1",
+      "-p", String.valueOf(TestCaseUtils.getServerLdapsPort()),
+      "-Z",
+      "-K", keyStorePath,
+      "-W", "password",
+      "-N", "client-cert",
+      "-P", trustStorePath,
+      "-r",
+      "-f", modifyFilePath
+    };
+
+    assertEquals(LDAPModify.mainModify(args, false, null, System.err), 0);
+  }
+
+
+
+  /**
+   * Tests a simple modify operation over SSL using a trust store and SASL
+   * EXTERNAL while explicitly specifying an invalid client certificate.
+   *
+   * @throws  Exception  If an unexpected problem occurs.
+   */
+  @Test()
+  public void testSSLTrustStoreSASLExternalInvalidClientCert()
+         throws Exception
+  {
+    TestCaseUtils.initializeTestBackend(true);
+
+    Entry e = TestCaseUtils.makeEntry(
+         "dn: cn=Test User,o=test",
+         "objectClass: top",
+         "objectClass: person",
+         "objectClass: organizationalPerson",
+         "objectClass: inetOrgPerson",
+         "cn: Test User",
+         "givenName: Test",
+         "ds-privilege-name: bypass-acl",
+         "sn: User");
+
+    InternalClientConnection conn =
+         InternalClientConnection.getRootConnection();
+    AddOperation addOperation =
+         conn.processAdd(e.getDN(), e.getObjectClasses(), e.getUserAttributes(),
+                         e.getOperationalAttributes());
+    assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
+
+
+    String keyStorePath   = DirectoryServer.getServerRoot() + File.separator +
+                            "config" + File.separator + "client.keystore";
+    String trustStorePath = DirectoryServer.getServerRoot() + File.separator +
+                            "config" + File.separator + "client.truststore";
+
+    String[] args =
+    {
+      "-h", "127.0.0.1",
+      "-p", String.valueOf(TestCaseUtils.getServerLdapsPort()),
+      "-Z",
+      "-K", keyStorePath,
+      "-W", "password",
+      "-N", "invalid",
+      "-P", trustStorePath,
+      "-r",
+      "-f", modifyFilePath
+    };
+
+    assertFalse(LDAPModify.mainModify(args, false, null, null) == 0);
+  }
+
+
+
+  /**
    * Tests a simple modify operation with StartTLS using a trust store and SASL
    * EXTERNAL.
    *

--
Gitblit v1.10.0