From 32f807a8a991f17edbecbca0000478c2593a324d Mon Sep 17 00:00:00 2001
From: andrug <andrug@localhost>
Date: Fri, 04 Apr 2008 19:35:46 +0000
Subject: [PATCH] allow opends to setup ssl/startTLS
---
opendj-sdk/opends/tests/system-tests/phases/installation/installation_opends.xml | 48 +++++++++++----
opendj-sdk/opends/tests/system-tests/phases/parser/parser.py | 69 +++++++++++++++-------
opendj-sdk/opends/tests/system-tests/phases/shared/functions/opendsadm.xml | 44 ++++++++++++++
opendj-sdk/opends/tests/system-tests/phases/shared/functions/utils.xml | 2
opendj-sdk/opends/tests/system-tests/scenario/conf.dtd | 8 ++
5 files changed, 130 insertions(+), 41 deletions(-)
diff --git a/opendj-sdk/opends/tests/system-tests/phases/installation/installation_opends.xml b/opendj-sdk/opends/tests/system-tests/phases/installation/installation_opends.xml
index 82d04ed..b23d365 100755
--- a/opendj-sdk/opends/tests/system-tests/phases/installation/installation_opends.xml
+++ b/opendj-sdk/opends/tests/system-tests/phases/installation/installation_opends.xml
@@ -265,21 +265,41 @@
}
</call>
- <!--== Setup product ==-->
- <call function="'SetUpDsWithScript'">
- {
- 'location' : instance.getHost(),
- 'dsPath' : instance.getInstallDir(),
- 'dsPort' : instance.getLDAPPort(),
- 'dsJmxPort' : instance.getJMXPort(),
- 'dsBindDN' : DIRECTORY_INSTANCE_DN,
- 'dsBindPwd' : DIRECTORY_INSTANCE_PSWD,
- 'dsBaseDN' : suffixDn,
- 'dsDoNotStart' : 'TRUE',
- 'fileFd' : fileFd
- }
- </call>
+ <!--== Setup product ==-->
+ <if expr="instance.isSecurityEnabled() == 'false'">
+ <call function="'SetUpDsWithScript'">
+ {
+ 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsPort' : instance.getLDAPPort(),
+ 'dsJmxPort' : instance.getJMXPort(),
+ 'dsBindDN' : DIRECTORY_INSTANCE_DN,
+ 'dsBindPwd' : DIRECTORY_INSTANCE_PSWD,
+ 'dsBaseDN' : suffixDn,
+ 'dsDoNotStart' : 'true',
+ 'fileFd' : fileFd
+ }
+ </call>
+ <else>
+ <call function="'SetUpDsWithScript'">
+ {
+ 'location' : instance.getHost(),
+ 'dsPath' : instance.getInstallDir(),
+ 'dsPort' : instance.getLDAPPort(),
+ 'dsSslPort' : instance.getLDAPSPort(),
+ 'dsJmxPort' : instance.getJMXPort(),
+ 'dsBindDN' : DIRECTORY_INSTANCE_DN,
+ 'dsBindPwd' : DIRECTORY_INSTANCE_PSWD,
+ 'dsBaseDN' : suffixDn,
+ 'dsDoNotStart' : 'true',
+ 'dsEnableStartTLS' : instance.isStartTlsEnabled(),
+ 'dsCertificate' : instance.getCertificate(),
+ 'fileFd' : fileFd
+ }
+ </call>
+ </else>
+ </if>
<call function="'writeEndTagStep'">{ 'fileFd' : fileFd}</call>
diff --git a/opendj-sdk/opends/tests/system-tests/phases/parser/parser.py b/opendj-sdk/opends/tests/system-tests/phases/parser/parser.py
index f142b72..2585934 100755
--- a/opendj-sdk/opends/tests/system-tests/phases/parser/parser.py
+++ b/opendj-sdk/opends/tests/system-tests/phases/parser/parser.py
@@ -273,21 +273,25 @@
class OpendsInstance(Instance):
"Describes an opends Instance"
def __init__(self, iid, name, product, role, host, installDir, tarball, \
- portLDAP, portLDAPS, portJMX, portREPL):
+ portLDAP, portLDAPS, portJMX, portREPL, \
+ securityEnabled, certificate, startTlsEnabled):
# from instance object
- self.iid = iid
- self.name = name
- self.product = product
- self.role = role
- self.host = host
- self.installDir = installDir
- self.tarball = tarball
- self.portLDAP = portLDAP
+ self.iid = iid
+ self.name = name
+ self.product = product
+ self.role = role
+ self.host = host
+ self.installDir = installDir
+ self.tarball = tarball
+ self.portLDAP = portLDAP
# specific to opends instance
- self.portLDAPS = portLDAPS
- self.portJMX = portJMX
- self.portREPL = portREPL
- self.javaVersion = NOT_DEFINED
+ self.portLDAPS = portLDAPS
+ self.portJMX = portJMX
+ self.portREPL = portREPL
+ self.javaVersion = NOT_DEFINED
+ self.securityEnabled = securityEnabled
+ self.certificate = certificate
+ self.startTlsEnabled = startTlsEnabled
def getLDAPSPort(self):
return self.portLDAPS
@@ -303,7 +307,15 @@
def setJavaVersion(self,javaVersion):
self.javaVersion = javaVersion
-
+
+ def isSecurityEnabled(self):
+ return self.securityEnabled
+
+ def getCertificate(self):
+ return self.certificate
+
+ def isStartTlsEnabled(self):
+ return self.startTlsEnabled
#
@@ -570,13 +582,16 @@
# Parse children and get information for opends instance
#
def parseOpenDs(cId,cName,cProduct,cRole,opendsName,opendsZip,thisChild):
- msg = ''
- cHost = 'localhost'
- cInstallDir = NOT_DEFINED
- cPortLDAP = '1389'
- cPortLDAPS = '1636'
- cPortJMX = '1390'
- cPortREPL = '1391'
+ msg = ''
+ cHost = 'localhost'
+ cInstallDir = NOT_DEFINED
+ cPortLDAP = '1389'
+ cPortLDAPS = '1636'
+ cPortJMX = '1390'
+ cPortREPL = '1391'
+ cSecurityEnabled = 'false'
+ cCertificate = NOT_DEFINED
+ cStartTlsEnabled = 'false'
#
# Parsing second level : host,ports,...
@@ -625,7 +640,14 @@
else:
msg = '%s\n ERROR: instance %s : unknown port node name %s' % \
(msg, cName, thisPort.getNodeName())
-
+
+ elif (thisSubChild.getNodeType() == Node.ELEMENT_NODE and
+ thisSubChild.getNodeName() == 'security'):
+
+ cSecurityEnabled = _getAttributeNode(thisSubChild,'enabled')
+ cCertificate = _getAttributeNode(thisSubChild,'certificate')
+ cStartTlsEnabled = _getAttributeNode(thisSubChild,'startTlsEnabled')
+
# must be at the end of the if case
elif (thisSubChild.getNodeType() == Node.TEXT_NODE or
@@ -647,7 +669,8 @@
cInstallDir = '%s/%s/%s' % (cInstallDir,cName,opendsName)
return [msg,OpendsInstance(cId,cName,cProduct,cRole,cHost,cInstallDir,\
opendsZip,\
- cPortLDAP,cPortLDAPS,cPortJMX,cPortREPL)]
+ cPortLDAP,cPortLDAPS,cPortJMX,cPortREPL,\
+ cSecurityEnabled,cCertificate,cStartTlsEnabled)]
#============================================================================
diff --git a/opendj-sdk/opends/tests/system-tests/phases/shared/functions/opendsadm.xml b/opendj-sdk/opends/tests/system-tests/phases/shared/functions/opendsadm.xml
index cb3366c..efa8a56 100755
--- a/opendj-sdk/opends/tests/system-tests/phases/shared/functions/opendsadm.xml
+++ b/opendj-sdk/opends/tests/system-tests/phases/shared/functions/opendsadm.xml
@@ -50,6 +50,12 @@
</function-arg-description>
<function-arg-property name="type" value="Port number"/>
</function-arg-def>
+ <function-arg-def name="dsSslPort" type="optional">
+ <function-arg-description>
+ Directory server secure port number
+ </function-arg-description>
+ <function-arg-property name="type" value="Port number"/>
+ </function-arg-def>
<function-arg-def name="dsJmxPort" type="optional">
<function-arg-description>
Directory server JMX port number
@@ -97,7 +103,22 @@
Help option
</function-arg-description>
<function-arg-property name="help" value="option"/>
- </function-arg-def>
+ </function-arg-def>
+ <function-arg-def name="dsEnableStartTLS" type="optional"
+ default="'false'">
+ <function-arg-description>
+ Enable startTLS, must use dsCertifiacte parameter
+ </function-arg-description>
+ <function-arg-property name="type" value="boolean"/>
+ </function-arg-def>
+ <function-arg-def name="dsCertificate" type="optional">
+ <function-arg-description>
+ certificate mode: selfsigned,Pkcs11keyStore,Pkcs12keyStore,
+ JavakeyStore,
+ </function-arg-description>
+ <function-arg-property name="type" value="string"/>
+ </function-arg-def>
+
<function-arg-def name="fileFd" type="required">
<function-arg-description>
output file descriptor
@@ -120,6 +141,9 @@
if dsPort:
STAFCmdParamsList.append('-p %s' % dsPort)
+ if dsSslPort:
+ STAFCmdParamsList.append('-Z %s' % dsSslPort)
+
if dsJmxPort:
STAFCmdParamsList.append('-x %s' % dsJmxPort)
@@ -143,7 +167,23 @@
if dsHelp:
STAFCmdParamsList.append('-H')
-
+
+ if dsEnableStartTLS:
+ dsEnableStartTLS = dsEnableStartTLS.lower()
+ if dsEnableStartTLS == 'true':
+ STAFCmdParamsList.append('--enableStartTLS')
+
+ if dsCertificate:
+ dsCertificate = dsCertificate.lower()
+ if dsCertificate == 'selfsigned':
+ STAFCmdParamsList.append('--generateSelfSignedCertificate')
+ elif dsCertificate == 'pkcs11keystore':
+ STAFCmdParamsList.append('--usePkcs11Keystore')
+ elif dsCertificate == 'pkcs12keystore':
+ STAFCmdParamsList.append('--usePkcs12keyStore')
+ elif dsCertificate == 'javakeystore':
+ STAFCmdParamsList.append('--useJavaKeystore')
+
STAFCmdParams=' '.join(STAFCmdParamsList)
</script>
diff --git a/opendj-sdk/opends/tests/system-tests/phases/shared/functions/utils.xml b/opendj-sdk/opends/tests/system-tests/phases/shared/functions/utils.xml
index b2d5e98..f7fdddb 100755
--- a/opendj-sdk/opends/tests/system-tests/phases/shared/functions/utils.xml
+++ b/opendj-sdk/opends/tests/system-tests/phases/shared/functions/utils.xml
@@ -789,7 +789,7 @@
<if expr="STAFCmdExist == TRUE">
<sequence>
<call function="'writeMessage'">
- { 'content' : 'Running cmd: %s %s ' % (command,arguments),
+ { 'content' : 'Running cmd: %s %s' % (command,arguments),
'fileFd' : fileFd }
</call>
diff --git a/opendj-sdk/opends/tests/system-tests/scenario/conf.dtd b/opendj-sdk/opends/tests/system-tests/scenario/conf.dtd
index caf820b..8219775 100755
--- a/opendj-sdk/opends/tests/system-tests/scenario/conf.dtd
+++ b/opendj-sdk/opends/tests/system-tests/scenario/conf.dtd
@@ -40,7 +40,7 @@
<!ELEMENT domain (#PCDATA)>
<!-- ========== INSTANCE NODE ========================= -->
-<!ELEMENT instance (host,installDir,ports?)>
+<!ELEMENT instance (host,installDir,ports?,security?)>
<!ATTLIST instance
name NMTOKEN #REQUIRED
product NMTOKEN #REQUIRED
@@ -53,6 +53,12 @@
<!ELEMENT ldaps (#PCDATA)>
<!ELEMENT jmx (#PCDATA)>
<!ELEMENT replicationServer (#PCDATA)>
+ <!ELEMENT security EMPTY>
+ <!ATTLIST security
+ enabled ( true | false ) "true"
+ certificate ( selfSigned | Pkcs11keyStore | Pkcs12keyStore
+ | JavakeyStore ) "selfSigned"
+ startTlsEnabled ( true | false) "false">
<!-- ========== SUFFIX NODE ========================= -->
--
Gitblit v1.10.0