Upgrade.java revision 412ad6b800c1fbd15661110e21d836b888231cce
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at legal-notices/CDDLv1_0.txt.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Portions Copyright 2013-2015 ForgeRock AS
*/
/**
* This class contains the table of upgrade tasks that need performing when
* upgrading from one version to another.
*/
public final class Upgrade
{
/** Upgrade's logger. */
/** Upgrade supports version from 2.4.5. */
/** The success exit code value. */
static final int EXIT_CODE_SUCCESS = 0;
/** The error exit code value. */
static final int EXIT_CODE_ERROR = 1;
/**
* The exit code value that will be used if upgrade requires manual
* intervention.
*/
static final int EXIT_CODE_MANUAL_INTERVENTION = 2;
/** If the upgrade contains some post upgrade tasks to do. */
static boolean hasPostUpgradeTask;
/** Developers should register upgrade tasks below. */
static
{
// @formatter:off
register("2.5.0",
"(objectClass=ds-cfg-collation-matching-rule)",
"add: ds-cfg-collation",
"ds-cfg-collation: de:1.3.6.1.4.1.42.2.27.9.4.28.1",
"ds-cfg-collation: de-DE:1.3.6.1.4.1.42.2.27.9.4.28.1",
"-",
"delete: ds-cfg-collation",
"ds-cfg-collation: de:1.3.6.1.4.1.142.2.27.9.4.28.1",
"ds-cfg-collation: de-DE:1.3.6.1.4.1.142.2.27.9.4.28.1"));
register("2.5.0",
"(objectClass=ds-cfg-password-policy)",
"add: objectClass",
"objectClass: ds-cfg-authentication-policy",
"-",
"add: ds-cfg-java-class",
"ds-cfg-java-class: org.opends.server.core.PasswordPolicyFactory"));
register("2.5.0",
"(ds-cfg-java-class=org.opends.server.loggers.TextAuditLogPublisher)",
"add: objectClass",
"objectClass: ds-cfg-file-based-audit-log-publisher",
"-",
"delete: objectClass",
"objectClass: ds-cfg-file-based-access-log-publisher"));
register("2.5.0",
register("2.5.0",
"00-core.ldif", "1.3.6.1.4.1.36733.2.1.1.59"), //etag
"dn: cn=etag,cn=Virtual Attributes,cn=config",
"changetype: add",
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-entity-tag-virtual-attribute",
"cn: etag",
"ds-cfg-java-class: org.opends.server.extensions."
+ "EntityTagVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: etag",
"ds-cfg-conflict-behavior: real-overrides-virtual",
"ds-cfg-checksum-algorithm: adler-32",
"ds-cfg-excluded-attribute: ds-sync-hist"));
register("2.5.0",
"dn: cn=Password Expiration Time,cn=Virtual Attributes,cn=config",
"changetype: add",
"objectClass: top",
"objectClass: ds-cfg-virtual-attribute",
"objectClass: ds-cfg-password-expiration-time-virtual-attribute",
"cn: Password Expiration Time",
"ds-cfg-java-class: org.opends.server.extensions."
+ "PasswordExpirationTimeVirtualAttributeProvider",
"ds-cfg-enabled: true",
"ds-cfg-attribute-type: ds-pwp-password-expiration-time",
"ds-cfg-conflict-behavior: virtual-overrides-real"));
register("2.5.0",
"(ds-cfg-java-class=org.opends.server.schema.CertificateSyntax)",
"add: objectClass",
"objectClass: ds-cfg-certificate-attribute-syntax",
"-",
"add: ds-cfg-strict-format",
"ds-cfg-strict-format: false"));
register("2.5.0",
"(ds-cfg-java-class=org.opends.server.schema.JPEGSyntax)",
"add: objectClass",
"objectClass: ds-cfg-jpeg-attribute-syntax",
"-",
"add: ds-cfg-strict-format",
"ds-cfg-strict-format: false"));
register("2.5.0",
"(ds-cfg-java-class=org.opends.server.schema.CountryStringSyntax)",
"add: objectClass",
"objectClass: ds-cfg-country-string-attribute-syntax",
"-",
"add: ds-cfg-strict-format",
"ds-cfg-strict-format: false"));
register("2.5.0",
"(ds-cfg-java-class=org.opends.server.extensions.IsMemberOfVirtualAttributeProvider)",
"add: ds-cfg-filter",
"ds-cfg-filter: (|(objectClass=person)(objectClass=groupOfNames)"
+ "(objectClass=groupOfUniqueNames)(objectClass=groupOfEntries))",
"-",
"delete: ds-cfg-filter",
"ds-cfg-filter: (objectClass=person)")));
register("2.5.0",
"(objectClass=ds-cfg-dictionary-password-validator)",
"add: ds-cfg-check-substrings",
"ds-cfg-check-substrings: false"));
register("2.5.0",
"(objectClass=ds-cfg-attribute-value-password-validator)",
"add: ds-cfg-check-substrings",
"ds-cfg-check-substrings: false"));
register("2.5.0",
"dn: cn=PBKDF2,cn=Password Storage Schemes,cn=config",
"changetype: add",
"objectClass: top",
"objectClass: ds-cfg-password-storage-scheme",
"objectClass: ds-cfg-pbkdf2-password-storage-scheme",
"cn: PBKDF2",
"ds-cfg-java-class: org.opends.server.extensions."
+ "PBKDF2PasswordStorageScheme",
"ds-cfg-enabled: true"));
register("2.5.0",
addConfigFile("http-config.json"),
"dn: cn=HTTP Connection Handler,cn=Connection Handlers,cn=config",
"changetype: add",
"objectClass: ds-cfg-http-connection-handler",
"objectClass: ds-cfg-connection-handler",
"objectClass: top",
"ds-cfg-listen-port: 8080",
"cn: HTTP Connection Handler",
"ds-cfg-max-blocked-write-time-limit: 2 minutes",
"ds-cfg-ssl-client-auth-policy: optional",
"ds-cfg-use-tcp-keep-alive: true",
"ds-cfg-max-request-size: 5 megabytes",
"ds-cfg-use-tcp-no-delay: true",
"ds-cfg-allow-tcp-reuse-address: true",
"ds-cfg-accept-backlog: 128",
"ds-cfg-authentication-required: true",
"ds-cfg-buffer-size: 4096 bytes",
"ds-cfg-config-file: config/http-config.json",
"ds-cfg-listen-address: 0.0.0.0",
"ds-cfg-java-class: " +
"org.opends.server.protocols.http.HTTPConnectionHandler",
"ds-cfg-keep-stats: true",
"ds-cfg-ssl-cert-nickname: server-cert",
"ds-cfg-use-ssl: false",
"ds-cfg-enabled: false"));
"dn: cn=File-Based HTTP Access Logger,cn=Loggers,cn=config",
"changetype: add",
"objectClass: ds-cfg-file-based-http-access-log-publisher",
"objectClass: top",
"objectClass: ds-cfg-http-access-log-publisher",
"objectClass: ds-cfg-log-publisher",
"cn: File-Based HTTP Access Logger",
"ds-cfg-java-class: " +
"org.opends.server.loggers.TextHTTPAccessLogPublisher",
"ds-cfg-asynchronous: true",
"ds-cfg-log-file: logs/http-access",
"ds-cfg-rotation-policy: " +
"cn=24 Hours Time Limit Rotation Policy," +
"cn=Log Rotation Policies,cn=config",
"ds-cfg-rotation-policy: " +
"cn=Size Limit Rotation Policy,cn=Log Rotation Policies,cn=config",
"ds-cfg-retention-policy: " +
"cn=File Count Retention Policy,cn=Log Retention Policies,cn=config",
"ds-cfg-log-file-permissions: 640",
"ds-cfg-enabled: false"));
register("2.5.0",
"00-core.ldif", "1.2.840.113549.1.9.1"), // emailAddress
"&(ds-cfg-java-class=org.opends.server.extensions." +
"SubjectAttributeToUserAttributeCertificateMapper)" +
"(ds-cfg-subject-attribute-mapping=e:mail)",
"delete:ds-cfg-subject-attribute-mapping",
"ds-cfg-subject-attribute-mapping: e:mail",
"-",
"add:ds-cfg-subject-attribute-mapping",
"ds-cfg-subject-attribute-mapping: emailAddress:mail"));
/** See OPENDJ-992 */
register("2.5.0",
regressionInVersion("2.5.0.7640",
"ds-sync-hist")));
/** See OPENDJ-1284 */
"00-core.ldif", "2.5.4.36", "2.5.4.37"),
"dn: cn=Certificate Exact Matching Rule,cn=Matching Rules,cn=config",
"changetype: add",
"objectClass: top",
"objectClass: ds-cfg-matching-rule",
"objectClass: ds-cfg-equality-matching-rule",
"cn: Certificate Exact Matching Rule",
"ds-cfg-java-class: "
+ "org.opends.server.schema.CertificateExactMatchingRuleFactory",
"ds-cfg-enabled: true"));
/** See OPENDJ-1295 */
register("2.7.0",
copySchemaFile("03-pwpolicyextension.ldif"));
register("2.8.0",
"(ds-cfg-java-class=org.opends.server.loggers.debug.TextDebugLogPublisher)",
"delete:ds-cfg-java-class",
"-",
"add:ds-cfg-java-class",
"ds-cfg-java-class: org.opends.server.loggers.TextDebugLogPublisher"));
register("2.8.0",
"(objectclass=ds-cfg-file-based-debug-log-publisher)",
"delete:ds-cfg-default-debug-level"));
register("2.8.0",
"&(objectclass=ds-cfg-file-based-error-log-publisher)(cn=File-Based Error Logger)",
"delete:ds-cfg-default-severity",
"ds-cfg-default-severity: severe-warning",
"ds-cfg-default-severity: severe-error",
"ds-cfg-default-severity: fatal-error",
"-",
"add:ds-cfg-default-severity",
"ds-cfg-default-severity: error",
"ds-cfg-default-severity: warning"
));
register("2.8.0",
"&(objectclass=ds-cfg-file-based-error-log-publisher)(cn=Replication Repair Logger)",
"delete:ds-cfg-override-severity",
"-",
"add:ds-cfg-override-severity",
"ds-cfg-override-severity: SYNC=INFO,ERROR,WARNING,NOTICE"));
/** See OPENDJ-1490 and OPENDJ-1454 */
register("2.7.0",
"dn: ds-cfg-backend-id=replicationChanges,cn=Backends,cn=config"),
"(objectClass=ds-cfg-dsee-compat-access-control-handler)",
"delete: ds-cfg-global-aci",
"ds-cfg-global-aci: "
+ "(target=\"ldap:///dc=replicationchanges\")"
+ "(targetattr=\"*\")"
+ "(version 3.0; acl \"Replication backend access\"; "
+ "deny (all) userdn=\"ldap:///anyone\";)"));
/** See OPENDJ-1351 */
register("2.7.0",
"(objectClass=ds-cfg-root-dn)",
"add: ds-cfg-default-root-privilege-name",
"ds-cfg-default-root-privilege-name: changelog-read"));
/** See OPENDJ-1580 */
register("2.7.0",
"dn: cn=PKCS5S2,cn=Password Storage Schemes,cn=config",
"changetype: add",
"objectClass: top",
"objectClass: ds-cfg-password-storage-scheme",
"objectClass: ds-cfg-pkcs5s2-password-storage-scheme",
"cn: PKCS5S2",
"ds-cfg-java-class: org.opends.server.extensions.PKCS5S2PasswordStorageScheme",
"ds-cfg-enabled: true"));
/** See OPENDJ-1545 */
register("2.8.0",
"dn: cn=Network Groups,cn=config"),
"dn: cn=Workflows,cn=config"),
"dn: cn=Workflow Elements,cn=config"));
register("2.8.0",
"dn: cn=Network Group,cn=Plugins,cn=config"));
register("2.8.0",
"dn: cn=Extensions,cn=config"));
/** See OPENDJ-1637 */
register("2.8.0",
/** See OPENDJ-1701 */
register("2.8.0",
"dn: cn=File System,cn=Entry Caches,cn=config"));
/** See OPENDJ-1869 */
register("2.8.0",
"(objectclass=ds-cfg-root-config)",
"delete: ds-cfg-entry-cache-preload"));
/** See OPENDJ-2054 */
register("2.8.0",
/** See OPENDJ-1322 and OPENDJ-1067 */
register("2.7.0",
/*
* All upgrades will refresh the server configuration schema and generate
* a new upgrade folder.
*/
copySchemaFile("02-config.ldif"),
// @formatter:on
}
/**
* Returns a list containing all the tasks which are required in order to
* upgrade from {@code fromVersion} to {@code toVersion}.
*
* @param fromVersion
* The old version.
* @param toVersion
* The new version.
* @return A list containing all the tasks which are required in order to
* upgrade from {@code fromVersion} to {@code toVersion}.
*/
{
{
}
return tasks;
}
/**
* Upgrades the server from {@code fromVersion} to {@code toVersion} located
* in the upgrade context.
*
* @param context
* The context of the upgrade.
* @throws ClientException
* If an error occurred while performing the upgrade.
*/
throws ClientException
{
// Checks and validates the version number.
// Server must be offline.
// Checks License.
/*
* Get the list of required upgrade tasks.
*/
{
return;
}
/*
* Let tasks interact with the user in order to obtain user's selection.
*/
{
}
// Starts upgrade
final int userResponse = context.confirmYN(INFO_UPGRADE_DISPLAY_CONFIRM_START.get(), ConfirmationCallback.YES);
{
}
try
{
/*
* Perform the upgrade tasks.
*/
{
}
{
/*
* The end of a successful upgrade is marked up with the build info file
* update and the license, if present, requires the creation of an
* approval file.
*/
}
else
{
}
/*
* Performs the post upgrade tasks.
*/
{
}
}
catch (final ClientException e)
{
throw e;
}
catch (final Exception e)
{
}
finally
{
}
}
{
boolean isOk = true;
{
if (isOk)
{
try
{
}
catch (ClientException e)
{
isOk = false;
}
}
else
{
}
}
}
final UpgradeTask... tasks)
{
{
taskList = new LinkedList<>();
}
}
{
}
/**
* The server must be offline during the upgrade.
*
* @throws ClientException
* An exception is thrown if the server is currently running.
*/
{
try
{
// Assume that if we cannot acquire the lock file the server is
// running.
{
}
}
finally
{
}
}
/**
* Checks if the version can be updated.
*
* @param context
* The current context which running the upgrade.
* @throws ClientException
* If an exception occurs - stops the process.
*/
throws ClientException
{
{
/*
* If the server is already up to date then treat it as a successful
* upgrade so that upgrade is idempotent.
*/
final LocalizableMessage message =
}
// The upgrade only supports version >= 2.4.5.
{
}
}
/**
* Writes the up to date's version number within the build info file.
*
* @param context
* The current context which running the upgrade.
* @throws ClientException
* If an exception occurs when displaying the message.
* @throws IOException
* If an exception occurs when trying to write the file.
*/
throws ClientException
{
try
{
Installation.BUILDINFO_RELATIVE_PATH), false);
// Write the new version
}
catch (IOException e)
{
}
finally
{
}
}
throws ClientException
{
// Check license
{
if (!context.isAcceptLicenseMode())
{
final int answer;
// The force cannot answer yes to the license's question,
// which is not a task even if it requires a user interaction OR
// -an accept license mode to continue the process.
if (context.isForceUpgradeMode())
{
}
else
{
}
{
}
{
LicenseFile.setApproval(true);
}
}
else
{
// We automatically accept the license with this option.
LicenseFile.setApproval(true);
}
}
}
/**
* The classes folder is renamed by the script launcher to avoid
* incompatibility between patches and upgrade process. If a folder
* "classes.disabled" is found, this function just displays a warning in the
* log file, meaning the "classes" folder has been renamed. See upgrade.sh /
* upgrade.bat scripts which hold the renaming process. (OPENDJ-1098)
*/
private static void logWarnAboutPatchesFolder()
{
try
{
{
}
}
}
catch (SecurityException se)
{
}
}
/**
* Returns {@code true} if the current upgrade contains post upgrade tasks.
*
* @return {@code true} if the current upgrade contains post upgrade tasks.
*/
static boolean hasPostUpgradeTask()
{
return hasPostUpgradeTask;
}
/**
* Sets {@code true} if the current upgrade contains post upgrade tasks.
*
* @param hasPostUpgradeTask
* {@code true} if the current upgrade contains post upgrade tasks.
*/
static void setHasPostUpgradeTask(boolean hasPostUpgradeTask)
{
}
/** Prevent instantiation. */
private Upgrade()
{
// Nothing to do.
}
}