From e64015fff32142b8da831329d392fe3f2c79b857 Mon Sep 17 00:00:00 2001
From: Nicolas Capponi <nicolas.capponi@forgerock.com>
Date: Mon, 17 Oct 2016 12:44:30 +0000
Subject: [PATCH] OPENDJ-3330 Client tool support for TLS v1.2 : fix issues for status, manage-tasks and dsreplication
---
opendj-core/src/main/java/org/forgerock/opendj/ldap/LDAPConnectionFactory.java | 4 ++--
opendj-server-legacy/src/main/java/org/opends/server/tools/status/StatusCli.java | 2 ++
opendj-server-legacy/src/main/java/org/opends/server/util/cli/LDAPConnectionArgumentParser.java | 8 +++++---
opendj-server-legacy/src/main/java/org/opends/server/tools/ManageTasks.java | 4 ++--
opendj-core/src/main/resources/com/forgerock/opendj/ldap/core.properties | 1 +
5 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/opendj-core/src/main/java/org/forgerock/opendj/ldap/LDAPConnectionFactory.java b/opendj-core/src/main/java/org/forgerock/opendj/ldap/LDAPConnectionFactory.java
index 599069e..dac0421 100644
--- a/opendj-core/src/main/java/org/forgerock/opendj/ldap/LDAPConnectionFactory.java
+++ b/opendj-core/src/main/java/org/forgerock/opendj/ldap/LDAPConnectionFactory.java
@@ -17,8 +17,8 @@
package org.forgerock.opendj.ldap;
import static com.forgerock.opendj.ldap.CoreMessages.HBCF_CONNECTION_CLOSED_BY_CLIENT;
-import static com.forgerock.opendj.ldap.CoreMessages.HBCF_HEARTBEAT_FAILED;
import static com.forgerock.opendj.ldap.CoreMessages.HBCF_HEARTBEAT_TIMEOUT;
+import static com.forgerock.opendj.ldap.CoreMessages.ERR_CONNECTION_UNEXPECTED;
import static com.forgerock.opendj.ldap.CoreMessages.LDAP_CONNECTION_CONNECT_TIMEOUT;
import static com.forgerock.opendj.util.StaticUtils.DEFAULT_SCHEDULER;
import static java.util.concurrent.TimeUnit.*;
@@ -502,7 +502,7 @@
connectException = newHeartBeatTimeoutError();
} else {
connectException = newLdapException(ResultCode.CLIENT_SIDE_SERVER_DOWN,
- HBCF_HEARTBEAT_FAILED.get(),
+ ERR_CONNECTION_UNEXPECTED.get(e),
e);
}
if (promise.tryHandleException(connectException)) {
diff --git a/opendj-core/src/main/resources/com/forgerock/opendj/ldap/core.properties b/opendj-core/src/main/resources/com/forgerock/opendj/ldap/core.properties
index e671ee7..c23e254 100644
--- a/opendj-core/src/main/resources/com/forgerock/opendj/ldap/core.properties
+++ b/opendj-core/src/main/resources/com/forgerock/opendj/ldap/core.properties
@@ -1715,3 +1715,4 @@
ERR_CERT_NO_MATCH_SUBJECT=The host name contained in the subject DN '%s' \
does not match the host name '%s'
ERR_ATTRIBUTE_PARSER_MISSING_ATTRIBUTE=The entry could not be parsed because the '%s' is missing
+ERR_CONNECTION_UNEXPECTED=An error occurred during establishment of a connection: %s
\ No newline at end of file
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/tools/ManageTasks.java b/opendj-server-legacy/src/main/java/org/opends/server/tools/ManageTasks.java
index 1c12462..22f0f2e 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/tools/ManageTasks.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/tools/ManageTasks.java
@@ -267,8 +267,8 @@
printSummaryTable();
return 0;
}
- } catch (LDAPConnectionException lce) {
- println(INFO_TASKINFO_LDAP_EXCEPTION.get(lce.getMessageObject()));
+ } catch (LDAPConnectionException | SSLConnectionException e) {
+ println(INFO_TASKINFO_LDAP_EXCEPTION.get(e.getMessageObject()));
return 1;
} catch (Exception e) {
println(LocalizableMessage.raw(StaticUtils.getExceptionMessage(e)));
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/tools/status/StatusCli.java b/opendj-server-legacy/src/main/java/org/opends/server/tools/status/StatusCli.java
index 1f36451..1b545fd 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/tools/status/StatusCli.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/tools/status/StatusCli.java
@@ -83,6 +83,7 @@
import com.forgerock.opendj.cli.ArgumentException;
import com.forgerock.opendj.cli.ClientException;
+import com.forgerock.opendj.cli.ConnectionFactoryProvider;
import com.forgerock.opendj.cli.ConsoleApplication;
import com.forgerock.opendj.cli.IntegerArgument;
import com.forgerock.opendj.cli.ReturnCode;
@@ -1137,6 +1138,7 @@
sslBuilder.setKeyManager(keyManager);
options.set(SSL_USE_STARTTLS, ci.useStartTLS());
options.set(SSL_CONTEXT, sslBuilder.getSSLContext());
+ options.set(SSL_ENABLED_PROTOCOLS, ConnectionFactoryProvider.getDefaultProtocols());
factory = new LDAPConnectionFactory(hostName, portNumber, options);
connection = factory.getConnection();
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/util/cli/LDAPConnectionArgumentParser.java b/opendj-server-legacy/src/main/java/org/opends/server/util/cli/LDAPConnectionArgumentParser.java
index cdb773d..a47831d 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/util/cli/LDAPConnectionArgumentParser.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/util/cli/LDAPConnectionArgumentParser.java
@@ -260,13 +260,15 @@
* @param err
* stream to write error messages
* @return LDAPConnection created by this class from parsed arguments
+ * @throws SSLConnectionException
+ * if there was a problem connecting with SSL to the server
* @throws LDAPConnectionException
- * if there was a problem connecting to the server
+ * if there was any other problem connecting to the server
* @throws ArgumentException
* if there was a problem indicated by the input arguments
*/
public LDAPConnection connect(LDAPConnectionConsoleInteraction ui, PrintStream out, PrintStream err)
- throws LDAPConnectionException, ArgumentException
+ throws LDAPConnectionException, SSLConnectionException, ArgumentException
{
try
{
@@ -280,7 +282,7 @@
{
err.println(isSSLException(e) ?
ERR_TASKINFO_LDAP_EXCEPTION_SSL.get(ui.getHostName(), ui.getPortNumber()) : e.getMessageObject());
- return null;
+ throw e;
}
}
--
Gitblit v1.10.0