diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-01-07 02:32:47 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-01-18 05:08:38 +0100 |
| commit | b3ee1c28f658a70468c5a5fcf3cb4840574be756 (patch) | |
| tree | b28cf7443e0941219e0f7bd30dcc487a4ddd120a /base/common | |
| parent | 3e8bb9d0e42594afafdd0c0ac2a0f1b7a5d05aeb (diff) | |
| download | pki-b3ee1c28f658a70468c5a5fcf3cb4840574be756.tar.gz pki-b3ee1c28f658a70468c5a5fcf3cb4840574be756.tar.xz pki-b3ee1c28f658a70468c5a5fcf3cb4840574be756.zip | |
Added global TCP Keep-Alive option.
A new tcp.keepAlive parameter has been added for CS.cfg to
configure the TCP Keep-Alive option for all LDAP connections
created by PKI server. By default the option is enabled.
The LdapJssSSLSocketFactory has been modified to support both
plain and secure sockets. For clarity, the socket factory has been
renamed to PKISocketFactory.
All codes that create LDAP connections have been modified to use
PKISocketFactory such that the TCP Keep-Alive option can be applied
globally.
https://fedorahosted.org/pki/ticket/2564
Diffstat (limited to 'base/common')
| -rw-r--r-- | base/common/src/com/netscape/certsrv/apps/CMS.java | 5 | ||||
| -rw-r--r-- | base/common/src/com/netscape/certsrv/apps/ICMSEngine.java | 8 |
2 files changed, 13 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/apps/CMS.java b/base/common/src/com/netscape/certsrv/apps/CMS.java index 2e1dcbd22..d2210df8a 100644 --- a/base/common/src/com/netscape/certsrv/apps/CMS.java +++ b/base/common/src/com/netscape/certsrv/apps/CMS.java @@ -91,6 +91,7 @@ import com.netscape.cmsutil.password.IPasswordStore; import netscape.ldap.LDAPConnection; import netscape.ldap.LDAPException; import netscape.ldap.LDAPSSLSocketFactoryExt; +import netscape.ldap.LDAPSocketFactory; import netscape.security.util.ObjectIdentifier; import netscape.security.x509.Extension; import netscape.security.x509.GeneralName; @@ -1345,6 +1346,10 @@ public final class CMS { return _engine.getLdapJssSSLSocketFactory(); } + public static LDAPSocketFactory getLDAPSocketFactory(boolean secure) { + return _engine.getLDAPSocketFactory(secure); + } + /** * Creates a LDAP Auth Info object. * diff --git a/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java b/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java index 82a9117c4..97fc4679e 100644 --- a/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java +++ b/base/common/src/com/netscape/certsrv/apps/ICMSEngine.java @@ -75,6 +75,7 @@ import com.netscape.cmsutil.password.IPasswordStore; import netscape.ldap.LDAPConnection; import netscape.ldap.LDAPException; import netscape.ldap.LDAPSSLSocketFactoryExt; +import netscape.ldap.LDAPSocketFactory; import netscape.security.util.ObjectIdentifier; import netscape.security.x509.Extension; import netscape.security.x509.GeneralName; @@ -648,6 +649,13 @@ public interface ICMSEngine extends ISubsystem { public LDAPSSLSocketFactoryExt getLdapJssSSLSocketFactory(); /** + * Creates an LDAP socket factory. + * + * @return LDAP SSL socket factory + */ + public LDAPSocketFactory getLDAPSocketFactory(boolean secure); + + /** * Creates a LDAP Auth Info object. * * @return LDAP authentication info |