From 1845c6eb44ec8841e67f0f95d05a662f79fca85b Mon Sep 17 00:00:00 2001
From: jvergara <jvergara@localhost>
Date: Tue, 13 Nov 2007 01:46:38 +0000
Subject: [PATCH] Remove some unused methods. Fix a bug in the uninstall and dsreplication. When the user connected to the servers using LDAP, a null trust manager was used to load the topology (so all certificates were accepted). The code has been fixed to prompt the user to accept non trusted certificates.
---
opendj-sdk/opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java | 19 +++
opendj-sdk/opends/src/guitools/org/opends/guitools/replicationcli/ReplicationCliMain.java | 192 +++++++-------------------------------
opendj-sdk/opends/src/guitools/org/opends/guitools/uninstaller/UninstallCliHelper.java | 79 ++++++++++-----
3 files changed, 108 insertions(+), 182 deletions(-)
diff --git a/opendj-sdk/opends/src/guitools/org/opends/guitools/replicationcli/ReplicationCliMain.java b/opendj-sdk/opends/src/guitools/org/opends/guitools/replicationcli/ReplicationCliMain.java
index 5c82604..7603fcb 100644
--- a/opendj-sdk/opends/src/guitools/org/opends/guitools/replicationcli/ReplicationCliMain.java
+++ b/opendj-sdk/opends/src/guitools/org/opends/guitools/replicationcli/ReplicationCliMain.java
@@ -112,9 +112,6 @@
import org.opends.server.util.cli.CLIException;
import org.opends.server.util.cli.ConsoleApplication;
import org.opends.server.util.cli.LDAPConnectionConsoleInteraction;
-import org.opends.server.util.cli.Menu;
-import org.opends.server.util.cli.MenuBuilder;
-import org.opends.server.util.cli.MenuResult;
import org.opends.server.util.table.TableBuilder;
import org.opends.server.util.table.TextTablePrinter;
@@ -137,6 +134,8 @@
/** Suffix for log files. */
static public final String LOG_FILE_SUFFIX = ".log";
+ private boolean forceNonInteractive;
+
private static final Logger LOG =
Logger.getLogger(ReplicationCliMain.class.getName());
@@ -1930,6 +1929,13 @@
int port = ConnectionUtils.getPort(ctx[0]);
boolean isSSL = ConnectionUtils.isSSL(ctx[0]);
boolean isStartTLS = ConnectionUtils.isStartTLS(ctx[0]);
+ if (getTrustManager() == null)
+ {
+ // This is required when the user did connect to the server using SSL or
+ // Start TLS. In this case LDAPConnectionInteraction.run does not
+ // initialize the keystore and the trust manager is null.
+ forceTrustManagerInitialization();
+ }
try
{
ADSContext adsContext = new ADSContext(ctx[0]);
@@ -5806,11 +5812,16 @@
* {@inheritDoc}
*/
public boolean isInteractive() {
- return argParser.isInteractive();
+ if (forceNonInteractive)
+ {
+ return false;
+ }
+ else
+ {
+ return argParser.isInteractive();
+ }
}
-
-
/**
* {@inheritDoc}
*/
@@ -5846,27 +5857,6 @@
}
/**
- * Prompts the user to give a value.
- * @param defaultValue the default value that will be proposed in the prompt
- * message.
- * @return the String as provided by the user or the defaultValue if an error.
- * occurred reading the input.
- */
- private String promptForString(Message prompt, String defaultValue)
- {
- String s = defaultValue;
- try
- {
- s = readInput(prompt, defaultValue);
- }
- catch (CLIException ce)
- {
- LOG.log(Level.WARNING, "Error reading input: "+ce, ce);
- }
- return s;
- }
-
- /**
* Commodity method used to repeatidly ask the user to provide a port value.
* @param prompt the prompt message.
* @param defaultValue the default value of the port to be proposed to the
@@ -5935,135 +5925,6 @@
}
/**
- * Enumeration description protocols for interactive CLI choices.
- */
- private enum Protocols
- {
- LDAP(1, INFO_LDAP_CONN_PROMPT_SECURITY_LDAP.get()), SSL(2,
- INFO_LDAP_CONN_PROMPT_SECURITY_USE_SSL.get()), START_TLS(3,
- INFO_LDAP_CONN_PROMPT_SECURITY_USE_START_TLS.get());
-
- private Integer choice;
-
- private Message msg;
-
- /**
- * Private constructor.
- *
- * @param i
- * the menu return value.
- * @param msg
- * the message message.
- */
- private Protocols(int i, Message msg)
- {
- choice = i;
- this.msg = msg;
- }
-
- /**
- * Returns the choice number.
- *
- * @return the attribute name.
- */
- public Integer getChoice()
- {
- return choice;
- }
-
- /**
- * Return the menu message.
- *
- * @return the menu message.
- */
- public Message getMenuMessage()
- {
- return msg;
- }
- }
-
- private Protocols askProtocol(Message prompt, boolean isSecure,
- boolean isStartTLS)
- {
- Protocols protocol;
- MenuBuilder<Integer> builder = new MenuBuilder<Integer>(this);
- builder.setPrompt(prompt);
-
- Protocols defaultProtocol = Protocols.LDAP;
- if (isSecure)
- {
- defaultProtocol = Protocols.SSL;
- }
- else if (isStartTLS)
- {
- defaultProtocol = Protocols.START_TLS;
- }
- for (Protocols p : Protocols.values())
- {
- int i = builder.addNumberedOption(p.getMenuMessage(), MenuResult
- .success(p.getChoice()));
- if (p.equals(defaultProtocol))
- {
- builder.setDefault(
- INFO_LDAP_CONN_PROMPT_SECURITY_PROTOCOL_DEFAULT_CHOICE
- .get(i), MenuResult.success(p.getChoice()));
- }
- }
-
- Menu<Integer> menu = builder.toMenu();
- try
- {
- MenuResult<Integer> result = menu.run();
- if (result.isSuccess())
- {
- if (result.getValue().equals(Protocols.SSL.getChoice()))
- {
- protocol = Protocols.SSL;
- }
- else if (result.getValue()
- .equals(Protocols.START_TLS.getChoice()))
- {
- protocol = Protocols.START_TLS;
- }
- else
- {
- protocol = Protocols.LDAP;
- }
- }
- else
- {
- // Should never happen.
- throw new RuntimeException();
- }
- }
- catch (CLIException e)
- {
- throw new RuntimeException(e);
- }
- return protocol;
- }
-
- /**
- * Displays the provided header if is was not already displayed. This method
- * just is used for refactoring this small bit of code.
- * @param msg the heading to be displayed.
- * @param wasDisplayed whether this heading was already displayed or not.
- * @return <CODE>true</CODE> if the message was displayed and
- * <CODE>false</CODE> otherwise.
- */
- private boolean checkHeadingDisplay(Message msg, boolean wasDisplayed)
- {
- if (!wasDisplayed)
- {
- println(msg);
- println();
- println();
- }
- wasDisplayed = true;
- return wasDisplayed;
- }
-
- /**
* Resets the connection parameters for the LDAPConsoleInteraction object.
* The reset does not apply to the certificate parameters. This is called
* in order the LDAPConnectionConsoleInteraction object to ask for all this
@@ -6132,4 +5993,23 @@
argParser.getSecureArgsList().bindPasswordArg.setPresent(true);
}
}
+
+
+ /**
+ * Forces the initialization of the trust manager in the
+ * LDAPConnectionInteraction object.
+ */
+ private void forceTrustManagerInitialization()
+ {
+ forceNonInteractive = true;
+ try
+ {
+ ci.initializeTrustManagerIfRequired();
+ }
+ catch (ArgumentException ae)
+ {
+ LOG.log(Level.WARNING, "Error initializing trust store: "+ae, ae);
+ }
+ forceNonInteractive = false;
+ }
}
diff --git a/opendj-sdk/opends/src/guitools/org/opends/guitools/uninstaller/UninstallCliHelper.java b/opendj-sdk/opends/src/guitools/org/opends/guitools/uninstaller/UninstallCliHelper.java
index cc7600d..69504f1 100644
--- a/opendj-sdk/opends/src/guitools/org/opends/guitools/uninstaller/UninstallCliHelper.java
+++ b/opendj-sdk/opends/src/guitools/org/opends/guitools/uninstaller/UninstallCliHelper.java
@@ -92,6 +92,8 @@
private UninstallerArgumentParser parser;
+ private boolean forceNonInteractive;
+
private LDAPConnectionConsoleInteraction ci = null;
/**
@@ -370,7 +372,7 @@
((i == 7) && (outsideLogs.size() == 0));
if (!ignore)
{
- answers[i] = confirm(msgs[i], true);
+ answers[i] = askConfirmation(msgs[i], true, LOG);
}
else
{
@@ -619,7 +621,7 @@
*/
private boolean confirmToStopServer()
{
- return confirm(INFO_CLI_UNINSTALL_CONFIRM_STOP.get(), true);
+ return askConfirmation(INFO_CLI_UNINSTALL_CONFIRM_STOP.get(), true, LOG);
}
/**
@@ -629,7 +631,8 @@
*/
private boolean confirmDeleteFiles()
{
- return confirm(INFO_CLI_UNINSTALL_CONFIRM_DELETE_FILES.get(), true);
+ return askConfirmation(INFO_CLI_UNINSTALL_CONFIRM_DELETE_FILES.get(), true,
+ LOG);
}
/**
@@ -639,7 +642,8 @@
*/
private boolean confirmToUpdateRemote()
{
- return confirm(INFO_CLI_UNINSTALL_CONFIRM_UPDATE_REMOTE.get(), true);
+ return askConfirmation(INFO_CLI_UNINSTALL_CONFIRM_UPDATE_REMOTE.get(), true,
+ LOG);
}
/**
@@ -649,8 +653,8 @@
*/
private boolean confirmToUpdateRemoteAndStart()
{
- return confirm(
- INFO_CLI_UNINSTALL_CONFIRM_UPDATE_REMOTE_AND_START.get(), true);
+ return askConfirmation(
+ INFO_CLI_UNINSTALL_CONFIRM_UPDATE_REMOTE_AND_START.get(), true, LOG);
}
/**
@@ -660,22 +664,8 @@
*/
private boolean promptToProvideAuthenticationAgain()
{
- return confirm(INFO_UNINSTALL_CONFIRM_PROVIDE_AUTHENTICATION_AGAIN.get(),
- true);
- }
-
- private boolean confirm(Message msg, boolean defaultValue)
- {
- boolean v = defaultValue;
- try
- {
- v = confirmAction(msg, defaultValue);
- }
- catch (CLIException ce)
- {
- LOG.log(Level.WARNING, "Error reading input: "+ce, ce);
- }
- return v;
+ return askConfirmation(
+ INFO_UNINSTALL_CONFIRM_PROVIDE_AUTHENTICATION_AGAIN.get(), true, LOG);
}
/**
@@ -1024,6 +1014,15 @@
pwd, userData.getTrustManager());
ADSContext adsContext = new ADSContext(ctx);
+ if (interactive && (userData.getTrustManager() == null))
+ {
+ // This is required when the user did connect to the server using SSL
+ // or Start TLS in interactive mode. In this case
+ // LDAPConnectionInteraction.run does not initialize the keystore and
+ // the trust manager is null.
+ forceTrustManagerInitialization();
+ updateTrustManager(userData, ci);
+ }
TopologyCache cache = new TopologyCache(adsContext,
userData.getTrustManager());
cache.reloadTopology();
@@ -1103,7 +1102,8 @@
}
else
{
- accepted = confirm(ERR_UNINSTALL_NOT_UPDATE_REMOTE_PROMPT.get(), false);
+ accepted = askConfirmation(ERR_UNINSTALL_NOT_UPDATE_REMOTE_PROMPT.get(),
+ false, LOG);
}
}
userData.setUpdateRemoteReplication(accepted);
@@ -1199,10 +1199,10 @@
if (!stopProcessing && (exceptionMsgs.size() > 0))
{
println();
- returnValue = confirm(
+ returnValue = askConfirmation(
ERR_UNINSTALL_READING_REGISTERED_SERVERS_CONFIRM_UPDATE_REMOTE.get(
Utils.getMessageFromCollection(exceptionMsgs,
- Constants.LINE_SEPARATOR).toString()), true);
+ Constants.LINE_SEPARATOR).toString()), true, LOG);
}
else if (reloadTopologyCache)
{
@@ -1243,7 +1243,14 @@
* {@inheritDoc}
*/
public boolean isInteractive() {
- return parser.isInteractive();
+ if (forceNonInteractive)
+ {
+ return false;
+ }
+ else
+ {
+ return parser.isInteractive();
+ }
}
@@ -1308,4 +1315,24 @@
}
userData.setTrustManager(trust);
}
+
+
+
+ /**
+ * Forces the initialization of the trust manager in the
+ * LDAPConnectionInteraction object.
+ */
+ private void forceTrustManagerInitialization()
+ {
+ forceNonInteractive = true;
+ try
+ {
+ ci.initializeTrustManagerIfRequired();
+ }
+ catch (ArgumentException ae)
+ {
+ LOG.log(Level.WARNING, "Error initializing trust store: "+ae, ae);
+ }
+ forceNonInteractive = false;
+ }
}
diff --git a/opendj-sdk/opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java b/opendj-sdk/opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java
index bf47ebf..f2d9914 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/util/cli/LDAPConnectionConsoleInteraction.java
@@ -95,6 +95,9 @@
// Indicate if the truststore in in memory
private boolean trustStoreInMemory = false;
+ // Indicate that the trust manager was created with the parameters provided
+ private boolean trustManagerInitialized;
+
// The truststore to use for the SSL or STARTTLS connection
private KeyStore truststore;
@@ -1684,6 +1687,20 @@
isHeadingDisplayed = false;
}
+ /**
+ * Forces the initialization of the trust manager with the arguments provided
+ * by the user.
+ * @throws ArgumentException if there is an error with the arguments provided
+ * by the user.
+ */
+ public void initializeTrustManagerIfRequired() throws ArgumentException
+ {
+ if (!trustManagerInitialized)
+ {
+ initializeTrustManager();
+ }
+ }
+
private void initializeTrustManager() throws ArgumentException
{
// Get truststore info
@@ -1691,5 +1708,7 @@
// Check if we need client side authentication
keyManager = getKeyManagerInternal();
+
+ trustManagerInitialized = true;
}
}
--
Gitblit v1.10.0