SecureConnectionCliParser.java revision 52e2f87fad88634e1bc5e70af7fc7407d7a92097
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at
* trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
* add the following below this CDDL HEADER, with the fields enclosed
* by brackets "[]" replaced with your own identifying information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Portions Copyright 2007 Sun Microsystems, Inc.
*/
/**
* This is a commodity class that can be used to check the arguments required
* to stablish a secure connection in the command line. It can be used
* to generate an ApplicationTrustManager object based on the options provided
* by the user in the command line.
*
*/
public abstract class SecureConnectionCliParser extends SubCommandArgumentParser
{
/**
* The showUsage' global argument.
*/
/**
* The 'hostName' global argument.
*/
/**
* The 'port' global argument.
*/
/**
* The 'binDN' global argument.
*/
/**
* The 'bindPasswordFile' global argument.
*/
/**
* The 'bindPassword' global argument.
*/
/**
* The 'verbose' global argument.
*/
/**
* The 'trustAllArg' global argument.
*/
/**
* The 'trustStore' global argument.
*/
/**
* The 'trustStorePassword' global argument.
*/
/**
* The 'trustStorePasswordFile' global argument.
*/
/**
* The 'keyStore' global argument.
*/
/**
* The 'keyStorePassword' global argument.
*/
/**
* The 'keyStorePasswordFile' global argument.
*/
/**
* The 'certNicknameArg' global argument.
*/
/**
* The 'useSSLArg' global argument.
*/
/**
* The 'startTLSArg' global argument.
*/
/**
* The tracer object for the debug logger.
*/
/**
* End Of Line.
*/
/**
* The Logger.
*/
/**
* Creates a new instance of this argument parser with no arguments.
*
* @param mainClassName
* The fully-qualified name of the Java class that should
* be invoked to launch the program with which this
* argument parser is associated.
* @param toolDescription
* A human-readable description for the tool, which will be
* included when displaying usage information.
* @param longArgumentsCaseSensitive
* Indicates whether subcommand and long argument names
* should be treated in a case-sensitive manner.
*/
{
}
/**
* Get the bindDN which has to be used for the command.
*
* @return The bindDN specified by the command line argument, or the
* default value, if not specified.
*/
{
{
}
else
{
return bindDnArg.getDefaultValue();
}
}
/**
* Get the password which has to be used for the command.
*
* @param dn
* The user DN for which to password could be asked.
* @param out
* The input stream to used if we have to prompt to the
* user.
* @param err
* The error stream to used if we have to prompt to the
* user.
* @return The password stored into the specified file on by the
* command line argument, or prompts it if not specified.
*/
{
if (bindPasswordArg.isPresent())
{
{
// read the password from the stdin.
try
{
{
if (debugEnabled())
{
}
try
{
}
catch (IOException e)
{
}
return null;
}
}
return bindPasswordValue;
}
else
if (bindPasswordFileArg.isPresent())
{
return bindPasswordFileArg.getValue();
}
else
{
// read the password from the stdin.
try
{
.getBytes());
}
{
if (debugEnabled())
{
}
try
{
}
catch (IOException e)
{
}
return null;
}
}
}
/**
* Get the password which has to be used for the command without prompting
* the user. If no password was specified, return null.
*
* @return The password stored into the specified file on by the
* command line argument, or null it if not specified.
*/
public String getBindPassword()
{
if (bindPasswordArg.isPresent())
{
}
else
if (bindPasswordFileArg.isPresent())
{
}
else
{
}
return pwd;
}
/**
* Initialize Global option.
*
* @param outStream
* The output stream used for the usage.
* @throws ArgumentException
* If there is a problem with any of the parameters used
* to create this argument.
*/
throws ArgumentException
{
OPTION_LONG_BINDDN, false, false, true, OPTION_VALUE_BINDDN,
OPTION_SHORT_BINDPWD, OPTION_LONG_BINDPWD, false, false, true,
OPTION_SHORT_BINDPWD_FILE, OPTION_LONG_BINDPWD_FILE, false, false,
OPTION_LONG_TRUSTSTORE_PWD, false, false, true,
OPTION_SHORT_KEYSTOREPATH, OPTION_LONG_KEYSTOREPATH, false, false,
OPTION_LONG_KEYSTORE_PWD, false, false, true,
}
/**
* Get the host name which has to be used for the command.
*
* @return The host name specified by the command line argument, or
* the default value, if not specified.
*/
public String getHostName()
{
if (hostNameArg.isPresent())
{
return hostNameArg.getValue();
}
else
{
return hostNameArg.getDefaultValue();
}
}
/**
* Get the port which has to be used for the command.
*
* @return The port specified by the command line argument, or the
* default value, if not specified.
*/
{
{
}
else
{
return portArg.getDefaultValue();
}
}
/**
* Indication if provided global options are validate.
*
* @param buf the MessageBuilder to write the error messages.
* @return return code.
*/
{
// Couldn't have at the same time bindPassword and bindPasswordFile
}
// Couldn't have at the same time trustAll and
// trustStore related arg
}
}
}
// Couldn't have at the same time trustStorePasswordArg and
// trustStorePasswordFileArg
&& trustStorePasswordFileArg.isPresent()) {
}
// Couldn't have at the same time startTLSArg and
// useSSLArg
if (startTLSArg.isPresent()
}
{
{
{
}
}
return CONFLICTING_ARGS.getReturnCode();
}
return SUCCESSFUL_NOP.getReturnCode();
}
/**
* Indication if provided global options are validate.
*
* @param err the stream to be used to print error message.
* @return return code.
*/
{
{
}
return returnValue;
}
/**
* Indicate if the verbose mode is required.
*
* @return True if verbose mode is required
*/
public boolean isVerbose()
{
if (verboseArg.isPresent())
{
return true;
}
else
{
return false ;
}
}
/**
* Indicate if the SSL mode is required.
*
* @return True if SSL mode is required
*/
public boolean useSSL()
{
{
return true;
}
else
{
return false ;
}
}
/**
* Indicate if the startTLS mode is required.
*
* @return True if startTLS mode is required
*/
public boolean startTLS()
{
if (startTLSArg.isPresent())
{
return true;
}
else
{
return false ;
}
}
/**
* Handle TrustStore.
*
* @return The trustStore manager to be used for the command.
*/
public ApplicationTrustManager getTrustManager()
{
if (trustAllArg.isPresent())
{
// Running a null TrustManager will force createLdapsContext and
// createStartTLSContext to use a bindTrustManager.
return null ;
}
else
if (trustStorePathArg.isPresent())
{
try
{
char[] trustStorePasswordValue = null;
if (trustStorePasswordArg.isPresent())
{
}
else if (trustStorePasswordFileArg.isPresent())
{
}
if (trustStorePasswordStringValue != null)
{
.getProperty("javax.net.ssl.trustStorePassword");
}
if (trustStorePasswordStringValue != null)
{
}
}
catch (KeyStoreException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effort mode.
}
catch (NoSuchAlgorithmException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effort mode.
}
catch (CertificateException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effort mode.
}
catch (IOException e)
{
// Nothing to do: if this occurs we will systematically refuse the
// certificates. Maybe we should avoid this and be strict, but we are
// in a best effort mode.
}
}
return truststoreManager;
}
/**
* Handle KeyStore.
*
* @return The keyStore manager to be used for the command.
*/
public KeyManager getKeyManager()
{
char[] keyStorePasswordValue = null;
if (keyStorePathArg.isPresent())
{
try
{
if (keyStorePasswordArg.isPresent())
{
}
else if (keyStorePasswordFileArg.isPresent())
{
}
if (keyStorePasswordStringValue != null)
{
}
}
catch (KeyStoreException e)
{
// Nothing to do: if this occurs we will systematically refuse
// the
// certificates. Maybe we should avoid this and be strict, but
// we are in a best effort mode.
}
catch (NoSuchAlgorithmException e)
{
// Nothing to do: if this occurs we will systematically refuse
// the
// certificates. Maybe we should avoid this and be strict, but
// we are
// in a best effort mode.
}
catch (CertificateException e)
{
// Nothing to do: if this occurs we will systematically refuse
// the
// certificates. Maybe we should avoid this and be strict, but
// we are
// in a best effort mode.
}
catch (IOException e)
{
// Nothing to do: if this occurs we will systematically refuse
// the
// certificates. Maybe we should avoid this and be strict, but
// we are
// in a best effort mode.
}
if (keyStorePasswordStringValue != null)
{
}
if (certNicknameArg.isPresent())
{
.getValue());
}
else
{
return akm;
}
}
else
{
return null;
}
}
}