------------------------------------------------------------------------ r2795 | david_page | 2007-08-25 11:09:20 -0700 (Sat, 25 Aug 2007) | 28 lines Issue 466 preparation. This is a followup to commit r2774. Secure replication depends on ADS containing at least the instance-to-be-initialized's instance key public-key certificate in the ADS-based truststore because the existing replication domain server requires it to "trust" the new server. (The new server trusts the domain server by some future ADSContext code that will fetch the domain host's public-key certificate and write it into the new server's truststore backend - all via LDAP.) Subsequent to commit r2774, we discovered that configuring replication results in the replication server opening its server socket and configuring it for TLS. The TLS configuration requires the local truststore to be initialized with the local instance key and the instance key of any to-be-replicated servers must be added. Hence, the Installer's ADS configuration step must be run before its replication configuration step. In the current implementation of the ADS configuration step, ADS replication is configured and initialized (distinct from the suffixes specified by the user). These changes 1) move the ADS replication configuration and initialization from the ADS configuration step, and merge them into the code that handles configuring and initializing replication of the user specified suffixes (Installer.java); and 2) move the invocation of the ADS configuration ahead of the replication configuration (OfflineInstaller,WebStartInstaller.java). M src/quicksetup/org/opends/quicksetup/installer/offline/OfflineInstaller.java M src/quicksetup/org/opends/quicksetup/installer/webstart/WebStartInstaller.java M src/quicksetup/org/opends/quicksetup/installer/Installer.java Tests: In addition to the precommit target, I've run the following setup scenarios using the OfflineInstaller: 1) Setup standalone server with data; setup new server as part of existing replication. Then the new server setup configures replication, ADS, and initializes suffixes on both instances. 2) Setup initial replicated server with data; setup new server as part of existing replication. I'm not sure how to test the WebStartInstaller, but the code and changes are identical to the OfflineInstaller, so perhaps it is ok. --- Thanks to Josu for reviewing. ------------------------------------------------------------------------ r2796 | abobrov | 2007-08-25 15:32:55 -0700 (Sat, 25 Aug 2007) | 3 lines - [Issue 2030] new configuration attribute to enforce entry compression: allow for backend-compact-encoding property, enabled by default. ------------------------------------------------------------------------ r2797 | neil_a_wilson | 2007-08-25 17:14:04 -0700 (Sat, 25 Aug 2007) | 12 lines Update configuration definitions to make a few different types of changes: - Add CDDL headers to files that were missing them - Change the syntax for some attributes whose values were supposed to be attribute types into "attribute-type" - Add appropriate base values for some properties with the DN syntax - Change a couple of descriptions that had inaccuracies or copy-and-paste typos - Change a couple of default values to match what's defined in the config file - Provide a couple of overrides for classes in config definitions that extend a parent definition (in particular, override classes for attribute syntax implementations) ------------------------------------------------------------------------ r2798 | al_xipe | 2007-08-25 17:50:01 -0700 (Sat, 25 Aug 2007) | 1 line schematokens fix for replication tests ------------------------------------------------------------------------ r2799 | abobrov | 2007-08-25 18:10:02 -0700 (Sat, 25 Aug 2007) | 4 lines - fix entry cache mutable properties [properties that can be changed on the fly without any admin action required] functionality which got broken presumably when migrating to new admin framework. ------------------------------------------------------------------------ r2800 | al_xipe | 2007-08-25 18:45:50 -0700 (Sat, 25 Aug 2007) | 1 line renamed a file so that the new loop kicking off the test works ------------------------------------------------------------------------ r2801 | jvergara | 2007-08-25 20:16:07 -0700 (Sat, 25 Aug 2007) | 4 lines This commit includes all the code for the first version of the replication tools. As they require further testing the command line associated with them has not been committed. Appart from the code particular for the replication tools, some refactoring has been done and some new methods have been added to the Utilities classes. Some typos have also been fixed. ------------------------------------------------------------------------ r2802 | jvergara | 2007-08-25 20:31:09 -0700 (Sat, 25 Aug 2007) | 2 lines Add missing file in previous commit. ------------------------------------------------------------------------ r2803 | abobrov | 2007-08-26 10:37:06 -0700 (Sun, 26 Aug 2007) | 4 lines - change key FSCache persistence related messages severity from INFO to NOTICE so that they are always logged by default being very important state indicators. Those messages are only logged during cache init and fini phases and will not generate any noise. ------------------------------------------------------------------------ r2804 | jvergara | 2007-08-26 10:43:55 -0700 (Sun, 26 Aug 2007) | 6 lines Fix for issues 2104 and 2162. The modifications use the new option {no-prompt} instead of {interactive} so that the command-lines are interactive by default. Modify the status command-line to have an interactive mode (until today it only asked for the password if it was missing). ------------------------------------------------------------------------ r2805 | neil_a_wilson | 2007-08-26 13:32:46 -0700 (Sun, 26 Aug 2007) | 6 lines Update the traditional worker thread implementation so that the threads catch Throwable instead of Exception. This prevents them from exiting abnormally if they encounter something like an AssertionError, which could be thrown by unit tests or assert statements in the code if the associated condition isn't satisfied. ------------------------------------------------------------------------ r2806 | neil_a_wilson | 2007-08-26 13:35:25 -0700 (Sun, 26 Aug 2007) | 11 lines Make a change to the account status notification handler API so that it is possible to provide additional properties along with the notification. This makes it possible to develop account status notification handlers that can act more intelligently and/or provide more useful information. This also reverts an earlier change that migrated hard-coded strings to localizeable messages for notification types. The set of notification types should in fact be hard-coded strings because they may be used in the configuration, and the contents of a configuration file should not depend on the locale in which the server is operating. ------------------------------------------------------------------------ r2807 | jvergara | 2007-08-26 13:41:30 -0700 (Sun, 26 Aug 2007) | 3 lines Fix the unit tests and the dsconfig.xml to run in non-prompt mode. Remove a duplicate message in admin_tools.properties. ------------------------------------------------------------------------ r2808 | dugan | 2007-08-26 14:01:03 -0700 (Sun, 26 Aug 2007) | 1 line Change behavior of ds-cfg-unique-attribute-type attribute so that it is required (mandatory). ------------------------------------------------------------------------ r2809 | jvergara | 2007-08-27 01:37:44 -0700 (Mon, 27 Aug 2007) | 4 lines Fix for issue 2167. Update the code so that the log messages we received are written to the installer log file and also add some code to supress the output of certain operations in the progress dialog of the installer (in the case of the creation of the top entry). ------------------------------------------------------------------------ r2810 | gbellato | 2007-08-27 04:31:55 -0700 (Mon, 27 Aug 2007) | 8 lines fix for issue 2150 : ConcurrentModificationException in InitializeTask The updates done to the task entry during an initialize task was sometime causing ConcurrentModificationException because they were done in an internal thread that can be in concurrence with the operation threads. The fix is to use the taskScheduler lock when updating the task entry ------------------------------------------------------------------------ r2811 | gbellato | 2007-08-27 04:58:47 -0700 (Mon, 27 Aug 2007) | 13 lines complement for issue 2097 : total update fails sending a Message to ReplicationCache When debugging 2097 I've noticed that during a replication total update, if the updated server fails, the publisher thread on the other server hangs. The hang happens because normally the publisher thread never tries to reconnect after a protocol session failure but waits for the receiver threads to do the job but here the publishing activity is done in a receiver thread that holding the session lock and therefore prevent the other thread from doing there job. The solution is to move this work outside of the lock. I've tested this manually as it is difficult to automate. ------------------------------------------------------------------------ r2812 | al_xipe | 2007-08-27 06:38:19 -0700 (Mon, 27 Aug 2007) | 1 line backout commenting a test failure for bug 2107 ------------------------------------------------------------------------ r2813 | kenneth_suter | 2007-08-27 07:15:13 -0700 (Mon, 27 Aug 2007) | 1 line added messages package to javadoc generation target ------------------------------------------------------------------------ r2814 | david_page | 2007-08-27 08:17:29 -0700 (Mon, 27 Aug 2007) | 4 lines Issue 466 preparation. Cleanup around requesting instance public-key certificate from truststore backend. ------------------------------------------------------------------------ r2815 | kenneth_suter | 2007-08-27 08:38:14 -0700 (Mon, 27 Aug 2007) | 1 line Removed {@inheritDoc} tags from messages package method declarations that inherit directly from Java core methods and replaced them with comments derived in most part from the parent methods ------------------------------------------------------------------------ r2816 | gary_williams | 2007-08-27 08:51:10 -0700 (Mon, 27 Aug 2007) | 2 lines Issue 1222 path and name of to config.py should be parameterized ------------------------------------------------------------------------ r2817 | david_page | 2007-08-27 09:13:04 -0700 (Mon, 27 Aug 2007) | 5 lines Issue 466 (partial) rename "ds-cfg-ads-certificate" to "ds-cfg-public-key-certificate" use "ds-cfg-public-key-certificate;binary" ------------------------------------------------------------------------ r2818 | david_page | 2007-08-27 10:23:48 -0700 (Mon, 27 Aug 2007) | 17 lines Fix infinite loop in ServerDescriptor#updateAdsPropertiesWithServerProperties Test case: 1. Create initial instance as stand-alone (no replication or ADS); 2. Create second instance as part of replication toplogy, specifying instance created in step 1. Configuration of instance 2 hangs in registering server with ADS. Works after this change; however, now get on OS X: $ ./setup Launching graphical setup... 2007-08-27 12:11:07.058 java[3932] CFLog (0): CFMessagePort: bootstrap_register(): failed 1103 (0x44f), port = 0x12503, name = 'java.ServiceProvider' See /usr/include/servers/bootstrap_defs.h for the error codes. 2007-08-27 12:11:07.061 java[3932] CFLog (99): CFMessagePortCreateLocal(): failed to name Mach port (java.ServiceProvider) ------------------------------------------------------------------------ r2819 | coulbeck | 2007-08-27 11:33:48 -0700 (Mon, 27 Aug 2007) | 1 line Use byte[] instead of String for the certificate value because it is a binary attribute. ------------------------------------------------------------------------ r2820 | boli | 2007-08-27 11:58:10 -0700 (Mon, 27 Aug 2007) | 13 lines This adds the numSubordinates and hasSubordinates operational attribute support in OpenDS. - Implemented as virtual attributes - They are enabled by default - numSubordinates and hasSubordinates methods added to the backend API and implemented for all existing backends - JE implementation uses the id2children index to keep count of the number of subordinates for each entry. - The behavior of exceeding the index-entry-limit (ALL-IDs) has changed to store a 8 byte entry ID set count with the most significant bit set to 1 instead of a 0 byte array to signify the index-entry-limit has been exceeded. The previous format is still compatible but all requests for numSubordinates will return undefined (-1). - The DBTest tool is also included in this fix. This can be used to list root containers, entry containers, database containers, index status, as well as dumping a database with or without decoding the data. Fix for issues 43 and 72 ------------------------------------------------------------------------ r2821 | mkeyes | 2007-08-27 14:38:02 -0700 (Mon, 27 Aug 2007) | 4 lines Added test cases for Issue 1683. Also, modified the dsconfigSet function so that two of its existing parameters are now optional instead of required. This was necessary for such cases as set-global-configuration-prop where no object may be specified. ------------------------------------------------------------------------ r2822 | al_xipe | 2007-08-27 15:29:10 -0700 (Mon, 27 Aug 2007) | 15 lines 1 - runCommand wraps output lines longer than 100 characters 2 - fix in runTestJob: removed copy of results.html in tmp folder 3 - fix in staf-installer.xml removed references to results.html only rely on my-report.html now 4 - attach my-report.html to the in place of results.html 5 - added knowIssue facility to allow to tag tests failing because of known issues 6 - updated the XSL style sheet to show known issue 7 - added testcase coloring based on status pass/fail/unknown/known 8 - added table of contents title row to make it easier for newcomers to read the report 9 - added known bugs calls in backends group 10- added known bugs calls in security group 11- added known bugs call in logging group 12- fix in utils for default windows environment variables ------------------------------------------------------------------------ r2823 | al_xipe | 2007-08-27 15:30:02 -0700 (Mon, 27 Aug 2007) | 1 line put test list back to normal ------------------------------------------------------------------------ r2824 | neil_a_wilson | 2007-08-27 19:00:49 -0700 (Mon, 27 Aug 2007) | 22 lines Add an SMTP account status notification handler, which can be configured to send e-mail messages whenever an account status notification is generated. The message can be sent to the end user impacted by the notification (based on an attribute in the user's entry) and/or a fixed set of recipients. The messages that will be generated are created from template files, which can include tokens that will be replced with things like: - The name of the notification type - The notification message - The DN of the target user's entry - Attribute values from the target user's entry - Values of account status notification properties, which may vary based on the type of notification This change also includes a fix for a problem that could allow password expiration warning messages to be sent to a client even if the bind was not successful. OpenDS Issue Number: 581 ------------------------------------------------------------------------ r2825 | matthew_swift | 2007-08-28 04:46:00 -0700 (Tue, 28 Aug 2007) | 2 lines Fix type in package declaration. ------------------------------------------------------------------------ r2826 | lutoff | 2007-08-28 06:41:13 -0700 (Tue, 28 Aug 2007) | 1 line Removed {@inheritDoc} tags ------------------------------------------------------------------------ r2827 | jvergara | 2007-08-28 07:05:01 -0700 (Tue, 28 Aug 2007) | 5 lines Fix for issue 2176. Update the function that created the Message to be displayed to return a String instead of a Message object. ------------------------------------------------------------------------ r2829 | coulbeck | 2007-08-28 08:54:13 -0700 (Tue, 28 Aug 2007) | 5 lines Changes for replication security issues 511, 512, 608. There is a new backend representing the certificate trust store, which allows the setup code to query and populate the trust store over protocol. However, we are using blind trust until that piece of the setup code is ready. The encryption settings are currently global to the server instance in a new crypto manager config entry. Authentication will always be performed so the main setting is whether to use encryption or not. In the future (post 1.0) we will need to allow encryption to be configured on or off depending on which replication server we are connecting to but we need some discussion on the best way to specify that in configuration. ------------------------------------------------------------------------ r2830 | coulbeck | 2007-08-28 09:04:25 -0700 (Tue, 28 Aug 2007) | 1 line Files missing from previous commit ------------------------------------------------------------------------ r2831 | coulbeck | 2007-08-28 09:15:52 -0700 (Tue, 28 Aug 2007) | 1 line Fix conflict from previous commit ------------------------------------------------------------------------ r2832 | david_page | 2007-08-28 11:55:09 -0700 (Tue, 28 Aug 2007) | 6 lines Issue 466 preparation Clean up duplicate code in Installer.updateADS in preparation for adding instance public-key certificate to properties. External behavior (e.g., registeredNewServerOnRemote) should be unchanged. Ran precommit tests and various setup hand tests. ------------------------------------------------------------------------ r2833 | boli | 2007-08-28 13:03:30 -0700 (Tue, 28 Aug 2007) | 4 lines Fixed NumSubordinatesVirtualAttributeProviderTestCase unit test which was crashing TestNG on some machines. ------------------------------------------------------------------------ r2834 | neil_a_wilson | 2007-08-28 14:43:46 -0700 (Tue, 28 Aug 2007) | 16 lines Update the TestCaseUtils.clearJEBackend() method to use a different approach. Instead of closing the environment, deleting the files, and re-opening the environment, we are keeping the environment open and just truncating the databases. This dramatically reduces the amount of memory required to run the unit tests, apparently as a result of a memory leak in the Berkeley DB JE when the environment is repeatedly opened and closed. Note that the latest release of Berkeley DB JE (3.2.44, which we aren't yet using) claims to have a fix for a similar problem (JE issue #15444 as described in http://forums.oracle.com/forums/thread.jspa?messageID=1782659) but testing with that JE version didn't appear to resolve the problem so it is likely that the issue still exists. However, while it was causing a significant problem in our test cases, it is unlikely to cause problems in production environments because the JE environment should not be repeatedly opened and closed in the same JVM instance. ------------------------------------------------------------------------ r2835 | david_page | 2007-08-28 16:37:00 -0700 (Tue, 28 Aug 2007) | 8 lines In Installer#updateADS:: 1. replace getNewServerAdsProperties(getUserData()) with ServerDescriptor to: a. align with new ReplicationCliMain b. allow implementing publicKeyCertificate entry independent of CLI/GUI. 2. inline getRemoteServerProperties (single caller) ------------------------------------------------------------------------ r2836 | tdj_tx | 2007-08-28 18:11:12 -0700 (Tue, 28 Aug 2007) | 2 lines Changed a testcase name, needed "overwrite" reject file. ------------------------------------------------------------------------ r2837 | al_xipe | 2007-08-28 19:56:33 -0700 (Tue, 28 Aug 2007) | 1 line 1. added the ability to save the server error and access log.\n2. the testcases are now timed down to the second. subsecond timing would have been too platform(C library actually) dependent in python\n3. adapted the XSL to report the number of known issues\n4. Still need to fix coverage % XSL template\n5. other minor XSL fixes\n6. added windows new line support in environment.xml ------------------------------------------------------------------------ r2838 | neil_a_wilson | 2007-08-28 23:10:13 -0700 (Tue, 28 Aug 2007) | 8 lines Add an API that can be used to allow compressed schema tokens to be stored in alternate repositories. The current implementation is still the default server-wide mechanism using the config/schematokens.dat file, but it will be possible to use this API to create alternate implementations (e.g., one for the JE backend that stores the tokens in the database). This provides the first part of the fix for issue #2158. ------------------------------------------------------------------------ r2839 | al_xipe | 2007-08-29 02:20:29 -0700 (Wed, 29 Aug 2007) | 6 lines 1. fix for wrapping log lines around. Now take pre-existing \n into account 2. removed python unused Matcher class 3. fix for testcase identification to start dumping the STAX log into test-log.xml 4. fix for indexes test cases (added -n to dsconfig) ------------------------------------------------------------------------ r2840 | jvergara | 2007-08-29 04:50:00 -0700 (Wed, 29 Aug 2007) | 6 lines Improve the status command-line interaction by asking the user for the BIndDN to use when this was not provided. Before asking to use SSL or startTLS check that they can actually be used. Rename StatusCliParser to StatusCliArgumentParser for coherency. Define the no prompting options in ToolConstants. ------------------------------------------------------------------------ r2841 | lutoff | 2007-08-29 04:55:24 -0700 (Wed, 29 Aug 2007) | 1 line Fix typo ------------------------------------------------------------------------ r2842 | jvergara | 2007-08-29 06:06:33 -0700 (Wed, 29 Aug 2007) | 2 lines Add missing printLine in interactive mode. ------------------------------------------------------------------------ r2843 | matthew_swift | 2007-08-29 07:40:34 -0700 (Wed, 29 Aug 2007) | 41 lines Fix issue 1831: dsconfig interactive mode. Overview: This change completes the dsconfig interactive mode. dsconfig now supports two levels of interactivity: 1) Usage: dsconfig A top-level menu driven text based console. Using this interactive mode the user is able able to perform multiple administrative tasks via a menu-driven interface 2) Usage: dsconfig dsconfig will perform the administrative task associated with the specified sub-command prompting the user for any missing information required in order to complete the task In addition, both interactive modes will prompt the user for any connection parameters not specified on the command line. Note that it is possible to run dsconfig non-interactively using the "-n" option. Although this is only available when a sub-command is provided. Other changes: 1) part of this work required implementing a generic CLI application framework. This includes an API for building and running menu-based interfaces. The classes are located in a new package called org.opends.server.util.cli 2) the dsconfig related messages have been relocated into a separate dsconfig-specific properties file. ------------------------------------------------------------------------ r2844 | matthew_swift | 2007-08-29 08:34:47 -0700 (Wed, 29 Aug 2007) | 1 line Fix typo in property editor invocation which caused the wrong finish menu option to be displayed. ------------------------------------------------------------------------ r2845 | jvergara | 2007-08-29 08:57:20 -0700 (Wed, 29 Aug 2007) | 2 lines Fix typo. ------------------------------------------------------------------------ r2846 | jvergara | 2007-08-29 10:54:56 -0700 (Wed, 29 Aug 2007) | 4 lines Move the no option constant definition to ToolConstants. Refactor some code and put it in CliApplicationHelper. Fix some minor bugs in the output of the command-lines. ------------------------------------------------------------------------ r2848 | mkeyes | 2007-08-29 12:03:35 -0700 (Wed, 29 Aug 2007) | 2 lines Fixed a bug in the dsconfig list-xxx functional tests that caused a fail. ------------------------------------------------------------------------ r2849 | al_xipe | 2007-08-29 12:29:47 -0700 (Wed, 29 Aug 2007) | 8 lines 1. fix for case sensitive string search in groups 2. fix for memory hungry test and server log parsing - now uses temporary files instead of memory 3. update the test verdict to reflect inconclusive and known issue states 4. fix for wrapping log lines longer than 100 characters 5. fix to show known issue state only if a test fails 6. make log parsing more robust when the server is not installed where expected ------------------------------------------------------------------------ r2850 | jvergara | 2007-08-29 12:31:10 -0700 (Wed, 29 Aug 2007) | 6 lines Fix for issue 2188: Define some new constants in ToolConstants that are used by SecureConnectionCliParser. This way all the utilities using this class will benefit of the fix. Note: this fix adds short options so the interface change does not break any tool that might be using the impacting commands. ------------------------------------------------------------------------ r2851 | mkeyes | 2007-08-29 12:59:42 -0700 (Wed, 29 Aug 2007) | 3 lines Adding parameters, customKeyMgr and customTrustMgr, to the functions, configureSSL and unconfigureSSL. This allows the use of these functions to create and delete new key managers and trust managers. ------------------------------------------------------------------------ r2852 | mkeyes | 2007-08-29 13:06:26 -0700 (Wed, 29 Aug 2007) | 3 lines Adding test cases for create and delete subcommands for dsconfig for new key managers and trust managers. Also rearranged the function calls to setup and teardown for the jks security SSL test suites in order to more easily accommdate the new test cases. ------------------------------------------------------------------------ r2853 | mkeyes | 2007-08-29 13:45:54 -0700 (Wed, 29 Aug 2007) | 2 lines Added knownIssue function call to a functional test case. ------------------------------------------------------------------------ r2854 | neil_a_wilson | 2007-08-29 14:02:56 -0700 (Wed, 29 Aug 2007) | 5 lines Temporarily disable some filesystem entry cache test cases because it appears that new bug in dsconfig is causing them to fail. OpenDS Issue Number: 2192 ------------------------------------------------------------------------ r2855 | al_xipe | 2007-08-29 14:46:43 -0700 (Wed, 29 Aug 2007) | 1 line fix an erroneous join for issues list ------------------------------------------------------------------------ r2856 | neil_a_wilson | 2007-08-29 15:55:03 -0700 (Wed, 29 Aug 2007) | 9 lines Update the CreateRCScript tool so that it provides the ability to specify the user that the server should run as (invoked via "su"), and also lets the user specify the JAVA_HOME and JAVA_ARGS settings that should be used. This also updates the start-ds and stop-ds commands to support a --quiet argument, which causes them to not generate any output. The generated RC script uses this option, since server startup output shouldn't be generated at system boot time. ------------------------------------------------------------------------ r2857 | jvergara | 2007-08-29 16:12:07 -0700 (Wed, 29 Aug 2007) | 2 lines Use consistently line breaks in the uninstall and status command-lines. ------------------------------------------------------------------------ r2858 | david_page | 2007-08-29 20:59:38 -0700 (Wed, 29 Aug 2007) | 10 lines Issue 466 partial. ServerDescriptor#createStandalone now induces the server to initialize its local instance key. ADSContext#registerServer writes the instance public-key certificate to "cn=instance keys,cn=admin data" and links that entry to the server entry in ADS. Still to consider: ADSContext#updateServer ADSContext#unregisterServer ServerDescriptor#setAdsProperties ------------------------------------------------------------------------ r2859 | lutoff | 2007-08-30 01:34:45 -0700 (Thu, 30 Aug 2007) | 9 lines Fix for issue #2041 Modifications done in dsframework CLI are: 1) create-admin-user and set-admin-user-properties are now handled privilege properties (--set privilege:[-]) 2) get-admin-user-properties shows privileges property associated to the user ------------------------------------------------------------------------ r2860 | matthew_swift | 2007-08-30 03:14:25 -0700 (Thu, 30 Aug 2007) | 4 lines Fix issue 2192: dsconfig delete-backend doesn't work The delete-xxx sub-command was silently failing in non-interactive mode because it was silently prompting for confirmation and defaulting to "no". This change also re-enables the file system entry cache unit tests which were failing as a result of this bug. ------------------------------------------------------------------------ r2861 | gbellato | 2007-08-30 05:39:58 -0700 (Thu, 30 Aug 2007) | 7 lines fix for 2094 : Total update of sub-suffix does not replicate entries Also 2094 problem is mostly due to a bad configuration, this fix makes sure that the exception happening at the database level is correctly taken into account to update the task status. ------------------------------------------------------------------------ r2862 | kenneth_suter | 2007-08-30 06:32:56 -0700 (Thu, 30 Aug 2007) | 1 line unwrapped message descriptor javadoc to support textural search of messages in descriptors irrespective of line breaks ------------------------------------------------------------------------ r2863 | matthew_swift | 2007-08-30 06:45:50 -0700 (Thu, 30 Aug 2007) | 8 lines Minor improvements and code clean-up to org.opends.server.util.table: 1) add support for indenting text table printers: TextTablePrinter#setIndentWidth(int) 2) change the wrapping behavior of text table printers so that words which are too big to fit in the cell's width are not split (this will prevent Java class name properties from being split in dsconfig) 3) minor code clean-up: remove unnecessary final keywords and simplify inner classes ------------------------------------------------------------------------ r2864 | matthew_swift | 2007-08-30 06:46:48 -0700 (Thu, 30 Aug 2007) | 1 line Use the new TextTablePrinter#setIndentWidth(int) method for menu indentation. ------------------------------------------------------------------------ r2865 | matthew_swift | 2007-08-30 06:49:23 -0700 (Thu, 30 Aug 2007) | 2 lines Make the --advanced dsconfig option a global option so that it is available to the global interactive mode. ------------------------------------------------------------------------ r2866 | matthew_swift | 2007-08-30 06:50:03 -0700 (Thu, 30 Aug 2007) | 1 line Use the new TextTablePrinter#setIndentWidth(int) method for table indentation. ------------------------------------------------------------------------ r2867 | matthew_swift | 2007-08-30 07:07:45 -0700 (Thu, 30 Aug 2007) | 8 lines Update the package-info stylesheet so that it generates a suitable PublicAPI annotation for generated packages: @org.opends.server.types.PublicAPI( stability=org.opends.server.types.StabilityLevel.VOLATILE, mayInstantiate=false, mayExtend=false, mayInvoke=true) ------------------------------------------------------------------------ r2868 | kenneth_suter | 2007-08-30 09:28:58 -0700 (Thu, 30 Aug 2007) | 1 line print a timestamp at the end of package so I know when I built ------------------------------------------------------------------------ r2869 | al_xipe | 2007-08-30 09:33:33 -0700 (Thu, 30 Aug 2007) | 1 line 1. move to STAF 3.2.3 ------------------------------------------------------------------------ r2870 | neil_a_wilson | 2007-08-30 09:59:57 -0700 (Thu, 30 Aug 2007) | 3 lines Fix a couple of Javadoc warnings around the use of the @link tag when the referenced method couldn't be found. ------------------------------------------------------------------------ r2871 | al_xipe | 2007-08-30 13:20:18 -0700 (Thu, 30 Aug 2007) | 1 line updated the sample test suite to reflect all the possible test outcome states ------------------------------------------------------------------------ r2872 | al_xipe | 2007-08-30 13:22:22 -0700 (Thu, 30 Aug 2007) | 1 line surround the XSL report generation step with try catch to help diagnose when the XML log is malformed ------------------------------------------------------------------------ r2873 | al_xipe | 2007-08-30 13:28:22 -0700 (Thu, 30 Aug 2007) | 2 lines 1. fix for knownIssue bug (cast a list to a string) 2. fix testcase_Postamble issue- forgot to close file handlers ------------------------------------------------------------------------ r2874 | mkeyes | 2007-08-30 13:35:30 -0700 (Thu, 30 Aug 2007) | 2 lines Fixed a situation where dsconfigSet was not setting the tcstatus to either fail or pass. The result was that some functional test cases were inconclusive. ------------------------------------------------------------------------ r2875 | jvergara | 2007-08-30 15:19:35 -0700 (Thu, 30 Aug 2007) | 4 lines Fix for issue 2200. Be more explicit in the confirmation message about the fact that the authentication is only required if there are other servers replicating data. Be also explicit about the fact that clicking on 'No' in this dialog does not cancel the uninstall. ------------------------------------------------------------------------ r2876 | kenneth_suter | 2007-08-30 15:21:12 -0700 (Thu, 30 Aug 2007) | 2 lines If during the course of an upgrade, the upgrader receives an 'entry already exists' response from the server following an attempt to add an entry to the configuration, the server entry and the to-add entry are compared. If their user attributes are identical then the error is ignored and the upgrade proceeds. If not then an error is shown to the user as before. ------------------------------------------------------------------------ r2877 | boli | 2007-08-30 15:52:47 -0700 (Thu, 30 Aug 2007) | 4 lines Fixed a issue where closing the JE backend may cause memory leaks. With this fix, only one database handle is opened per database container. ------------------------------------------------------------------------ r2878 | boli | 2007-08-30 15:59:02 -0700 (Thu, 30 Aug 2007) | 4 lines Fixed an issue where the root container is not being unregistered as a config change listener on shutdown. Fixed for issue 2183 ------------------------------------------------------------------------ r2879 | boli | 2007-08-30 16:03:00 -0700 (Thu, 30 Aug 2007) | 6 lines Fixed an issue where contention on a index key might cause the index to become corrupt. The index now uses the useNoOverwrite method to insert a new key to prevent the race condition. Fix for issue 2180 ------------------------------------------------------------------------ r2880 | al_xipe | 2007-08-30 19:31:10 -0700 (Thu, 30 Aug 2007) | 1 line revert to staf 3.2.2 until staf bug 1785153 is fixed ------------------------------------------------------------------------ r2881 | lutoff | 2007-08-31 05:51:26 -0700 (Fri, 31 Aug 2007) | 1 line Fix for issue #2202 (NPE in unregister-server when no server group membership) ------------------------------------------------------------------------ r2882 | gbellato | 2007-08-31 06:21:38 -0700 (Fri, 31 Aug 2007) | 8 lines fix for issue 2205 : attribute missing from schema is not handled as expected by replication When the replication code replay a modify operation on an entry that contain historical information for an attribute that is not defined in the schema, the modify operation is not replayed because an AssertionError is thrown by AttributeValue constructor. This fixes the problem by avoiding the AssertionError ------------------------------------------------------------------------ r2883 | david_page | 2007-08-31 07:55:07 -0700 (Fri, 31 Aug 2007) | 9 lines Issue 466 partial Follow-on to commit r2858. ADSContext#updateServer is called by Installer#updateADS (via registerOrUpdateServer) in the case the server entry already exists in ADS. With this commit, updateServer checks 'cn=instance keys,cn=admin data' for an entry with the instance key public-key certificate of the server being (re)registered (or otherwise updated and the instance-key certificate server property is supplied). If the entry exists, it is used. Otherwise, a new entry is created. The new routine ADSContext#registerInstanceKeyCertificate contains the code common to registerServer and updateServer. Note that the updateServer is not fully tested since I cannot figure out how to re-register an existing instance (i.e., unregister, but not uninstall, an instance; then re-register the instance so the existing instance-key entry is reused). M src/ads/org/opends/admin/ads/ServerDescriptor.java M src/ads/org/opends/admin/ads/ADSContext.java ------------------------------------------------------------------------ r2884 | kenneth_suter | 2007-08-31 08:43:58 -0700 (Fri, 31 Aug 2007) | 12 lines Exposes the reversion functionality of the upgrader (issue 2169). Originally it was intended to be exposed as a new script but in order to avoid the negativity of having a command devoted to undoing the upgrade and to avoid more scripts in the top-level directory, I've exposed the functionality as 2 new options in the existing upgrade script. I will update the Wiki with documentation for these new options soon. In order to support custom return codes for quicksetup applications I've overhauled the class formerly called ApplicationReturnCode, converting the inner enum to static instances of a new class ReturnCode. This change touched lots of file in a minor way. Also addressed here: - Interactivity for both the upgrade and reversion operations - Additional work needed to tie the reverter into the version issue (flag day) notification framework. - issue 2170 - upgrader emits NoClassDefFoundError following usage ------------------------------------------------------------------------ r2885 | kenneth_suter | 2007-08-31 08:55:43 -0700 (Fri, 31 Aug 2007) | 1 line Prevents an NPE in cases where the directory server cannot start and must shutdown before the entry cache has been created. ------------------------------------------------------------------------ r2886 | boli | 2007-08-31 09:06:03 -0700 (Fri, 31 Aug 2007) | 4 lines Fixed a typo in the default-behavior synopsis of the logger configuration definitions. Fix for issue 2206 ------------------------------------------------------------------------ r2887 | boli | 2007-08-31 09:13:42 -0700 (Fri, 31 Aug 2007) | 4 lines Fixed a typo in the DBTest tool help. Fix for issue 2191 ------------------------------------------------------------------------ r2888 | jvergara | 2007-08-31 09:31:29 -0700 (Fri, 31 Aug 2007) | 3 lines Fix for issue 2208. Use the proper confirmation message when the user did not ask to start the server. ------------------------------------------------------------------------ r2889 | neil_a_wilson | 2007-08-31 10:55:26 -0700 (Fri, 31 Aug 2007) | 9 lines Add support into the JE backend that can be used to store its compact schema encoding data in the database itself, and re-enable compact encoding by default in the configuration. By storing the compact schema encoding data in the database (a separate copy for each backend), we have eliminated the potential problems in backup/restore and binary copy initialization if there are dependencies on an external schematokens.dat file. OpenDS Issue Number: 2158 ------------------------------------------------------------------------ r2890 | matthew_swift | 2007-08-31 13:34:36 -0700 (Fri, 31 Aug 2007) | 1 line Minor code clean-up: avoid cluttering up Javadoc - make CLIProfile and PropertyValueEditor package private and make several DSConfig inner classes and methods class private. ------------------------------------------------------------------------ r2891 | kenneth_suter | 2007-08-31 14:21:31 -0700 (Fri, 31 Aug 2007) | 1 line throw exceptions for backend operations when initialization fails ------------------------------------------------------------------------ r2892 | kenneth_suter | 2007-08-31 14:28:39 -0700 (Fri, 31 Aug 2007) | 2 lines Allows the upgrader to detect broken replication following an upgrade and improves the error notification. ------------------------------------------------------------------------ r2893 | matthew_swift | 2007-08-31 15:06:04 -0700 (Fri, 31 Aug 2007) | 25 lines Fix issue 1734: Admin framework: refactor client APIs This change refactors the client APIs so that it is now possible to easily implement features that require direct access to properties and managed objects (e.g. dependency/constraint enforcement call-backs - issue 1451). Previous to this change an application would have to drill down from the root managed object in order to find the required managed object and its properties. This change is required by issue 1451 (dependency support), which in turn is required by issue 1449 (aggregation support). Description: ------------ This change splits the client API into two: * org.opends.server.admin.client: this contains APIs which client applications such as dsconfig should use to interact with the admin framework * org.opends.server.admin.client.spi: (new package) this contains the APIs which driver implementations (e.g. JNDI driver) should use as a basis for their implementation. This package includes a Driver class which is intended for use by ManagedObject implementations as well as dependency call-backs. In addition, I have refactored the LDAPManagedObject implementation so that code that is likely to be used by other driver implementations is pushed up into an AbstractManagedObject and the Driver base class. Testing: -------- All unit tests pass and basic walk-through of dsconfig interactive mode also works fine. ------------------------------------------------------------------------ r2894 | neil_a_wilson | 2007-08-31 15:49:33 -0700 (Fri, 31 Aug 2007) | 6 lines Create configuration definitions for "generic" objects in the server configuration. This also includes allocating object classes for each of these types. This will help make it easier for users to create new instances of these kinds of configuration objects because they will not need to know the fully-qualified name of the Java class that implements the associated logic. ------------------------------------------------------------------------ r2895 | david_page | 2007-08-31 20:02:26 -0700 (Fri, 31 Aug 2007) | 4 lines Issue 466 partial Update schema and config files with OIDs issued by Neil. ------------------------------------------------------------------------ r2896 | david_page | 2007-08-31 21:19:31 -0700 (Fri, 31 Aug 2007) | 8 lines Issue 466 partial. With this set of changes, when a program using Installer#updateADS (e.g., ./setup) configures a new instance into an existing topology, the new instance's ads-truststore is "seeded" with the instance key public-key certificate entries in the ADS-based truststore. Thus, when replication is intitialized for the new instance's suffixes (those to be updated from the existing topology; e.g., cn=admin data), the new instance's replication client connection establishment will "trust" the existing instances in the topology. Note that the key infratructure for this change is implemented in ADSContext and ServerDescriptor, but only utilized in Installer (hence by setup GUI and the webstart installer). I need to discuss some of the cases in the nascent ReplicationCliMain#updateConfiguration. These changes also contain some miscellaneous cleanup - mostly to get rid of IDEA warnings. ------------------------------------------------------------------------ r2897 | jvergara | 2007-09-01 10:38:28 -0700 (Sat, 01 Sep 2007) | 2 lines Fix a number of bugs in the implementation of Replication CLI. The utility now is able to enable, disable and initialize suffixes. The latest modifications introduced by Scott in the class Installer are also included in this commit. ------------------------------------------------------------------------ r2898 | neil_a_wilson | 2007-09-01 14:16:43 -0700 (Sat, 01 Sep 2007) | 4 lines Add test cases that can be used to ensure that none of the configuration entries use the extensibleObject object class, and to ensure that none of the schema elements use non-numeric OIDs. ------------------------------------------------------------------------ r2899 | neil_a_wilson | 2007-09-01 15:41:49 -0700 (Sat, 01 Sep 2007) | 12 lines Provide new directory environment properties that can be used to indicate whether the server should maintain a configuration archvie, and if so the maximum number of archived configurations that it should keep. By default, the archive will be enabled and will be configured to keep an unlimited number of previous configurations. This needs to be controlled via a directory environment property rather than a configuration option, since first part of configuration archive processing happens before the server has read and processed the configuration. The DirectoryEnvironmentConfig class provides methods for interacting with these settings. ------------------------------------------------------------------------ r2900 | neil_a_wilson | 2007-09-01 18:12:13 -0700 (Sat, 01 Sep 2007) | 8 lines Update the server so that it has the ability to save a copy of its current configuration into a ".startok" file whenever it starts successfully. The start-ds script and DirectoryEnvironmentConfig class have been updated to expose an option to try to start the server using this "last known good" configuration rather than the active config file. OpenDS Issue Number: 1945 ------------------------------------------------------------------------ r2901 | neil_a_wilson | 2007-09-01 19:05:01 -0700 (Sat, 01 Sep 2007) | 2 lines Correct a number of spelling errors in configuration definitions. ------------------------------------------------------------------------ r2902 | davidely | 2007-09-01 21:00:42 -0700 (Sat, 01 Sep 2007) | 77 lines There are several improvements to the unit test framework in this commit. * Test methods are no longer interleaved between classes. All test methods in a class are run together, with @BeforeClass and @AfterClass methods called immediately before and after the methods are run. As part of this fix, you are now required to include sequential=true in every class level @Test annotation. If you don't do this, the build will complain. * Added a TestCaseUtils.restartServer() method that will do an in core restart of the directory server during the tests. This can be used in a @BeforeClass method to ensure that the tests start with a clean directory server, and also in an @AfterClass method to cleanup after a test that makes a lot of configuration changes. So if you introduce a new test that runs fine in isolation but fails when run with other tests, you could try calling TestCaseUtils.restartServer() in its @BeforeClass method. The TestCaseUtils.restartServer() method will reinitialize the server and reload the original test configuration, but it's not quite the same as creating a completely new process. Specifically, it cannot undo any changes that were made to static member variables of a class. I've fixed a handful of places in the server where this was a problem, but there might be more lurking. If you write a test that changes static member variables of a class, please make sure that it cleans up after itself in an @AfterMethod or @AfterClass test. * The tests now use significantly much less memory. I saw a peak of only 80MB. There were two main problems. 1) TestNG holds on to all parameters and results for the whole test, and 2) since the test classes themselves live for the duration of the tests, their member variables were holding onto a lot of garbage. The in-core restart made this problem much worse because we ended up with lots of copies of the Schema, ConfigEntryS, etc. I've introduced some hacks to fix this. Basically the code uses devious methos to go in and null out the parameters and member variables after the test has run. If you're curious about the details of how we've addressed this take a look at the comments in DirectoryServerTestCase. From now on, all test classes must inherit directly or indirectly from DirectoryServerTestCase. The build will fail if they don't. * Upgrade to TestNG b5.7. There is a fix in this release that helps our tests to run in order, and I've had to make a couple of more fixes, which they will eventually put back into the trunk. * In classes with a class-level @Test annotation, TestNG treats any public method (except @Before/After* methods) as a test method. The build now points this out and asks you to either add a specific @Test annotation to the method or change the method to be non-public. I've fixed up several places where a test wasn't annotated and others where a non-test method was being treated as a test method. * The tests now report progress as they run. Run 'build testhelp' to see details on how to control the output. I've also added some new test properties, mainly to make debugging the tests easier * test.remote.debug.port: This test property allows you to remotely attach a debugger to the unit tests. If you provide a valid port value, the unit tests will not start to run until the debugger is attached. * testng.verbosity0to5: This test property controls the debugging output of TestNG. This output is useful to check the order in which test methods are invoked or other details on what TestNG is doing. Valid values are integer values from 0 (no output) to 5 (maximum output). Since this implicitly sets -Dorg.opends.test.suppressOutput=false, other stderr/stdout output generated by the unit tests will also be displayed. * org.opends.test.copyClassesToTestPackage=true: This test property copies the classes into the test server root. This enables you to run the server tools on the test server. It can slow down the test startup so the files are no longer copied by default. Thanks to Neil for trying out these changes and to him and Bo for helping me track down some of the memory leaks. ------------------------------------------------------------------------ r2903 | davidely | 2007-09-01 21:12:12 -0700 (Sat, 01 Sep 2007) | 1 line Backing out accidental commit of a new je.jar in r2902. ------------------------------------------------------------------------ r2904 | abobrov | 2007-09-02 06:05:17 -0700 (Sun, 02 Sep 2007) | 4 lines - [Issue 1481] Ability to set any JE property in config.ldif - [Issue 2031] provide core JE configurable attributes for FileSystemEntryCache - fixes to entry cache config manager for proper configuration, re-configuration, error reporting. ------------------------------------------------------------------------ r2905 | matthew_swift | 2007-09-02 07:13:03 -0700 (Sun, 02 Sep 2007) | 2 lines Fix bug in code generation which was preventing overriding the default behavior for enumerated properties. ------------------------------------------------------------------------ r2906 | matthew_swift | 2007-09-02 07:14:21 -0700 (Sun, 02 Sep 2007) | 1 line Add a CLI profile to the plugin relation so that the plugin "enabled" property is displayed by default in dsconfig list-xxx operations. ------------------------------------------------------------------------ r2907 | matthew_swift | 2007-09-02 07:16:05 -0700 (Sun, 02 Sep 2007) | 1 line Override the plugin-type property for each of our core plugins so that they have sensible default values. These defaults were taken from the current config.ldif default configuration. ------------------------------------------------------------------------ r2908 | davidely | 2007-09-02 08:28:30 -0700 (Sun, 02 Sep 2007) | 1 line Make UpdateOperationTest do a in-core restart before running tests like the other replication tests. Fixed an NPE in ServerHandler that occurred in one run of the unit tests ------------------------------------------------------------------------ r2909 | matthew_swift | 2007-09-02 09:30:55 -0700 (Sun, 02 Sep 2007) | 1 line Minor refactoring of the admin driver API. Remove the hasManagedObject methods and replace them with a single managedObjectExists method. This will be more useful and more simple for dependency call-backs. ------------------------------------------------------------------------ r2910 | pgamba | 2007-09-02 10:58:07 -0700 (Sun, 02 Sep 2007) | 1 line fix for #1733 & #845 - Initialization of replication ------------------------------------------------------------------------ r2911 | neil_a_wilson | 2007-09-02 13:09:45 -0700 (Sun, 02 Sep 2007) | 19 lines Fix a problem in the DbHandler.run() method that appears to make it possible to create a tight infinite loop if the method is still running after the database has been closed, repeatedly catching and logging exceptions. This change adds a break statement after logging the message so that it will exit from the loop. The exception being caught was: com.sleepycat.je.DatabaseException: (JE 3.2.29) Attempt to use non-open Environment object(). at com.sleepycat.je.Environment.checkHandleIsValid(Environment.java:1147) at com.sleepycat.je.Environment.beginTransactionInternal(Environment.java:731) at com.sleepycat.je.Environment.beginTransaction(Environment.java:720) at org.opends.server.replication.server.ReplicationDbEnv.beginTransaction(ReplicationDbEnv.java:381) at org.opends.server.replication.server.ReplicationDB$ReplServerDBCursor.(ReplicationDB.java:363) at org.opends.server.replication.server.ReplicationDB$ReplServerDBCursor.(ReplicationDB.java:314) at org.opends.server.replication.server.ReplicationDB.openDeleteCursor(ReplicationDB.java:205) at org.opends.server.replication.server.DbHandler.trim(DbHandler.java:384) at org.opends.server.replication.server.DbHandler.run(DbHandler.java:335) at java.lang.Thread.run(Thread.java:619) ------------------------------------------------------------------------ r2912 | neil_a_wilson | 2007-09-02 13:19:52 -0700 (Sun, 02 Sep 2007) | 3 lines Update the configuration definitions for several virtual attribute implementations to provide default values for the conflict-behavior property. ------------------------------------------------------------------------ r2913 | dugan | 2007-09-02 19:33:57 -0700 (Sun, 02 Sep 2007) | 28 lines Commit plugin for maintaining referential integrity. Issue 257. New configuration attributes: - ds-cfg-referential-integrity-attribute-type Specify attribute types that referential integrity will be checked on; this is a mandatory attribute -ds-cfg-referential-integrity-base-dn Specify base DN that will limit scope of reference check; if not specified the server's public naming contexts are used - ds-cfg-referential-integrity-update-interval Specify update interval for background referential integrity processing; if update interval > 0 plugin performs background processing; default is 0 -ds-cfg-referential-integrity-log-file Specify log file location for update records when background processing is enabled; default is /logs/referint The plugin is disabled by default: dn: cn=Referential Integrity,cn=Plugins,cn=config objectClass: top objectClass: ds-cfg-plugin objectClass: ds-cfg-referential-integrity-plugin cn: Referential Integrity ds-cfg-plugin-class: org.opends.server.plugins.ReferentialIntegrityPlugin ds-cfg-plugin-enabled: false ds-cfg-plugin-type: postOperationDelete ds-cfg-plugin-type: postOperationModifyDN ds-cfg-plugin-type: subordinateModifyDN ds-cfg-referential-integrity-attribute-type: member ds-cfg-referential-integrity-attribute-type: uniqueMember ------------------------------------------------------------------------ r2914 | jvergara | 2007-09-03 00:41:30 -0700 (Mon, 03 Sep 2007) | 4 lines Fix for issue 2159. Use the provided host name and port by the user to represent the server. ------------------------------------------------------------------------ r2915 | jvergara | 2007-09-03 00:51:16 -0700 (Mon, 03 Sep 2007) | 8 lines Add some log messages in the initialization code. Fix a bug in that made the progress bar to go back. Use LinkedHashSets instead of HashSets in SuffixesToReplicateOptions and return a copy of these Sets. This is done to be sure that the ADS is the last suffix to be initialized. Use a customized message when we are initializing the ADS suffix instead of displaying the suffix (the user might be surprised by the fact that a base DN (s)he never chose is being initialized). ------------------------------------------------------------------------ r2916 | matthew_swift | 2007-09-03 01:25:24 -0700 (Mon, 03 Sep 2007) | 1 line Add default values for plugin-type property and remove unnecessary default behavior for referential integrity attribute property. ------------------------------------------------------------------------ r2917 | gary_williams | 2007-09-03 06:14:20 -0700 (Mon, 03 Sep 2007) | 2 lines Remove creation of synchronization provider ------------------------------------------------------------------------ r2918 | matthew_swift | 2007-09-03 06:33:50 -0700 (Mon, 03 Sep 2007) | 12 lines Partial fix for issue 1451: admin framework constraint and dependency support. This change provides a client-side framework for enforcing arbitrary constraints between managed objects and their properties. This framework enables us to (not exhaustive): 1) support referential integrity between managed objects (required by issue 1449) 2) support dependencies between properties (e.g. if A is true then B is mandatory). This is useful for optional features like SSL configuration 3) support constraints between properties (e.g. integer property A must always be less than integer property B) A subsequent change will provide server-side support. ------------------------------------------------------------------------ r2919 | matthew_swift | 2007-09-03 07:04:35 -0700 (Mon, 03 Sep 2007) | 1 line Add protected constructor. ------------------------------------------------------------------------ r2920 | jvergara | 2007-09-03 07:35:07 -0700 (Mon, 03 Sep 2007) | 6 lines Fix a bug with certificates in the uninstaller and replication command lines. Improve the error messages to be displayed to the user when the uninstall fails.Fix a infinite loop that occurred when the user provided a protocol not configured in the server to access the registration information. Fix a bug that prevented the uninstall to proceed when the user specified forceOnError and an error accessing the remote servers configuration occurred. Fix a bug that occurred when the user specified to use start TLS and it was not configured in the server (this bug applies to both the uninstaller and status command-lines). ------------------------------------------------------------------------ r2921 | abobrov | 2007-09-03 08:13:33 -0700 (Mon, 03 Sep 2007) | 2 lines - close Selector on shutdown to prevent ServerSockets hanging in LISTEN state upon in-core restart. ------------------------------------------------------------------------ r2922 | jvergara | 2007-09-03 09:18:11 -0700 (Mon, 03 Sep 2007) | 2 lines Identify the case where we cannot find the replication ID to initialize the suffix for a given base DN and throw an exception informing of it. ------------------------------------------------------------------------ r2923 | jvergara | 2007-09-03 11:00:11 -0700 (Mon, 03 Sep 2007) | 2 lines Fix for issue 2100: Add package-info.java files for QuickSetup ------------------------------------------------------------------------ r2924 | matthew_swift | 2007-09-03 11:27:12 -0700 (Mon, 03 Sep 2007) | 1 line Fix references to raw types which were causing warnings in Eclipse. ------------------------------------------------------------------------ r2925 | jvergara | 2007-09-03 11:45:25 -0700 (Mon, 03 Sep 2007) | 2 lines Activate the package info test for quicksetup. ------------------------------------------------------------------------ r2926 | neil_a_wilson | 2007-09-03 12:53:23 -0700 (Mon, 03 Sep 2007) | 7 lines Implement support for a maximum blocked write time limit in the LDAP connection handler, which can be used to terminate client connections if an attempt to write data to the client has been blocked for too long. This will generally occur if the client has become unresponsive or there is a network outage. OpenDS Issue Number: 139 ------------------------------------------------------------------------ r2927 | matthew_swift | 2007-09-03 13:36:20 -0700 (Mon, 03 Sep 2007) | 4 lines Fix issue 1443: Admin framework: improve error logging in server This change removes all the ugly hard-coded error strings from the admin framework exception classes and replaces them with nicer and at times more user friendly messages stored in I18N property files. In particular, the server side decoding error messages have been improved. ------------------------------------------------------------------------ r2928 | matthew_swift | 2007-09-03 13:49:21 -0700 (Mon, 03 Sep 2007) | 2 lines Remove unnecessary comment accidentally copied from the Driver javadoc. ------------------------------------------------------------------------ r2929 | neil_a_wilson | 2007-09-03 14:16:19 -0700 (Mon, 03 Sep 2007) | 5 lines Fix a problem in the blind trust manager provider configuration that prevented it from being enabled. OpenDS Issue Number: 2213 ------------------------------------------------------------------------ r2930 | matthew_swift | 2007-09-03 15:58:26 -0700 (Mon, 03 Sep 2007) | 1 line Fix typo that prevented server-side error messages from being displayed in the client. ------------------------------------------------------------------------ r2931 | matthew_swift | 2007-09-03 16:45:45 -0700 (Mon, 03 Sep 2007) | 3 lines Fix issue 1451: constraint and dependency support. This change adds the server side support for constraints. As part of this change I refactored the ServerManagementContext so that it supports a similar API to the client ManagementContext API. This will make it easier for constraint implementations to perform checks. ------------------------------------------------------------------------ r2932 | neil_a_wilson | 2007-09-03 18:24:19 -0700 (Mon, 03 Sep 2007) | 6 lines Add a 7-bit clean plugin, which can be used to ensure that values for a specified set of attributes (optionally only for entries below a specified set of base DNs) are 7-bit clean. OpenDS Issue Number: 261 ------------------------------------------------------------------------ r2933 | neil_a_wilson | 2007-09-03 18:55:31 -0700 (Mon, 03 Sep 2007) | 5 lines Update the LDIFPluginResult object to provide the ability to specify a reject message that explains why the entry should not be imported/exported. OpenDS Issue Number: 2218 ------------------------------------------------------------------------ r2934 | ugaston | 2007-09-04 07:23:48 -0700 (Tue, 04 Sep 2007) | 1 line Work-around for Issue #2201: ads-trustore missing when not configuring replication with the GUI ------------------------------------------------------------------------ r2935 | lutoff | 2007-09-04 07:48:13 -0700 (Tue, 04 Sep 2007) | 7 lines Fix for issue #1830 (dsconfig: add support for secure connections) Standard secure args are now part of dsconfig CLI. it' also include the following dsconfig interface changes: use -z instead of -Z for --unit-size short option use -m instead of -M for --unit-time short option (consistency with --unit-size short option) ------------------------------------------------------------------------ r2936 | davidely | 2007-09-04 07:49:12 -0700 (Tue, 04 Sep 2007) | 1 line Now printing progress info for the last test class that was run. ------------------------------------------------------------------------ r2937 | jvergara | 2007-09-04 07:52:27 -0700 (Tue, 04 Sep 2007) | 4 lines Fix for issue 2224.i Do not use winlauncher for uninstall.bat as now it is a CLI only command. ------------------------------------------------------------------------ r2938 | abobrov | 2007-09-04 09:01:28 -0700 (Tue, 04 Sep 2007) | 6 lines entry cache cleanup: - remove obsolete methods, fields and messages. - aggregate filters evaluation for config phases. - simplify filters evaluation and error reporting. - use a single set of filter messages. ------------------------------------------------------------------------ r2939 | abobrov | 2007-09-04 09:06:24 -0700 (Tue, 04 Sep 2007) | 2 lines - remove ds-cfg-je-database which is now obsolete. ------------------------------------------------------------------------ r2940 | gary_williams | 2007-09-04 09:15:05 -0700 (Tue, 04 Sep 2007) | 2 lines dsconfig interface change -M -Z to -m -z for units ------------------------------------------------------------------------ r2941 | abobrov | 2007-09-04 09:20:31 -0700 (Tue, 04 Sep 2007) | 3 lines - remove message severity already defined by message macro from message string itself. ------------------------------------------------------------------------ r2942 | mkeyes | 2007-09-04 11:10:02 -0700 (Tue, 04 Sep 2007) | 3 lines Changed the type from generic to blind when creating a new blind trust manager with dsconfig in the functional tests. This reflects a recent change in the OpenDS source. ------------------------------------------------------------------------ r2943 | matthew_swift | 2007-09-04 11:25:33 -0700 (Tue, 04 Sep 2007) | 1 line Fix bug which prevented the underlying LDAP error message from being accessible in OperationRejectedExceptions. ------------------------------------------------------------------------ r2944 | matthew_swift | 2007-09-04 11:26:12 -0700 (Tue, 04 Sep 2007) | 1 line Improve display of OperationRejectedExceptions in dsconfig. ------------------------------------------------------------------------ r2945 | matthew_swift | 2007-09-04 11:57:19 -0700 (Tue, 04 Sep 2007) | 2 lines Improve content of CommunicationException when they contain only a cause. ------------------------------------------------------------------------ r2946 | matthew_swift | 2007-09-04 12:27:20 -0700 (Tue, 04 Sep 2007) | 18 lines Move the DNBuilder implementation into the core ManagedObjectPath class and add the following methods: ManagedObjectPath.toDN() Converts a ManagedObjectPath to a DN ManagedObjectPath.matches(ManagedObjectPath) Compares the two paths to see if they refer to the same location. This differs from equals() which performs an exact comparisons where types must match as well. This will be required in order to support aggregations, where property values are represented using just their common name, but their LDAP encoding is the full DN. ------------------------------------------------------------------------ r2947 | mkeyes | 2007-09-04 12:48:27 -0700 (Tue, 04 Sep 2007) | 3 lines Changing the type from generic to sha1 when creating a new SHA-1 password storage scheme with dsconfig in the functional tests. This reflects a recent code change in OpenDS. ------------------------------------------------------------------------ r2948 | matthew_swift | 2007-09-04 15:40:33 -0700 (Tue, 04 Sep 2007) | 1 line Fix typo in LDAP attribute mapping for send-message-without-end-user-address property. ------------------------------------------------------------------------ r2949 | matthew_swift | 2007-09-04 16:02:20 -0700 (Tue, 04 Sep 2007) | 2 lines Fix bug which was preventing detailed error reporting in dsconfig when a managed object cannot be decoded properly (due to missing properties, invalid syntax, etc). ------------------------------------------------------------------------ r2950 | neil_a_wilson | 2007-09-04 16:54:02 -0700 (Tue, 04 Sep 2007) | 18 lines Add a new LDIF connection handler, which can be used to watch for new LDIF files to be created in a directory, at which point the changes contained in those LDIF files will be processed by the server using internal operations. This can potentially be used to make configuration changes or invoke tasks if the server is unresponsive to external clients (e.g., all worker threads are busy). Note that in the default configuration, the LDIF connection handler is enabled but the target directory doesn't exist. In this configuration, it will simply not do anything until the target directory is created and one or more LDIF files are placed in it. This is a safeguard against an administrator inadvertently placing a file in that directory without understanding the potential consequences of that action. It also means that we can use it to perform debugging operations (e.g., "dump all") without having to restart the server if it becomes unresponsive. OpenDS Issue Number: 2216 ------------------------------------------------------------------------ r2951 | jvergara | 2007-09-04 18:17:54 -0700 (Tue, 04 Sep 2007) | 2 lines Fix copy paste error in comment. ------------------------------------------------------------------------ r2952 | davidely | 2007-09-04 18:43:38 -0700 (Tue, 04 Sep 2007) | 1 line Fixed testhelp for -Dtest.progress option to be more accurate for when the progress is written ------------------------------------------------------------------------ r2953 | jvergara | 2007-09-04 19:02:17 -0700 (Tue, 04 Sep 2007) | 4 lines Fixed some issues with the connection handling in the ReplicationCliMain, and improvded the messages when we prompt for the type of connection that the user wants to use to update configuration. Fixed a localization bug in SubCommandArgumentParser. ------------------------------------------------------------------------ r2954 | jvergara | 2007-09-04 23:40:30 -0700 (Tue, 04 Sep 2007) | 17 lines The following changes are targetted to fix a certain number of issues related to the setup command line: * 1257 setup cli/gui symetry -- allow to start after slient install * 1264 silent install option is not silent * 1326 Update setup CLI to integrate common install scenario (partial fix) * 1404 different CLI/GUI behavior running setup * 1859 spin off GUI specific CLI commands * 2184 setup quite/no-prompt * 2185 setup --cli -Q throws error The changes basically consist on splitting the current setup command-line into two (the same way we have done for the uninstall). Know we will have one command to launch the setup in CLI mode (setup and setup.bat) and one command to launch the setup in GUI mode (setup-gui and setup-gui.bat). The behavior of the graphical interface has not changed. However the capabilities of the CLI setup have been extended to allow to match those in the graphical interface (excluding the replication configuration capabilities): * Configure the LDAPS and StartTLS on the server. * Start the server. ------------------------------------------------------------------------ r2955 | neil_a_wilson | 2007-09-04 23:51:34 -0700 (Tue, 04 Sep 2007) | 12 lines Implement support for delete and modify operations in the task backend as follows: - Pending tasks and completed tasks may be deleted. Running tasks may not be deleted. - Any attributes in pending tasks may be modified. - Only the task state in running tasks may be modified, and only to cancel the task. - No attributes of a completed task may be modified. OpenDS Issue Number: 2181 ------------------------------------------------------------------------ r2956 | jvergara | 2007-09-05 01:27:54 -0700 (Wed, 05 Sep 2007) | 2 lines Fix some copy paste errors in scripts. ------------------------------------------------------------------------ r2957 | gary_williams | 2007-09-05 02:07:14 -0700 (Wed, 05 Sep 2007) | 2 lines align tests for setup cli changes ------------------------------------------------------------------------ r2958 | jvergara | 2007-09-05 03:08:29 -0700 (Wed, 05 Sep 2007) | 2 lines Improve line break utilisation in the replication command-line. ------------------------------------------------------------------------ r2959 | ugaston | 2007-09-05 03:11:52 -0700 (Wed, 05 Sep 2007) | 1 line Extend schema replication testsuite ------------------------------------------------------------------------ r2960 | lutoff | 2007-09-05 05:14:16 -0700 (Wed, 05 Sep 2007) | 2 lines - remove useless test - fix a buf (we don't need bindDN if client side authentication is required) ------------------------------------------------------------------------ r2961 | kenneth_suter | 2007-09-05 05:44:51 -0700 (Wed, 05 Sep 2007) | 1 line Expanded the number or arguments that indicate that a remote operation is to be performed from just -h (host) to also include -p (port) and -D (bind DN) ------------------------------------------------------------------------ r2962 | jvergara | 2007-09-05 09:11:25 -0700 (Wed, 05 Sep 2007) | 4 lines Fix for issue 2187 (start-ds dos not return proper error code). Use the --checkstartability option to know if the server is running or not and return the proper error code accordingly. ------------------------------------------------------------------------ r2963 | jvergara | 2007-09-05 10:01:23 -0700 (Wed, 05 Sep 2007) | 3 lines Have more specific error messages and fix a bug in initialization in non-prompt mode. ------------------------------------------------------------------------ r2964 | david_page | 2007-09-05 10:58:40 -0700 (Wed, 05 Sep 2007) | 19 lines Update CryptoManager secret key encryption public API: 1. Encapsulate Cipher object in CryptoManager instance. 2. Cipher key identifier (tag) and initialization vector prefix the cipher text. 3. New API consists of encrypt and getOutputCipherStream (with optional cipher transformation parameter), and decrypt and getInputCipherStream. Limitations: This is an update of the API only. The keys are stored in a Map object in the CryptoManager instance, so 1. The implementation works for a single instance only (e.g., no encrypted passwords in a replication domain). 2. The key map does not persists across instance restarts. Both persistent key storage in a stand-alone instance and the secret key distribution protocol (via ADS) for replicated topologies needs to be implemented. Other shortcomings: 1. The exception messages need to be added to the message catalogue. 2. The implementation could benefit from a review. 3. Only simple success test cases are implemented in the unit tests. 4. The uses of getInputCipherStream and getOutputCipherStream should be reviewed, since the cipher transformation used - as of now it is always the preferred (default) cipher transformation - is still stored in the backup info file, where it might be informative, but is redundant (the cipher info is encoded as the prologue of the backup data). 5. The preferred cipher, etc., should be configurable. ------------------------------------------------------------------------ r2965 | mkeyes | 2007-09-05 11:59:50 -0700 (Wed, 05 Sep 2007) | 2 lines Fixed a situation where OpenDs is now returning roomNumber and telephoneNumber rather than roomnumber and telephonenumber some of the functional tests. ------------------------------------------------------------------------ r2966 | coulbeck | 2007-09-05 12:44:39 -0700 (Wed, 05 Sep 2007) | 5 lines Enable replication session authentication. - Adds a thread to synchronize the server instance certificates from the admin data branch to the local trust store backend. - Replaces the blind trust managers in the replication session with trust managers that use the local trust store. Note that replication must be configured using either setup-gui or the dsreplication command. ------------------------------------------------------------------------ r2967 | matthew_swift | 2007-09-05 13:12:11 -0700 (Wed, 05 Sep 2007) | 5 lines Partial fix for issue 1449: administration framework aggregation support This change adds support for "aggregation" properties, which are properties which reference other managed objects (see issue 1449 for more details). Subsequent changes will add server-side and client-side referential integrity support, as well as migrating components over to using them (this will be post MS1.0). ------------------------------------------------------------------------ r2968 | mkeyes | 2007-09-05 13:46:07 -0700 (Wed, 05 Sep 2007) | 2 lines More case conversion for some aci functional tests. ------------------------------------------------------------------------ r2969 | matthew_swift | 2007-09-05 15:57:40 -0700 (Wed, 05 Sep 2007) | 2 lines Improvements to the server-side constraint violation APIs. Now there are just two server-side constraint enforcement call-backs: isUsable and isDeleteAllowed. The first is invoked whenever a managed object is decoded (except in the case where it's about to be deleted). The second is invoked whenever a managed object is about to be deleted. With this change we will now detect constraint violations during server initialization, not just when config change/add/delete events occur. ------------------------------------------------------------------------ r2970 | matthew_swift | 2007-09-05 15:59:43 -0700 (Wed, 05 Sep 2007) | 2 lines Remove unused legacy class. ------------------------------------------------------------------------ r2971 | matthew_swift | 2007-09-05 17:23:08 -0700 (Wed, 05 Sep 2007) | 2 lines Add support for generating property type specific code immediately after the property definition is constructed. ------------------------------------------------------------------------ r2972 | matthew_swift | 2007-09-05 17:26:13 -0700 (Wed, 05 Sep 2007) | 1 line Add partial support for performing server-side referential integrity. This change adds a constraint which prevents configuration of dangling references. A subsequent change will add a constraint which will prevent removal of referenced components. ------------------------------------------------------------------------ r2973 | david_page | 2007-09-05 18:11:59 -0700 (Wed, 05 Sep 2007) | 3 lines 1. Ensure transformations specified as algorithm/mode/padding (e.g., "AES/CBC/PKCS5Padding") or just algorithm (e.g., "AES") supply only the algorithm name to the SecretKeySpec initialization. 2. ByteString, ASN1OctetString -> ByteArray, ByteArray for Map key type. ------------------------------------------------------------------------ r2974 | neil_a_wilson | 2007-09-05 18:14:54 -0700 (Wed, 05 Sep 2007) | 11 lines Update password storage scheme references in the server so that they use DNs rather than storage scheme names. This will allow better consistency in the configuration, since all other references between configuration objects are DN-based, and it will work better with the upcoming aggregation support. It also eliminates the need to know the storage scheme name, which is not obvious from looking at the configuration entry for the storage scheme, and can actually vary in some implementations depending on whether it's used with a user password or auth password syntax attribute. OpenDS Issue Number: 2155 ------------------------------------------------------------------------ r2975 | lutoff | 2007-09-06 05:55:04 -0700 (Thu, 06 Sep 2007) | 2 lines - typo in the code. ( "StartTLS" instead of "StartTSL" ) - dsconfig interactive secure connection enhancement ------------------------------------------------------------------------ r2976 | smaguin | 2007-09-06 07:13:29 -0700 (Thu, 06 Sep 2007) | 2 lines add known issue and fixe testsuite with the change of interface for dsconfig option -m ------------------------------------------------------------------------ r2977 | smaguin | 2007-09-06 07:14:27 -0700 (Thu, 06 Sep 2007) | 2 lines add block ------------------------------------------------------------------------ r2978 | smaguin | 2007-09-06 07:15:09 -0700 (Thu, 06 Sep 2007) | 2 lines add block ------------------------------------------------------------------------ r2979 | lutoff | 2007-09-06 07:24:48 -0700 (Thu, 06 Sep 2007) | 1 line fix for entity truststore (interactive mode) ------------------------------------------------------------------------ r2980 | arnaud_lacour | 2007-09-06 12:13:46 -0700 (Thu, 06 Sep 2007) | 2 lines Updated password storage scheme functional tests to account for code changes from revision 2974. ------------------------------------------------------------------------ r2981 | neil_a_wilson | 2007-09-06 14:10:39 -0700 (Thu, 06 Sep 2007) | 17 lines Disable the use of the Invocation Counter Plugin in our test cases to make assertions about the number of times that various kinds of plugins were invoked. A number of test cases making assertions about the invocation counts were failing pretty frequently, and after analyzing the problem it is not something that can be easily addressed. The underlying causes include: - Processing on unbind operations continuing in a separate thread from a previous test case. Whenever the client sends an unbind request to the server, it immediately disconnects and moves on to the next test case. However, the server may continue to read and process that unbind operation (including invoking plugins on it) in a separate thread. - For modify DN operations, the referential integrity plugin was sometimes responsible for invoking operations in the background that could increase the invocation count. ------------------------------------------------------------------------ r2982 | neil_a_wilson | 2007-09-06 14:53:56 -0700 (Thu, 06 Sep 2007) | 6 lines Update the start-ds script to eliminate a warning message about the inability to acquire a lock file. The server was functioning properly, but the message should not have been printed. OpenDS Issue Number: 2242 ------------------------------------------------------------------------ r2983 | neil_a_wilson | 2007-09-06 15:29:36 -0700 (Thu, 06 Sep 2007) | 2 lines Eliminate a javadoc warning. ------------------------------------------------------------------------ r2984 | abobrov | 2007-09-06 20:33:29 -0700 (Thu, 06 Sep 2007) | 2 lines - Use runtime cast to workaround a bug in JDK versions prior to 1.5.0_08. ------------------------------------------------------------------------ r2985 | david_page | 2007-09-06 22:00:12 -0700 (Thu, 06 Sep 2007) | 4 lines Interim update to allow stream ciphers where no initialization vector is allowed (e.g., "RC4"). Cipher.getBlockSize equal to 0 is used to detect this case, hence this implementation likely still does not support block cipher modes that do not accept initialization vectors (e.g., ECB). One additional remaining inadequacy is the case where the initialization vector is not the same length as the encryption key (e.g., ""Blowfish/CFB/NoPadding" allows a key length up to 448 bits, but the initialization vector is always 64 bits). ------------------------------------------------------------------------ r2986 | pgamba | 2007-09-07 01:57:27 -0700 (Fri, 07 Sep 2007) | 11 lines The following changes in the replication server provide an implementation of the backend API for the replication server changes database. In a first step, the implemented features are backup/restore. The coming ones will be export/search to have an LDAP access of the content of the replication server DB. I also cleaned/shared some code on replication unit tests. Also fixed a potential bug in the replication plugin on the total update by replacing any object dependency from the ReplicationDomain to the associated backend because the configuration changes on the backend object may replace this object by another instance, so keeping a reference on the backend instance is buggy. The instance must be retrieved when needed. ------------------------------------------------------------------------ r2987 | smaguin | 2007-09-07 06:46:39 -0700 (Fri, 07 Sep 2007) | 2 lines limit the search in isAlive function to dn ------------------------------------------------------------------------ r2988 | mkeyes | 2007-09-07 07:26:26 -0700 (Fri, 07 Sep 2007) | 2 lines Fixed sasl functional test cases to accomodate the new property name changes. ------------------------------------------------------------------------ r2989 | mkeyes | 2007-09-07 08:07:30 -0700 (Fri, 07 Sep 2007) | 2 lines Fixed root user password functional tests to account for the recent property name changes. ------------------------------------------------------------------------ r2990 | smaguin | 2007-09-07 08:20:04 -0700 (Fri, 07 Sep 2007) | 2 lines increase the sleep for Restart command ------------------------------------------------------------------------ r2991 | mkeyes | 2007-09-07 08:35:30 -0700 (Fri, 07 Sep 2007) | 2 lines Fixed functional tests which added a new password policy with the new property names. ------------------------------------------------------------------------ r2992 | coulbeck | 2007-09-07 11:08:46 -0700 (Fri, 07 Sep 2007) | 1 line Handle the base DN of the trust store backend properly, taking it from the configuration entry instead of hard-wiring it. ------------------------------------------------------------------------ r2993 | kenneth_suter | 2007-09-07 11:38:05 -0700 (Fri, 07 Sep 2007) | 1 line separated CLI code from context creation for reuse ------------------------------------------------------------------------ r2994 | coulbeck | 2007-09-07 13:05:01 -0700 (Fri, 07 Sep 2007) | 1 line On start-up create the self-signed certificate in the local ADS trust store if it does not exist. It will be needed by a stand-alone server instance to encrypt secret keys. ------------------------------------------------------------------------ r2995 | mkeyes | 2007-09-07 13:06:28 -0700 (Fri, 07 Sep 2007) | 2 lines Fixed the authentication password syntax functional tests to account for the recent property name chnages. ------------------------------------------------------------------------ r2996 | david_page | 2007-09-07 20:46:06 -0700 (Fri, 07 Sep 2007) | 6 lines Issue 466 partial CryptoManager encryption Allow key size different from block size for block ciphers that support it (e.g., Blowfish as in Blowfish/CFB/NoPadding", 128) and block ciphers modes that use no initialization vector (e.g., ECB as in "DES/ECB/PKCS5Padding", 64). Note that this is accomplished without adding an initialization vector parameter to the encryption API. Instead, if the Cipher.getBlockSize is non-zero, the Cipher object is first instantiated with that size initialization vector, and if that fails, initialized without an initialization vector. ------------------------------------------------------------------------ r2997 | david_page | 2007-09-08 20:04:33 -0700 (Sat, 08 Sep 2007) | 4 lines Issue 466 partial CryptoManager Refactor to separate key and key entry generation from key retrieval. ------------------------------------------------------------------------ r2998 | abobrov | 2007-09-09 07:48:37 -0700 (Sun, 09 Sep 2007) | 5 lines - [Issue 1594] entry caches should have monitor information: implement generic entry cache monitor provider which allows any entry cache implementation current or future to provide a common or custom set of entry cache state data. update all existing entry cache implementations so that they provide their common state data to the entry cache monitor provider. ------------------------------------------------------------------------ r2999 | neil_a_wilson | 2007-09-09 16:08:09 -0700 (Sun, 09 Sep 2007) | 28 lines Update the server to provide a basic framework for controlling when plugins will be invoked. There are two basic changes: - Add a new ds-cfg-invoke-for-internal-operations configuration attribute for all plugins, which indicates whether the plugin should be invoked for internal operations. If this is false, then the plugin will only be invoked for externally-requested operations. - Add four new plugin types: postSynchronizationAdd, postSynchronizationDelete, postSynchronizationModify, and postSynchronizationModifyDN. These allow a plugin to perform a limited set of processing for changes that are successfully applied through synchronization. The unique attribute plugin has also been updated to support the post-synchronization plugin types so that if a conflict is introduced concurrently on two different servers within the propagation delay, an administrative alert will be generated to indicate that manual intervention is required to address the problem. Finally, ensure that audit logging is enabled during the unit tests, and update the audit logger to include the connection ID and operation ID for the operation being logged. OpenDS Issue Number: 2057 ------------------------------------------------------------------------ r3000 | neil_a_wilson | 2007-09-09 17:56:52 -0700 (Sun, 09 Sep 2007) | 15 lines Add support for password storage schemes using AES, 3DES, RC4, and Blowfish. The AES, RC4, and Blowfish implementations all use 128-bit ciphers, and the 3DES implementation uses a 168-bit cipher. Note that while these password storage schemes are functional, they rely on the crypto manager, which is not fully implemented. The storage schemes are not exposed in the server configuration because the crypto manager does not have any mechanism to persist secret keys for symmetric encryption. Until the crypto manager provides persistence for these keys, passwords encoded using these schemes will not be usable after the server is restarted. Once the crypto manager implementation is complete, these schemes should be exposed in the server configuration. OpenDS Issue Numbers: 315, 316, 317, 318 ------------------------------------------------------------------------ r3001 | neil_a_wilson | 2007-09-09 18:39:12 -0700 (Sun, 09 Sep 2007) | 4 lines Disable the JMX checkPostConnectDisconnectPlugin test case because it is frequently causing test failures. Further, rename the class containing it so that it begins with a capital letter as per Java naming conventions. ------------------------------------------------------------------------ r3002 | jvergara | 2007-09-10 06:54:01 -0700 (Mon, 10 Sep 2007) | 2 lines Apply the fix for 2242 also in the start-ds.bat script. ------------------------------------------------------------------------ r3003 | jvergara | 2007-09-10 07:38:46 -0700 (Mon, 10 Sep 2007) | 2 lines Fix an issue in non-interactive mode for the initialize subcommand. ------------------------------------------------------------------------ r3004 | jvergara | 2007-09-10 08:35:58 -0700 (Mon, 10 Sep 2007) | 4 lines Fix for issue 2243. Set the proper port in the UserData object. Add some logging lines that might be helpful to fix other issues that we could have in this area of the code. ------------------------------------------------------------------------ r3005 | jvergara | 2007-09-10 10:20:35 -0700 (Mon, 10 Sep 2007) | 2 lines Remove the log files when InstallDS is invoked with the test only argument (and no error occurred). ------------------------------------------------------------------------ r3006 | neil_a_wilson | 2007-09-10 18:43:50 -0700 (Mon, 10 Sep 2007) | 38 lines Make a number of relatively simple changes to provide basic performance improvements, including: - Replace occurrences of StringBuffer with StringBuilder. As of Java 5, StringBuilder is almost always a better choice than StringBuffer because it provides all the same methods but doesn't have the synchronization overhead. - Update the JE backend DN2URI class (which is responsible for keeping track of smart referrals in the database) to keep track of whether there are any referrals in the underlying database so that it doesn't go to the DB if it can be certain that there aren't any referrals to get. - Update the JE backend ImportJob class to provide a simple cache for parent ID lookups so that it can avoid the need to go to the underlying DB to get the entry ID for a parent entry if it's contained in the cache. - Update the salted password storage scheme variants so that they use an instance of java.util.Random rather than java.security.SecureRandom to generate the salt. There really isn't a need for a cryptographic-quality random number generator for salt generation, and the java.util.Random implementation is much faster than the java.security.SecureRandom implementation. - Update the DN class to return a reference to the precomputed NULL_DN instead of creating a new DN with zero RDN components when decoding DNs from strings or octet strings. Also, use LinkedList rather than ArrayList for temporary storage of RDN values to avoid the hit of allocating memory that we may not need. - Update the Entry class to cache the result of LDIFImportConfig.typesOnly(), which has been observed to slightly improve MakeLDIF performance. - If Java 6 is available, then prefer using it to set file permissions over Runtime.exec() on UNIX systems. Even though it's potentially less fine-grained than using exec to call chmod, it's faster and safer to use the Java methods if they're available. ------------------------------------------------------------------------ r3007 | neil_a_wilson | 2007-09-10 19:46:10 -0700 (Mon, 10 Sep 2007) | 3 lines Change the JE parentID cache from a HashMap to a LinkedHashMap to preserve FIFO ordering. ------------------------------------------------------------------------ r3008 | neil_a_wilson | 2007-09-10 21:21:04 -0700 (Mon, 10 Sep 2007) | 3 lines Update the config file handler to fix a problem in which some change listeners may not be properly notified when the associated entry is updated. ------------------------------------------------------------------------ r3009 | davidely | 2007-09-10 22:28:08 -0700 (Mon, 10 Sep 2007) | 1 line As a way to speed up an incremental build, I've updated the compileadmin target to only generate the config java source if the definition files have changed. ------------------------------------------------------------------------ r3010 | andrug | 2007-09-11 02:32:47 -0700 (Tue, 11 Sep 2007) | 1 line fix uniquemember testsuite (case insensitive mode for checkmatch) ------------------------------------------------------------------------ r3011 | andrug | 2007-09-11 02:33:42 -0700 (Tue, 11 Sep 2007) | 1 line add case insensitive mode for checkMatches ------------------------------------------------------------------------ r3012 | andrug | 2007-09-11 02:38:12 -0700 (Tue, 11 Sep 2007) | 1 line disabling unused testcases ------------------------------------------------------------------------ r3013 | matthew_swift | 2007-09-11 05:22:29 -0700 (Tue, 11 Sep 2007) | 1 line Add toString() methods for client and server side managed objects in order to help debugging. ------------------------------------------------------------------------ r3014 | smaguin | 2007-09-11 05:32:16 -0700 (Tue, 11 Sep 2007) | 2 lines new functional testsuite on plugins ------------------------------------------------------------------------ r3015 | smaguin | 2007-09-11 05:35:40 -0700 (Tue, 11 Sep 2007) | 2 lines add plugins testsuite ------------------------------------------------------------------------ r3016 | smaguin | 2007-09-11 05:38:10 -0700 (Tue, 11 Sep 2007) | 2 lines add plugins teststuite ------------------------------------------------------------------------ r3017 | lutoff | 2007-09-11 05:50:16 -0700 (Tue, 11 Sep 2007) | 1 line Fix for issue #2240 ------------------------------------------------------------------------ r3018 | neil_a_wilson | 2007-09-11 09:47:11 -0700 (Tue, 11 Sep 2007) | 2 lines Correct a number of misspelled occurrences of "StartTLS". ------------------------------------------------------------------------ r3019 | neil_a_wilson | 2007-09-11 11:43:45 -0700 (Tue, 11 Sep 2007) | 3 lines Revert the change to build.xml made in revision 3009, as it has broken the rebuild target. ------------------------------------------------------------------------ r3020 | dugan | 2007-09-11 11:59:14 -0700 (Tue, 11 Sep 2007) | 1 line Add finalizePlugin method to remove Referential Integrity change listener and stop background thread if needed. ------------------------------------------------------------------------ r3021 | matthew_swift | 2007-09-11 16:12:40 -0700 (Tue, 11 Sep 2007) | 1 line Handle special case where the requested managed object is the root configuration. ------------------------------------------------------------------------ r3022 | matthew_swift | 2007-09-11 16:36:49 -0700 (Tue, 11 Sep 2007) | 2 lines Add a getRootConfiguration() method which can be used to access and modify the server configuration using the strongly typed management API. This method is intended for use when the dsconfig() method is not practical. For example, when unit tests use mock configuration definitions which dsconfig does not have access to. ------------------------------------------------------------------------ r3023 | matthew_swift | 2007-09-11 16:37:29 -0700 (Tue, 11 Sep 2007) | 10 lines Partial fix for issue 1449: improve server-side referential integrity support. Previous to this change referential integrity was only enforced when a referencing (aggregating) component was added or modified. The support did not prevent a referenced component from being disabled or deleted. This change adds this remaining support: * a component cannot be deleted if it is referenced by one or more components * a component cannot be disabled if it is referenced by one or more components (it is possible to restrict this constraint so that it only applies when the referencing component(s) are enabled) This implementation only enforces referential integrity for referencing components which have listeners associated with them. For example, if component A references component B, then referential integrity will only be enforced automatically if component A has a change listener registered against it, or if it is "added" using an add listener that was registered against its parent. In effect, referential integrity is only enforced for components which are in use or are about to be used. ------------------------------------------------------------------------ r3024 | neil_a_wilson | 2007-09-11 17:03:02 -0700 (Tue, 11 Sep 2007) | 12 lines Make a couple of changes to help improve server performance: - Update the server code to replace simple uses of ReentrantLock involving {lock, doSomething, unlock} in the same method to use the synchronized keyword instead of a ReentrantLock object. Using the synchronized keyword is actually a little faster, and also simplifies the code since it's no longer necessary to use a finally block to ensure that the lock is released. - Update the AsynchronousTextWriter to use the LinkedBlockingQueue.drainTo() method to attempt to get multiple messages at once, rather than always using poll() to get one message at a time. ------------------------------------------------------------------------ r3025 | pgamba | 2007-09-12 02:09:12 -0700 (Wed, 12 Sep 2007) | 1 line #793 / Ability to export replication backend ------------------------------------------------------------------------ r3026 | matthew_swift | 2007-09-12 03:51:50 -0700 (Wed, 12 Sep 2007) | 1 line Add missing import for aggregations. ------------------------------------------------------------------------ r3027 | gary_williams | 2007-09-12 05:04:13 -0700 (Wed, 12 Sep 2007) | 2 lines Default location for ds admin cli function should be STAF_REMOTE_HOST ------------------------------------------------------------------------ r3028 | matthew_swift | 2007-09-12 06:20:17 -0700 (Wed, 12 Sep 2007) | 2 lines Admin framework: fix bug in deletion referential integrity listener call-back where an applyConfigurationDelete was being invoked and throwing an IllegalStateException for changes that were not applicable to it. ------------------------------------------------------------------------ r3029 | matthew_swift | 2007-09-12 06:24:52 -0700 (Wed, 12 Sep 2007) | 4 lines Improve the usability of dsconfig when the server rejects a change. Previously dsconfig would just bomb out. With this change dsconfig will either give the user the opportunity to re-edit and fix any mis-configured properties of the component (for create-xxx and set-xxx-prop interactive modes), or drop them back to the component menu (for delete-xxx interactive mode). dsconfig will still bomb out when it encounters a communication or security related problem. ------------------------------------------------------------------------ r3030 | coulbeck | 2007-09-12 07:32:43 -0700 (Wed, 12 Sep 2007) | 1 line Correct apparent error in deregisterAllOnShutdown. ------------------------------------------------------------------------ r3031 | jvergara | 2007-09-12 16:21:22 -0700 (Wed, 12 Sep 2007) | 12 lines Fix for issues: 1335: define, document, review CLI to register a server in a synch 1336: CLI implementation to register a server in a synchronization 1878: provide a CLI to initialize a replication topology from a gi 2201: ads-trustore missing when not configuring replication with t 2250: Setup and dsreplication utilities should configure schema sy Extra: do not show dc=replicationchanges suffix in the replication panel of the setup, nor propose it to replicate. fix some bugs related to duplicate error messages displayed in dsreplication interactive mode. ------------------------------------------------------------------------ r3032 | jvergara | 2007-09-12 16:22:47 -0700 (Wed, 12 Sep 2007) | 2 lines Use the proper eol-style property. ------------------------------------------------------------------------ r3033 | neil_a_wilson | 2007-09-12 16:34:20 -0700 (Wed, 12 Sep 2007) | 2 lines Update the version of Berkeley DB JE that we are using to 3.2.44. ------------------------------------------------------------------------ r3034 | al_xipe | 2007-09-12 17:03:29 -0700 (Wed, 12 Sep 2007) | 1 line first draft of automated response time tests ------------------------------------------------------------------------ r3035 | neil_a_wilson | 2007-09-12 21:43:57 -0700 (Wed, 12 Sep 2007) | 2 lines Remove trailing whitespace from a source file. ------------------------------------------------------------------------ r3036 | lutoff | 2007-09-13 01:30:45 -0700 (Thu, 13 Sep 2007) | 1 line Fix typo in name ------------------------------------------------------------------------ r3037 | lutoff | 2007-09-13 06:10:53 -0700 (Thu, 13 Sep 2007) | 2 lines If the user specify a keystore, we will now prompt for certificate nickname found in the keystore. ------------------------------------------------------------------------ r3038 | lutoff | 2007-09-13 06:55:51 -0700 (Thu, 13 Sep 2007) | 1 line Rename OpendsCerticationException into OpendsCertificateException (naming coherent with java.security.cert.CertificateException) ------------------------------------------------------------------------ r3039 | smaguin | 2007-09-13 08:01:49 -0700 (Thu, 13 Sep 2007) | 2 lines fixe stax name ------------------------------------------------------------------------ r3040 | smaguin | 2007-09-13 08:02:37 -0700 (Thu, 13 Sep 2007) | 2 lines add trace ------------------------------------------------------------------------ r3041 | smaguin | 2007-09-13 08:04:11 -0700 (Thu, 13 Sep 2007) | 2 lines desactivate debug log tests because of issue 2259 ------------------------------------------------------------------------ r3042 | al_xipe | 2007-09-13 09:57:53 -0700 (Thu, 13 Sep 2007) | 1 line Added ant contrib to allow ant scripts to assume its presence and therefore save downloading it everytime. This addition will make writing ant scripts and wrappers easier, more readable and hopefully lower maintenance cost/time in the long run ------------------------------------------------------------------------ r3043 | ugaston | 2007-09-13 10:17:34 -0700 (Thu, 13 Sep 2007) | 1 line Introduce new replication configuration procedure ------------------------------------------------------------------------ r3044 | neil_a_wilson | 2007-09-13 10:22:44 -0700 (Thu, 13 Sep 2007) | 2 lines Make a couple of changes to speed up schema interaction. ------------------------------------------------------------------------ r3045 | mkeyes | 2007-09-13 12:18:44 -0700 (Thu, 13 Sep 2007) | 2 lines Fix for Issue 2040 where a different format is required for the or symbol (||) in ACIs used with dsconfig in Windows. ------------------------------------------------------------------------ r3046 | kenneth_suter | 2007-09-13 12:31:18 -0700 (Thu, 13 Sep 2007) | 1 line fixed typo; improved debugability ------------------------------------------------------------------------ r3047 | dugan | 2007-09-13 13:00:57 -0700 (Thu, 13 Sep 2007) | 4 lines These changes allow dsconfig to decode the ACI string similar to what is done for the DN syntax attributes. A new syntax has been created that DSEE compat configuration handler is now using. ------------------------------------------------------------------------ r3048 | kenneth_suter | 2007-09-13 14:14:20 -0700 (Thu, 13 Sep 2007) | 4 lines Introduces a utility 'manage-tasks' for monitoring and some management of tasks called 'manage-tasks'. It can be used in either one-time or menu-driven execution mode to print a summary of task information, print verbose information about a particular task, or cancel a running or pending task. When starting the tool, 'manage-tasks' requires a connection to the directory to interact with the backend and prompts for information (unless given the -n/--no-prompt option) like 'dsconfig' ------------------------------------------------------------------------ r3049 | abobrov | 2007-09-13 14:25:08 -0700 (Thu, 13 Sep 2007) | 2 lines - rearrange default compressed schema initialization to take place after the server schema is initialized. ------------------------------------------------------------------------ r3050 | neil_a_wilson | 2007-09-13 14:40:37 -0700 (Thu, 13 Sep 2007) | 3 lines Fix a problem with a message properties file that prevented the build from succeeding. ------------------------------------------------------------------------ r3051 | jvergara | 2007-09-13 15:20:24 -0700 (Thu, 13 Sep 2007) | 2 lines Fix for issue 2059. Use the SHA1 and MD5 fingerprints of the certificate instead of the signature and public keys. ------------------------------------------------------------------------ r3052 | jvergara | 2007-09-13 15:26:00 -0700 (Thu, 13 Sep 2007) | 2 lines Fix a missing comma. ------------------------------------------------------------------------ r3053 | neil_a_wilson | 2007-09-13 16:02:00 -0700 (Thu, 13 Sep 2007) | 4 lines Update the upgrader version incompatibility information to indicate that it is not possible to upgrade or revert across revision 2794, which changed password storage scheme references from the scheme name to the config entry DN. ------------------------------------------------------------------------ r3054 | neil_a_wilson | 2007-09-13 16:07:21 -0700 (Thu, 13 Sep 2007) | 6 lines Update the server so that it is possible to call EmbeddedUtils.startServer to start the server after having previously called EmbeddedUtils.stopServer. Previously, the shutdown process did not leave the server in an adequate state to allow it to be started again later, and only the EmbeddedUtils.restart method would allow a functional restart. ------------------------------------------------------------------------ r3055 | neil_a_wilson | 2007-09-13 17:04:44 -0700 (Thu, 13 Sep 2007) | 3 lines Disable a number of replication test cases because they are consistently failing on the build machine. ------------------------------------------------------------------------ r3056 | neil_a_wilson | 2007-09-13 17:07:13 -0700 (Thu, 13 Sep 2007) | 3 lines Disable some replication Generation ID tests because they are consistently failing on the build machine. ------------------------------------------------------------------------