From 3c62241572c7b043743d66adf53bb1633af43506 Mon Sep 17 00:00:00 2001
From: Ludovic Poitou <ludovic.poitou@forgerock.com>
Date: Thu, 07 Apr 2011 20:35:36 +0000
Subject: [PATCH] Fix Issue OPENDJ-19 - execute control-panel as any user The control-panel script checks at startup that the user is the owner of the local instance. This prevents anyone from using the control-panel to access remote servers. Added an option (-r or --remote) to skip the local checks.
---
opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanelArgumentParser.java | 20 ++++++++++++++++++++
opendj-sdk/opends/src/messages/messages/tools.properties | 2 ++
opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanel.java | 10 ++++++++++
opendj-sdk/opends/src/server/org/opends/server/tools/ToolConstants.java | 11 +++++++++++
opendj-sdk/opends/resource/bin/control-panel | 8 ++++++++
5 files changed, 51 insertions(+), 0 deletions(-)
diff --git a/opendj-sdk/opends/resource/bin/control-panel b/opendj-sdk/opends/resource/bin/control-panel
index 1c01f6a..44bc496 100644
--- a/opendj-sdk/opends/resource/bin/control-panel
+++ b/opendj-sdk/opends/resource/bin/control-panel
@@ -24,6 +24,7 @@
#
#
# Copyright 2008 Sun Microsystems, Inc.
+# Portions Copyright 2011 ForgeRock AS
# This script may be used to display the control panel.
@@ -34,6 +35,13 @@
export SCRIPT_NAME
NO_CHECK=0
+for i in $*
+do
+ if [ "$i" == "-r" ] || [ "$i" == "--remote" ]
+ then
+ NO_CHECK=1
+ fi
+done
export NO_CHECK
SCRIPT_DIR=`dirname "${0}"`
diff --git a/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanel.java b/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanel.java
index bf9a9a9..3bd097a 100644
--- a/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanel.java
+++ b/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanel.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2008-2010 Sun Microsystems, Inc.
+ * Portions Copyright 2011 ForgeRock AS
*/
package org.opends.guitools.controlpanel;
@@ -140,6 +141,11 @@
localOrRemote.pack();
Utilities.centerOnScreen(localOrRemote);
+ if (argParser.isRemote())
+ {
+ updateLocalOrRemotePanel(localOrRemote);
+ }
+
if (argParser.getBindPassword() != null)
{
updateLocalOrRemotePanel(localOrRemote);
@@ -217,6 +223,10 @@
getLocalOrRemotePanel(localOrRemote.getContentPane());
if (panel != null)
{
+ if (argParser.isRemote())
+ {
+ panel.setRemote(true);
+ }
if (argParser.getExplicitHostName() != null)
{
panel.setHostName(argParser.getExplicitHostName());
diff --git a/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanelArgumentParser.java b/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanelArgumentParser.java
index ef04b1e..e09a54c 100644
--- a/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanelArgumentParser.java
+++ b/opendj-sdk/opends/src/guitools/org/opends/guitools/controlpanel/ControlPanelArgumentParser.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2009-2010 Sun Microsystems, Inc.
+ * Portions Copyright 2011 ForgeRock AS
*/
package org.opends.guitools.controlpanel;
@@ -81,6 +82,11 @@
private BooleanArgument trustAllArg = null;
/**
+ * The 'remoteArg' global argument.
+ */
+ private BooleanArgument remoteArg = null;
+
+ /**
* Argument to specify the connect timeout.
*/
private IntegerArgument connectTimeoutArg = null;
@@ -164,6 +170,11 @@
trustAllArg.setPropertyName(OPTION_LONG_TRUSTALL);
addArgument(trustAllArg);
+ remoteArg = new BooleanArgument("remote", OPTION_SHORT_REMOTE,
+ OPTION_LONG_REMOTE, INFO_DESCRIPTION_REMOTE.get());
+ remoteArg.setPropertyName(OPTION_LONG_REMOTE);
+ addArgument(remoteArg);
+
int defaultTimeout = ConnectionUtils.getDefaultLDAPTimeout();
connectTimeoutArg = new IntegerArgument(OPTION_LONG_CONNECT_TIMEOUT,
null, OPTION_LONG_CONNECT_TIMEOUT,
@@ -307,4 +318,13 @@
}
}
+ /**
+ * Returns whether the user specified to connect to a remote server.
+ * @return whether the user specified to connect to a remote server.
+ */
+ public boolean isRemote()
+ {
+ return remoteArg.isPresent();
+ }
+
}
diff --git a/opendj-sdk/opends/src/messages/messages/tools.properties b/opendj-sdk/opends/src/messages/messages/tools.properties
index 59203c0..033ddfe 100644
--- a/opendj-sdk/opends/src/messages/messages/tools.properties
+++ b/opendj-sdk/opends/src/messages/messages/tools.properties
@@ -21,6 +21,7 @@
# CDDL HEADER END
#
# Copyright 2006-2010 Sun Microsystems, Inc.
+# Portions Copyright 2011 ForgeRock AS
@@ -2582,3 +2583,4 @@
SEVERE_ERR_RECURRING_SCHEDULE_FORMAT_ERROR_1718=The provided schedule value \
has an invalid format. The schedule must be expressed using a crontab(5) \
format. Error details: %s
+INFO_DESCRIPTION_REMOTE_1719=Connect to a remote server
diff --git a/opendj-sdk/opends/src/server/org/opends/server/tools/ToolConstants.java b/opendj-sdk/opends/src/server/org/opends/server/tools/ToolConstants.java
index e60b940..2456d29 100644
--- a/opendj-sdk/opends/src/server/org/opends/server/tools/ToolConstants.java
+++ b/opendj-sdk/opends/src/server/org/opends/server/tools/ToolConstants.java
@@ -23,6 +23,7 @@
*
*
* Copyright 2006-2010 Sun Microsystems, Inc.
+ * Portions Copyright 2011 ForgeRock AS
*/
package org.opends.server.tools;
@@ -331,6 +332,16 @@
public static final String OPTION_LONG_TRUSTALL = "trustAll";
/**
+ * The value for the short option trustAll .
+ */
+ public static final char OPTION_SHORT_REMOTE = 'r';
+
+ /**
+ * The value for the long option trustAll .
+ */
+ public static final String OPTION_LONG_REMOTE = "remote";
+
+ /**
* The value for the short option certNickname .
*/
public static final char OPTION_SHORT_CERT_NICKNAME = 'N';
--
Gitblit v1.10.0