From 3e4c0188345b0e9d7c568a6e0c1a0579e0eccbae Mon Sep 17 00:00:00 2001
From: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Date: Fri, 29 Jul 2022 16:57:58 +0000
Subject: [PATCH] Restore original EMPTY_BYTES variable place

---
 opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java |    2 +-
 opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java   |    2 +-
 opendj-core/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java                         |    2 +-
 opendj-server-legacy/src/main/java/org/opends/server/tools/SSLConnectionFactory.java               |   10 ++++++++--
 opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java     |    2 +-
 opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java       |    2 +-
 opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java    |    2 +-
 7 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/opendj-core/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java b/opendj-core/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java
index b409bc5..4691fdb 100644
--- a/opendj-core/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java
+++ b/opendj-core/src/main/java/org/forgerock/opendj/ldap/requests/Requests.java
@@ -17,7 +17,7 @@
 
 package org.forgerock.opendj.ldap.requests;
 
-import static com.forgerock.opendj.util.FipsStaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
 import static com.forgerock.opendj.util.StaticUtils.getBytes;
 
 import java.util.Arrays;
diff --git a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java
index bb390cc..7764565 100644
--- a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java
+++ b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/CRAMMD5SASLBindRequestTestCase.java
@@ -17,7 +17,7 @@
 
 package org.forgerock.opendj.ldap.requests;
 
-import static com.forgerock.opendj.util.FipsStaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
 import static com.forgerock.opendj.util.StaticUtils.getBytes;
 import static org.fest.assertions.Assertions.assertThat;
 
diff --git a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java
index cf065c1..2ce6932 100644
--- a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java
+++ b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/DigestMD5SASLBindRequestTestCase.java
@@ -17,7 +17,7 @@
 
 package org.forgerock.opendj.ldap.requests;
 
-import static com.forgerock.opendj.util.FipsStaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
 import static com.forgerock.opendj.util.StaticUtils.getBytes;
 import static org.fest.assertions.Assertions.assertThat;
 import static org.testng.Assert.assertEquals;
diff --git a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java
index 6062ac7..c0b2aae 100644
--- a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java
+++ b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GSSAPISASLBindRequestTestCase.java
@@ -17,7 +17,7 @@
 
 package org.forgerock.opendj.ldap.requests;
 
-import static com.forgerock.opendj.util.FipsStaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
 import static com.forgerock.opendj.util.StaticUtils.getBytes;
 import static org.fest.assertions.Assertions.assertThat;
 import static org.testng.Assert.assertEquals;
diff --git a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java
index 4bd622d..3732dfb 100644
--- a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java
+++ b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/GenericBindRequestTestCase.java
@@ -17,7 +17,7 @@
 
 package org.forgerock.opendj.ldap.requests;
 
-import static com.forgerock.opendj.util.FipsStaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
 import static com.forgerock.opendj.util.StaticUtils.getBytes;
 import static org.fest.assertions.Assertions.assertThat;
 
diff --git a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java
index 8f69bcd..cd00e1c 100644
--- a/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java
+++ b/opendj-core/src/test/java/org/forgerock/opendj/ldap/requests/PlainSASLBindRequestTestCase.java
@@ -17,7 +17,7 @@
 
 package org.forgerock.opendj.ldap.requests;
 
-import static com.forgerock.opendj.util.FipsStaticUtils.EMPTY_BYTES;
+import static com.forgerock.opendj.util.StaticUtils.EMPTY_BYTES;
 import static com.forgerock.opendj.util.StaticUtils.getBytes;
 import static org.fest.assertions.Assertions.assertThat;
 
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/tools/SSLConnectionFactory.java b/opendj-server-legacy/src/main/java/org/opends/server/tools/SSLConnectionFactory.java
index 5a7f3cd..0c7db67 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/tools/SSLConnectionFactory.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/tools/SSLConnectionFactory.java
@@ -40,6 +40,7 @@
 import org.opends.server.extensions.BlindTrustManagerProvider;
 import org.forgerock.i18n.slf4j.LocalizedLogger;
 import org.forgerock.opendj.ldap.SSLContextBuilder;
+import org.forgerock.opendj.ldap.TrustManagers;
 import org.opends.server.util.CollectionUtils;
 import org.opends.server.util.ExpirationCheckTrustManager;
 import org.opends.server.util.SelectableCertificateKeyManager;
@@ -120,8 +121,13 @@
             new BlindTrustManagerProvider();
         trustManagers = blindTrustProvider.getTrustManagers();
       } else if (trustStorePath == null) {
-        trustManagers = PromptTrustManager.getTrustManagers();
-      } else
+			if (isFips()) {
+				TrustManager tm = TrustManagers.checkUsingPkcs11TrustStore();
+				trustManagers = new TrustManager[] { tm };
+			} else {
+				trustManagers = PromptTrustManager.getTrustManagers();
+			}
+	  } else
       {
         TrustManager[] tmpTrustManagers =
              getTrustManagers(KeyStore.getDefaultType(), null, trustStorePath,

--
Gitblit v1.10.0